CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [304]
relying party The person receiving a certificate.
remote access protocol Any networking protocol that is used to gain access to a network over public communication links.
remote access server (RAS) A computer that has one or more modems installed to enable remote connections to the network.
Remote Authentication Dial-In User Service (RADIUS) A mechanism that allows authentication of dial-in and other network connections. RADIUS is commonly used by Internet service providers (ISPs) and in the implementation of virtual private networks (VPNs).
replay attack Any attack where the data is retransmitted repeatedly (often fraudulently or maliciously). In one such possibility, a user can replay a web session and visit sites intended only for the original user.
replication The process of copying directory information to other servers to keep them all synchronized.
repository A database or database server where the certificates are stored.
repudiation attack An attack in which the intruder modifies information in a system.
Request for Comments (RFC) A document creation process and a set of practices that originated in 1969 and is used for proposed changes to Internet standards.
response How you react to an event.
restricted information Information that isn’t made available to all and to which access is granted based on some criteria.
retrovirus A virus that attacks or bypasses the antivirus software installed on a computer.
reverse DNS Using an IP address to find a domain name rather than using a domain name to find an IP address (normal DNS). Pointer (PTR) records are used for the reverse lookup, and often reverse DNS is used to authenticate incoming connections.
reverse engineering The process of re-creating the functionality of an item by first deciding what the result is and then creating something from scratch that serves the same purpose.
revocation The process of canceling credentials that have been lost or stolen (or are no longer valid). With certificates, revocation is accomplished with a Certificate Revocation List (CRL).
RIP See Routing Information Protocol (RIP).
risk analysis An evaluation of each risk that can be identified. Each risk should be outlined, described, and evaluated on the likelihood of it occurring.
risk assessment An evaluation of how much risk you and your organization are willing to take. An assessment must be performed before any other actions—such as how much to spend on security in terms of dollars and manpower—can be decided.
Rivest Cipher 5 (RC5) A cipher algorithm created by Ronald Rivest (for RSA) and known for its speed. It works through blocks of variable sizes using three phases: key expansion, encryption, and decryption.
roaming profile A profile downloaded from a server at each logon. When a user logs out at the end of the session, changes are made and remembered for the next time the user logs on.
rogue server An active Dynamic Host Configuration Protocol (DHCP) server that has been added to the network and is now leasing addresses to users instead of them obtaining an address from your server.
Role-Based Access Control (RBAC) A type of control wherein the levels of security closely follow the structure of an organization. The role the person plays in the organization (accountant, salesman, and so on) corresponds to the level of security access they have to data.
rootkit Software program that has the ability to obtain root-level access and hide certain things from the operating system.
route The path to get to the destination from a source.
route cost The number of router hops between the source and the destination in an internetwork.
router A device that connects two or more networks and allows packets to be transmitted and received between them. A router determines the best path for data packets from