Glossary

The unauthorised exploitation of weaknesses in a computer system or network.

A computer expert that can gain unauthorised access to computer systems. Hacker is an agnostic term and a hacker does not necessarily have malicious intent. See also ‘black hat’, ‘grey hat’, and ‘white hat’.

A hacker whose motivation is political, religious or ideological, as opposed to criminal.

A generic term for IT equipment and OT equipment.

A physical computing device that safeguards cryptographic keys and provides cryptographic processing. A hardware security module is or contains a cryptographic module. Hardware security modules are commonly deployed in Public Key Infrastructure, digital identity solutions and payment systems.

An exploitable weakness in a computer system that enables attacks through remote or physical access to system hardware.

A cryptographic function that can be used to compute Message Authentication Codes using a hash function and a secret key.

Cryptographic equipment that has been authorised by ASD for the protection of SECRET and TOP SECRET data.

The rigorous investigation, analysis, verification and validation of ICT equipment by the Australian Signals Directorate (ASD) against a stringent security standard.

The rigorous investigation, analysis, verification and validation of products by ASD to protect SECRET and TOP SECRET data.

IT equipment that has been designed and authorised for the protection of SECRET and TOP SECRET data.

A server that provides important network services or contains data repositories. For example, a Domain Name System server, database server, email server, file server or web server.

Host-based Intrusion Prevention System

A falsehood deliberately fabricated to masquerade as the truth.

A scam that is distributed in email form that is designed to deceive and defraud email recipients, often for monetary gain.

A computer system designed specifically to attract potential malicious actors in order to inform the development of defensive measures and responses.

An area where wireless internet access is available to the general public.

Hypertext Markup Language

A web security policy mechanism that helps to protect websites against person-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking.

Non-volatile magnetic media that uses a cache to increase read/write speeds and reduce boot times. The cache is normally non-volatile flash memory media.

Hypertext Transfer Protocol is the fundamental protocol used for transferring files on the internet.

While Hypertext Transfer Protocol (HTTP) is the basic framework for transferring data across the web, HTTPS adds a layer of encryption for additional security; with 'S' standing for secure.