S/Key
S/KEY is a one-time password system developed for Unix-like operating systems that uses a cryptographic hash function to generate a sequence of 64-bit, one-time passwords for remote user login. S/Key is supported in Linux via Pluggable authentication modules, OpenBSD, NetBSD, and FreeBSD.
S/MIME: Secure/Multipurpose Internet Mail Extensions
Secure Multipurpose Internet Mail (S/MIME), a secure version of MIME, is defined to support encryption of email messages. S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin and privacy and data security. S/MIME can be used by traditional mail user agents (MUAs) to add cryptographic security services to mail that is sent, and to interpret cryptographic security services in mail that is received. However, S/MIME is not restricted to mail; it can be used with any transport mechanism that transports MIME data, such as HTTP.
SACL: System access control list
System access control list (SACL) is a type of access control list (ACL) used for auditing securable objects.
Sacrificial lamb
Sacrificial lamb refers to a server placed outside the firewall with the expectation that it may become compromised.
Sadmind
Sadmind is a worm that compromises one platform to attack another.
SAFE Architecture
SAFE Architecture is a network security framework developed by Cisco Systems. SAFE is intended to be a flexible and dynamic blueprint for network security that is based on the Cisco Architecture for Voice, Video, and Integrated Data (AVVID).
Safe Harbor
In literal terms, a safe harbor or safe harbour consists of a protected harbor or haven which provides safety from weather or attack. For information security, because of differences in approaches to the enforcement of privacy in computerized personal data, the US Department of Commerce and the European Commission developed a "safe harbor" framework. US companies that certify to the the safe harbor are assured of EU "adequacy" recognition, and are consequently safe from prosecution by European authorities under the European privacy laws.
Safe Harbor Agreement
Safe Harbor Agreement is an international agreement regarding the transfer of personally identifiable information (PII).
Safe Harbor Principles
Safe Harbor Principles are a series of directives for harmonizing privacy protection practices between the United States and the European Union (EU).
Safety
Safety is the need to ensure that the people involved with the company, including employees, customers, and visitors, are protected from harm.
SAINT: Security Administrator’s Integrated Network Tool
Security Administrator’s Integrated Network Tool (SAINT) is a tool for assessing the security of a network. SAINT can scan network vulnerability for security flaws and prepare reports detailing the extent and seriousness of these weaknesses, as well as providing links to fixes and recommended security procedures. While SAINT was originally developed for UNIX based systems, it has recently been ported to other OS such as Mac OS X.
Salt
In password protection, salt is a random string of data used to modify a password hash. Salt can be added to the hash to prevent a collision by uniquely identifying a user's password, even if another user in the system has selected the same password. Salt can also be added to make it more difficult for an attacker to break into a system by using password hash-matching strategies because adding salt to a password hash prevents an attacker from testing known dictionary words across the entire system.
Sam Spade
Sam Spade is a site for tracking down spammers and a set of tools for the same purpose.
SAM: Security Accounts Manager
Security Accounts Manager (SAM) is the database of local user accounts on Microsoft Windows NT or later.
SAML: Security Assertion Markup Language
Security Assertion Markup Language(SAML) is an Extensible Markup Language (XML) standard that allows a user to log on once for affiliated but separate Web sites. SAML is designed for business-to-business (B2B) and business-to-consumer (B2C) transactions.
Sandbox
Sandbox is a testing environment used by many program systems with limited access and resources usage. It is a protective mechanism used by some programming environments to test additons of pre-launched codes or to-be published contents.
Sanitized name
Sanitized name is a standard format for certificate authority (CA) names.
SANS Top Ten List
SANS Top Ten List refers to the Top 10 Most Critical Internet Security Threats published by SANS Institude regularly.
SANS Institute
SANS Institute is a cooperative research and education organization devoted to information security research, certification, and education.
SARA: Security Auditor’s Research Assistant
Security Auditor’s Research Assistant (SARA) is a tool for auditing the security of a network.
SAS: Secure attention sequence
Secure attention sequence (SAS) is a special sequence of events that enables a user to log on or off a computer running Microsoft Windows NT or later.
SATAN: System Administrator Tool for Analyzing Networks
System Administrator Tool for Analyzing Networks (SATAN) is a tool for identifying vulnerabilities in networks.
SB-1386
SB-1386 is the California Security Breach Information Act, a California state law requiring organizations to maintain personal information about individuals to inform those individuals if the security of their information is compromised. The Act stipulates that if there's a security breach of a database containing personal data, the responsible organization must notify each individual for whom it maintained information.
SCA: Subordinate Certification Authority
Subordinate Certification Authority (SCA) is a CA whose public-key certificate is issued by another (superior) CA.
Scan
Scan, also known as port scan, is a nonintrusive analysis technique that identifies the open ports found on each live network device and collects the associated port banners found as each port is scanned. Each port banner is compared against a table of rules to identify the network device, its operating system, and all potential vulnerabilities.
Scanning
Scanning, also known as port scanning, is a method for determining which ports are "listening" (open) on a target system or network to collect the associated port banners found as each port is scanned. Each port banner is compared against a table of rules to identify the network device, its operating system, and all potential vulnerabilities.
Scavenging
In the context of information security, scavenging is the act of unauthorized persons to search through data residue in a system to gain unauthorized knowledge of sensitive data.
SCR: Screen Saver Files
Screen Saver Files (SCR) can be execited with or without user's attention and are often infected with viruses. Popular screen savers are often exchanged via email or downloaded from the Web, often without the same level of caution that would be afforded to an EXE or COM file.
Screened subnet
Screened subnet, also known as demilitarized zone (DMZ), is an isolated network segment at the point where a corporate network meets the Internet.
Screening router
Screening router, also known as packet-filtering router, is a router that blocks packets based on a list of predetermined rules.
Script Kiddie(or Kiddy)
Script kiddie (or Kiddy) is originated by the more sophisticated crackers of computer security systems, for the more immature, but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddy uses existing and frequently well-known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet - often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.
Script Vulnerability
Scripts and Web applications may contain many coding problems such as logic bombs. Especially those scripts downloaded from the Internet are susceptible to problems (intentionally or unintentionally) such as Trojans, backdoors or other malicious code. All those problems are called script vulnerabilities.
