AC9001 Integrator Installer Day 5 Student Guide

C•CURE 9000
v2.80
C•CURE 9000 Installer/Maintainer

Certification Course
Student Guide
Module 1 - Day 5
January 2020
REVISION B0
AC9001 B0
...the very technology that can be used to do Today’s security professionals are faced with unprecedented threats to maintaining
great good can also be used to imperil us and a secure environment for employees, visitors, and valuable assets. For many, the days
do great harm. of worrying only about admitting/denying access and recording video are long behind
them. There is as much concern about cyber-attacks as there is about threats against
PRESIDENT BARACK OBAMA, physical properties because the two are now inextricably linked. The need for security
speaking at the White House Summit on
Cybersecurity and Consumer Protection manufacturers to be cyber-savvy is more important than ever before.
Cyber Protection Program: Beyond simple device hardening

Born from decades of providing critical physical security solutions to the US Government and multi-national
customers, Tyco Security Products’ Cyber Protection Program is one of the industry’s first programs to offer
a holistic approach to cybersecurity for physical security products.
Reduce Cyber Security Risk from the Ground Up

Tyco Security Products’ Cyber Protection Program combines best practices in secure product
development, testing and evaluation, and configuration guidelines for compliance.
The Program’s Six Part Approach to Cyber Protection for Physical Security Products looks far beyond
components and devices. The scrutiny begins with the initial product concept and requirements, continues
through analysis of system design and programming, and culminates with final testing, integration and
evaluation.
Safer, Smarter, Tyco.
Cyber Protection Team:
WHY IT MATTERS ? Proactively Monitoring and Managing Cybersecurity Risks
Not all security manufacturers’ cyber security programs are equal because not all
Potential consequences of weak
cyber protection:
engineering teams are equal. Our autonomous Cyber Protection team, an independent
branch of the development group, has deep process control knowledge and
• Disabled systems resulting in specialized expertise in cyber concerns with physical security systems. With authority
lost productivity and revenue and responsibility of managing the Cyber Protection Program, the team monitors
compliance with our best practices:
• Stolen personal data resulting in
loss of customer trust, denigration Secure Product Development Practices
of brand, and ultimately lost profits Our highly trained engineers with secure coding and testing backgrounds drastically reduce
the possibility of inadvertently introducing vulnerabilities during product development.
• Stolen Intellectual property resulting
in customers lost to competitors Inclusive Protection of Components and Systems
Our holistic approach includes the ability to secure systems with a range of capabilities to
• Fines from regulatory complement diverse security needs. For example, a C∙CURE 9000 and iSTAR access control
system can be configured to support some of the most stringent controls necessary for secure
network communication.
Configuration Guidelines for Compliance

We provide comprehensive guidelines on how to configure C∙CURE 9000, VideoEdge and victor
systems to assist customers in complying with their identified regulatory requirements.
Testing Procedures

The Cyber Protection team employs rigorous, continuous testing, both internally and with an
independent test house, to minimize the risk of software updates and new configurations of our
cyber program-compliant products introducing new vulnerabilities.
R apid Response to Vulnerabilities

When vulnerability is announced, the team quickly assesses the situation, distributes an advisory
bulletin, and follows up with fully qualified patches.
Education and Advocacy

In addition to maintaining critical training and development certifications, our Cyber Protection team
travels the world, speaking and advocating for the rigorous protection of all security systems.
Tyco Security Products:

A Global Leader in Security. A Trusted Provider of Cyber Protection.
Tyco Security Products develops some of the world’s leading access control and video solutions. Our
initial cybersecurity work with our Software House access control solutions, American Dynamics video
management systems, and Illustra IP cameras has set the bar very high, and we are committed to
employing the same cyber-safety mindset throughout our product portfolio.
For more information on our program, visit www.tycosecurityproducts.com/cyberprotection.aspx
Safer, Smarter, Tyco.

© 2016 Tyco Security Products. All Rights Reserved.
Disruption is Not an Option
Operational technologies often provide critical functions which, if disrupted, can impact operational efficiency
and profits and result in disclosure of sensitive information. Cyber-attackers whose aim is to cause disruption
and loss have identified building and security systems as attractive targets. In today's environment, cybersecurity
plays a very crucial role in protecting building and security systems. Unfortunately, many system providers do not
address cybersecurity or fall short of providing sufficient support, leaving many buildings under protected.
A Higher Level Commitment

Johnson Controls' approach to cyber protection is aimed at providing peace of mind to our customers. Our holistic
cyber mindset begins at initial design concept, continues through product development, and is supported through
deployment, including a rapid incident response to meet the comprehensive and evolving cybersecurity
environments. Our methods include the ability to provide cyber resilient systems with a range of capabilities to
complement the diverse security needs of our customers. We have invested in establishing a centralized dedicated
Global Product Security team that is focused on managing our cyber practices with governance to enforce
compliance. At Johnson Controls, we are disciplined in executing these as we understand what is at risk if we don't.
Expert Driven Designs

Having engineering teams trained in cybersecurity has given Johnson Controls an advantage in developing
products that consider cybersecurity within its core design. Our certified cybersecurity experts (CISSP, CSSLP,
CEH, CCSP etc.) work to validate designs using the latest recognized industry standards and practices. Expert
driven cybersecurity designs provide the forethought required to reduce risk.
Lifecycle Management
Our cyber protection approach begins with the design and doesn't stop once a product is developed – a product
secure today may not be secure tomorrow. Through the rapid incident response service, our dedicated cybersecurity
team quickly assesses new threats and vulnerabilities and advises customers on how they may reduce their
cybersecurity exposure.
Shared Responsibility
Since protecting against cyber threats is a shared responsibility, we engage in market facing programs to provide
customer engagement, education, and thought leadership to help our customers achieve success in their mission of
a more secure system.
ADVERTISEMENT
ADVERTISEMENT
Welcome to our JCI Cyber Protection Learning Center!

The mission of the Learning Center is to serve as a centralized resource to provide more secure design, deployment and
maintenance of physical security products. Integrators can leverage the Learning Center to build their competency in
cybersecurity to complement their experience in physical security solutions.
JCI Cybersecurity Training Courses
Please use registration details provided after purchase.
Security Fundamentals for Practitioners

Length: 90 minutes
Availability: Integrators
Pre-requisites: None
A content packed online Cybersecurity Course, exclusively for Integrators actively engaged in the discipline of
physical security. This course is designed to enhance your knowledge of cybersecurity by exploring the
fundamentals of securing operational technologies (OT) including access control, video and intrusion systems
against cyber-attack. As a result, you may better support JCI’s security products throughout their lifecycle –
reducing the risk of a successful cyber-attack being associated with those products.
This course has been designed exclusively for Johnson Controls integrators who sell JCI’s access control, video
or intrusion solutions.
For more details please refer to the following:
Brochure Course Instructions Ordering and FAQ Details
ADVERTISEMENT
C•CURE 9000 Online Course Registration Information
SOFTWARE HOUSE and AMERICAN DYNAMICS

Online Course Catalog and Registration Site
Click here for a Quick Guide on how to enroll in a course.
Visit the Software House - American Dynamics Training site

Here you can browse our catalog of available courses, read about each course content, inspect the schedule
of classes and locations and register online to attend the class of your choice.
Training Services for End User

Our in depth training programs are designed to enable the attendee to competently manage, program,
configure and operate the product. They include extensive hands-on time with the product.
Training Services for Technical staff

Our training services provide our Dealer’s technical staff with the necessary skills to configure, install,
operate, troubleshoot and repair American Dynamics and Software House products to a level that will meet
or exceed their expectations. Most courses are a combination of lecture/lab instruction with emphasis on
hands-on lab activities. Operational up-to-date system hardware simulates actual customer environment
wherever practical.
Courses & Materials

Courses:
The following is a list of active courses open for registration and/or site training (upon request):
LEVEL I – OPERATOR LEVEL
AC9641:C•CURE 9000 for Operators/Basic Administrators
LEVEL II – TECHNICIAN LEVEL
AC9001: C•CURE 9000 System Installer/Maintainer

AC9005:C•CURE 9000 Advanced Integrator
AC9006: C•CURE 9000 Advanced System Manager
AC9201: C•CURE 9000 Visitor Management Certification (NEW!)
AC9202: C•CURE 9000 High Assurance Certification (NEW! Coming in Sep 2019!)
AC9410: C•CURE 9000 for System Managers
AC9444: C•CURE 9000 Enterprise Architecture
AC9641: Stratus everRun Enterprise Installation & Administration
How To Register For A Course
■ Navigate to https://www.solutionwhere.com/tsptraining.
■ Click the Logon link.
■ If you don’t have an account you will need to create one, otherwise log in with your existing
username and password.
■ Click View By Alpha for a list of all available courses.
■ Click the name of the course.
■ Click the date of the session you wish to register for.
■ Click the Enroll button.
■ Enter the required registration information.
■ If there is a special need or request please make a note in the comment field.
■ Click Submit Registration.
How To Create An Account

■ Click Create Account.
■ Enter the required Information.
■ Click submit ID/Password
How To Print A Certificate Of Completion
■ Logon as described above.
■ Click the View Transcript link.
■ Click the View Transcript button.
■ Click the certificate icon on the right hand side of the list of Events Attended.
■ Print or Save your PDF Certificate.
Documentation:
A training tablet is included for each trainee that includes product specifications, manuals and videos. A
certificate of completion is given to each participant.
Safety and Hazard Awareness (SHA) Notice
This notice promulgates safety precautions for students at all C•CURE 9000 training sites. All
personnel must remain alert for any hazards within the training facilities. At a minimum, each
individual is responsible for knowing, understanding, and observing all related safety precautions at
the C•CURE 9000 training sites.
In addition, you are responsible for observing the following general safety precautions:
■ Attend the training course rested and emotionally prepared for the tasks at hand.
■ Use normal prudence in all your functions, commensurate with the course tasks at hand.
■ Report any unsafe conditions, or any equipment or material which you consider to be unsafe, and any
unusual or developing hazards to your course instructor or JCI employee.
■ Warn others whom you believe to be endangered by known hazards or by failure to observe safety
precautions, and of any unusual or developing hazards.
■ Report to the instructor any mishap, injury, or evidence of impaired health occurring in the course of
your work or during non-training environment.
C•CURE 9000 North America Product Support
Online Resources
Documentation and references will be identified in Chapter 1 of this course, however, should you desire to access
more information regarding the High Assurance Solution (HAS) system, you can use the following locations to access
the same or additional documentation and/or resource materials:
Websites:
• Software House Support Website: https://www.swhouse.com
• Innometriks Support Website: http://innometriksinc.com/support
Technical Support
Telephone Technical Support: 800-507-6268
During the period of the Agreement, the following guidelines apply:
• Software House accepts service calls only from employees of the Systems Integrator of Record for the
installation associated with the support inquiry.
Before Calling, ensure that you:

• Are the Dealer of record for this account.
• Are certified by Software House for this product.
• Have a valid license and current Software Support Agreement (SSA) for the system.
• Have the system serial number available.
• Have your certification number available.
North America (NA) Customer Support Hours and Phone Numbers
Hours Normal Support Hours Monday through Friday, 8:00 a.m. to 8:00 p.m., EST. Except
holidays.
Emergency Support Hours 24 hours/day, seven days a week, 365 days/year.
Requires Enhanced SSA “7 x 24” Standby Telephone Support

(emergency) provided to Certified Technicians.
For all other customers, billable on time and materials basis.

Minimum charges apply – See MSRP.
Phone For telephone support contact numbers for all regions, see: http://www.swhouse.com/support/contact_
technical_support.aspx
How to Use this Student Guide
■ This publication has been prepared for your use while you are attending this course. It is arranged in
accordance with the topics taught, and is in sequence with those topics. By using the table of contents
you should be able to locate the lesson topics easily. By following the enclosed course schedule, you
should be able to follow the course of instruction in a logical manner.
■ Under each module, there may be the following instruction sheets:
■Outline Sheets: Provide a listing of major teaching points. The outline is consistent with each
chapter’s content. It allows you to follow the progress of module topics, to take notes as desired, and
to retain topic information for future reference.
■Diagram Sheets: These are used as necessary to simplify the instruction. They are to aid you in
understanding the systems, equipment, or topics presented.
■Assignment Sheets Provides review questions, a list of Job and Lab Sheets for each student for each
chapter.
■LAB Sheets Provide step-by-step that a student can use to follow along with an instructor’s
demonstration and/or perform on the student’s own workstation. Students do not get graded on
completing task sheets.
Study Techniques
Classroom and laboratory sessions will be conducted by one or more instructors. You will be responsible
for completing the material in this guide, some of it before class time. Prior to starting to use this guide,
read through the front matter and become familiar with the organization of the material, then follow
directions below for each lesson topic:
1. READ the Enabling Objectives for the lesson topic and familiarize yourself with what will be expected of
you.
2. STUDY each reading assignment.
3. WRITE any written assignment.
Examinations & Quizzes

Exams and quizzes are administered as per the Course Master Schedule.
A Quiz is an instructor-provided check to validate any of the previously taught training material to the
active class participants. Quizzes are rarely given in C•CURE 9000 courses, however, they may be used to
verify student understanding prior to moving on to more complex or advance course content.
Knowledge Exams are either written or verbally proctored exams that each student must complete to
earn a passing score for the course (or if applicable, certification). All knowledge exams will be provided in
the form of multiple choice, essay, matching, completion and/or true/false items.
Performance Exams are physically performed, proctored exams that each student must complete to earn
a passing score for the course (or if applicable, certification). Performance exams test job skills as
appropriate. Performance exams provide the equipment and instructions necessary to perform one or
more tasks, which can include fault isolation, troubleshooting and corrective actions on an operational,
active system. Performance Exams are usually associated with Exercise Sheets.
A Blitz Exam is an informal test used as a ‘check for understanding’, and may be given by your instructor at
any time during the course. The Blitz Exam is utilized for the instructor to learn the baseline (or level of
knowledge) of a student/group of students prior to any chapter of any course. Instructors would most
likely use this to test the baseline capabilities of students attending an advanced class so as to verify the
student experience and skills prior to the start of a course.
Challenge Exam(s) is (are) the resultant of a “course challenge”. All mandatory knowledge and
performance exams necessary for course (and in some cases, certification) completion can be requested to
be done on Day 1 of the active Instructor-Led Training course. Challenge Exams must be requested and
authorized in advance by the student through the JCI C•CURE 9000 Training Manager and the on-site
instructor. Students should discuss this with the JCI C•CURE 9000 Training Manager and instructor at least 2
weeks prior to the start of the course.
NOTE: CHALLENGE EXAMS ARE RARELY AUTHORIZED.

