Glossary

Active key

A key that is currently used by the application.

Additional key

A key that certifies the right to use the application but is not currently being used.

Administration group

A set of devices that share common functions and a set of Kaspersky applications installed on them. Devices are grouped so that they can be managed conveniently as a single unit. A group may include other groups. It is possible to create group policies and group tasks for each installed application in the group.

Administration Server

A component of Kaspersky Security Center that centrally stores information about all Kaspersky applications that are installed within the corporate network. It can also be used to manage these applications.

Anti-virus databases

Databases that contain information about computer security threats known to Kaspersky as of the anti-virus database release date. Anti-virus database signatures help to detect malicious code in scanned objects. Anti-virus databases are created by Kaspersky specialists and updated hourly.

Application modules

Files that are included in the application setup file, which implement the core functionality of the application. A separate executable module corresponds to each type of task performed by the application (Real-time Protection, On-demand Scan, and Update). When starting a full scan of the computer from the main application window, you initiate the module of this task.

Application settings

Application settings that are common to all types of tasks and govern the overall operation of the application, such as application performance settings, report settings, and backup settings.

Archive

One or several files packed into a single compressed file. A specialized application called an archiver is required for packing and unpacking data.

Authentication Agent

An interface for passing the authentication process to access encrypted hard drives and load the operating system after the system hard drive has been encrypted.

Backup

A special storage for backup copies of files that are created before disinfection or deletion is attempted.

Black list of addresses

A list of email addresses from which all incoming messages are blocked by the Kaspersky application, regardless of the message content.

Certificate

Electronic document that contains the private key and information about the key owner and the key scope, and that confirms that the public key belongs to the owner. The certificate must be signed by the certification center that issued it.

Certificate issuer

Certification center that issued the certificate.

Certificate subject

Holder of a private key linked to a certificate. This can be a user, application, any virtual object, computer, or service.

Certificate thumbprint

Information used to identify a certificate key. A thumbprint is created by applying a cryptographic hash function to the value of the key.

Database of malicious web addresses

A list of web addresses whose content may be considered to be dangerous. The list is created by Kaspersky specialists. It is regularly updated and is included in the Kaspersky application distribution kit.

Database of phishing web addresses

A list of web addresses which Kaspersky specialists have determined to be phishing-related. The database is regularly updated and is part of the Kaspersky application distribution kit.

Disinfection

A method of processing infected objects that results in complete or partial recovery of data. Not all infected objects can be disinfected.

Exploits

Program code that uses some kind of vulnerability in the system or software. Exploits are often used to install malware on the computer without the user’s knowledge.

False alarm

A false alarm occurs when the Kaspersky application reports an uninfected file as infected because the signature of the file is similar to that of a virus.

File mask

Representation of a file name and extension by using wildcards.

File masks can contain any characters that are allowed in file names, including wildcards:

Note that the file name and extension are always separated by a period.

Heuristic Analysis

The technology was developed for detecting threats that cannot be detected by using the current version of Kaspersky application databases. It detects files that may be infected with an unknown virus or a new variety of a known virus.

Infectable file

A file which, due to its structure or format, can be used by intruders as a "container" to store and spread malicious code. As a rule, these are executable files, with such file extensions as .com, .exe, and .dll. There is a fairly high risk of intrusion of malicious code in such files.

Infected file

A file which contains malicious code (code of known malware has been detected when scanning the file). Kaspersky does not recommend using such files, because they may infect your computer.

License certificate

A document that Kaspersky transfers to the user together with the key file or activation code. It contains information about the license granted to the user.

Moving files to Quarantine

A method of handling a probably infected file whereby access to the file is blocked and the file is moved from its original location to the Quarantine folder, where it is kept in encrypted form to rule out the threat of infection.

Network Agent

A Kaspersky Security Center component that enables interaction between the Administration Server and Kaspersky applications that are installed on a specific network node (workstation or server). This component is common for all Kaspersky applications running under Windows. Dedicated versions of Network Agent are intended for applications running under other operating systems.

Network Agent Connector

Application functionality that connects the application with the Network Agent. The Network Agent enables remote administration of the application through Kaspersky Security Center.

Network service

Set of parameters that define network activity. For this network activity, you can create a network rule that regulates the operation of Firewall.

Normalized form of the address of a web resource

The normalized form of the address of a web resource is a textual representation of a web resource address that is obtained through normalization. Normalization is a process whereby the textual representation of a web resource address changes according to specific rules (for example, exclusion of the HTTP login, password, and connection port from the text representation of the web resource address; additionally, the web resource address is changed from uppercase to lowercase characters).

In the context of anti-virus protection, the purpose of normalization of web resource addresses is to avoid scanning website addresses, which may differ in syntax while being physically equivalent, more than once.

Example:

Non-normalized form of an address: www.Example.com\.

Normalized form of an address: www.example.com.

 

OLE object

An attached file or a file that is embedded in another file. Kaspersky applications allow scanning OLE objects for viruses. For example, if you insert a Microsoft Office Excel® table into a Microsoft Office Word document, the table is scanned as an OLE object.

Patch

A small addition to the application that fixes bugs discovered during operation of the application, or installs updates.

Phishing

A type of Internet fraud in which email messages are sent with the purpose of stealing confidential data, which is most often financial data.

Portable File Manager

This is an application that provides an interface for working with encrypted files on removable drives when no encryption functionality is available on the computer.

Probably infected file

A file which contains either modified code of a known virus or code that resembles that of a virus, but is not yet known to Kaspersky. Probably infected files are detected by Heuristic Analyzer.

Protection scope

Objects that are constantly being scanned by anti-virus protection when it is running. The protection scopes of different components have different properties.

Quarantine

Kaspersky Endpoint Security places probably infected files in this folder. Quarantined files are stored in encrypted form.

Scan scope

Objects that Kaspersky Endpoint Security scans while performing a scan task.

Signature Analysis

A threat detection technology that uses the Kaspersky Endpoint Security databases, which contain descriptions of known threats and methods for eradicating them. Protection that uses signature analysis provides a minimally acceptable level of security. Following the recommendations of Kaspersky's experts, this method is always enabled.

Task

Functions performed by the Kaspersky application as tasks, for example: Real-time File Protection, Full Device Scan, Database Update.

Task settings

Application settings specific to each type of tasks.

Trusted Platform Module

A microchip developed to provide basic functions related to security (for example, for storing encryption keys). A Trusted Platform Module is usually installed on the computer motherboard and interacts with all other system components via the hardware bus.

Update

The procedure of replacing or adding new files (databases or application modules) that are retrieved from Kaspersky update servers.

Page top