信息安全术语大全中英文对照

Hacker 黑客，最初是指发现网络系统安全漏洞并进行修补的人，而现在多指利用系统安全漏洞对网络进行攻击破坏或窃取资料的人HomePage 主页，通过万维网(Web)进行信息查询的起始信息页HTML Hypertext Markup Language超文本链接语言HTTP Hypertext Transfer Protocol超文本传输协议ICP Internet Content Provider Internet内容提供商ICQ I seek you网上寻呼Internet国际互联网，因特网internet 互联网，泛指由多个计算机网络相互连接而成的一个网络I Phone Internet Phone一种通过Internet进行语音通讯的技术IP电话利用Internet技术传输话音信号的一种电话IRC Internet Relay Chat Internet实时网上交谈系统ISP Internet Service Provider Internet服务提供商MUD Multi-User Dungeon多用户网络游戏NII National InformationInfrastructure国家信息基础结构，俗称信息高速公路POP Post Office Protocol邮局协议Proxy Server 代理服务器，一种代表客户机转送服务请求的服务器，它也可以通过在送出信息内容前对其进行审查，从而在因特网和专用网之间提供防火墙安全性PSP Platform Service Provider平台服务供应商Telnet远程登录UNINET中国联通互联网URL Uniform Resource Locator网站地址VST Virtual Space Teleconferencing虚拟空间会议Web环球网WWW World Wide Web万维网技术标准Big5台湾流行的汉字内码标准CMM Capacity Maturity Model 软件过程能力成熟度模型，一种评测软件开发能力与质量的方法DES Data Encryption Standard数据加密标准GB国家标准汉字内码GMT Greenwich Mean Time格林威治时间IEEE Institution of Electrical andElectronics电气和电子工程师学会（美国）ISO International StandardizationOrganization国际标准化组织ISO 9000一种质量管理标准JPEG Joint Photographic ExpertsGroup联合图象专家组规范，一种图象压缩标准MP3MPEGAudioLayer3一种音乐格式，它能够将CD品质的数字录音压缩成原来的1/12大小，令其容易存储和在网上传输MPEG Motion Picture Experts Group 一种活动图象和声音的压缩标准，其中MPEG1是最常用的，为VCD所采用，MPEG2则为DVD所采用Open System Interconnect 开放系统互连，用于各种型号计算机OSI Reference Model之间通讯的国际标准PCMCIA Personal Computer MemoryCard International Association个人计算机存储卡国际协会PnP Plug and Play即插即用PPP Peer-Peer Protocol端对端协议SMTP Simple Message TransferProtocol用于电子邮件的传输协议TCP/IP Transfer ControlProtocol/Internet Protocol传输控制协议/Internet协议，目前Internet上正使用着的、最流行的网际互联协议WAP Wireless Application Protocol 无线应用协议，使移动电话能访问Internet的协议X.25用于计算机接入分组交换网的标准X.400用于国际电子函件分布系统的标准X.500Internet上一种目录服务标准，用于查询检索信息方面多媒体AOD Audial-On-Demand音频点播CD Compact Disk光盘DAB数字音频广播DVB,DVB-T数字视频广播，地面数字视频广播DVD Digital Video Disk数字化视频光盘LD Laser Disc激光视盘VCD Video Compact Disk视频高密光盘VOD Video-On-Demand视频点播技术应用BOM Bill of Material 物料清单－－指用数据格式来描述产品结构的文件BPI Business ProcessImprovement业务流程改进BPR Business ProcessReengineering企业流程再造CAD Computer Aided Design计算机辅助设计CAE Computer Aided Education计算机辅助教育CAI Computer Aided Instruction计算机辅助教育CAM Computer Aided Management计算机辅助管理CAPP Computer Aided Processplanning计算机工艺辅助设计CAQ computer Aided Quality计算机辅助质量管理CE Concurrent Engineering 并行工程－－是对产品及其相关过程（包括制造过程和支持过程）进行并行、集成设计的一种系统化工作模式CIMS Computer IntegratedManufacture System计算机集成制造系统EAI Enterprise ApplicationIntegrated企业应用集成DSS Decision Support System 决策支持系统－－是围绕着决策行动主体进行的支持管理人员进行非程序性决策的一种信息系统EAM Enterprise Asset Management企业资产管理EMS Electronic MailService/Express Mail Service电子邮件服务/邮政特快专递FMS Flexible Manufacturing System柔性制造系统GIS Geographic Information 地理信息系统SystemGT Group Technology 成组技术－－成组技术的核心原理是把尺寸、形状、工艺相近似的零件组成一个零件组，按零件组制订工艺进行生产制造，这样就扩大了批量，减少了品种，便于采用高效率的生产方法，从而提高了劳动生产率。

