Glossary

 < Day Day Up > 



A-E

access control entry (ACE)

An entry in an object's access control list that grants permissions to a user or group.

access control list (ACL)

A collection of access control entries that collectively defines the access that all users and groups have to an object.

application policies

Also known as extended key usage or enhanced key usage. Application policies give you the ability to specify which certificates can be used for specific purposes. This allows you to issue certificates widely without being concerned that they will be used for an unintended purpose.

authentication

The process of verifying the identity of something or someone. Authentication usually involves a user name and a password, but it can include any method of demonstrating identity, such as smart cards, retinal scans, voice recognition, or fingerprinting.

Authentication Header (AH)

An IP Security (IPSec) protocol that provides authentication and data integrity but does not provide encryption.

authorization

The process of determining whether an identified user or process is permitted access to a resource, and determining the appropriate level of access for the user. The owner of a resource, or someone who has been granted permission, determines whether a user is in a predetermined group or has a certain level of security clearance. By setting the permissions on a resource, the owner controls which users and groups on the network can access the resource.

Background Intelligent Transfer Service (BITS)

A service that transfers data from the Software Update Services or Windows Update server to the Automatic Updates client with minimal impact to other network services.

certificate revocation list (CRL)

A document maintained and published by a certification authority (CA) that lists certificates that have been revoked. A CRL is signed with the private key of the CA to ensure its integrity.

certificate template permissions

Permissions that define the security principals that can read, modify, or enroll certificates based on certificate templates.

certificate templates

The sets of rules and settings that define the format and content of a certificate, based on its intended use.

certificate-to-account mapping

A feature of Microsoft Windows Server 2003 that enables IP Security (IPSec) to verify that a certificate matches a valid computer account in the Active Directory forest.

Challenge Handshake Authentication Protocol (CHAP)

A challenge-response authentication protocol for Point to Point Protocol (PPP) connections, documented in Request for Comments (RFC) 1994, that uses the industry-standard Message Digest (MD5) one-way encryption scheme to hash the response to a challenge issued by the remote access server.

critical update

A broadly released fix addressing a critical non-security-related bug for a specific problem.

denial-of-service attack

An attack that prevents users from using network resources.

digital certificate

A certificate that provides information about the subject of the certificate, the validity of the certificate, and the applications and services that will use the certificate. A digital certificate also provides a way to identify the holder of the certificate.

digital certificate life cycle

When a certificate is issued, it passes through various phases and remains valid for a certain period of time. This is called certificate lifetime.

dynamic WEP

A term used to describe Wired Equivalent Privacy (WEP) when it has been configured to automatically change the shared secret in order to limit the amount of encrypted data an attacker can capture for cryptoanalysis.

Encapsulating Security Payload (ESP)

An IPSec protocol that provides authentication, data integrity, and encryption.

exploit

A worm, virus, Trojan horse, or other tool that can be used by an attacker to compromise a vulnerable computer.

Extensible Authentication Protocol (EAP)

An authentication method primarily used to provide authentication based on smart cards or public key certificates. EAP is supported by Microsoft Windows Server 2003, Microsoft Windows XP, and Windows 2000.

Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)

An authentication method that enables clients to authenticate by using a public key certificate.



 < Day Day Up > 



MCSA(s)MCSE Self-Paced Training Kit Exam 70-299 (c) Implementing and Administering Security in a M[.  .. ]twork
MCSA/MCSE Self-Paced Training Kit (Exam 70-299): Implementing and Administering Security in a MicrosoftВ® Windows Server(TM) 2003 Network (Pro-Certification)
ISBN: 073562061X
EAN: 2147483647
Year: 2004
Pages: 217

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net