home
our
services
about Peter Davis+Assoc.
contact
security/audit
info
Privacy Test
Security & Audit
Tools
CyberScribblings
- Security &
Audit Products
-
- Top Ten
Security Links
-
- Security &
Audit Checklists
-
- Computer
& Security
- Glossary
-
- Security &
Audit Bibliography
-
- Search Page
legal info
privacy
info
|
[0] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]
- 10Base2
- 10 Mbps, baseband, in 185 meter
segments, ThinWire, coaxial cable Ethernet.
- 10Base5
- 10 Mbps, baseband, in 500 meter
segments, ThickWire, coaxial cable Ethernet.
- 10BaseF
- Baseband, in 1 kilometer segments,
fibre optic Ethernet.
- 10BaseT
- 10 Mbps, baseband, unshielded,
twisted pair (UTP) Ethernet.
- 10BaseVG
- 100 Mbps, baseband, four pair, CAT 3
Ethernet.
- 802.2
- IEEE standard specifying the Logical
Link Control (LLC) sub layer, which defines services for the
transmission of data between two stations at the data link layer of
the OSI model.
- 802.3
- IEEE standard specifying the Carrier
Sense Multiple Access/Collision Detection method used by Ethernet.
- 802.4
- IEEE standard specifying the token
bus network access method used by ARCnet.
-
- 802.5
- IEEE standard specifying the logical
ring network using a token passing method used by token ring and IBM
LANs.
- 802.11
- IEEE standard specifying wireless
local area networks (WLANs). 802.11b refers to an over-the-air
connection with a wireless client and a base station or Wireless
Access Point (WAP) or between two wireless clients.
-
- [Back to
top]
A
- Access
- The ways and means
you approach (physically), store or retrieve
data, communicate with, and make use of any
resource on a computer system.
- Access Category
- One of the classes
whereto a user, a program or a process in a
system may be assigned because of the resources
or groups of resources that each user, program,
or process is authorized to use.
- Access Control Entry
- An entry in an access
control list (ACL). The entry contains a security
ID (SID) and a set of access rights. A process
with a matching security ID is either allowed
access rights, denied rights, or allowed rights
with auditing.
- Access Control List
- The part of a
security descriptor that enumerates the
protection (that is, permission) given to an
object.
- Access Control Mechanisms
- Hardware or software
features, operating procedures, management
procedures, and various combinations of these
designed to detect and prevent unauthorized
access and to permit authorized access to a
system.
- Access Guidelines
- Used here in the
sense of guidelines for the modification of
specific access rights. A general framework drawn
up by the owner or custodian to instruct the data
set security administrator on the degree latitude
that exists for the modification of rights of
access to a file without the specific authority
of the owner or custodian.
- Access
List
- A catalogue of users,
programs, or processes and the specifications of
access categories whereto each is assigned.
- Access Period
- A segment of time,
generally expressed on a daily or weekly basis,
when access rights prevail.
- Access Right
- A permission granted
to a process to manipulate a particular object in
a particular manner (for example, calling a
service). Different object types support
different access rights, which are stored in the
objects access control list (ACL).
- Access Token
- An object uniquely
identifying a user who has logged on. An access
token is attached to all the users
processes and contains the users security
ID (SID), the names of any groups to which the
user belongs, any privileges the user owns, the
default onwer of any objects the users
processes create, and the default access control
list (ACL) to be applied to any objects the
users processes create.
- Access
Type
- An access right to a
particular device, program or file. For example,
read, write, execute, append, allocate, modify,
delete, create.
- Accessibility
- The ease with which
information can be gotten.
- Accidental
- Outcome from the lack
of care or any situation where the result is
negatively different from that intended.
- Accountability
- The quality or state
that enables violations or attempted violations
of a system security to be traced to individuals
who may then be held responsible.
- Accuracy
- Having no errors.
Correct. Exact. Faithful. Precise. Proper. Right.
True. Veracious. Vericidal.
- ACE
- The acronym for
Access Control Entry. This contains a SID and the
associated set of access control permissions for
each object.
- ACL
- The acronym for
Access Control List. This is the place where
object permissions are kept. ACLs consist of
access control entries.
- ActiveX
- Microsoft technology part of DCOM
strategy. Allows the downloading of binary executables or
controls for execution on the client. Replaces OLE.
- Address
- A number or group of
numbers uniquely identifying a network node
within its network (or internetwork).
- ADSL
- The acronym for
Asymmetric Digital Subscriber Line, which is a broadband service
delivering download rates of 1.5-1.9 Mbps and upload rates of 16-640
Kbps.
- Administrator
- The Administrator is
the person responsible for the operation of the
network. The Administrator maintains the network,
reconfiguring and updating it as the need arises.
With Windows NT Server, it also is the default
user account created during setup.
- Alert
- (1) An audible or
visual alarm that signals an error or serves as a
warning of some sort. (2) An asynchronous
notification that one thread sends to another.
- Algorithm
- A step-by-step
procedure, usually mathematical, for doing a
specific function, e.g., a PIN verification
algorithm or an encryption algorithm.
- American Wire Gauge (AWG)
- The adopted standard
wire sizes, such as No. 12 wire and No. 14 wire.
The larger the gauge number of the wire, the
smaller the wire; therefore, a No. 14 wire is
smaller than a No. 12 wire.
- AMPS
- The acronym for
Advanced Mobile Phone Service. Basic cellular service in
North and South America typically operating at 800 MHz and using
FDMA transmission technology. With AMPS, when a person grabs a
segment of frequency for a call, nobody else can use that frequency.
Digital cellular technologies offer ways for carriers to allow more
calls in a cell, using the same amount of bandwidth.
- Analog
- A system based on a
continuous ratio, such as voltage or current
values.
- Analog Transmission
- A communications
scheme using a continuous signal, varied by
amplification. Broadband networks use analog
transmissions.
- Analytical Attack
- An attempt to break a
code or cipher key by discovering flaws in its
encryption algorithm. analytical attack An
attempt to break a code or cipher key by
discovering flaws in its encryption algorithm.
- ANSI
- The acronym for
American National Standards Institute, which sets
standards for many technical fields.
- AppleTalk
- Macintosh native
protocol.
- Application
- The user's
communication with the installation. A software
program or program package enabling a user to
perform a specific job, such as word processing
or electronic mail.
- Application
Program/Software
- A program written for
or by a user that applies to the user's work.
- Application Programming
Interface (API)
- A set of routines
that an application program uses to request and
carry out lower-level services performed by the
operating system.
- Application System
- A collection of
programs and documentation used for an
application.
- Architecture
- The general design of
hardware or software, including how they fit
together.
- ARCnet (Attached Resource
Computer Network)
- A local area network
scheme developed by Datapoint.
- ASCII
- The acronym for
American Standard Code for Information
Interchange pronounced "ASK-ee."
