White noise

A distribution of a uniform spectrum of random electrical signals so that an intruder cannot decipher real data from random (noise) data due to use of constant bandwidth. White noise is a good security control to prevent electromagnetic radiations (emanations).

White team

A neutral team of employees acting as observers, referees, and judges between a red team of mock attackers (offenders) and a blue team of actual defenders of their enterprise’s use of information systems. The white team establishes rules of engagement (ROE) and performance metrics for security tests. The white team is also responsible for deriving lessons-learned, conducting the post engagement assessment, and communicating results to management. Occasionally, the white team also performs incident response activities and addresses bot attacks on an emergency basis.

Whitelisting

(1) Whitelisting is a method for controlling the installation of software by ensuring that all software is checked against a list approved by the organization, (2) Whitelisting technology only allows known good applications and does not allow any new or unknown exploits to access a system, (3) A list of discrete entities, such as hosts or applications that are known to be benign, and (4) A list of e-mail senders known to be benign, such as a user’s coworkers, friends, and family. Synonymous with whitelists.

Whole disk encryption

The process of encrypting all the data on the hard drive used to boot a computer, including the computer’s operating system, and permitting access to the data only after successful authentication with the full disk encryption product. It is also called full disk encryption (FDE).

Wide-area network (WAN)

(1) A communications network that connects geographically separated areas. It can cover several sites that are geographically distant. A WAN may span different cities or even different continents. (2) A network concept to link business operations and computers used across geographical locations. (3) A data communications network that spans any distance and is usually provided by a public carrier. Users gain access to the two ends of the network circuit and the carrier handles the transmission and other services in between. WANs are switched networks, meaning they use routers.

Wi-FI protected access 2 (WPA2)

WPA2 is an implementation of the IEEE 80211i security standard, and its security is better than that of WEP.

Wiki

A collaborative website where visitors can add, delete, or modify content, including the work of previous authors.

WiMAX

A wireless standard (IEEE 802.16) for making broadband network connections over a medium-sized area such as a city for wireless MANs. WiMAX stands for Worldwide Interoperability for Microwave Access.

Wired Equivalent Privacy (WEP)

A security protocol for wireless local-area networks (WLANs) defined in the 802.11b standard. WEP was intended to provide the same level of security as that of a wired LAN. LANs are inherently more secure than WLANs because LANs have some or the entire network inside a building that can be protected from unauthorized access. WLANs, which are over radio waves, therefore are more vulnerable to tampering. WEP attempted to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one endpoint to another. NOTE: WEP has been broken and does not provide an effective security service against a knowledgeable attacker. Software to break WEP is freely available on the Internet.

Wireless Access Point (WAP)

It is a device that acts as a conduit to connect wireless communication devices together to allow them to communicate and create a wireless network.

Wireless application protocol

A standard for providing cellular telephones, pagers, and other handheld devices with secure access to e-mail and text-based Web pages. It is a standard that defines the way in which Internet communications and other advanced services are provided on wireless mobile devices. It is a suite of network protocols designed to enable different types of wireless devices to access files on an Internet-connected Web server.

Wireless fidelity (Wi-Fi)

Wi-Fi is a term describing a wireless local-area network (WLAN) that observes the IEEE 802.11 family of wireless networking standards.

Wireless intrusion detection and prevention system (WIDPS)

An intrusion detection and prevention system (IDPS) that monitors wireless network traffic and analyzes its wireless networking protocols to identify and stop suspicious activity involving the protocols themselves.

Wireless local-area network (WLAN)

A type of local-area network that uses high-frequency radio waves rather than wires to communicate between nodes. WLAN uses the IEEE 802.11 standard. Specifically, wireless LANs operate with transmission modes such as infrared, spread spectrum schemes, a multichannel frequency division multiplexing (FDM) system, and CSMA/CA. WLAN is a telecommunications network that enables users to make short-range wireless connections to the Internet or another network such as wireless MAN or wireless WAN.

Wireless Markup Language (WML)

A scripting language used to create content in the wireless application protocol (WAP) environment. WML is based on XML minus unnecessary content to increase speed.

Wireless metropolitan-area network (WMAN)

Wireless MANs are broadband systems that use radio to replace the telephone connections. WMAN is a telecommunications network that enables users to make medium-range wireless connections to the Internet or another network such as wireless LAN or wireless WAN. WMAN uses the IEEE 802.16 standard (WiMAX) and quality of service (QoS) is important.

Wireless personal-area networks (WPANs)

They are small-scale wireless networks that require no infrastructure to operate (e.g., Bluetooth). They are typically used by a few devices in a single room to communicate without the need to physically connect devices with cables. WPAN uses the IEEE 802.15 standard.

Wireless Robust Security Network (RSN)

A robust security network (RSN) is defined as a wireless security network that allows the creation of RSN associations (RSNA) only. RSNAs are wireless connections that provide moderate to high levels of assurance against WLAN security threats through the use of a variety of cryptographic techniques. Wireless RSN uses the IEEE 802.11i standard.

Wireless Sensor Network (WSN)

Wireless sensor network (WSN) is a collection of interconnected wireless devices that are embedded into the physical environment to provide measurements of many points over large space. The WSN can be used to establish building security perimeters and to monitor environmental changes (e.g., temperature and power) in a building.

Wireless wide-area network (WWAN)

A telecommunications network that offers wireless coverage over a large geographical area, typically over a cellular phone network.

Wiretapping

(1) The collection of transmitted voice or data and the sending of that data to a listening device. (2) Cutting in on a communications line to get information. Two types of wiretapping exist: active and passive. Active wiretapping is the attaching of an unauthorized device, such as a computer terminal, to a communications circuit for the purpose of obtaining access to data through the generation of false messages or control signals or by altering the communications of legitimate users. Passive wiretapping is the monitoring and/or recording of data transmitted over a communication link.