Glossary of Technical Terms

AVI (Audio Video Interleave)
A Microsoft-specified format for saving audio and/or video clips, referred to by Windows as "Video for Windows." You can play the files through the Media Player in Windows or through many popular browser plug-in multimedia players. Files of this type have a .avi extension.

Average Selling Price (ASP)
This term is used in the microchip manufacturing world. Companies like AMD and Intel strive for high ASPs. The ASP is an indication not only of direct profits, but how well a company is keeping up with the technology curve. It is not uncommon for Intel to have an ASP of around US$100 and AMD to be close behind.

Availability
A measure of how much time a network or a connection is running. Generally the equation is: Time Running / Time Measured (time running divided by time measured). Thus, if you measured something for 20 minutes and it was only up for 19 of them, you’d have 95% availability.

Authentication
A process of proving the identity of a computer or computer user. For users, it generally involves a user name and password. Computers usually pass a code that identifies that they are part of a network.

AUI
A synonym for the 10Base5 Thicknet Ethernet standard.

Audio Video Interlive (AVI)
A Microsoft-specified format for saving audio and/or video clips, referred to by Windows as "Video for Windows." You can play the files through the Media Player in Windows or through many popular browser plug-in multimedia players. Files of this type have a .avi extension.

Audio Modem Riser (AMR)
An Intel specification designed to move the analog I/O functions of sound cards and modems onto a riser card. It allows motherboards to have an I/O slot built into them to make it easier to integrate audio and modem functions onto a motherboard. The specification does not define "an aftermarket standard I/O slot," according to Intel. Basically, the slot is supposed to be filled when you buy a motherboard, with the motherboard manufacturer’s choice of modem/audio functions.

ATX12V
A superset of the ATX form factor that is used for systems with the Pentium 4 processor. It features a power supply with an extra four-pin connector for 12 volt power to the motherboard so that the processor has enough power. There is also a 6-pin auxiliary connector for additional 3.3 or 5 volt power.

ATX Form Factor
The ATX form factor specification takes the original Baby AT-sized motherboard, rotates it 90 degrees, and calls for a power supply with a side-mounted fan that cools not only the power supply, but also the processor and add-in boards. This new approach was designed to lower costs and provide better motherboard placement in an ATX case. In addition, the ATX form factor introduced a large set of I/O ports that are wired directly to the motherboard, and standard support for PS/2 keyboard and mouse connections.

ATX (ATX Form Factor)
The ATX form factor specification takes the original Baby AT-sized motherboard, rotates it 90 degrees, and calls for a power supply with a side-mounted fan that cools not only the power supply, but also the processor and add-in boards. This new approach was designed to lower costs and provide better motherboard placement in an ATX case. In addition, the ATX form factor introduced a large set of I/O ports that are wired directly to the motherboard, and standard support for PS/2 keyboard and mouse connections.

Attachment
A file embedded in an e-mail message. It is possible to have one or more attachments embedded in an e-mail message. If you are sending or receiving attachments, you must have an e-mail client that supports MIME encoding, or the attachments will show up in encoded form, which basically looks like a large block of numbers and letters.

ATM (Asynchronous Transfer Mode)
A networking protocol initially designed to move multimedia data around with high reliability and speed. It uses small, fixed-size cells of data that can be more easily controlled and kept at specific service levels than TCP/IP. Some ISPs use ATM as the protocol for their backbones.

ATL (Active Template Library)
A group of routines provided by Microsoft that can be used to help more easily create ASP, ActiveX, and COM objects in C++.

ATAPI (AT Attachment Packet Interface)
This interface is part of EIDE, and it allows a PC to control CD-ROM drives and tape drives across the IDE interface.

ATA/133 (Ultra ATA/133)
This refers to what is most probably the final extension to the parallel ATA connection standard. The proposal was created by Maxtor, and allows a top data transfer rate of 133 megabytes per second. Intel didn’t support this standard in its chipsets, instead opting to wait for Serial ATA. See Serial ATA for further details.

