packet - Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model.
packet loss - A technique called Packet Loss Concealment (PLC) is used in VoIP communications to mask the effect of dropped packets.
parity bits - RAID technique, allows recovery of missing drive(s) by pulling data from adjacent drives.
password - A sequence of characters used to prove one\'s identity. It is used during a logon process and should be highly protected.
PAT - (Port Address Translation) - An extension to NAT to translate all addresses to one routable IP address and translate the source port number in the packet to a unique value.
patch - An update/fix for an IT asset.
path coverage - This criteria require sufficient test cases for each feasible path, basis path, etc., from start to exit of a defined program segment, to be executed at least once.
payment card industry data security standard - An information security standard for organizations that are involved in payment card transactions.
PCI DSS - (Payment Card Industry Data Security Standard) - An information security standard for organizations that are involved in payment card transactions.
penetration - A successful attempt at circumventing security controls and gaining access to a system.
penetration testing - A method of evaluating the security of a computer system or network by simulating an attack that a malicious hacker would carry out. This is done so that vulnerabilities and weaknesses can be uncovered.
permissions - The type of authorized interactions that a subject can have with an object. Examples include read, write, execute, add, modify, and delete.
personally identifiable information - Any data about a human being that could be used to identify that person.
personnel security - The procedures that are established to ensure that all personnel who have access to sensitive information have the required authority as well as appropriate clearances. Procedures confirm a person\'s background and provide assurance of necessary trustworthiness.
physical access control system - An automated system that manages the passage of people or assets through an opening(s) in a secure perimeter(s) based on a set of authorization rules.
physical controls - Controls that pertain to controlling individual access into the facility and different departments, locking systems and removing unnecessary floppy or CD-ROM drives, protecting the perimeter of the facility, monitoring for intrusion, and checking environmental controls.
physical security - Controls and procedures put into place to prevent intruders from physically accessing a system or facility. The controls enforce access control and authorized access.
piggyback - Unauthorized access to a system by using another user\'s legitimate credentials.
PII - (Personally Identifiable Information) - Any data about a human being that could be used to identify that person.
ping of death - Exceeds maximum packet size and causes receiving system to fail.
ping scanning - Network mapping technique to detect if host replies to a ping, then the attacker knows that a host exists at that address.
PKI - (Public Key Infrastructure) - A framework of programs, procedures, communication protocols, and public key cryptography that enables a diverse group of individuals to communicate securely.
plaintext - In cryptography, the original readable text before it is encrypted.
playback attack - Capturing data and resending the data at a later time in the hope of tricking the receiving system. This is usually carried out to obtain unauthorized access to specific resources.
point-to-point protocol - Provides a standard method for transporting multiprotocol datagrams over point-to-point links.
policy - Documents published and promulgated by senior management dictating and describing the organization
port addess translation - An extension to NAT to translate all addresses to one routable IP address and translate the source port number in the packet to a unique value.
positive testing - This determines that your application works as expected.
PPP - (Point-to-Point Protocol) - Provides a standard method for transporting multiprotocol datagrams over point-to-point links.
privacy - A security principle that protects an individual\'s information and employs controls to ensure that this information is not disseminated or accessed in an unauthorized manner.
private ports - Ports 49152
procedure - Detailed step-by-step instructions to achieve a certain task, which are used by users, IT staff, operations staff, security members, and others.
protection ring - An architecture that provides hierarchies of privileged operation modes of a system, which gives certain access rights to processes that are authorized to operate in that mode. Supports the integrity and confidentiality requirements of multitasking operating systems and enables the operating system to protect itself from user programs and rogue processes.
protocol - A set of rules and formats that enables the standardized exchange of information between different systems.
pseudo-flaw - An apparent loophole deliberately implanted in an operating system or program as a trap for intruders.
public key encryption - A type of encryption that uses two mathematically related keys to encrypt and decrypt messages. The private key is known only to the owner, and the public key is available to anyone.
public key infrastructure - A framework of programs, procedures, communication protocols, and public key cryptography that enables a diverse group of individuals to communicate securely.
purge - The removal of sensitive data from a system, storage device, or peripheral device with storage capacity at the end of a processing period. This action is performed in such a way that there is assurance proportional to the sensitivity of the data that the data cannot be reconstructed.
purging - The removal of sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique.