Shared Flashcard Set

Details

CompTIA Security+
Acronyms
53
Computer Science
Professional
01/15/2008

Additional Computer Science Flashcards

 


 

Cards

Term
AAA
Definition

Authentication, Access-control, and Auditing

 

Authentication The means in which access is allowed to a network or server.

Access-control is the mechanism that regulates network access to software or other resources.

Auditing is to capture security-related events in a log file

 

 

Term
ACL
Definition

Access Control List

 

Used with Discretionary Access Control or DAC, an ACL is a list of permissions attached to an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object. In a typical ACL, each entry in the list specifies a subject and an operation: for example, the entry (Alice, delete) on the ACL for file XYZ gives Alice permission to delete file XYZ

 

Term
ACE
Definition

Access Control Entry

(ACE) is an entry in an access control list (ACL). An ACE contains a set of access rights and a security identifier (SID) that identifies a trustee for whom the rights are allowed, denied, or audited.

Term
AH
Definition

Authentication Header

 

Another name for IP protocol 51, which provides integrity and authenticity for packets, but not confidentiality.

Term
ALE
Definition

Annual Loss Expectancy

 

 

The Dollar amount of a device malfunctioning, damaged, lost, or stolen per year  SLE x ARO = ALE SLE=Single Loss Expectancy in Dollars

ARO = Annual Rate of Occurrence

Term
ARO
Definition

Annualized Rate of Occurrence

 

 

Conduct a threat analysis-The Goal here is to estimate the Annual Rate of Occurrences. (ARO). This numeric value  represents how many times the event is expected to happen in one years time.  e.g. 1.0 = once a year, 0.5 = once every 2 years, 0.25 = once per four year period. SLE x ARO = ALE 

ALE = Annual Loss Expectancy in dollars
SLE=Single Loss Expectancy

Term
CA
Definition

Certification Authority

 

A CA issues digital certificates which contain a Public Key and the identity of the owner. The CA also attests that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate. A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates.

Term
CHAP
Definition

Challenge Handshake Authentication Protocol

 

A protocol that can be used when a remote client needs to authenticate itself to a network server or when tow routers need to authenticate themselves to each other to begin a point-to-Point Protocol (PPP) session. Challenge includes the session ID and a random string of data to the romote client. The remote client uses a Message Digest function (MD5) hash to return the username, an encryptied challenge, session ID, and password. 

Term
CO
Definition

Central Office

 

Short for central office. In telephony, a CO is a telecommunications office centralized in a specific locality to handle the telephone service for that locality. Telephone lines are connected to the CO on a local loop. The CO switches calls between local service and long-distance service. ISDN and DSL signals also channel through the CO.
Term

Coax

Definition

Coaxial

 

Coaxial Cable is a type of wire that consists of a center wire surrounded by insulation and then a grounded shield of braided wire. The shield minimizes electrical and radio frequency interference.

Coaxial cabling is the primary type of cabling used by the cable television industry and is also widely used for computer networks, such as Ethernet. Although more expensive than standard telephone wire, it is much less susceptible to interference and can carry much more data.

Term
CRL
Definition

Certificate Revocation List

 

Certificate Revocation List (CRL) is one of two common methods when using a public key infrastructure for maintaining access to servers in a network. The other, newer method, which has superseded CRL in some cases, is Online Certificate Status Protocol (OCSP). The CRL is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed date for the next release. When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user.

The main limitation of CRL is the fact that updates must be frequently downloaded to keep the list current. OCSP overcomes this limitation by checking certificate status in real time.

Term
DAC
Definition

Discretionary Access Control

 

DAC is an access control in a network security system that permits the owner of an object (such as a process, file, or folder) to manage access control at their own (the owner's) discretion.

Term
DHCP
Definition

Dynamic Host Configuration Protocol

 

DHCP's purpose is to enable individual computers on an IP network to extract their configurations from a server (the 'DHCP server') or servers, in particular, servers that have no exact information about the individual computers until they request the information. The overall purpose of this is to reduce the work necessary to administer a large IP network. The most significant piece of information distributed in this manner is the IP address.

Term
DNS
Definition

Domain Name Service

 

Short for Domain Name Service (or System or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.example.com might translate to 198.105.232.4. The DNS system is, in fact, its own network. If one DNS server doesn't know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.  

 

 

Term
DoS
Definition

Denial-of-Sevice

 

A type of attack that renders a service inoperative. For instance, a DoS attack can make a popular Web site unavailable for some length of time.

Term
EAP
Definition

Extensible Authentication Protocol

 

Extensible Authentication Protocol, or EAP, is a universal authentication framework frequently used in wireless networks and Point-to-Point connections. It is defined by RFC 3748. Although the EAP protocol is not limited to wireless LANs and can be used for wired LAN authentication, it is most often used in wireless LANs. Recently, the WPA and WPA2 standard has officially adopted five EAP types as its official authentication mechanisms. 
Term
ESP
Definition

Encapsulating Security Payload

 

Another name for IPSec Protocol ID 50, which provides confidentialitty, autenticity, and integrity.

