A
Access Control Entries (ACEs)
Data structures that identify permissions and indicate to whom they are assigned. ACEs are assigned to objects at object creation and can be modified by a security principal with the Change Permissions permission. Each ACE contains a security identifier, a permission, and an action (either Allow or Deny).
ad hoc mode
A type of wireless network where wireless clients are connected directly to each other without using an access point.
answering router
In a site-to-site (router-to-router) virtual private network (VPN), the router that listens for the connection request, authenticates and authorizes the VPN connection, and then acts as a router by forwarding packets between nodes in its site and the calling router.
anti-replay protection
A process or configuration that ensures that authentication and other successful negotiation packets cannot be re-used by another computer to form a successful connection.
application pool identity
A user account that is the process identity for the worker processes that service an application pool. Each application pool can and should have a separate application pool identity. Web sites and applications running in the application pool have the same rights and permissions granted to the application pool identity.
application pools
An IIS group of Web sites and applications that can use the same worker process. Each application pool serves as an isolation boundary—that is, an application running outside of the application pool has no access to the processes or Web site running inside the application pool.
authentication
A process through which security principals (users, computers, and processes) can prove their identity before connecting to the network or to some resource contained by the network. In a traditional network, authentication is supported by technologies that rely on passwords. Today, additional authentication tools—such as certificates, smart cards, biometrics, tokens, and even unique devices—are supported.
Authentication Header (AH)
One of two subprotocols of IPSec. AH provides superior packet authentication. This is because AH provides protection for the data packet and the IP header. The AH header contains a field, named Authentication Data, that includes an integrity check value (ICV) or authentication code. This value is checked to validate message authentication and integrity. The ICV is calculated over the Internet Protocol header, the AH header, and the data payload. Encapsulating Security Payload (ESP), in contrast, does not sign the whole packet.
Authority Information Access (AIA)
A location—such as a URL, a file system path, or an LDAP—where a copy of the certificate authority certificate can be obtained.
authorization
process that dictates what a security principal can do after it is authenticated. System privileges and object-based access control lists (ACLs) are the primary methods of authorization used in the Microsoft Windows family of operating systems.
Automated System Recovery (ASR)
An ASR backup backs up the local system state data, system services, and any disks that are part of the operating system. An ASR backup of a cluster node will back up the cluster disk signatures and partitions.
autonomy
A state or condition in which external control is possible even while local control is the way things are done.
B
Basic Service Set (BSS)
A single-access-point wireless-network configuration consisting of an access point or server that connects clients to an internal network and clients. The wireless access point serves as a bridge between the wireless and wired networks.
bidirectional trust
A trust relationship that extends in both directions.
border controls
Controls that sit at the junction between trusted and less trusted segments of a network. They can be firewalls, remote access servers, intrusion detection systems, packet filtering routers, virtual private network servers, or a combination of these things that are located on a border between the internal private network and an external network such as the Internet.
border gateway
A hardware or software device that separates an organization’s internal, private network from a network that does not belong to it, such as the Internet.
bridge CA
A Certificate Authority (CA) that becomes the link between multiple hierarchies. If the bridge CA is part of the certificate chain, the certificate will be validated.
Business Drivers
The objectives that propel a business forward and continue to make it profitable.
business continuity plan
A plan that consists of an analysis of the major risks to an organization’s survival and of a plan for the mitigation of, or other response to, the risks.
business impact analysis (BIA)
A type of risk analysis, usually undertaken as part of the business continuity plan process. For each risk, it is determined what will happen if risk becomes reality. For each risk, it is determined exactly how much time in days or hours can pass before the business goes out of business. Each risk is then ranked according to this time factor. This ordered list helps management assign resources to mitigate the risk or to respond to the results if the risk becomes a reality.
Popularity: 18% [?]
last comments