Secure Shell (SSH)
A remote security protocol for establishing client/server sessions. It uses an encryption method to keep the session secure (i.e. in a protected shell), allowing access to various applications and services.
Secure Socket Layer (SSL)
A security protocol used to transfer encrypted data across the internet. It is often used for the transmission of sensitive data such as credit card information and other personal information such as date of birth or social security number. A web page using SSL protocol will usually trigger the web browser to display a padlock icon (in the locked position) at the bottom of the browser window.
According to the National Telecommunications and Information Administration (part of the U.S. Department of Commerce), sensitive information can be defined as, “Information, the loss, or misuse, or unauthorized access to or modification of which could adversely affect the national interest or the conduct of federal programs, or the privacy to which individuals are entitled to under 5 U.S.C. Section 552a (the Privacy Act), but has not been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept secret in the interest of national defense or foreign policy.”
This is very broad in terms of what it encompasses and includes commonly referenced information such as social security numbers, date of birth, bank account numbers, credit card numbers, etc. The Privacy Act of 1974 referenced in the above definition can be read in its entirety at the following URL: https://www.usdoj.gov/oip/privstat.htm.
In the realm of data encryption, a session key is a temporary code used briefly during a communication session between a client and a host (read that as server). The key helps to “regulate” the session ensuring encryption integrity.
A sniffer is another word for a LAN analyzer. It “sniffs” network interfaces for certain types of data traffic patterns to be analyzed.
Simple Network Management Protocol (SNMP)
SNMP is the protocol that defines how a network should be managed and organized. It pertains to how the network hardware, software, and various network protocols interact with one another and assists with monitoring these communications.
Another type of “attack” with the purpose of fooling a user into giving up sensitive information. A social engineer will usually try to coax, persuade, manipulate, or even threaten an individual into divulging sensitive information. This is usually considered a very low-tech method for gaining access to such information as it usually occurs over the phone or in person (hence the word social in the term).
A method by which the identity of a sender or requestor is manipulated to appear as originating from a trustworthy source. See email spoofing.
This post is part of the series: Common Security Terms Dictionary
If you’re new the computing world, all of the acronyms, nomenclature, and strange terms can become a little intimidating. It’s my hope that this dictionary series will help you absorb this information and shed some light on the world of “techno-babble.”
- Common Security Terms Dictionary: A to B
- Common Security Terms Dictionary: C to D
- Common Security Terms Dictionary: E to F
- Common Security Terms Dictionary: G to H
- Common Security Terms Dictionary: I to K
- Common Security Terms Dictionary: L to M
- Common Security Terms Dictionary: N to O
- Common Security Terms Dictionary: P
- Common Security Terms Dictionary: Q to R
- Common Security Terms Dictionary: S
- Common Security Terms Dictionary: T
- Common Security Terms Dictionary: U - V
- Common Security Terms Dictionary: W - Z