Term
FTP
Definition

File Transfer Protocol

 

This protocol is used for copying files to and from remote computer systems on a network using TCP/IP such as the Internet. This protocol also allows users to use FTP commands to work with files, such as listing files and directories on the remote system.  A common login ID for anonymous FTP.

 

 

Term
IDS & NIDS
Definition

Intrusion Detection System

 

A software and/or hardware system that scans, audits, and monitors the security infrastructure.  

 

NIDS (Network-based IDS) an IDS system that uses primarily passive hardware sensors to monitor traffic on a specific segment of the network.

Term
IP
Definition

Internet Protocol

 

The protocol within TCP/IP that governs the breakup of data messages into packets, the routing of the packets from sender to destination network and station, and the reassembly of the packets into the original data messages at the destination. IP corresponds to the network layer in the ISO/OSI model.

Term
IPSec
Definition

Internet Protocol Security

 

A set of open non-proprietary standards that you can use to secure data as it travels accrss the network or the Internet through data authentication and encryption. Many operating systems and devices support IPSec, such as Windows 2000, Windows XP, NwtWare 6, Solaris 9, and routers

Term
L2F
Definition

Layer 2 Forwarding

 

A tunneling protocol developed by Cisco Systems. L2F is similar to the PPTP protocol developed by Microsoft, enabling organizations to set up virtual private networks (VPNs) that use the Internet backbone to move packets. Recently, Microsoft and Cisco agreed to merge their respective protocols into a single, standard protocol called Layer Two Tunneling Protocol (L2TP).  
Term
L2TP
Definition

 Layer 2 Tunneling Protocol

 

Layer 2 Tunneling  is a widely implemented tunneling protocol. The L2TP encapsulates PPP frames to be sent over IP, X.25, frame relay, or Asynchronous Transfer Mode (ATM) networks. When configured to use IP as its transport, L2TP can be used as a VPN tunneling protocol over the Internet. L2TP over IP uses UDP port 1701 and includes a series of L2TP control messages for tunnel maintenance.  

Recently, Microsoft and Cisco agreed to merge their respective protocols into a single, standard protocol called Layer Two Tunneling Protocol (L2TP) 

Term
LAN
Definition

Local Area Network

 

A computer network covering a small local area, such as a home or office.  This system links together electronic equipment, such as computers, and printers within home or small office building.

Term
LDAP
Definition

Lightweight Directory Access Protocol

(uses tcp/udp Port 389)

 

A common directory service on many networks today. LDAP organizes data in a hierarchincal fashion. LDAP uses objects to represent computers, user accounts, shared resources, services, and so on.

Term
MAC
Definition
Mandatory Access Control Objects (files and other resources) are assigned security labels of varying levels depending on the object's sensitivity. Users are assigned a security level or clearance, and when they try to access an object, their clearance is compared to the object's security label. If there's a match, the user can access the objet; if there's no match, the user is denied access. 

 

Term
NAT
Definition

Network Address Translation

 

In computer networking, Network Address Translation (NAT, also known as Network Masquerading, Native Address Translation or IP Masquerading) is a technique of transceiving network traffic through a router that involves re-writing the source and/or destination IP addresses and usually also the TCP/UDP port numbers of IP packets as they pass through. Checksums (both IP and TCP/UDP) must also be rewritten to take account of the changes. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address. Many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts and may have a performance impact.

 

 

Term
PDA
Definition

Personal Digital Assistant

 

A lightweight palmtop computer designed to provide specific functions like personal organization (calendar, note taking, database, calculator, and so on) as well as communications. More advanced models also offer multimedia features. Many PDA devices rely on a pen or other pointing device for input instead of a keyboard or mouse, although some offer a keyboard too small for touch typing to use in conjunction with pen or pointing device. For data storage, a PDA relies on flash memory instead of power-hungry disk drives.

Term
PGP
Definition
Pretty Good Privacy PGP is software that can be used to encrypt or digitally sign data. A method of securing email created to prevent attackers from intercepting and manipulating email and attachments by encrypting and digitally signing the contents of the email using public key cryptography. 

 

Term
PKCS
Definition
Public-Key Cryptography Standards 

PKCS is a set of protocols standards developed by a consortium of vendors to send information over the internet in a secure manner using a public key infrastructure (PKI).

Term
PKI
Definition
Public Key Infrastructure A system that is composed of a Certificate Authority (CA), certificates, software, services, and other cryptographic components, for the purpose of enabling authenticity and validation of data and/or entities, for example to secure transactions over the Internet.  

 

Term
PPTP
Definition

Point-to Point Tunneling Protocol

 

PPTP is a specification for virtual private networks in which some nodes of a local area network are connected through the Internet. Related to local area network, nodes, virtual network etc.
Term
RADIUS
Definition

Remote Authentication Dial-In User Service

 

A standard protocol for providing centralized authentication and authorization services for remote users. For more information - Relates to RFCs 2138

Term
RAS
Definition

Remote Access Server

 

A host on a local area network that is equipped with modems to enable users to connect to  the network over telephone lines.

A Microsoft product, included with most flavors of Windows, that allows one computer to connect to another through a modem to access shared resources, such as drives or files.

