Peer-to-peer
P
P2P
PaCSON
The ACSC is a member of Pacific Cyber Security Operational Network (PaCSON), which is proving to be a vital vehicle for closer sharing of cyber security threat information, tools, techniques and ideas between Pacific nations.
Padlock (https://)
A padlock display in a browser is intended to indicate a secure connection or website, although it may not always be a reliable indicator. Users should look instead for ‘HTTPS’ at the beginning of the address bar and check the website’s SSL certificate.
Passive defence
Security measures that are applied within a network and require limited human interaction. Passive defence includes logging and monitoring mechanisms, and implementation of tools and processes to harden networks including firewalls, application hardening, patching procedures and antivirus software.
Passphrase
A sequence of words used for authentication.
Passphrase complexity
The use of at least three of the following character sets in passphrases: lower-case alphabetical characters (a-z), upper-case alphabetical characters (A-Z), numeric characters (0-9) or special characters.
Password
A sequence of characters used for authentication.
Password attack
Password attack is an attempt to discover or bypass passwords used for authentication on systems and networks, and for different types of files.
Password manager
Password managers are a type of software that offer greater security through the capability to generate unique, long, complex, easily changed passwords for all online accounts and the secure encrypted storage of those passwords either through a local or cloud based vault.
Password spray
Password spraying is an attack that attempts to access a large number of accounts with a few commonly used passwords.
Patch
A piece of software designed to remedy security vulnerabilities, or improve the usability or performance of software and ICT equipment.
Patch cable
A metallic (copper) or fibre-optic cable used for routing signals between two components in an enclosed container or rack.
Patch panel
A group of sockets or connectors that allow manual configuration changes, generally by means of connecting patch cables.
Patching
The action of updating, fixing, or improving a computer program.
PAW
Privileged Access Workstation
Payload
Part of digitally transmitted data that is the fundamental purpose of the transmission. In the cyber-security context, normally the part of a malware program that performs a malicious action.
PayPal
PayPal is an electronic commerce company that facilitates payments between parties through online funds transfers.
PDF
Portable Document Format
Peer-to-peer file sharing network
A decentralised file sharing system. Files are stored on and served by the personal computers of the users.
Penetration test
A penetration test is designed to exercise real-world targeted cyber intrusion scenarios in an attempt to achieve a specific goal, such as compromising critical systems or information.
Penetration testing
A method of evaluating the security of an ICT system by seeking to identify and exploit vulnerabilities to gain access to systems and data. Also called a ‘pentest’.
Perfect forward secrecy
Additional security for security associations ensuring that if one security association is compromised subsequent security associations will not be compromised.
Peripheral switch
A device used to share a set of peripherals between multiple computers. For example, a keyboard, video monitor and mouse.
Person-in-the-middle
A form of malicious activity where the attacker secretly accesses, relays and possibly alters the communication between two parties who believe they are communicating directly with each other. Formerly known as man-in-the-middle.
Personal computers
A personal computer is a multi-purpose computer whose size, capabilities, and price make it feasible for individual use.
Personal data
Personal data means any information relating to an identified or identifiable natural person.
Personal Identification Number
A number allocated to an individual and used to validate electronic transactions.
Personal information
Information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.
Personally identifiable information
Information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
PFS
Perfect Forward Secrecy
Pharming
A way of harvesting personal information, where a hacker puts a malicious code on your computer that redirects you to a fake site.
Phishing
Untargeted, mass emails sent to many people asking for sensitive information (such as bank details), encouraging them to open a malicious attachment, or visit a fake website that will ask the user to provide sensitive information or download malicious content.
See also 'spear phishing' and 'whaling'.
PII
Personally identifiable information
PIN
Personal Identification Number
PITM
Person-in-the-Middle
Pixel
A minute area of illumination on a display screen, one of many from which an image is composed.
PKI
Public Key Infrastructure
PlayStation
Playstation is a video game console developed by Sony.
PLC
Programmable logic controllers
PMK
Pairwise Master Key
Polymorphic
Describes malware that can change parts of its code in order to avoid detection by security software.
Pop-up
A small window, which suddenly appears (pops-up) in the foreground of the normal screen.
Portable devices
A portable device is any device that can easily be carried. It is a small form factor of a computing device that is designed to be held and used in the hands.
Portable Document Format
Portable document format is a file format that has captured all the elements of a printed document as an electronic image that you can view, navigate, print, or forward to someone else.
Position of trust
A position that involves duties that require a higher level of assurance than that provided by normal employment screening. In some organisations additional screening may be required.
Positions of trust can include, but are not limited to, an organisation’s Chief Information Security Officer and their delegates, administrators or privileged users.
Potentially unwanted software
Also known as potentially unwanted applications. These are applications that may appear to serve a useful purpose, but often perform actions that may adversely affect a computer’s performance.
PowerShell
PowerShell is the shell framework developed by Microsoft for administration tasks such as configuration management and automation of repetitive jobs.
PP
Protection Profile
Privacy
Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.
Privacy settings
Settings which control how a user's data is shared with other people or systems. Privacy settings apply to web browsers and social networking services.
Privileged Access Workstation
Privileged Access Workstations provide a dedicated operating system for sensitive tasks that is protected from internet attacks and threat vectors.
Privileged user
A user who can alter or circumvent a system’s security measures. This can also apply to users who could have only limited privileges, such as software developers, who can still bypass security measures.
A privileged user can have the capability to modify system configurations, account privileges, audit logs, data files or applications.
Product
A generic term used to describe software or hardware.
Protect
Restrict access to or use of data.
PROTECTED area
An area that has been authorised to process, store or communicate PROTECTED information. Such areas are not necessarily tied to a specific level of Security Zone.
Protecting identity
The act of putting security measures in place in order to keep your identity safe.
Protecting your computer
Security measures and/or actions put in place in order to prevent a computer from being harmed by malware.
Protection Profile
A document that stipulates the security functionality that must be included in Common Criteria evaluation to meet a range of defined threats.
Protection Profiles also define the activities to be taken to assess the security function of an evaluated product.
Protective marking
An administrative label assigned to information that not only shows the value of the information but also defines the level of protection to be provided.
PSC
Protective Security Circular
PSPF
Protective Security Policy Framework
PSTN
Public Switched Telephone Network
PUA
Potentially Unwanted Applications
Public computers
A public computer is any of various computers available in public areas. Some places where public computers may be available are libraries, schools, or facilities run by government.
Public information
Information that has been formally authorised for release into the public domain.
Public Key Infrastructure
A public key infrastructure is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
Public network infrastructure
Network infrastructure that an organisation has no control over (e.g. the internet).
Public Switched Telephone Network
Public network infrastructure used for voice communications.
Public Wi-Fi
Public Wi-Fi means any Wi-Fi service established and owned by a contributing group that is provided for use by its customers on a wireless device.
Public Wi-Fi may be unsecured, password protected or have other secure authentication protocols established and managed by such contributing group.
See also unsecured networks.
PUS
Potentially unwanted software
Push-to-talk handsets
Handsets that have a button which is pressed by the user before audio can be communicated, thus providing off-hook audio protection.
