booklets and brochures

networked information systems

glossary (continued)

INFOSEC- Information security.

LAN- Local area network.

Malicious/Embedded Code- Codes written into executable programs hidden or disguised that performs some function other than the intended program.

PC- Personal computer.

Personnel Vulnerabilities- Personnel lacking the required authority, appropriate clearances, as well as the need-to-know to network and system information.

Physical Vulnerabilities- Control and accountability of physical access to controlled areas.

Procedural Vulnerabilities- Development and maintenance of policies and procedures, or deviations from the roles and responsibilities defined in established security policies.

Script Kiddies- Individuals who collect and run tools that scan for the vulnerabilities of computer systems.

Social Engineering- A form of hacking involving attempts to access data by combining personnel contact and some level of access.

Software Vulnerabilities- Network and system software versions, data, and related security software, as well as inherent deficiencies in default settings in software delivery.

System Administrators- Individuals who oversee the day-to-day operations of computers and computer networks.

Trap Door- A hole in a computer system left by the programmer to catch an intruder.

Trojan Horse- A program that masquerades as a benign application.

Threats- Any circumstance or event with the potential to cause harm in a system in the form of destruction, disclosure, modification of data, and/or denial of service.

Vulnerabilities- Weaknesses or deficiencies in an information system that could be exploited, for example, system security procedures, hardware designs, internal controls.

WAN- Wide area network