Network Security Related terminology you must know

| 1 coment�rios
Here in this article i am including the important terminology we need to know if we are working as a system engineer ,network engineer,system administrator whether Linux or Windows admin didn't matter.Here i will provide you the complete list of terms we need to know in networking or system admin field.Here in this tutorial i have discussed about various topics like pap,chap,asynchronous,,Tokens,throughput,RADIUS SERVER,TACACS,AAA,Data owner,subject,object,baseline,policies,procedures,standard,guideline,ARO,SLE etc




Risk = Threat * Vulnerability


If we consider the topi regarding IT sector then Risk consists of these two important thing Threat and Vulnerability.where there is no Threat there is no risk.If there is Vulnerability in your system or Network and there is also threat of attack then risk is multiple effect of vulnerability.


ALE = Annualized Loss Expectancy


This is an important terminology and every IT company have almost a separate department to handle ALE.

AV = Asset Value


If you have a little knowledge off commerce field you can easily understand what asset value is.In short you understand it is a type of business valuation.


EF 

EF means Exposure Factor - % of value lost


SLE 

SLE stand for Single Loss Expectancy, the cost of a single loss.


ARO 

ARO stands for  Annual Rate of Occurrence (number of losses)


TCO 

 Total Cost of Ownership combining upfront costs and annual costs of maintenance

POLICIES:


Policies are high-level management directives that don't go into specifics.

PROCEDURES:


Procedures are step-by-step guides for accomplishing a task

Standard: 

describes specific use of technology

Guideline: 

recommendations (discretionary)

Baseline:

 uniform ways of implementing a safeguard

Data Owner 

management employee responsible for ensuring protection of specific data

AAA 

Authentication, Authorization, and Accountability


Least privilege

 says minimum amount required to do.
 privileges are defined in every level whether it os operating system based or networking based.
operating system have several users created on privilege based. Administrator user have   highest privilege than other and Guest user have least privileges than others.In Linux root have highest privilege.
In network deices like Routers and switches also have different privilege levels.

Need to know is more granular

Subject 

 active entity on a data system

Object 

As we are here talking about computer and network system.In IT Sector or in computer field or networking department by saying OBJECT we mean passive data within the system.


Discretionary 

Discretionary mean full control of objects they have access to


Mandatory 

mandatory means system-enforced based on labels


RBAC 

role based, non-discretionary

Task-based = another non-discretionary method


RADIUS 

 Uses UDP 1812 and 1813. AAA system.
RADIUS request and response data is carried in
8-bit AVPs (Attritbute Value Pairs)

Diameter 

RADIUS' successor with more accountability and a 32-bit AVP field.


TACACS 

Tacacs is used for authentication and autheriation.
It is a centralized access control system that uses UDP port 49 and may use TCP

PAP and CHAP 

PAP stands for password authentication protocol and CHAP stands for challenged handshake authentication protocol.both used PPP connection.

You can READ:PAP Configuration Tutorial on cisco Router.

You can READ: CHAP Configuration on Cisco router.


PAP is plaintext so not so secure, while CHAP uses three way handshake. so chap is  better than pap.


Objects have labels, and you have to have clearance to see them.

Synchronous Dynamic Tokens 

While talking about Synchronous Dynamic Tokens one must know that it't refresh every 60 seconds. Use time or counters to synchronize a code with the AS.

Asynchronous Tokens 

 It is little different from Synchronous Dynamic Tokens and is not synchronized with central server. Challenge-response.


Throughput 

 As we all know it is the most important point for any company institute or organiation and that is throughput. It is actually the biometric system response time.

1 comment:

  1. Thanks for publishing such great information. You are doing such a great job. This information is very helpful for everyone. Keep sharing about it support Houston. Thanks.

    ReplyDelete

Cisco Certification Lab Test with Routing and Switching

CCNA LAB TEST PAPER {Routing and Switching} Take three routers R1 R2 and R3 Take Three Switches S1 S2 and S3 Ris is connected to S1 and R2  ...