Glossary

 < Day Day Up > 



access control

To limit the use of an object or subject that has been authorized. Methods placed to limit the access to resources from unauthorized users or programs.

API (Application Program Interface)

A set of uniform routines or rules that allow programmers and developers to write applications that can be used to interact with various operating system platforms. APIs define system calls for service.

ARP (Address Resolution Protocol)

A TCP/IP protocol used to determine the hardware MAC address for a network interface card.

asymmetric algorithm

An encryption process that uses a pair of keys to securely encrypt and decrypt messages so that they arrive to an intended receiver safely.

authentication

A method used to verify the identity of a user or subject to a system. Authentication is typically a prerequisite for access to a system resource.

authorization

Permission granted to a subject to access or utilize a particular object such as a file or folder.

back door

A hidden entry point to a program or system usually created by the application or system manufacturer. Back doors provide access to a system that typically exploited by unauthorized attackers.

bastion host

A system that has been protected or hardened in preparation for an expected attack. A bastion host is used to protect an internal network from external attacks.

BIOS (Basic Input/Output System)

The BIOS is software built into a ROM BIOS or flash BIOS chip that is used to control hardware devices such as hard drives, keyboards, monitors, and other low-level devices before a computer system boots into an operating system.

BNC (Bayonet Nut Connector, Bayonet Neil-Concelman, or British Naval Connector)

A connector used to connect a computer to a coaxial cable in a 10base2 Ethernet network.

BPS (bits per second)

A standard measurement of the speed at which data is transmitted. For example, a 56K modem has the ability to transmit at a rate of 56,000 bits per second.

brute force

A program that tries to all possible characters and phrase combinations in order to gain a password or PIN that can be used to illegally authenticate.

CD (compact disk)

A round metallic disk that stores information such as text, video, and audio in digital format.

CD-R (compact disk-recordable)

A type of compact disk that can be written or recorded to once but read many times.

CERT

The CERT (Computer Emergency Response Team) was established at Carnegie-Mellon University. Its goal is to provide useful information that can assist with current and future security problems and threats.

CHAP (Challenge Handshake Authentication Protocol)

Authentication method where a server system sends a client system a randomly selected value and ID. CHAP uses a one-way hash value that is typically created using MD5. CHAP is mush more secure that PAP.

clustering

The grouping of individual systems together allowing them to act as one large system. Clustering allows multiple servers the ability to access single disk arrays that contains applications and services.

confidentiality

Making sure that only authorized individuals or systems have access to data.

cracker

One who breaks into a secured system with malicious intent. Crackers most commonly use brute force and dictionary attack methods as tools to figure out passwords.

CSMA/CD (Carrier Sense Multiple Access/Collision Detection)

A contention-based protocol used to detect collisions of packets in Ethernet networks. If a collision occurs the information is re-transmitted.

decrypt

To convert enciphered text to into plain text.

DES (Data Encryption Standard)

A 56-bit symmetric-key encryption method.

DHCP (Dynamic Host Configuration Protocol)

A protocol used to assign IP addresses dynamically to computer systems in a TCP/IP network. DCHP eases administrative overhead by reducing the need to assign individual static IP addresses.

DHTML (Dynamic Hypertext Markup Language)

A new form of HTML programming code that allows developers to create more interactive/responsive Web pages for users.

digital signature

An electronic version of a signature used to authenticate and identify the sender of information. Primarily used for identification purposes and the prevention of forgery.

DNS (Domain Name System)

An Internet service that translates fully qualified domain names to computer IP addresses.

DNS spoofing

Pretending to be a valid DNS server by stealing its domain name or compromising the target DNS server name cache.

DoS (Denial of Service)

The loss of resources that are normally available. Malicious attack programs typically aim to deny access to these resources for normal users.

DOS (Disk Operating System)

A 16-bit operating system developed by Microsoft that does not support true multitasking capabilities.

DSL (Digital Subscriber Line)

A popular high-speed technology that uses phone lines for Internet connectivity. The two most widely used forms of DSL are ADSL (asynchronous) and SDSL (synchronous).

due care

Acting responsibly and in good faith. Acting in the best interest of one’s company or enterprise.

encryption

The process of changing or concealing data or programs so that they cannot be viewed in plain text. This is usually accomplished through the use of an algorithmic program.

firewall

Software or hardware, or a combination of both, designed to prevent access to internal networks and resources from outside sources. A firewall is usually installed on a server that acts as gateway or router. A firewall looks at data packets and screens them for validity.

FTP (File Transfer Protocol)

A transfer protocol primarily used on the Internet to transfer files from one location to another.

fault tolerance

The ability of a program or system to remain functional in the event of a hardware or software failure. There are various levels of fault tolerance that offer different levels of protection. The most common are RAID (Redundant Array of Independent disks) levels 1, 3, and 5.

GB (gigabyte)

A measurement of computer system data storage data storage space. One GB is equal to 1,024 megabytes or approximately 1 million kilobytes.

hacker

An expert computer-programming enthusiast who has the knowledge and capabilities to gain unauthorized access to secured computer systems and programs.

hash

A value that is that is generated from a string of characters or text. It is very unlikely that a duplicate hash value will ever be produced from various strings of text. Hashing is the changing or transforming of a set of characters into a shorter set or value of numbers. A hashing algorithm known as a hash function is used to disorganize values to make them more difficult to figure out. Hashing is often used with the encryption and decryption of digital signatures.

HTML (HyperText Markup Language)

A programming language that is used to create pages or hypertext documents on the World Wide Web. HTML is a scripting language that uses tags to define the way Web pages are displayed.

HTTP (HyperText Transfer Protocol)

A fast Internet application protocol used for transferring data.

IEEE (Institute of Electronic and Electrical Engineers)

The world’s leading international standards organization that’s primary purpose is the development of Information Technology (IT) standards and the welfare of its members.

IETF (International Engineering Task Force)

An important Internet body or society that provides standards and Internet protocols. These standards are known as RFCs (Requests For Comments). RFCs can become documented procedures or actual standards.

intrusion detection

A security management system used to identify security weaknesses and breaches that are internal or external to a network. This type of system should gather, analyze and assess security information that relates to vulnerabilities that are dangerous to normal operations.

IP (Internet Protocol)

A TCP/IP protocol used primarily to allow computers to be connected in a local area network or to the Internet.

IPX/SPX (Internetwork Packet Exchange/Sequence Packet Exchange)

A Novell networking protocol suite used primarily with Novell Netware.

ISDN (Integrated Services Digital Network)

A digital communications standard that allows data and voice to be used on the same phone line connection. ISDN provides support for up to 128kbps transfer rates and is intended to replace traditional analog technology.

ISP (Internet service provider)

A company whose primary business is to provide access to the Internet for other companies and individuals.

Kbps (kilobits per second)

A measurement of data transfer rate. One kbps is equivalent to 1,000 bits per second.

KB (kilobyte)

1,024 bytes.

LAN (local area network)

A network of computers that are typically connected together in a central location such a building. In a LAN, computers are connected together by wires or other media and share common resources such as printers, files, and modems.

logging

The process or actions implemented to store information that is obtained from networked workstations, servers, or firewalls.

MAPI (Messaging Application Programming Interface)

A Microsoft application-programming interface that provides the ability to send e-mail and attachments from within programs such as Word, Excel, PowerPoint, and Access.

MB (megabyte)

1,024 kilobytes or 1,048,576 bytes.

modem (modulator demodulator)

A communications device used to convert signals so they can be transmitted over conventional telephone lines. A modem converts incoming analog signals to digital format and outgoing digital signals to analog format.

NIC (network interface card)

An electronic circuit board that attaches a computer to a network. A NIC is installed inside a computer connects to a wire that typically leads to a networked hub, router, or bridge.

NTFS (NT File System)

A Windows NT hard drive file system that offers file and object level security features, file compression, encryption, and Long file Name support. A new version of the NTFS file system called NTFS5 is offered with the Windows 2000 operating system.

OLE (object linking and embedding)

A specification created by Microsoft that allows objects that are created in one program or application to be embedded or linked to another applications. With OLE, if a change is made to an application, the change is also made to the second application.

OSI (Open Systems Interconnection)

The OSI reference model is a networking model developed to provide network designers and developers with a model that describes how network communication takes place.

OTP (One Time Password)

A password that is used only once. This password cannot be stolen or used multiple times. It is considered secure and assists against password stealing programs.

PDA (personal data assistant)

A small handheld mobile computing device that provides functions similar to a desktop or laptop computer. Most PDAs today use a Pen/Stylus in place of a keyboard to input data.

policy

A company or organizations set of rules that provide guidelines that describe proper use of company assets, security rules, and company procedures.

private key

One part of a two-part cryptographic key, used to exchange private or secret messages between privy parties by encrypting or decrypting such message. Can be used to produce a Digital Signature.

proxy

Allows revisited pages in a Web browser to load more quickly by storing them locally in a cache, rather than retrieving them again directly from the Internet: similar to cache, but at a much grander scale. Also, serves as a middleman between the requesting end user and Internet while allowing administrative control, security, and caching services to the company/corporation.

public key

One part of a two-part cryptographic key that can be used to verify the owner’s Digital Signature and are embedded in Digital Certificates.

RAID (Redundant Array of Inexpensive Disks)

Using multiple hard disks to provide data redundancy. RAID spreads data across several hard drives to provide fault tolerance incase of a disk crash. There are several levels of RAID. The most common are levels 0, 1, and 5.

RSA

A cryptosystem developed in 1977 used to create public and private keys using an algorithm consisting of two large prime numbers.

SAM (Security Accounts Manager)

A built-in Windows NT/2000 component that is used to manage the security of user accounts.

SAT (Security Access Token)

A security token that is used to allow users access to resources in a Windows environment. A token carries access rights that are associated with a users account.

SID (Security Identifier)

A unique security number that is associated with used users, groups and accounts in Windows NT or 2000 network. Access to processes that run in Windows NT/2000 require this unique SID and a token.

smart card

A small plastic card, similar in size to a credit card, used to store information via a microchip. The chip can be loaded with data and capable of storing more data than a magnetic strip. With respect to security, encryption keys are stored on this mobile device voiding the need for workstation storage.

sniffer

A program that monitors network traffic by comparing a list of MAC and IP addresses of approved devices with all LAN devices and negates the unauthorized ones. Used by network managers to detect problems and maintain system smoothness.

social engineering

Attempts to gain elicit access to systems by deceiving users or administrators. Telephoning users or operators pretending to be an authorized user typically carries out attacks at the target site.

spamming

A form of excessive, unsolicited bulk e-mail from the Internet where a sender is capable of mass e-mailing people and newsgroups from various e-mailing distribution lists. Spamming has the ability to overload and crash a system with its excessively large amount of data. It is not considered good netiquette to send spam.

spoofing

A form of forgery in an attempt to gain access as an authorized user. Forgery of an e-mail header allows an e-mail to be sent by an unauthorized user pretending to be someone else, thus causing the e-mail to appear to have originated from someone other than the actual source.

symmetric algorithm

An encryption process that uses a single key to encrypt and decrypt messages so they arrive to an intended receiver safely. Symmetric cryptography is less secure than asymmetric cryptography.

STP (Shielded Twisted Pair)

A type of copper cabling used in networks where pairs of wires are twisted around on another to extend the length that a signal can travel on the cable and reduce the interference of signals traveling on the cable.

S-RPC (Secure Remote Procedure Call)

Allows a secure way for a program in one computer to request a service from a program in another computer within the same network without the need for understanding specific network details. This synchronous operation runs on the client/server model; the requesting program is the client and the service-providing program is the server.

TB (terabyte)

1,024 gigabytes, approximately 1 million megabytes, or 1,099,551,627,776 bytes.

TCP/IP (Transmission Control Protocol/Internet Protocol)

The primary set of protocols used by the Internet and most networks. TCP/IP allows different networks and computers to communicate with one another.

transparency

Without hindrance or interference to the user.

Trojan horse

Destructive code that pretends to be harmless. Many viruses that masquerade themselves as something else are commonly referred to as Trojan horse viruses. These types of viruses do not typically replicate themselves. Instead they are used to introduce other destructive packages that do.

tunneling

Establishing a communications link through another networks infrastructure. With tunneling, private network packets and protocols are encapsulated and transmitted through the Internet to other private networks. In short, tunneling is most often implemented as a way to use the Internet as a means of connecting two private networks.

UPS (Uninterruptible Power Supply)

Provides a continuous supply of power to a computer system when a primary power source fails. A UPS can also protect a system from power sags.

URL (Uniform Resource Locator)

A URL is an address that points to a resource or another URL located on the World Wide Web. An example of a URL is http://www.charlesriver.com/.

UTP (Unshielded Twisted Pair)

A common type of twisted pair cable used in most networks. There are five categories of UTP that support different data transmission speeds. Unlike STP, UTP does not have a protective shielding.

virus

A virus is computer code or an application that is loaded and runs on a computer system with the intention of duplicating itself and other files with malicious intent. Most viruses are written to use up available system recourses until DoS (Denial of Service) occurs.

VPN (virtual private network)

A VPN is secure connection or tunnel that is established through a public network such as the Internet. Most VPN connections implement secure protocols such as Layer Two Tunneling Protocol (L2TP) can be used to create a secure tunnel where data is encrypted on the sending end and decrypted on the receiving end.

WAN (wide area network)

A WAN is typically made up of two or more LANs connected together to form a larger Network. WANs are usually spread over large areas. The Internet is a WAN.

WINS (Windows Internet Naming Service)

A Windows Networking Service that provides computer NetBios name to IP address resolution.

WWW (World Wide Web)

A system of servers on the Internet that provide support for pages and documents created with HTML and other scripting languages. You can access the WWW by using such tools and Web browsers such as Internet Explorer, FTP, Telnet, HTTP, and Netscape Navigator.



 < Day Day Up > 



The Security+ Exam Guide (TestTaker's Guide Series)
Security + Exam Guide (Charles River Media Networking/Security)
ISBN: 1584502517
EAN: 2147483647
Year: 2003
Pages: 136

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net