• Choose a category
• All
• Classic-Fiction

privilege audit An audit performed to verify that no user is accessing information, or able to access information, beyond the security level at which they should be operating.

privilege escalation The result when a user obtains access to a resource they wouldn’t normally be able to access. Privilege escalation can be done inadvertently, by running a program with Set User ID (SUID) or Set Group ID (SGID) permissions or by temporarily becoming another user (via su or sudo in Unix/Linux or RunAs in Windows 2000/2003).

process list The list of processes currently running on a system. In Windows NT/2000, it can be seen with Task Manager; the ps command shows it in Unix/Linux. Viewing a process list is one of the first steps to take to look for rogue processes running on a server.

promiscuous mode A mode wherein a network interface card (NIC) intercepts all traffic crossing the network wire and not just the traffic intended for it.

protocol analyzer A software and hardware troubleshooting tool that is used to decode protocol information to try to determine the source of a network problem and to establish baselines.

protocols Standards or rules.

proxy A type of firewall that prevents direct communication between a client and a host by acting as an intermediary. See also firewall.

proxy cache server An implementation of a web proxy. The server receives an HTTP request from a web browser and makes the request on behalf of the sending workstation. When the response comes, the proxy cache server caches a copy of the response locally. The next time someone makes a request for the same web page or Internet information, the proxy cache server can fulfill the request out of the cache instead of having to retrieve the resource from the Web.

proxy firewall A proxy server that also acts as a firewall, blocking network access from external networks.

proxy server A type of server that makes a single Internet connection and services requests on behalf of many users.

public information Information that is publicly made available to all.

public key A technology that uses two keys—a public key and a private key—to facilitate communication. The public key is used to encrypt a message to a receiver. See also private key.

Public Key Cryptography Standards (PKCS) A set of voluntary standards created by RSA security and industry security leaders.

Public Key Infrastructure (PKI) A two-key encryption system wherein messages are encrypted with a private key and decrypted with a public key.

Public Key Infrastructure X.509 (PKIX) The Internet Engineering Task Force (IETF) working group developing standards and models for the Public Key Infrastructure (PKI) environment.

public network The part of a network outside a firewall that is exposed to the public. See also firewall.

public key system An encryption system employing a key that is known to users beyond the recipient.

Q

quantum cryptography Cryptography based on changing the polarity of a photon. Quantum cryptography makes the process of interception difficult because any attempt to intercept the message changes the value of the message.

R

radio frequency (RF) The part of the radio spectrum that a device uses.

radio frequency interference (RFI) The byproduct of electrical processes, similar to electromagnetic interference. The major difference is that RFI is usually projected across a radio spectrum.

RADIUS See Remote Authentication Dial-In User Service (RADIUS).

RAID See Redundant Array of Independent (or Inexpensive) Disks (RAID).

RAID levels The different types of RAID, such as RAID-0, RAID-1, and so on.

RAS See Remote Access Server (RAS).

RBAC See Role-Based Access Control (RBAC).

RC5 See Rivest Cipher 5 (RC5).

Redundant Array of Independent (or Inexpensive) Disks (RAID) A configuration of multiple hard disks used to provide fault tolerance, should a disk fail, or gains in efficiency. Different levels of RAID exist.

registration authority (RA) An organization that offloads