Intrusion Detection Terms

QUESTION

We are going through a state banking department audit of our cybersecurity policies and procedures. This is the first time we have had to deal with this kind of audit. Apparently, these cybersecurity audits are becoming more frequent. 

A while back, you discussed your CyberTune-up. If only we had contacted you, we’d be much better off now! As it is, we’re now scrambling to satisfy the regulators. One thing they’re asking about is something called “intrusion detection terms.” 

Can you provide a list of these terms?

ANSWER

Thank you for mentioning our Cyber Tune-up. As far as I know, we are the only compliance firm offering this cost-effective and relatively quick review of a financial institution’s cybersecurity structure. Please contact me for a copy of the presentation. Let's talk!

In the meantime, let me tell you if you think the mortgage world is habituated to acronyms, in the immortal words of Al Jolson, “you ain’t heard nothin’ yet!”

Here’s our list of terms relating to intrusion detection. Given the proliferation of acronyms in cyberspace, this list is certainly serviceable, though it’s unlikely to be comprehensive.

Intrusion Detection Terms

ACK	acknowledgement flag
CVE	common vulnerability enumeration
DDOS	distributed denial-of-service attacks
DF	don’t fragment flag
DHCP	dynamic host configuration
DIW	defensive information warfare
DMZ	demilitarized zone
DNS	domain name service
DOVES	database of vulnerabilities, exploits, and signatures
EOI	events of interest
FIN	scan flag
FN	false negative
FP	false positive
FTP	file transfer protocol
GIAC	Global Incident Analysis Center
IANA	Internet address number authority
ICMP	Internet control message protocol
IDS	intrusion detection system
IDWG	intrusion detection working group
IP	Internet protocol
ISN	initial sequence number
ISP	Internet service provider
MAC	media access controller
MTU	maximum transmission unit
NAT	network address translation
RESET	scans flag
ROC	request for comments
RPC	remote procedure call
SANS	System Administration, Networking, and Security
SNMP	simple network management protocol
TCP	transmission control protocol
TCP/IP	transmission control protocol/Internet protocol
TFN	tribe flood network
TTL	time-to-live flag
UDP	user datagram protocol

I’m going to bet you have not heard of some of these terms! But your policy and procedures should set them forth in an itemized format (like the one I have provided above) and, where detected, the various ways in which the financial institution is ready to respond.

Jonathan Foxx, Ph.D., MBA
Chairman & Managing Director
Lenders Compliance Group