A Certification Exam can be, and usually is, a combination of the course's Knowledge and Performance
exams. Depending on the complexity of the course a separate ‘Certification Exam’ may be added to the
course’s grading/certification rubric to ensure key and critical skills are tested and validated by course
completion. For a certification course, a passing score of a Certification Exam is required as well as a
passing score for each additional course knowledge and/or performance exam administered for the
course.
A Certification Re- Exam , depending on course and course scheduling parameters, can be
requested by the student through the JCI C•CURE 9000 Training Manager and the on-site instructor
should a student pass the course’s knowledge and performance exams, but not the course’s specific
Certification exam. An example of this is as follows: If a student attended a ‘certification course’ and only
passed the knowledge and performance exam items, but was unable to complete/pass the Certification
Exam, the student may have ‘passed the course’ but ‘failed certification’. As such, the student, rather than
attend the entire course again, could, upon authorization, reschedule to attend only the ‘Certification
Exam’ portion of a later scheduled certification course. If the student passes the Certification Exam on that
attempt, the student can then be listed as ‘certified’ without having to waste additional time and money in
attending a full version of the same course.
C•CURE and Software House are registered trademarks of Tyco Security Products.
The trademarks, logos, and service marks displayed on this document are registered in the
United States [or other countries]. Any misuse of the trademarks is strictly prohibited and Tyco
Security Products will aggressively enforce its intellectual property rights to the fullest extent of
the law, including pursuit of criminal prosecution wherever necessary. All trademarks not owned
by Tyco Security Products are the property of their respective owners, and are used with
permission or allowed under applicable laws.
Product offerings and specifications are subject to change without notice. Actual products may
vary from photos. Not all products include all features. Availability varies by region; contact your
regional sales manager.
Software version: 2.80

Course Number: AC9001 Day-1
Revision Number: B0
Release Date: June 2019
This manual is proprietary information of Software House. Unauthorized reproduction of any

portion of this manual is prohibited. The material in this manual is for information purposes only.
It is subject to change without notice. Software House assumes no responsibility for incorrect
information this manual may contain.
© 2019 Tyco Security Products.

All rights reserved.
Table of Contents
C•CURE 9000 Installer/Maintainer 1
Cyber_Protection_Program_Brochure 3
Chapter 1 - Log Management 18

Audit Log 19
Audit Log Purpose 19
Audit Log Entries 21
Journal Log 23
Journal Log Purpose 23
Journal Historical Overview and Update 23
Accessing the Journal 24
Deleting Backup Audit Log/Journal Volumes 28
Retrieving Deleted Audit Log/Journal Backup Volume Files 29
Log Volume Management 30
Log Backup Management 33
Automatic Log Volume Backup 34
Configuring an Event to PerformScheduled Backup of Audit/Journal Log Volumes 34
Configuring an Event to Perform Scheduled Backup and Deletion of Audit Log Volumes 35
Log Management Review Questions 37
Chapter 2 - Backup/Restore 38
Objectives 39
Backup/Restore Tab 40
System Database Backup Function 43
Manual Backup and Restore 44
Automatic Backup and Restore 46
Lab 2 - Backup from C•CURE 9000 49
C•CURE 9000 AC9001 Installer/Maintainer Student Guide 16

Backing Up the SQL Database from SQL 50
Restoring the SQL Database 57
Generate Reports about Backup System Activity 60
Lab 1 Restore 62
Backup/Restore Review Questions 63
Chapter 3 - Badging 64
Objectives 65
Badging 66
Badge Layout 74
Badge Designer 76
Sample Data 76
Badge Layout 77
Insert Dynamic Text 79
Insert Portrait 80
Insert Static Image 81
Insert Dynamic Image 82
Finished Badge Layout 83
Select a Badge Layout 83
Import Portraits and Images 85
Import Portrait and Signature 87
Using the Expression Builder 92
Portrait Image Capture or Import from File 98
Lab 1 Badging 99
Badging Review Questions 100
Appendix A - Book 5 Review Questions and Answers 102

Log Management Questions and Answers - Chapter 1 103
Backup/Restore Questions and Answers - Chapter 2 104
Badging Questions and Answers - Chapter 3 105
Performance Exam 1 (PE1) 106
Glossary 111
17 C•CURE 9000 AC9001 Installer/Maintainer Student Guide

1
Chapter 1 - Log Management
This module explains how to use Log Volume Management to back up Journal and Audit logs.
It also shows how Log Backup Management allows you to restore and remove sections of the
Journal and Audit logs that have been previously deleted from the Log Volume Management area.
In this module
Audit Log 19
Journal Log 23
Deleting Backup Audit Log/Journal Volumes 28
Retrieving Deleted Audit Log/Journal Backup Volume Files 29
Log Volume Management 30
Log Backup Management 33
Automatic Log Volume Backup 34
Log Management Review Questions 37
C•CURE 9000 AC9001 Installer/Maintainer Student Guide Chapter 1 18

Audit Log
Audit Log
Audit Log Purpose

The Audit Log displays specific system information (historical and otherwise) by utilizing system
variables to set certain defaults regarding how that information is managed and displayed.
Examples of objects that can be configured, monitored, and then recorded in the Audit Log are:
• Operator (system user) interactions including logins, logouts, object changes etc.
• Hardware Controllers (iSTAR)
• Other Devices (Door readers etc.)
• Objects (primary and secondary)
• Device actions
System Variables used in defining various settings for the Audit Log
• Enable Field Auditing
• Enable Special Property Field Auditing
• Audit Volume Size
• Maximum Message Size in Audit Log
• Number of Days to Store in Audit Log
• Audit Sync Upload Block Size
See the C•CURE 9000 Software Configuration Guide and various other technical documents for
more information on these Audit Log variables. Also, access the C•CURE 9000 Admin interface and
go to Options & Tools > System Variables > Audit) to view an explanation of each of these
variables.
19 Chapter 1 C•CURE 9000 AC9001 Installer/Maintainer Student Guide

Audit Log
To Access the Audit Log

1. Go to Options & Tools pane.
2. Select Audit Log (1).
3. Default Audit Query parameter is Last Hour.
4. Click Modify to change the default Audit parameters. For example, you can change the filter for the Server
Date/Time value from Last Hour to Last 24 hours, Last 7 days, etc. (2)
5. Click Run to run the query and display the Audit Results (3).
6. The results can be filtered down to the desired subsets.
7. Right-click the column headings at the top of the screen to select or deselect Audit fields to display.

Audit Log
Audit Log Entries

The Audit Log lists operations for Primary and Secondary objects. Table 1 on Page 21 lists the
Primary and Secondary objects that perform the action and that receive the action.
For example, the Edit Object operation lists the Operator Name that performed an Edit Object
operation on a Primary object; there is no secondary object for the Edit Object operation.
■ Create
■ Delete
■ Edit
■ Reference Added (example - Card Format, Clearance, etc.)
Table 1: Audit Log: Primary and Secondary Objects
Operation Operator Primary Secondary Primary Object Secondary
Name Object Name Object Name Type Object Type
Object Created Operator Object
Name

Audit Log
Audit Log: Primary and Secondary Objects (continued)
Operation Operator Primary Secondary Primary Object Secondary

Name Object Name Object Name Type Object Type
Create Door Operator Door
Name
Create Elevator Operator Elevator

Name
Create Button Operator Elevator Floor

Name
Delete Object Operator Object

Name
Edit Object Operator Object

Name
Reference Operator Cardholder Clearance

Added - Name
Clearance
Reference Operator Reader Card Format

Added - Card Name
Format
Reference Group name Holiday name .Group .Holiday

Added - Holiday
Reference .Group .TimeSpec

Added -
Scheduler

Journal Log
Journal Log
Journal Log Purpose

The Activity Journal, often simply called the Journal, maintains a record of all activity monitored
by the system. Viewing this history can provide valuable information about a monitored
environment and a C•CURE 9000 installation.
Records in the Journal can provide a historical view of activity that has occurred within the system
and can verify events when serious issues occur. Journal messages can also provide statistical
information on resource usage or help locate people or assets within a facility.
Journal Historical Overview and Update