Scunthorpe Test
The Scunthorpe Test summarizes the difficulty facing content security designers and content security users. There are many other words that pose similar problems.
SD Card: Secure Digital Card
Secure Digital Card (SD Card) is a stamp sized flash memory card designed to provide high security and high-capacity memory. SD cards are used in many small portable devices such as digital music players, cellular phones, handheld PCs (HPCs), digital cameras, digital video camcorders, smart phones, car navigation systems and electronic books.
Seat Management
Seat management is a method of coordinating all the workstations in an enterprise network by overseeing the installation, operation, and maintenance of hardware and software at each workstation. This can greatly reduce the overall cost of operation compared with unmanaged systems and sometimes improve overall performance.
Sechole
Sechole is a Trojan that exploited an elevation of privileges (EoP) vulnerability in Microsoft Windows NT.
Secondary data uses
Secondary data uses refers to using personally identifiable information (PII) for purposes other than why it was collected.
Secondary logon
Secondary logon, also known as Runas command, is a Microsoft Windows command that allows a user to run an application using different credentials from those used for the current logon session.
Secret Key
In cryptography, a private or secret key is an encryption/decryption key known only to the party or parties that exchange secret messages. In traditional secret key cryptography, a key would be shared by the communicators so that each could encrypt and decrypt messages. The risk in this system is that if either party loses the key or it is stolen, the system is broken.
Secret Key Algorithm
A secret key algorithm, sometimes called a symmetric key algorithm, is a cryptographic algorithm that uses the same key to encrypt and decrypt data. The best known algorithm is the U.S. Department of Defense's Data Encryption Standard (DES). 3DES is relacing DES as the algorithm for better security.
Secret Key Encryption
Secret key encryption, also known as Symmetric key encryption, is encryption based on a shared secret between the parties communicating. In the secret key encryption process, information is encrypted and decrypted using the same key as described in the secret key algorithm.
Secure State
Secure State is a system condition in which no subject can access any object in an unauthorized manner.
SecurID Token System
SecurID Token system, introduced by RSA, is a popular form of two factor authentication that involves a small hand-held card distributed to users (Token), client software for a variety of systems and server software for centralized authentication and management. The card generates a stream of apparently unrelated numbers of fixed length (referred to as cardcodes). The client software consists of a modification to a host's authentication system so that it can communicate with an ACE/Server. The server is comprised of a daemon, a database, and software to administer both.
Security Association
Security Association(SA) is an instance of security policy and keying material applied to a data flow. Both IKE and IPSec use SAs, although SAs are independent of one another. IPSec SAs are unidirectional and are unique in each security protocol. An IKE SA is used by IKE only, and unlike the IPSec SA, it is bidirectional. IKE negotiates and establishes SAs on behalf of IPSec. A user also can establish IPSec SAs manually. For example, if you have a pipe that supports ESP between peers, one ESP SA is required for each direction. SAs are identified uniquely by destination (IPSec endpoint) address, security protocol (AH or ESP), and security parameter index (SPI).
Security Audit
Security audit is a systematic evaluation of the security of a company's information system by measuring how well it conforms to a set of established policies. A thorough audit typically assesses the security of the system's physical configuration and environment, software, information handling processes, and user practices.
Security Clearance
Security clearance is an authorization that allows access to information that would otherwise be forbidden. Security clearances are commonly used in industry and government. Many jobs in information technology require security clearances.
Security Management
Security Management is one of five categories of network management defined by ISO for the management of OSI networks. Security management subsystems are responsible for controlling access to network resources.
Security Policy
Security Policy is a set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.
Security Token
A security token, also called an authentication token, is a small hardware device that the owner carries to authorize access to a network service. The device may be in the form of a smart card or may be embedded in a commonly used object such as a key fob.
Security Configuration and Analysis
Security Configuration and Analysis is a tool for managing security settings on machines running Microsoft Windows 2000 or later.
Security context
Security context refers to the security attributes or rules currently in effect in a system.
Security descriptor
Security descriptor is a data structure containing security information for a securable object.
Security log
Security log is an event log on platforms used for auditing security events.
Security principal
Security principal is an entity that can be authenticated by a security subsystem. There are three different types of principals: User principals, Machine principals and Service principals.
Security rollup package
Security rollup package, often simply called a rollup, is a cumulative set of hot-fixes that can be applied in a single step.
Security template
Security template is a collection of settings defining security policy for a computer. In Microsoft Windows 2000 and later, security template is used.
Security zone
Security zone is a security feature implemented by Microsoft Internet Explorer for safer browsing.
Security+ Certification
Security+ Certification refers to the CompTIA certification tests for security knowledge mastery of an individual with networking experience, with emphasis on security. The exam covers industry-wide topics, including communication security, infrastructure security, cryptography, access control, authentication, external attack and operational and organization security.
Sender ID
Sender ID is Microsoft's proposed e-mail sender authentication protocol designed to protect against domain spoofing and phishing exploits. The Sender ID Framework, as Microsoft calls it, comprises three separate specifications: Sender Policy Framework (SPF), Caller ID for e-mail, and Submitter Optimization.
SendIP
SendIP is a free commandline tool for sending arbitrary Internet Protocol (IP) packets. SendIP has a large number of command line options to specify the content of every header of a NTP, BGP, RIP, RIPng, TCP, UDP, ICMP or raw IPv4 and IPv6 packet. It also allows any data to be added to the packet.
Sensitive Information
Sensitive Information, as defined by the federal government, is any unclassified information that, if compromised, could adversely affect the national interest or conduct of federal initiatives. Any organizations or individuals may have their own private information that would not be shared with un-authorized person nor the public.
Sensitive data
Sensitive data refers to the personally identifiable information (PII) that is protected in special ways by law or policy.
Separation of Duties
Separation of duties is the principle of splitting privileges among multiple individuals or systems.
Serpent
Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard contest, where it came second to Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen. Serpent has a block size of 128 bits and supports a key size of 128, 192 or 256 bits. The cipher is a 32-round substitution-permutation network operating on a block of four 32-bit words.