- Assembler
- A language translator
that converts a program written in assembly
language into an equivalent program in machine
language. The opposite of a disassembler.
- Assembly Language
- A low-level
programming language in which individual
machine-language instructions are written in a
symbolic form that is easier to understand than
machine language itself.
- Asynchronous
- A method of data
communications in which transmissions are not
synchronized with a signal. Local area networks
transmit asynchronously.
- Attach
- To log a workstation
into a server. Also, to log a workstation into
another file server while the workstation remains
logged into the first.
- Attacks
- The method used to
commit security violations, such as masquerading
and modification.
- Attenuation
- The difference in
amplitude between a signal at transmission and at
reception.
- Audit Policy
- Defines the type of
security events logged for a domain or for an
individual computer; determines what NT will do
when the security log becomes full.
- Audit
Trail
- A chronological
record of system activities sufficient to enable
the reconstruction, review, and examination of
the sequence of environments and activities
surrounding or leading to each event in the path
of a transaction from its inception to the output
of results.
- Auditability
- The physical or
mental power to perform an examination or
verification of financial records or accounts.
- Auditing
- The ability to detect
and record security-related events, particularly
any attempt to create, access, or delete objects.
Windows NT uses security IDs (SIDs) to record
which processes performed the action.
- Authenticate
- (1) To confirm that
the object is what it purports being. To verify
the identity of a person (or other agent external
to the protection system) making a request. (2)
The act of identifying or verifying the
eligibility of a station, originator, or
individual to access specific categories of
information.
- Authentication
- The act of
identifying or verifying the eligibility of a
station, originator, or individual to access
specific categories of information.
- Authorization
- The process that
grants the necessary and sufficient permissions
for the intended purpose.
- Authorize
- To grant the
necessary and sufficient permissions for the
intended purpose.
- Automated Security
Monitoring
- The use of automated
procedures to ensure that the security controls
implemented within a system are not circumvented.
[Back to
top]
- Backbone
- A central network
cable system that connects other networks.
- Background
- A background task or
program runs while the user is doing something
else. The most common example is a print spooler
program. Used in contrast to foreground.
- Background Processing
- The action of
completing tasks in the background.
- Backup
- (n) A copy of a disk
or of a file on a disk. (v) To make a spare copy
of a disk or of a file on a disk.
- Backup Domain Controller
- For Windows NT Server
domains, refers to a computer that receives a
copy of the domain's security policy and domain
database and authenticates network logons.
- Backup Procedures
- The provisions you
make made for recovering your data files and
programs, and for the restart or replacement of
your system after the occurrence of a system
failure or of a disaster.
- Bandwidth
- The range of
frequencies available for signaling; the
difference expressed in Hertz between the lowest
and highest frequencies of a band. Or
simplistically, the rate that a network can
transfer data.
- BASIC (Beginner's
All-purpose Symbolic Instruction Code)
- A high-level
programming language that is easy to use. It is
used mainly for microcomputers.
- Batch
- The processing of a
group of related transactions or other items at
planned intervals.
- Baud
- A unit of signaling
speed. The speed in baud is the number of
discrete conditions or events per second.
- BDC (Backup Domain
Controller)
- A machine that is
used to provide a degree of fault tolerance by
maintaining a copy of the SAM.
- Bit
- A contraction of
binary digit. The smallest unit of information
that a computer can hold. The value of a bit (1
or 0) represents a simple two-way choice, such as
yes or no, on or off, positive or negative,
something or nothing.
- Boot
- To start up by
loading the operating system into the computer.
Starting up is often accomplished by first
loading a small program which then reads a larger
program into memory. The program is said to
"pull itself up by its own
bootstraps"hence the term
"bootstrapping" or "booting".
- Boot Protocol (BOOTP)
- A protocol used for
remotely booting systems on the network.
- Bps (bits per second)
- A unit of data
transmission rate.
- Breach
- A break in the system
security that results in admittance of a person
or program to an object.
- Bridge
- A device used to
connect LANs by forwarding packets addressed to
other similar networks across connections at the
Media Access Control data link level. Routers,
which operate at the protocol level, are also
called bridges.
- Broadband
- A transmission system
in which signals are encoded and modulated into
different frequencies and then transmitted
simultaneously with other signals.
- Broadcast
- A LAN data
transmission scheme in which data packets are
heard by all stations on the network.
- Brute-Force Attack
- A computerized
trial-and-error attempt to decode a cipher or
password by trying every possible combination.
Also known as exhaustive attack.
- Buffer
- A temporary holding
area of the computer's memory where information
can be stored by one program or device and then
read at a different rate by another, for example,
a print buffer. Also, the printer's random access
memory (RAM), measured in kilobytes. Because
computer chips can transfer data much faster than
mechanical printer mechanisms can reproduce it,
small buffers are generally inserted between the
two, to keep the data flow in check.
- Bug
- An error in a program
that prevents its working as intended. The
expression reportedly comes from the early days
of computing when an itinerant moth shorted a
connection and caused a breakdown in a room-sized
computer.
- Bulletin Board System (BBS)
- An electronic system
that supports communication via modem among
computers. Typically, a bulletin board system
supports public and private electronic mail,
uploading and downloading of public-domain files,
and access to on-line databases. Large,
commercial bulletin board systems, such as
CompuServe and GEnie, can support many users
simultaneously; smaller, local boards permit only
one caller at a time.
- Bus
- A common connection.
Networks that broadcast signals to all stations,
such as Ethernet and ARCnet, are considered bus
networks.
- Byte
- A unit of information
having eight bits.
[Back to
top]
- Cabling System
- The wiring used to
connect networked computers together.
- CACLS
- A Windows NT
command-line program specific to Windows NT that
allows you to modify user permissions by using
the DOS command prompt or by placing them within
a file and running that file. A handy utility to
manage large numbers of changes.
- Callback
- A procedure
established for identifying a terminal dialing
into a computer system by disconnecting the
calling terminal and reestablishing the
connection by the computer systems dialing
the telephone number of the calling number.
- Card
- Another name for
board.
- Catalog
- A list of files
stored on a disk. Sometimes called a directory.
- CDFS
- CD-ROM file system.
- CDMA
- The acronym for
Code Division Multiple Access. The dominant PCS standard
in North America, this spread-spectrum technology lets multiple
callers share a segment of spectrum of frequencies. Compare to
FDMA and TDMA.
- CDPD
- The acronym for
Cellular Digital Packet Data. A packet-based technology, which
allows
either 9.6 Kbps or 19.2 Kbps data rates over standard analog
channels in the 800-900 MHz range, by finding and employing unused
channels.
- Central Processing Unit
(CPU)
- The "brain"
of the computer; the microprocessor performing
the actual computations in machine language.
