I

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

I

IAB: See Internet Architecture Board (IAB).

IANA: See Internet Assigned Numbers Authority (IANA).

ICMP: See Internet Control Message Protocol (ICMP).

ICMP attack: An attack that occurs by triggering a response from the Internet Control Message Protocol (ICMP) when it responds to a seemingly legitimate maintenance request. See also Internet Control Message Protocol (ICMP).

identification and authentication (I&A): A two-step process of identifying a person (usually when they log on) and authenticating them by challenging their claim to access a resource.

IDS: See intrusion detection system (IDS).

IEEE: See Institute of Electrical and Electronics Engineers, Inc. (IEEE).

IEEE 802.10 LAN/MAN Security: A series of guidelines dealing with various aspects of network security.

IEEE 802.11: A family of protocols that provides for wireless communications using radio-frequency transmissions.

IEEE 802.11 Wireless LAN: Defines the standards for implementing wireless technologies such as infrared and spread-spectrum radio.

IETF: See Internet Engineering Task Force (IETF).

IGMP: See Internet Group Management Protocol (IGMP).

illicit server: An application/program that shouldn't be there but is operating on the network, and one that is commonly used to gain unauthorized control by allowing someone to bypass normal authentication. NetBus is one of the best-known examples of an illicit server.

IM: See instant messaging (IM).

IMAP: See Internet Message Access Protocol (IMAP).

incident: An attempt to violate a security policy, a successful penetration, a compromise of a system, or unauthorized access to information.

incident response: How an organization responds to an incident.

incident response plan (IRP): A policy that defines how an organization will respond to an incident.

incident response team (IRT): Also known as a Computer Security Incident Response Team (CSIRT). The group of individuals responsible for responding when a security breach has occurred.

incremental backup: A type of backup in which only new files or files that have changed since the last full backup or the last incremental backup are included. Incremental backups clear the archive bit on files upon their completion.

information classification: The process of determining what information is accessible to what parties and for what purposes.

information classification policies: Written policies detailing dissemination of information.

information destruction policies: Policies that define how information is destroyed when it has reached the end of its useful life.

Information Flow model: A model concerned with all the properties of information flow, not just the direction of the flow.

information policies: Policies governing the various aspects of information security. Information policies include access, classifications, marking and storage, and the transmission and destruction of sensitive information. The development of information policies is critical to security.

information retention: A designation of how long data is retained and any other significant considerations about information.

information security: Security practices applied to information.

infrastructure: The hardware and software necessary to run your network.

infrastructure security: Security on the hardware and software necessary to run your network.

instant messaging (IM): Immediate communication that can be sent back and forth between users who are currently logged on. From a security standpoint, there are risks associated with giving out information via IM that can be used in social engineering attacks; in addition, attachments sent can contain viruses.

Institute of Electrical and Electronics Engineers, Inc. (IEEE): An international organization that sets standards for various electrical and electronics issues.

Integrated Services Digital Network (ISDN): A telecommunications standard that is used to digitally send voice, data, and video signals over the same lines.

integrity: See data integrity.

interception: The process of covertly obtaining information not meant for you. Interception can be an active or passive process.

internal information: Information intended to remain within an organization.

internal threat: A threat that arises from within an organization.

International Data Encryption Algorithm (IDEA): An algorithm that uses a 128-bit key. This product is similar in speed and capability to Digital Encryption Standard (DES), but it's more secure. IDEA is used in Pretty Good Privacy (PGP).

International Organization for Standardization (ISO): The standards organization that developed the Open Systems Interconnection (OSI) model. This model provides a guideline for how communications occur between computers.

International Telecommunications Union (ITU): Organization responsible for communications standards, spectrum management, and the development of communications infrastructures in underdeveloped nations.

Internet: A global network made up of a large number of individual networks that are interconnected and use TCP/IP. See also Transmission Control Protocol/Internet Protocol (TCP/IP).

Internet Architecture Board (IAB): The committee that oversees management of the Internet. It's made up of two subcommittees: the Internet Engineering Task Force (IETF) and the Internet Research Task Force (IRTF). See also Internet Engineering Task Force (IETF) and Internet Research Task Force (IRTF).

Internet Assigned Numbers Authority (IANA): The organization responsible for governing IP addresses.

Internet Control Message Protocol (ICMP): A message and management protocol for TCP/IP. The Ping utility uses ICMP. See also Ping, Transmission Control Protocol/Internet Protocol (TCP/IP).

Internet Engineering Task Force (IETF): An international organization that works under the Internet Architecture Board to establish standards and protocols relating to the Internet. See also Internet Architecture Board (IAB).

Internet Group Management Protocol (IGMP): A protocol used for multicasting operations across the Internet.

Internet layer: The network layer responsible for routing, IP addressing, and packaging.

Internet Message Access Protocol (IMAP): A protocol with a store-and-forward capability. It can also allow messages to be stored on an e-mail server instead of downloaded to the client.

Internet Protocol (IP): The protocol in the TCP/IP suite responsible for network addressing. See also Transmission Control Protocol/Internet Protocol (TCP/IP).

Internet Research Task Force (IRTF): An international organization that works under the Internet Architecture Board to research new Internet technologies. See also Internet Architecture Board (IAB).

Internet service provider (ISP): A company that provides direct access to the Internet for home and business computer users.

Internet Society (ISOC): A professional membership group composed primarily of Internet experts. It oversees a number of committees and groups, including the Internet Engineering Task Force (IETF).

Internetwork Packet Exchange (IPX): A connectionless, routable network protocol based on the Xerox XNS architecture. It's the default protocol for versions of NetWare before NetWare 5. It operates at the Network layer of the Open Systems Interconnection (OSI) model and is responsible for addressing and routing packets to workstations or servers on other networks.

intranet: Web (or similar) services set up in a private network to be accessed internally only.

intrusion: The act of entering a system without authorization to do so.

intrusion detection system (IDS): Tools that identify and respond to attacks using defined rules or logic. An IDS can be network based or host based.

intrusion detector: The item/application performing intrusion detection. See also intrusion detection system (IDS).

IP proxy: A server that acts as a go-between for clients accessing the Internet. All communications look as if they originated from a proxy server because the IP address of the user making a request is hidden. Also known as Network Address Translation (NAT).

IP Security (IPSec): A set of protocols that enable encryption, authentication, and integrity over IP. IPSec is commonly used with virtual private networks (VPNs) and operates at Layer 3.

IP spoofing: An attack during which a hacker tries to gain access to a network by pretending their interface has the same network address as the internal network.

IPSec: See IP Security (IPSec).

IPX: See Internetwork Packet Exchange (IPX).

ISO 17799: A 10-part plan designed to provide a generic security audit on the best practices of security for virtually all aspects of your IT department.

ISP: See Internet service provider (ISP).

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

3.15.172.195