| < Day Day Up > |
|
A protected area, typically a separate segment, on the network that is used to run services that are shared outside of the organization.
A technology that was developed by SSH Communications Security, Ltd. to provide for secure authentication and communications for remote shells and file transfers.
Protocol used to provide session encryption and integrity for packets sent from one computer to another. This could be client-to-server or server-to-server network traffic. It also provides a means for the verification of the server to the client and the client to the server through X.509 certificates (digital certificates).
A term that refers to controlling access to data.
A tool that details the configuration procedures for each server, device, or application on your network.
An MMC snap-in used to evaluate the configuration of systems and optionally apply a template adjusting the configuration of the target computer based on the settings defined in the template.
Attributes attached to an object which identify a securable object’s owner and primary group. It can also contain a DACL that controls access to the object and a SACL that controls the auditing of attempted access to the object.
Policies that explain what assets an organization secures, how they are secured, and what to do if the security is compromised. A security policy helps you make decisions about what type of security to implement by defining an organization’s security goals.
The process of reviewing an asset that needs to be protected and comparing the cost of protecting the asset and the likelihood that the asset will be attacked.
Anything that will prevent the availability, undermine the integrity, or breach the confidentiality of an asset.
An option that adds a keyed hash to each SMB packet. This allows you to guard your network against man-in-the-middle, replay, and session hijacking attacks.
A unique identification for a wireless network. The first security mechanism that the 802.11 standards use is the SSID. The SSID is used as a means of preventing clients from connecting. Only clients that have been configured with the same SSID as each other or the access point can connect.
Developed for the ShivaLAN Rover product, this protocol transmits the password in a reversible encryption format. This means that this protocol is subject to replay and server impersonation attacks.
Devices that are used to provide security solutions for authentication, e-mail, and data encryption. Smart cards store certificates and the corresponding private key in a secure manner.
Policy that provides administrators with identification of the software running in their domain and that can be used to control whether or not software is allowed to execute.
A command-line environment that provides the most common way to access Emergency Management Services (EMS) on Windows Server 2003. Used to manage the server when it is locked up or not responding to in-band communications.
Certificate authority (CA) that does not take advantage of Active Directory. When you use a stand-alone CA, you will not be able to use Group Policy to manage certificates and will be limited to a web-based or command-line utility enrollment.
Policies that are implemented organization-wide and represent a baseline of security in an organization. All users must comply with them, and hardware or software can be used to make sure they are enforced and to ease the burden of the security policies on the user.
Part of the security descriptor used for auditing securable objects.
| < Day Day Up > |
|