- Certification
- The technical
evaluation, made as part of and in support of the
accreditation process, establishing the extent
that a particular computer system or network
design and implementation meet a specified set of
security requirements.
- Channel
- An information
transfer path within a system. May also refer to
the mechanism by which the path is effected.
- Character
- Letter, numerical,
punctuation or any other symbol contained in a
message.
- Chip
- Slang for a silicon
wafer imprinted with integrated circuits.
- Clear
Text
- Information that is
in its readable state (before encryption and
after decryption).
- CISC
- Complex Instruction
Set Computer.
- Classified
- Subject to prescribed
asset protection controls, including controls
associated with classifications.
- Classify
- To assign a level of
sensitivity and priority and, hence, security
control to data.
- Clear
Text
- Information that is
in its readable state (before encryption and
after decryption).
- Click
- To quickly press and
release the mouse button. For example, you often
click an icon to start an application.
- Client
- A computer that
accesses shared network resources provided by
another computer (a server). In a client/server
database system, this is the computer (usually a
workstation) that makes service requests.
- Client/Server
- A network system
design in which a processor or computer
designated as a server (file server, database
server, and so on) provides services to other
client processors or computers.
- Coax
- Also known as
coaxial, this is a cable that consists of two
wires running inside a plastic sheath, insulated
from each other.
- Collision
- A garbled
transmission resulting from simultaneous
transmissions by two or more workstations on the
same network cable.
- Command Prompt
- The window in NT that
provides DOS-like capabilities, letting you enter
commands that execute within that window.
- Commit Bytes
- The actual amount of
memory that all the applications need at any
given moment.
- Communication Link
- An electrical and
logical connection between two devices. On a
local area network, a communication link is the
point-to-point path between sender and recipient.
- Communication Program
- A program that
enables the computer to transmit data to and
receive data from distant computers through the
telephone system or some other communication
system.
- Compartmentalization
- The breaking down of
sensitive data into small, isolated blocks for
reducing the risk to the data.
- Compiler
- A language translator
that converts a program written in a high-level
programming language (source code) into an
equivalent program in some lower-level language,
such as machine language (object code) for later
execution.
- Completeness
- Having all or
necessary parts.
- Compromise
- The loss, misuse, or
unauthorized disclosure of a data asset.
- Computer Name
- For Windows NT
purposes, a unique name of up to 15 uppercase
characters identifying a computer to the network.
The name cannot be the same as any other computer
or domain name in the network, and it cannot
contain spaces.
- Condition
- An operating
situation when a threat arises. The condition is
necessary and desirable for operations.
- Confidentiality
- A parameter showing
the privacy of the information (used particularly
in costing functions involving information that
has a security classification or is considered
proprietary or sensitive).
- Configuration
- (1) The total
combination of hardware components (central
processing unit, video display device, keyboard,
and peripheral devices) forming a computer
system. (2) The software settings allowing
various hardware components of a computer system
to communicate with each other.
- Configuration Registry
- A database repository
for information about a computer's configuration,
for example, the computer hardware, the software
installed on the system, and environment settings
and other information entered by persons using
the system.
- Connect Time
- The amount of time a
user connects to the file server.
- Console
- In Windows NT, a
text-based window managed by the Win32 subsystem.
Environment subsystems direct the output of
character-mode applications to consoles.
- Control Codes
- Nonprinting computer
instructions such as carriage return and line
feed.
- Control Program
- A program designed to
schedule and supervise the performance of data
processing work by a computing system.
- Control
Set
- In Windows NT, a
complete set of parameters for devices and
services in the HKEY_LOCAL_ MACHINE\SYSTEM key in
the NT Registry.
- Controlled Sharing
- The scope or domain
where authorization can be reduced to an
arbitrarily small set or sphere of activity.
- Counter
- As used with
Microsoft's Performance Monitor, the measurement
of activity for a particular object, such as
bytes read per second.
- Crash
- A malfunction caused
by hardware failure or an error in the program.
- Critical
- Data with this
preservation classification is essential to the
organization's continued existence. The loss of
such data would cause a serious disruption of the
organization's operation.
- Criticality
- A parameter
indicating dependence of the organization on the
information.
- Crosstalk
- The unwanted
transmission of a signal on a channel that
interfaces with another adjacent channel. Signal
interference created by emissions passing from
one cable element to another.
- Cryptoanalysis
- The steps and
operations performed, in converting messages
(cipher) into plain text (clear) without initial
knowledge of the key employed in the encryption
algorithm.
- Cryptographic System
- The documents,
devices, equipment, and associated techniques
that are used as a unit to provide a single means
of encryption (enciphering or encoding).
- Cryptography
- Transformation of
plain text into coded form (encryption) or from
coded form into plain text (decryption).
- Cryptology
- The field that
includes both cryptoanalysis and cryptography.
- Customer-Related
- Identifying or
relating specifically to a customer of the
organization.
[Back to
top]
- Damage
- Impairment of the
worth or usefulness of the information.
- Data
- Processable
information with the associated documentation.
The input that a program and its instructions
perform on and that determines the results of
processing.
- Data
Base
- (1) A collection of
information organized in a form that can be
readily manipulated and sorted by a computer
user. (2) Short for database management system.
- Database Management System
- A software system for
organizing, storing, retrieving, analyzing and
modifying information in a database.
- Data Base Server
- A database server is
the "back end" processor that manages
the database and fulfills database requests in a
client/server database system.
- Data Contamination
- A deliberate or
accidental process or act that results in a
change in the integrity of the original data.
- Data-Dependent Protection
- Protection of data at
a level commensurate with the sensitivity level
of the individual data elements, rather than with
the sensitivity of the entire file that includes
the data elements.
- Data Diddling
- Unauthorized
alteration of data as it is entered or stored in
a computer.
- Data Integrity
- Verified
correspondence between the computer
representation of information and the real-world
events that the information represents. The
condition of being whole, complete, accurate and
timely.
- Data Leakage
- The theft of data or
software.
- Data Link Control (DLC)
- A printer and host
access protocol primarily used by PCs to
communicate with IBM minicomputers and
mainframes.
- Data Protection
- Measures to safeguard
data from undesired occurrences that
intentionally or unintentionally lead to
modification, destruction or disclosure of data.
- Data Security
- Data security is the
result achieved through implementing measures to
protect data against unauthorized events leading
to unintentional or intentional modification,
destruction or disclosure of data.
- Data Storage
- The preservation of
data in various data media for direct use by the
system.
- Debug
- A colloquial term
that means to find and correct an error or the
cause of a problem or malfunction in a computer
program. Usually synonymous with troubleshoot.
- Debugger
- A utility program
that allows a programmer to see what is happening
in the microprocessor and in memory while another
program is running.
- Decipher
- To convert, by use of
the appropriate key, cipher text (encoded,
encrypted) into its equivalent plain text
(clear).
