Information Security Best Practices: 205 Basic Rules

Acronym List

ACL

Access Control List, grants access to file or object to anyone in list associated with a file or object.

COTS

Commercial Off The Shelf hardware or software

B1

Labeled Security Protection as specified in DoD 5200.28-STD

C2

Controlled Access Protection as specified in DoD 5200.28-STD

DES

Data Encryption Standard

DMS

Defense Messaging System

DMZ

De-Militarized Zone

FTP

File Transport Protocol

Guard

A computer that has a set of controls that mediate trusted transfers across security boundaries.

HTTP

Hypertext Transfer Protocol

S-HTTP

Secure Hypertext Transfer Protocol

INFOSEC

Information Security

Kerberos

A secret key based service for providing authentication in a network

MLS

MultiLevel Security pertaining to classification levels

NES

Network Encryption System, a hardware encryption device by Motorola approved for encryption of Secret data over public networks

NFS

Network File System, a utility that permits files on a remote system to be accessed as though they were local

NNTP

Network News Transport Protocol

PEM

Privacy enhanced Mail, adds encryption, source authentication, and integrity protection to mail text messages.

Perimeter

Subnet

Isolated network segment between two screening routers where public accessible computers can be placed

PGP

Pretty Good Privacy, secure mail protocol

POP3

Post Office Protocol for transferring mail between server and client

RAS

Remote Access Service in Windows NT

RPC

Remote Procedure Call

SBU

Sensitive But Unclassified

Screening

Router

Performs packet filtering according to a set of rules set by the administrator

SMB

Server Message Block, NT net protocol for passing info on computers

SMTP

Simple Mail Transport...