■ Before C•CURE 9000 v2.70 was released, victor and C-CURE 9000 had separate journal
databases which reduced hard drive space much faster and extended CPU time to write two
journal entries in most cases.
■ Now there is one virtual journal database shared between both victor and C-CURE 9000, and
most journal entries are only written once. Query and report performance improved, notably
when dealing with large databases.
■ Journal switching is now completed by number of days in journal, not its size. The Minimum
number of days is 14, and the Maximum is 71,200. This variable is set in the C•CURE 9000
Admin Station under Options & Tools > System Variables > Journal > Number of days
to store in Journal Log:

Journal Log
Accessing the Journal

The following is an example of the default query for Journal Log entries. Default journal entries are
activities that occurred within the last hour.
To Access the Journal

1. Go to Options & Tools pane.
2. Select Journal.
3. Default Journal Query parameter is Last Hour.
4. Click Modify to change the default Audit parameters. For example, you can change the filter for the Server
Date/Time value from Last Hour to Last 24 hours, Last 7 days, etc. (4)
5. Click Run to run the query and display the Audit Results (5).
6. The results can be filtered down to the desired subsets.
7. Right-click the column headings at the top of the screen to select or deselect Audit fields to display.

Journal Log
Below is an example of the results of running the Default Journal Log query. The default log lists
activities that occurred within the last hour:
Default Journal Query parameters can be changed. For example, select Modify to change the filter
for the Journal Default Query from Last Hour to Today, Last 24 Hours, Last 7 Days, etc. The
Journal Log lists activities for Primary and Secondary objects.
Table 2 on Page 26 shows Journal Log types and activities. For example, the Card Admit Log Type
lists the Cardholder Name as the primary object and the Door or Elevator as the secondary object.
The Message Text is Admitted Primary (Cardholder Name) at Secondary (Door or Elevator).
• Cardholder Activity
• Device Activity
• Area Activity
• Manual Actions
• Error Messages

Journal Log
Table 2: Journal Log: Primary and Secondary Objects

Log Type Primary Secondary Message Text Primary Secondary
Object Object Object Type Object
Name Name Type
Card Admit Cardholder Door or Admitted Primary at Secondary .Personnel .Door or
Name Elevator .Elevator
Card Reject Cardholder Door or Rejected (Clearance) Primary at .Personnel .Door or

(Clearance) Name Elevator Secondary .Elevator
Card Reject Cardholder Door or Rejected (Disabled) Primary at .Personnel .Door or

(Disabled) Name Elevator Secondary .Elevator
Card Reject Cardholder Door or Rejected (Lost) Primary at Secondary .Personnel .Door or
(Lost) Name Elevator .Elevator
Card Reject Cardholder Door or Rejected (Stolen) Primary at .Personnel .Door or

(Stolen) Name Elevator Secondary .Elevator
Card Reject Cardholder Door or Rejected (Expired) Primary at .Personnel .Door or

(Expired) Name Elevator Secondary .Elevator
Card Reject Door or Rejected Unknown at Secondary .Door or

(Unknown) Elevator .Elevator
Card Reject Door or Rejected Misread at Secondary .Door or

(Misread) Elevator .Elevator
Device iSTAR Fast Card DL Started on Primary .iStarController

Activity Name
Device iSTAR Fast Card DL Completed on Primary .iStarController

Activity Name
Device iSTAR Fast Flash Started on Primary with .iStarController

Activity Name Firmware version ____
Device iSTAR Fast Flash Completed on Primary .iStarController .Operator

Activity Name with Firmware version ____
Device iSTAR CerticateSigningRequestApproved .iStarController .Operator

Activity Name from Controller by Operator.
Login/Logout Operator Operator logged in/ out on

Name Computer using AdminWorkstation
or MonitoringStation
Manual Operator exp. Door, Manual action by Operator

Action Name Output, JNL activated/deactivated Output
Trigger, etc.
NetVideo Net Video NetVideo Action on NetVideo server

Activity Server
Object Status iSTAR Object Changed State

Name,
Door,
Elevator,
Event

Journal Log
Journal Log: Primary and Secondary Objects (continued)
Log Type Primary Secondary Message Text Primary Secondary

Object Object Object Type Object
Name Name Type
Operator Report Report Result: Name was
Activity name exported/viewed by Operatorname
Operator Object Name was imported or exported Import/Export
Activity name, exp.
card
formats
System System activity: Activity (server,

Activity driver, service) started, stopped,
ended on Computer. Also, Backup,
Area Activity Area name Area is not configured Cluster Area
Object Reader Clearance filter set to level n. iSTAR Reader

Changed name
State
Object exp. JNL Operator Event ACK XF Event

Changed Trigger
State Event
Object exp. Latch Latch Event is latched XF Event

Changed Event
State
Object exp. Time Zone Schedule active in Time Zone Time Spec Time Zone
Changed Schedule
State
Device Error Device Download failed, download aborted.

name, exp.
iSTAR

Deleting Backup Audit Log/Journal Volumes
Deleting Backup Audit Log/Journal Volumes

You can delete Audit or Journal backup files (the backed up volumes) from the Backup directory
where they are stored. You might need to do this to create more disk space on the Server where
C•CURE 9000 resides. However, Software House recommends that you archive the files elsewhere
before deleting them.
C•CURE 9000 will allow you to re-link to deleted archived files later on so you can restore them to
the database.
You use the Log Backup Management function, accessible from the Options & Tools pane of the
Administration Station, to delete these backup volumes.
You can delete individual or multiple backup files in a session.
Be careful when deleting these backup files! Make sure that you archived them some
where else beforehand, so later on you can reload them, if necessary. Otherwise, you could
lose important historical data.
While the system gives you a warning message when you try to delete any volume, it will
not prevent the deletion if you choose to continue.
To Delete Audit/Journal Backup Files

1. In the Administration Station, on the Options & Tools pane, select Log Backup Mgmt.
The Log Backup Management dialog box appears.
2. Select Delete Backup Files.
3. From the drop-down list in the Log Type field, select either Audit Log or Activity Journal.
All the existing backed up volumes for either the Audit Log or Activity Journal, depending on which you selected,
appear in the list on the General tab for the Audit Log. The Delete Backup Files button is available.
4. Click Delete Backup Files.

A warning message such as that shown in the example appears, requesting that you confirm the deletion.
5. Click Yes to delete this backup volume and No to cancel the delete operation.
6. To see the result of the deletion reflected in the list on the dialog box, click Refresh when the operation is
completed.

Retrieving Deleted Audit Log/Journal Backup Volume Files
Retrieving Deleted Audit Log/Journal Backup Volume Files

The Reload Log Backup utility provides a means to retrieve Audit or Journal Log backup files that
you deleted from the Backup directory and then archived elsewhere; for example, to create more disk
space on the server. You might need to restore these log volume files to the C•CURE 9000 Backup
directory to recover system history from a long time ago.
You can only restore deleted log backups to the same C•CURE 9000 system from which they were
originally generated.
To Restore Deleted Audit/Journal Log Backup Files

1. Click Start> Run> C:\Program Files (x86)\Tyco\CrossFire\LogBackup.exe.
There is no need to stop or start the Crossfire Service to use the Reload tool. It works
independently.
2. In the Log Backup File field, enter the location path of the deleted log file that you want to restore.
- or -
a. Click to open the standard Windows File dialog box and browse to find the file.
b. Select the Volume backup file you want to reload and click Open. The selected file/path is entered into the Log
Backup File field.
3. Click the Reload Log button.

