Glossary
Active key
A license key that is currently used by the application.
Administration Server
A component of Kaspersky Security Center that centrally stores information about all Kaspersky applications that are installed on the corporate network. It can also be used to manage these applications.
Anti-virus databases
Databases that contain information about computer security threats known to Kaspersky as of when the anti-virus databases are released. Entries in anti-virus databases allow malicious code to be detected in scanned objects. Anti-virus databases are created by Kaspersky specialists and updated hourly.
Archive
One or more file(s) packaged into a single file through compression. A dedicated application, called an archiver, is required for packing and unpacking the data.
Backup
A special storage for backup copies of files, which are created before disinfection or deletion is attempted.
Disinfection
A method of processing infected objects that results in full or partial recovery of data. Not all infected objects can be disinfected.
Event severity
Property of an event encountered during the operation of a Kaspersky application. There are the following severity levels:
- Critical event
- Functional failure
- Warning
- Info
Events of the same type can have different severity levels depending on the situation in which the event occurred.
False positive
A situation when a Kaspersky application considers a non-infected object to be infected because the object's code is similar to that of a virus.
File mask
Representation of a file name using wildcards. The standard wildcards used in file masks are * and ?, where * represents any number of any characters and ? stands for any single character.
Heuristic analyzer
A technology for detecting threats about which information has not yet been added to Kaspersky databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
Infectable file
A file that, due to its structure or format, can be used by criminals as a "container" to store and spread malicious code. As a rule, these are executable files, with such file extensions as .com, .exe, and .dll. The risk of penetration of malicious code into such files is quite high.
Infected object
An object of which a portion of code completely matches part of the code of known malware. Kaspersky does not recommend accessing such objects.
Kaspersky Security Network (KSN)
An infrastructure of cloud services that provides access to the Kaspersky database with constantly updated information about the reputation of files, web resources, and software. Kaspersky Security Network ensures faster responses by Kaspersky applications to threats, improves the performance of some protection components, and reduces the likelihood of false positives.
License term
A time period during which you have access to the application features and rights to use additional services. The services you can use depend on the type of the license.
Local task
A task defined and running on a single client computer.
OLE object
An object attached to another file or embedded into another file through the use of the Object Linking and Embedding (OLE) technology. An example of an OLE object is a Microsoft Office Excel spreadsheet embedded into a Microsoft Office Word document.
Policy
A policy determines an application's settings and manages the ability to configure that application on computers within an administration group. An individual policy must be created for each application. You can create multiple policies for applications installed on computers in each administration group, but only one policy can be applied at a time to each application within an administration group.
Protection status
Current protection status, which reflects the level of computer security.
Quarantine
The folder to which the Kaspersky application moves probably infected objects that have been detected. Objects are stored in Quarantine in encrypted form in order to avoid any impact on the computer.
Real-time protection
The application's operating mode under which objects are scanned for the presence of malicious code in real time.
The application intercepts all attempts to open any object (read, write, or execute) and scans the object for threats. Uninfected objects are passed on to the user; objects containing threats or probably infected objects are processed according to the task settings (disinfected, deleted or quarantined).
Security level
The security level is defined as a pre-configured set of application component settings.
SIEM
A technology that analyzes security events originating from various network devices and applications.
Startup objects
A set of applications needed for the operating system and software that is installed on the computer to start and operate correctly. These objects are executed every time the operating system is started. There are viruses capable of infecting such objects specifically, which may lead, for example, to blocking of operating system startup.
Task
Functions performed by the Kaspersky application are implemented as tasks, such as: Real-time file protection, Full computer scan, and Database update.
Task settings
Application settings that are specific for each task type.
Update
The procedure of replacing / adding new files (databases or application modules) retrieved from the Kaspersky update servers.
Vulnerability
A flaw in an operating system or an application that may be exploited by malware makers to penetrate the operating system or application, and corrupt its integrity. The presence of a large number of vulnerabilities in an operating system makes it unreliable, because viruses that penetrate the operating system may cause disruptions in the operating system itself and in installed applications.