100个信息工程专业术语中英文全文共3篇示例，供读者参考篇1Information engineering is a vast field that covers a wide range of knowledge and skills. In this article, we will introduce 100 important terms and concepts in information engineering, both in English and Chinese.1. Artificial Intelligence (AI) - 人工智能2. Machine Learning - 机器学习3. Deep Learning - 深度学习4. Natural Language Processing (NLP) - 自然语言处理5. Computer Vision - 计算机视觉6. Data Mining - 数据挖掘7. Big Data - 大数据8. Internet of Things (IoT) - 物联网9. Cloud Computing - 云计算10. Virtual Reality (VR) - 虚拟现实11. Augmented Reality (AR) - 增强现实12. Cybersecurity - 网络安全13. Cryptography - 密码学14. Blockchain - 区块链15. Information System - 信息系统16. Database Management System (DBMS) - 数据库管理系统17. Relational Database - 关系数据库18. NoSQL - 非关系型数据库19. SQL (Structured Query Language) - 结构化查询语言20. Data Warehouse - 数据仓库21. Data Mart - 数据集市22. Data Lake - 数据湖23. Data Modeling - 数据建模24. Data Cleansing - 数据清洗25. Data Visualization - 数据可视化26. Hadoop - 分布式存储和计算框架27. Spark - 大数据处理框架28. Kafka - 流数据处理平台29. Elasticsearch - 开源搜索引擎30. Cyber-Physical System (CPS) - 嵌入式系统31. System Integration - 系统集成32. Network Architecture - 网络架构33. Network Protocol - 网络协议34. TCP/IP - 传输控制协议/互联网协议35. OSI Model - 开放系统互连参考模型36. Router - 路由器37. Switch - 交换机38. Firewall - 防火墙39. Load Balancer - 负载均衡器40. VPN (Virtual Private Network) - 虚拟专用网络41. SDN (Software-Defined Networking) - 软件定义网络42. CDN (Content Delivery Network) - 内容分发网络43. VoIP (Voice over Internet Protocol) - 互联网语音44. Unified Communications - 统一通信45. Mobile Computing - 移动计算46. Mobile Application Development - 移动应用开发47. Responsive Web Design - 响应式网页设计48. UX/UI Design - 用户体验/用户界面设计49. Agile Development - 敏捷开发50. DevOps - 开发与运维51. Continuous Integration/Continuous Deployment (CI/CD) - 持续集成/持续部署52. Software Testing - 软件测试53. Bug Tracking - 缺陷跟踪54. Version Control - 版本控制55. Git - 分布式版本控制系统56. Agile Project Management - 敏捷项目管理57. Scrum - 敏捷开发框架58. Kanban - 看板管理法59. Waterfall Model - 瀑布模型60. Software Development Life Cycle (SDLC) - 软件开发生命周期61. Requirements Engineering - 需求工程62. Software Architecture - 软件架构63. Software Design Patterns - 软件设计模式64. Object-Oriented Programming (OOP) - 面向对象编程65. Functional Programming - 函数式编程66. Procedural Programming - 过程式编程67. Dynamic Programming - 动态规划68. Static Analysis - 静态分析69. Code Refactoring - 代码重构70. Code Review - 代码审查71. Code Optimization - 代码优化72. Software Development Tools - 软件开发工具73. Integrated Development Environment (IDE) - 集成开发环境74. Version Control System - 版本控制系统75. Bug Tracking System - 缺陷跟踪系统76. Code Repository - 代码仓库77. Build Automation - 构建自动化78. Continuous Integration/Continuous Deployment (CI/CD) - 持续集成/持续部署79. Code Coverage - 代码覆盖率80. Code Review - 代码审查81. Software Development Methodologies - 软件开发方法论82. Waterfall Model - 瀑布模型83. Agile Development - 敏捷开发84. Scrum - 看板管理法85. Kanban - 看板管理法86. Lean Development - 精益开发87. Extreme Programming (XP) - 极限编程88. Test-Driven Development (TDD) - 测试驱动开发89. Behavior-Driven Development (BDD) - 行为驱动开发90. Model-Driven Development (MDD) - 模型驱动开发91. Design Patterns - 设计模式92. Creational Patterns - 创建型模式93. Structural Patterns - 结构型模式94. Behavioral Patterns - 行为型模式95. Software Development Lifecycle (SDLC) - 软件开发生命周期96. Requirement Analysis - 需求分析97. System Design - 系统设计98. Implementation - 实施99. Testing - 测试100. Deployment - 部署These terms are just the tip of the iceberg when it comes to information engineering. As technology continues to advance, new terms and concepts will emerge, shaping the future of this dynamic field. Whether you are a student, a professional, or just someone interested in technology, familiarizing yourself with these terms will help you navigate the complex world of information engineering.篇2100 Information Engineering Professional Terms in English1. Algorithm - a set of instructions for solving a problem or performing a task2. Computer Science - the study of computers and their applications3. Data Structures - the way data is organized in a computer system4. Networking - the practice of linking computers together to share resources5. Cybersecurity - measures taken to protect computer systems from unauthorized access or damage6. Software Engineering - the application of engineering principles to software development7. Artificial Intelligence - the simulation of human intelligence by machines8. Machine Learning - a type of artificial intelligence that enables machines to learn from data9. Big Data - large and complex sets of data that require specialized tools to process10. Internet of Things (IoT) - the network of physical devices connected through the internet11. Cloud Computing - the delivery of computing services over the internet12. Virtual Reality - a computer-generated simulation of a real or imagined environment13. Augmented Reality - the integration of digital information with the user's environment14. Data Mining - the process of discovering patterns in large data sets15. Quantum Computing - the use of quantum-mechanical phenomena to perform computation16. Cryptography - the practice of securing communication by encoding it17. Data Analytics - the process of analyzing data to extract meaningful insights18. Information Retrieval - the process of finding relevant information in a large dataset19. Web Development - the process of creating websites and web applications20. Mobile Development - the process of creating mobile applications21. User Experience (UX) - the overall experience of a user interacting with a product22. User Interface (UI) - the visual and interactive aspects of a product that a user interacts with23. Software Architecture - the design and organization of software components24. Systems Analysis - the process of studying a system's requirements to improve its efficiency25. Computer Graphics - the creation of visual content using computer software26. Embedded Systems - systems designed to perform a specific function within a larger system27. Information Security - measures taken to protect information from unauthorized access28. Database Management - the process of organizing and storing data in a database29. Cloud Security - measures taken to protect data stored in cloud computing environments30. Agile Development - a software development methodology that emphasizes collaboration and adaptability31. DevOps - a set of practices that combine software development and IT operations to improve efficiency32. Continuous Integration - the practice of integrating code changes into a shared repository frequently33. Machine Vision - the use of cameras and computers to process visual information34. Predictive Analytics - the use of data and statistical algorithms to predict future outcomes35. Information Systems - the study of how information is used in organizations36. Data Visualization - the representation of data in visual formats to make it easier to understand37. Edge Computing - the practice of processing data closer to its source rather than in a centralized data center38. Natural Language Processing - the ability of computers to understand and generate human language39. Cyber Physical Systems - systems that integrate physical and computational elements40. Computer Vision - the ability of computers to interpret and understand visual information41. Information Architecture - the structural design of information systems42. Information Technology - the use of computer systems to manage and process information43. Computational Thinking - a problem-solving approach that uses computer science concepts44. Embedded Software - software that controls hardware devices in an embedded system45. Data Engineering - the process of collecting, processing, and analyzing data46. Software Development Life Cycle - the process of developing software from conception to deployment47. Internet Security - measures taken to protectinternet-connected systems from cyber threats48. Application Development - the process of creating software applications for specific platforms49. Network Security - measures taken to protect computer networks from unauthorized access50. Artificial Neural Networks - computational models inspired by the biological brain's neural networks51. Systems Engineering - the discipline that focuses on designing and managing complex systems52. Information Management - the process of collecting, storing, and managing information within an organization53. Sensor Networks - networks of sensors