Security Terms Glossary
To find more Security Terms that are not listed here, go directly to the Norton glossary.
Software that displays advertising content on your computer. Like its cousin spyware, some adware runs with your full knowledge and consent, some doesn't. More often an annoyance than a security risk, adware may also monitor browsing activities and relay that information to someone else over the Internet.
An extra copy of computer files, usually kept physically separate from the originals. Essential for recovery when original files are damaged or lost.
An attack combining a number of traditional attack methods, like a worm, a Trojan horse, and a keylogger. Most require a combination of security tools and protection layers to defend.
Bot or Web bot
Derived from "robot." An automated program, such as a Web crawler, that performs or simulates human actions on the Internet. Used for legitimate purposes by search engines, instant message (IM) programs, and other Internet services. Web bot can also be used to take control of computers, launch attacks, and compromise data; may act as part of a blended threat.
Botnet or zombie armies
A group of computers that have been compromised and brought under the control of an individual. The individual uses malware installed on the compromised computers to launch denial-of-service attacks, send spam, or perpetrate other malicious acts.
In public key cryptography, a trusted third party who authenticates entities and their public keys. To do so, certificate authorities issue digital certificates, which validate that a public key belongs to the person whose digital signature is listed on the certificate.
A small text file placed on your computer when you visit a Web page. Used to remember you or your preferences when you revisit that page or to track your browsing activities, cookies facilitate virtual shopping carts, page customisation, and targeted advertising. They are not programs and cannot read your hard drive or cause damage to your computer.
Also called public key certificate or identity certificate. In public key cryptography, validates that a public key is owned by the entity sending encrypted or digitally signed data with that key. Digital certificates are issued by a certificate authority and contain the sender's public key plus a digital signature verifying that the certificate is authentic and that the key belongs to the sender.
Used in public key cryptography to validate the integrity of encrypted data and to confirm both the identity of a digital certificate holder and the authenticity of the certificate itself.
Domain spoofing or Domain hijacking
Manipulation of the domain name system to associate a legitimate Web address with an imposter or otherwise malicious website. Used to perpetrate phishing and other types of attack, the user is sent to the imposter website with little or no warning.
A security method that makes information unreadable to anyone who doesn't have a key to decipher it; commonly used to secure online purchases and other transactions. When a website indicates it's "secure," that usually means the data you send and receive is encrypted.
A hardware or software device, or both, that controls network access and communications between a network and the Internet, or between one part of a network and another.
Software that controls access and communications between a computer and the Internet or a local network. Blocks hackers and other unauthorised traffic, while allowing authorised traffic through.
Graphics Interchange Format. An image file format popular on the Internet. GIFs are favored for graphics because they can be compressed without losing image quality. However, GIFs are limited to 256 colors and are therefore unsuitable for digital photos. See also, JPEG.
Commonly, a person who uses programming skills and technical knowledge to gain unauthorized access to computer systems for malicious or criminal purposes. The programming community, however, prefers to use the term "cracker" for such persons; they reserve "hacker" for any well-respected, highly skilled programmer.
Hypertext Markup Language. The principal language used to create and format Web pages. Controls the layout, design, and display of text, hyperlinks, images, and other media on most Web pages.
Hypertext Transfer Protocol. A conventional set of communication rules for controlling how Web browsers and servers pass information back and forth over the Internet.
HTTP conventions for passing information to a server that's secured using encryption and/or authentication measures. The URLs of websites offering secure HTTP connections begin with "https:".
A clickable word, phrase, or image that takes you from one Web page to another Web page, or another resource on the Internet. Hyperlinks are created using HTML tags, and when displayed in a browser, they're typically underlined or set apart by a different color.
Instant Message. A program that allows two or more people to communicate with one another over the Internet in real time. While most IM communications occur as text, some IM programs also offer streaming audio-visual conferencing and file exchange services. IM can also refer to messages sent by instant messaging, or to the act of sending an instant message.
