Glossary

Access Control List (ACL) - each object includes an ACL within its security descriptor that contains all the security permissions that apply to an object. Security descriptors can contain two kinds of ACL: 

  • Discretionary Access Control List (DACL) that identifies the users and groups who are allowed or denied access.
  • System Access Control List (SACL) that controls how access is audited.

Access tokens - An access token is a protected object that contains information about the identity and privileges associated with a user account. An access token identifies the user, the user's groups, and the user's privileges. There are two kinds of access tokens: primary and impersonation.

Application sandboxing - is an approach to software development and Mobile Application Management (MAM) that limits the environments in which certain code can execute (also called application containerization). In the Windows world it means running a process in a job that limits its ability to interact with other processes.

Blacklisting - for details, go to Blacklisting.

Clients = any devices on a network that access something on another computer on your network (also called agents, or endpoints).

Discretionary Access Control List (DACL) - see Access Control List (ACL).

Domain account - A domain account is the login required to access a managed section of resources on a network. This allows a user to log into a computer that is connected to the domain, and be automatically connected to any network drive space that has been allocated for the domain account.

GUID - (Globally Unique Identifier) is an ID number that provides a unique serial number that can be used on any item in the universe (such as Google pages, products on Amazon, or articles on Wikipedia). It uses a format of 8-4-4-4-12 (for example, 20dd870c-13ee-1f67-1847-8576fur83123).

Local account - a local account controls access to one single physical computer. Your local account credentials (username, password, and SID/UID) are stored locally on the computer's hard drive, and the computer checks its own files to authenticate your login. This differs from a network domain account which is created and stored on a network server (sometimes called a domain controller). Computers query the server for network access. A local account allows you some level of access to an individual computer. The local account's settings determine your rights for running programs, installing and removing programs, accessing files, and enabling or disabling services.

MS Silverlight - Microsoft's version of Flash. 

MS Windows Server = Windows Server is a group of operating systems designed by Microsoft that supports enterprise-level management, data storage, applications, and communications. Windows servers are more powerful versions of their desktop operating system counterparts.

Notification Server (NS) Notification Server (NS) is the central component of the Symantec Management Platform. Notification Server is the framework on which solution developers (internal or external to Symantec) build new solutions to provide integrated IT management. NS installs and manages the Symantec Agent, passes data to and from the CMDB, interacts with other Platform components, and displays information through the Symantec Management Console (the IT administrator's "view" into NS). (http://portals.altiris.com/portals/13/sdk/SMP%207.0/SMP/NotificationServerBasics.html)

Object - an object (or Windows object) is a data structure that represents a system resource, such as a file, thread, or graphic image. An application cannot directly access object data or the system resource that an object represents. Instead, an application must obtain an object handle which it can use to examine or modify the system resource. https://msdn.microsoft.com/en-us/library/windows/desktop/ms724457(v=vs.85).aspx

Policies = rules put in place to support the security of a network.

Network policies are sets of conditions, constraints, and settings that allow you to designate who is authorized to connect to the network and the circumstances under which they can or cannot connect. Network policies can be viewed as rules. Each rule has a set of conditions and settings. http://msdn.microsoft.com/en-us/library/cc754107.aspx

Policies per Arellia products = Policies define how often an endpoint needs to perform a certain action. Policies are downloaded and cached by endpoints.

Provisioning = to grant access to user groups.

Security Descriptors = data structures of security information for securable Windows objects, that is objects that can be identified by a unique name (Wikipedia). security descriptor contains the security information associated with a securable object (Microsoft).

Server = a networked device that provides a service on your network (e.g., file server, print server).

Shim - a small library that transparently intercepts API calls and changes the arguments passed, handles the operation itself, or redirects the operation elsewhere. Shims typically come about when the behavior of an API changes, thereby causing compatibility issues for older applications which still rely on the older functionality. Shims can also be used for running programs on different software platforms than they were developed for. Go to Application Compatibility Actions.

Security descriptors - for details, go to Security Descriptors.

Security Identifiers (SIDs) Every account and group is automatically assigned a security identifier (SID) when the account or group is created.

 

SQL (Structured Query Language) is a special-purpose programming language that manages data held in a relational database management system (RDBMS), or for stream processing in a relational data stream management system (RDSMS). SQL performs tasks such as updating or retrieving data from a database using the standard SQL commands  "Select," "Insert," "Update," "Delete," "Create," and "Drop." Some common relational database management systems that use SQL are: Oracle, Sybase, Microsoft SQL Server, Access, and Ingres.

System Access Control List (SACL) - see Access Control List (ACL).

Tasks = functions for tools to complete that can be automated using the command console, often having to do with reporting.


User Account Control (UAC) is a feature in Windows that can help you stay in control of your computer by informing you when a program makes a change that requires administrator-level permission.

Whitelisting - Application whitelisting is a computer administration practice used to prevent unauthorized programs from running. The purpose is primarily to protect computers and networks from harmful applications, and, to a lesser extent, to prevent unnecessary demand for resources.

Zero-day attack - a (or zero-hour or day zero) attack or threat is an attack that exploits a previously unknown vulnerability in a computer application or operating system, one that developers have not had time to address and patch.

Acronym list

IAM - Identity and Access Management

PAM - Privileged Account Management

SIM - Security Information Management

AMS - Arellia Management Server

ACS - Application Control Solution

LSS - Local Security Solution

SAS - Security Analysis Solution

PME - Privileged Management Essentials - combo pack of LSS/ACS

ESRS - Endpoint Security Remediation Suite - combo LSS/ACS/SAS

DS - Directory Services

SQL - Structured Query Language

ACL - Access Control Lists and security descriptors

GUID - Globally Unique Identifier

NS - Notification Server

SID - Security Identifiers

SQL - Structured Query Language

UAC - User Account Control