Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Access Control Lists (ACLs) and security descriptors - 

Access Tokens - An access token is a protected object that contains information about the identity and privileges associated with a user account. An access token identifies the user, the user's groups, and the user's privileges. The system uses the token to control access  There are two kinds of access token, primary and impersonation.

Application Sandboxing - also called application containerization, is an approach to software development and mobile application management (MAM) that limits the environments in which certain code can execute. -WhatIs.com

"In the Windows world it primarily means running a process in a Job which limits its ability to interact with other processes." -msainsbury

Blacklisting - for details, go to Blacklisting.

Clients = any devices on a network that accesses something on another computer on your network.

Data Class = These are classes that have fields, getting and setting methods for the fields, and nothing else. Such classes are dumb data holders.

Domain Account - A domain account is the login required to access a managed section of resources on a network (i.e., domain). This allows a user to log into a computer that is connected to the domain, and be automatically connected to any network drive space that has been allocated for the domain account.

Extensibility = In software engineeringextensibility (not to be confused with forward compatibility) is a system design principle where the implementation takes future growth into consideration. It is a systemic measure of the ability to extend a system and the level of effort required to implement the extension. Extensions can be through the addition of new functionality or through modification of existing functionality. The central theme is to provide for change – typically enhancements – while minimizing impact to existing system functions.

GUID - (Globally Unique Identifier) is an ID number that provides a unique serial number that can be used on any item in the universe (e.g., Google pages, products on Amazon, articles on Wikipedia). It uses a format of 8-4-4-4-12 (e.g., 20dd870c-13ee-1f67-1847-8576fur83123).

Job Object - a job object allows groups of processes to be managed as a unit. https://msdn.microsoft.com/en-us/library/windows/desktop/ms684161(v=vs.85).aspx

Local Account - a local account controls access to one single, physical computer. Your local account credentials (username, password, and SID/UID) are stored locally on the computer's hard drive, and the computer checks its own files to authenticate your login. This differs from a network domain account which is created and stored on a network server (sometimes called a domain controller). Computers query the server for network access. A local account allows you some level of access to an individual computer. The local account's settings determine your rights for running programs, installing and removing programs, accessing files, and enabling or disabling services.

MS Silverlight = Microsoft's version of Flash. 

MS Windows Server = type of OS that provides very specific functions.

Notification Server (NS) Notification Server (NS) is the central component of the Symantec Management Platform (previously referred to as the Altiris Platform). Notification Server is the framework on which solution developers (internal or external to Symantec) build new solutions to provide integrated IT management. NS installs and manages the Symantec Agent, passes data to and from the CMDB, interacts with other Platform components, and displays information through the Symantec Management Console (the IT administrator's "view" into NS). (http://portals.altiris.com/portals/13/sdk/SMP%207.0/SMP/NotificationServerBasics.html)

Object - an object (or Windows object) is a data structure that represents a system resource, such as a file, thread, or graphic image. An application cannot directly access object data or the system resource that an object represents. Instead, an application must obtain an object handle which it can use to examine or modify the system resource. https://msdn.microsoft.com/en-us/library/windows/desktop/ms724457(v=vs.85).aspx

Policies = rules put in place to support the security of a network.

Network policies are sets of conditions, constraints, and settings that allow you to designate who is authorized to connect to the network and the circumstances under which they can or cannot connect. Network policies can be viewed as rules. Each rule has a set of conditions and settings. http://msdn.microsoft.com/en-us/library/cc754107.aspx

Policies per Arellia products = Policies define how often an endpoint needs to perform a certain action. Policies are downloaded and cached by endpoints.

Provisioning = to grant access to user groups.

Security Descriptors = data structures of security information for securable Windows objects, that is objects that can be identified by a unique name (Wikipedia). security descriptor contains the security information associated with a securable object (Microsoft).

Server = a networked device that provides a service on your network (e.g., file server, print server).

Shim - a small library that transparently intercepts API calls and changes the arguments passed, handles the operation itself, or redirects the operation elsewhere. Shims typically come about when the behavior of an API changes, thereby causing compatibility issues for older applications which still rely on the older functionality. Shims can also be used for running programs on different software platforms than they were developed for. Go to Application Compatibility Actions.

Security descriptors - for details, go to Security Descriptors.

Security Identifiers (SIDs) Every account and group is automatically assigned a security identifier (SID) when the account or group is created.

 

SQL (Structured Query Language) is a special-purpose programming language that manages data held in a relational database management system (RDBMS), or for stream processing in a relational data stream management system (RDSMS). SQL performs tasks such as updating or retrieving data from a database using the standard SQL commands  "Select," "Insert," "Update," "Delete," "Create," and "Drop." Some common relational database management systems that use SQL are: Oracle, Sybase, Microsoft SQL Server, Access, and Ingres.

"the system" = in reference to Arellia, it's the "Arellia Management Server system."

Tasks = functions for tools to complete that can be automated using the command console.

MM 01/07/15 "There's a difference, but there's not a difference [[between policies and tasks]]. There's a Basic Inventory Policy and a Basic Inventory Task that do the exact same thing. The difference is that Policies send feedback to the server at one set time, but Tasks can specify that feedback be sent to the server at any designated time or schedule. Most commonly, to get quick feedback about the user on a new computer on the network, go to Basic Inventory.

Anything you can do on a policy level with local security and the general policies, and even security analysis can be done under Tasks. These are items sent from the server to the agent, and as long as the agent has network connectivity the task will be executed by the agent and the feedback sent to the server."


User Account Control (UAC) is a feature in Windows that can help you stay in control of your computer by informing you when a program makes a change that requires administrator-level permission.

Whitelisting - Application whitelisting is a computer administration practice used to prevent unauthorized programs from running. The purpose is primarily to protect computers and networks from harmful applications, and, to a lesser extent, to prevent unnecessary demand for resources.

Zero-day attack - a (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application or operating system, one that developers have not had time to address and patch.

Acronym list

IAM - Identity and Access Management

PAM - Privileged Account Management

SIM - Security Information Management

AMS - Arellia Management Server

ACS - Application Control Solution

LSS - Local Security Solution

SAS - Security Analysis Solution

PME - Privileged Management Essentials - combo pack of LSS/ACS

ESRS - Endpoint Security Remediation Suite - combo LSS/ACS/SAS

DS - Directory Services

SQL - Structured Query Language

ACL - Access Control Lists and security descriptors

GUID - Globally Unique Identifier

NS - Notification Server

SID - Security Identifiers

SQL - Structured Query Language

UAC - User Account Control

 

  • No labels