Term
|
Definition
| an entry in an object's access control list tha grants permissions to a user or group. |
|
|
Term
|
Definition
| a collection of access control entries that defines the access that all users and groups have to an object. |
|
|
Term
|
Definition
| a group of technologies that enable computers to identify individuals based on physioloigical characteristics, such as fingerprints. |
|
|
Term
| bitlocker drive encryption |
|
Definition
| a windows sever 2008 feature that can encrypt entire volumes, to prevent intruders from accessing their data |
|
|
Term
| centralized authentication |
|
Definition
| a security model in which all of the servers on a network rely on a single authority to authenticate users |
|
|
Term
| decenralized authentication |
|
Definition
| a security model in which each server maintains its own list of users and their crudentials |
|
|
Term
|
Definition
| a password penetration technique in which a list of common passwords is encrypted, and the results compared with captured ciphertext |
|
|
Term
|
Definition
| a software routine that acts as a virtual barrier between a computer and the attached network |
|
|
Term
|
Definition
| a combination of allowed, denied, inherited, and explicitly assigned permissions that provides a composite view of a security principal's functional access to a resource |
|
|
Term
|
Definition
| a ticket-based authentication protocol used by Windows computers that are members of an Active Directory domain |
|
|
Term
|
Definition
| a windows server 2008 component, part of the kerberos authentication protocol, that maintains a database of account information for all security principals in the domain |
|
|
Term
|
Definition
| in tcp/ip communications, the code numbers embedded in transport layer protocol headers that identify the applications that generated and will receive a particular message |
|
|
Term
|
Definition
| keyin windows firewall, a method for opening a communications port through the firewall |
|
|
Term
|
Definition
| a security relationship in which participants are issued two keys: public and private |
|
|
Term
|
Definition
| a cryptographic system in which one character is substituted for another |
|
|
Term
| security accounts manager |
|
Definition
| enables to maintain a list of local users and groups that function as a decentralized authentication system |
|
|
Term
|
Definition
| a unique value assigned to every active directory object when it is created |
|
|
Term
|
Definition
| the user, group, or computer to which an administrator assigns permissions |
|
|
Term
|
Definition
| an environment in which users can access all network resources with a single set of credentials |
|
|
Term
|
Definition
| a credit card-sized device that contains memory and embedded circuitry that enables it to store data |
|
|
Term
|
Definition
| to describe the process of circumventing security barriers by persuading authorized users to provide passwords to other sensitive information |
|
|
Term
|
Definition
| an element providing a security principal with a specific degree of access to a resource |
|
|
Term
|
Definition
| a common combination of special permissions used to provide a security principal with a level of access to a resource |
|
|
Term
|
Definition
| in kerberos authentication, a credential issued by the authentication service that supplies valid authentication creddentials |
|
|
Term
|
Definition
| a dedicated cryptographic processor chip that a windows server 2008 computer uses to store the bitlocker encryption |
|
|
Term
|
Definition
| in active directory, relationship between domains that enable network resources in one domain to authorize users in another |
|
|
Term
|
Definition
| a networking technique in which one protocol is encapsulated within another protocol |
|
|
