...
- Information - knowledge about the world and the processes in it, perceived by a person or a special device.
- Information Security (IS) - the security of the information and of the infrastructure components against influences that may harm the subjects of information relationswhich helps to ensure information confidentiality and integrity.
- Technical company policy - a set of technical solutions necessary to be used by the company's technical systems. The technical policy includes requirements for installation, operation and configuration of the devices. It is necessary to carry out periodical updates of the document and check its proper implementation.
- Threat - potential violation of the information security.
- Attack - attempt to realize a threat. An attack can be either malicious or not.
- Attacker - a person or group of people making an attack.
- Echelon - a subject for attack prevention, implemented as a part of an information security policy.
- Risk - the likelihood of a specific threat.
- Responsibility area - a network segment which has a certain subject responsible for its effective operation. A subject can be either a specific person or an organization.
- Internal network segment - a network segment that is in the responsibility area of our organization.
- External network segment - a network segment that is under the responsibility of a third-party organization or client. Since the external network segment is managed by a third-party organization, the crossing of the internal and the external network segments is a source of threats.
...