Glossary

dumpsec

A security tool that dumps a variety of information about a system's users, file system, registry,

 

permissions, password policy, and services.

DLL

Dynamic Link Library. A collection of small programs, any of which can be called when needed by a

 

larger program that is running in the computer. The small program that lets the larger program

 

communicate with a specific device such as a printer or scanner is often packaged as a DLL program

 

(usually referred to as a DLL file).

E

eavesdropping

Egress Filtering

encapsulation

encryption

entry (LDAP)

Listening to a private conversation which may reveal information which can provide access to a facility or network.

Filtering outbound traffic.

The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.

Cryptographic transformation of data (called "plaintext") into a form (called "cipher text") that conceals the data's original meaning to prevent it from being known or used.

The name given to a stored object in a LDAP enabled directory. Each entry has one parent entry (object) and zero or more child entries (objects). The data content of an entry consist of one or more attributes one (or more) of which is (are) used as the naming attribute (more correctly the RDN) to uniquely identify this object in the DIT.

equality (LDAP)

Equality defines the comparison rule of an attribute when used in a search filter that contains no

 

wildcards, and both the content and length must be exactly the same. When wildcards are used, this

 

is called a substring and the SUBSTR rule is used.

external identity

External databases that ACS accesses to perform credential and authentication validations for internal

store

and external users (as defined by you within a policy).

Ethernet

The most widely-installed LAN technology. Specified in a standard, IEEE 802.3, an Ethernet LAN

 

typically uses coaxial cable or special grades of twisted pair wires. Devices are connected to the cable

 

and compete for access using a CSMA/CD protocol.

event

An observable occurrence in a system or network.

Exponential Backoff

Used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending

Algorithm

data over saturated links.

exposure

A threat action whereby sensitive data is directly released to an unauthorized entity.

extended ACLs

A more powerful form of standard ACLs on Cisco routers. They can make filtering decisions based

 

on IP addresses (source or destination), Ports (source or destination), protocols, and whether a session

 

is established.

 

User Guide for Cisco Secure Access Control System 5.3

GL-8

OL-24201-01

Page 627 Page 629
Page 628
Image 628
Cisco Systems OL-24201-01 manual GL-8
Page 627 Page 629
Top Page Image Contents