Operator error A mistake made by a computer user. 392 Power failure A complete loss of power to the computer system. 393 Power spike A sudden increase of power that lasts less than a millionth of a second. 393 Power surge A sudden increase of power that can last several seconds. 393 UPS (uninterruptible power supply) A device that contains a battery to provide a continuous supply of power to a computer system in case of a power failure and contains circuitry to protect a computer from power spikes and surges. 393 MTBF (mean time between failures) A measurement of reliability that is applied to computer components. MTBF is derived by dividing the number of failures in test equipment by the total time they were tested. 394 Power strip A device that provides multiple outlets, but no protection for power surges and spikes. 394 Surge strip A device that protects computer equipment from electrical spikes and surges (also called a surge suppressor or surge protector). 394 Crackers People who break into a computer sys- tem with intent to damage files or steal data. 396 Cyberpunks People who break into computers, especially Internet computers, to steal data, modify files, or plant viruses. 396 Hackers The term "hacker'once meant acomputer hobbyist and has also been used to describe a computer novice. In most contexts today, it means a person who has gained illegal access into a computer system. 396 Computer virus A program designed to attach itself to a file, reproduce, and spread from one file to another, destroying data, displaying an irritating message, or otherwise disrupting computer operations. 397 File virus A computer virus that infects executable files, that is programs with exe filename extensions. 397 Payload The disruptive instructions or message delivered by a computer virus. Payloads can range from just being annoying to destroying data and files on a computer system. 397 Boot sector virus A computer virus that infects the sectors on a disk that contain the data a computer uses during the boot process. The virus spreads every time the infected disk is in the computer when it boots. 398 Macro A small set of instructions that automate a task. Typically, a macro is created by performing the task once and recording the steps. Whenever the macro is played back, the steps are repeated. 398 Macro virus A computer virus that infects the macros that are attached to documents and spreadsheets. 398 Trojan horse A computer program that appears to perform one function while actually doing some- thing else, such as inserting a virus into a computer system or stealing a password. 399 Logic bomb A computer program that is triggered by the appearance or disappearance of specific data (for example, when the word "terminated" appears in an employee's record or when a pass- word begins with the letters "DB"). 400 Time bomb A type of computer program that stays in a computer system undetected until it is triggered at a certain date or time. 400 Y2K bug A time bomb unintentionally created by programmers when they wrote programs that used a two-digit field for the year, with the result that computers will read the digits 00 as 1900 rather than as 2000. 400 Worm A software program designed to enter a computer system, usually a network, through security "holes" and replicate itself. 401 Antivirus software A computer program used to scan a computer's memory and disks to identify, isolate, and eliminate viruses. 403 Checksum A value, calculated by combining all the bytes in a file, that is used by virus detection programs to identify whether any bytes have been altered. 403 Virus signature The unique computer code contained in a virus that helps in its identification. Antivirus software searches for known virus signatures to identify a virus. 403 Data security Techniques that provide protection for data. 406 Risk management The process of weighing threats to computer data against the expendability of that data and the cost of protecting it. 406 Acceptable use policy A set of rules and regulations that specify how a computer system should be used and set the penalties for misuse. 407 End-user procedures A set of formalized steps that a person must follow to perform a computing task. 407 Biometrics Biological measurements, such as fingerprinting, that are used in the context of computers to verify a person's identity. 410 Trap door A way to bypass the normal security precautions and enter a computer system. A trap door is often created during computer installation and testing, but should be removed before the computer is placed into service. 411 User rights Rules that specify the directories and files that an individual user can access. 411 Encryption The process of scrambling or hiding information so that it cannot be understood with- out the key necessary to change it back into its original form. 412 Key In the context of data encryption, a key is the method used to encrypt or decipher information as in which numbers in a code match each letter of the alphabet. 412 Pretty Good Privacy (PGP) A popular public key encryption system. 413 Public key encryption (PKE) An encryption method that uses a pair of keys, a public key (known to everyone) that encrypts the message, and a private key (known only to the recipient) that decrypts it. 413 Digital certificate A security method that identifies the author of an ActiveX control. A computer programmer can "sign" a digital certificate after being approved. 414 Firewall A method for preventing hostile pro- grams, such as Java applets, from entering a net- work, usually by installing firewall software that filters out suspicious packets. 414 Java applet Small programs that add processing and interactive capabilities to Web pages. 414 Sandbox A metaphor for the limited areas and equipment that a Java applet can access on a computer. 414 Cookie A message sent from a Web server to a browser and stored on a user's hard disk, usually containing information about the user. 415 5-HTTP (Secure HTTP) A method of encrypting data transmitted between a computer and a Web server by encrypting individual packets of data as they are transmitted. 415 SSL (Secure Sockets Layer) A security protocol that uses encryption to establish a secure connection between a computer and a Web server. 415 Downtime Time during which a computer system is not functioning. 416 Hardware redundancy Maintaining equipment that duplicates the functions of equipment critical to computing activities. 416 Backup A backup is a duplicate copy of a file, disk, or tape. Also refers to a Windows utility that allows you to create and restore backups. 420 Copy disk A utility program that duplicates the contents of an entire floppy disk. 420 Copy utility A program that copies one or more files. 420 Backup software The software used to specify the folders and files that should be included when making a backup of hard disk data. 421 Full backup A copy of all the files on a disk. 422 Differential backup A copy of all the files that have changed since the last full backup of a disk. 423 Incremental backup A copy of the files that have changed since the last backup. 424