Glossary
GL-5
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
configuration
management
The process of establishing a known baseline condition and managing it.
cookie Data exchanged between an HTTP server and a browser (a client of the server) to store state information
on the client side and retrieve it later for server use. An HTTP server, when sending data to a client,
may send along a cookie, which the client retains after the HTTP connection closes. A server can use
this mechanism to maintain persistent client-side state information for HTTP-based applications,
retrieving the state information in later connections.
corruption A threat action that undesirably alters system operation by adversely modifying system functions or
data.
CoS Class of Service. A way of managing traffic in a network by grouping similar types of traffic (for
example, e-mail, streaming video, voice, large document file transfer) together and treating each type
as a class with its own level of service priority.
countermeasure Reactive methods used to prevent an exploit from successfully occurring once a threat has been
detected. Intrusion Prevention Systems (IPS) commonly employ countermeasures to prevent intruders
form gaining further access to a computer network. Other counter measures are patches, access control
lists and malware filters.
covert channels The means by which information can be communicated between two parties in a covert fashion using
normal system operations. For example by changing the amount of hard drive space that is available on
a file server can be used to communicate information.
CRL certificate revocation list. A list of certificates (more accurately: their serial numbers) which have been
revoked, are no longer valid, and should not be relied upon by any system user.
CRUD Create, read, update and delete. The basic management operations that are performed on managed data
cryptanalysis The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge
needed to break or circumvent the protection that the system is designed to provide. In other words,
convert the cipher text to plaintext without knowing the key.
cryptographic
algorithm or hash
An algorithm that employs the science of Cryptography, including Encryption algorithms,
Cryptographic Algorithm or Hash, Digital Signature Algorithm (DSA), and key agreement algorithms.
cryptography Garbles a message in such a way that anyone who intercepts the message cannot understand it.
CSV comma-separated value. This file format is a delimited data format that has fields separated by the
comma character and records separated by new lines.
SGA Security Group Access
CUE Common User Experience
cut-through A method of switching where only the header of a packet is read before it is forwarded to its destination.
CRC Cyclic Redundancy Check. Sometimes called "cyclic redundancy code." A type of checksum algorithm
that is not a cryptographic hash but is used to implement data integrity service where accidental
changes to data are expected.