Glossary N-O Flashcards
(31 cards)
NAC (network access control)
A general term for the collected protocols, policies, and hardware that authenticate and authorize access to a network at the device level.
narrow-band
Low-power cellular networks designed to provide data connectivity to IoT devices.
NAT (network address translation)
A routing mechanism that conceals internal addressing schemes from the public Internet by translating between a single public address on the external side of a router and private, non-routable addresses internally.
ncat
Utility for reading and writing raw data over a network connection. Also known as netcat.
NDA (non-disclosure agreement)
An agreement that stipulates that entities will not share confidential information, knowledge, or materials with unauthorized third parties.
Nessus
One of the best-known commercial vulnerability scanners, produced by Tenable Network Security. Also known as Tenable.
Netflow
A Cisco-developed means of reporting network flow information to a structured database. NetFlow allows better understanding of IP traffic flows as used by different network applications and hosts.
NFC (Near Field Communication)
A standard for peer-to-peer (2-way) radio communications over very short (around 4”) distances, facilitating contactless payment and similar technologies. NFC is based on RFID.
NFV (network functions virtualization)
Provisioning virtual network appliances, such as switches, routers, and firewalls, via VMs and containers.
NGFW (next generation firewall)
Advances in firewall technology, from app awareness, user-based filtering, and intrusion prevention to cloud inspection. Also known as layer 7 firewall.
Nmap
Versatile port scanner used for topology, host, service, and OS discovery and enumeration.
nonce
An arbitrary number used only once in a cryptographic communication, often to prevent replay attacks.
non-repudiation
The security goal of ensuring that the party that sent a transmission or created data remains associated with that data and cannot deny sending or creating that data.
normalization
A routine that applies a common consistent format to incoming data so that it can be processed safely. Normalization is referred to in the context of log collection and software coding.
NTLM authentication (NT LAN Manager authentication)
A challenge-response authentication protocol created by Microsoft for use in its products.
nxlog
Software optimized for multi-platform log collection and aggregation.
OATH (Initiative for Open Authentication)
An industry body comprising the main PKI providers, such as Verisign and Entrust, that was established with the aim of developing an open, strong authentication framework.
OAuth (Open Authorization)
Standard for federated identity management, allowing resource servers or consumer sites to work with user accounts created and managed on a separate identity provider.
obfuscation
A technique that essentially “hides” or “camouflages” code or other information so that it is harder to read by unauthorized users.
OCSP (online certificate status protocol)
Allows clients to request the status of a digital certificate, to check whether it is revoked.
offboarding
The process of ensuring that all HR and other requirements are covered when an employee leaves an organization. Also known as exit interview.
offline CA (offline certificate authority)
In PKI, a CA (typically the root CA) that has been disconnected from the network to protect it from compromise.
OICD (OpenID Connect)
An authentication layer that sits on top of the OAuth 2.0 authorization protocol.
OID (object identifier)
Numeric schema used for attributes of digital certificates. onboarding The process of bringing in a new employee, contractor, or supplier.
