Glossary
A set of IEEE standards that describe wireless LAN/MAN protocols.
An IEEE standard for port-based authentication.
Authentication, authorization, and auditing.
Access control list.
Active Directory. A Microsoft database of user and group information.
Alternate data stream. A file construct in Microsoft Windows.
America Online Instant Messenger.
Advanced Interactive eXecutive. IBM’s version of UNIX.
Access point. A device that connects wireless radio equipped endpoints with a wired network.
Application programming interface.
Asynchronous Transfer Mode. A protocol that uses fixed-length packets.
Automated teller machine.
A combination of applications and systems available to attack.
An entry point for attack or the chosen mode used to exploit a vulnerability or flaw in an application or operating system that can be used to subvert or co-opt an endpoint or network.
A bimodal control that is either on or off.
A short-range radio transceiver system designed to connect peripherals to devices (for example, a headset to a smartphone).
Bootstrap Protocol. RFC 951. A UDP-based protocol used by network endpoints to obtain an IP address.
Web robots are automated applications that carry out repetitive tasks, such as collecting personal information or sending spam. The usage here implies malicious intent and behavior.
A group of bots controlled by a central source.
Berkeley Software Distribution. A version of UNIX developed at the University of California, Berkeley.
A computer programming language.
Compact disc read-only memory. An optical read-only method for distributing digital information.
Computer Emergency Response Team.
Closed-loop process control, a method for analyzing and controlling a system (in this case, a network).
Cisco Network Admission Control. Cisco’s proprietary version of NAC.
Computer Security Institute.
Common Vulnerabilities and Exposures. An index of standardized names for vulnerabilities.
Dynamic Host Configuration Protocol. RFC 2131. DHCP provides required IP configuration information to requesting endpoints.
Demilitarized zone. In network contexts, it is a portion of the network that the firewall provides to allow controlled Internet access to corporate network resources.
In genetics, DNA is deoxyribonucleic acid, the building blocks of life. When referenced in this book, it means the basic settings of the system.
Distributed Network Protocol used between remote terminal units.
Disk Operating System.
Digital Subscriber Line is a method of connecting a computer or site to the Internet.
Digital video disc. A high-capacity optical read-only data storage medium originally designed for movies but has since been adapted to general data storage.
Extensible Authentication Protocol. RFC 3748. A universal authentication framework used in point-to-point connections and wireless networks.
Any purpose-built computing system.
Evolution-Data Optimized. A wireless radio broadband standard adopted by some CDMA cellular mobile phone providers.
Federal Bureau of Investigation.
A device that separates and controls traffic from one security zone to another.
Fear, uncertainty, and doubt. Scare tactics used to instill fear in potential customers.
Gramm-Leach-Bliley Financial Services Modernization Act, Pub. L. No. 106-102, 113 Stat. 1338.
General Packet Radio Service. A mobile data service available to GSM users.
Graphic user interface.
Hierarchical File System used in the Mac OS X operating system.
Host integrity. A function used to determine whether a system has complied with a stated level of policy.
Host-based intrusion detection system.
Health Insurance Portability and Accountability Act, Pub. L. No. 104-191.
Hewlett Packard UNIX.
Heating, ventilation, and air-conditioning system in a building or structure.
Internet Control Message Protocol. RFC 792. Used in network diagnostics and for routing.
Intellectual property management or rights management.
A System V-based UNIX with BSD extensions produced by Silicon Graphics.
The section of code that provides the core functionality for an operating system.
Local area network.
Lightweight Directory Access Protocol. LDAP systems store user authentication and authorization information similar to AD.
Lightweight Extensible Authentication Protocol. A Cisco proprietary wireless authentication protocol.
Predefined sections of code that provide services to programs and the operating systems.
Any piece of software that has malicious intent.
Metropolitan area network.
Megabytes per second.
Message Digest 5. A one-way, fixed-length output cryptographic function.
Network access control. Generally used in 802.1x authentication.
