CHAPTER 11 NETWORK SECURITY

A wireless security standard method for authenticating users.

Policies controlling account lockout configuration parameters.

A Windows Active Directory utility used to manage organizational units, users, groups, computers, and other domain objects.

A user name often associated with a maintenance account that has unlimited access to a computer or network. See also supervisor, root, and superuser.

Advanced Encryption Standard (AES) A symmetric-key encryption standard adopted by the U.S. government using three block ciphers, each of which consists of a 128-bit block size.

Software that makes a computer more easily locatable by and more susceptible to pop-up and other online ads.

The public and private keys used in public key encryption.

Windows policies used to control auditing.

The process of watching key activities and recording specific successful and failed activities.

Utilities designed to automatically review and test network security.

Information or a security device used to authenticate a user’s access to a network, most commonly based on user name and password.

A term that refers to a WAP during 802.1x authentication.

A term that refers to providing continuous operation of an organization’s hardware and software so that there is no interruption of service.

A security scan based on a user’s identifiable physical characteristic.

A measure of encryption strength based on the number of bits in a key.

A proprietary system in which you know what a system does but not the hardware or software it contains.

Blue Screen of Death (BSoD) A visual indication of a stop error. You must reboot the computer to clear the error.

Ensuring availability and integrity; keeping the business running when disruptions occur.

A situation in which one failure is the direct cause of other failures. Cascading failures are seen after a service fails, causing any dependent services to also fail.

An organization or a software service that can grant certificates.

Computer Emergency Response Team (CERT) A group establish by the U.S. Department of Defense to respond to computer security problems.

A term that refers to protection of organization data from unauthorized disclosure.

A term used for the process of guessing or compromising a password.

A program designed to identify weak, easily compromised passwords.

Data Encryption Standard (DES) A private key encryption system originally developed by IBM.

Software placed on a computer that enables it to be used as a message source in a DDoS attack.

Software used during a DDoS attack to control the agents.

Demilitarized zone (DMZ) A protected area of a network between the internal network and the Internet that is bounded by one or two firewalls. Also known as a perimeter network.

Denial of service (DoS) An attack that attempts to disrupt a network or its servers by flooding them with packets.

A secure identifier issued to a company, computer, or person that proves they are who they say they are.

An attack that is under the direct control of a hacker.

Interruptions of or reductions in network service.

Distributed denial of service (DDoS) attack A DoS attack in which the attacker controls multiple attacking systems.

A Windows Active Directory user account used for domain authentication and resource access authorization.

The care exercised by a reasonable person to avoid harm or loss.

A firewall filtering method that passes packets that match sessions initiated on the internal network.

A list of communication sessions between stations inside and outside the firewall that is maintained on the firewall. Also known as a state table.

Values used for data encryption. Also known as an encryption formula.

The table or formula that defines which character in the data translates to which encoded character.

The number of passwords a system will remember and prevent a user from reusing.

One of several logs that the Windows family operating systems keep to give you a way of reviewing what has been happening on a system.

Federal Information Processing Standards Publication 46-2 (FIPS 46-2) A U.S. government publication that defines DES as a government standard.

A network security device that filters traffic into and out of a network or subnet.

An expert in problem solving with a computer who sometimes gains illegal access to and sometimes tampers with information in a computer system.

The process of making a network or computer more secure.

Health Insurance Portability and Accountability Act A law passed in the United States that defines requirements for protecting patient data.

The assurance that data has not been altered or destroyed.

Internet Control Message Protocol (ICMP) A management and troubleshooting protocol that provides support through error and control messages.

Internet Protocol Security (IPSec) A security protocol used for VPN security.

The process of sending packets with a fake source address.

Layer 2 Tunneling Protocol (L2TP) A security protocol used for VPN security.

A user account used by a local computer for authorization and resource access authentication.

Viruses that are contained in documents or spreadsheet files.

A user account created for the explicit purpose of performing maintenance tasks.

Malicious or annoying unwanted software.

The maximum time between password changes.

The minimum time that must pass between password changes.

The minimum length of a password.

An information system that is vital to an organization.

Any hardware or software of value on a network.

The ability of a router or firewall to discard packets that don’t meet certain criteria. This is a key feature of firewalls.

A Windows password policy that forces users to use stronger passwords.

See demilitarized zone (DMZ).

A type of DoS attack that sends oversized ping packets to the target computer.

A type of encrypted virus that includes a scrambled virus body, a decryption routine that first gains control of the computer, and a mutation engine randomizing decryption routines that change each time a virus infects a new program.

Involves passing or blocking packets based on the port address.

An encryption key known to the receiver only in public key encryption.

An encryption key used by the sender to encrypt data and based on the receiver’s private key.

Encryption based on separate sender and receiver keys.

The process of transferring data from a source to a destination, where the transfer is initiated by the sender, without receiving a request from the receiver.

Rivest, Shamir, and Adleman (RSA) A public key encryption algorithm.

In the context of user accounts, a name that may be given by the network operating system to a special user account known as a maintenance account that has unlimited access to a computer or network

A program that can hide itself, along with other programs, files, and processes, from the operating system, antivirus software, and other security software.

A subnet that is isolated from the rest of the network by a firewall.

A computer incident that includes somehow bypassing or avoiding security measures.

Encryption based on a single key used for both encryption and decryption.

A code within a virus by which it can be identified.

Sometimes called an integrated circuit card (ICC), it is any pocket-sized plastic card with embedded integrated circuits, usually containing security information such as encryption keys to facilitate access control mechanisms.

Software that monitors, records, and sometimes sends out computer activity, usually without the user’s knowledge.

See dynamic state list.

The Microsoft term for a terminal failure or crash resulting in a “Blue Screen.”

• A Windows password policy that should be left disabled unless required (e.g., when using CHAP for authentication).
• Strong password
• A password that is designed to be difficult to guess or crack.

A UNIX or Linux user account that has unlimited access to a computer or network.

An 802.1x term that refers to a client that needs authentication.

Encryption based on a single key used for both encryption and decryption.

Bits internal to a SYN packet carrying status and other information.

A DoS attack that uses a flood of SYN packets.

A packet used when initializing a TCP/IP communication session.

Temporal Key Integrity Protocol (TKIP) An encryption algorithm that is used to encrypt keys used with WPA.

A program that is expected to do one thing but actually does something else. The name is a reference to classical Greek literature.

Access by unauthorized personnel that violates confidentiality and/or integrity.

A user identified to a computer or network.

An easily guessed password.

Wi-Fi Protected Access (WPA) A wireless security standard that uses TKIP and user authentication.

An early hacker program that sent TCP/IP packets with invalid header information.

Wired Equivalent Privacy (WEP) A security scheme that can provide basic security for 802.11b and 802.11g networks.

A self-propagating form of malicious software.