CRISC - Certified in Risk and Information Systems Control term definition - Part 37

IT Governance Basic

Netware

A popular local area network (LAN) operating system (OS) developed by the Novell Corp.

Network

A system of interconnected computers and the communication equipment used to connect them.

Network administrator

Responsible for planning, implementing and maintaining the telecommunications infrastructure; also may be responsible for voice networks.

Network attached storage (NAS)

Utilizes dedicated storage devices that centralize storage of data.

Network hop

An attack strategy in which the attacker successively hacks into a series of connected systems, obscuring his/her identify from the victim of the attack.

Network interface card (NIC)

A communication card that when inserted into a computer, allows it to communicate with other computers on a network.

Node

Point at which terminals are given access to a network.

Noise

Disturbances in data transmissions, such as static, that cause messages to be misinterpreted by the receiver.

Nondisclosure agreement (NDA)

A legal contract between at least two parties that outlines confidential materials that the parties wish to share with one another for certain purposes, but wish to restrict from generalized use; a contract through which the parties agree not to disclose information covered by the agreement.

Nonintrusive monitoring

The use of transported probes or traces to assemble information, track traffic and identify vulnerabilities.

Nonrepudiable transaction

Transaction that cannot be denied after the fact.

Nonrepudiation

The assurance that a party cannot later deny originating data; provision of proof of the integrity and origin of the data and that can be verified by a third party.

Normalization

The elimination of redundant data.

Numeric check

An edit check designed to ensure that the data element in a particular field is numeric.

National Institute for Standards and Technology (NIST)

Develops tests, test methods, reference data, proof-of concept implementations, and technical analyses to advance the development and productive use of information technology.

Network address translation (NAT)

A methodology of modifying network address information in IP datagram packet headers while they are in transit across a traffic routing device for the purpose of remapping one IP address space into another

Network basic input/output system (NetBIOS)

A program that allows applications on different computers to communicate within a local area network (LAN).

Network news transfer protocol (NNTP)

Used for the distribution, inquiry, retrieval, and posting of Netnews articles using a reliable stream-based mechanism. For news-reading clients, NNTP enables retrieval of news articles that are stored in a central database, giving subscribers the ability to select only those articles they wish to read. (RFC 3977)

Network segmentation

A common technique to implement network security is to segment an organization’s network into separate zones that can be separately controlled, monitored and protected.

Network traffic analysis

Identifies patterns in network communications.Traffic analysis does not need to have the actual content of the communication but analyzes where traffic is taking place, when and for how long communications occur and the size of information transferred.