Stormshield SN series Configuration Manual page 436

SNS - USER CONFIGURATION MANUAL V.3
GLOSSARY
designed, as well as the quality of its life cycle (development, production, delivery, putting into
service, update).
Contextual signature
An attack signature, i.e., the form that an attack takes. ASQ relies on a database of contextual
signatures to detect known attacks in a short time.
CPU (Central Processing Unit)
Better known as a processor, this is an internal firewall resource that performs the necessary
calculations.
Cryptography
The practice of encrypting and decrypting data.
D
Daemon
An application that runs permanently in the background on an operating system.
Datagram
An information block sent over a communication line within a network.
Data Encryption Standard (DES)
Cryptographic algorithm for the encryption of data. In particular, it allows encrypting data by
blocks.
Data evasion
Also known as IDS evasion, it is a hacker's method of tricking an intrusion detection system by
presenting to it packets formed from similar headers but which contain data different from what
the client host will receive.
Denial of service (DoS) attack
An attack which floods a network with so many requests that regular traffic is slowed down or
completely interrupted, preventing legitimate requests from being processed.
DHCP (Dynamic Host Configuration Protocol)
Protocol that allows a connected host to dynamically obtain its configuration (mainly its network
configuration). DHCP finds its own IP address. The aim of this protocol is to simplify network
administration.
Dialup
Interface on which the modem is connected.
Diffie-Hellmann key exchange algorithm
An algorithm that enables parties to exchange public keys securely in order to arrive at a shared
secret key at both ends, without ever having to transmit the secret key, thereby avoiding the risk
of the secret key being intercepted. It does not carry out data encryption, and can even be used
over entrusted channels.
Digital certificate
The digital equivalent of an identity card for use in a public key encryption system, these are
mainly used to verify that a user sending a message is who he claims to be, and to provide the
receiver of a message with a way to encrypt his reply. The X.509 format is most typically used
and contains information regarding the user and the certification authority.
Page 436/448 sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016