• The selected log backup file is copied into the Backup directory.
• The system then retrieves this backup file copy so you can review it, and displays a message when the process
is successfully completed.
• The reloaded Audit or Journal Log Volume file appears and functions exactly like the other backup log files in
the Backup directory.
• You can use the Log Management Backup function, accessible from the C•CURE 9000 Administration Station
Options & Tools pane, to restore the file to the C•CURE 9000 database.
4. Click OK.

Log Volume Management

Journal and Audit logs are backed up using Log Backup Management. They can also be “deleted”
from this dialog box. When they are deleted they are moved to the Log Backup Management section.

This picture shows the backed-up Journal volumes.

Audit Log Volume Management is similar. This screen shows backed-up Audit Log volumes.

Log Backup Management
Log Backup Management

Log Backup Management allows you to restore and remove sections of the Journal and Audit logs
that have been previously deleted from the Log Volume Management area.
If logs are deleted from the Log Backup Management section, they can be recovered by copying the file
back into the c:\Program Files\ACVSCore\Backups directory.

Automatic Log Volume Backup

You can create scheduled events to automatically backup Journal and Audit logs.
The Log Volume Backup Action performs a backup of Audit Log or Journal Log volumes.
The Log Volume Management Action performs a backup of Audit Log or Journal Log volumes, then
deletes the Audit Log or Journal Volumes to free up space.
Configuring an Event to Perform

Scheduled Backup of Audit/Journal Log Volumes
You can manually configure your own Event with a action to run at specific scheduled times and
perform a backup of Audit/Journal Log Volumes.
You use the Event Editor to create an event with the pre-defined Log Volume Backup action and then
define a schedule to associate with the event. C•CURE 9000 performs the automatic backup as a
recurring event.
When the system runs the backup, Log Volume Backup records the date and time of the backup.
An entry is also created in the Journal whenever one of the volumes is backed up. (It also indicates
whether it is a manual or automatic backup.)
To Schedule an Event to Backup Audit Log Volumes

1. In the Administration Station, on the Navigation pane, click Configuration.
2. From the pull-down menu, select Event and click New to create an Event. (
The Event Editor opens.
3. Enter a name and a description for the event and then click to open the Action tab.
4. Click Add to add a new Action and then click the down-arrow in the Action column to display a
drop-down list of valid actions.
5. Click the Log Volume Backup Action to add it to the column.
As you select an Action, the Select Log Type entry field appears at the bottom of the dialog box.
6. Select Audit or Journal Log from the pull-down menu.
7. Open the General tab and click in the Activate on Schedule field to select the schedule for
running this event.
8. Once you have associated a schedule with the Scheduled Log Volume Backup Event, finish
configuring the event on the other Event tabs, as necessary.
9. Select the Enabled check box to enable the Event.
10.Click Save and Close to save the Event.

Configuring an Event to Perform Scheduled Backup and

Deletion of Audit Log Volumes
If the pre-configured Event for backup and deletion does not meet your needs, you can manually
configure your own Event with a Log Management action to run at specific scheduled times and
perform the same functions. You use the Event Editor to create an event with the pre-defined Log
Management action and then define a schedule to associate with the Event. C•CURE 9000 performs
the automatic backup and deletion as a recurring event.
When the system runs the backup, it records the date and time of the backup. An entry is also
created in the Journal whenever one of the volumes is backed up. (It also indicates whether it is a
manual or automatic backup.)
The deleted, backed up volumes are stored in a C•CURE 9000 Backup directory as individual files
and can be restored for viewing using the Log Backup Management function.
To Schedule a Backup and Deletion of Audit/Journal Log Volumes

1. In the Administration Station, on the Navigation pane, click Configuration.
2. From the pull-down menu, select Event and click New to create an Event.
The Event Editor opens.
3. Enter a Name and a Description for the Event.
4. Open the Action tab.
5. Click Add to add a new Action and then click the down-arrow in the Action column to display a drop-down list of
valid actions.
6. Click the Log Volume Management Action to add it to the column.

As you select an Action, the Select Log Type entry field with a default entry of Audit Log appears at the bottom of
the dialog box.

7. Select Audit Log or Journal Log from the pull-down menu.
8. Open the General tab and click in the Activate on Schedule field to select the schedule for running this event.
9. Once you have associated a schedule with the Scheduled Log Volume Management Event, finish configuring the
event on the other Event tabs, as necessary.
10. Select the Enabled check box to enable the Event.
11. Click Save and Close to save the Event.

Log Management Review Questions
Log Management Review Questions

1. What are the two databases that generate log volumes?
2. When would you use Delete backup Files in the Log Backup Management option?
3. What information is contained in the Audit Log?
4. How do you access the Audit Log?
5. What kind of information is contained in the Journal Log?
6. What are the main differences between the Audit Log and the Journal Log? In what ways are they
similar?
7. Why would you want to retrieve deleted Log files?
8. What is the difference between the Log Volume Backup and Log Volume Management actions?
9. How do you schedule a Log Volume Management Action to recur on a weekly basis?

2
Chapter 2 - Backup/Restore
This module covers Backup and Restore of the database via C•CURE 9000 and SQL.
In This Chapter:
Objectives 39
Backup/Restore Tab 40
Lab 2 - Backup from C•CURE 9000 49
Backing Up the SQL Database from SQL 50
Restoring the SQL Database 57
Lab 1 Restore 62
Backup/Restore Review Questions 63

Objectives
Objectives
Upon successful completion of this chapter, the student will be able to:
■ Perform a manual SQL System Backup from the System Configuration Application
■ Perform a manual SQL System Restore from the System Configuration Application
■ Perform a manual SQL System Backups from C•CURE 9000
■ Perform an automatic SQL System Backup from C•CURE 9000
■ Back up and restore the SQL database from SQL

Backup/Restore Tab
Backup/Restore Tab
Backup
■ You can perform SQL Backups from the Server Configuration App.
■ Select a combination of DB Names using the check box (s) and select Backup Database(s).
Table 3: Database Names

Database Name Associated with:
ACVSAudit C•CURE 9000
ACVSBIRS C•CURE 9000
ACVSCore C•CURE 9000 and AD victor
ACVSJournal_00010002 C•CURE 9000and AD Victor
ACVSUJournal_00010000 C•CURE 9000 andAD victor

SWHSSystemAudit C•CURE 9000

Backup/Restore Tab
■ You can backup the databases to either the Default SQL Server backup folder or to a folder
of your choice by clicking Alternate folder on SQL instance, then clicking Destination Folder
and selecting a folder from the Browse for Folder window that appears.

Backup/Restore Tab
The Default SQL Server backup folder is set in SQL server. You can see the Default SQL Server backup
folder by:
1. Opening Microsoft SQL Server Management Studio.
2. Opening the Database Backup action for ACVSCore by right-clicking on ACVSCore, then select
Tasks>Backup. The default backup folder will be visible in the Destination table.

