Glossary

Evaluation Assurance Level

Extensible Authentication Protocol

Extensible Authentication Protocol-Transport Layer Security

An Easter egg is the hidden functionality within an application program, which becomes activated when an undocumented set of commands and keystrokes are entered. Easter eggs are typically used to display the credits for the development team or a humorous message and are intended to be nonthreatening.

A guide developed by Australian Cyber Security Centre to help Australians protect themselves from cyber criminals.

Elliptic Curve Diffie-Hellman

Elliptic Curve Digital Signature Algorithm

Electrically erasable programmable read-only memory

Electronic funds transfer at point of sale

Electronic funds transfer at point of sale is an electronic payment system involving electronic funds transfers based on the use of payment cards, such as debit or credit cards, at payment terminals located at points of sale.

Electronic mail is a method of exchanging messages between people using electronic devices.

The counter-measures employed to reduce classified emanations from a facility and its systems to an acceptable level. Emanations can be in the form of Radio Frequency energy, sound waves or optical signals.

An ACSC program that sets out the requirements for government and organisations to be formally recognised to conduct emanation security practices to national standards.

Enhanced Mitigation Experience Toolkit

Emotet is a malware strain and a cybercrime operation. First versions of the Emotet malware functioned as a banking trojan aimed at stealing banking credentials from infected hosts. Emotet operators then updated the trojan and reconfigured it to work primarily as a "loader", a type of malware that gains access to a system, and then allows its operators to download additional payloads.

Emanation security program

A protocol used for encryption and authentication in IPsec.

Convert information or data into a code, especially to prevent unauthorized access.

The process of converting files into a code, to prevent unauthorized access.

The conversion of electronic plaintext data into unreadable ciphertext using algorithms. Encryption protects the confidentially of data at rest and in transit. Both encryption and decryption are functions of cryptography.

Software designed to ensure the confidentiality of data by encrypting it when at rest.

End-of-support refers to a situation in which a company ceases support for a product or service. This is typically applied to hardware and software products when a company releases a new version and ends support for previous versions.

A method of secure communication where only the communicating users can read data transferred from one end system or device to another.

A personal computer, personal digital assistant, smart phone, or removable storage media (e.g. USB flash drive, memory card, external hard drive, writeable CD or DVD) that can store information.

A methodology of protecting a network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats.

An approach to work in which employees can do their jobs from anywhere using a variety of devices and applications.

Evaluated Products List

Erasable programmable read-only memory

A person who ensures that when maintenance or repairs are undertaken to ICT equipment that uncleared personnel are not exposed to information they are not authorised to access.

Encapsulating Security Payload

The Essential Eight are eight essential mitigation strategies that organisations are recommended to implement as a baseline to make it much harder for adversaries to compromise systems.

Essential services refer to those services that are vital to the health and welfare of a population and therefore are essential to maintain even in a disaster.

The Evaluated Products List is the definitive list of certified information and communications technology products for use by Australian and New Zealand government agencies in the protection of government information as required by the Australian Government Information Security Manual.

Evaluation Assurance Level (EAL1 through EAL7)

In the context of system logs, an event constitutes an evident change to the normal behaviour of a network, system or user.

Event forwarding is the transmission of information to a centralised computer concerning events that take place on remote computers or servers. In this context, an event is any occurrence that affects a file, program, task. Events are commonly used for troubleshooting applications and drivers.

An event log is often used by a tool called security information and event management tool. This tool provides a higher level of analysis of the contents of an event log to help network administrators determine what is going on within a network.

A file that causes a computer to perform indicated tasks according to encoded instructions.

A piece of code that exploits bugs or vulnerabilities in software or hardware to gain access a system or network.

eSafety is an independent statutory office supported by the Australian Communications and Media Authority. The eSafety Commissioner has various functions and powers under the Australian Government legislation, to foster online safety.

Extensible Markup Language is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable.