Intrusion Prevention System (IPS) - A solution that monitors the environment and automatically takes action when it recognizes malicious attempts to gain unauthorized access.
Intrusion detection system (IDS) – A solution that monitors the environment and automatically recognizes malicious attempts to gain unauthorized access.
Least privilege – The practice of only granting a user the minimal permissions necessary to perform their explicit job function.
Uninterruptible power supplies (UPS) – Batteries that provide temporary, immediate power during times when utility service is interrupted.
Striping – RAID technique; writing a data set across multiple drives
Parity bits – RAID technique; logical mechanism used to mark striped data; allows recovery of missing drive(s) by pulling data from adjacent drives.
Need-to-know – Primarily associated with organizations that assign clearance levels to all users and classification levels to all assets; restricts users with the same clearance level from sharing information unless they are working on the same effort. Entails compartmentalization.
Configuration management (CM) – A formal, methodical, comprehensive process for establishing a baseline of the IT environment (and each of the assets within that environment).
Change management – A formal, methodical, comprehensive process for requesting, reviewing, and approving changes to the baseline of the IT environment.
Job rotation – The practice of having personnel become familiar with multiple positions within the organization as a means to reduce single points of failure and to better detect insider threats.
Media – Any object that contains data.
Separation of duties – The practice of ensuring that no organizational process can be completed by a single person; forces collusion as a means to reduce insider threats.
Patch – An update/fix for an IT asset.