I

The Internet Architecture Board oversees various other Internet organizations, such as IANA.

The Internet Assigned Numbers Authority is the organization that is responsible for governing IP addresses.

See Internet Control Message Protocol.

Attacks that occur by triggering a response from the ICMP protocol when it responds to a seemingly legitimate maintenance request.

See Institute of Electrical and Electronics Engineers, Inc.

Intrusion Detection System is a method of inspecting network activity (inbound and/or outbound) for malicious activity. IDS can be network-based or host-based.

A series of guidelines dealing with various aspects of network security.

A family of protocols that provides for wireless communications using radio frequency transmissions.

Defines the standards for implementing wireless technologies such as infrared and spread-spectrum radio.

The Internet Engineering Task Force is an international organization that works under the Internet Architecture Board to establish standards and protocols relating to the Internet. See also Internet Architecture Board.

The Internet Group Management Protocol is used for multicasting operations across the Internet.

An application/program that should not be there but is operating on the network, and one that is commonly used to gain unauthorized control by allowing someone to bypass normal authentication. NetBus is one of the best-known examples of an illicit server.

See Instant Messaging.

The Internet Message Access Protocol (IMAP) has a store-and-forward capability, however, it also has the ability to allow messages to be stored on an e-mail server instead of being downloaded to the client.

A two-step process of identifying a person (usually when they log on) and authenticating them by challenging their claim to access a resource.

Any attempt to violate a security policy, a successful penetration, a compromise of a system, or any unauthorized access to information.

How an organization responds to an incident.

Also known as a Computer Security Incident Response Team (CSIRT), this is the group of individuals responsible for responding when a security breach has occurred.

A policy that defines how an organization will respond to an incident.

A type of backup in which only new files or files that have changed since the last full backup or the last incremental backup are included. Incremental backups clear the archive bit on files upon their completion.

The process of determining what information is accessible to what parties and for what purposes.

A written policy detailing dissemination of information.

Policies that define how information is destroyed when it has reached the end of its useful life.

A model concerned with all the properties of information flow, not only the direction of the flow.

Policies governing the various aspects of information security. This includes access, classifications, marking and storage, and the transmission and destruction of sensitive information. The development of information policies is critical to security.

A designation of how long data is retained and any other significant considerations about information.

Security practices applied to information.

The hardware and software necessary to run your network.

Security on the hardware and software necessary to run your network.

Immediate e-mail that can be sent back and forth between users who are currently logged on. From a security standpoint, there are risks associated with giving out information via IM that can be used in social engineering attacks and attachments sent can contain viruses.

An international organization that sets standards for various electrical and electronics issues.

A telecommunications standard that is used to digitally send voice, data, and video signals over the same lines.

See data integrity.

The process of covertly obtaining information not meant for you. Interception can be an active or passive process.

Information intended to remain within the company.

Threats that arise from within the organization.

An algorithm that uses a 128-bit key. This product is similar in speed and capability to DES, but it is more secure. IDEA is used in PGP.

The standards organization that developed the OSI model. This model provides a guideline for how communications occur between computers.

The ITU is responsible for communications standards, spectrum management, and the development of communications infrastructures in underdeveloped nations.

A global network made up of a large number of individual networks interconnected through the use of public telephone lines and TCP/IP protocols. See also Transmission Control Protocol/Internet Protocol.

The committee that oversees management of the Internet. It is made up of two subcommittees: the Internet Engineering Task Force (IETF) and the Internet Research Task Force (IRTF). See also Internet Engineering Task Force, Internet Research Task Force.