false positive – when a security defense mechanism incorrectly identifies a block of data or object as a threat when it is in fact an intended and legitimate item.
file transfer protocol (FTP) – the standard method used to send and receive packages of information (files). SFTP or secure file transfer protocol is the secure variation of this, used to send and receive data through an encrypted connection. Even if data is sent through an encrypted connection, it will not itself be automatically encrypted.
FIM – File integrity monitoring (FIM) is an internal control or process that performs the act of validating the integrity of operating system and application software files using a verification method between the current file state and the known, good baseline
fingerprinting – see digital fingerprinting.
firewall – is hardware (physical device) or software (computer program) used to monitor and protect inbound and outbound data (electronic information). It achieves this by applying a set of rules. These physical devices or computer programs are usually deployed, at a minimum, at the perimeter of each network access point. Software firewalls can also be deployed on devices to add further security. The rules applied within a firewall are known as the firewall policy.
firewall policy – the rules applied within either a physical hardware device (a hardware firewall) or software program (a software firewall) to allow or block specific types of inbound and outbound data traffic at the perimeter of a network or digital device.
Forensics – The means of gathering digital information to be used as evidence in a legal procedure. Digital forensics focuses on gathering, preserving and analyzing the fragile and volatile data from a computer system and/or network. Computer data that is relevant to a security breach and/or criminal action is often intermixed with standard benign data from business functions and personal activities. Thus, digital forensics can be challenging to properly collect relevant evidence while complying with the rules of evidence in order to ensure that such collected evidence is admissible in court.