Glossary
GL-8
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
dumpsec A security tool that dumps a variety of information about a system's users, file system, registry,
permissions, password policy, and services.
DLL Dynamic Link Library. A collection of small programs, any of which can be called when needed by a
larger program that is running in the computer. The small program that lets the larger program
communicate with a specific device such as a printer or scanner is often packaged as a DLL program
(usually referred to as a DLL file).
E
eavesdropping Listening to a private conversation which may reveal information which can provide access to a
facility or network.
Egress Filtering Filtering outbound traffic.
encapsulation The inclusion of one data structure within another structure so that the first data structure is hidden
for the time being.
encryption Cryptographic transformation of data (called "plaintext") into a form (called "cipher text") that
conceals the data's original meaning to prevent it from being known or used.
entry (LDAP) The name given to a stored object in a LDAP enabled directory. Each entry has one parent entry
(object) and zero or more child entries (objects). The data content of an entry consist of one or more
attributes one (or more) of which is (are) used as the naming attribute (more correctly the RDN) to
uniquely identify this object in the DIT.
equality (LDAP) Equality defines the comparison rule of an attribute when used in a search filter that contains no
wildcards, and both the content and length must be exactly the same. When wildcards are used, this
is called a substring and the SUBSTR rule is used.
external identity
store
External databases that ACS accesses to perform credential and authentication validations for internal
and external users (as defined by you within a policy).
Ethernet The most widely-installed LAN technology. Specified in a standard, IEEE 802.3, an Ethernet LAN
typically uses coaxial cable or special grades of twisted pair wires. Devices are connected to the cable
and compete for access using a CSMA/CD protocol.
event An observable occurrence in a system or network.
Exponential Backoff
Algorithm
Used to adjust TCP timeout values on the fly so that network devices don't conti nue to timeout sending
data over saturated links.
exposure A threat action whereby sensitive data is directly released to an unauthorized entity.
extended ACLs A more powerful form of standard ACLs on Cisco routers. They can make filtering decisions based
on IP addresses (source or destination), Ports (source or destinatio n), protocols, and whether a session
is established.