Glossary

Peer-to-peer

A multinational Pacific cybersecurity network which the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is a member of. PaCSON promotes closer sharing of cybersecurity threat information, tools, techniques and ideas between Pacific nations.

Security measures that are applied within a network and require limited human interaction. Passive defence includes logging and monitoring mechanisms, and implementation of tools and processes to harden networks including firewalls, application hardening, patching procedures and antivirus software.

A sequence of words used for authentication.

A sequence of characters used for authentication.

The use of different character sets, such as lower-case alphabetical characters (a-z), upper-case alphabetical characters (A-Z), numeric characters (0-9) and special characters.

A type of software that offers greater security through the capability to generate unique, strong, easily-changed passwords for all online accounts and the secure encrypted storage of those passwords either through a local or cloud-based vault.

An attack that attempts to access a large number of accounts with some commonly-used passwords.

Authentication that does not involve the use of something users know. Passwordless authentication may be single-factor or multi-factor, with the later often referred to as passwordless multi-factor authentication.

Multi-factor authentication using something users have that is unlocked by something users know or are. Note, while a memorised secret may be used as part of passwordless multi-factor authentication (e.g. to unlock access to a cryptographic private key stored on a device) it is not the primary authentication factor, hence the use of the passwordless terminology.

A piece of software designed to remedy vulnerabilities or improve the usability or performance of software, IT equipment or OT equipment.

A metallic (copper) or fibre-optic cable used for routing signals between two components in an enclosed container or rack.

A group of sockets or connectors that allow manual configuration changes, generally by means of connecting patch cables.

The action of updating, fixing, or improving a computer program.

Part of digitally transmitted data that is the fundamental purpose of the transmission. In the cyber-security context, normally the part of a malware program that performs a malicious action.

A decentralised file sharing system. Files are stored on and served by the personal computers of the users.

A penetration test is designed to exercise real-world scenarios in an attempt to achieve a specific goal, such as compromising critical systems.

Additional security for security associations ensuring that if one security association is compromised subsequent security associations will not be compromised.

A device used to share a set of peripherals between multiple computers. For example, a keyboard, video monitor and mouse.

Any information relating to an identified or identifiable natural person.

A number allocated to an individual and used to validate electronic transactions.

Information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.

Information that can be used on its own or with other information to identify, contact or locate a single person, or to identify an individual in context.

A way of harvesting personal information, where a hacker puts a malicious code on your computer that redirects you to a fake site.

Untargeted, mass emails sent to many people asking for sensitive information (such as bank details), encouraging them to open a malicious attachment, or visit a fake website that will ask the user to provide sensitive information or download malicious content.

See also 'spear phishing' and 'whaling'.

A document that describes vulnerabilities in a system and the plans for their rectification.

Programmable logic controllers

Pairwise Master Key

Malware that can change parts of its code in order to avoid detection by security software.

A small window which suddenly appears (pops-up) in the foreground of the normal screen.

Any device that can easily be carried. It is a small form factor computing device that is designed to be held and used in the hand.

A file format that has captured all the elements as of a printed document as an electronic image that you can view, navigate, print or forward to someone else.

A position that involves duties that require a higher level of assurance than that provided by normal employment screening. In some cases, additional screening may be required. Positions of trust can include, but are not limited to, chief information security officers and their delegates, system administrators and privileged users.

Asymmetric cryptography designed to remain secure in the presence of a cryptographically relevant quantum computer.

An asymmetric cryptographic scheme that incorporates at least two different components based on different mathematically hard problems. Generally, post-quantum traditional hybrid schemes are used to combine post-quantum cryptography and traditional cryptography such that defeating the scheme requires defeating each component.

Applications that may appear to serve a useful purpose but often perform actions that may adversely affect a computer’s performance. Also known as potentially unwanted applications.

The shell framework developed by Microsoft for administrative tasks such as configuration management and automation of repetitive jobs.

The ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Settings which control how a user's data is shared with other people or systems. Privacy settings apply to web browsers and social networking services.

Provides a dedicated operating system for sensitive tasks and is protected from internet attacks and threat vectors.

Privileged accounts include privileged user accounts and privileged service accounts.

Privileged operating environments are those used for activities that require a degree of privileged access, such as system administration activities.

A user who can alter or circumvent a system’s security measures. This can also apply to users who could have only limited privileges, such as software developers, who can still bypass security measures.

A privileged user can have the capability to modify system configurations, account privileges, audit logs, data files or applications.

User accounts that have the capability to modify system configurations, account privileges, event logs and security configurations for applications. This also applies to users who may only have limited privileges but still have the ability to bypass some of a system’s controls.

A generic term used to describe software or hardware.

A document that stipulates the security functionality that must be included in a Common Criteria evaluation to meet a range of defined threats.

Protection Profiles also define the activities to be taken to assess the security function of an evaluated product.

An administrative label assigned to data that not only shows the value of the data but also defines the level of protection to be provided.

Protective Security Circular

The Australian Government's Protective Security Policy Framework

A computer available in public areas. Some places where public computers may be available are libraries, schools or government facilities.

Data that has been formally authorised for release into the public domain.

Information that has been formally authorised for release into the public domain.

A set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.

Network infrastructure that an organisation has no control over, such as the internet.

Public network infrastructure used for voice communications.

Any Wi-Fi service established and owned by a contributing group that is provided for use by its customers on a wireless device.

Public Wi-Fi may be unsecured, password protected or have other secure authentication protocols established and managed by such contributing group.

See also unsecured networks.

Handsets that have a button which is pressed by the user before audio can be communicated, thus providing off-hook audio protection.