Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Access Control List (ACL) - each object includes an ACL within its security descriptor that contains all the security permissions that apply to an object. Security descriptors can contain two kinds of ACL: 

  • Discretionary Access Control List (DACL) that identifies the users and groups who are allowed or denied access.
  • System Access Control List (SACL) that controls how access is audited.

Access Tokens - An access token is a protected object that contains information about the identity and privileges associated with a user account. An access token identifies the user, the user's groups, and the user's privileges. The system uses the token to control access  There are two kinds of access token, primary and impersonation.

Application Sandboxing - also called application containerization, is an approach to software development and mobile application management (MAM) that limits the environments in which certain code can execute. -WhatIs.com

"In the Windows world it primarily means running a process in a Job which limits its ability to interact with other processes." -msainsbury

Blacklisting - for details, go to Blacklisting.

Clients = any devices on a network that accesses something on another computer on your network.

Data Class = These are classes that have fields, getting and setting methods for the fields, and nothing else. Such classes are dumb data holders.

Discretionary Access Control List (DACL) - see Access Control List (ACL).

Domain Account - A domain account is the login required to access a managed section of resources on a network (i.e., domain). This allows a user to log into a computer that is connected to the domain, and be automatically connected to any network drive space that has been allocated for the domain account.

Extensibility = In software engineeringextensibility (not to be confused with forward compatibility) is a system design principle where the implementation takes future growth into consideration. It is a systemic measure of the ability to extend a system and the level of effort required to implement the extension. Extensions can be through the addition of new functionality or through modification of existing functionality. The central theme is to provide for change – typically enhancements – while minimizing impact to existing system functions.

GUID - (Globally Unique Identifier) is an ID number that provides a unique serial number that can be used on any item in the universe (e.g., Google pages, products on Amazon, articles on Wikipedia). It uses a format of 8-4-4-4-12 (e.g., 20dd870c-13ee-1f67-1847-8576fur83123).

Job Object - a job object allows groups of processes to be managed as a unit. https://msdn.microsoft.com/en-us/library/windows/desktop/ms684161(v=vs.85).aspx

Local Account - a local account controls access to one single, physical computer. Your local account credentials (username, password, and SID/UID) are stored locally on the computer's hard drive, and the computer checks its own files to authenticate your login. This differs from a network domain account which is created and stored on a network server (sometimes called a domain controller). Computers query the server for network access. A local account allows you some level of access to an individual computer. The local account's settings determine your rights for running programs, installing and removing programs, accessing files, and enabling or disabling services.

MS Silverlight = Microsoft's version of Flash. 

MS Windows Server = type of OS that provides very specific functions.

Notification Server (NS) Notification Server (NS) is the central component of the Symantec Management Platform (previously referred to as the Altiris Platform). Notification Server is the framework on which solution developers (internal or external to Symantec) build new solutions to provide integrated IT management. NS installs and manages the Symantec Agent, passes data to and from the CMDB, interacts with other Platform components, and displays information through the Symantec Management Console (the IT administrator's "view" into NS). (http://portals.altiris.com/portals/13/sdk/SMP%207.0/SMP/NotificationServerBasics.html)

Object - an object (or Windows object) is a data structure that represents a system resource, such as a file, thread, or graphic image. An application cannot directly access object data or the system resource that an object represents. Instead, an application must obtain an object handle which it can use to examine or modify the system resource. https://msdn.microsoft.com/en-us/library/windows/desktop/ms724457(v=vs.85).aspx

Policies = rules put in place to support the security of a network.

Network policies are sets of conditions, constraints, and settings that allow you to designate who is authorized to connect to the network and the circumstances under which they can or cannot connect. Network policies can be viewed as rules. Each rule has a set of conditions and settings. http://msdn.microsoft.com/en-us/library/cc754107.aspx

Policies per Arellia products = Policies define how often an endpoint needs to perform a certain action. Policies are downloaded and cached by endpoints.

Provisioning = to grant access to user groups.

Security Descriptors = data structures of security information for securable Windows objects, that is objects that can be identified by a unique name (Wikipedia). security descriptor contains the security information associated with a securable object (Microsoft).

Server = a networked device that provides a service on your network (e.g., file server, print server).

Shim - a small library that transparently intercepts API calls and changes the arguments passed, handles the operation itself, or redirects the operation elsewhere. Shims typically come about when the behavior of an API changes, thereby causing compatibility issues for older applications which still rely on the older functionality. Shims can also be used for running programs on different software platforms than they were developed for. Go to Application Compatibility Actions.

Security descriptors - for details, go to Security Descriptors.

Security Identifiers (SIDs) Every account and group is automatically assigned a security identifier (SID) when the account or group is created.

 

SQL (Structured Query Language) is a special-purpose programming language that manages data held in a relational database management system (RDBMS), or for stream processing in a relational data stream management system (RDSMS). SQL performs tasks such as updating or retrieving data from a database using the standard SQL commands  "Select," "Insert," "Update," "Delete," "Create," and "Drop." Some common relational database management systems that use SQL are: Oracle, Sybase, Microsoft SQL Server, Access, and Ingres.

System Access Control List (SACL) - see Access Control List (ACL).

Tasks = functions for tools to complete that can be automated using the command console, often having to do with reporting.


User Account Control (UAC) is a feature in Windows that can help you stay in control of your computer by informing you when a program makes a change that requires administrator-level permission.

Whitelisting - Application whitelisting is a computer administration practice used to prevent unauthorized programs from running. The purpose is primarily to protect computers and networks from harmful applications, and, to a lesser extent, to prevent unnecessary demand for resources.

Zero-day attack - a (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application or operating system, one that developers have not had time to address and patch.

Acronym list

IAM - Identity and Access Management

PAM - Privileged Account Management

SIM - Security Information Management

AMS - Arellia Management Server

ACS - Application Control Solution

LSS - Local Security Solution

SAS - Security Analysis Solution

PME - Privileged Management Essentials - combo pack of LSS/ACS

ESRS - Endpoint Security Remediation Suite - combo LSS/ACS/SAS

DS - Directory Services

SQL - Structured Query Language

ACL - Access Control Lists and security descriptors

GUID - Globally Unique Identifier

NS - Notification Server

SID - Security Identifiers

SQL - Structured Query Language

UAC - User Account Control

 

  • No labels