Internet or the Net
A public, worldwide network of computers and computer networks. The World Wide Web, email, instant messaging, chat rooms, and many other online services and data transmissions are facilitated by the Internet.
Internet Protocol address. A unique identifier for each computer or other device on a network, including the Internet. Conceptually similar to a phone number, IP addresses are a string of numbers that allow computers, routers, printers, and other devices to recognize [identify] one another and communicate.
Joint Photographic Experts Group. A popular compressed file format for digital photos. JPEGs are favored on the Web because they can be compressed while maintaining high resolution; many digital cameras create JPEGs by default. The file extension for JPEGs is .jpg or .jpeg. See also, GIF.
Derived from "malicious software." Software designed to do harm by causing damage to systems or data, invading privacy, stealing information, or infiltrating computers without permission. Includes viruses, worms, Trojan horses, some keyloggers, spyware, adware, and bots.
NNetwork or computer network
A group of two or more computers connected by cables or wireless signals or both, which can communicate with one another using network protocols. Networks can also include other devices, including printers, routers, and network hubs.
A hardware device that connects computers to one another on a local network.
An attempt to mislead people into divulging confidential information, such as Social Security numbers and passwords. Phishing typically uses legitimate-looking email or IMs in combination with imposter websites to make fraudulent requests for information (e.g., to go "fishing" for data). See also, social engineering.
An attempt to defraud Internet surfers by hijacking a website's domain name, or URL, and redirecting users to an imposter website where fraudulent requests for information are made.
The process of using backups to restore original data files that have been damaged or are no longer accessible.
Unsolicited email, usually sent in bulk to a large number of random accounts; often contains ads for products or services. Also used in phishing scams and other online fraud. Can be minimized using email filtering software.
Spim or instant spam
Unsolicited instant messages, usually sent in bulk to a large number of IM accounts; often contain marketing materials and links to product Web pages. May also be used in phishing scams or to spread malware.
Software that collects information about your computer and how you use it and relays that information to someone else over the Internet. Spyware ordinarily runs in the background, and in some cases installs itself on your computer without your knowledge or permission.
A malicious program disguised as legitimate software; often gives someone else the power to take remote control of your computer; may also attack data or systems. Unlike viruses and worms, Trojan horses cannot replicate or propagate themselves and therefore must rely on other methods of distribution.
Uniform Resource Locator. A website or Web page's address (e.g., www.symantec.com or www.symantec.com/home_homeoffice/index.html). Browsers use URLs to identify and download Web pages from the Web servers where they're located.
Attempting to masquerade or closely mimic the URL displayed in a Web browser's address bar. Used in phishing attacks and other online scams to make an imposter website appear legitimate, the attacker obscures the actual URL by overlaying a legitimate looking address or by using a similarly spelled URL.
A program that can self-replicate and infect files, programs, and computer systems. Some viruses simply replicate and spread themselves, while others can also damage your computer system and data.
Voice over Internet Protocol. A digital telephone service that facilitates voice transmissions over the Internet or other IP networks.
A file, usually in XML format, containing headlines and summaries of fast-changing Web content, like news stories, podcasts, and blogs. Web feeds provide links to full versions of content for subscription or one-time download; they can also be shared and republished by other websites, creating a sort of online syndication.
A file, usually in HTML format, available for retrieval by a browser on the Web. Web pages can contain text, images, and multimedia resources. They usually include hyperlinks to other Web pages or files, and some contain forms through which you can send information to the page host.
A computer that makes Web pages and other resources available for sharing over the Internet. Using HTTP, Web browsers request pages from Web servers, which then send or download those pages to the requester. Also refers to a program that facilitates a Web server's functions.
Extensible Markup Language. Like HTML, a language Web programmers use to format and present information on the Web. Unlike HTML, it does not have a fixed set of formatting tags; rather, it is a meta-language that gives programmers the flexibility to create their own markup tags and thereby organize and present information in innovative ways.