N-P

A penetration action leveraging a vulnerability in operating systems that cannot handle asynchronous interrupts properly in order to expose the system during the occurrence of such interrupts (a.k.a. negative acknowledgment ).

NIAP is a collaboration between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) with a goal to help increase the level of trust consumers have in their information systems and networks through the use of cost-effective security testing, evaluation, and validation programs.

1. The reasonable assurance that a principal cannot deny being the originator of a message after sending it. Nonrepudiation is achieved by encrypting the message digest using a principal's private key. The public key of the principal must be certified by a trusted certification authority. 2. Assurance that the sender of data is provided a proof of delivery and the recipient is provided proof of the sender's identity, so neither party can deny having electronically processed the data.

A security measure that is not directly part of the network information security processing system, taken to help prevent system vulnerabilities. Nontechnical countermeasures encompass a broad range of personnel measures, procedures, and physical facilities that can deter an adversary from exploiting a system.

A reference model of how messages should be transmitted between any two endpoints of a telecommunication network. The process of communication is divided into seven layers , with each layer adding its own set of special, related functions. The seven layers are the application, presentation, session, transport, network, data, and physical layers. Most telecommunication products tend to describe themselves in relation to the OSI model. The OSI model is a single reference view of communication that provides a common ground for education and discussion.

Process of denying information to others by identifying, controlling, and protecting seemingly generic activities or information that could be used by someone outside the organization to piece together usable, potentially damaging information about operations or intentions (a.k.a. OPSEC ).

A Department of Defense (DoD) publication, Series 5200.28-STD, "Trusted Computer System Evaluation Criteria," which is now superceded by the Common Criteria.

A grouped set of data sent over the network adhering to a specific protocol.

1. A tool used to inspect each data packet transmitted in a network for user -defined content, such as an IP address. 2. A type of firewall in which each IP packet is examined and either allowed to pass through or rejected. Normally, packet filtering is a first line of defense and is typically combined with application proxies for more security.

The act of limiting the flow of data based on preset rules for processing the data, such as source, destination, or type of service being provided by the network. Packet filters allow administrators to limit protocol-specific traffic to one network segment, isolate e-mail domains, and perform many other traffic control functions.

1. Software that observes and records network traffic. 2. A device or program that monitors the data traveling between computers on a network.

The act of attempting penetration of a network, system, or resource with or without using tools to unlock a resource secured with a password.

The process of acquiring, testing, and distributing patches to the appropriate administrators and users throughout the organization.

The technique of securing a network by controlling accesses to all entry and exit points of the network.

The act of gaining unauthorized access to a system via another user's legitimate connection.

Using a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports).

A sign that an attacker may be preparing to cause an incident.

A software package that uses public/private and secret keys for sending private mail messages as well as storing files securely. A de facto standard used for securing e-mail and file encryption on the Internet. Its public-key cryptography system allows for the secure transmission of messages and guarantees authenticity by adding digital signatures to messages.

Any entity that uses a security system. Users, systems, and client and server applications are all principals.

A standard created by Microsoft Corporation for establishing a secure communication link using a public key system.

A key that belongs to a principal and is never revealed to anyone. It is used by a principal to decrypt messages that are sent to it and are encrypted with the principal's public key. It is also used to encrypt a message digest sent by the principal to anyone else. This provides nonrepudiation because anyone can use the principal's public key to decrypt the digest and be sure that the message originated from that principal.

An attempt to gather information about an information system for the apparent purpose of circumventing its security controls to access a target in order to determine its characteristics.

Patterns of a user's activity that can detect changes in normal routines. In computer security, a description of the characteristics of an entity to which access is controlled.

Measuring the characteristics of expected activity so that changes to it can be more easily identified.

A Common Criteria term for a set of implementation-independent security requirements for a category of Targets of Evaluation (TOEs) that meet specific consumer needs.

A process of discovering a customer's prioritized requirements to protect information.

Software agent that performs a function or operation on behalf of another application or system while hiding the details involved.

A key that belongs to a principal and is revealed to everyone. In order for everyone to trust that the public key really belongs to the principal, the public key is embedded in a digital certificate. The public key is used to encrypt messages that are sent to the principal as well as to verify the signature of a principal.

A set of standards proposed by RSA Data Security Inc. for a public-key-based system.

Public and private keys, digital certificates, certification authorities, certificate revocation lists, and the standards that govern the use and validity of these elements that make up an infrastructure where principals can engage in private and nonrepudiable transactions. This combination is called the Public Key Infrastructure.