Definitions/Glossary
APT–Advanced Persistent Threat
Algorithm–a procedure for solving a problem in terms of the actions to execute and the order in which to execute them.
Array is a data structure consisting of a consecutive group of memory locations that share the same type.
Asset—is a part of an IT infrastructure that has value.
Backbone—in terms of hierarchical networks, the backbone represents the ’final route’ from which no ‘overflow’ is permitted.
Bandwidth–the maximum rate of data transfer across a given path. It measures the amount of data that can travel over a connection at one time. The greater the bandwidth, the more data that can be delivered.
Baselining—monitoring resources to determine typical utilization patterns so that significant deviations can be detected.
BSS–Business Support System
CDN–Content Delivery Network
Cloud–generally cloud refers to the on-demand delivery of computing resources including storage space, processing power, and bandwidth. (See here for more about the cloud.)
CMS–Cloud Management System
COTS–Commercial Off-The-Shelf
Colocation—a useful analogy to explain colocation (or colo) is when a business leases a plot of land with utilities (water, electricity, connectivity and physical security) but is free to build whatever it likes on the land.
CSIRT (Computer Security Incident Response Team)—a capability set up for the purpose of assisting in responding to computer security-related incidents; also called a CIRT (Computer Incident Response Team), or a CIRC (Computer Incident Response Center, Computer Incident Response Capability).
CSP—Cloud Service Provider
Cyberattack—any type of offensive maneuver employed by individuals or whole organizations that targets computer information systems, computer infrastructures, computer networks and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system.
Data are a set of values of qualitative or quantitative variables about one or more persons or objects, while a datum (singular of data) is a single value of a single variable.
Data centers are these vast, huge, sometimes-sprawling buildings dedicated to holding the back-end computer systems, machinery and associated components needed to help run what we consumers know of as “the internet”. In a way these data centers are “the cloud” that we think of when we say our info is “stored out there…in the cloud”, and these data centers can use as much electricity as a small town. (See here for more about data centers.)
Data structure–a collection of related data items ( Ex’s: arrays, lists, queues, stacks, trees).
Declaration is a statement that gives a name to an object.
Definition–a definition is a statement that introduces a new name into a program and sets aside memory for a variable. Definition is a declaration that sets aside memory for an object.
DHCP–Dynamic Host Configuration Protocol
E2E–End-to-End
EM–Element Management
Edge computing—Edge computing is at it’s essence cloud principles applied at the network edge close to the user. Edge can be considered the convergence of IT and telecom (including mobile) networking. It allows network operators to open up their networks to new opportunities and value chains. (See here for more about edge computing.)
EMS–Element Management System
EPC–Evolved Packet Core
Event—any observable occurrence in a network or system. (Ex: a user connecting to a file share; a server receiving a request for a webpage; a user sending an email; a firewall blocking a connection attempt.) An adverse event is an even with a negative consequence.
False Positive—an alert that incorrectly indicates that malicious activity is occurring.
GW–Gateway
Gateway—devices that switch packets between different physical networks. (For many the router is the gateway.)
IT–Information Technology
Incident—a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.
Incident Response (Handling)—the mitigation of violations of security policies and recommended practices.
Incident Response Plan—a set of documents and procedures that specify policies and essential personnel roles to deal with an attack or system failure.
Indicator—a sign that an incident may have occurred or may be currently occurring.
Intrusion Detection and Prevention System (IDPS)—software that automates the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents and attempting to stop detected possible incidents.
LAN–Local Area Network
Latency (thing lag)–a measurement of how long it takes for a data packet to travel from its origin point to its destination. Note: [While the type of connection is a key consideration (fiber optic cables transmit data much faster than conventional copper, for example), distance remains one of the key factors in determining latency. That’s because data is still constrained by the laws of physics and cannot exceed the speed of light (although some connections have approached it). No matter how fast a connection may be, the data must still physically travel that distance, which takes time. via here]
Library–a grouping of variables and functions that someone else has written and verified. A standard library contains reusable classes & functions that help programmers create portable programs!
Long–haul optics refers to the transmission of visible light signals over optical fiber cable for great distances, especially without or with minimal use of repeaters.