that collect and transmit data for monitoring and control purposes54. Data Leakage - the unauthorized transmission of data to an external source55. Software Testing - the process of evaluating software to ensure it meets requirements and functions correctly56. Internet Protocol (IP) - a set of rules for sending data over a network57. Machine Translation - the automated translation of text from one language to another58. Cryptocurrency - a digital or virtual form of currency that uses cryptography for security59. Software Deployment - the process of making software available for use by end-users60. Computer Forensics - the process of analyzing digital evidence for legal or investigative purposes61. Virtual Private Network (VPN) - a secure connection that allows users to access a private network over a public network62. Internet Service Provider (ISP) - a company that provides access to the internet63. Data Center - a facility that houses computing and networking equipment for processing and storing data64. Network Protocol - a set of rules for communication between devices on a network65. Project Management - the practice of planning, organizing, and overseeing a project to achieve its goals66. Data Privacy - measures taken to protect personal data from unauthorized access or disclosure67. Software License - a legal agreement that governs the use of software68. Information Ethics - the study of ethical issues related to the use of information technology69. Search Engine Optimization (SEO) - the process of optimizing websites to rank higher in search engine results70. Internet of Everything (IoE) - the concept of connecting all physical and digital objects to the internet71. Software as a Service (SaaS) - a software delivery model in which applications are hosted by a provider and accessed over the internet72. Data Warehousing - the process of collecting and storing data from various sources for analysis and reporting73. Cloud Storage - the practice of storing data online in remote servers74. Mobile Security - measures taken to protect mobile devices from security threats75. Web Hosting - the service of providing storage space and access for websites on the internet76. Malware - software designed to harm a computer system or its users77. Information Governance - the process of managing information to meet legal, regulatory, and business requirements78. Enterprise Architecture - the practice of aligning an organization's IT infrastructure with its business goals79. Data Backup - the process of making copies of data to protect against loss or corruption80. Data Encryption - the process of converting data into a code to prevent unauthorized access81. Social Engineering - the manipulation of individuals to disclose confidential information82. Internet of Medical Things (IoMT) - the network of medical devices connected through the internet83. Content Management System (CMS) - software used to create and manage digital content84. Blockchain - a decentralized digital ledger used to record transactions85. Open Source - software that is publicly accessible for modification and distribution86. Network Monitoring - the process of monitoring and managing network performance and security87. Data Governance - the process of managing data to ensure its quality, availability, and security88. Software Patch - a piece of code used to fix a software vulnerability or add new features89. Zero-Day Exploit - a security vulnerability that is exploited before the vendor has a chance to patch it90. Data Migration - the process of moving data from one system to another91. Business Intelligence - the use of data analysis tools to gain insights into business operations92. Secure Socket Layer (SSL) - a protocol that encrypts data transmitted over the internet93. Mobile Device Management (MDM) - the practice of managing and securing mobile devices in an organization94. Dark Web - the part of the internet that is not indexed by search engines and often used for illegal activities95. Knowledge Management - the process of capturing, organizing, and sharing knowledge within an organization96. Data Cleansing - the process of detecting and