| A | B |
|---|
| access control | security concept using physical security, authentication, users and groups, and security policies |
| adware | Type of malicious program that downloads ads to user's computer, generating undesirable network traffic |
| antivirus program | Software designed to combat viruses by either seeking out and destroying them or passively guarding against them |
| authentication | Any method a computer uses to determine what an authenticated user can do |
| biometric device | Hardware device used to support authentication; works by scanning and remembering unique aspects of a user's various body parts (e.g., retina, iris, face, or fingerprint) by using some form of sensing device such as a retinal scanner |
| Challenge Handshake Authentication Protocol (CHAP) | common remote access protocol; serving system challenges the remote client, usually by means of asking for a password |
| compliance | Concept that members of an organization must abide by the rules of that organization. For a technician, this often revolves around what software can or cannot be installed on an organization's computer |
| data classification | System of organizing data according to its sensitivity. Common classifications include public, highly confidential, and top secret. |
| definition file | List of virus signatures that an antivirus program can recognize |
| digital certificate | Form in which a public key is sent from a Web server to a Web browser so that the browser can decrypt the data sent by the server. |
| dumpster diving | to go through someone's trash in search of information |
| effective permissions | User's combined permissions granted by multiple groups |
| encryption | Making data unreadable by those who do not possess a key or password |
| event auditing | Feature of Event Viewer's Security section that creates an entry in the Security Log when certain events happen, such as a users logging on |
| Event Viewer | Utility made available as an MMC snap-in that enables users to monitor various system events, including network bandwidth usage and CPU utilization |
| firewall | Device that restricts traffic between a local network and the Internet |
| Grayware | Program that intrudes into a user’s computer experience without damaging any systems or data |
| Group Policy | Means of easily controlling the settings of multiple network clients with policies such as setting minimum password length or preventing Registry edits |
| HTTPS (Hypertext Transfer Protocol Secure) | Secure form of HTTP used commonly for Internet business transactions or any time when a secure connection is required |
| Incidence reporting | Record of the details of an accident, including what happened and where it happened |
| IPSec | Microsoft’s encryption method of choice for networks consisting of multiple networks linked by a private connection, providing transparent encryption between the server and the client |
| Kerberos | Authentication encryption developed by MIT to enable multiple brands of servers to authenticate multiple brands of clients |
| Local Security Settings | Windows tool used to set local security policies on an individual system |
| MS-CHAP | Microsoft’s variation of the CHAP protocol, which uses a slightly more advanced encryption protocol. |
| object access auditing | Feature of Event Viewer’s Security section that creates an entry in the Security Log when certain objects are accessed, such as a file or folder |
| Password Authentication Protocol (PAP) | Oldest and most basic form of authentication. Also the least safe, because it sends all passwords in clear text |
| Phishing | is the act of trying to get people to give their user names, passwords, or other security information by pretending to be someone else electronically |
| polymorph virus | Virus that attempts to change its signature to prevent detection by antivirus programs, usually by continually scrambling a bit of useless code. |
| pop-up | Irritating browser window that appears automatically when you visit a Web site |
| remediation | Repairing damage caused by a virus |
| Secure Sockets Layer (SSL) | Security protocol used by a browser to connect to secure Web sites |
| Signature | Code pattern of a known virus; used by antivirus software to detect viruses |
| smart card | Hardware authentication involving a credit-card-sized card with circuitry that can be used to identify the bearer of that card |
| social engineering | Using or manipulating people inside the networking environment to gain access to that network from the outside |
| spam | Unsolicited e-mails from both legitimate businesses and scammers that accounts for a huge percentage of traffic on the Internet |
