Stormshield SN series Configuration Manual page 435

SNS - USER CONFIGURATION MANUAL V.3
GLOSSARY
Brute force attack
An exhaustive and determined method of testing all possible combinations, one by one, to find
out a password or secret key by trial and error. This method only works when the sought after
password contains very few characters.
This attack can be thwarted simply by choosing longer passwords or keys, which the intruder
will take longer to find out.
Buffer
Temporary storage zone.
Buffering
Temporary storage of information for the purpose of processing it at one go, instead of as and
when it is received.
Buffer overflow
An attack which usually works by sending more data than a buffer can contain so as to make a
program crash (a buffer is a temporary memory zone used by an application). The aim of this
attack is to exploit the crash and overwrite part of the application's code and insert malicious
code, which will be run after it has entered memory.
C
CA Certificate (or Certification)
Authority - A trusted third-party company or organization which issues digital certificates. Its role
is to guarantee that the holder of the certificate is indeed who he claims to be. CAs are critical in
data security and electronic commerce because they guarantee that parties exchanging
information are really who they claim to be.
Certificate
(See digital certificate)
Certificate Revocation List (CRL)
A list of expired (revoked) certificates or of those that are no longer considered trustworthy. It is
published and regularly maintained by a CA to ensure the validity of existing certificates.
Challenge/response
An authentication method for verifying the legitimacy of users logging onto the network wherein a
user is prompted (the challenge) to provide some private information (the response). When a
user logs on, the server uses account information to send a "challenge" number back to the user.
The user enters the number into a credit-card sized token card that generates a response which
is sent back to the server.
Chassis
Also called a case, it is a physical structure that serves as a support for electronic components. At
least one chassis is required in every computer system in order to house circuit boards and
wiring.
Context
The current status, condition or mode of a system.
Common criteria
The common criteria, an international standard, evaluate (on an Evaluation Assurance Level or
EAL scale of 1 to 7) a product's capacity to provide security functions for which it had been
Page 435/448 sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016