A type of connection that directly attaches to a cable.


See Transmission Control Protocol.

TCP ACK attack

An attack that begins as a normal TCP connection, and whose purpose is to deny service. It is also known as a TCP SYN flood.

TCP/IP hijacking

An attack in which the attacker gains access to a host in the network and logically disconnects it from the network. The attacker then inserts another machine with the same IP address onto the network.


See Transmission Control Protocol/Internet Protocol.

TCP sequence attacks

An attack wherein the attacker intercepts and then responds with a sequence number similar to the one used in the original session. The attack can either disrupt a session or hijack a valid session.

TCP SYN flood

See TCP ACK attack.

TCP wrappers

A low-level logging package designed for Unix systems.

teardrop attack

A DoS attack that uses large packets and odd offset values to confuse the receiver and help facilitate a crash.


A protocol that functions at the Application layer of the OSI model, providing terminal emulation capabilities. See also Open Systems Interconnect.

Terminal Access Controller Access Control System (TACACS)

An authentication system that allows credentials to be accepted from multiple methods, including Kerberos. The TACACS client/server process occurs in the same manner as the RADIUS process.

terminal emulator

A program that enables a PC to act as a terminal for a mainframe or a Unix system.

termination policy

A clear process of informing affected departments of a voluntarily or involuntarily termination.

test accounts

An account set up by an administrator to confirm the basic functionality of a newly installed application, for example. The test account has equal rights to accounts that will use the new functionality. It is important to use test accounts instead of administrator accounts to test new functionality. If an administrator account is used, problems related to user rights may not manifest themselves because administrator accounts typically have full rights to all network resources.


See Trivial File Transfer Protocol.

third party

A party responsible for providing assurance to the relying party that the subscriber is genuine.


Any perceivable risk.

Three-Tier models

Systems that effectively isolate the end user from the database by introducing a middle-tier server.

Time to Live (TTL)

A field in IP packets that indicates how many routers the packet can still cross (hops it can still make) before it is discarded. TTL is also used in ARP tables to indicate how long an entry should remain in the table.


See Transport Layer Security.


A piece of data holding information about the user. This information can contain group IDs, user IDs (SID—in the case of NT/2000), privilege level, etc.

Trace Route

See Tracert.


The TCP/IP Trace Route command- line utility that shows the user every router interface a TCP/IP packet passes through on its way to a destination. See also Transmission Control Protocol/Internet Protocol.


A section of a data packet that contains error-checking information.


A device that allows the NIC to connect to the network.


Sending packets from the PC to the network cable.

Transmission Control Protocol (TCP)

The protocol found at the Host-to-Host layer of the DoD model. This protocol breaks data packets into segments, numbers them, and sends them in random order. The receiving computer reassembles the data so that the information is readable for the user. In the process, the sender and the receiver confirm that all data has been received; if not, it is resent. This is a connection-oriented protocol. See also connection-oriented transport protocol.

Transmission Control Protocol/Internet Protocol (TCP/IP)

The protocol suite developed by the DoD in conjunction with the Internet. It was designed as an internetworking protocol suite that could route information around network failures. Today it is the de facto standard for communications on the Internet.

transmission media

Physical cables and/or wireless technology across which computers are able to communicate.

Transport layer

The fourth layer of the OSI model. It is responsible for checking that the data packet created in the Session layer was received error free. If necessary, it also changes the length of messages for transport up or down the remaining layers. See also Open Systems Interconnect.

Transport Layer Security (TLS)

Defined in RFC 2246, its purpose is to verify that secure communications between a server and a client remain secure.

Triple-DES (3DES)

Also known as Triple DES, 3DES is a block cipher algorithm used for encryption.

Trivial File Transfer Protocol (TFTP)

A protocol similar to FTP that does not provide the security or error-checking features of FTP. See also File Transfer Protocol.

Trojan horse

Any application that masquerades as one thing in order to get past scrutiny and then does something malicious. One of the major differences between Trojans and viruses is that Trojan horses tend not to replicate themselves.

Trojan horse virus

A virus that masquerades as something else to get past scrutiny and then performs a malicious act.

Trust List

Also known as a Certificate Trust List (CTL), this is a list of objects that have been signed by a trusted entity.


The act of sending private data across a public network by encapsulating it into other packets.


See Time to Live.

two-factor authentication

Using two access methods as a part of the authentication process.

two-tier model

A model in which the client PC or system runs an application that communicates with the database that is running on a different server.

CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net