ISDS 409 Final

Internet

A voluntary interconnection of independent networks that agree to exchange packets using common protocols

Network of Networks

A description of the Internet emphasizing independent ownership and cooperative operation

Packet

A formatted unit of data transmitted across a network

Tier 1 ISP

A very large Internet service provider that owns national backbone networks and exchanges traffic with peers

Internet Exchange Point (IXP)

A physical facility where backbone ISPs exchange traffic

Point of Presence (POP)

A physical access location where customers connect to an ISP’s network

Dedicated Circuit

A private leased connection between a customer and an ISP POP

WAN Service

Internet access treated as a wide area network connection for corporate customers

DSL

Internet access using copper telephone lines with frequency division for voice and data

DSLAM

Equipment at a provider’s central office that aggregates multiple DSL connections

Cable Modem

Internet access using shared coaxial cable television infrastructure

CMTS

Equipment at a cable provider that connects cable modems to the Internet

FTTH

Fiber-optic Internet access that runs directly to the customer location

Internet Society (ISOC)

Organization responsible for coordinating Internet standards development

IETF

Group that develops operational Internet standards

IAB

Body that provides architectural oversight of Internet standards

IRTF

Organization that conducts long-term Internet research

IESG

Group responsible for standards approval and management

Gigapop

A high-speed regional network access point for research institutions

Internet2

A high-performance research network supporting advanced applications

Asset

Any hardware

Mission-Critical Application

An application essential to organizational survival

Threat

A potential danger that could exploit a vulnerability and harm an asset

Threat Scenario

A description combining an asset

Risk

A measure combining likelihood and impact of a threat

Risk Score

A numeric value used to prioritize security risks

Malware

Software designed to damage

Denial-of-Service Attack

An attack that overwhelms network or system resources

Preventive Control

A control designed to stop security incidents before they occur

Detective Control

A control designed to identify security incidents

Corrective Control

A control designed to restore systems after an incident

Redundancy

The duplication of critical components to eliminate single points of failure

Firewall

A device or software that filters network traffic entering or leaving a network

Packet-Level Firewall

A firewall that examines packet headers only

Application-Level Firewall

A firewall that inspects packet contents

NAT

A technique that translates internal private IP addresses to a public IP address

Encryption

The process of transforming data into unreadable form to protect confidentiality

Symmetric Encryption

Encryption that uses a single shared key

Asymmetric Encryption

Encryption that uses public and private key pairs

Authentication

The process of verifying a user’s identity

Intrusion Prevention System

A system that detects and actively blocks network attacks

Intrusion Recovery

Actions taken to repair systems and prevent future attacks after a breach