See Evaluation Assurance Level (EAL).
Any type of passive attack that intercepts data in an unauthorized manner—usually in order to find passwords. Cable sniffing, wiretapping, and man-in-the-middle attacks are eavesdropping attacks.
See Elliptic Curve Cryptosystem (ECC).
See exposure factor (EF).
The interference that can occur during transmissions over copper cable because of electromagnetic energy outside the cable. The result is degradation of the signal.
A type of public key cryptosystem that requires a shorter key length than many other cryptosystems (including the de facto industry standard, RSA).
See electromagnetic interference (EMI).
A header used to provide a mix of security services in IPv4 and IPv6. ESP can be used alone or in combination with the IP Authentication Header (AH).
The process of translating data into signals that can be transmitted on a transmission medium.
The process of converting data into a form that makes it less likely to be usable to anyone intercepting it if they can't decrypt it.
A string of alphanumeric characters used to decrypt encrypted data.
The process of luring someone.
The process of encouraging an attacker to perform an act, even if they don't want to do it.
An attempt to gain information about a network by specifically targeting network resources, users and groups, and applications running on the system.
The act of moving something up in priority. Often, when an incident is escalated, it's brought to the attention of the next highest supervisor. See also privilege escalation.
A shared-media network architecture. It operates at the Physical and Data Link layers of the Open Systems Interconnection (OSI) model. As the media access method, it uses baseband signaling over either a bus or a star topology. The cabling used in Ethernet networks can be coax, twisted-pair, wireless, or fiber-optic.
See MAC address.
A level of assurance, expressed as a numeric value, based on standards set by the Common Criteria Recognition Agreement (CCRA).
Any noticeable action or occurrence.
A calculation of how much data (or other assets) could be lost from a single occurrence. If all the data on the network could be jeopardized by a single attack, the exposure factor is 100 percent.
A threat that originates from outside the company.
Web (or similar) services set up in a private network to be accessed internally and by select external entities, such as vendors and suppliers.
Examining data leaving a network for signs of malicious traffic.
18.220.34.198