Back door — a vulnerability intentionally left in the security of a computer system or its software by its designers

Biometrics — the use of a computer user’s unique physical characteristics — such as fingerprints, voice, and retina — to identify that user

Black hat — a term used to describe a hacker who has the intention of causing damage or stealing information

Bypass — a flaw in a security device

Cipher text — data that has been encrypted

Computer Emergency Response Team (CERT) — an organization that collects and distributes information about security breaches

Countermeasure — any action or device that reduces a computer system’s vulnerability

Cracker — a term sometimes used to refer to a hacker who breaks into a system with the intent of causing damage or stealing data

Cracking — the process of trying to overcome a security measure

Cryptography — protecting information or hiding its meaning by converting it into a secret code before sending it out over a public network

Crypto keys — the algorithms used to encrypt and decrypt messages

Cybercrime — crime related to technology, computers, and the Internet

Decrypt — the process of converting encrypted information back into normal, understandable text

Denial of service (DOS) — an attack that causes the targeted system to be unable to full-fill its intended function

Digital signature — an electronic equivalent of a signature

Domain name — the textual name assigned to a host on the Internet

Dumpster diving — looking through trash for access codes or other sensitive information

Email — an application that allows the sending of messages between computer users via a network

Encryption — the process of protecting information or hiding its meaning by converting it into a code

Firewall — a device designed to enforce the boundary between two or more networks, limiting access

Hacker — a term sometimes used to describe a person who pursues knowledge of computer and security systems for its own sake; sometimes used to describe a person who breaks into computer systems for the purpose of stealing or destroying data

Hacking — original term referred to learning programming languages and computer systems; now associated with the process of bypassing the security systems on a computer system or network

High risk application — a computer application that, when opened, can cause the user to become vulnerable to a security breach

Hijacking — the process of taking over a live connection between two users so that the attacker can masquerade as one of the users

Host –– a computer system that resides on a network and can independently communicate with other systems on the network

Hypertext Mark-up Language (HTML) — the language in which most webpages are written

Information security — a system of procedures and policies designed to protect and control information

Internet — a computer network that uses the Internet protocol family

Internet Relay Chat (IRC) — a large, multiple-user, live chat facility

Internet service provider (ISP) — any company that provides users with access to the Internet

Intranet –– a private network used within a company or organization that is not connected to the Internet (Used by Police Forces)

Intrusion detection — techniques designed to detect breaches into a computer system or network

IP spoofing — an attack where the attacker disguises himself or herself as another user by means of a false IP network address

Keystroke monitoring — the process of recording every character typed by a computer user on a keyboard

Leapfrog attack — using a password or user ID obtained in one attack to commit another attack

Letter-bomb — an email containing live data intended to cause damage to the recipient’s computer

Malicious code — any code that is intentionally included in software or hardware for an unauthorized purpose

One-time password — a password that can be used only once, usually randomly generated by special software

Packet –– a discrete block of data sent over a network

Packet sniffer — a device or program that monitors the data traveling over a network by inspecting discrete packets

Password — a data string used to verify the identity of a user

Password sniffing — the process of examining data traffic for the purpose of finding passwords to use later in masquerading attacks

Pen register — a device that records the telephone numbers of calls received by a particular telephone

Phracker — a person who combines phone phreaking with computer hacking

Phreaker — a person who hacks telephone systems, usually for the purpose of making free phone calls

Piggyback — gaining unauthorized access to a computer system via another user’s legitimate connection

Piracy — the act of illegally copying software, music, or movies that are copyright-protected

Pretty Good Privacy (PGP) — a freeware program designed to encrypt email

Probe — an effort to gather information about a computer or its users for the purpose of gaining unauthorized access later

Risk assessment — the process of studying the vulnerabilities, threats to, and likelihood of attacks on a computer system or network

Smart card — an access card that contains encoded information used to identify the user

Sniffer — a program designed to capture information across a computer network

Social engineering — term often used to describe the techniques virus writers and hackers utilize to trick computer users into revealing information or activating viruses

Spam — unsolicited commercial email

Spoofing — the process of disguising one computer user as another

Trap and trace device — a device used to record the telephone numbers dialled by a specific telephone

Trojan horse — an apparently innocuous program that contains code designed to surreptitiously access information or computer systems without the user’s knowledge

Virus — a computer program designed to make copies of itself and spread itself from one machine to another without the help of the user

War dialler — software designed to detect dial-in access to computer systems

Warez — slang for pirated software

White hat — a hacker whose intentions are not criminal or malicious

Wiretapping — the interception of electronic communications in order to access information

Worm — a computer program that copies itself across a network