Information, Computer and Network Security Terms Glossary and Dictionary

Securing the network, prohibiting unauthorized access and protect sensitive data prove to be a daunting challenge for businesses large or small. A Layered Defense with multiple approaches is used to security enforcement at multiple areas within a network. This approach removes single points of security failure in order to secure enterprise information assets. The following are the key aspects of the layered defense security framework.

Business Security Practices
• Secure information management
• Finding fraud in business transactions
• Security skill development
• Forensics and auditing tools
• Regulatory compliance tools
• Log management
• Disaster recovery plan

Data Security
• Encryption
• Access control/user authentication
• Virtual Private Networks (VPNs)
• Site validation
• Data Backup

Application Security
• Application shield
• Access control/user authentication
• Input validation
• Patch configuration and applications
• Application security testing

Host Security
• Host IDS
• Host firewall
• Host vulnerability assessment
• Network access control
• Anti-virus and anti-spyware
• Access control/user authentication
• Host backup

Network Security

• Intrusion detection /prevention system (IDS/IPS)
• Vulnerability management system
• Network access control
• Access control /user authentication
• Network penetration testing

Perimeter Security
• Firewall
• Network-based anti-virus
• VPN encryption
• Hardening network components with secured features

Physical Security
• Establish policies for facility access
• Ensure valid identity
• Device security policy compliance
• Control physical access to network facilities
• Monitor and log facility access

Related Terms

Layered Defenses of Network and Information Security