Bytes per second (Bps)
This is generally a measure of how fast some device communicates, usually in thousands of bytes per second (KBps) or millions of bytes per second (MBps). See also bits per second. If you’ve got a capital B, you are talking Bytes, not bits.

Byte
Simply put, it’s 8 bits. Think of it as a string of 1s and 0s that represents a number from 0 to 255. For example 01100101 is one byte of information, whereas 0 or 1 are bits of information.

Business to Consumer (B2C)
A form of doing business that deals with selling goods and services to the consumer marketplace. Examples of this would be selling consumer electronics, toys, or pet supplies. This contrasts with the business to business model.

Business to Business (B2B)
This term is often used to describe websites that sell goods or services to other businesses. Thus, businesses are serving other businesses as opposed to consumers.

Bus Topology
This network topology has computers connected to a strand of network cabling that is connected to network repeaters at one end and terminated at the other. If you break part of the cable or remove the terminator, all machines on that segment lose communication with the network. 10Base2 was a widely used bus topology network in its day.

Bus speed
A measurement, usually in MHz, of how many times data can be transferred over the bus per second.

Bus mouse
A mouse that uses the smaller 6-pin connector instead of your computer’s serial port. Also referred to as a PS/2 mouse because of its early adoption in the IBM PS/2 series of computers.

Bus
A bus is simply a data path between devices. The computer’s system bus is what peripherals use to send and receive data from the processor and main memory. You can think of a bus as a set of wires connecting multiple devices.

Burst EDO RAM (BEDO RAM)
A type of EDO RAM that can read three consecutive memory locations in three clock cycles–a 1-1-1 burst. This makes BEDO RAM much faster at reading large blocks of data than standard EDO RAM. However, it cannot operate faster than 66MHz, limiting its applications in today’s computers. Burst EDO was never more than a niche technology.

Burn in
The running of repetitive tasks on a computer to ensure that the computer is functioning properly. It also describes what can happen to older CRT screens when the same image is shown on them for long periods of time. An impression of the image is burnt into the screen, permanently damaging it. Screensavers were created to prevent this.

Burn (v. to burn)
Widely used slang that describes the creation of a CD-R disc. During the creation of a CD-R, a laser is used to burn tiny holes inside the disk media.

Bulletin Board System (BBS)
A bulletin board system used to describe message boards that people would dial into directly with modems before the Internet was easily accessible. Instead of dialing into a network where everything is connected, you had your choice of a group of BBSs to dial into, and each one tried to offer the most members, files, and graphics to its members. Typically you paid for access on a monthly basis. More recently, the term describes Internet-based message boards or forums.

Bulk Copy Program (BCP)
A program used to copy databases or parts of databases in Sybase and Microsoft SQL Server environments. It was at first a command line program, but graphical interface programs have been put on top of it to make it more friendly.

Bug
This is commonly an error in design or programming in a hardware device or piece of software. The effects of a bug may be as harmless as an extra graphic on the screen, or as harmful as a system crash or loss of data. The first computer "bug" was a real bug, a moth, in fact, that was stuck between relays back in an early computer in 1945. See also Feature.

Buffered memory
Memory modules that have extra chips on them to support Error Checking and Correcting (ECC) functional

Backbone
A primary transit network or series of networks, designed to carry data between different local area networks. A backbone generally has greater data carrying capacity, or “bandwidth”, than the networks connected to it. The nternet Backbone is the interconnection of high-speed networks, primarily government, commercial telecommunications and academic networks that route data for public Internet users.

Backdoor
A method of regaining remote control of a victim’s computer by reconfiguring installed legitimate software or the installation of a specialized program designed to allow access under attacker-defined conditions. Trojan horse programs and rootkits often contain backdoor components.

Black hat
A computer hacker who is intent on causing damage or taking other unauthorized or illegal actions against a victim.

C2
Command and control. The term, in the context of computer network operations, often describes a communications method or a component thereof to maintain remote control of an operational asset, such as a compromised computer.

Coder
A computer programmer or one who writes computer programming language code.

Computer Network Attack (CNA)
Actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves. (See: http://www.dtic.mil/doctrine/jel/new_pubs/jp3_13.pdf).

