Index for glossary P
A type of filtering to permit or deny network traffic based on the data source, destination, service or protocol of the data packets.
A private and unique series of numbers or letters which enable a user to gain access to a system or service. A passphrase is a longer password.
A patch is a program that upgrades software to a different version, or repairs bug/vulnerability of software.
Penetration testing is used to test the external perimeter security of a network or facility.
Personal Identification Number (PIN)
An alphanumeric code or password used to authenticate an identity or to gain access to a system resource.
An attack redirects users to a bogus website such as fraudulent websites or proxy servers, typically through DNS server hijacking or poisoning.
Phishing is a kind of social engineering attack that tricks legitimate users into revealing private details, such as e-banking login names and passwords by using e-mails or fraudulent websites.
A message text or data that is freely readable and understandable by anyone.
A type of virus that changes its telltale code segments so that it "looks" different from one infected file to another, thus making detection more difficult.
A port scanning activity is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known" port number, the computer provides. Port scanning, a favourite approach of computer cracker, gives the assailant an idea where to probe for weaknesses. Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed for weakness.
A data file storing a mathematical key which is assigned and known only to a single individual, used for creating digital signature and decrypting messages previously encrypted by the sender, using the recipient’s own public key.
The account for a user having access to system control, monitoring, or administration functions.
A server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service.
Asymmetric cryptography involves a pair of cryptographic keys for each user. The component that can be made publicly known is the public key.
Public Key Infrastructure (PKI)
A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organisation and directory services that can store and, when necessary, revoke the certificates. It often includes services and protocols for managing the public keys through the use of Certification Authority.