- Decrypt
- Refer Decipher.
- Dedicated File Server
- A file server that is
used as a user's workstation. The machine is
devoted to file service.
- Deficiency
- A weakness in
organization, administration, programs, or
machines that results in the appearance of
threats.
- Deliberate
- Actions intended to
harm. The results of such deliberate actions
might well be different from those expected by
perpetrators or victims. For example, arson and
vandalism.
- Destruction
- To render an asset
ineffective or useless, it is a recognizable
loss, for example, the file must be recovered
from backup storage or reconstituted.
- Device
- A generic term for a
computer subsystem, such as a printer, serial
port, or disk drive. A device frequently requires
its own controlling software, called a device
driver.
- Device Driver
- A software component
that enables a computer system to communicate
with a device. For example, a printer driver is a
device driver that translates computer data into
a form understood by the intended printer. In
most cases, the driver also manipulates the
hardware to transmit the data to the device.
- DHCP
- The acronym for
Dynamic Host Configuration Protocol. This is a
tool that allows dynamic IP address allocation,
simplifying machine configuration in your
network.
- Digital
- A system based on
discrete states, typically the binary conditions
of on or off.
- Digital Transmission
- A communications
system that passes information encoded as pulses.
Baseband networks use digital transmissions, as
do microcomputers.
- Directory
- A pictorial,
alphabetical, or chronological list of the
contents of a disk. A directory is sometimes
called a catalog. It is used by the operating
system to keep track of the contents of the disk.
- Disclosure
- The act or an
instance of revelation or exposure. A disclosure
can be obvious, such as the removal of a tape
from a library or it can be concealed, such as
the retrieval of a discarded report by an
outsider or disgruntled employee.
- Discretionary Access
Control (DAC)
- The protection that
the owner of an object applies to the object by
assigning various access rights to various users
or groups of users.
- Disk
- A data storage device
in which data is recorded on a number of
concentric circular tracks on magnetic medium.
- Disk
Drive
- An electromechanical
device that reads from and writes to disks. Two
types of disk drives are in common use: floppy
disk drives and hard disk drives.
- Disk Mirroring
- The procedure of
duplicating a disk partition on two or more
disks, preferably on disks attached to separate
disk controllers so that data remains accessible
when either a disk or a disk controller fails.
Disk mirroring provides a measure of fault
tolerance.
- Disk Partition
- A logical compartment
on a physical disk drive. A single disk might
have two or more logical disk partitions, each of
which would be referenced with a different disk
drive name.
- Disk Striping
- The procedure of
combining a set of same-sized disk partitions
residing on separate disks into a single volume,
forming a virtual "stripe" across the
disks. This fault-tolerance technique enables
multiple I/O operations in the same volume to
proceed concurrently.
- Documentation
- A complete and
accurate description and authorization of a
transaction and each operation a transaction
passes through. The written (can be automated)
description of a system or program and how it
operates.
- Domain
- A collection of
computers that share a common domain database and
security policy. Each domain has a unique name.
- Domain Controller
- The server that
authenticates domain logons and maintains the
security policy and the master database for a
domain.
- Domain
Name
- A name assigned to a
domain.
- Domain Name System, or
Server (DNS)
- A distributed
database system that allows TCP/IP applications
to resolve a host name into a correct IP address.
- Double-Click
- To quickly press and
release the mouse button twice without moving the
mouse. Double-clicking is a means of rapidly
selecting and activating a program or program
feature.
- Download
- To transfer a file
from a large computer or BBS to a personal
computer. "Upload" is the opposite
operation.
- DUN
- The acronym for
Dial-Up Networking. Easy to confuse with RAS
because it is the newer version of RAS and it
performs the same function. We think it was
renamed to provide some consistency with Windows
95 terms.
- Duplexing
- The concept of using
two disk drives and two disk controllers to store
data, one serving as primary and the other for
backup purposes.
- Dynamic Host Configuration
Protocol (DHCP)
- The protocol used by
a server to dynamically allocate IP addresses on
a network. Designed to allow networked hosts to
access configuration information across the
network, instead of having to be configured by
hand directly.
[Back to
top]
- Eavesdropping
- Unauthorized
interception of data transmissions.
- EISA
- Enhanced Industry
Standard Architecture. An older system data
transfer bus architecture that was designed to
manage 8-, 16- and 32-bit data transfers. Widely
used; most expansion cards support this
architecture.
- Embarrassment
- A parameter
indicating the sensitivity of an organization to
public knowledge of the information.
- Employee-Related
- Identifying or
relating specifically to an employee of the
organization.
- Emulation
- The imitation of a
computer system, performed by a combination of
hardware and software, that allows programs to
run between incompatible systems.
- Encipher
- To convert plain text
(clear) into unintelligible form by a cipher
system.
- Encrypt
- See Encipher.
- Enterprise-Network
- A network bringing
all sites together through a communications
medium.
- Error
Log
- An audit trail of
system warning messages displayed for the file
server.
- Ethernet
- A local area network
protocol developed by Xerox in 1973 and
formalized in 1980. It is the most widely used
network protocol.
- Event
- Any significant
occurrence in the system or in an application
that requires users to be notified, or an entry
to be added to a log.
- Event Log Service
- A service that
records events in the system, security, and
application logs.
- Expected Lifetime
- A parameter
indicating the length of time the information is
operative or has value to its owners.
- Exposure
- A quantitative rating
(in dollars per year) expressing the
organizations vulnerability to a given
risk.
- Extended Partition
- Free space on a hard
disk that is used to allow the disk to be further
partitioned into logical partitions or drives.
[Back to
top]
- Fail
Safe
- The automatic
termination and protection of programs or other
processing operations when a hardware or software
failure is detected in a system.
- Fail
Soft
- The selective
termination of affected non-essential processing
when a hardware or software failure is detected
in a system.
- FAT
- The name given to the
DOS file system. FAT stands for file allocation
table and refers to the method of managing the
files and directories on the DOS system.
- Fault Tolerance
- A computer and
operating system's capability to respond
gracefully to catastrophic events, such as a
power outage or hardware failure. Usually, fault
tolerance implies the capability either to
continue the system's operation without loss of
data or to shut down the system and restart it,
recovering all processing in progress when the
fault occurred.
- FDMA
- The acronym for
Frequency Division Multiple Access. Used with AMPS, FDMA
is a method for coordinating radio traffic to prevent interference
between users sharing frequencies. Only one subscriber can
access a given frequency at any time. Compare to CDMA and TDMA.
- Fiber-Optic Cable
- A cable constructed
using a thin glass or plastic core that conducts
light rather than electrical signals.
- Field
- A particular type or
category of information in a database management
program, for example, a variable. A location in a
record where a particular type of data is stored.
In other words, a field is a single unit of dats
such as a name or address.