Network Access Protection. A Microsoft proprietary network access control.
Network Basic Input Output System. Microsoft networking.
Network intrusion detection system.
Network management system.
Network operations center.
Original equipment manufacturer.
Apple’s operating system, version 10.
Peer-to-peer protocol or application.
Private branch exchange. System used to route phone calls in businesses.
Personal computer.
Payment Card Industry, a standard to evaluate merchants and their network security.
Personal digital assistant. A handheld endpoint.
Proportional, integral, derivative. The three basic control modes used in CLPC.
Programmable logic controller. A computer designed to control things such as valves, gates, motors, and switches.
Patch management.
A concise summary of a book, article, or other text.
Remote Authentication Dial In User Service. AAA system for network access.
Rate of infection or return on investment. When used in the context of viruses, it describes the rate of infection.
A tool or set of tools designed to conceal unauthorized processes from detection by the operating system and other tools.
Remote terminal unit.
Sysadmin, Audit, Network, and Security Institute. Professional training and certification.
Supervisory Control And Data Acquisition system monitor and PLC manager.
A derogatory term for inexperienced hackers who use prewritten scripts.
System development life cycle.
Securities and Exchange Commission.
The desired value in a closed-loop process control system.
Service level agreement.
Server Message Block. An application protocol designed to share access to resources such as printers and file shares.
The capturing of network packets.
A device or software that monitors the network and captures packets based on specified criteria.
Simple Network Management Protocol. A protocol suite used by an NMS to monitor network infrastructure devices.
Sun Microsystems version of UNIX.
Sarbanes-Oxley Act of 2002. Pub. L. No. 107-204, 116 Stat. 745. The Public Company Accounting Reform and Investor Protection Act of 2002.
Smartphone.
Structured Query Language. A standard language used to insert, extract, and manipulate data in a database management system.
Secure Shell. An application that uses a secure channel to connect endpoints.
Specialized Security, Limited Functionality. A very severe Microsoft security configuration.
Set user ID / Set group ID. A mode bit in UNIX and UNIX-like systems that allows programs to inherit permissions.
Trusted Computing Group.
Transmission Control Protocol. TCP works with the IP protocol to ensure packet delivery. Sometimes referred to as TCP/IP.
Transport Layer Security. A successor to the Secure Sockets Layer protocol that provides a secure communications channel between two endpoints.
Trusted Platform Module. Part of the TCG initiative, the TPM is a hardware device that securely stores critical security parameters, such as keys and certificates, in an endpoint such as a notebook computer.
An application that conceals its true intent or behavior by masquerading as another application.
Transportation Security Administration.
Time to replicate. The time it takes a virus to replicate itself in another system.
User Datagram Protocol. UDP works with the IP protocol to deliver packets on a best effort (unguaranteed) basis.
User identification.
A computer operating system developed by Bell Labs in the 1960s and 1970s.
Universal Plug and Play. A Microsoft protocol designed to provide automatic network resource discovery.
Uninterruptible Power Supply.
Universal Serial Bus.
United States CERT.
Vulnerability assessment. Usually a process that discovers vulnerabilities in network endpoints.
Voice over IP. A technology that uses IP protocols, software, and sometimes embedded systems that provides telephone-like services to users.
A malicious piece of software that can replicate and execute itself. A virus uses other programs as carriers in the replication process.
Vulnerability management. The process of ensuring that vulnerabilities are managed within the policies of the organization.
Virtual private network. A secure connection between two network endpoints.
Wired Equivalent Privacy. A weak wireless security protocol that connects a wireless endpoint with an AP.
A brand licensed by the Wi-Fi Alliance to describe wireless networks.
A self-replicating malicious piece of code. Unlike a virus, a worm can copy itself to other endpoints.
WiFi Protected Access. WPA is a framework designed to provide enhanced security to wireless devices.
Windows Server Update Service.
The predecessor to the Santa Cruz Operations version of UNIX, SCO UNIX.
A computer that hosts one or more bots.