Computer network defense (CND)
Actions taken through the use of computer networks to protect, monitor, analyze, detect and respond to unauthorized activity within information systems and computer networks (See: http://www.dtic.mil/doctrine/jel/new_pubs/jp3_13.pdf).

Computer network exploitation (CNE)
Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary automated information systems or networks (See: http://www.dtic.mil/doctrine/jel/new_pubs/jp3_13.pdf).

Computer network operations (CNO)
Comprised of computer network attack, computer network defense, and related computer network exploitation enabling operations (See http://www.dtic.mil/doctrine/jel/new_pubs/jp3_13.pdf).

Distributed denial of service (DDoS)
A class of attacks that results in the exhaustion of computing or communications resources by engaging many intermediate computers to simultaneously attack one victim. These intermediate attack systems are often previously compromised and under the control of the attacker.

Electronic Warfare (EW)
Any military action involving the use of electromagnetic and directed energy to control the electromagnetic spectrum or to attack the enemy. The three major subdivisions within electronic warfare are: electronic attack, electronic protection, and electronic warfare support.

File Transfer Protocol (FTP)
A standard Internet protocol implemented in FTP server and client software, including most web browsers. It is used to “transfer data reliably and efficiently.” http://www.rfc-editor.org/rfc/rfc959.txt

Hacker
An individual who uses computer technology in ways not originally intended by the vendor. Commonly the term is applied to people who attack others using computers.
For the purposes of this discussion, hackers are subdivided as follows:

  • Script kiddies: Unskilled attackers who do not have the ability to discover new vulnerabilities or write exploit code, and are dependent on the research and tools from others. Their goal is achievement. Their sub-goals are to gain access and deface web pages.
  • Security researchers and white hat operators: This group has two subcategories: bug hunters and exploit coders. Their goal is profit. Their subgoals are to improve security and achieve recognition with an exploit.
  • Professional hacker-black hat: Individuals who get paid to write exploits or actually penetrate networks; this group also falls into the same two subcategories as above. Their goal is also profit (See: http://www.uscert.gov/control_systems/csthreats.html).

 

Hypertext Transfer Protocol (HTTP)
The message format and exchange standard used by web browsers and web servers.

Hacktivism
Computer hacking intended to communicate a social or political message, or to support the position of a political or ideological group. Hactivism activities include data theft, website defacement, denial of service, redirects and others.

Hacktivist
An attacker who practices hacktivism.

INFOCON
Information Operations Condition (INFOCON) classifications mirror Defense Conditions (DEFCON) Alert System and are a uniform system of five progressive readiness conditions– INFOCON 5 thru INFOCON 1 with INFOCON 5 being a level of normal readiness and INFOCON 1 a level of maximum readiness, implemented because of severe threat or attack. As the INFOCON levels increase, elements of network functionality or services deemed lower priority or at high risk of attack may be temporarily suspended. Thus, CNA tools that work during a normal state of readiness may be rendered ineffective if the services or applications they exploit are turned off.

Information Warfare (IW)
Actions taken to achieve information superiority by affecting adversary information, information-based processes, information systems, and computer-based networks while defending one’s own information, information-based processes, information systems, and computer-based networks (See: http://www.jpeocbd.osd.mil/packs/DocHandler.ashx?DocId=3712)

Intrusion Detection System (IDS)
A computer or network monitoring system that matches observations against patterns of known or suspected unauthorized activity.

Intrusion Prevention System (IPS)
An inline system or software that applies IDS-style logic and approves or rejects network traffic, program and data access, hardware use, etc.

Network Behavioral Analysis (NBA)
An intrusion detection system that models network traffic and alerts on violations of known acceptable activity. Rules can include data volume, time of day, traffic rate, communication partners, content, and other elements.

NIPRNET
Non-classified Internet Protocol Router Network. The unclassified network of the US Department of Defense which provides Internet access as well as interconnectivity to DoD users and facilities.