correcting errors in a dataset97. Software Documentation - written information that describes how software works98. Open Data - data that is freely available for anyone to use and redistribute99. Predictive Maintenance - the use of data analytics to predict when equipment will need maintenance100. Software Licensing - the legal terms and conditions that govern the use and distribution of softwareThis list of 100 Information Engineering Professional Terms in English provides a comprehensive overview of key concepts and technologies in the field of information technology. These terms cover a wide range of topics, including computer science, data analysis, network security, and software development. By familiarizing yourself with these terms, you can better understand and communicate about the complex and rapidly evolving world of information engineering.篇3100 Information Engineering Professional Terms1. Algorithm - 算法2. Artificial Intelligence - 人工智能3. Big Data - 大数据4. Cloud Computing - 云计算5. Cryptography - 密码学6. Data Mining - 数据挖掘7. Database - 数据库8. Deep Learning - 深度学习9. Digital Signal Processing - 数字信号处理10. Internet of Things - 物联网11. Machine Learning - 机器学习12. Network Security - 网络安全13. Object-Oriented Programming - 面向对象编程14. Operating System - 操作系统15. Programming Language - 编程语言16. Software Engineering - 软件工程17. Web Development - 网页开发18. Agile Development - 敏捷开发19. Cybersecurity - 网络安全20. Data Analytics - 数据分析21. Network Protocol - 网络协议22. Artificial Neural Network - 人工神经网络23. Cloud Security - 云安全24. Data Visualization - 数据可视化25. Distributed Computing - 分布式计算26. Information Retrieval - 信息检索27. IoT Security - 物联网安全28. Machine Translation - 机器翻译29. Mobile App Development - 移动应用开发30. Software Architecture - 软件架构31. Data Warehousing - 数据仓库32. Network Architecture - 网络架构33. Robotics - 机器人技术34. Virtual Reality - 虚拟现实35. Web Application - 网页应用36. Biometrics - 生物识别技术37. Computer Graphics - 计算机图形学38. Cyber Attack - 网络攻击39. Data Compression - 数据压缩40. Network Management - 网络管理41. Operating System Security - 操作系统安全42. Real-Time Systems - 实时系统43. Social Media Analytics - 社交媒体分析44. Blockchain Technology - 区块链技术45. Computer Vision - 计算机视觉46. Data Integration - 数据集成47. Game Development - 游戏开发48. IoT Devices - 物联网设备49. Multimedia Systems - 多媒体系统50. Software Quality Assurance - 软件质量保证51. Data Science - 数据科学52. Information Security - 信息安全53. Machine Vision - 机器视觉54. Natural Language Processing - 自然语言处理55. Software Testing - 软件测试56. Chatbot - 聊天机器人57. Computer Networks - 计算机网络58. Cyber Defense - 网络防御60. Image Processing - 图像处理61. IoT Sensors - 物联网传感器62. Neural Network - 神经网络63. Network Traffic Analysis - 网络流量分析64. Software Development Life Cycle - 软件开发周期65. Data Governance - 数据治理66. Information Technology - 信息技术67. Malware Analysis - 恶意软件分析68. Online Privacy - 在线隐私69. Speech Recognition - 语音识别70. Cyber Forensics - 网络取证71. Data Anonymization - 数据匿名化72. IoT Platform - 物联网平台73. Network Infrastructure - 网络基础设施74. Predictive Analytics - 预测分析75. Software Development Tools - 软件开发工具77. Information Security Management - 信息安全管理78. Network Monitoring - 网络监控79. Software Deployment - 软件部署80. Data Encryption - 数据加密81. IoT Gateway - 物联网网关82. Network Topology - 网络拓扑结构83. Quantum Computing - 量子计算84. Software Configuration Management - 软件配置管理85. Data Lakes - 数据湖86. Infrastructure as a Service (IaaS) - 基础设施即服务87. Network Virtualization - 网络虚拟化88. Robotic Process Automation - 机器人流程自动化89. Software as a Service (SaaS) - 软件即服务90. Data Governance - 数据治理91. Information Security Policy - 信息安全政策92. Network Security Risk Assessment - 网络安全风险评估93. Secure Software Development - 安全软件开发94. Internet Security - 互联网安全95. Secure Coding Practices - 安全编码实践96. Secure Network Design - 安全网络设计97. Software Security Testing - 软件安全测试98. IoT Security Standards - 物联网安全标准99. Network Security Monitoring - 网络安全监控100. Vulnerability Management - 漏洞管理These terms cover a wide range of topics within the field of Information Engineering, and are essential in understanding and discussing the various aspects of this discipline. It is important for professionals in this field to be familiar with these terms in order to effectively communicate and collaborate with others in the industry.。

