Word of the Day: Tech Definitions from WhatIs.com

April 12, 2017  5:30 PM

ITIL (Information Technology Infrastructure Library)

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
DevOps, ITIL

ITIL (Information Technology Infrastructure Library) is a framework designed to standardize how information technology (IT) services are selected, planned, delivered and supported. Continued…

Quote of the Day

“When you build DevOps on top of ITIL, there’s control, but it moves the ball forward with bite-sized units of work.” – Doug Tedder

Learning Center
It’s ITIL and DevOps, not ITIL or DevOps
With better automation tools and more practical training, IT shops can combine ITIL and DevOps for continuous and controlled change.

Release management best practices for every IT team
Release management best practices start at design — and they don’t stop on the deployment date. Here’s how to keep production safe during code releases.

Real-life change management examples prove it’s harder than it looks
These change management examples illustrate the dangers of change, the importance of communication and the options IT shops have to get it right.

Falling back on bad habits in a DevOps organization
A new DevOps organization faces challenges picking the rights tools and setting boundaries. Make your transition smoother by learning from others’ experiences.

Guide to building a better IT team structure
Is your IT team structure affecting daily operations? Stop thinking about your employees’ worth in dollars and consider how training and DevOps can improve your business.

Trending Terms
infrastructure management
release management
Microsoft Operations Framework

Writing for Business
The Agile Manifesto _______________: Collaboration should be more important than contract negotiation.
a. nailed it
b. hit the nail on the head
c. hit the nose on the head
d. nailed it on the head

April 11, 2017  7:56 PM

Web application firewall (WAF)

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
firewall, PCI DSS, WAF

A Web application firewall (WAF) is a firewall that monitors, filters or blocks data packets as they travel to and from a Web application. Continued…

Quote of the Day

“Although WAFs are most helpful for applications where source code is not available, other applications benefit because WAFs can provide protection during the period between the discovery of a vulnerability and the release of updated source code.” – Karen Scarfone

Learning Center
Stop app attacks with a Web application firewall
App attacks are increasing and web application firewalls are a key to halting them. Learn how to determine which WAF is best for your enterprise.

Business-use scenarios for a Web application firewall deployment
Expert Brad Causey outlines the business cases for deploying Web application firewalls (WAFs) and explains how they protect organizations with applications exposed to the Internet.

How cloud WAF implementations can improve application security
Cloud WAF provides protection for applications hosted off-site or in the cloud. Learn about how providers filter traffic and transfer logs to enterprises.

Four questions to ask before buying a Web application firewall
Expert Brad Causey outlines the important questions enterprises need to ask when buying Web application firewalls to make sure they are procuring the right WAF for their business needs.

What are the compliance requirements for Web application firewalls?
Why organizations are opting for Web application firewalls and how to keep them up to date with compliance mandates for maximum security protection.

Trending Terms
cross-site scripting
zero-day exploit
AWS Web Application Firewall
next-generation firewall

Writing for Business
A Web application firewall (WAF) is able to detect and _____ new unknown attacks by watching for unfamiliar patterns in the traffic data.
A. avoid
B. prevent

April 10, 2017  9:00 PM

non-disclosure agreement (NDA)

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
Intellectual property, NCA, NDA

A non-disclosure agreement (NDA), also known as a confidentiality agreement, is a legally binding contract in which one party agrees to give a second party confidential information about its business or products and the second party agrees not to share this information with anyone else for a specified period of time. Continued…

Quote of the Day

“Having an NDA in place early in the process protects both parties, and may encourage vendors to share information on future product development plans.” – Al Berg

Learning Center
Data center security concerns with contractors: Advisory Board Q&A
Background checks and supervision of outside contractors can help preserve physical data center security.

Becoming jaded with Security BSides’ Jack Daniel
The financial success of the security industry has created ‘breach’ ambulance chasers. Marcus Ranum chats with Security BSides’ cofounder Jack Daniel about a return to grassroots.

Business legal advice for solution providers: Managing crises and contracts
At ConnectWise IT Nation 2013, attorney Bradley Gross provides business legal advice for solution providers, addressing the most common problems they’re likely to run into.

With data breach costs soaring, companies should review data sharing policies
Companies are sharing intellectual property in increasing numbers, but many organizations fail to monitor and enforce their policies, according to a recent survey.

Breaches reignite intellectual property protection
Even with DLP controls in place, intellectual property theft remains the elephant in the room for companies, dwarfing revenues lost by PII and other data security incidents.

Trending Terms
golden handcuffs
non-compete agreement
intellectual property
industrial espionage
insider threat
sensitive information

Writing for Business
A security policy should stipulate requirements for each department to _______ that confidential information and technologies are not compromised.
a. insure
b. ensure

April 7, 2017  9:22 PM

Session Initiation Protocol (SIP)

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
SIP, SIP trunking, Unified Communications, VoIP

Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, modifying and terminating real-time sessions that involve video, voice, messaging and other communications applications and services between two or more endpoints on IP networks. Continued…

Quote of the Day

“Because of SIP’s flexibility and extensibility, it quickly gained momentum among early vendors of IP telephony systems — particularly those offering platforms for hosted telephony services.” – Irwin Lazar

Learning Center
H.323 vs. SIP: What’s the difference?
Look at the differences of H.323 vs. SIP in this comparison of two primary VoIP and multimedia IP standards.

