Glosario-OP

P


Packet sniffer

Software designed to monitor and record network traffic. It can be used for good or evil – either to run diagnostics and troubleshoot problems, or to snoop in on private data exchanges, such as browsing history, downloads, etc.

Passive attack

Attackers try to gain access to confidential information in order to extract it. Because they’re not trying to change the data, this type of attack is more difficult to detect – hence the name ‘passive’.

Password sniffing

A technique used to harvest passwords by monitoring or snooping on network traffic to retrieve password data.

Patch management

Patches (updates) are provided by developers to fix flaws in software. Patch management is the activity of getting, testing and installing software patches for a network and the systems within it.

Patching

Applying updates (patches) to firmware or software, whether to improve security or enhance performance.

Payload

The element of the malware that performs the malicious action – the cyber security equivalent of the explosive charge of a missile. Usually spoken of in terms of the damaging wreaked.

Payment Card Industry Data Security Standard (PCI-DSS)

The security practices of the global payment card industry. Retailers and service providers that accept card payments (both debit and credit) must comply with PCI-DSS.

Pen test/pentest

A slang term for penetration test or penetration testing.

Penetration testing

A test designed to explore and expose security weaknesses in an information system so that they can be fixed.

Personally Identifiable Information (PII)

The data that enables an individual to be identified.

Pharming

An attack on network infrastructure where a user is redirected to an illegitimate website, despite having entered the right address.

Phishing

Mass emails asking for sensitive information or pushing them to visit a fake website. These emails are generally untargeted.

Proxy server

A go-between a computer and the internet, used to enhance cyber security by preventing attackers from accessing a computer or private network directly.

No hay comentarios:

Publicar un comentario

Más leídas este mes