Server Accelerator Card
Server accelerator card (also known as SSL card) is a Peripheral Component Interconnect (PCI) card used to generate encryption keys for secure transactions on e-commerce Web sites. When a secure transaction is initiated, the Web site's server sends its certificate, which has been provided by a certifying authority, to the client machine to verify the Web site's authenticity.
Server certificate
Server certificate is a digital certificate installed on a server and is issued by a Certificate Authority (CA). Server certificate is used by web browser to authenticate the server before sending sensitive information.
Service account
Service account is an account used as a security context for running a service.
Service Packs
Service packs, issued by vendors to address computer software compatibility and functional problems, are accumulated set of updates or hotfixes. Service packs are usually tested over a wide range of hardware and applications in an attempt to assure compatibility with existing paches and updates.
Session
A session is a virtual connection between two hosts by which network traffic is passed.
Session Hijacking
Session Hijacking means taking over a session that someone else has established. With this attack, the hacker can listen to the information between the two parties and also be able to change information betwenn them.
Session Key
In the context of symmetric encryption, Session Key is a key that is temporary or is used for a relatively short period of time. Usually, a session key is used for a defined period of communication between two computers, such as for the duration of a single connection or transaction set, or the key is used in an application that protects relatively large amounts of data and, therefore, needs to be re-keyed frequently.
SET: Secure Electronic Transaction
Secure Electronic Transaction (SET) is a protocol developed to ensure the security of financial transactions on the Internet. It was supported initially by Mastercard, Visa, Microsoft, Netscape, and others. With SET, a user is given an electronic wallet (digital certificate) and a transaction is conducted and verified using a combination of digital certificates and digital signatures among the purchaser, a merchant, and the purchaser's bank in a way that ensures privacy and confidentiality.
S-FTP, or Secure FTP, S/FTP
Secure FTP (S-FTP or S/FTP) is the enhanced version of the File Transfer Protocol (FTP) with security features. Mainly, S-FTP adds encryption to the FTP contents which is send in clear text in the original FTP version. S-FTP is available on almost all operating systems including Windows, Unix, Macintosh.
SGC: Server-gated cryptography
Server-gated cryptography is an extension of Secure Sockets Layer (SSL), that offers financial institutions a solution for worldwide financial transactions using 128-bit encryption. SGC does not require an application to run on the client browser and will allow export clients to connect with 128-bit strength.
SHA or SHA-1: Secure Hash Algorithm
The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions. The most commonly-used function in the family, SHA-1, is employed in a large variety of popular security applications and protocols, including TLS, SSL, PGP, SSH, S/MIME, and IPSec. SHA-1 is considered to be the successor to MD5, an earlier, widely-used hash function. The SHA algorithms were designed by the National Security Agency (NSA) and published as a US government standard.
SHA-2
SHA-2 is an umbrella designation for variants of the Secure Hash Algorithm-1 (SHA-1).
Shadow Password File
In the Linux operating system, a shadow password file is a system file in which encryption user passwords are stored so that they aren't available to people who try to break into the system. Ordinarily, user information, including passwords, is kept in a system file called /etc/passwd.
Shadow Passwords
The process of shadowing passwords is used to increase the security level of passwords on Unix systems. On most Unix systems, users' passwords are stored in a file to which every user has read/write access. It is relatively easy for a hacker to obtain a copy of this file and, by using one of a number of commonly available tools, to decode the encrypted user passwords stored within it.
Share
Share in networking means a resource made public on a machine, such as a directory (file share) or printer (printer share).
Shared secret
Shared secret, also known as a secret key, is a key used in secret key encryption.
Share-level security
Share-level security refers to protecting shared resources using only a password.
Sheep
The paper, "Sheep, Goats, Lambs and Wolves - An Analysis of Individual Differences in Speaker Recognition Performance" used a menagerie analogy to explain the differences in speech recognition. Sheep were speakers whose voice patterns were easily accepted by the system
Sheep Dipping or Sheepdip
In computers, a sheepdip (or, variously, sheep dipping or a footbath) is the checking of media, usually diskettes or CD-ROMs, for viruses before they are used in a computer or network. A sheepdip computer is used only for virus-checking. The computer makes use of one or two antivirus programs that are kept current on a daily basis.
Shell
Shell is a Unix term for the interactive user interface with an operating system. The shell is the layer of programming that understands and executes the commands a user enters. In some systems, the shell is called a command interpreter. A shell usually implies an interface with a command syntax (think of the DOS operating system and its "C:>" prompts and user commands such as "dir" and "edit").
Shoulder Surfing
Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone.
ShowAcls
ShowAcls is a Windows 2000 Resource Kit tool for displaying NTFS permissions.
ShowPriv
ShowPriv is a Windows 2000 Resource Kit tool for displaying privileges granted to users and groups.
SHS: Secure Hash Standard
Secure Hash Standard (SHS) is the Federal Information Processing Standard (FIPS) defining the Secure Hash Algorithm-1 (SHA-1).
S-HTTP: Secure HTTP
Secure HTTP (S-HTTP), an extension to the Hypertext Transfer Protocol (HTTP), is a secure message-oriented communications protocol designed for use in conjunction with HTTP. S-HTTP is designed to coexist with HTTP's messaging model and to be easily integrated with HTTP applications. S-HTTP allows the secure exchange of files on the World Wide Web. Each S-HTTP file is either encrypted, contains a digital certificate, or both. S-HTTP is an alternative to another well-known security protocol, Secure Sockets Layer (SSL).
S-HTTP , or Secure HTTP, S/HTTP
S-HTTP (Secure HTTP) is an extension to the Hypertext Transfer Protocol (HTTP) that allows the secure exchange of files on the World Wide Web. Each S-HTTP file is either encrypted, contains a digital certificate, or both. For a given document, S-HTTP is an alternative to another well-known security protocol, Secure Sockets Layer (SSL).
SID: Security Identifier (ID)
In Windows NT and 2000 operating systems, the security identifier (SID) is a unique alphanumeric character string that identifies each operating system and each user in a network of NT/2000 systems.
Sid2user
Sid2user is a tool for obtaining the user name associated with a security identifier (SID).
