1. 802.1x
    A wireless security standard method for authenticating users.
  2. Account lockout policies
    Policies controlling account lockout configuration parameters.
  3. Active Directory Users and Computers
    A Windows Active Directory utility used to manage organizational units, users, groups, computers, and other domain objects.
  4. Administrator
    A user name often associated with a maintenance account that has unlimited access to a computer or network. See also supervisor, root, and superuser.
  5. AES
    Advanced Encryption Standard (AES) A symmetric-key encryption standard adopted by the U.S. government using three block ciphers, each of which consists of a 128-bit block size.
  6. Adware
    Software that makes a computer more easily locatable by and more susceptible to pop-up and other online ads.
  7. Asymmetric keys
    The public and private keys used in public key encryption.
  8. Audit policies
    Windows policies used to control auditing.
  9. Auditing
    The process of watching key activities and recording specific successful and failed activities.
  10. Auditing tools
    Utilities designed to automatically review and test network security.
  11. Authentication credentials
    Information or a security device used to authenticate a user’s access to a network, most commonly based on user name and password.
  12. Authenticator
    A term that refers to a WAP during 802.1x authentication.
  13. Availability
    A term that refers to providing continuous operation of an organization’s hardware and software so that there is no interruption of service.
  14. Biometric scan
    A security scan based on a user’s identifiable physical characteristic.
  15. Bit strength
    A measure of encryption strength based on the number of bits in a key.
  16. Black box system
    A proprietary system in which you know what a system does but not the hardware or software it contains.
  17. BSoD
    Blue Screen of Death (BSoD) A visual indication of a stop error. You must reboot the computer to clear the error.
  18. Business continuity planning
    Ensuring availability and integrity; keeping the business running when disruptions occur.
  19. Cascading failures
    A situation in which one failure is the direct cause of other failures. Cascading failures are seen after a service fails, causing any dependent services to also fail.
  20. Certificate authority
    An organization or a software service that can grant certificates.
  21. CERT
    Computer Emergency Response Team (CERT) A group establish by the U.S. Department of Defense to respond to computer security problems.
  22. Confidentiality
    A term that refers to protection of organization data from unauthorized disclosure.
  23. Crack
    A term used for the process of guessing or compromising a password.
  24. Crack program
    A program designed to identify weak, easily compromised passwords.
  25. DES
    Data Encryption Standard (DES) A private key encryption system originally developed by IBM.
  26. DDoS agent
    Software placed on a computer that enables it to be used as a message source in a DDoS attack.
  27. DDoS handler
    Software used during a DDoS attack to control the agents.
  28. DMZ
    Demilitarized zone (DMZ) A protected area of a network between the internal network and the Internet that is bounded by one or two firewalls. Also known as a perimeter network.
  29. DoS
    Denial of service (DoS) An attack that attempts to disrupt a network or its servers by flooding them with packets.
  30. Digital Certificate
    A secure identifier issued to a company, computer, or person that proves they are who they say they are.
  31. Directed attack
    An attack that is under the direct control of a hacker.
  32. Disruption
    Interruptions of or reductions in network service.
  33. DDoS
    Distributed denial of service (DDoS) attack A DoS attack in which the attacker controls multiple attacking systems.
  34. Domain account
    A Windows Active Directory user account used for domain authentication and resource access authorization.
  35. Due diligence
    The care exercised by a reasonable person to avoid harm or loss.
  36. Dynamic packet filtering
    A firewall filtering method that passes packets that match sessions initiated on the internal network.
  37. Dynamic state list
    A list of communication sessions between stations inside and outside the firewall that is maintained on the firewall. Also known as a state table.
  38. Encryption algorithm
    Values used for data encryption. Also known as an encryption formula.
  39. Encryption key
    The table or formula that defines which character in the data translates to which encoded character.
  40. Enforce password history
    The number of passwords a system will remember and prevent a user from reusing.
  41. Event logs
    One of several logs that the Windows family operating systems keep to give you a way of reviewing what has been happening on a system.
  42. FIPS 46-2
    Federal Information Processing Standards Publication 46-2 (FIPS 46-2) A U.S. government publication that defines DES as a government standard.
  43. Firewall
    A network security device that filters traffic into and out of a network or subnet.
  44. Hacker
    An expert in problem solving with a computer who sometimes gains illegal access to and sometimes tampers with information in a computer system.
  45. Hardening
    The process of making a network or computer more secure.
  46. HIPAA
    Health Insurance Portability and Accountability Act A law passed in the United States that defines requirements for protecting patient data.
  47. Integrity
    The assurance that data has not been altered or destroyed.