Malware—a virus, worm, Trojan horse, or other code-based malicious entity that successfully infects a host.
Merkle Tree Structure–a way to compress a lot of data and also sort through that data.
MME–Mobility Management Entity
NAS–Network Attached Storage
NAT–Network Address Translation
NF–Network Function
NFV–Network Functions Virtualization
NFVI–NFV Infrastructure
NFVI-PoP–NFV Infrastructure Point of Presence
NMS–Network Management System
Network redundancy is a duplicated infrastructure where additional or alternate instances of network devices and connections are installed to ensure an alternate path in case of a failure on the primary service. This method can help keep data online and available in case of a network device failure or if the main path of communication goes down.
Object is some memory that holds a value of a given type.
OS–Operating System
OSS–Operations Support System
PCIe (Peripheral Component Interconnect Express) is a high-speed serial computer expansion bus standard; the common motherboard interface for P.C.’s graphics cards, HDD host adapters, SSDs, Wi-Fi, and Ethernet hardware connections.
PGW–Packet Data Network Gateway
PNF–Physical Network Function
A (POP) Point of Presence is a location where internet networks exchange traffic.
A (PDU) power distribution unit distributes reliable network power to multiple devices.
Precursor—a sign that an attacker may be preparing to cause an incident.
Profiling—measuring the characteristics of expected activity so that changes to it can be more easily identified.
Program Control–Specifying the order in which statements execute in a program.
Pseudocode helps us think out a program before writing it in a programming language.
RGW–Residential Gateway
Risk—the probability of a threat actor taking advantage of a vulnerability by using a threat against an IT system asset. Risk is a concept that indicates exposure to the possibility of damage and/or loss, and signifies the likelihood of a hazard or dangerous threat.
RJ—registered jack; a standardized telecommunication network interface for connecting voice and data equipment to a service provided by a local exchange carrier or long distance carrier.
Routers—all routers examine packets and then send them to the proper destination.
Routing—deciding which gateway to use.
Routing Table—tells the router exactly where to send the packets. The Routing Table is KEY to understanding and controlling the process of sending packets to their proper destination.
SCADA—Supervisory Control And Data Acquisition
SDO–Standards Development Organization
SGW–Serving Gateway
Signature—a recognizable, distinguishing pattern associated with an attack, such as a binary string in a virus or a particular set of keystrokes used to gain unauthorized access to a system.
Social Engineering—the art & skill of breaking in through human connection; an attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks.
Spoofing refers to transmission of packets that are modified to make them appear as if they originate from somewhere other than their true source.
Threat—the potential source of an adverse event; any event or action that could potentially cause damage to an asset.
Threat actor—can hurt stuff; can initiate a negative event. Threat actors can be: hacktivists, script kiddies, insiders, competitors, organized crime and/or nation states/APTs.
Throughput measures how much data can be processed at once by different points in a network.
Topology—the interconnection pattern of nodes on a network.
TTTP–Terrorist Tactics Techniques & Procedures
Type defines a set of possible values and a set of operations (for an object).
UML (Unified Modeling Language)–an industry standard for modeling software systems.
Uninterruptible power supply/source (UPS) is an electrical apparatus that provides emergency power to a load when the input power source or main power fails.
Value–the representation of some entity that can be manipulated by a program. The members of a ‘type‘ are the values of that type. Value is a set of bits in memory interpreted according to a type.
Variable is a named object.
VLAN–Virtual Local Area Network
VM–Virtual Machine
VNF–Virtualised Network Function
VNF-FG–VNF Forwarding Graph
VPLS–Virtual Private LAN Service
Vulnerability—a weakness in a system, application, or network that is subject to exploitation or misuse, by a threat actor, such as an attacker, to cross privilege boundaries (i.e. perform unauthorized actions). (i.e.—any condition that leaves a device open to harm.)
WAN—A wide area network (WAN) is a telecommunications network that extends over a large geographic area for the primary purpose of computer networking.
Wiper—malware that intentionally deletes files on a computer and causes it to become unbootable. Unlike ransomware attacks, destructive wiper attacks are not used to generate revenue for the attackers. Instead, their goal is to cause chaos for an organization or to distract admins while another attack is taking place.
Zero Trust—Trust nothing, verify everything.