• Choose a category
• All
• Classic-Fiction

Business Impact Analysis (BIA) A study of the possible impact if a disruption to a business’s vital resources were to occur.

C

CA See certificate authority (CA).

Carlisle Adams Stafford Tavares (CAST) A type of symmetric block cipher defined by RFC 2144.

CAST See Carlisle Adams Stafford Tavares (CAST).

CC See Common Criteria (CC).

CCRA See Common Criteria Recognition Agreement (CCRA).

central office The primary office from which most resources extend.

certificate A digital entity that establishes who you are and is often used with e-commerce. It contains your name and other identifying data.

certificate authority (CA) An issuer of digital certificates (which are then used for digital signatures or key pairs).

certificate policies Policies governing the use of certificates.

Certificate Practice Statement (CPS) The principles and procedures employed in the issuing and managing of certificates.

certificate revocation The act of making a certificate invalid.

Certificate Revocation List (CRL) A list of digital certificate revocations that must be regularly downloaded to stay current.

chain of custody The log of the history of evidence that has been collected.

Challenge Handshake Authentication Protocol (CHAP) A protocol that challenges a system to verify identity. CHAP is an improvement over Password Authentication Protocol (PAP) in which one-way hashing is incorporated into a three-way handshake. RFC 1334 applies to both PAP and CHAP.

change documentation Documentation required to make a change in the scope of any particular item. In the realm of project management, a change document is a formal document requiring many signatures before key elements of the project can be modified.

CHAP See Challenge Handshake Authentication Protocol (CHAP).

checkpoint A certain action or moment in time that is used to perform a check. It allows a restart to begin at the last point the data was saved as opposed to from the beginning.

checksum A hexadecimal value computed from transmitted data that is used in error-checking routines.

cipher See cryptographic algorithm.

circuit switching A switching method where a dedicated connection between the sender and receiver is maintained throughout the conversation.

Clark-Wilson model An integrity model for creating a secure architecture.

clear text Unencrypted text that can be read with any editor.

client The part of a client/server network where the computing is usually done. In a typical setting, a client uses the server for remote storage, backups, or security (such as a firewall).

client/server network A server-centric network in which all resources are stored on a file server and processing power is distributed among workstations and the file server.

clipper chip An early encryption system from the NSA for civilian use; it was a hardware implementation of the skipjack encryption algorithm.

clustering A method of balancing loads and providing fault tolerance.

coax A type of cabling used in computer networks.

code escrow The storage and conditions for release of source code provided by a vendor, partner, or other party.

cold site A physical site that has all the resources necessary to enable an organization to use it if the main site is inaccessible (destroyed). Commonly, plans call for turning to a cold site within a certain number of hours after the loss of the main site.

collection of evidence The means and orderly fashion by which evidence is collected, identified, and marked.

collusion An agreement between individuals to commit fraud or deceit.

Common Criteria (CC) A document of specifications detailing security evaluation methods for IT products and systems.

Common Criteria Recognition Agreement (CCRA) A set of standards, formerly known as the Mutual Recognition Agreement (MRA), that defines Evaluation Assurance Levels (EALs).

Common Gateway Interface (CGI) An older form of scripting that was used extensively in early web systems.

companion virus