ISO 17799 Central. BS7799 and ISO17799 Guide

THE A-Z GUIDE FOR ISO27001 AND ISO27002 INFORMATION
ISO 27000 CENTRAL

ISO 27000 Central is intended to be a launch pad for those seeking help with this international standard. It offers information, tips, guides and links to a range of resources.

Menu
About ISO 27000
Starting Point
The Glossary
The PDCA Cycle
Certifications
Newsletter Archive

Home
Feedback
Forums
Conferences
Guestbook
Directory

Add ISO27000 Central
to Your Bookmarks


ISO27000 Glossary

This glossary of ISO 27000 and information security related terms was compiled over a lengthy period, and is provided as a public service. In addition to offering definitions and explanation of terms and phrases, the glossary also cross references each with the appropriate chapter of the standard itself, where applicable.

The ISO 27000 Glossary


The 27000 Glossary of Information Security Terms and Phrases

A   |   B   |   C   |   D   |   E   |   F   |   G   |   H   |   I   |   J   |   K   |   L   |   M   |   N   |   O   |   P   |   Q   |   R   |   T   |   U   |   V   |   W   |   X   |   Y   |   Z  ]


S


SACRIFICIAL HOST (Chapter 8)
A server located outside the firewall usually to provide a service that might otherwise compromise the local system's security.

SAMURAI
A hacker who hires himself out to other parties with 'legitimate' reasons to need such expertise.

SECURITY OFFICER (Chapter 4)
Usually the person who takes primary responsibility for the security related affairs of the organisation.

SEGREGATION OF DUTIES (Chapter 8)
The descrete allocation of tasks between different employees in order to contain the scope for error or fraud.

SHOULDER SURFING
Looking over someone's shoulder as they enter their password.

SLAG
To run a destructive program which leaves computer systems files, records, and data, utterly useless.

SMURF (Chapter 8)
An attack that exploits features of the IP protocol within the TCP/IP protocol.

SOCIAL ENGINEERING
Extraction of information, usually verbally, by impersonating a legitimate third party or by using other social interactions.

SOFTLIFTING (Chapter 12)
The theft (piracy) of software for personal use

SPOOFING
Another term for identity hacking

STEALTH BOMB (Chapter 8)
Malicious program code that is disguised as something else



       SOURCES

ISO 27000 DOWNLOAD

ISO 27001 (and ISO 27002) should always be obtained from an official source.
17799

Standards Direct (BSI) provides the standard as an instant download from the following page: ISO 27000 Download

ISO27000
TOOLKIT

The standard (both ISO 27001 and 27002) can also be obtained as part of the ISO27000 Toolkit. This also comprises a series of support resources, such as aligned security policies, checklists, BIA questionnaires, presentations, etc.

It can be downloaded via the following website: ISO 27000 Toolkit

ADVERTISERS

Please feel free to contact us

Your Guide To ISO 27001 and ISO27002
Copyright © 2012. All Rights Reserved.