- File
- A single, named
collection of related information stored on
magnetic medium.
- File Allocation Table (FAT)
- A table or list
maintained by some operating systems, such as
MS-DOS, to keep track of the status of various
segments of disk space used for file storage.
- File Attribute
- A restrictive label
attached to a file that describes and regulates
its use, for example, archive, hidden, read-only,
and system.
- File
Server
- A computer that
provides network stations with controlled access
to shareable resources.
- File
Size
- The length of a file,
typically given in bytes.
- File
System
- In an operating
system, the overall structure by which files are
named, stored, and organized.
- Format
- The process of
setting up a drive space to allow an operating
system to use the space. Each operating system,
such as MAC, DOS, and NT, uses distinct file
system formats, and a drive must be formatted in
order for the system to be able to use it.
- Fraud
- A deliberate
deception perpetrated for unlawful or unfair
gain.
- FTP
- File transfer
protocol. A program that enables clients to
transfer files between computers.
- Fully Qualified Domain Name
(FQDN)
- The complete host
name and domain name of a network host.
[Back to
top]
- Gateway
- A device that
provides routing and protocol conversion among
physically dissimilar networks and computers, for
example, LAN to host, LAN to LAN, X.25, and SNA
gateways. That is, a multihomed host used to
route network traffic from one network to
another. Also used to pass network traffic from
one protocol to another.
- Grant
- To authorize.
- GSM
- The acronym for
Global System for Mobile Communications. A variant of TDMA,
GSM is the closest thing to a world standard for cellular service.
A single-frequency cellular handset may work compatibly in Europe,
Asia, India and Africa, but not North America.
- GUI
- The acronym for Graphical user
interface.
[Back to
top]
- Hacker
- A computer
enthusiast; also, one who seeks to gain
unauthorized access to computer systems.
- Handshaking
- A dialog between a
user and a computer, a computer and another
computer, a program and another program for
identifying a user and authenticating his
identity, through a sequence of questions and
answers based on information either previously
stored in the computer or supplied to the
computer by the initiator of the dialog. Also,
when used in context, it refers to the controlled
movement of bits between a computer and a
printer.
- Hardware
- In computer
terminology, the machinery that forms a computer
system.
- Hardware Abstraction Layer
(HAL)
- A dynamic link
library that encapsulates platform-dependent
code. Think of it as a layer of software provided
by the hardware manufacturer that hides, or
abstracts, hardware differences from higher
layers of the Windows NT operating system.
Different hardware looks alike to the operating
system, thus removing the need to tailor the
operating system to each and every hardware type.
- HCL
- Microsoft's Hardware
Compatibility List. This is a list of all
hardware that is certified to run with NT. You
can find the list on the Internet at the
following address: http://www.microsoft.com/isapi/hwtest/hcl.idc.
- Hertz
- A measure of
frequency or bandwidth. The same as cycles per
second.
- Hierarchical Database
- A database organized
in a treelike structure.
- High Performance File
System (HPFS)
- The file system
designed for OS/2 Version 1.2.
- Host Computer
- The computer that
receives information from and sends data to
terminals over telecommunication lines. It is
also the computer that is in control in a data
communication network. The host computer can be a
mainframe computer, minicomputer, or
microcomputer.
- Host Name Resolution
- The process of
determining a network address when presented with
a network host name and domain name, usually by
consulting the Domain Name System.
- HPFS
- The acronym for High
Performance File System, provided by OS/2
operating systems. Files in this format can be
read by NT.
- Hub
- (1) A device used on
certain network topologies that modifies
transmission signals, allowing the network to be
lengthened or expanded with additional
workstations. The hub is the central device in a
star topology. (2) A computer that receives
messages from other computers, stores them, and
routes them to other computer destinations.
[Back to
top]
- I/O Device (input/output
device)
- A device that
transfers information into or out of a computer.
icon In graphical environments, a small graphics
image displayed on-screen to represent an object
that can be manipulated by the user; for example,
a recycle bin can represent a command for
deleting unwanted text or files.
- IDE
- The acronym for
Integrated Drive Electronics, the older disk
drive architecture that usually integrates
directly with the disk drive instead of using a
separate card.
- Identification
- The process that
enables, generally using unique machine-readable
names, recognition of users or resources as
identical with those previously described to a
system.
- IEEE (Institute of
Electrical and Electronic Engineers)
- One of several groups
whose members are drawn from industry and who
attempt to establish industry standards. The IEEE
802 committee has published numerous definitive
documents on local area network standards.
- Information
- Includes input,
output, software, data and all related
documentation.
- Information Pool
- Consists of data
designated as accessible by authorized
individuals.
- Initialize
- (1) To set to an
initial state or value in preparation for some
computation. (2) To prepare a blank disk to
receive information by organizing its surface
into tracks and sectors; same as format.
- Input/Output (I/O)
- The process by which
information is transferred between the
computers memory and its keyboard or
peripheral devices.
- Instance
- An NT term relating
to particular tasks in each object. Objects often
have more than one instance, such as the
Processor and its %Interrupt Time or %User Time
or %Processor Time.
- Integrity
- Freedom from errors.
- Interface
- A device or program
that allows two systems or devices to communicate
with each other. An interface provides a common
boundary between the two systems, devices, or
programs. Also, the cables, connectors, and
electrical circuits allowing communication
between computers and printers.
- Interrupt Request Lines
(IRQ)
- Hardware lines over
which devices can send signals to get the
attention of the processor when the device is
ready to accept or send information. Typically,
each device connected to the computer uses a
separate IRQ.
- Intruder
- A user or another
agent attempting to gain unauthorized access to
the file server.
- IP
Address
- A 32-bit network
address that uniquely locates a host or network
within its internetwork.
- ISDN
- The acronym for Integrated Services
Digital Network. A digital phone line that allows
faster transmission speeds (128Kbps) than analog
phone lines (56Kbps) speeds.
- ISP
- The acronym for
Internet Service Provider, a firm that offers
connections to the Internet for a fee.
[Back to
top]
- Jitter
- Instability of a
signal for a brief period.
- Job
- A combined run of one
or more application programs that are
automatically processed in sequence in the
computer.
[Back to
top]
- Kernel
- The core of an
operating system. The portion of the system that
manages memory, files, and peripheral devices;
maintains the time and date; launches
applications; and allocates system resources.
- Key
- In cryptography, a
sequence of symbols that controls the operations
of encryption and decryption.
- Key Generation
- The origination of a
key or of a set of distinct keys.
[Back to
top]
- Least Privilege
- A principle that
users should be assigned only the access needed
to perform their business functions.
- Local Area Network (LAN)
- A communications
system using directly connected computers,
printers, and hard disks allowing shared access
to all resources on the network.