  48. ICMP
    Internet Control Message Protocol (ICMP) A management and troubleshooting protocol that provides support through error and control messages.
  49. IPSec
    Internet Protocol Security (IPSec) A security protocol used for VPN security.
  50. IP spoofing
    The process of sending packets with a fake source address.
  51. L2TP
    Layer 2 Tunneling Protocol (L2TP) A security protocol used for VPN security.
  52. Local account
    A user account used by a local computer for authorization and resource access authentication.
  53. Macro viruses
    Viruses that are contained in documents or spreadsheet files.
  54. Maintenance account
    A user account created for the explicit purpose of performing maintenance tasks.
  55. Malware
    Malicious or annoying unwanted software.
  56. Maximum password age
    The maximum time between password changes.
  57. Minimum password age
    The minimum time that must pass between password changes.
  58. Minimum password length
    The minimum length of a password.
  59. Mission-critical application
    An information system that is vital to an organization.
  60. Network asset
    Any hardware or software of value on a network.
  61. Packet filtering
    The ability of a router or firewall to discard packets that don’t meet certain criteria. This is a key feature of firewalls.
  62. Password must meet complexity requirements
    A Windows password policy that forces users to use stronger passwords.
  63. Perimeter network
    See demilitarized zone (DMZ).
  64. Ping of Death
    A type of DoS attack that sends oversized ping packets to the target computer.
  65. Polymorphic virus
    A type of encrypted virus that includes a scrambled virus body, a decryption routine that first gains control of the computer, and a mutation engine randomizing decryption routines that change each time a virus infects a new program.
  66. Port filtering
    Involves passing or blocking packets based on the port address.
  67. Private key
    An encryption key known to the receiver only in public key encryption.
  68. Public key
    An encryption key used by the sender to encrypt data and based on the receiver’s private key.
  69. Public key encryption
    Encryption based on separate sender and receiver keys.
  70. Push
    The process of transferring data from a source to a destination, where the transfer is initiated by the sender, without receiving a request from the receiver.
  71. RSA
    Rivest, Shamir, and Adleman (RSA) A public key encryption algorithm.
  72. Root
    In the context of user accounts, a name that may be given by the network operating system to a special user account known as a maintenance account that has unlimited access to a computer or network
  73. Rootkit
    A program that can hide itself, along with other programs, files, and processes, from the operating system, antivirus software, and other security software.
  74. Screened subnet
    A subnet that is isolated from the rest of the network by a firewall.
  75. Security breach
    A computer incident that includes somehow bypassing or avoiding security measures.
  76. Shared key encryption
    Encryption based on a single key used for both encryption and decryption.
  77. Signature
    A code within a virus by which it can be identified.
  78. Smart card
    Sometimes called an integrated circuit card (ICC), it is any pocket-sized plastic card with embedded integrated circuits, usually containing security information such as encryption keys to facilitate access control mechanisms.
  79. Spyware
    Software that monitors, records, and sometimes sends out computer activity, usually without the user’s knowledge.
  80. State table
    See dynamic state list.
  81. Stop error
    The Microsoft term for a terminal failure or crash resulting in a “Blue Screen.”
  82. Store passwords using reversible encryption
    • A Windows password policy that should be left disabled unless required (e.g., when using CHAP for authentication).
    • Strong password
    • A password that is designed to be difficult to guess or crack.
  83. Superuser
    A UNIX or Linux user account that has unlimited access to a computer or network.
  84. Supplicant
    An 802.1x term that refers to a client that needs authentication.
  85. Symmetric key encryption
    Encryption based on a single key used for both encryption and decryption.
  86. SYN flag
    Bits internal to a SYN packet carrying status and other information.
  87. SYN flood
    A DoS attack that uses a flood of SYN packets.
  88. SYN packet
    A packet used when initializing a TCP/IP communication session.
  89. TKIP
    Temporal Key Integrity Protocol (TKIP) An encryption algorithm that is used to encrypt keys used with WPA.
  90. Trojan horse (Trojan)
    A program that is expected to do one thing but actually does something else. The name is a reference to classical Greek literature.
  91. Unauthorized access
    Access by unauthorized personnel that violates confidentiality and/or integrity.
  92. User account
    A user identified to a computer or network.
  93. Weak password
    An easily guessed password.
  94. WPA
    Wi-Fi Protected Access (WPA) A wireless security standard that uses TKIP and user authentication.
  95. WinNuke
    An early hacker program that sent TCP/IP packets with invalid header information.
  96. WEP
    Wired Equivalent Privacy (WEP) A security scheme that can provide basic security for 802.11b and 802.11g networks.
  97. Worm
    A self-propagating form of malicious software.
Card Set