Glossary

access matrix.
An access model in which a two-dimensional matrix defines the persons or groups who are permitted to access specific data or systems.
access review.
An examination of user access rights to determine whether any access rights need to be changed or discontinued.
accreditation.
The process of formally approving the use of a system.
accumulation of privileges.
The process whereby a person accumulates access rights to systems over a long period of time.
Advanced Persistent Threat (APT).
A party with the tools, knowledge, and patience to successfully attack a target system.
adversary.
An individual, an organization, or a force that opposes or attacks.
agent.
A small program that runs on a local system with some type of connection to a master program or console elsewhere.
antimalware.
Software designed to detect and prevent the installation and execution of malware.
antivirus.
See antimalware.
applet.
A program that operates within the context of another program.
applicant-tracking system.
An information system used to accept, manage, and screen resumes and cover letters from employment candidates.
application whitelisting.
A method of preventing malware by permitting only known, registered programs to execute.
authentication.
The process of asserting one’s identity (a user ID, a value assigned to a person or machine), including required proof such as a password, token, or biometric to a system.
authentication bypass.
An attack on a system in which the attacker attempts to ...

Get Getting an Information Security Job For Dummies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.