Backup/Restore Tab
Restore
■ You can perform SQL Restores from the Server Configuration App. also.
■ Select a combination of DB Names using the check box (s) and select Restore Selected
Database(s).
■ You need to stop the Framework Services prior to a restore in order to avoid an asynchronous
unknown restore.
If you have saved backups to a different folder than the Default SQL Server backup folder, click
Alternate folder on SQL instance, then click the Source Folder button to browse Windows
folders to locate the backup you wish to restore.
System Database Backup Function

You can back up the C•CURE 9000 SQL Server databases (ACVSCore, SWHSystemJournal,
SWHSystemAudit databases) at any time using the System Backup function, accessed from the
Options & Tools pane.
■ The System Backup function names the backup automatically and saves the backup to a default
location. You cannot use the System Backup to name the backup or to change where to save the
backup file.
■ You can also configure backups to run at specific scheduled times. C•CURE 9000 provides the
capability for scheduling one or more database backups to run at specific times each week. You
use the Event Editor to create an event with the pre-defined Database Backup action and then
define a schedule to associate with the event. C•CURE 9000 performs the backups as a recurring
event.
Microsoft SQL Server maintains a set of System databases that are essential for the operation of
SQL Server. It is important to follow Microsoft's guidance for the use and maintenance of the SQL

Backup/Restore Tab
Server databases, including planned regular backup of the Master database.
For more information on SQL Server best practices, see

http://technet.microsoft.com/en-us/library/cc917637.aspx and related web pages .
When a backup runs, whether initiated manually by an operator or automatically by a scheduled
event action, the system records the date and time of the backup. An entry is also created in the
Journal whenever one of the databases is backed up. (The entry indicates whether it is a manual or
automatic backup.)
The ability to maintain databases used by C•CURE 9000 is controlled by the access privileges
assigned to you by the system administrator.
Manual Backup and Restore

Back up all databases from the application.
To Backup All Databases

1. Select Options and Tools > System Backup.
2. Select the database(s) you want to backup from the Name drop-down list.
3. Click Start Backup.

Backup/Restore Tab

Backup/Restore Tab
4. The system displays a message for each database when the backup completes.
SQL System Backup and Restore can also be done in the Server Configuration Backup/Restore
Tab.
Automatic Backup and Restore

Create an Event to perform Automatic Backup and Restore
1. Create a Backup Schedule to activate the event. (Configuration Pane > Schedule)

Backup/Restore Tab
2. Create the Event (Configuration Pane) and assign the Schedule.

Backup/Restore Tab
3. Create the Event Action
4. Click Save and Close to save your changes.

The Schedule will activate every day at 1 AM and execute the backup event.

Lab 2 - Backup from C•CURE 9000
Lab 2 - Backup from C•CURE 9000

1. Back up the system manually.
2. Back up the system using a scheduled event.
3. Backup all DBs from the Server Configuration Utility.

Backing Up the SQL Database from SQL

This section describes the process used to back up the Microsoft SQL Server database. Designing an
effective backup and restore strategy requires careful planning, implementation and testing. You
must consider a variety of factors including:
■ The production goals of the organization for the databases, especially the requirements for
availability and protection of data from loss.
■ The nature of each of the databases: its size, its usage patterns, the nature of its content, the
requirements for its data, etc.
■ Constraints on resources, such as: hardware, personnel, space for storing backup media, the
physical security of the stored media, etc.
It is highly recommended that all SQL Server databases be backed up periodically. For further
information navigate to:
http://www.microsoft.com/technet/prodtechnol/sql/2000/books/c11ppcsq.mspx#EEHAC
To Back Up the SQL Database

1. In the Start menu, select All Programs>Software House> Server Configuration.

2. Click the Stop Server and Stop Drivers buttons in the Server Configuration Application.
Note: You must have Administrative privileges to stop and start the driver. Right-click to run as Administrator, if
necessary.
3. To verify that the server is not running, open the Windows Task Manager and click on the Processes tab. If the
application is displayed, right-click SoftwareSoftwareHouse.CrossFire.Server.exe and select End Process.
4. Disable the system’s virus scanning application; right-click on the icon in the Windows menu and select the
disable option.
5. Open SQL Management Express (All Programs > Microsoft SQL Server 2014 > SQL Server Management Studio
Express) and select Databases.

6. Navigate to SWH System node and right-click to select Tasks. Click Back Up.
7. The Back Up Database dialog box is displayed, showing the back up destination folder.

8. The default backup destination is:
Drive: \Program Files \Tyco\Crossfire\Microsoft SQL Server\

MSSQL.1\MSSQL\Backup.
The default path may differ for different versions of SQL.
9. To change the backup path, click Add (1).

10. The Select Back Up Destination browser displays.
11. Click to locate the database file using the Select Back Up Destination browser (2).

12. The Locate Backup File browser opens, allowing you to find the directory in which the database backup file
exists. Choose an alternate destination and click OK to return to the Select Back Up Destination browser.
13. Click OK in the Select Back Up Destination browser. The Back Up Database dialog box is displayed with the
both back up destinations and backup files shown in the Destination box.
14. Select either the alternate file or the default backup file. Click Remove to delete the other.

15. When you click OK, the SQL Management Express - database successfully backed up message is presented. Click
OK to return to the SQL Management Express selection dialog box. You are now ready to restore the database.
16. If you choose to not restore the database, restart the CrossFire Server from Server Configuration Application by
clicking the Start Server and Start Drivers buttons and begin using C•CURE 9000.

Restoring the SQL Database

This section describes the process used to restore the Microsoft SQL Server database. When a
database is restored from a full backup, SQL Server recreates the original database files and places
them in the locations that were recorded when the backup was made. All database objects are
recreated automatically.
To Restore the SQL Database

1. Shut down the SoftwareHouse.CrossFire.Server.exe as described above in To Back Up the SQL
Database on Page 50. To check that the CrossFire Server is not running, open the Windows Task
Manager (see Step 3 on Page 51) and click on the Processes tab. If the application is displayed,
right-click the SoftwareHouse.CrossFire.Server.exe and select End Process.
2. Disable the system’s virus scanning application. Ordinarily, this can be accomplished by right-clicking on the icon
in the Windows menu and selecting the disable option.
Be sure to stop the CrossFire server, disable the system’s virus scanning application, and backup the data
before restoring the Microsoft SQL Database.
3. Open SQL Management Express and select the Databases directory.

4. Navigate to ACVSCore node and right-click to select Tasks. Click Restore > Database. The Restore Database
dialog box appears.
5. In the Source section, select Database.
6. Use the drop-down list in the Database field to choose the database to restore (ACVSCore, SWHSystemAudit,
SWHSystemJournal).
7. If there is more than one backup available, click the Restore check box for the database you wish to restore.
If you wish to restore a database from a different backup source folder or drive, or the database
backup you want to restore is not listed, you can select Device and select a database to restore
from another folder.

8. If you are restoring a backup that originated from a different C•CURE 9000 database, you should click the Options
page and under Restore options, select Overwrite the existing databases (WITH REPLACE). Also, under Server
connections, select Close existing connections to destination database, to ensure that existing Server
connections do not interfere with the Restore operation.
9. Click OK to begin the database restore process. When the database is replaced, the SQL Management Studio
Express - database successfully restored message is displayed.

10. Restart the CrossFire Server from the Server Configuration Application by clicking the Start Service buttons for
the CrossFire Framework Service and the CrossFire Server Components Framework Service. When these services
are Running, , you can then begin using C•CURE 9000.
Generate Reports about Backup System Activity

Select the Journal option from the Options & Tools Pane to output Journal Reports and Data
Views about Backup system activity.
Select System Activity Message Types (1).

Click Run (2) to display a Dynamic View showing System Activity, including database backups.


Lab 1 Restore
Lab 1 Restore
1. Restore assigned databases from file paths provided by instructor.

Backup/Restore Review Questions
Backup/Restore Review Questions

1. Name the C•CURE databases you can back up from the application or from SQL.
2. How can you automatically back up the SQL databases?
3. What Event Action do you use to perform database backups?
4. How can you generate a list of the backups you have performed?
5. Name two different methods you can use to restore a database.
6. How can you perform a database backup via SQL?
7. What is the default backup destination for SQL database backups of the C•CURE 9000 databases?
How can you change that default location?