Signals Analysis
Signals Analysis means gaining indirect knowledge of communicated data by monitoring and analyzing a signal that is emitted by a system and that contains the data but is not intended to communicate the data.
Signature
A signature in the information security context is a distinct pattern in network traffic that can be identified with a specific tool or exploit. Many security technologies, such as Intrusion Detection System, Anti-virus and Anti-spyware, are based on matching traffic contents with known signature patterns to detect harmful contents or behavior.
Signature Detection
Signature detection is a technique often used in the Intrusion Detection System (IDS) and many anti-malware systems such as anti-virus and anti-spyware etc. In the signature detection process, network or system information is scanned against a known attack or malware signature database. If match found, an alert takes place for further actions.
Simple Integrity Property
Simple Integrity Property means that a user cannot write data to a higher integrity level than their own.
Simple Security Property
In Simple Security Property, a user cannot read data of a higher classification than their own.
Sircam
Sircam is a notorious mass-mailer worm.
Site certificate
Site certificate, also known as server certificates, is a certificate authority (CA) certificate for the purpose of authenticate a server when a client communicates with the server using web browser or other means.
Six/Four
Six/Four refers to a technology for circumventing attempts to censor traffic on the Internet. The Six/Four System is a flexible framework consisting of a formally specified Peer-To-Peer protocol. This protocol is best described as a trust-enhanced anonymous tunneling protocol, and meant to provide people with anonymous, secure access to public network. Six/Four combines peer-to-peer technologies with virtual private networking and the "open proxy" method for masking online identities to provide ultra-anonymous Internet access.
Skipjack
Skipjack was originally a NSA classified 64-bit block cipher with a key size of 80 bits. At first, it was only available as a hardware implementation within the Clipper chip. It was intended to be used in conjunction with a protocol called the Key Exchange Algorithm which would then allow law enforcement agencies to decrypt the data.
Slag Code
In a computer program, slag code (also called logic bomb) is a programming code, inserted surreptitiously or intentionally, that is designed to execute (or "explode") under circumstances such as the lapse of a certain amount of time or the failure of a a program user to respond to a program command. It is in effect a delayed-action computer virus or Trojan horse.
Slammer
Slammer is a notorious worm that affected Microsoft SQL Server.
Slashdot Effect
Slashdot Effect refers to a denial of service (DoS) condition that results when too much interest is generated concerning a Web site.
Smart Card
A smart card, or smartcard, is a plastic card about the size of a credit card, with an embedded microchip or magnetc strip that can be loaded with data, used for telephone calling, electronic cash payments, and other applications, and then periodically refreshed for additional use.
Smart Home or Building
A smart home or building is a home or building that is equipped with specially structured wiring to enable occupants to remotely control or program an array of automated home electronic devices by entering a single command. For example, a homeowner on vacation can use a Touchtone phone to arm a home security system, control temperature gauges, switch appliances on or off, control lighting, program a home theater or entertainment system, and perform many other tasks.
SMB signing
SMB signing is a secure version of Server Message Block (SMB) protocol.
SMBRelay
SMBRelay is a backdoor Trojan exploiting Server Message Block (SMB) protocol. SMBrelay receives a connection on port 139, connects back to the connecting computer's port 139, and relays the packets between the client and server of the connecting Windows machine, making modifications to these packets when necessary.
S-MIME, or Secure MIME, S/MIME
Secure MIME (S-MIME or S/MIME) is the enhanced version of the MIME, an email transmission protocol, with security features. Basically, S-MIME examines the headers of the emails to decide how data encryption and digital certificates should be handled. Email messages maybe encrypted using a symmetric cipher such as DES, 3DES and RC2. A public key algorithm is used for key exchange and digital signatures.
SMS Spam
SMS spam, also known as cell phone spam or mobile phone spam, is any junk message delivered to a mobile phone as text messaging through the Short Message Service (SMS).
Smurf
Smurf is a type of attack which works by spoofing the target address and sending a ping to the broadcast address for a remote network, which results in a large amount of ping replies being sent to the target.
Smurf Attack or Smurfing
Smurfing, also known as smurf attach, is the attacking of a network by exploiting Internet Protocol (IP) broadcast addressing and certain other aspects of Internet operation. Smurfing uses a program called Smurf and similar programs to cause the attacked part of a network to become inoperable. The exploit of smurfing, as it has come to be known, takes advantage of certain known characteristics of the Internet Protocol (IP) and the Internet Control Message Protocol (ICMP).
Snake Oil
In security, snake oil is a name for the exaggerated claims made by vendors. Cryptography experts have compared the exaggerated claims made by some vendors to the claims made by medicine show pitchmen in mid-19th century America, who bragged of secret ingredients much as today's marketers brag of secret proprietary algorithms.
Snarf Attack
The Snarf attack, also called bluesnarfing, is a Bluetooth-enabled hacking technique that allows hackers to access another Bluetooth device without the victim's knowledge. This attack raises obvious concerns, similar to Bluejacking where the attack gains access to the victims phone book, missed, received or dialled contacts. It is also possible for the attacker to use the phones commands through their own phone.
Sniffer
Sniffer, a product originally created and trade-marked by Network General, is basically a program and/or device that monitors data traveling over a network. Sniffers can be used both for legitimate network management functions and for stealing information off a network. Network operations and maintenance personnel use a Sniffer to monitor network traffic, analyze packets, watch network resource utilization, conduct forensic analysis of network security breaches and troubleshoot network problems. Unauthorized Sniffers can be extremely dangerous to a network's security because they are virtually impossible to detect and can be inserted almost anywhere. This makes them a favorite weapon in the hacker's arsenal.
Sniffer Keystroke Logger
A sniffer keystroke logger, sometimes called a keylogger or a system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard. As a hardware device, a keystroke logger is a small battery-sized plug that serves as a connector between the user's keyboard and computer. Because the device resembles an ordinary keyboard plug, it is relatively easy for someone who wants to monitor a user's behavior to physically hide such a device "in plain sight."
