Security Awareness and Cyber Security Training Glossary

Attachment:  A data file sent from one computer to another along with an e-mail or an instant message (IM.)

Buddy List:  Instant message addresses of favorite users. List enabled designated users to know when their 'buddy' is on-line so that both can easily communicate.

Cracker:  A person who modifies software to remove protection methods: copy protection, trial/demo version, serial number, hardware key, CD check or other software annoyances like reminder screens and adware.

is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.

Download:  To copy information (data) from the Internet.

Electronically Stored Information ("ESI"):  Email and other electronic communication, word processing documents, spreadsheets, graphs, charts, presentations, databases, calendars, telephone records and voice mail, Internet data, networks and network access information, computer systems, including legacy systems (hardware and software), servers, archives, backup or disaster recovery systems, tapes, discs, drives, cartridges and other storage media, including but not limited to CDs, DVDs, external hard drives, thumb drives and floppy discs, laptops, desktops, personal digital assistants ("PDAs"), handheld wireless devices, mobile telephones, paging devices and audio systems.

Encrypted:  The process by which an email and its attachments are scrambled or coded so that only the intended recipient can read it.

Exploit:  Technique or program that takes advantage of vulnerabilities or errors in computer software or hardware.  Results in unexpected behavior, and many times involves taking complete control of a system.

File:  The specific location of data within a computer record.

Hacker:  A person who specializes in the discovery of exploits in systems (for exploitation or prevention), or in obtaining or preventing unauthorized access to systems through skills, tactics and detailed knowledge.

Hacking:  Gaining illegal or unauthorized access to a computer file or network.

Malware (or Malicious Code):  Intentionally destructive computer program (e.g: viruses, worms, and Trojan horses.)

Network:  A group of two or more computer systems linked together.

Password Rules: The County's password policy requires a 8 characters (minimum) to 12 characters (maximum).  The password must be changed every 60 days.

Pop-up:   A window that suddenly appears (pops up) when you select an option with a mouse or press a special function key.

Portable Mass Storage Media:  Includes but is not limited to plug-ins, Universal Serial Bus (USB) port devices, Compact Discs (CDs), Digital Versatile Discs (DVDs), flash drives and any other existing or future portable mass storage media.

Posting:  Placing a message or photo to an on-line message board or website.

Public Records:  Oregon Public Record Laws (ORS 192.005 (5), ORS 192.410 (4), ORS 192.620) consider any information created, processed or stored in the conduct of County business as public records. The record may be in different physical formats including but not limited to: Photos, maps, drawings, reports, e-mail, databases, excel spreadsheets, correspondence, audio tapes, video tapes, DVD's, CD's, etc. NOTE: If you store County information off of the County's network (in the cloud, on a personal device, in a file cabinet at home, etc) these records are are discoverable in a Publlic Records Request or a civil litigation that has been or may be filed against you, the County, its agents, officers or elected officials.

Ransom-Ware: A type of malicious software virus designed to block access to a computer system or files until a sum of money is paid.

Remote Work:
  A work site has traditionally referred to as a permanent space assigned to you within a building owned or leased by the County. The expansion of mobile computing and advanced communications increasingly empowers employees to perform their duties from field locations or work remotely.  Remote tools such as a secure VPN via a 3g/4g/5g connection for staff with County notebooks .

3g/4g/5g:the "g" stands for the generation mobile of networks wireless systems. The higher the "g" the higher the speed of connectivity.

Retention Rules/Requirements:  The length of time a public record must be retained in accordance with Oregon Public Record Laws.

Screen Name:  On-line name or nickname, an alias used in Cyberspace.

Script Kiddie:  Derogatory term used for an inexperienced malicious hacker or cracker who uses programs developed by others to attack computer systems and networks.

Social Engineering:   An approach to gain access to information through misrepresentation.  It is the conscious manipulation of people to obtain information without their realizing that a security breach is occurring.  It may take the form of impersonation via telephone or in person and through email.  Some emails entice the recipient into opening an attachment that activated a virus.

Spam:  Unsolicited, junk email.

Spoofs/Spoofing:  Fake e-mail messages or web pages mimicking.

Throw-Away Account:  Email or computer access account created for one-time use.

Text Messaging: Or texting, is the act of composing and sending electronic messages between two or more mobile phones, or fixed or portable devices over a phone network. The term originally referred to messages sent using the Short Message Service (SMS).

Tweet: a posting made on the social media website Twitter.

User:  Also known as a workforce member. All authorized personnel engaged by the County to use information technology in support of County business.This includes but is not limited to employees, contractors, consultants, temporaries, volunteers and interns.

Stipend Program: Allows qualifying employee's reasonable compensation for the use of a personal cell phone or Smart Phone for County business.Personal use limitations are removed from mobile communications devices subsidized under the stipend program, but User Responsibility Policy guidelines continue to apply to the extent the device is used to access the Technology Environment.

Virus:  A virus is a destructive application that is loaded on your computer without your knowledge and runs against your wishes.