3
Chapter 3 - Badging
This chapter discusses topics related to Badging and Badge Layouts.

In This Chapter:
Objectives 65
Badging 66
Badge Designer 76
Lab 1 Badging 99
Badging Review Questions 100

Objectives
Objectives
Upon successful completion of this chapter, the user will be able to do the following:
■Enable badging
■Design badge layouts
■Import images
■Preview badges
■Print badges

Badging
Badging
To utilize the C•CURE ID Badging feature, you must first use Badge Setup in Options and Tools to
configure various badging parameters. In addition to configuring Batch Printing and Printer Options
you can define the capture settings for:
■ Portrait
■ Fingerprint
■ Signature
■ Smart Card Programming and Enrollment
This course covers Portraits and Signatures. The Advanced Integrator course covers Fingerprint and
Smart Card in detail.
You can also setup Printer settings from Badge Setup.

Badging
To Configure Portrait Settings

1. Select Badge Setup from Options and Tools.
2. Select the Portrait Settings check box, then click Portrait Settings to set up the capture device and capture
settings.
The Capture Device can be TWAIN or Import from file. If you select TWAIN, you can further configure the TWAIN
device. For this class, select Import from file.

Badging
3. You can select Enable both device capture and import from file if you want both options to be available on the
Personnel Images tab (1).
4. If you enable Brightness/Contrast, you can adjust the image as it is being imported to the card record (2).
5. Click OK to complete Portrait Configuration.

Badging
To Setup Signature Configuration

1. Select Badge Setup from Options and Tools.
2. Select the Signature Settings check box.
3. Capturing a signature for use on a badge is similar to the Portrait capture. You can select the Capture device from
the drop down list (1):
■ Topaz Sig Tablet
■ Penware Sig Tablet
■ Twain device
■ Import from file
4. You can click Device Setup to configure the Capture Device (2).

Badging
Topaz Penware Twain
5. If you enable Brightness/Contrast, you can adjust the image as it is being imported to the card record (3).
6. Click OK to complete Signature Configuration.

Badging
To Setup Batch / Sheet Printer Configuration
1. Select Batch printing and Batching Options to configure Batch and Sheet printing.

Badging
2. Select the Printer (1) and the Batch Queue mode (2).
3. You can use the settings for Origin Offset to move the badge image right or left on the x-axis and up or down on
the y-axis from the top-left corner of a badge during printing (3).
4. Select the Smartcard check box to enable Smartcard configuration for batch printing (4).
5. Select Sheet Layout to enable the configuration of Sheet Layouts, including Avery™ Label Templates, for batch
printing (not available for selection if you enabled Smartcard (5).

Badging
6. Select Printer Options to select the Badge Printer from printers attached to the Badging station.

Badging
7. Click OK to save your settings.
Badge Layout
Step 2: Badge Layout
1. Select Badge Layout from the Personnel Pane.
2. Select New.
3. Launch the Badge Designer

Badging

Badge Designer
Badge Designer
Sample Data
Before starting the layout, first provide sample data for the fields that will be on the badge.
Sample Data lets you simulate personnel data so you can evaluate how text data fits your badge
layout. You can use Sample Data to see how any field in the Personnel database displays in your
badge layout.
To Create Sample Data

1. On the Edit menu select Sample Data.
2. Enter the data and click OK.

Badge Designer
Badge Layout
To insert the various elements you can either use the Insert menu or drag the appropriate icon from
the left border of the designer.
Use the Badge Layout panel to:
■ Define one or two sides to the badge
■ Orient as either Portrait or landscape
■ Apply background to the badge
Insert Text
Next, select Insert>Text and select Static text from Text Properties.
(Or drag the Text icon onto the Badge.)

Badge Designer
Add "Employee Name" to the Static Text field to define a header for the First Name-Last Name
fields will be on the badge. Static Text is the same on all badges.

Badge Designer
Insert Dynamic Text

Next, select Insert>Text and select Dynamic text from Text Properties.
Dynamic text is taken from a database field such as First Name or Last Name. It will likely be
different on each badge.

Badge Designer
Insert Portrait
Next, select Insert>Portrait and click the button next to the Sample File Name field to browse
for a sample image.

Badge Designer
Insert Static Image

To insert a Company Logo as a static image (the same on all badges using this layout).
Select Static Filename and click browse to locate the logo file.

Badge Designer
Insert Dynamic Image
Dynamic Images can be used to provide unique images for each cardholder, or group of cardholders.

Badge Designer
Finished Badge Layout
Once you have completed the layout, you must SAVE it. After saving the badge layout, click File >
Exit and then OK.
To Save the Badge Layout

1. From the C•CURE ID Badge Designer, choose File > Exit from the Badge Designer menu.
2. On the Badge Layout dialog box, click Save and Close to save the changes. To discard changes, click
the Close box . A Warning dialog box appears asking “Save changes before exiting?"
3. Click Yes to save the changes, or click No to exit without saving.
4. Or you can click Cancel, and you can click the Launch C•CURE ID Badge Designer button again to
resume work on the Badge Design.
Select a Badge Layout

Select the desired Badge layout on the Personnel Credentials tab.

Badge Designer

Badge Designer
Import Portraits and Images
See Page 66 to review how to import Portraits and images to the personnel record.
In this case Portrait 5004-1 is the Dynamic image associated with this cardholder.
In this case, we are using the Text5 field as the link for the dynamic image in the Badge Layout.
If you click Preview Badge, you will see that Portrait 5004-1 is on the Badge Preview as the
cardholder's portrait.
Note that you can click Enroll Fingerprint to open the Fingerprint Capture dialog box to enroll
fingerprints.

Badge Designer

Badge Designer
Import Portrait and Signature

In this next sequence, we are going to import the portrait and signature of a cardholder named John
Hancock.
To Import Portraits and Signatures

1. Select Add in the Images tab of the cardholder Personnel record.
The Add button will not be available until Badging is enabled in the Options and Tools
Pane.
2. Browse to the location of the Portrait, or take the picture if TWAIN capture is configured.

Badge Designer
3. Select Load Image.
4. Select Save.
If the Brightness/Contrast box was checked in the Portrait setup screen, the Image adjustments
will be available.

Badge Designer
This shows the result of capturing the portrait.
5. Select Capture Signature.
6. Browse to a signature file
7. Select Load Image.

Badge Designer
8. Select Save.
If the Brightness/Contrast box was checked in the Signature setup screen, the Image adjustments
will be available.

Badge Designer
This shows the resulting Images tab after importing the Portrait and Signature.

Badge Designer
Using the Expression Builder

The expression builder feature can be used to create fields that contain various operators and
functions.
The Expression Builder has three basic sources of inputs to the expression.
■ Database Fields - all of the Personnel Record fields.
■ Functions - A comprehensive set of functions such as Format left, Format Right, Lower case,
Upper case, Month, Day, Year, Hour, Minute, Second, etc.
■ Operators - AND, OR, ADD(+), SUB(-), MUL(*), DIV(/), GT(>), LT(<), EQU(+), NEQ(<>), plus %, &,
and COMMA(,)
In this example, we are going to provide a field that has the First Name and Last Name concatenated
together.

Badge Designer
To Use the Expression Builder

1. Drag a Text field onto the badge
2. Select Dynamic Text.
3. Select an = sign in the enumerated list.
4. Select Expr>>

Badge Designer
5. Select First name from Database fields
6. Select + from the Operators section
7. Select Last name from Database fields.
8. Select Test.

Badge Designer
Notice that there is no space between the names

To correct the "no space" problem, add some spaces to the field.

