Pin Me

Common Security Terms Dictionary: Q to R

written by: •edited by: Bill Bunter•updated: 7/22/2010

If you’re new the computing world, all of the acronyms, nomenclature, and strange terms can become a little intimidating. It’s my hope that this dictionary series will help you absorb this information and shed some light on the world of “techno babble.”

  • slide 1 of 1

    Q - R



    Often used in reference to a virus or malicious software application that has been detected by an antivirus program. For example, file(s) deemed malicious in nature or possible altered/damaged by a virus would automatically be quarantined for deletion or restoration as the case may be.


    A request for information. A query can be sent from any number of network devices or software applications. A query usually requests specific types of information such as the status level of a network port or a set of data from a database.


    Regression Analysis

    A series of tests comprised of mock data used to analyze a software application. This assists developers by enabling them to plan for all possible scenarios of data input. This process can help detect bugs and security vulnerabilities early on in the course of software development.

    Regression Testing

    Although similar to regression analysis, regression testing has a distinct purpose. The purpose is to thoroughly test patches or updates made to an existing application to ensure that additional security issues are not introduced by the intended fix.

    Risk Assessment

    A vitally important part of information security analysis. The product of a risk assessment is usually a report that reveals vulnerabilities, estimated costs due to exploitation of those vulnerabilities, and the cost of fixing or preventing these vulnerabilities. Essentially it is an educated guess of what would happen during a worst-case-scenario. A risk assessment should be the first step in the network hardening process.

    Role Based Access Control

    A process by which individual users or groups of users are assigned specific security roles. These roles determine which systems these users can have access to and the extent of that access. Role based access control is an excellent way to properly structure and organize the security architecture of a network.


    A set of programs or utilities that “camouflage” their existence, enabling them to run undetected at the root of a system (i.e. registry of a PC). As the name implies, it can potentially give an attacker root access to a system which translates to total control.