E

See Evaluation Assurance Level.

Any type of passive attack where you intercept data in an unauthorized manner—usually in order to find passwords. Cable sniffing and wiretapping are two types of eavesdropping attacks, as are man in the middle attacks.

See Elliptic Curve Cryptosystem.

See Exposure Factor.

The interference that can occur during transmissions over copper cable because of electromagnetic energy outside the cable. The result is degradation of the signal.

A type of public key cryptosystem that requires a shorter key length than many other cryptosystems— including the defacto industry-standard, RSA.

See electromagnetic interference.

The ESP header is used to provide a mix of security services in IPv4 and IPv6. ESP can be used alone or in combination with the IP Authentication Header (AH).

The process of translating data into signals that can be transmitted on a transmission medium.

Converting data into a form to make it less likely to be usable to anyone intercepting it if they cannot decrypt it.

The string of alphanumeric characters used to decrypt encrypted data.

The process of luring someone.

The process of encouraging an attacker to perform an act, even if they don't want to do it.

An attempt to gain information about your network by specifically targeting network resources, users and groups, and applications running on your system.

The act of moving something up in priority. Often when an incident is escalated, it is brought to the attention of the next highest supervisor. See also privilege escalation.

A shared-media network architecture. It operates at the Physical and Data Link layers of the OSI model. As the media access method, it uses baseband signaling over either a bus or a star topology with CSMA/CD. The cabling used in Ethernet networks can be coax, twisted-pair, or fiber-optic.

See MAC address.

A level of assurance, expressed as a numerical value, based upon standards set by the CCRA (Common Criteria Recognition Agreement).

Any noticeable action or occurrence.

A calculation of how much data (or other assets) could be lost from a single occurrence. If all the data on the network could be jeopardized by a single attack, the exposure factor is 100 percent.

Threats that originate from outside the company.

Web (or similar) services set up in a private network to be accessed internally and by select external entities, such as vendors and suppliers.