- Local Security Authority
(LSA)
- An integral subsystem
of the Windows NT security system. The LSA
manages the local security policy and provides
interactive user authentication services. It also
controls the generation of audit messages and
enters audit messages into the audit log file.
Creates a security access token for each user
accessing the system.
- Logic
Bomb
- Malicious action,
initiated by software, that inhibits the normal
system functions; a logic bomb takes effect only
when specified conditions occur.
- Logical Access
- Access to the
information content of a record or field.
- Logical File
- Refers to the data
that a file contains.
- Logical Partition
- A subpartition of an
extended partition on a drive, commonly called a
logical drive. See extended partition.
- Login
- The process of
accessing a file server or computer after
physical connection has been established.
- Logon
- The process of
identifying oneself to a computer after
connecting to it over a communications line.
During a logon procedure, the computer usually
requests the user's name and a password. Also
called login.
[Back to
top]
- Mainframe
- The term used for
very large computers that support thousands of
users and huge databases.
- Map
- (1) To assign a
workstation drive letter to a server directory.
(2) To translate a virtual address into a
physical address.
- Media Access Control (MAC)
- Part of the physical
layer of a network that identifies the actual
physical link between two nodes.
- Menu
- A list of options
from which users select.
- Menu
Option
- An option on a menu
that performs some action, prompts the user for
additional information, or leads to another menu.
- Microcomputer
- A general term
referring to a small computer having a
microprocessor. In this book, you can use the
term interchangeably with personal computer.
- Mirroring
- A method of ensuring
data replication using two hard drives that are
connected to the same disk controller. Less
robust than duplexing because of the shared
controller. Otherwise, duplexing and mirroring
can be considered to be essentially the same
thing.
- Modem
- A
modulator-demodulator. A device that lets
computers communicate over telephone lines by
converting digital signals into the phone
system's analog signals and vice versa.
- Modification
- An asset is altered
partly so the form or quality of it has been
changed somewhat. A file can appear intact and
may be perfectly usable, but it can contain
erroneous information.
- Monitoring
- The use of automated
procedures to ensure that the controls
implemented within a system are not circumvented.
- Multihomed
- A computer that has
more than one network card, either physically or
logically. Often used as a router for connecting
two networks.
[Back to
top]
- Need-to-Know
- The necessity for
access to, knowledge of, or possession of
sensitive information to fulfill official duties.
Responsibility for determining whether a person's
duties require that he have access to certain
information, and whether he is authorized to
receive it, rests on the owner of the information
involved and not on the prospective recipient.
- NetBIOS Extended User
Interface (NetBEUI)
- A small, fast
protocol that requires little memory but is not
routable.
- Network
- A collection of
inter-connected, individually controlled
computers, printers and hard disks, with the
hardware and software used to connect them.
- Network Adapter
- A circuit board that
plugs into a slot in a PC and has one or more
sockets to which you attach cables. Provides the
physical link between the PC and the network
cable. Also called network adapter card, network
card, and network interface card (NIC). network
address A unique identifier of an entity on a
network, usually represented as a number or
series of numbers.
- Network Basic Input/Output
Operating System (NetBIOS)
- A network
file-sharing application designed for use with PC
DOS personal computers, usually implemented under
TCP/IP at the application layer.
- Network Drive
- An online storage
device available to network users.
- Network Interface Card
- See network adapter.
- Network Operating System
- An operating system
installed on a server in a local area network
that coordinates the activities of providing
services to the computers and other devices
attached to the network.
- Network Station
- Any PC or other
device connected to a network by means of a
network interface board and some communications
medium. A network station can be a workstation,
bridge, or server.
- Node
- A point of
interconnection to a network. Normally, a point
at which a number of terminals are located.
- Nonce
- A 16-byte challenge
issued by the authentication service.
- NT File System (NTFS)
- A file system
designed for use with Windows NT. NTFS supports
file system recovery and extremely large storage
media.
- NTFS
- An NT file system
acronym for New Technology File System. The
particular way data is stored on an NT system
when chosen over the FAT file system.
[Back to
top]
- Object
- (1) A single runtime
instance of a Windows NT defined object type
containing data that can be manipulated only by
use of a set of services provided for objects of
its type. (2) Any piece of information, created
by a Windows-based application with object
linking and embedding capabilities, that can be
linked or embedded into another document. (3) A
passive entity that contains or receives data.
Access to an object potentially implies access to
the information it contains.
- Object Handle
- Includes access
control information and a pointer to the object
itself. Before a process can manipulate a Windows
NT object, it first must acquire a handle to the
object through the Object Manager.
- Object Linking and
Embedding (OLE)
- A way to transfer and
share information between applications.
- Offline
- State in which the
printer or some other device is not ready to
receive data.
- Operating System
- Software that
controls the internal operations (housekeeping
chores) of a computer system. Operating systems
are specific to the type of computer used.
- Owner
- An employee or agent
of the client who is assigned responsibility for
making and communicating certain judgments and
decisions regarding business control and
selective protection of assets, and for
monitoring compliance with specified controls.
[Back to
top]
- Package
- A generic term
referring to any group of detailed computer
programs necessary to achieve a general
objective. For example, an accounts receivable
package would include all programs necessary to
record transactions in customer accounts, produce
customer statements, and so forth.
- Packet
- A group of bits
transmitted as a whole on a network.
- Pad
- The short term for
packet assembler-dissembler used in X.25
technologies.
- Paging
- The act of moving
data to disk when physical memory is full. A
component of virtual memory.
- Parallel Interface
- A printer interface
that handles data in parallel fashion, eight bits
(one byte) at a time.
- Parity
Bit
- A way of marking the
eighth bit in a data byte so that 7-bit ASCII
characters between 0 and 127 are sent and
received correctly. There are three kinds of
parity: odd, even, and none.
- Partition
- A portion of a
physical disk that functions as though it were a
separate unit.
- Password
- Privileged
information given to, or created by the user,
which is entered into a system for authentication
purposes. A protected word or secret character
string used to authenticate the claimed identity
of an individual, a resource or access type.
- PCI
- A 32-bit data
transfer bus used in newer machines and generally
faster than the older EISA bus. Most Intel-based
machines built today support this standard.
- PCS
- The acronym for
Personal Communication Service/System. Refers to the 3
dominant digital cellular technologies operating in the 1.9 GHz band
in North America: CDMA, GSM and TDMA.
- PDC
- Acronym for Primary Domain
Controller. The machine that provides user
authentication for the NT network.
- Penetration
- A successful
unauthorized access to a system.
- Peripheral
- Any device used for
input/output operations with the computers
central processing unit (CPU). Peripheral devices
are typically connected to the microcomputer with
special cabling and include such devices as
modems and printers.
- Permission
- A particular form of
allowed access, e.g., permission to READ as
contrasted with permission to WRITE.
