A term widely used by hackers to denote illegally copied and distributed commercial software from which all copy protection has been removed. Warez often contains viruses, Trojan horses, and other malicious code, and thus is very risky to download and use (legal issues notwithstanding).

Warm-site

An environmentally conditioned workspace that is partially equipped with IT information systems and telecommunications equipment to support relocated IT operations in the event of a significant disruption.

Warm start

A restart that allows reuse of previously initialized input and output work queues. It is synonymous with system restart, initial program load, and quick start.

Waterfall model

A traditional system development model, which takes a linear and sequential view of developing an application system. This model will not bring the operational viewpoint to the requirements phase until the system is completely implemented.

Watermarking

A type of marking that embeds copyright information about the copyright owner.

Wavelength division multiple access (WDMA) protocol

The WDMA protocol is an example of medium/media access control (MAC) sublayer protocol that contains two channels for each station. A narrow channel is provided as a control channel to signal the station, and a wide channel is provided so that the station can output data frames.

Weakly bound credentials

Weakly bound credentials (e.g., unencrypted password files) require additional integrity protection or access controls to ensure that unauthorized parties cannot spoof and/or tamper with the binding of the identity to the token representation within the credential.

Weakness

A piece of code that may lead to vulnerability.

Weakness suppression system

A feature that permits the user to a flag a line of code not to be reported by the tool in subsequent scans.

Web 2.0

The second-generation of Internet-based services that let people collaborate and create information online in new ways, such as social networking sites, wikis, and communication tools.

Web administrator

The Web equivalent of a system administrator. Web administrators are system architects responsible for the overall design, implementation, and maintenance of a Web server. They may or may not be responsible for Web content, which is traditionally the purview of the Webmaster.

Web-based threats

Examples include security assertions markup language (SAML) threats and extensible markup language (XML) threats. Examples of SAML threats include assertion manufacture, modification, disclosure, repudiation, redirect, reuse, and substitution. Examples of XML threats include dictionary attacks, DoS attacks, SQL command injection attacks, confidentiality and integrity attacks, and XML injection attacks.

Web browser

Client software used to view Web content, which includes the graphical user interface (GUI), MIME helper applications, language and byte code Java interpreters, and other similar program components.

Web browser plug-in

A mechanism for displaying or executing certain types of content through a Web browser.

Web bug

(1) A tiny image, invisible to a user, placed on Web pages in such a way to enable third parties to track use of Web servers and collect information about the user, including IP address, host name, browser type and version, operating system name and version, and Web browser cookies. (2) It is a tiny graphic on a website that is referenced within the hypertext markup language (HTML) content of a Web page or e-mail to collect information about the user viewing the HTML content.

Web content filtering software

A program that prevents access to undesirable websites, typically by comparing a requested website address to a list of known bad websites with the help of blacklists.

Web documents

Forms and interactive Web pages are created using hypertext markup language (HTML). XML can replace HTML.

Webmaster

A person responsible for the implementation of a website. Webmasters must be proficient in hypertext markup language (HTML) and one or more scripting and interface languages, such as JavaScript and Perl. They may or may not be responsible for the underlying server, which is traditionally the responsibility of the Web server administrator.

Web mining

Data mining techniques for discovering and extracting information from Web documents. Web mining explores both Web content and Web usage.

Web-oriented architecture (WOA)

A set of Web protocols (e.g., HTTP and plain XML) to provide dynamic, scalable, and interoperable Web services.

Web portal

Provides a single point of entry into the service-oriented architecture (SOA) for requester entities, enabling them to access Web services transparently from any device at virtually any location.

Web server

A computer that provides World Wide Web (WWW) services on the Internet. It includes the hardware, operating system, Web server software, transmission control protocol/Internet protocol (TCP/IP), and the website content (Web pages). If the Web server is used internally and not by the public, it may be known as an “intranet server.”

Web server administrator

The Web server equivalent of a system administrator. Web server administrators are system architects responsible for the overall design, implementation, and maintenance of Web servers. They may or may not be responsible for Web content, which is traditionally the responsibility of the Webmaster.

Web service

A software component or system designed to support interoperable machine or application-oriented interaction over a network. A Web service has an interface described in a machine-processable format (specifically services description language WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP messages, typically conveyed using HTTP with an XML serialization in conjunction with other Web-related standards.

Web service interoperability (WS-I) basic profile

A set of standards and clarifications to standards that vendors must follow for basic interoperability with SOAP products.

Web services description language (WSDL)

An XML format for describing network services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information. WSDL complements the universal description, discovery, and integration (UDDI) standard by providing a uniform way of describing the abstract interface and protocol bindings and deployment details of arbitrary network services.

Web services security (WS-Security)

A mechanism for incorporating security information into SOAP messages. WS-Security uses binary tokens for authentication, digital signatures for integrity, and content-level encryption for confidentiality.

White box testing

A test methodology that assumes explicit and substantial knowledge of the internal structure and implementation detail of the assessment object. It focuses on the internal behavior of a system (program structure and logic) and uses the code itself to generate test cases. The degree of coverage is used as a measure of the completeness of the test cases and test effort. White box testing is performed at individual components level, such as program or module, but not at the entire system level. It is also known as detailed testing or logic testing, and should be combined with black box testing for maximum benefit because neither one by itself does a thorough testing job. White box testing is structural analysis of a system. Comprehensive testing is also known as white box testing.