Term
|
Definition
| Firewalls check data packets sent over a network to make a determination, based on various data in the packet and rules programmed into the firewall, on whether to block the packets or send them on to the intended destination. Most firewalls were hardware for years, but software firewalls have gained in popularity with the rise of the Internet and personal computing. Firewalls can protect against inbound threats only – known as a one-way firewall – or against both unauthorized inbound and outbound traffic, known as a two-way firewall. Windows Firewall in XP and Vista is a one-way firewall, though Vista’s implementation can be used in two-way functionality if configured correctly. In comparison, many third-party firewall programs are two-way firewalls, such as Zone Alarm. Software firewalls can allow traffic between certain IP addresses and block incoming and outgoing Internet traffic on a per-application basis, depending on the firewall’s rules and exceptions. Organizations often use a proxy server with a firewall as a direct connection between the Internet and the internal network, and use the firewall to protect internal resources. |
|
|
Term
|
Definition
| This feature of firewalls allows individual ports to be locked down entirely, or only allow certain types of traffic from specified users or addresses. |
|
|
Term
|
Definition
| This feature allows an administrator to allow certain users or addresses to utilize ports or capabilities that are disabled or unavailable to most other entities. Exceptions help maintain security by allowing administrators to shut certain points of entry into a network to all but those who really need it. |
|
|
Term
| Authentication technologies |
|
Definition
Authentication is the process of verifying a user’s identity in order to protect machines and networks from an unauthorized user gaining
access. Authentication can be based off a number of specific qualities: something the user knows (a PIN, for example), something the user has (an RFID badge), something the user is (voice print) or something the user does (signature). |
|
|
Term
|
Definition
| Biometrics use physical characteristics to authenticate a potential user. Most commonly, biometric systems are based on fingerprints, but other systems that use voice prints and retina and iris scans are available. |
|
|
Term
|
Definition
| Cards that store data and have microchips in them, most often used for security. |
|
|
Term
|
Definition
| Depending on the type of data under consideration, it may fall under federal, state or local regulations regarding access, in addition to any organization policies that may be in effect |
|
|
Term
|
Definition
| When deciding on data access levels and restrictions, the entities who ―own‖ the data, or at least responsibility for it, and the entities that require access to it must be considered. |
|
|
Term
|
Definition
| An effective technique used to manipulate users to give away their computer passwords. |
|
|
Term
|
Definition
| This involves pretending to be from a service provider for the company, such as telephone or Internet provider, and asking the user to provide login credentials to allow routine maintenance or to solve a computer problem. |
|
|
Term
|
Definition
| This technique uses bogus websites or fraudulent emails to trick users into providing personal or financial information |
|
|
Term
|
Definition
| Current iterations involve malware programs disguised as popular videos or website links that trap keystrokes or transmit sensitive information. |
|
|
Term
|
Definition
| involves leaving physical media (such as an optical disc or flash drive) with what appears to be confidential information somewhere easily found. |
|
|
