Cybersecurity Definitions H 0 0

Hacker

A hacker is a term used for an expert computer programmer who tries to gain unauthorized access into a network or computer systems with intent.

Handshaking procedures

Handshaking procedures are the dialogue between two information systems for synchronizing, identifying, and authenticating themselves to one another.

Hard copy key

A hard copy key is physical keying material, such as printed key lists, punched or printed key tapes, or programmable, read-only memories.

Hardening

Hardening is also known as system hardening and refers to providing protection to a computer system at various layers such as host, application, os, user, physical levels, and all the other sublevels in between. A hardened computer system is a more secure computer system. Hardening eliminates as many risks and threats to a computer system as necessary.

Hardware

Hardware is the physical component of an information system. See also software and firmware.

Hardwired key

A hardwired key is a permanently installed key.

Hash based message authentication code hmac

Hash-based message authentication code is a message authentication code that uses a cryptographic key in conjunction with a hash function.

Hash function

A hash function is a function that is used to map data of arbitrary size to a data of a known or fixed size. The values returned by a hash function are called hash values, hash codes, hash sums, or simply hashes.

Hash functions

A cryptographic hash function is a kind of hash function where it is practically impossible to recreate the input data from its hash value alone. The input data is referred to as the ‘message’, and the hash value is called the ‘message digest’ or the ‘digest’. The result of this hash function can be used to validate if a larger file has been changed, without comparing the larger files. Examples of frequently used hash functions are md5 and sha1.

Hash total

A hash total is a method of verifying the accuracy of data; it includes adding up the data in different fields including fields, which have no significance such as account numbers, etc. The sum thus arrived should be the same as original, a mismatch in the totals indicates an error.

Hash value

A hash value is the result of applying a cryptographic hash function to data (e.g., a message).

Hashing

Hashing is a system of generating string values with the help of algorithms to maintain data integrity and accuracy.

Header

A header refers to the additional data at the beginning of a chunk of data (or packet) being stored or transmitted. The data that follows the header is called the payload or body. Note that it is important that the header is of clear and unambiguous format to allow for parsing.

High assurance guard hag

High assurance guard is an enclave boundary protection device that controls access between a local area network that an enterprise system has a requirement to protect, and an external network that is outside the control of the enterprise system, with a high degree of assurance. A guard that has two basic functional capabilities: a message guard and a directory guard. The message guard provides filter service for message traffic traversing the guard between adjacent security domains. The directory guard provides filter service for directory access and updates traversing the guard between adjacent security domains.

High availability

High availability is a failover feature to ensure availability during device or component interruptions.

High impact system

A high impact system is an information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a fips 199 potential impact value of high. An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a potential impact value of high.

High impact

High impact is the loss of confidentiality, integrity, or availability that could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, individuals, other organizations, or the national security interests of the united states; (i.e., 1) causes a severe degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; 2) results in major damage to organizational assets; 3) results in major financial loss; or 4) results in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries).

Hijack attack

A hijack attack is a form of active wiretapping in which the attacker seizes control of a previously established communication association.

Hijacking

Hijacking is a network security attack by which the intruder takes control of a connection, while a session is in progress. The intruder gains unauthorized access to the information.

Honeyclient

Honeyclient is a web browser-based high interaction client honeypot designed by Kathy Wang in 2004 and subsequently developed at mitre. It was the first open source client honeypot and is a mix of perl, c++, and ruby. Honeyclient is state-based and detects attacks on windows clients by monitoring files, process events, and registry entries.

Honeymonkey

A honeymonkey is an automated program that imitates a human user to detect and identify websites which exploit vulnerabilities on the internet. It is also known as a honey client.

Honeypot

Honeypot is a computer security program that simulates one or more network services that you define on your computer’s ports. An attacker may assume that you’re running weak services that can be used to break into the machine. A honeypot provides you advanced warning of a more concerted attack. Two or more honeypots on a network form a honeynet.

Hop

A hop occurs each time that a data packet is passed from one device (source) to the next device (destination). Data packets pass through bridges, routers, and gateways on the way.

Host based intrusion detection system hids

A host-based intrusion detection system (hids) is an intrusion detection system that monitors and analyses information from the operating system audit records occurring on the host. These operations are then compared to a predefined security policy norm. This analysis of the audit trail forces significant overhead requirements on the system due to the increased amount of processing power which must be utilized by the intrusion detection system. Depending on the size of the audit trail and the processing ability of the system, the review of audit data could result in the loss of a real-time analysis capability.

Host

A network host is a computer or other device connected to a computer network. A network host is a network node that is assigned a network layer host address. A network host may offer information resources, services, and applications to users or other nodes on the network.

Hot site

A hot site is a fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption. Backup site that includes phone systems with the phone lines already connected. Networks will also be in place, with any necessary routers and switches plugged in and turned on. Desks will have desktop pcs installed and waiting, and server areas will be replete with the necessary hardware to support business-critical functions. Within a few hours, a hot site can become a fully functioning element of an organization.

Hot wash

A hot wash is a debrief conducted immediately after an exercise or test with the staff and participants.

Http proxy

An http proxy is a server that receives requests from your web browser and then, requests the internet on your behalf. It then returns the results to your browser.

Https

Https (also called http over tls, http over ssl, and http secure) is an internet protocol used for secure communication over a computer network. Https is very important over insecure networks (such as public wifi), as anyone on the same local network can discover sensitive information not protected by https. Https consists of communication over hypertext transfer protocol (http) within a connection encrypted by transport layer security or its predecessor, secure sockets layer.

Hub

A hub is a network device that is a common connection point for devices in a network. These are commonly used to connect segments of a lan. A hub contains multiple ports. When a data packet is received at one port, it is transmitted to the other ports on the hub.

Hybrid attack

A hybrid attack is a blend of both a dictionary attack method as well as brute force attack. This means that while a dictionary attack method would include a wordlist of passwords, the brute-force attack would be applied to each possible password in that list.

Hybrid encryption

Hybrid encryption is a method of encryption that combines two or more encryption algorithms or systems. This method merges asymmetric and symmetric encryption in order to derive benefit from the strengths of each form of encryption. These strengths include speed and security respectively.

Hybrid security control

Hybrid security control is a security control that is implemented in an information system in part as a common control and in part as a system-specific control.

Hyperlink

A hyperlink (usually highlighted by color or underscoring) could be a word, a phrase, or an image that refers to data or related information that the user can directly follow either by clicking or by hovering. A hyperlink points to a whole document or to a specific element within a document while a hypertext is text with hyperlinks.

Hypertext markup language html

Hypertext markup language (html) is a set of markup symbols or codes that are inserted in a file intended for display on a world wide web (www) browser page. This markup states the browser how to display a web page to the user.

Hypertext transfer protocol http

Http is the underlying protocol used by the world wide web (www). This protocol defines how messages are formatted and transmitted on the internet and what actions web servers and browsers should take in response to various commands.

** The time is base on America/Chicago timezone