Sniffing
Sniffing is a common method used to capture network traffic. A computer connected to a network through "promiscuous mode", listening to every bit of traffic that goes by on the network and captures all the data. Normally a computer's network connection ignores traffic that is not addressed to it, but with sniffing software the computer will pick up everything. This is an easy way to pick up clear text passwords,and e-mail programs frequently use clear text passwords.
SNMP Attack
Most network devices support SNMP because it is active by default. An SNMP Attack can result in the network being mapped, and traffic can be monitored and redirected.The best defense against this attack is upgrading to SNMP3, which encrypts passwords and messages. Since SNMP resides on almost all network devices, routers, hubs, switches, Servers andprinters, the task of upgrading is huge. Some vendors now offer a SNMP Management tool that includes upgrade distribution for global networks.
SNMP: Simple Network Management Protocol
Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP.
Snoop Server
A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis. Used to identify security risks and/or to monitor employees' activities (such as Web sites visited), a snoop program puts network interfaces into promiscuous mode. Promiscuous mode allows the system to access all the data in each network packet - instead of only routing-related information - including those packets intended for other computers.
Snort
Snort is an open source network intrusion detection system (NIDS) created by Martin Roesch. Snort is a packet sniffer that monitors network traffic in real time, scrutinizing each packet closely to detect a dangerous payload or suspicious anomalies.
Social Engineering
In computer security, social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. Usually social engineering techniques are faster, easier to implement, and require less detailed system knowledge; and are therefore tried before attempting to exploit hardware and software vulnerabilities. An example of social engineering is phishing, when a cracker sends out spam emails trying to gather passwords and other sensitive information.
Socket
A socket represents a single connection between two network applications. Sockets are the combination of IP address plus corresponding TCP/UDP port numbers. Every paired of connected socket has a source IP/port and a destination IP/port. Users of Internet applications are normally aware of all except the local port number, this is allocated when connection is established and is almost entirely arbitrary unlike the well-known port numbers associated with popular applications. In AppleTalk network, socket functions in the same way except the detailed definition is different. Every application that uses AppleTalk Datagram Delivery Protocol (DDP) to transfer data must send or receive that data through a socket. The use of sockets allows DDP to determine for which application a packet is intended.
Socket Pair
Socket Pair is a way to uniquely specify a connection in the TCP/IP network, i.e., source IP address, source port, destination IP address, destination port.
SOCKS
The SOCKS protocol, also known as authenticated firewall traversal (AFT), provides a framework for client-server applications in both the TCP and UDP domains to conveniently and securely use the services of a network firewall. SOCKS enables a proxy server to accept requests from client users in a company's network so that it can forward them across the Internet. SOCKS uses sockets to represent and keep track of individual connections. The client side of SOCKS is built into certain Web browsers and the server side can be added to a proxy server.
Software Piracy
Software piracy refers to the unauthorized duplication and use of computer software. Although some software piracy is done by companies for financial gain, most piracy is done by private individuals who lend discs to friends or copy programs from the workplace to their computers at home. Because computer data is so easy to duplicate, and the use of unauthorized software is so hard to detect, it appears impossible to stop software piracy. In old days, software vendors sell each copy of their software with a dongle – a coded plug that must actually be fitted to the computer for the software to function.
SORM
SORM, in Russia, is the technical means destined to provide for efficient research measures in the networks of the documental telecommunications (NDTC) being arranged as the basis of the Russian Federation legislation. It is meant to provide for technical support of the above research measures in the telecommunications networks which are used for supplying customers with telematic services, data transmission services, and access to the world global information network of the Internet.
SP: Service pack
Service pack(SP), typically a cumulative set of hot-fixes, refers to an update to a software version that fixes an existing problem, or provides enhancements to the product that will appear in the next version of the product. When the new product version is released, it usually contains the fixes and updates from the service pack. Service packs can either be downloaded or ordered directly from the software vendor.
SPA: Security Posture Assessment
Security Posture Assessment(SPA) is a comprehensive security analysis of large-scale, distributed client networks conducted by Cisco Systems engineers.
Source Port
The port that a host uses to connect to a server. There are well know It is usually a number greater than or equal to 1024. It is randomly generated and is different each time a connection is made.
Spam
Spam means doing electronic junk mail or junk newsgroup postings or other electronic communications medium. While its definition is usually limited to indiscriminate bulk mailing without any targeted marketing, the term "spam" can refer to any commercially oriented, unsolicited bulk mailing perceived as being excessive and undesired.
Spamdexing
Spamdexing refers to the unnatural practices, such as placing many identical keywords in a webpage, to trick search engines to force the web page on top of search results. Search companies do not like spamdexing, and once found, they may delist the website from the search engine.
Spanning Port
Spanning port, also known as monitoring port, is a special port in a managed switch that can mirror the traffic of other ports in the same switch. It is often used for network traffic monitoring.
Spanning-Tree Protocol Manipulation
Spanning-Tree Protocol is used in switched networks to prevent the creation of bridging loops in an Ethernet network topology. By attacking the Spanning-Tree Protocol, the network attacker hopes to spoof his or her system as the root bridge in the topology. To do this, the network attacker broadcasts out Spanning-Tree Protocol Configuration/Topology Change Bridge Protocol Data Units (BPDUs) in an attempt to force spanning-tree recalculations. The BPDUs sent out by the network attacker's system announce that the attacking system has a lower bridge priority. If successful, the network attacker can see a variety of frames.
SPAP: Shiva PAP
Shiva PAP (SPAP) is an enhanced version of Password Authentication Protocol(PAP) developed by Shiva Corporation.
Spar
Spar is a free tool for auditing processing accounting on UNIX platforms.
Special identities
Special identities refers to the well-known security principals managed by the operating system instead of administrators.
SPF: Sender Policy Framework
Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby, discouraging spam mailers, who routinely disguise the origin of their e-mail, a practice known as e-mail spoofing. SPF and other anti-spoofing initiatives, such as Domain Keys, work by making it easier for a mail server to determine when a message came from a domain other than the one claimed.
SPI: Security Parameter Index
Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby, discouraging spam mailers, who routinely disguise the origin of their e-mail, a practice known as e-mail spoofing. SPF and other anti-spoofing initiatives, such as Domain Keys, work by making it easier for a mail server to determine when a message came from a domain other than the one claimed.
