Symantec 10521146 - Network Security 7120 Administration Manual page 350

350 Glossary
IPSec (Internet Protocol
Security)
ISDN (Integrated
Services Digital
Network)
ISP (Internet service
provider)
joke program
key
L2F (Layer Two
Forwarding) Protocol
LAN (local area
network)
LDAP (Lightweight
Directory Access
Protocol)
least privilege
license key
local attack
log
logging
logic bomb
A developing standard for security at the network or packet-processing layer of network
communication. IPSec provides two choices of security service: Authentication Header
(AH), which essentially allows authentication of the sender of data, and Encapsulating
Security Payload (ESP), which supports both the authentication of the sender and
encryption of data as well. IPSec is widely used with virtual private networks.
A high-speed, digital, high-bandwidth telephone line that allows simultaneous voice and
data transmission over the same line. ISDN is one of the always-on class of connections.
An organization or company that provides dial-up or other access to the Internet, usually
for money.
A program that changes or interrupts the normal behavior of a computer, for example,
making the mouse click in reverse.
A variable value in cryptography that is applied (using an algorithm) to a string or block of
unencrypted text to produce encrypted text. A key is also a series of numbers or symbols
that are used to encode or decode encrypted data.
A protocol that supports the creation of secure virtual private dial-up networks over the
Internet.
A group of computers and other devices in a relatively limited area (such as a single
building) that are connected by a communications link that enables any device to interact
with any other device on the network.
A software protocol that enables anyone to locate organizations, individuals, and other
resources such as files and devices in a network, whether on the Internet or on a corporate
intranet. LDAP is a lightweight (smaller amount of code) version of Directory Access
Protocol (DAP), which is part of X.500, a standard for directory services in a network.
The process of designing operational aspects of a system to operate with a minimum
amount of system privilege. This reduces the authorization level at which various actions
are performed and decreases the chance that a process or user with high privileges can
perform unauthorized activity resulting in a security breach.
A unique identification number used to register a Symantec product.
An attack that takes place against a computer or a network to which the attacker already
has either physical or legitimate remote access. This can include the computer that the
attacker is actually using or a network to which that computer is connected.
A record of actions and events that take place on a computer.
The process of storing information about events that occurred on a firewall or network.
The malicious code that is inserted into a program and designed to lie dormant until a
specific event occurs, such as a specific date being reached or a user typing a specific
command. At this time, the logic bomb triggers, usually to destroy or modify data without
the knowledge or authorization of the computer user.