Glossary of IT and cybersecurity terms

unauthorized access
Access to a physical or logical network, system or data without authorization.

Wi-Fi protected access
A security protocol and security certification program developed by the Wi-Fi Alliance to protect wireless computer networks.
[SOURCE: ISO 20415:2019]

applying patches
Updating software or firmware.

invasion of privacy
Incident involving the actual or suspected loss of personal information.

data breach
Cybersecurity incident where a person seizes sensitive information without the authorization of the owner.

multi-factor authentication
Authentication method that requires a combination of factors (two or more) to verify the identity of the user: something the user knows (e.g. password) or has (e.g. physical token ), or a physical attribute (e.g. biometrics).

encryption
Changing the form of information to hide its content and prevent unauthorized access.
[SOURCE: Canadian Center for Cyber Security]

malicious code
Program or code written to gather information about a system or user, destroy system data, facilitate deeper intrusion into a system, falsify system data or reports, or create nuisances that slow down system operations. system and the activities of maintenance personnel.
NOTE 1: A malicious code attack takes many forms: virus, worm, Trojan horse or other automated exploit.
NOTE 2: Malicious code is also often referred to as “malware”.
[SOURCE: IEC/TS 62443-1-1:2009]

confidentiality
Ability to protect sensitive information from unauthorized access.

confirmation of biological or behavioral characteristics
A method of verifying identity that relies on biological (anatomy and physiology; e.g. face, fingerprints, retinas) or behavioral (e.g. typing rhythm, gait) characteristics to prove that the person with information about an identity is who owns that identity.
NOTE: Confirmation of biological or behavioral characteristics is done through a challenge-and-response protocol: the characteristics recorded in a record or database are compared to those of the person presenting the identity information.
[SOURCE: CAN/CIOSC 103-1:2020]

network failure (widespread)
Incident affecting the confidentiality, integrity or availability of a network.

application system failure
Incident affecting the confidentiality, integrity or availability of an application.

denied service
See “disruption of service”.

should
Indication of a possibility of choice with a marked preference; equivalent to “it is strongly recommended”.

unauthorized disclosure
Incident affecting the confidentiality, integrity or availability of data.

DMARC
Email Authentication Protocol, short for domain-based message authentication, reporting & conformance. It allows the owner of a given email domain to protect their domain against unauthorized use, commonly known as “email spoofing”.

must
Indication of a requirement for the design or application of a test method.

minimum right of access
Principle according to which the user is granted only the access authorizations that he needs to accomplish the authorized tasks. This principle limits the damage that may result from unauthorized, incorrect or accidental use of an information system.
[SOURCE: Canadian Center for Cyber Security]

enterprise mobility management
A set of systems managing mobile computing services or devices for an organization.

password manager
A computer program that allows the user to store, generate, and manage passwords for local applications and online services. It helps generate and recover complex passwords by storing them in an encrypted database or calculating them on demand.

cyber security incident
Unauthorized attempt, whether successful or not, to access, modify, destroy, delete, or render inoperable any system resource or computer network.

sensitive information
Information to be protected from unauthorized disclosure.

integrity
Ability to protect information against unauthorized modification and deletion.

service interruption
Incident preventing access to a service or otherwise disrupting normal operation.

malware
Malicious software designed to infiltrate or damage a computer system. Here are some common forms: virus, worm, Trojan horse, spyware and software.[SOURCE: Canadian Center for Cyber Security, Glossary]

OWASP
Open Web Application Security Project.

firewall
Security barrier between two perimeters controlling the volume and types of traffic allowed to pass from one to the other.

loss of information
See “Unauthorized Disclosure”.

can/can
Indication of a possibility of choice with an implicit preference.

incident response plan
A document that establishes the processes, procedures, and documentation for how the organization detects, responds to, and recovers from incidents. Cyber threats, natural disasters, and unplanned outages are examples of incidents that affect organizations’ networks, systems, and devices.
[SOURCE: Canadian Center for Cyber Security]

prejudice
Damage suffered by an organization when its IT systems and assets are compromised.

Ransomware
A type of malware that prevents a user from accessing a system or data until they have paid in funds or handed over a physical or virtual good.

wireless local area network (WLAN)/(Wi-Fi)
Wireless LAN technology that allows electronic devices to connect to the network, primarily through the 2.5 GHz and 5 GHz radio bands.
NOTE 1: “Wi-Fi” is a trademark of the Wi-Fi Alliance.
NOTE 2: “Wi-Fi” is commonly used as a synonym for “WLAN”, since most modern WLAN networks are based on Wi-Fi standards.
[SOURCE: ISO/IEC 27033-6:2016]

virtual private network (VPN)
A restricted-use logical computer network constructed from the resources of a physical network by using encryption or by tunneling virtual network links through the real network.
[SOURCE: ISO/IEC 18028-3:2005]

service impacting
Service with human impact, e.g. ex. finance, support (or assistance), housing, education, recruitment and benefits.

secure mobile service
Security of a mobile device (e.g. cell phone, tablet).

secure removable media
Security of removable media (e.g. USB key).

domain name system (DNS)
Global distributed and hierarchical nomenclature used to identify entities connected to the Internet.
NOTE: Top-level domains are at the top of the hierarchy.
[SOURCE: ISO/TR 14873:2013]

IT
Information technology.

unauthorized use
Use of physical or logical network, system or data without authorization.

In the event that you cannot find a term in this glossary and that you still have questions about the vocabulary used in our conditions, our policies and our mentions, please write to us at centrebeauteoasis@outlook.com and we will be happy to help you. explain the term!

Scroll to Top

Cancellation Policy

ATTENTION ! ATTENTION ! Please note our CANCELLATION POLICY: If you cannot attend your appointment or need to cancel or reschedule it, please notify us at least 24 hours in advance to avoid penalty fees. Failing to provide us with the minimum notice, (except in an emergency case) a fee of 50% for the service(s) requested in hairdressing and/or aesthetics will be billed to you during your next service. It is important to remember (WITHOUT PREJUDICE), when the company accepts that a client makes an appointment, this is a privilege granted to them and not a right that belongs to the clientele. Failure to notify us and/or not show up for your appointment deprives another client of having service in your place. We sincerely thank you for your understanding and cooperation. (819) 525-1760, centrebeauteoasis@outlook.com