AAA: Stands for Authentication, Authorization and Accounting.
ACCOUNTING: The process of keeping a record of a user's network activity, including the time spent on the network, the services accessed and the amount of data transferred during the session. It can be used for trend analysis, capacity planning, billing, auditing and cost allocation.
ALARM: The property of a security device's log record designed to draw attention to specific activity in the system. This is distinguished from a "regular" log record, which tracks system activity, such as an Audit or error log. Usually an alarm is used to call out potentially malicious or suspicious activity in the network. In a more general sense, an alarm can also define a notification mechanism. Most security devices enable a system administrator to determine who is notified when specific traffic is detected and how they receive that information (for example, via e-mail or page).
ALERT: See Alarm.
ANTI-SPOOFING DETECTION: An IDP detection mechanism that detects and prevents IP Spoofing of source IP addresses. The IDP reviews the source IPs of each packet and compares it to a list of IP addresses that are allowed on that interface. If the IP is not allowed, the IDP will take the appropriate action.
ANTI-VIRUS: A program that detects and eliminates Computer Viruses. Some anti-virus programs have the ability to fix files and computers that have been infected by viruses. Others can prevent the damage of a virus by alerting the user to its presence and then stopping the virus from loading and running itself on the computer or system. Anti-virus is a key element of any network security plan and is often referenced as a critical component of Content Security.
API (APPLICATION PROGRAM INTERFACE): The tools, protocols and routines that a programmer must use to build software applications. Although the primary purpose of APIs is to make it easy for programmers to build software, the users are the ones that ultimately benefit. This is because different programs that are built using the same API have similar interfaces. This means that users who are familiar with one program will find it easier to learn new programs that have been built with the same API.
ATTACK: Unauthorized access or vandalism of a computer application, system or network.
ATTACK SIGNATURE: A pattern within network traffic used to detect a particular attack or intrusion. Signatures can only be created for attacks that have already been documented, so they only work for known attacks and cannot be used to detect unknown attacks or undocumented variations of known attacks.
AUDIT: The process of collecting and examining a network's records (Logs) of electronic transactions to identify a Vulnerability or determine if there has been a security violation in the network.
