Glossary

The !SAC is the special management console that will automatically load if the SAC fails to start. The !SAC will only restart the server, and redirect stop error messages.

A wireless network protocol that can transmit data at speeds as fast as 54Mbps but at a shorter range than the other more popular standards. It also uses a different part of the electromagnetic spectrum and so is not compatible with either 802.11b or 802.11g. Its short range and nonoverlapping 12 channels makes it a specification that is more appropriate for densely populated areas.

A wireless network protocol that is currently the most popular specification for wireless networking. It supports speeds up to 11Mbps over a longer range than 802.11a supports. Devices that support 802.11b tend to be less expensive, hence the popularity.

A wireless network protocol that supports speeds up to 54Mbps and is compatible with 802.11b because they both use the same part of the radio spectrum. It does have a shorter range than 802.11b to get the full 54Mbps speed.

An entry in an object's discretionary access control list (DACL) that grants or denies permissions to an identity. An ACE is also an entry in an object's system access control list (SACL) that specifies the security events to be audited for a identity.

A list of security rights that apply to an object as a whole, a set of the object's properties, or an individual property of an object. There are two types of access control lists: discretionary (DACL) and system (SACL).

An access point transmits and receives wireless network communications. It acts as a bridge between the wireless network and the hardwired network.

A token that contains the security information for a logon session. The system creates an access token when a user logs on, and every process executed on behalf of the user has a copy of the token. The token identifies the user, the user's groups, and the user's privileges and passes the information to the object to determine access.

A peer-to-peer communication mode in which clients communicate directly with each other. Clients can be configured to allow incoming connections and support ad hoc mode.

Typically used when you need to authenticate large numbers of users on the Internet, and there is no need to differentiate between users. When a user connects to IIS through anonymous access, they are authenticated as the IUSR_ServerName account by default, where ServerName is the name of your IIS server.

Authentication in which a standard HTML form is used to provide for custom authentication of users. The developer creates a page to capture the profile information of the user and a page to capture the username and password. You would then need to configure the ASP.NET application to support forms-based authentication.

Anything of value in a company. An asset is an item that it worth securing.

A policy used to track security events like access to files or attempts to authenticate with the server. This information will be written to the Windows security log, which can be viewed with Event Viewer. You can use this information to determine what is going on with the server and where your security mechanisms may be breaking down.

The process of determining an identity (for example, a user).

The process of determining the resources an identity can access once it’s authenticated.

A program used to enable a role-based access control on a website. You can assign a group or user access to applications, or parts of applications (based on URLs), and not have to worry about the NTFS permissions.