- AAA Server A server that provides authentication, authorization, and accounting services for network devices and users. An AAA server is a network security device that controls access to a network by verifying the identity of a user or device and granting or denying access based on predefined policies. It is commonly used in enterprise networks to control access to resources and track user activity.
- Abend Stands for abnormal end. It refers to an unexpected termination of a program or system due to an error or bug. It is commonly used in the context of computer systems and software development to refer to a crash or failure.
- Abstraction A fundamental concept in computer science that involves managing complexity by hiding unnecessary details from the user. Abstraction enables users to interact with systems and applications through simplified models without needing to understand the underlying complex workings.
- Abuse Case Testing A testing methodology where scenarios are developed to anticipate and examine potential misuse or malicious behavior against a system. It aims to uncover potential vulnerabilities or flaws that might not be detected through traditional use case testing, which typically focuses on expected and correct usage. By considering the system from an adversary's perspective, it's possible to enhance the system's defenses against illegitimate usage or attacks.
- Acceptable Interruption Window This refers to the maximum time period during which a system or service can be down without causing unacceptable harm to the operations or the business. It is a key factor in disaster recovery and business continuity planning, as it helps to set the recovery time objective (RTO). Understanding the acceptable interruption window is crucial for managing downtime risks and ensuring appropriate investment in preventative and recovery measures.
- Acceptable Use Policy A policy that defines the acceptable behaviors and actions of users when interacting with a network or system. It typically outlines user responsibilities, prohibited activities, and potential consequences for violations. The policy serves as a guideline for proper and respectful use of resources, and it helps protect the network, its users, and the organization from potential legal issues, security breaches, or reputation damage.
- Acceptance (As Related to Risk) Or Accepting Risk Accepted Ways for Handling Risk - In the context of risk management, there are generally accepted strategies for handling risk, which can be summarized as the "Four T's" of risk management. Treat - Implement measures to reduce the likelihood or impact of the risk. This often involves changing processes, procedures, or technology to mitigate the risk. Transfer - Shift the risk to a third party, typically through insurance, outsourcing, or partnerships. In this way, another entity assumes the responsibility for the risk's consequences. Tolerate - Accept the risk without action if it falls within the organization's risk appetite and threshold levels, often because the cost of treating it would exceed the benefit gained from mitigation. Terminate- Avoid the risk altogether by discontinuing the activity that generates the risk. This might mean changing business practices or stopping certain services or functions. There technically also is Risk rejection, we know the risk is there,(...) Read More
- Access In the context of IT and cybersecurity, access refers to the permission or ability to enter or use a system, network, resource, or data. Managing access involves authenticating users to confirm their identity and authorizing them to interact with certain information or functionalities based on their roles, responsibilities, and established security policies. Access controls are put in place to prevent unauthorized individuals from gaining entry to sensitive systems or information, thereby protecting the confidentiality, integrity, and availability of data. Access can be categorized into physical access, which pertains to entering facilities, and logical access, related to using computer networks, systems, and data.
- Access Control Refers to the systematic regulation of the ability of authenticated users to view, use, or alter resources. This procedure safeguards sensitive data from unauthorized access, protects system integrity, and prevents potential disruptions. It includes techniques such as role-based access control (RBAC), discretionary access control (DAC), and mandatory access control (MAC), which decide the level of user access based on assigned roles, user discretion, and adherence to policies, respectively.
- Access Control List (ACL) A table or database that keeps track of the permissions attached to an object, such as a file directory or a network interface. The ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. It is a key concept in file permissions, network security, and database management, where it is critical to maintain the right balance between security and usability.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.