Update session border controllers routinely for secure SIP trunking
Session border controllers play an important role to secure SIP trunking deployments, but they need constant updates to remain effective.

Avoid these four SIP deployment pitfalls
Learn the four pitfalls organizations must avoid for a successful SIP deployment, from hidden fees to improper firewall configuration.

Test your SIP trunking service IQ
This quiz tests your knowledge of SIP trunking services, from the benefits to security to choosing a provider. Take our quiz to see how well you know SIP trunking.

What are the cost benefits of SIP trunking?
Gartner analyst Sorell Slaymaker discusses the cost benefits of SIP trunking and what enterprises can do to maximize their cost savings during negotiations with a provider.

Trending Terms
Internet Engineering Task Force
SIP trunking
Real-Time Transport Protocol
unified communications

Writing for Business
As the prevalence of VoIP increases, so ____ the number of attempts to exploit it.
a. do
b. does

April 6, 2017  6:43 PM

graph database

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
Graph database, NoSQL database

A graph database, also called a graph-oriented database, is a type of NoSQL database that uses graph theory to store, map and query relationships. Continued…

Quote of the Day

“The fraud investigation process remains complicated for companies, but graph databases’ information management techniques can help collect and manage valuable evidentiary data.” – David Loshin

Learning Center
Graph databases could prove invaluable to fraud investigation process
The fraud investigation process is complicated, but the data management techniques used by graph databases could help govern evidential information.

Graph technology the beating heart of new data management tools
Graph technology is now appearing in many data applications. At Informatica World, it underlay a host of systems, including a new metadata catalog.

Semantic graph database underpins healthcare data lake
Underpinning a data lake for healthcare providers is a semantic graph database that enables predictive analytics using data from multiple sources.

Graph data model cements tight relationships between data elements
Graph databases offer more flexibility and better usability than relational database management systems. Learn more about the benefits of a graph data model.

Why Facebook and the NSA love graph databases
Graph databases help us understand important relationships between data points rather than compartmentalizing them. See how IT teams are implementing this approach for businesses.

Trending Terms
graph theory
social graph
data mining
six degrees of separation

Writing for Business
Some people join social networking sites but don’t ________ them often.
a. frequent
b. visit

April 5, 2017  7:58 PM


Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
Firmware, Hardware

Firmware is programming that’s written to the non-volatile memory of a hardware device. Continued…

Quote of the Day

“With firmware maintenance being considered an operations function rather than a security concern, the chance for exploited vulnerabilities persists.” – Christos Dimitriadis

Learning Center
How did firmware create an Android backdoor in budget devices?
An Android backdoor in Ragentek firmware used in millions of budget devices could lead to man-in-the-middle attacks. Find out how the vulnerability works.

Fast pace of IoT firmware updates challenges developers
Frequent IoT firmware updates are a new reality for developers who must also now collaborate with mobile and back-end app developers.

How to remove malware on Android devices that reinstalls itself
Expert Nick Lewis explains how to permanently Android devices from the threat of malware that removes and reinstalls itself when a device powers on or off.

Most businesses vulnerable to cyber attacks through firmware, study shows
Company culture and overall attitude to security is a major contribution to vulnerability to cyber-attack through firmware, a study by Isaca has revealed.

Hardware security issues prove tough to find, harder to fix
Hardware security flaws are emerging left and right, yet mitigating the threat is proving to be quite the information security challenge.

Trending Terms
read-only memory
embedded firmware
zero-day vulnerability
Unified Extensible Firmware Interface
over-the-air update

Writing for Business
The latest version of the server has a hypervisor _________ is embedded within the core system firmware.
a. which
b. that

April 4, 2017  3:59 PM

cloud bursting

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert

Cloud bursting is an application deployment model in which an application normally runs in a private cloud or local data center but can also run in a public cloud when the demand for computing capacity spikes. Continued…

Quote of the Day

“Real-world data changes, and file duplication requires data synchronization before cloud bursting can start.” – Jim O’Reilly

Learning Center
Built to burst: Which apps work well in a cloud bursting architecture?
A cloud bursting architecture comes in handy when there is a sudden increase in demand. Still, not every application is built to burst.

The cloud bursting bubble: Still no easy solution to compute spikes
Cloud bursting — the process of bursting in-house workloads to a public cloud — has been an unreachable ideal for all but the largest organizations.

Optimize your cloud bursting architecture through data duplication
A cloud bursting architecture allows you to use public cloud for additional capacity. Optimize performance with data duplication and sharding.