SPIM: Spam Through Instant Messaging
Spim is spam delivered through instant messaging (IM) instead of through e-mail messaging. Although less ubiquitous than its e-mail counterpart, spim is reaching more users all the time. According to a report from Ferris Research, 500 million IM spam were sent in 2003, twice the level of 2002. As it becomes more prevalent, spim could impact the business community similarly to the way that spam does now, by consuming corporate resources and creating security problems.
sPING
sPING, a variation of ping of death, is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol. Many operating systems do not know how to handle an oversized packet, so they may get frozen, crashed, or rebooted.
SPIT: Spam over Internet Telephony
Spam over Internet Telephony (SPIT), sometimes known as vam (voice or VoIP spam), is unsolicited bulk messages broadcast over VoIP (Voice over Internet Protocol) to phones connected to the Internet.
Split Horizon
Split Horizon is a algorithm for avoiding problems caused by including routes in updates sent to the gateway from which they were learned.
Split Key
A Split Key is a cryptographic key that is divided into two or more separate data items that individually convey no knowledge of the whole key.
Splog or Spam Blog
Spam blogs, sometimes referred to by the Neologism splogs, are Web Log (or "blog") sites which the author uses only for promoting affiliated websites. The purpose is to increase the PageRank of the affiliated sites and/or get ad impressions from visitors. Content is often nonsense or texts stolen from other websites with an unusually high number of links to sites associated with the splog creator which are often disreputable or otherwise useless Web sites.
Spoof Mail
Spoof Mail, a type of email fraud, is email which appears to come from one source but is actually sent by another. It is often associated with spoof websites which mimic an actual, well-known website but are run by another party - usually with fraudulent intentions. Sometimes, Spoof Mail is a php-based script, which lets one send e-mail from any e-mail address one would like.
Spoof or Spoofing
Spoof or spoofing refers to attempt by an unauthorized entity to gain access to a system by posing as an authorized user using fake identity. There are many forms of spoofing such as IP spoofing, email spoofing, MAC address spoofing.
Spoof website
Spoof websites refers to the websites that mimic well-known websites but are run by another party - usually with fraudulent intentions. It is often associated with spoof email which appears to come from one source but is actually sent by another person - usually with fraudulent intentions.
Spyware
In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge. Internet advertising (adware) has been criticized for sometimes including code that tracks a user's personal information and passes it on to third parties without the user's authorization or knowledge. This practice has been dubbed spyware and has prompted an outcry from computer security and privacy advocates, including the Electronic Privacy Information Center.
SQL Injection
SQL Injection is a type of input validation attack specific to database-driven applications where SQL code is inserted into application queries to manipulate the database.
SRVTAB
SQL Injection is a type of input validation attack specific to database-driven applications where SQL code is inserted into application queries to manipulate the database.
SSCP: Systems Security Certified Practitioner
Systems Security Certified Practitioner (SSCP) is a certification program provided by the International Information Systems Security Certification Consortium (abreviated as ISC2, (ISC)2 or ,(ISC)²). The Systems Security Certified Practitioner (SSCP) credential offers information security tacticians, with implementation orientations, the opportunity to demonstrate their level of competence with the seven domains of the compendium of best practices for information security, the (ISC)² SSCP CBK. The SSCP credential is ideal for those who are working toward or who have already attained positions as Senior Network Security Engineers, Senior Security Systems Analysts or Senior Security Administrators.
SSH: Secure Shellor Secure Socket Shell
Secure Shell Protocol(SSH) is a Unix-based command interface and protocol for secure remote login and other secure network services over an insecure network. It is widely used by network administrators to control Web and other kinds of servers remotely. SSH is actually a suite of utilities - slogin, ssh, and scp - that are secure versions of the earlier UNIX utilities, rlogin, rsh, and rcp. SSH consists of three major components:(1) Transport Layer Protocol [SSH-TRANS];(2) User Authentication Protocol [SSH-USERAUTH] ;(3) Connection Protocol [SSH-CONNECT].
SSID: Service Set Identifier
Service Set Identifier (SSID) is a set of 32 characters that give a unique name to a WLAN. All wireless devices on a WLAN must employ the same SSID in order to communicate with each other. The SSID on wireless clients can be set either manually, by entering the SSID into the client network settings, or automatically, by leaving the SSID unspecified or blank. A network administrator often uses a public SSID, that is set on the access point and broadcast to all wireless devices in range. Some newer wireless access points disable the automatic SSID broadcast feature in an attempt to improve network security.
SSL Card: Server Accelerator Card
A server accelerator card (also known as an SSL card) is a Peripheral Component Interconnect (PCI) card used to generate encryption keys for secure transactions on e-commerce Web sites. When a secure transaction is initiated, the Web site's server sends its certificate, which has been provided by a certifying authority, to the client machine to verify the Web site's authenticity. After this exchange, a secret key is used to encrypt all data transferred between sender and receiver so that all personal and credit card information is protected.
SSL Man-in-the-Middle Attacks
SSL Man-in-the-Middle Attacks refer the MITM attacks through SSL/TLS channles. SSL/TLS was supposed to mitigate that risk for web transactions by providing endpoint authentication and encryption. However, it is discovered in late 2000 the feasibility of mounting a MITM attack on the protocol. One faulty SSL client implementation, Microsoft's Internet Explorer, allows for transparent SSL MITM attacks when the attacker has any CA-signed certificate. An even greater risk is posed by unprotected systems where an attacker can preload his/her own trusted root authority certificates. The mitigation for such attack is to properly configure client SSL that would warn the user about problems with the server certificate.
SSL VPN: Secure Socket Layer Virtual Private Network
Secure Socket Layer (SSL) Virtual Private Network (VPNs) can provide secure and private communications for any types of traffic between the devices equipped with the same SSL technologies across a public network such as the Internet. A competing technology of the SSL VPN is the IPsec VPN. Actually, SSL is best used as the remote access and mobile access VPNs while IPsec is the best to create VPNs among fixed sites.
SSL accelerator
SSL accelerator is a piece of hardware to speed up processing of Secure Sockets Layer (SSL) encryption.
SSL: Secure Sockets Layer
The Secure Sockets Layer (SSL), a protocol originally defined by Netscape, is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has been succeeded by Transport Layer Security (TLS). But the SSL name has gained enough popularity, and people still call the protocol SSL or SST/TLS. The protocol is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. At the lowest level, layered on top of some reliable transport protocol (TCP) is the TLS Record Protocol. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products.
SSO: Single sign on or signon
In any client/server relationship, single signon (or sign on, SSO) is a session/user authentication process that permits a user to enter one name and password in order to access multiple applications. The single signon, which is requested at the initiation of the session, authenticates the user to access all the applications they have been given the rights to on the server, and eliminates future authentication prompts when the user switches applications during that particular session.
SSO: System Security Officer
System Security Officer (SSO) is a person responsible for enforcement or administration of the security policy that applies to the system.
SSPI: Security support provider interface
Security support provider interface is a set of application programming interfaces (APIs) for accessing security services on Microsoft Windows platforms.
SST Virus
SST virus is the Anna Kournikova VBS.SST computer virus, informally known as "Anna". It is a viral worm that uses Visual Basic to infect Windows systems when a user unwittingly opens an e-mail note with an attachment that appears to be a graphic image of Russian tennis star Anna Kournikova. However, when the file is opened, a clandestine code extension enables the worm to copy itself to the Windows directory and then send the file as an attachment to all addresses listed in your Microsoft Outlook e-mail address book.
Stacheldraht
Stacheldraht is a classic DDoS attack, using a master program and multiple agents on multiple compromised systems. In many ways, it is similar to TFN, but includes encrypted communication between the attacker and the master program, and can update the agent programs using rcp (remote copy).
Stack Mashing
Stack mashing is the technique of using a buffer overflow to trick a computer into executing arbitrary code.
Standard ACLs (Cisco)
Standard ACLs on Cisco routers make packet filtering decisions based on Source IP address only.
Star Property
In Star Property, a user cannot write data to a lower classification level without logging in at that lower classification level.
Stateful Inspection
Also referred to as dynamic packet filtering, Stateful Inspection is a firewall technology that works at the network layer. Unlike static packet filtering, which examines a packet based on the information in its header, stateful inspection examines not just the header information but also the contents of the packet up through the application layer in order to determine more about the packet than just information about its source and destination.
Static Host Tables
Static host tables are text files that contain hostname and address mapping.
Stealth
Stealth refers to an event, object, or file that evades methodical attempts to find it. In information security, the term applies to certain computer viruses, and to a state of affairs in which a computer or port is rendered invisible to hacking programs.
Stealth Virus
A stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software. Generally, stealth describes any approach to doing something while avoiding notice. Viruses that escape notice without being specifically designed to do so -- whether because the virus is new, or because the user hasn't updated their antivirus software -- are sometimes described as stealth viruses, too.
Stealth scanning
Stealth scanning refers to any type of port scanning that doesn’t actually establish connections with ports on target hosts, so that this scanning would not get noticed. Generally, stealth describes any approach to doing something while avoiding notice.
Stealthing
Stealthing is a term that refers to approaches used by malicious code to conceal its presence on the infected system.
Steganalysis
Steganalysis is the process of detecting and defeating the use of steganography.
Steganographic
Steganography is the hiding of a secret message within an ordinary message and the extraction of it at its destination. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data.
Steganography
Steganography is the hiding of a secret message within an ordinary message and the extraction of it at its destination. Steganography takes cryptography a step farther by hiding an encrypted message so that no one suspects it exists. Ideally, anyone scanning your data will fail to know it contains encrypted data. This is different from cryptography, which hides the meaning of a message but does not hide the message itself. An example of a steganographic method is "invisible" ink.
Stimulus
Stimulus is network traffic that initiates a connection or solicits a response.
Storage Encryption
Storage encryption is the use of encryption/decryption of backed-up and archived data, both in transit and on storage media. Storage encryption is a feature of storage security that is gaining favor among enterprises that use storage area networks (SANs).
Storage Security
Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks - and unavailable to other entities. These parameters can apply to hardware, programming, communications protocols, and organizational policy.
Store And Forward Switching
Store And Forward Switching refers to a switching technique in which frames are completely processed before being forwarded out the appropriate port. This processing includes calculating the Cyclic Redundancy Check (CRC) and checking the destination address. In addition, frames must be temporarily stored until network resources are available to forward the message.
Store-and-Forward Switch
Store-and-forward switch refers to a switching device that stores a complete incoming data packet before it is sent out. Such switches are used when incoming and outgoing speeds differ or as a security measure.
STPP: Microsoft Strategic Technology Protection Program
Microsoft Strategic Technology Protection Program (STPP) is an initiative launched by Microsoft Corporation to help protect its customers against threats from the Internet.
Store-and-Forward
Store-and-Forward is a method of switching where the entire packet is read by a switch to determine if it is intact before forwarding it.
Straight-Through Cable
A straight-through cable is where the pins on one side of the connector are wired to the same pins on the other end. It is used for interconnecting nodes on the network.
Stream Cipher
Stream cipher is a cipher that operates on a continuous stream of data by ciphering individual elements, such as bits or bytes, without the need to accumulate blocks of data. A stream cipher works by encryption of a message, a single bit, byte, or computer word at a time.
Strong Password
A strong password is one that is designed to be hard for a person or program to discover. Because the purpose of a password is to ensure that only authorized users can access resources, a password that is easy to guess is a security risk. Essential components of a strong password include sufficient length and a mix of character types. When people create passwords, they often defeat the purpose by choosing parts of their names, the names of their pets, or even the word "password."
Strong Star Property
Strong Star Property indicates that a user cannot write data to higher or lower classification levels than their own.
Strong encryption
Strong encryption refers the type of encryption with a key long enough to make cracking it unfeasible.
Stunnel
Stunnel is a open source program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer). Stunnel allows you to secure non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code. Stunnel runs on a variety of operating systems, including most Unix-like operating systems and Windows. The Stunnel source code is not a complete product. It relies on a separate library such as OpenSSL or SSLeay to implement the underlying TLS or SSL protocol.
Su
Su is a UNIX command that allows a user to run an application using different credentials from those employed for the current logon session.
Subordinate CA
Subordinate CA is a certificate authority (CA) at a level beneath the root CA.
SubSeven
SubSeven is a notorious remote administration tool (RAT) and Trojan.
Sudo
Sudo is a UNIX command that allows administrators to grant partial root privileges to other users.
SUID root
SUID root is a process on UNIX platforms that executes with root privileges regardless of its owner.
Superencryption
Superencryption refers to the encryption operation for which the plaintext input to be transformed is the ciphertext output of a previous encryption operation.
Sub Network
Sub Network is a separately identifiable part of a larger network that typically represents a certain limited number of host computers, the hosts in a building or geographic area, or the hosts on an individual local area network.
Subnet Mask
A subnet mask (or number) is used to determine the number of bits used for the subnet and host portions of the address. The mask is a 32-bit value that uses one-bits for the network and subnet portions and zero-bits for the host portion.
SuperUser
SuperUser is a person who has been granted administrator privileges, e.g. unrestricted access to the whole system, command line and files despite any permissions granted. The expression SuperUser is normally associated/more common within the UNIX environment and gives root access.
Survivability
Survivability refers to the capability of a system to remain in operation or existence despite adverse conditions, including natural occurrences, accidental actions, and attacks on the system.
SUS: Software Update Services
Software Update Services (SUS) is a tool for keeping critical software updates up-to-date on Microsoft Windows 2000, Windows XP, and Windows Server 2003.
Swatch
Swatch is a tool for log file monitoring on UNIX platforms.
SWI: Secure Windows Initiative
Secure Windows Initiative(SWI) is a Microsoft Corporation initiative to ensure the security of its products.
Switch CAM Table Overflow
The CAM table in a switch contains information such as the MAC addresses available on a given physical port of a switch, as well as the associated VLAN parameters. When a Layer 2 switch receives a frame, the switch looks in the CAM table for the destination MAC address. If an entry exists for the MAC address in the CAM table, the switch forwards the frame to the port designated in the CAM table for that MAC address. If the MAC address does not exist in the CAM table, the switch forwards the frame out every port on the switch, effectively acting like a hub. If a response is seen, the switch updates the CAM table.
Symlink: Symbolic Links
Symbolic link (symlink) is a special type of file that serves as a reference to another file. Unlike a hard link, a symbolic link does not point directly to data, but merely contains a symbolic path which is used to identify a hard link (or another symbolic link). Thus, when a symbolic link is removed, the file to which it pointed is not affected. In contrast, the removal of a hard link will result in the removal of the file, if it were the last hard link to that file. As a result, symbolic links can be used to refer to files on other mounted file systems. A symbolic link whose target does not exist is known as an orphan.
Symmetric Cryptography
Symmetric Cryptography is a branch of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption, or signature creation and signature verification). Symmetric cryptography is sometimes called "secret-key cryptography" (versus public-key cryptography) because of the entities that share the key.
Symmetric Key
Symmetric Key, also known as secret key, is a cryptographic key that is used in a symmetric cryptographic algorithm for both encrypt and decrypt data.
Symmetric key algorithm
Symmetric key algorithm, also known as secret key algorithm, is a mathematical algorithm used in secret key encryption.
Symmetric key encryption
Symmetric key encryption, also known as secret key encryption, is the encryption based on a shared secret between the communicating parties. In the symmetric key encryption process, information is encrypted and decrypted using the same key.
Syn Attack
Syn Attack refers to an attacker sending a series of SYN requests using a fake IP source address to a target (victim). The target sends a SYN ACK in response and waits for an ACK to come back to complete the session set up. Since the source address is fake, the response never comes. The SYN requests from the attacker fill the victim's memory buffers so that it can no longer accept legitimate session requests.
SYN Flood or Syn Flooding
SYN Flood or Syn flooding is a denial of service(DoS) attack that sends a host more TCP SYN packets (request to synchronize sequence numbers, used when opening a connection) than the protocol implementation can handle.
SYN Flood
SYN Flood is a denial of service attack that sends a host more TCP SYN packets (request to synchronize sequence numbers, used when opening a connection) than the protocol implementation can handle.
SYN Scanning
SYN scanning is a type of stealth scan that makes use of SYN packets. SYN scanning is a tactic that a malicious hacker (or cracker) can use to determine the state of a communications port without establishing a full connection. This approach, one of the oldest in the repertoire of crackers, is sometimes used to perform denial-of-service (DOS) attacks. SYN scanning is also known as half-open scanning.
SYNdrop
SYNdrop is a program used by an attacker to send IP fragments that cannot be reassembled properly by manipulating the offset value of a packet. This may cause reboot or halt of victim system. Many other variants of SYNdrop such as targa, TearDrop, Boink, Nestea Bonk, TearDrop2 and NewTear are available. A simple reboot is the preferred remedy after this happening.
Syskey
Syskey is a Microsoft Windows NT utility for strengthening password security.
Syslog
Syslog is the system logging facility for Unix systems.
System Hardening
System hardening is the process to address system security weaknesses by implementing the latest software paches, hot-fixes and updates, by using the latest and secured versions of protocols and following procedures and policies to reduce attacks and system down time.
System High Security Mode
System High Security Mode is a mode of operation of an information system, wherein all users having access to the system possess a security clearance or authorization, but not necessarily a need-to-know, for all data handled by the system.
System Integrity Service
System Integrity Service is a type of security service that protects system resources in a verifiable manner against unauthorized or accidental change, loss, or destruction.
System Low Security Mode
System Low Security Mode refers to the lowest security level supported by a system at a particular time or in a particular environment.
System Monitor
System monitor refers to the keystroke logger, which is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard. As a hardware device, a keystroke logger is a small battery-sized plug that serves as a connector between the user's keyboard and computer. Because the device resembles an ordinary keyboard plug, it is relatively easy for someone who wants to monitor a user's behavior to physically hide such a device "in plain sight."
System-Specific Policy
A System-Specific Policy is a policy written for a specific system or device.