Key Terms

access control

confidentiality

accountability

Demilitarized Zone (DMZ)

administrative policies

detection

asset

disaster recovery plans (DRP)

authentication

Discretionary Access Control (DAC)

availability

external threats

biometric devices

Extranets

certificates

Identification and Authentication (I&A)

Challenge Handshake Authentication Protocol (CHAP)

information policies

information security

protocols

integrity

response

internal threats

risk analysis

Internet

risk assessment

Internet Control Message Protocol (ICMP)

Rolie-Based Access Control (RBAC)

Intranets

security policies

Kerberos

security tokens

Key Distribution Center (KDC)

security zone

management

services

Mandatory Access Control (MAC)

smart card

multi-factor

threats

Network Address Translation (NAT)

tunneling

operational security

two-factor authentication

penetration

usage policies

physical security

user management policies

policies

Virtual Local Area Networks (VLANs)

prevention

viruses