-
3DES
- Triple Digital Encryption Standard
- more secure than DES, but AES is preferred choice of govt
-
-
-
AD-IDS
Anomaly-Detection Intrusion Detection System
-
AES
- Advanced Encryption Standard
- replaced DES, uses Rijndael algorithm, developed by Joan Daemen and Vincent Rijmen, used by US Govt, key sizes: 128 (default), 192 and 256 (qualifies for Top Secret)
-
ALE
Annual Loss Expectancy
-
-
-
API
Application Programming Interface
-
ARO
Annualized Rate of Occurrence
-
ARP
Address Resolution Protocol
-
AS
Authentication Service
-
BCP
Business Continuity Plan
-
BGP
Border Gateway Protocol
-
BIA
Business Impact Analysis
-
BIOS
Basic Input/Output System
-
Blowfish
produced by Counterpan Systems, 64-bit block cipher, very fast, Bruce Schneier author, also created Twofish with 128-bit blocks
-
-
CA
- Certificate Authority
- oraganization responsible for issuing, revoking and distributing certificates
-
CAST
- Carlisle Adams Stafford Tavares
- symmetric block cipher, 40-bit 10 128-bit key, very fast and efficient
-
-
CCRA
Common Criteria Recognition Agreement
-
CGI
Common Gateway Interface
-
CHAP
Challenge Handshake Authentication Protocol
-
CIA Triangle
Confidentiality, Integrity, Availability
-
-
CPS
- Certificate Practice Statement
- detailed statement the CA uses to issue certificates and implement its policies of the CA, how certificates are issues, what measures are taken to protect certificates and the rules the CA users must follow in order to maintain their certificate eligibility
-
CRC
Cyclical Redundancy Check
-
CRL
Certificate Revocation List
-
CSIRT
Computer Security Incident Response Team
-
CTL
Certificate Trust List
-
DAC
Discretionary Access Control
-
DDoS
Distributed Denial of Service Attack
-
DES
- Data Encryption Standard
- used since 1970s, replaced by AES, 56-bit key, broken in two days,
-
DHCP
Dynamic Host Configuration Protocol
-
Diffie-Hellman
Dr W. Diffie and Dr M.E. Hellman created key exchange, considered founders of public/private key concept, used for transmission of keys in as secure manner
-
DIT
Directory Information Tree
-
-
-
DoS
Denial of Service Attack
-
DRP
Disaster Recovery Plan
-
-
DSA
- Digital Signature Algorithm
- Based on El Gamal
-
DSL
Digital Subscriber Line
-
DSSS
Direct-Sequence Spread Spectrum
-
DSV
Dynamic Signature Verification
-
EAL
Evaluation Assurance Levels
-
EAP
Extensible Authentication Protocol
-
EAP-TLS
Extensible Authentication Protocol-Transport Level Security
-
EAS
Advanced Encryption standard
-
ECC
- Elliptic Curve Cryptography
- similar function to RSA, used in small devices, points on a curve to define public and private key pair
-
-
EFS
Encrypted File System
-
El Gamal
Algorithm used for transmitting digital signatures and key exchanges, similar process to Diffie-Hellman key exchange, first published in 1985, DSA is based on this
-
EMI
Electromagnetic Interference
-
ESP
Encapsulating Security Payload
-
FHSS
Frequency-Hopping Spread Spectrum
-
FIPS
Federal Information Processing Standard
-
FQDN
Fully Qualified Domain Name
-
FTP
File Transfer Protocol
-
H-IDS
Host-based Intrusion Detection System
-
HIPAA
Health Insurance Portability and Accountability Act
-
HIPS
Host-based Intrusion Prevention System
-
HTML
Hypertext Markup Language
-
HTTP
Hyertext Transfer Protocol
-
HTTPS
Hyertext Transfer Protocol (Secure)
-
HVAC
Heating, Ventilation and Air Conditioning
-
I&A
Identification and Authentication
-
IAB
Internet Architecture Board
-
IANA
Internet Assigned Numbers Authority
-
ICMP
Internet Control Message Protocol
-
IDEA
- International Data Encryption Algorithm
- developed by Swiss consortium (ASCOM AG), uses 128-bit key, more secure than DES with same speed and capability, uses PGP
-
IDS
Intrusion Detection System
-
IEEE
Institute of Electrical and Electronics Engineers
-
IETF
Internet Engineering Task Force
-
IGMP
Internet Group Management Protocol
-
IKE
Internet Key Exchange
-
-
IMAP
Internet Message Access Protocol
-
-
IPSec
Internet Protocol Security
-
IPX
Internetwork Packet Exchange
-
IPX/SPX
Internetwork Packet Exchange/Sequenced Packet Exchange
-
IRP
Incident Response Plan
-
IRT
Incident Response Team
-
IRTF
Internet Research Task Force
-
ISAKMP
Internet Security Association Key Management Protocol
-
ISDN
Integrated Services Digital Network
-
ISO
International Organization for Standardization
-
-
ISP
Internet Service Provider
-
ITU
International Telecommunications Union
-
KDC
Key Distribution Center
-
KEC
Key Exchange Algorithm
-
KMAC
Keyed-Hash Message Authentication Code
-
-
L2TP
Layer 2 Tunneling Protocol
-
-
LANMAN
- LAN Manager
- replaced by NTLM with release of Windows NT, authentication protocol, used LM Hash and two DES keys
-
LCP
Link Control Protocol
-
LDAP
Lightweight Directory Access Protocol
-
LDIF
LDAP Data Interchange Format
-
LRA
- Local Registration Authority