NTLM
A Microsoft authentication protocol that uses cryptographic hash representations of account passwords. (See: http://msdn.microsoft.com/enus/library/aa378749(VS.85).aspx)

PDF
File format and filename extension for Adobe Portable Document Format documents.

Phishing
The practice of enticing a victim to visit a website or other online resource with the intention of stealing credentials, financial information such as bank accounts, or credit card numbers. Phishing attacks generally involve an email claiming to come from a trusted entity such as a bank or ecommerce vendor, with a link to a website and the instructions to click the link and take actions once at the website.

RAR or Roshal Archive
A compressed file format similar in use to the more popular ZIP format. It is used to conserve storage and network resources and simplifies the movement of large sets of files. Optional encryption is available using the NIST Advanced Encryption Standard algorithm. Just as ZIP archives are created with software such as WinZip (http://www.winzip.com) and zip (http://www.info-zip.org), RAR archives are created with WinRar and RAR (http://www.rarlab.com)

Remote Desktop Protocol (RDP)
The communication protocol used to provide remote viewing and control of Microsoft Windows computers and applications. For additional information (See http://msdn.microsoft.com/enus/library/aa383015(VS.85).aspx).

Rootkit
A piece of software that can be installed and hidden on the victim computer without the user’s knowledge. It may be included in a larger software package or installed by an attacker who has been able to take advantage of vulnerability on the victim machine. Rootkits are not necessarily malicious, but they may hide malicious activities. Attackers may be able to access information, monitor user actions, modify programs, or perform other functions on the targeted computer without being detected (See: http://www.uscert.gov/cas/tips/ST06-001.html).

Security Event and Information Management (SEIM)
Centralized collection and management of security event records from many different systems such as firewalls, IDS/IPS, antivirus software, authentication systems, etc. SEIMs may provide complex multifactor rules to alert on patterns of behavior not easily identifiable by one of the component systems alone.

Spearphishing
A targeted phishing attack against a select group of victims, usually belonging to a single company, school, industry, etc. “Spearphishing” is commonly used to refer to any targeted email attack, not limited to phishing.

Trojan Horse
An apparently useful program containing hidden functions that can exploit the privileges of the user (running the program), with a resulting security threat. A Trojan horse does things that the program user did not intend. Trojan horses rely on users to install them, or they can be installed by intruders who have gained unauthorized access by other means. Then, an intruder attempting to subvert a system using a Trojan horse relies on other users running the Trojan horse to be successful (See: www.cert.org/advisories/CA-1999-02.html).

Tunneling
A technique to encapsulate one communication data stream inside of another, in order to extend the advantages of the latter to the former. Attackers will often tunnel a network protocol that would not be allowed to cross network boundaries inside of another that is allowed, defeating perimeter defenses (See: http://www.its.bldrdoc.gov/projects/devglossary/_tunneling.html).

Two-factor Authentication (T-FA)
Existing authentication methodologies involve three basic “factors”:

  • Something the user knows (e.g., password, PIN);
  • Something the user has (e.g., ATM card, smart card); and
  • Something the user is (e.g., biometric characteristic, such as a fingerprint). T-FA requires that a user present two of the three possible factors to the authentication mechanism. A known flaw in some T-FA systems is the server storage of a hash representation of the credentials contained on the smart card or token. With this in hand, the attacker can replay that data to the authentication system; in this case, that of the proxy server, without needing the physical card or token (See:http://www.ffiec.gov/pdf/authentication_guidance.pdf).

 

USPACOM
United States Pacific Command is one of six Unified Combatant Commands of the United States Armed Forces with an area of responsibility encompassing all territory from the US West Coast to the western border of India, and from Antarctica to the North Pole. The command presently has approximately 325,000 US service personnel.

USTRANSCOM
United States Transportation Command provides intermodal transportation across the spectrum of military operations. USTRANSCOM is comprised of three component commands — the Air Force’s Air Mobility Command, the Navy’s Military Sealift Command, and the Army’s Military Surface Deployment and Distribution Command.

Zero day exploit
An attack against a software vulnerability that has not yet been addressed by the software maintainers. These attacks are difficult to defend