NW203 Test3 Ch11-12 terms

A wireless security standard method for authenticating users.

Policies controlling account lockout configuration parameters.

A Windows Active Directory utility used to manage organizational units, users, groups, computers, and other domain objects.

Advanced Encryption Standard (AES) A symmetric-key encryption standard adopted by the U.S. government using three block ciphers, each of which consists of a 128-bit block size.

Software that makes a computer more easily locatable by and more susceptible to pop-up and other online ads.

The public and private keys used in public key encryption.

Information or a security device used to authenticate a user’s access to a network, most commonly based on user name and password.

A term that refers to a WAP during 802.1x authentication.

A term that refers to providing continuous operation of an organization’s hardware and software so that there is no interruption of service.

A security scan based on a user’s identifiable physical characteristic.

A measure of encryption strength based on the number of bits in a key.

Ensuring availability and integrity; keeping the business running when disruptions occur.

A term that refers to protection of organization data from unauthorized disclosure.

Data Encryption Standard (DES) A private key encryption system originally developed by IBM.

Software placed on a computer that enables it to be used as a message source in a DDoS attack.

Software used during a DDoS attack to control the agents.

Demilitarized zone (DMZ) A protected area of a network between the internal network and the Internet that is bounded by one or two firewalls. Also known as a perimeter network.

Denial of service (DoS) An attack that attempts to disrupt a network or its servers by flooding them with packets.

Interruptions of or reductions in network service.

Distributed denial of service (DDoS) attack A DoS attack in which the attacker controls multiple attacking systems.

A Windows Active Directory user account used for domain authentication and resource access authorization.

Values used for data encryption. Also known as an encryption formula.

The table or formula that defines which character in the data translates to which encoded character.

A network security device that filters traffic into and out of a network or subnet.

An expert in problem solving with a computer who sometimes gains illegal access to and sometimes tampers with information in a computer system.

The assurance that data has not been altered or destroyed.

Internet Control Message Protocol (ICMP) A management and troubleshooting protocol that provides support through error and control messages.

Internet Protocol Security (IPSec) A security protocol used for VPN security.

The process of sending packets with a fake source address.

Layer 2 Tunneling Protocol (L2TP) A security protocol used for VPN security.

A user account used by a local computer for authorization and resource access authentication.

Malicious or annoying unwanted software.

An information system that is vital to an organization.

See demilitarized zone (DMZ).

A type of DoS attack that sends oversized ping packets to the target computer.

A type of encrypted virus that includes a scrambled virus body, a decryption routine that first gains control of the computer, and a mutation engine randomizing decryption routines that change each time a virus infects a new program.

An encryption key known to the receiver only in public key encryption.

An encryption key used by the sender to encrypt data and based on the receiver’s private key.

Encryption based on separate sender and receiver keys.

Rivest, Shamir, and Adleman (RSA) A public key encryption algorithm.

A program that can hide itself, along with other programs, files, and processes, from the operating system, antivirus software, and other security software.

A subnet that is isolated from the rest of the network by a firewall.

Encryption based on a single key used for both encryption and decryption.

Sometimes called an integrated circuit card (ICC), it is any pocket-sized plastic card with embedded integrated circuits, usually containing security information such as encryption keys to facilitate access control mechanisms.

Software that monitors, records, and sometimes sends out computer activity, usually without the user’s knowledge.

Encryption based on a single key used for both encryption and decryption.

Temporal Key Integrity Protocol (TKIP) An encryption algorithm that is used to encrypt keys used with WPA.

A program that is expected to do one thing but actually does something else. The name is a reference to classical Greek literature.

Wi-Fi Protected Access (WPA) A wireless security standard that uses TKIP and user authentication.

Wired Equivalent Privacy (WEP) A security scheme that can provide basic security for 802.11b and 802.11g networks.

A self-propagating form of malicious software.

A Windows Active Directory utility used to manage organizational units, users, groups, computers, and other domain objects.

A response to a Windows performance threshold value being met or exceeded.

See electronic software distribution.

A failover process in which an error is detected automatically, and the configuration switches over to the redundant server without administrator intervention.

The process of copying data stored on a computer and saving an exact duplicate of the data on another storage device.

The process of collecting performance baseline information.

Network or computer components responsible for loss of performance.

Common Management Information Protocol (CMIP) A management protocol developed in response to and as an alternative to SNMP.

A RAID 1 configuration based on two hard disks being connected to different disk controllers.

A RAID 1 configuration based on two hard disks being connected to the same disk controller.

See RAID 5.

Electronic software distribution (ESD) A process by which software and updates are distributed automatically to network computers. Also known as automated software delivery and sometimes desktop management.

A network monitoring application.

The process of switching over to a redundant computer.

A term that refers to the error reported when data cannot be found in memory.

The ability of equipment or network resources to continue operating even after a failure.

Another term for normal backup.

A redundant configuration with duplicate hardware, software, and data, in which the data is kept in sync with the primary server to allow for immediate failover.

A device that can be replaced without powering off.

A failover process that requires administrator or operating intervention, typically because it is necessary to synchronize the data on the redundant server.

An individual who is responsible for network management and support.

The process of operating, monitoring, and controlling a network to ensure that it works as intended and provides value to its users.

A backup operation that backs up all specified data and resets the archive bit as each file is backed up. Also known as a full backup.

Performance information used as a point of comparison for network and computer performance analysis. It often includes both typical and peak performance values.

A mode of operation that allows a network adapter to intercept and read the complete contents of any packet on a network.

A fault-tolerant configuration based on two hard disk drives, with both containing the same data. Data is protected in the event of the failure of a single hard disk. See also disk mirroring and disk duplexing.

A fault-tolerant configuration based on three or more hard disks in which data and parity information are striped across the hard disks. Data is protected in the event of the failure of any one hard disk. Also known as disk striping with parity.

1.Duplicate data paths. 2. Duplication of resources.

Redundant array of independent (or inexpensive) disks (RAID) A disk configuration that provides improved disk performance, disk fault tolerance, or both.

Systems that duplicate resources provided by primary network systems.

Simple Network Management Protocol (SNMP) A TCP/IP protocol for remote configuration, monitoring, and management.

A redundant configuration with duplicate hardware and software but where data on the redundant hardware is not kept in sync with the primary server.