- Physical Drive
- The actual hardware
that is set in the computer and used to store
information. Often called the hard drive, C
drive, or D drive after the letter assigned to it
by the system.
- Physical Security
- Physical protection
of assets achieved through implementing security
measures.
- PING
- A network application
that uses UDP to verify reachability of another
host on any internetwork.
- Plain
Text
- Intelligible text or
signals that have meaning and that can be read or
acted upon without the application of any
decryption.
- Polling
- A means of
controlling devices on a line.
- Port
- (1) A connection or
socket used to connect a device to a computer,
such as a printer, monitor, or modem. Information
is sent from the computer to the device through a
cable. (2) A communications channel through which
a client process communicates with a protected
subsystem. Ports are implemented as Windows NT
objects.
- Primary Domain Controller
- For Windows NT Server
domains, the server that authenticates domain
logons and maintains the security policy and the
master domain database.
- Principal
- The entity in a
computer system to which authorizations are
granted; thus, the unit of accountability in a
computer system.
- Print
Queue
- A shared storage area
on the file server where the system sends every
print job before sending to the print server or
print device.
- Print Server
- Software that takes
jobs from the print queue and sends them to the
printer.
- Privacy
- Your right to control
or influence what information related to you may
be collected and stored and by whom and to whom
that information may be disclosed.
- Privileges
- A means of protecting
the use of certain system functions that can
affect system resources and integrity. System
managers grant privileges according to the
users needs and deny them to restrict the
users access to the system.
- Processing
- A systematic sequence
of operations performed on data.
- Protocol
- A set of characters
at the beginning and end of a message that
enables two computers to communicate with each
other.
[Back to
top]
- Queue
- A first-in/first-out
data structure, used for managing requests to
process data; for example, files to be printed.
- Quid pro quo
- Used in law for the
giving of one valuable thing for another.
[Back to
top]
- RAS
- The acronym for
Remote Access Services. This is the NT 3.x
version of Dial-Up Networking; it is used to
connect machines together via telephone or other
means.
- Read
- A fundamental
operation that results only in the flow of
information from an object to a subject.
- Read
Access
- Permission to read
data.
- Read-Only
- A term used to
describe information stored in such a way that it
can be played back (read) but not changed
(written).
- Record
- A collection of
related information (fields) that is treated as
one unit within a file.
- Recovery Cost
- A parameter
associated with restoring an organization to
operate as before an event.
- Redirector
- Networking software
that accepts I/O requests for remote files, named
pipes, or mail slots and then sends (redirects)
them to a network server on another machine.
Redirectors are implemented as file system
drivers in Windows NT.
- Registry
- As used here, the
database repository for information about the
computer's configuration, including the hardware,
installed software, environment settings, and
other information.
- Registry Editor
- An application
provided with Windows NT that allows users to
view and edit entries in the Registry.
- Remote Administration
- Administration of one
computer by an administrator located at another
computer and connected to the first computer
across the network.
- Repeater
- A device that extends
the range of a network cable segment. A hub is
really just a multi-port repeater.
- Request for Comments (RFC)
- The official
designation of the Internet standards documents.
- Resource
- In a system, any
function, device, or data collection that may be
allocated to users or programs.
- Resource Sharing
- The concurrent use of
a resource by more than one user, job, or
program.
- Revoke
- To take away
previously authorized access from some principal.
- Rights
- User capabilities
given for accessing files and directories on a
file server.
- Ring
- A network topology
that connects each workstation in a circular
fashion and sends the network signal in a
unidirectional manner through the circle.
- RFC
- Acronym for Request For Comments,
used by the Internet Advisory Board and IETF to set de facto
standards.
- RISC
- Acronym for Reduced Instruction
Set Computer.
- Risk
- The potential that a
given threat has of occurring within a specific
period. The potential for realization of
unwanted, negative consequences of an event.
- Risk Analysis
- An analysis of system
assets and vulnerabilities to establish an
expected loss from certain events based on
estimated probabilities of the occurrence of
those events.
- Router
- A Layer 3 device that
connects two or more networks together. A router
reads packets sent along the network and
determines its correct destination.
[Back to
top]
- Scavenging
- Randomly searching
for valuable data in a computers memory or
in discarded or incompletely erased magnetic
media.
- SCSI
- The acronym for Small
Computer Standard Interface. Originally designed
for the UNIX world, it is designed to handle high
speeds and multiple devices, such as disk and
tape drives.
- Security
- Protection of all
those resources that the client uses to complete
its mission.
- Security Account Manager
(SAM)
- A Windows NT
protected subsystem that maintains the SAM
database and provides an application programming
interface (API) for accessing the database.
- Security Descriptor
- A data structure
attached to an object that protects the object
from unauthorized access. It contains an access
control list (ACL) and controls auditing on the
object.
- Security ID (SID)
- A unique name that
identifies a logged-on user to the security
system. Security IDs can identify one user or a
group of users.
- Security Policy
- The set of laws,
rules, and practices that regulate how an
organization manages, protects, and distributes
sensitive information. For Windows NT, the
security policies consist of the Account, User
Rights, and Audit Policies, and they are managed
using User Manager for Domains.
- Security Reference Manager
(SRM)
- A Windows NT Server
security subsystem that authenticates user logons
and protects system resources.
- Sensitive
- A data classification
category. Loss, misuse, or unauthorized
disclosure of data with this protection
classification would have a serious negative
impact. Such an incident would be very harmful to
the organization.
- Sensitive Program
- An application
program whose misuse through unauthorized
activity could lead to serious misappropriation
or loss of assets.
- Sensitivity
- The characteristic of
a resource that implies its value or importance,
and may include its vulnerability.
- Serial Interface
- An interface that
handles data in serial fashion, one bit at a
time.
- Server
- A network device that
provides services to client stations. Servers
include file servers, disk servers and print
servers.
- Server Manager
- An application used
to view and administer domains, workgroups, and
computers.
- Share
Name
- The name of a shared
resource.
- Shared Directory
- A directory where
network users can connect.
- Shielding
- Protective covering
that eliminates electromagnetic and radio
frequency interference.
- SID
- A unique identifier
maintained internally by NT that identifies a
user or group of users to the system.
- Small Computer System
Interface (SCSI)
- A standard used for
connecting microcomputers to peripheral devices,
such as hard disks and printers, and to other
computers and local area networks.
- Sneaker
- A computer
professional who seeks to test security by
attempting to gain unauthorized access to
computer systems.
- SOAP
- The acronym for
Simple Object Access Protocol. Standard for linking
Internet applications running on different platforms, using XML
messages.
- Software
- Programs and routines
to be loaded temporarily into a computer system,
for example, compilers, utilities, operating
system and application programs.
- Stack
- As used in this book,
a synonym for protocol.
- Star
- A topology in which
each node is connected to a central hub.
