Glossary Active Directory Microsoft's Active Directory (AD) is a centralized directory framework for the administration of network devices and users, including user identity manage- ment, and authentication services. AD utilizes the Lightweight Directory Access Protocol (LDAP) along with domain and authentication services. Advanced Persistent Threat The Advanced Persistent Threat (APT) refers to a class of cyber threat designed to infiltrate a network, remain persistent through evasion and prop- agation techniques. APTs are typically used to establish and maintain an external com- mand and control channel through which the attacker can continuously exfiltrate data. Anti-Virus Anti-Virus (AV) systems inspect network and/or file content for indications of infection by malware. Signature-based AV works by comparing file contents against a library of defined code signatures; if there is a match the file is typically quarantined to prevent infection, at which point the option to clean the file maybe available. Application Monitor/Application Data Monitor An application content monitoring system which functions much like an Intrusion Detection System, only performing deep inspection of a session rather than of a packet, so that application contents can be examined at all layers of the OSI model, from low level protocols through application documents, attachments, etc. Application Monitoring is useful for examining industrial network protocols for malicious content (malware).