S

 < Day Day Up > 



screened subnet

A protected area, typically a separate segment, on the network that is used to run services that are shared outside of the organization.

Secure Shell (SSH)

A technology that was developed by SSH Communications Security, Ltd. to provide for secure authentication and communications for remote shells and file transfers.

Secure Sockets Layer (SSL)

Protocol used to provide session encryption and integrity for packets sent from one computer to another. This could be client-to-server or server-to-server network traffic. It also provides a means for the verification of the server to the client and the client to the server through X.509 certificates (digital certificates).

securing data

A term that refers to controlling access to data.

security baseline

A tool that details the configuration procedures for each server, device, or application on your network.

Security Configuration And Analysis

An MMC snap-in used to evaluate the configuration of systems and optionally apply a template adjusting the configuration of the target computer based on the settings defined in the template.

security descriptor

Attributes attached to an object which identify a securable object’s owner and primary group. It can also contain a DACL that controls access to the object and a SACL that controls the auditing of attempted access to the object.

security policies

Policies that explain what assets an organization secures, how they are secured, and what to do if the security is compromised. A security policy helps you make decisions about what type of security to implement by defining an organization’s security goals.

security risk analysis

The process of reviewing an asset that needs to be protected and comparing the cost of protecting the asset and the likelihood that the asset will be attacked.

security threat

Anything that will prevent the availability, undermine the integrity, or breach the confidentiality of an asset.

Server Message Block (SMB) signing

An option that adds a keyed hash to each SMB packet. This allows you to guard your network against man-in-the-middle, replay, and session hijacking attacks.

Service Set Identifier (SSID)

A unique identification for a wireless network. The first security mechanism that the 802.11 standards use is the SSID. The SSID is used as a means of preventing clients from connecting. Only clients that have been configured with the same SSID as each other or the access point can connect.

Shiva Password Authentication Protocol (SPAP)

Developed for the ShivaLAN Rover product, this protocol transmits the password in a reversible encryption format. This means that this protocol is subject to replay and server impersonation attacks.

smart cards

Devices that are used to provide security solutions for authentication, e-mail, and data encryption. Smart cards store certificates and the corresponding private key in a secure manner.

software restriction policy

Policy that provides administrators with identification of the software running in their domain and that can be used to control whether or not software is allowed to execute.

Special Administration Console (SAC)

A command-line environment that provides the most common way to access Emergency Management Services (EMS) on Windows Server 2003. Used to manage the server when it is locked up or not responding to in-band communications.

stand-alone CA

Certificate authority (CA) that does not take advantage of Active Directory. When you use a stand-alone CA, you will not be able to use Group Policy to manage certificates and will be limited to a web-based or command-line utility enrollment.

standard security policies

Policies that are implemented organization-wide and represent a baseline of security in an organization. All users must comply with them, and hardware or software can be used to make sure they are enforced and to ease the burden of the security policies on the user.

system access control list (SACL)

Part of the security descriptor used for auditing securable objects.



 < Day Day Up > 



MCSE. Windows Server 2003 Network Security Design Study Guide Exam 70-298
MCSE: Windows(r) Server 2003 Network Security Design Study Guide (70-298)
ISBN: 0782143296
EAN: 2147483647
Year: 2004
Pages: 168

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net