Is a cloud bursting architecture difficult to implement?
While a cloud bursting architecture can offer big benefits to an enterprise, it can also introduce challenges around latency, data and cost.

A cloud bursting architecture is a jump too far for many businesses
There’s understandable intrigue in cloud bursting architecture, but many businesses are not compatible with the technology.

Trending Terms
hybrid cloud
private cloud
public cloud
data deduplication

Writing for Business
In a hybrid cloud, sensitive data and computing resources may be maintained in two _________ environments.
a. separate
b. seperate

April 3, 2017  2:10 AM

Chief Security Officer (CSO)

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
CISO, CSO, Physical security

A Chief Security Officer (CSO) is the employee responsible for the physical security of a company, including its communication and business systems. Continued…

Quote of the Day

“If an organization ignores the physical layer of its network for the security assessment, it will face some challenges that could be easily avoided.” – Ernie Hayden

Learning Center
Why physical network security is a necessity for enterprises
Physical network security is easy to overlook, but it’s critical for the safety of organizations. Expert Ernie Hayden explains why.

Aflac CISO Tim Callahan on global security, risk management
With today’s cyberthreats, the Aflac CISO says security officers have to know more about intelligence and working with government and private industry.

An IT security strategy guide for CIOs
The only thing that separates your organization from the dangerous cyberthreat landscape is an effective IT security strategy. In this Essential Guide, get best practices for combating cyberthreats and crafting your IT security roadmap.

Identifying the warning signs of network intrusions
The signs of network intrusions are difficult to determine, but here’s some expert advice on how to recognize the warning signs.

Data center physical security gets a tougher look
Data center physical security is increasingly a topic that is getting a closer look, with tough questions, from organizations seeking colocation space.

Trending Terms
disaster recovery plan
information security
intrusion detection
physical security

Writing for Business
The number of security holes found during the penetration test left _________ shaken.
a. the CSO and me
b. the CSO and I
c. the CSO and myself

March 31, 2017  5:39 PM

data integrity

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
Blockchain, Data integrity, Data Management

In data management, integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so. Integrity involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle. Continued…

Quote of the Day

“The interesting thing from a data management perspective is that blockchain provides a complete, immutable, historical record that everyone in the network agrees with.” – Stewart Bond

Learning Center
Blockchain data disruption growing, IDC analyst says
IDC’s Stewart Bond discusses the potential impact of blockchain data architectures. It’s early, but the technology could someday change data governance.

How data governance software helps ensure the integrity of your data
Data governance software, one facet of a data governance program, helps organizations manage and ensure the integrity of their growing volumes of data.

Blockchain startups signal new approaches to data integrity
The Bitcoin phenomenon is fueling widespread development. The blockchain mechanisms that secure the Bitcoin network hold promise for security applications, says Robert Richardson.

Predictive analytics tools hinge on good data, business expertise
Predictive analytics tools won’t take you very far unless you have the right data — and the right people — involved from the get-go.

Blockchain: An answer to governmental hacking concerns
In a world of evolving cyberthreats, how can governments protect data? Enter blockchain, a growing presence as we move further into the IoT age.

Trending Terms
confidentiality, integrity and availability
database management system
data governance

Writing for Business
Data management is a broad area of study that ___________ many more specialized fields.
a. comprises
b. is comprised of

March 29, 2017  3:53 PM

certificate authority (CA)

Kaitlin Herbert Kaitlin Herbert Profile: Kaitlin Herbert
Certificate authority, Digital certificates

A certificate authority (CA) is a trusted entity that issues electronic documents that verify a digital entity’s identity on the Internet. Continued…

Quote of the Day

“Organizations that choose to operate their own certificate authority need to put in place physical as well as logical security controls to ensure the security and integrity of their root signing keys and certificates.” – Michael Cobb

Learning Center
Google considers options on Symantec certificate authority ‘failures’
Symantec certificate authority offers excuses in an attempt to fend off consequences for CA improprieties set to be imposed by Google’s Chromium team.

Google creates its own root certificate authority
Google launched its own root certificate authority but it is unclear if it will issue certificates only for Alphabet companies or third parties as well.

Trusted? Certificate authority risks and how to manage them
Can that CA be trusted? Certificate authority risks are many, but since there’s no avoiding SSL and TLS, at least for now. Here’s how to increase CA security.

IT pros don’t get cybersecurity risks around certificate authorities
Venafi believes a Black Hat survey that shows low understanding of certificate authorities could mean cybersecurity risks in the future.

Will Certificate Transparency solve certificate authority trust issues?
Issues involving certificate authority trust and certificate abuse are nothing new. Learn how Google’s Certificate Transparency proposal aims to detect and address these problems.

Trending Terms
digital certificate
virtual private network
man-in-the-middle attack
registration authority

Writing for Business
Ideally, digital certificates are ________ compatible with older browsers and operating systems, a concept known as ubiquity.
A. backwards
B. backward

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: