| < Day Day Up > |
|
To limit the use of an object or subject that has been authorized. Methods placed to limit the access to resources from unauthorized users or programs.
A set of uniform routines or rules that allow programmers and developers to write applications that can be used to interact with various operating system platforms. APIs define system calls for service.
A TCP/IP protocol used to determine the hardware MAC address for a network interface card.
An encryption process that uses a pair of keys to securely encrypt and decrypt messages so that they arrive to an intended receiver safely.
A method used to verify the identity of a user or subject to a system. Authentication is typically a prerequisite for access to a system resource.
Permission granted to a subject to access or utilize a particular object such as a file or folder.
A hidden entry point to a program or system usually created by the application or system manufacturer. Back doors provide access to a system that typically exploited by unauthorized attackers.
A system that has been protected or hardened in preparation for an expected attack. A bastion host is used to protect an internal network from external attacks.
The BIOS is software built into a ROM BIOS or flash BIOS chip that is used to control hardware devices such as hard drives, keyboards, monitors, and other low-level devices before a computer system boots into an operating system.
A connector used to connect a computer to a coaxial cable in a 10base2 Ethernet network.
A standard measurement of the speed at which data is transmitted. For example, a 56K modem has the ability to transmit at a rate of 56,000 bits per second.
A program that tries to all possible characters and phrase combinations in order to gain a password or PIN that can be used to illegally authenticate.
A round metallic disk that stores information such as text, video, and audio in digital format.
A type of compact disk that can be written or recorded to once but read many times.
The CERT (Computer Emergency Response Team) was established at Carnegie-Mellon University. Its goal is to provide useful information that can assist with current and future security problems and threats.
Authentication method where a server system sends a client system a randomly selected value and ID. CHAP uses a one-way hash value that is typically created using MD5. CHAP is mush more secure that PAP.
The grouping of individual systems together allowing them to act as one large system. Clustering allows multiple servers the ability to access single disk arrays that contains applications and services.
Making sure that only authorized individuals or systems have access to data.
One who breaks into a secured system with malicious intent. Crackers most commonly use brute force and dictionary attack methods as tools to figure out passwords.
A contention-based protocol used to detect collisions of packets in Ethernet networks. If a collision occurs the information is re-transmitted.
To convert enciphered text to into plain text.
A 56-bit symmetric-key encryption method.
A protocol used to assign IP addresses dynamically to computer systems in a TCP/IP network. DCHP eases administrative overhead by reducing the need to assign individual static IP addresses.
A new form of HTML programming code that allows developers to create more interactive/responsive Web pages for users.
An electronic version of a signature used to authenticate and identify the sender of information. Primarily used for identification purposes and the prevention of forgery.
An Internet service that translates fully qualified domain names to computer IP addresses.
Pretending to be a valid DNS server by stealing its domain name or compromising the target DNS server name cache.
The loss of resources that are normally available. Malicious attack programs typically aim to deny access to these resources for normal users.
A 16-bit operating system developed by Microsoft that does not support true multitasking capabilities.
A popular high-speed technology that uses phone lines for Internet connectivity. The two most widely used forms of DSL are ADSL (asynchronous) and SDSL (synchronous).
Acting responsibly and in good faith. Acting in the best interest of one’s company or enterprise.
The process of changing or concealing data or programs so that they cannot be viewed in plain text. This is usually accomplished through the use of an algorithmic program.
Software or hardware, or a combination of both, designed to prevent access to internal networks and resources from outside sources. A firewall is usually installed on a server that acts as gateway or router. A firewall looks at data packets and screens them for validity.
A transfer protocol primarily used on the Internet to transfer files from one location to another.
The ability of a program or system to remain functional in the event of a hardware or software failure. There are various levels of fault tolerance that offer different levels of protection. The most common are RAID (Redundant Array of Independent disks) levels 1, 3, and 5.
A measurement of computer system data storage data storage space. One GB is equal to 1,024 megabytes or approximately 1 million kilobytes.
An expert computer-programming enthusiast who has the knowledge and capabilities to gain unauthorized access to secured computer systems and programs.
A value that is that is generated from a string of characters or text. It is very unlikely that a duplicate hash value will ever be produced from various strings of text. Hashing is the changing or transforming of a set of characters into a shorter set or value of numbers. A hashing algorithm known as a hash function is used to disorganize values to make them more difficult to figure out. Hashing is often used with the encryption and decryption of digital signatures.
A programming language that is used to create pages or hypertext documents on the World Wide Web. HTML is a scripting language that uses tags to define the way Web pages are displayed.
A fast Internet application protocol used for transferring data.
The world’s leading international standards organization that’s primary purpose is the development of Information Technology (IT) standards and the welfare of its members.
An important Internet body or society that provides standards and Internet protocols. These standards are known as RFCs (Requests For Comments). RFCs can become documented procedures or actual standards.
A security management system used to identify security weaknesses and breaches that are internal or external to a network. This type of system should gather, analyze and assess security information that relates to vulnerabilities that are dangerous to normal operations.
A TCP/IP protocol used primarily to allow computers to be connected in a local area network or to the Internet.
A Novell networking protocol suite used primarily with Novell Netware.
A digital communications standard that allows data and voice to be used on the same phone line connection. ISDN provides support for up to 128kbps transfer rates and is intended to replace traditional analog technology.
A company whose primary business is to provide access to the Internet for other companies and individuals.
A measurement of data transfer rate. One kbps is equivalent to 1,000 bits per second.
1,024 bytes.
A network of computers that are typically connected together in a central location such a building. In a LAN, computers are connected together by wires or other media and share common resources such as printers, files, and modems.
The process or actions implemented to store information that is obtained from networked workstations, servers, or firewalls.
A Microsoft application-programming interface that provides the ability to send e-mail and attachments from within programs such as Word, Excel, PowerPoint, and Access.
1,024 kilobytes or 1,048,576 bytes.
A communications device used to convert signals so they can be transmitted over conventional telephone lines. A modem converts incoming analog signals to digital format and outgoing digital signals to analog format.
An electronic circuit board that attaches a computer to a network. A NIC is installed inside a computer connects to a wire that typically leads to a networked hub, router, or bridge.
A Windows NT hard drive file system that offers file and object level security features, file compression, encryption, and Long file Name support. A new version of the NTFS file system called NTFS5 is offered with the Windows 2000 operating system.
A specification created by Microsoft that allows objects that are created in one program or application to be embedded or linked to another applications. With OLE, if a change is made to an application, the change is also made to the second application.
The OSI reference model is a networking model developed to provide network designers and developers with a model that describes how network communication takes place.
A password that is used only once. This password cannot be stolen or used multiple times. It is considered secure and assists against password stealing programs.
A small handheld mobile computing device that provides functions similar to a desktop or laptop computer. Most PDAs today use a Pen/Stylus in place of a keyboard to input data.
A company or organizations set of rules that provide guidelines that describe proper use of company assets, security rules, and company procedures.
One part of a two-part cryptographic key, used to exchange private or secret messages between privy parties by encrypting or decrypting such message. Can be used to produce a Digital Signature.
Allows revisited pages in a Web browser to load more quickly by storing them locally in a cache, rather than retrieving them again directly from the Internet: similar to cache, but at a much grander scale. Also, serves as a middleman between the requesting end user and Internet while allowing administrative control, security, and caching services to the company/corporation.
One part of a two-part cryptographic key that can be used to verify the owner’s Digital Signature and are embedded in Digital Certificates.
Using multiple hard disks to provide data redundancy. RAID spreads data across several hard drives to provide fault tolerance incase of a disk crash. There are several levels of RAID. The most common are levels 0, 1, and 5.
A cryptosystem developed in 1977 used to create public and private keys using an algorithm consisting of two large prime numbers.
A built-in Windows NT/2000 component that is used to manage the security of user accounts.
A security token that is used to allow users access to resources in a Windows environment. A token carries access rights that are associated with a users account.
A unique security number that is associated with used users, groups and accounts in Windows NT or 2000 network. Access to processes that run in Windows NT/2000 require this unique SID and a token.
A small plastic card, similar in size to a credit card, used to store information via a microchip. The chip can be loaded with data and capable of storing more data than a magnetic strip. With respect to security, encryption keys are stored on this mobile device voiding the need for workstation storage.
A program that monitors network traffic by comparing a list of MAC and IP addresses of approved devices with all LAN devices and negates the unauthorized ones. Used by network managers to detect problems and maintain system smoothness.
Attempts to gain elicit access to systems by deceiving users or administrators. Telephoning users or operators pretending to be an authorized user typically carries out attacks at the target site.
A form of excessive, unsolicited bulk e-mail from the Internet where a sender is capable of mass e-mailing people and newsgroups from various e-mailing distribution lists. Spamming has the ability to overload and crash a system with its excessively large amount of data. It is not considered good netiquette to send spam.
A form of forgery in an attempt to gain access as an authorized user. Forgery of an e-mail header allows an e-mail to be sent by an unauthorized user pretending to be someone else, thus causing the e-mail to appear to have originated from someone other than the actual source.
An encryption process that uses a single key to encrypt and decrypt messages so they arrive to an intended receiver safely. Symmetric cryptography is less secure than asymmetric cryptography.
A type of copper cabling used in networks where pairs of wires are twisted around on another to extend the length that a signal can travel on the cable and reduce the interference of signals traveling on the cable.
Allows a secure way for a program in one computer to request a service from a program in another computer within the same network without the need for understanding specific network details. This synchronous operation runs on the client/server model; the requesting program is the client and the service-providing program is the server.
1,024 gigabytes, approximately 1 million megabytes, or 1,099,551,627,776 bytes.
The primary set of protocols used by the Internet and most networks. TCP/IP allows different networks and computers to communicate with one another.
Without hindrance or interference to the user.
Destructive code that pretends to be harmless. Many viruses that masquerade themselves as something else are commonly referred to as Trojan horse viruses. These types of viruses do not typically replicate themselves. Instead they are used to introduce other destructive packages that do.
Establishing a communications link through another networks infrastructure. With tunneling, private network packets and protocols are encapsulated and transmitted through the Internet to other private networks. In short, tunneling is most often implemented as a way to use the Internet as a means of connecting two private networks.
Provides a continuous supply of power to a computer system when a primary power source fails. A UPS can also protect a system from power sags.
A URL is an address that points to a resource or another URL located on the World Wide Web. An example of a URL is http://www.charlesriver.com/.
A common type of twisted pair cable used in most networks. There are five categories of UTP that support different data transmission speeds. Unlike STP, UTP does not have a protective shielding.
A virus is computer code or an application that is loaded and runs on a computer system with the intention of duplicating itself and other files with malicious intent. Most viruses are written to use up available system recourses until DoS (Denial of Service) occurs.
A VPN is secure connection or tunnel that is established through a public network such as the Internet. Most VPN connections implement secure protocols such as Layer Two Tunneling Protocol (L2TP) can be used to create a secure tunnel where data is encrypted on the sending end and decrypted on the receiving end.
A WAN is typically made up of two or more LANs connected together to form a larger Network. WANs are usually spread over large areas. The Internet is a WAN.
A Windows Networking Service that provides computer NetBios name to IP address resolution.
A system of servers on the Internet that provide support for pages and documents created with HTML and other scripting languages. You can access the WWW by using such tools and Web browsers such as Internet Explorer, FTP, Telnet, HTTP, and Netscape Navigator.
| < Day Day Up > |
|