- Subject
- The combination of
the user's access token and the program acting on
the user's behalf. Windows NT uses subjects to
track and manage permissions for the programs
each user runs.
- Submenu
- A menu below the main
menu.
- Subnet
- A physical or logical
subdivision of a TCP/IP network; usually a
separate physical segment that uses a division of
the site's IP network address to route traffic
within the organizational internetwork.
- Supervisor
- The network
supervisor is the person responsible for the
operation of the network. The network supervisor
maintains the network, reconfiguring and updating
it as the need arises.
- System Integrity
- The behaviour of
hardware/software system that does the right
things; further, it does these things right and
does them when they are needed.
[Back to
top]
- TCP/IP
- Acronym for Transmission Control
Protocol/Internet Protocol. This is the protocol
suite that drives the Internet. Very basically,
TCP handles the message details and IP manages
the addressing. It is probably the most widely
used network protocol in the world today.
- TCSEC
- The Trusted Computer
System Evaluation Criteria.
- TDMA
- The acronym for
Time Division Multiple Access. Method for dividing a
single analog channel into a number of time slots and assigning each
caller a distinct time slot within a given channel allowing more
than one caller to use a channel at any time without interference.
GSM is a variant. Compare to CDMA and FDMA.
- Telecommunication
- The electronic
transfer of information via telephone lines from
computer to computer. See electronic mail; BBS;
modem.
- Telnet
- A program that allows
terminal emulation for communicating between
machines via TCP/IP.
- TFTP
- A simpler version of
the FTP program that operates using UDP/IP
services.
- Threat
- One or more events
that may lead to either intentional or
unintentional modification, destruction or
disclosure of data. An eventuality which, should
it occur, would lead to an undesirable effect on
the environment.
- Token
Ring
- A network topology
regulated by the passing of a token that governs
the right to transmit.
- Topology
- The physical layout
of the network cabling.
- Transaction
- A set of operations
that completes a unified task.
- Transient
- An abrupt change in
voltage, of short duration.
- Transmission-on/Transmission-off
(X-ON/X-OFF)
- A type of software
handshaking.
- Trapdoor
- A set of special
instructions, originally created for testing and
troubleshooting, that bypasses security
procedures and allows direct access to a
computer's operating system or to other software.
- Trojan Horse
- A program, purporting
to do useful work, that conceals instructions to
breach security whenever the software is invoked.
- Trust Relationship
- Links between domains
that enable passthrough authentication, in which
a user only has one user account in one domain
yet can access the entire network. A trusting
domain honors the logon authentications of a
trusted domain.
- Twisted Pair
- A common type of
wiring that uses two wires twisted together yet
insulated from each other. Can be purchased
shielded or unshielded.
[Back to
top]
- UDP
- The User Datagram
Protocol, an older protocol that does not offer
good error detection or recovery. It is used by
SNMP and TFTP, as well as the Network File System
(NFS).
- Unbounded Media
- Media that use radio
frequencies, microwaves, or other media to
transmit data.
- Unicode
- A fixed-width, 16-bit
character encoding standard that is capable of
representing all the world's scripts.
- User
- Used imprecisely to
refer to the individual who is accountable for
some identifiable set of activities in a computer
system.
- User
Group
- A computer club in
which computer users exchange tips and
information, publish a newsletter, support a
local BBS, and listen to sales pitches from
vendors at meetings. A meeting of like-minded
individuals who practice information sharing,
e.g., GUIDE, SHARE, DECUS, ISSA and ISACA.
- User Manager
- A Windows NT
Workstation tool used to manage the security for
a computer. Administers user accounts, groups,
and security policies.
- User Manager for Domains
- A Windows NT
Workstation Server tool used to manage the
security for a domain or an individual computer.
Administers user accounts, groups, and security
policies.
- User Rights Policy
- Manages the
assignment of rights to groups and user accounts.
- Utilities
- Useful programs that
you can rename, copy, format, delete, and
otherwise manipulate files and volumes.
[Back to
top]
- Verification
- Confirmation that the
object is what it purports to be. Also,
confirmation of the identity of a person (or
other agent external to the protection system)
making a request.
- VIM
- The acronym for
Vendor Independent Messaging, which is an e-mail API.
- Virtual Memory
- Combines the physical
RAM available in the machine with disk space to
simulate an environment in which you have more
memory than you physically have in RAM. NT tries
to assess what parts of memory are least likely
to be used and pages this information out to the
disk area until it is needed.
- Virus
- A program, usually a
Trojan Horse, that copies itself into new
databases and computers whenever the infected,
parent program is invoked.
- Volume
- A storage device,
such as a disk pack, mass storage system
cartridge, or magnetic tape. For our purposes,
diskettes, cassettes, mag cards, and the like are
treated as volumes.
- Volume
Set
- A collection of
partitions possibly spread over several disk
drives that has been formatted for use as if it
were a single drive.
- Vulnerability
- The cost that an
organization would incur should an event
happened.
[Back to
top]
- WAN
- The acronym for
Wide Area Network, or a network covering a wide geographical
area, usually at a capacity less than those of a Local Area Network.
- WAP
- The acronym for
Wireless Application Protocol. WAP is a network-neutral
protocol for sending data to and from WAP-enabled devices, such as
cellular phone handsets.
- WEP
- The acronym for
Wireless Equivalency Privacy, which is the encryption protocol
used with 802.11b wireless networks.
- Wireband
- A communications
channel that has greater bandwidth than
voice-grade lines.
- Windows Internet Naming
Service (WINS)
- A service that
translates Windows computer names (or NetBIOS
names) to IP addresses.
- Wiretapping
- Monitoring or
recording data as it moves across a
communications link; also known as traffic
analysis.
- WML
- The acronym for
Wireless Markup Language, which is another subset of SGML.
Protocol used for scripting WAP pages.
- Workstation
- In general, a
powerful computer having considerable calculating
and graphics capability. For Windows NT,
computers running the Windows NT Workstation
operating system are called workstations, as
distinguished from computers running Windows NT
Server, which are called servers.
- Worm
- A type of malware that consumes
computer resources, e.g., CPU cycles or disk space.
-
WOW
- Windows on Win32.
- Write
- A fundamental
operation that results only in the flow of data
from a subject to an object.
- Write Access
- Permission to write
an object.
[Back to
top]
- X.25
- A protocol that
allows you to route information through a
packet-switching public data network, such as
Datapac. An older technology, it operates at a
top speed of 64Kbps, and it was designed for
earlier days when telephone networks were less
reliable than today.
- X.400
- ITU standard defining the format of
electronic mail.
- X.500
-
ITU standard defining directory services for naming and addressing.
- XML
- The acronym for
eXtensible Markup Language, which is a subset of SGML (Standard
Generic Markup Language).
-
[Back to
top]
[Back to
top]
[Back to
top]
|