信息技术常用术语中英文对照表1. 计算机网络 Computer Network2. 互联网 Internet3. 局域网 Local Area Network (LAN)4. 带宽 Bandwidth5. 路由器 Router6. 交换机 Switch7. 防火墙 Firewall8. 病毒 Virus9. 木马 Trojan10. 黑客 Hacker11. 中央处理器 Central Processing Unit (CPU)12. 内存 Random Access Memory (RAM)13. 硬盘 Hard Disk Drive (HDD)14. 固态硬盘 Solid State Drive (SSD)15. 显卡 Graphics Card16. 主板 Motherboard17. BIOS Basic Input/Output System18. 操作系统 Operating System19. 应用程序 Application20. 编程语言 Programming Language21. 数据库 Database22. 服务器 Server23. 客户端 Client24. 云计算 Cloud Computing25. 大数据 Big Data27. 机器学习 Machine Learning28. 深度学习 Deep Learning29. 虚拟现实 Virtual Reality (VR)30. 增强现实 Augmented Reality (AR)31. 网络安全 Network Security32. 数据加密 Data Encryption33. 数字签名 Digital Signature34. 身份验证 Authentication35. 访问控制 Access Control36. 数据备份 Data Backup37. 数据恢复 Data Recovery38. 系统升级 System Upgrade39. 系统优化 System Optimization40. 技术支持 Technical Support当然，让我们继续丰富这个信息技术常用术语的中英文对照表：41. 网络协议 Network Protocol42. IP地址 Internet Protocol Address43. 域名系统 Domain Name System (DNS)44. HTTP Hypertext Transfer Protocol45. Hypertext Transfer Protocol Secure46. FTP File Transfer Protocol47. SMTP Simple Mail Transfer Protocol48. POP3 Post Office Protocol 349. IMAP Internet Message Access Protocol50. TCP/IP Transmission Control Protocol/Internet Protocol51. 无线局域网 Wireless Local Area Network (WLAN)52. 蓝牙 Bluetooth53. 无线保真 WiFi (Wireless Fidelity)54. 4G Fourth Generation55. 5G Fifth Generation56. 物联网 Internet of Things (IoT)57. 云服务 Cloud Service58. 网络存储 Network Attached Storage (NAS)59. 分布式文件系统 Distributed File System60. 数据中心 Data Center61. 系统分析 Systems Analysis62. 系统设计 Systems Design63. 软件开发 Software Development64. 系统集成 Systems Integration65. 软件测试 Software Testing66. 质量保证 Quality Assurance67. 项目管理 Project Management68. 技术文档 Technical Documentation69. 用户手册 User Manual70. 知识库 Knowledge Base71. 网络拓扑 Network Topology72. 星型网络 Star Network73. 环形网络 Ring Network74. 总线型网络 Bus Network75. 树形网络 Tree Network76. 点对点网络 PeertoPeer Network77. 宽带接入 Broadband Access78. DSL Digital Subscriber Line79. 光纤到户 Fiber To The Home (FTTH)80. VoIP Voice over Internet Protocol通过这份对照表，希望您能更加轻松地理解和应用信息技术领域的专业术语。

