Computer security procedures

protection of computer systems and networks from theft, damage, misuse or data leak

thumb|Cyberwarfare specialists of the United States Army's 782nd Military Intelligence Battalion (Cyber) supporting the [[3rd Brigade Combat Team, 1st Cavalry Division during a training exercise in 2019]]

branch of digital forensic science

chroot is a shell command and a system call on Unix and Unix-like operating systems that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name (and therefore normally cannot access) files outside the designated directory tree. The term chroot may refer to the system call or the command-line utility. The modified environment is called a chroot jail. thumb|Chroot: from Gentoo to Ubuntu

hacker technique

act of obtaining secrets and information using methods on the Internet, networks or individual computers

software version that is stable and supported under a long-term or extended contract

framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources

secrecy of the design or implementation as the main method of providing security

family of protocols which mediate network access

The idea is to organize content based on the origin from which it arrives at the browser, preventing outside interference.

In Unix-like systems, the access rights flags setuid and setgid (short for set user identity and set group identity) allow users to run an executable with the file system permissions of the executable's owner or group respectively and to change behaviour in directories. They are often used to allow users on a computer system to run programs with temporarily elevated privileges to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific.

process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one

computer user interface element used by various operating systems

software engineering approach emphasizing security

policy in computer security

unofficial term used to refer to when Microsoft regularly releases software patches for its software products

cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities

The eXtensible Access Control Markup Language (XACML) is an XML-based standard markup language for specifying access control policies. The standard, published by OASIS, defines a declarative fine-grained, attribute-based access control policy language, an architecture, and a processing model describing how to evaluate access requests according to the rules defined in policies.

type of audit on the control level of information security in an organization

set of rules or procedures for ensuring the security of an organization's computer systems

special key combination which invokes a trusted login process

safeguard or countermeasure to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets

in information security, the placing of multiple layers of security controls throughout an IT system to provide redundancy in the event a security control fails

ability to continuously deliver an intended outcome, despite adverse cyber events

ethical vulnerability disclosure model in which a vulnerability or an issue is withheld from public disclosure until it has been patched or after a period of time

numerical grade assigned following the completion of a Common Criteria security evaluation

American international information security company

generic document that outlines rules for computer network access, determines how policies are enforced and lays out some of the basic architecture of the company security/ network security environment

restriction of classified data so that access is only given to individuals who need it to perform their job

EU directive

In computer programming and computer security, privilege separation is one software-based technique for implementing the principle of least privilege. This is used to mitigate the potential damage of a computer security vulnerability.

mechanism built into a computer architecture to support the enforcement of security policies

document used as part of the certification process according to ISO/IEC 15408 and the Common Criteria

set of all computer components critical to its security

proactive cyber defense activity

Term in information security policy

government mandated computer security