- used to identify or establish the identity of a user for certificate issuance, involves the physical identification of the person requesting the certificate
-
MAC (permissions)
Mandatory Access Control or Media Access Control
-
MAC (encryption)
Message Authentication Code
-
MAN
Metropolitan Area Network
-
MAU
Multistation Access Unit
-
-
MDA
- Message Digest Algorithm
- one-way hash, helps maintain integrity, common versions newest MD5 (faster than SHA), MD4, MD2
-
MD-IDS
Misuse-Detection Intrusion Detection System
-
MRA
Mutual Recognition Agreement
-
MSCHAP
Microsoft Challegene Handshake Authentication Protocol
-
MTBF
Mean Time Between Failures
-
-
NAC
Network Access Control
-
NAT
Network Address Translation
-
NBS
National Bureau of Standards
-
NCP
Network Control Protocol OR Netware Core Protocol
-
NCSC
National Computing Security Center
-
NDPS
Novell Distributed Print Services
-
NDS
Novell Directory Services OR NetWare Directory Services
-
NetBEUI
NetBIOS Extended User Interface
-
NetBIOS
Network Basic Input Output System
-
-
NIC
Network Interface Card
-
N-IDS
Network-based Intrusion Detection System
-
N-IPS
Network-based Intrusion Prevention System
-
NIST
National Institute of Standards and Technology
-
NLM
NetWare Loadable Module
-
NLSP
NetWare Link State Protocol
-
NNTP
Network News Transfer Protocol
-
NOC
Network Operations Center
-
NOS
Network Operating System
-
NSA
National Security Agency
-
NTDS
NT Directory Service
-
NTLM
New Technology LAN Manager, replaced LANMAN with release of Windows NT, uses MD4/MD5 hashing algorithms. primary purpose is authentication.
-
OCSP
- Online Certificate Status Protocol
- Used for certification revocation
-
OFDM
Orthogonal Frequency-Division Multiplexing
-
OSI
Open Systems Interconnection
-
OSPF
Open Shortest Path First
-
OVAL
- Open Vunerability and Assessment Language
- A standard written in XML that provide and publicly available security content
-
PAN
Personal Area Network
-
PAP
Password Authentication Protocol
-
PAT
Port Address Translation
-
PBX
Private Branch Exchange
-
PCI
Payment Card Industry OR Peripheral Component Interconnect
-
PII
Personally Identifiable Information
-
PGP
- Pretty Good Privacy
- Public Domain encryption used for email
-
PKC
- Public Key Cryptography
- Two-key systems
-
PKI
- Public Key Infrastructure
- framework, Two-key, asymmetric, Four parts: CA, RA, RSA and digital certificates
-
PKIX
Public Key Infastructure X.509
-
-
POP3
Post Office Protocol Version 3
-
POTS
Plain Old Telephone Service
-
PPP
Point-to-Point Protocol
-
PPTP
Point-to-Point Tunneling Protocol
-
PSTN
Public Switched Telephone Network
-
RA
- Registration Authority
- Middleman between CA and user, distributes keys, accepts registrations for the CA and validates identities, does not issue certificates
-
RAD
Rapid Application Development
-
RADIUS
Remote Authentication Dial-In User Service
-
RAID
Redundant Array of Independent (OR Inexpensive) Disks
-
-
RBAC
Role-Based Access Control & Rule-Based Access control
-
RC
- Rivest Cipher or Ron's Code
- produced by RSA labs, Ron Rivest author, RC5 uses up to 2,048-bit key
-
-
-
RFI
Radio Frequency Interference
-
RIP
Routing Information Protocol
-
RSA
- Rivest, Shamir and Adleman, founders of the company
- asymmetric encryption, public key, uses very lasrge integers, de facto standard, used for encryption and digitals signatures, used in SSL
-
RSBAC
Rule Set-Based Access Control
-
SAM
Security Account Manager
-
SET
Secure Electronic Transcation
-
SHA
- Secure Hash Algorithm
- one-way hash, ensure integrity, 160-bit has value, new standard SHA-1
-
S-HTTP
Secure Hypertext Transfer Protocol
-
SLA
Service Level Agreement
-
SLE
Single Loss Expectancy
-
SLIP
Serial Line Internet Protocol
-
S/MIME
Secure Multi Purpose Internet Mail Extension
-
SMTP
Simple Mail Transfer Protocol
-
SNMP
Simple Network Management Protocol
-
SPX
Sequenced Packet Exhange
-
-
-
-
STP
Shielded Twisted Pair
-
-
TACACS
Terminal Access Controller Access control System
-
TCP
Tranmission Control Protocol
-
TCP/IP
Transmission Control Protocol/Internet Protocol
-
TCSEC
Trusted Computer System Evaluation Criteria
-
TFTP
Trivial File Transfer Protocol
-
TGT
Ticket-Granting Ticket
-
TKIP
Temporal Key Interchange/Integrity Protocol
-
TLS
Transport Layer Security
-
TNIEG
Trusted Network Interpretation Environmental Guideline
-
TPM
Trusted Platform Module
-
-
-
UDP
User Datagram Protocol
-
UPS
Uninterruptible Power Supply
-
URL
Uniform Resource Locator
-
UTP
Unshielded twisted pair
-
-
VPN
Virtual Private Network
-
W3C
World Wide Web Consortium
-
-
WAP
Wireless Application Protocol
-
WEP
Wired Equivalency Protocol
-
-
WINS
Windows Internet Naming Service
-
WPA
Wi-Fi Protected Access
-
WPAN
Wireless Personal Area Network
-
WTLS
Wireless Transport Layer Security
-
x.509
standard certificate format supported by ITU and many other standards organizations
|
|