网络安全专业属于对照表（一）A高级持久威胁（APT）一种网络攻击，使用复杂的技术持续对目标政府和公司进行网络间谍活动或其他恶意活动。

通常由具有丰富专业知识和大量资源的对手进行-通常与民族国家参与者相关。

这些攻击往往来自多个入口点，并且可能使用多个攻击媒介（例如，网络攻击，物理攻击，欺骗攻击）。

一旦系统遭到破坏，结束攻击可能非常困难。

警报(Alert)关于已检测到或正在进行信息系统网络安全威胁的通知。

防毒软件(Antivirus)防病毒软件用于监视计算机或网络，以检测从恶意代码到恶意软件的网络安全威胁。

防病毒程序不仅可以警告您威胁的存在，还可以删除或消除恶意代码。

攻击特征(Attack signature)一种特征性或独特性模式，可以帮助将一种攻击与另一种攻击联系起来，从而确定可能的参与者和解决方案。

攻击者(Attacker)威胁的诱因：恶意角色，他们试图更改，破坏，窃取或禁用计算机系统上保存的信息，然后利用其结果。

认证方式(Authentication)验证用户，进程或设备的身份或其他属性的过程。

B行为监控(Behaviour monitoring)观察用户，信息系统和流程的活动。

可用于根据组织政策和规则，正常活动的基准，阈值和趋势来衡量这些活动。

黑名单（Blacklist）实体（用户，设备）被阻止，拒绝特权或访问的列表。

蓝队(Blue team)模拟网络安全攻击中的防御小组。

蓝队在红队攻击时捍卫企业的信息系统。

这些模拟攻击通常是由中立组织怀特（White Team）建立和监控的业务演习的一部分。

机器人(bot)连接到Internet的计算机，该计算机已受到恶意逻辑的破坏，无法在远程管理员的命令和控制下进行活动。

僵尸网络(Botnet)连接到Internet的受感染设备网络过去常常在所有者不知情的情况下进行协调的网络攻击。

违反(Breach)未经授权访问数据，计算机系统或网络。

自携设备办公（BYOD）组织允许员工将其个人设备用于工作目的的策略或政策。

⽹络安全专业术语对照表（⼆）E电⼦战（EW）利⽤⽆线电波或激光等能量破坏或破坏敌⼈的电⼦设备。

⼀个⽰例是频率⼲扰以禁⽤通信设备。

编码(Encode)使⽤代码将纯⽂本转换为密⽂。

加密(Encryption)使⽤密码来保护信息，这使任何没有密钥对其解密的⼈都⽆法读取。

终端（Endpoint）连接到⽹络的具有互联⽹功能的计算机设备的统称-例如，现代智能⼿机，笔记本电脑和平板电脑都是端点。

道德⿊客（Ethical hacking）出于合法⽬的使⽤⿊客技术-即识别和测试⽹络安全漏洞。

在这种情况下，这些⼈员有时被称为“⽩帽⿊客”。

渗出（Exfiltration）未经同意即从系统传输信息。

利⽤（Exploit）利⽤信息系统中的漏洞的⾏为。

也⽤于描述⼀种⽤于破坏⽹络安全性的技术。

漏洞利⽤⼯具（Exploit kit）设计⽤于发现软件应⽤程序中的漏洞并使⽤它们来访问系统或⽹络的计算机程序。

⼀旦他们渗透到系统中，他们将向其提供有害代码。

F防⽕墙（Firewall）⽹络或设备周围的虚拟边界，⽤于保护⽹络或设备免受不必要的访问。

可以是硬件或软件。

GGCHQ政府通讯总部。

该组织利⽤外国情报来帮助打击恐怖主义，⽹络犯罪和⼉童⾊情制品。

通⽤数据保护条例（GDPR）通⽤数据保护条例。

欧洲⽴法旨在通过使个⼈更好地控制其个⼈信息在⽹上的使⽤⽅式来防⽌数据滥⽤。

治理，风险管理与合规（GRC）组织管理的三个⽅⾯旨在确保组织及其⼈员的⾏为规范，有效管理组织，采取适当措施降低风险并保持对内部政策和外部法规的遵守。

H⿊客（Hacker）⿊客基本涵义是指⼀个拥有熟练电脑技术的⼈，但⼤部分的媒体习惯将“⿊客”指作电脑侵⼊者。

散列（Hashing）使⽤数学算法来伪装⼀条数据。

蜜罐（蜜⽹）Honeypot (honeynet)诱骗系统或⽹络，⽤于吸引潜在的攻击者，通过检测攻击或使攻击发⽣偏转来保护实际系统。

⼀个学习攻击⽅式的好⼯具。

多个蜜罐可以组成⼀个蜜⽹。

网络安全专业术语对照表A高级持久威胁（APT）一种网络攻击，使用复杂的技术持续对目标政府和公司进行网络间谍活动或其他恶意活动。

通常由具有丰富专业知识和大量资源的对手进行-通常与民族国家参与者相关。

这些攻击往往来自多个入口点，并且可能使用多个攻击媒介（例如，网络攻击，物理攻击，欺骗攻击）。

一旦系统遭到破坏，结束攻击可能非常困难。

警报(Alert)关于已检测到或正在进行信息系统网络安全威胁的通知。

防毒软件(Antivirus)防病毒软件用于监视计算机或网络，以检测从恶意代码到恶意软件的网络安全威胁。

防病毒程序不仅可以警告您威胁的存在，还可以删除或消除恶意代码。

攻击特征(Attack signature)一种特征性或独特性模式，可以帮助将一种攻击与另一种攻击联系起来，从而确定可能的参与者和解决方案。

攻击者(Attacker)威胁的诱因：恶意角色，他们试图更改，破坏，窃取或禁用计算机系统上保存的信息，然后利用其结果。

认证方式(Authentication)验证用户，进程或设备的身份或其他属性的过程。

B行为监控(Behaviour monitoring)观察用户，信息系统和流程的活动。

可用于根据组织政策和规则，正常活动的基准，阈值和趋势来衡量这些活动。

黑名单（Blacklist）实体（用户，设备）被阻止，拒绝特权或访问的列表。

蓝队(Blue team)模拟网络安全攻击中的防御小组。

蓝队在红队攻击时捍卫企业的信息系统。

这些模拟攻击通常是由中立组织怀特（White Team）建立和监控的业务演习的一部分。

机器人(bot)连接到Internet的计算机，该计算机已受到恶意逻辑的破坏，无法在远程管理员的命令和控制下进行活动。

僵尸网络(Botnet)连接到Internet的受感染设备网络过去常常在所有者不知情的情况下进行协调的网络攻击。

违反(Breach)未经授权访问数据，计算机系统或网络。

自携设备办公（BYOD）组织允许员工将其个人设备用于工作目的的策略或政策。