Term
RBAC
Definition
Role-Based Access Control Access is based on the role a user plays in the organization. For instance a human resources manager would need access to information that a department manager would not need access to, and both would need access to some common information.  

 

Term
S/MIME
Definition
Secure Multipurpose Internet Mail Extensions This specification is similar to PGP in that it seeks to enable the encryption and digital signing of e-mail messages. S/MIME is designed and marketed for integration into e-mail and messaging products. 
Term
SFTP
Definition
Secure File Transfer Protocol It is also known as Secure FTP, S/FTP and S-FTP.  SFTP is a type of File Transfer Protocol program that supports SSL/TLS encryption for FTP communications. SSL/TLS encryption protects the transfer of the password and all data between the client and server.  

 

Term
SHA
Definition
Secure Hashing Algorithm SHA is a hashing algorithm used for creating a condensed version of a message. The four algorithm approved by FIPS (Federal Information Processing Standard) are SHA1, SHA256, SHA384, and SHA512 and they differ in terms of hash function and 128 bits of security against collision attacks. SHA1 produces a message digest of 160bits providing no more than 80bits of security against collision attacks.
Term
SLE
Definition
Single Loss Expectancy  The Dollar Amount of what it would cost to replace the device if it malfunctioned or was lost, damaged or stolen.  SLE x ARO = ALE

ALE = Annual Loss Expectancy in dollars
ARO = Annual Rate of Occurrence

Term
SSH
Definition
Secure Shell

 

Port #22

 

A protocol and software package originally developed at the Helsinki University of Technology and is a secure, low-level Transport protocol. SSH allows users to log on to a remote computer over the network, execute commands on it, and move files from one computer to another while providing strong authentication and secure communications over unsecured channels.

Term
SSL
Definition
Secure Sockets Layer Used with Port #443 which is https SSL is a security protocol that combines digital certificates for authentication with RSA public key encryption. RSA encryption (R-S-A’ en-krip`shən) noun

Short for Rivest-Shamir-Adleman encryption. The patented public key encryption algorithm, introduced by Ronald Rivest, Adi Shamir, and Leonard Adleman in 1978, on which the PGP (Pretty Good Privacy) encryption program is based.

Term
SSO
Definition

Single Sign-On

 

Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name and password in order to access multiple applications. The process authenticates the user for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session.
Term
STP
Definition
Shielde Twisted Pair STP is a cable consisting of one or more twisted pairs of wires and a sheath of foil and copper braid. The twists protect the pairs from interference by each other, and the shielding protects the pairs from interference from outside. Therefore, STP cable can be used for high-speed transmission over long distances. It uses a RJ45 connector for an Ethernet networking connection. 
Term
TACACS
Definition
Terminal Access Controller Access Control System A standard protocol for providing centralized authentication and authorization services for remote users. TACACS+ also supports multifactor authentication. 
Term
TCP
Definition
Transmission Control Protocol The protocol within TCP/IP that governs the breakup of data messages into packets to be sent via IP, and the reassembly and verification of the complete messages from packets received by IP. TCP corresponds to the transport layer in the ISO/OSI model. 

 

Term
UDP
Definition
User Datagram Protocol UDP is the connectionless protocol within TCP/IP that corresponds to the transport layer in the ISO/OSI model. UDP converts data messages generated by an application into packets to be sent via IP but does not verify that messages have been delivered correctly. Therefore, UPD is more efficient than TCP, so it is used for various purposes, including SNMP; the reliability depends on the application that generates the message. 
Term
UTP
Definition
Unshielded Twisted Pair UTP is a cable containing one or more twisted pairs of wires without additional shielding. UTP is more flexible and takes up less space than shielded twisted-pair (STP) cable but has less bandwidth. 

 

Term
VLAN
Definition
Virtual Local Area Network Distinct segments or portions of a network designed to control broadcast traffic. Each VLAN is considered a broadcast domain because all hosts on a VLAN are able to send broadcast traffic to all hosts on a VLAN. Broadcast traffic is not allowed to pass beyond the logical confines of the VLAN. 

 

Term
VPN
Definition
Virtual Private Network 

A VPM is a secure connection between a remote computer and a server on private network that uses the Internet as its network medium.

Term
WAN
Definition

Wide Area Network

 

A communications network that connects geographically separated areas.

Term
WEP
Definition

Wired Equivalent Privacy

 

Provides 64-bit, 128-bit, and 256-bit encryption using the rivest Cipher 4 (RC4) algorithm for wireless communication that uses the 802.11a and 802.11b protocols.

Term
WINS
Definition

Windows Internet Naming Service

 

Although NetBIOS and NetBIOS names can be used with network protocols other than TCP/IP, WINS was designed specifically to support NetBIOS over TCP/IP (NetBT). WINS is required for any environment in which users access resources that have NetBIOS names. If you do not use WINS in such a network, you cannot connect to a remote network resource by using its NetBIOS name unless you use Lmhosts files, and you might be unable to establish file and print sharing connections. 
Term
WTLS
Definition
Wireless Transport Layer Security 

WTLS is the security layer of WAP and wireless equivalent of TLS in wired networks.

Supporting users have an ad free experience!