Badge Designer
9. Type in a space bracketed with quote characters. (“ “)
10. Insert another plus (+) character followed by another space in quotes
11. Select Test again
Notice the effect of the spaces.

Badge Designer
12. Assign the completed badge layout to John Hancock’s personnel record.
13. Go to the Badging tab and click Badge Preview.

Badge Designer
Portrait Image Capture or Import from File

You can now enable both Device Capture and Import from File in Badge Setup. This configuration
setting enables a Capture|Import button.
To use this button, click the left side of the button to Capture an image from a device, or click the
right side of the button to Import the image from a file.

Lab 1 Badging
Lab 1 Badging
1. Configure Badge Setup in Tools Options pane.
2. Configure a badge layout.
3. Import Portrait and Images
4. Display a sample badge.

Badging Review Questions

1. Describe the steps to set up and configure a badge.
2. How do you configure a portrait?
3. How do you configure biometric settings?
4. How do you configure signature settings?
5. How do you configure printer and sheet layout settings?
6. How do you configure Batch Printing?
7. How do you activate the Badge Designer?
8. Describe the process of printing a dynamic image on a badge.
9. How do you preview a Badge?


A
Appendix A - Book 5 Review Questions and Answers
Log Management Questions and Answers - Chapter 1 103

Backup/Restore Questions and Answers - Chapter 2 104
Badging Questions and Answers - Chapter 3 105
Performance Exam 1 (PE1) 106
C•CURE 9000 AC9001 Installer/Maintainer Student Guide Appendix A 102

Log Management Questions and Answers - Chapter 1
Log Management Questions and Answers - Chapter 1

1. What are the two databases that generate log volumes?
The Audit Log (SWHSystemAudit) lists operations for Primary and Secondary objects.
The Journal Log (SWHSystemJournal) stores records of activities in the system.
For example, the Card Admit Log Type lists the Cardholder Name as the primary object and the
Door or Elevator as the secondary object.
2. When would you use Delete backup Files in the Log Backup Management option?
You might need to do this to create more disk space on the Server where the C•CURE 9000
resides. However, Software House recommends that you archive the files elsewhere before
deleting them.
3. What information is contained in the Audit Log?
Changes to objects such as creating a new object or modifying an existing object. For example,
the Edit Object operation lists the Operator Name that performed an Edit Object operation on a
Primary object.
4. How do you access the Audit Log?
In the Options & Tools pane, select Audit Log.
5. What kind of information is contained in the Journal Log?
The Journal contains records of activities that occur in the system. For example, the Card Admit
Log Type lists the Cardholder Name as the primary object and the Door or Elevator as the
secondary object.
6. How do you access the Journal Log?
In the Options & Tools pane, select Journal.
7. Why would you want to retrieve deleted Log files?
You might need to restore these log volume files to the C•CURE 9000 Backup directory to
recover system history from a long time ago.
8. What is the difference between the Log Volume Backup and Log Volume Management actions?
The Log Volume Backup Action performs a backup of Audit Log or Journal Log volumes.
The Log Volume Management Action performs a backup of Audit Log or Journal Log volumes,
then deletes the Audit Log or Journal Volumes to free up space.
9. How do you schedule a Log Volume Management Action to recur on a weekly basis?
You use the Event Editor to create an event with the pre-defined Log Management action and
then define a schedule to associate with the Event.
10.How can you search the Audit Log for a specific change that occurred sometime in the past?
On the Query Parameters screen, Click Modify to change the default Audit parameters. For
example, you can change the filter for the Server Date/Time value from Last Hour to Last 24
hours, Last 7 days, Last 12 months, etc. For Edit Operation, you can click the select button in the
Value field to select one or more operation types such as Object Changed and Object
103 Appendix A C•CURE 9000 AC9001 Installer/Maintainer Student Guide

Backup/Restore Questions and Answers - Chapter 2
Backup/Restore Questions and Answers - Chapter 2

1. Name the C•CURE databases you can back up from the application or from SQL.
SWHSystemJournal, SWHSystemAudit, ACVSCore, ACVSBIRS
2. How can you automatically back up the SQL databases?
You use the Event Editor to create an event with the pre-defined Database Backup action and
then define a schedule to associate with the event. C•CURE 9000 performs the backups as a
recurring event.
3. What Event Action do you use to perform database backups?
Database Backup Action.
4. How can you generate a list of the backups you have performed?
Select the Journal option from the Options & Tools Pane, then select System Activity Message in
Message Types. Click Run, then filter the Dynamic View that results in the Message Text column
on "Database Backup" to see a list of database backups performed.
5. Name two different methods you can use to restore a database.
Backup Restore tab in the Server Configuration Application and Restore Database in SQL Server
Management Studio.
6. How can you perform a database backup via SQL?
Open SQL Management Express (All Programs > Microsoft SQL Server 2014 > SQL Server
Management Studio Express) and select Databases. Navigate to the database and right-click to
select Tasks. Click Back Up and click OK to backup the database you picked to the default backup
destination.
7. What is the default backup destination for SQL database backups of the C•CURE 9000 databases?
How can you change that default location?
The Default SQL Server backup folder is set in SQL server. You can see the Default SQL Server
backup folder by Opening Microsoft SQL Server Management Studio and selecting the Database
Backup action for ACVSCore by right-clicking on ACVSCore, then select Tasks>Backup. The
default backup folder will be visible in the Destination table. The exact file path can differ for
different versions of SQL server.

Badging Questions and Answers - Chapter 3
Badging Questions and Answers - Chapter 3

1. Describe the steps to set up and configure a badge.
a. Badge Setup - configure setting for Portrait, Signature, Fingerprint capture and Printing
b. Badge Layout - create the appearance of the badge
c. Assign Badge Layout to Person - so that the badge you print uses the layout
d. Import Portrait, Images, Signature, Fingerprint - so that these are used by the badge layout.
e. Preview and Print Badge - View the badge on-screen, and send it to a badge printer.
2. How do you configure a portrait?
Options & Tools > Badge Setup > Portrait Settings button.
Choose size, format, Brightness/Contrast, and Capture, Import, or both.
3. How do you configure biometric settings?
Options & Tools > Badge Setup > Biometric Settings button.
Choose Capture Settings and number of fingerprints per card.
4. How do you configure signature settings?
Options & Tools > Badge Setup > Signature Settings button.
Choose size, format, Brightness/Contrast, and Capture device.
5. How do you configure printer and sheet layout settings?
Options & Tools > Badge Setup > Printer Options button.
Select Printer, Origin offset (if any), check Smartcard (if needed).
6. How do you configure Batch Printing?
Options & Tools > Badge Setup > select Batch Printing, then Batching Options.
Select Printer, Origin offset (if any), check Smartcard (if needed), Batch Queue Mode, and Use
Sheet Layout (if desired).
7. How do you activate the Badge Designer?
Select Badge Layout from the Personnel Pane. Then select New.
Click Launch C•CURE ID Badge Designer.
8. Describe the process of printing a dynamic image on a badge.
Configure the badge layout to include a dynamic image, linking the image on the badge to a
Customer field in Personnel (such as Text4). Capture/Import an Image to be the dynamic Image
for the person. Enter the Image Id (such as "Portrait_(5011-2)” into the Customer field (such as
Text4) to act as a link to the dynamic image.
9. How do you preview a Badge?
From the Personnel Badging tab, select the badge you want to preview, then click Preview Badge.

Performance Exam 1 (PE1)
1. Description
■ Performance Exam 1 Part I and II can be completed by either of the following methods:
• For Instructor Led Training (ILT)/Certification Course students: with the student’s
successful completion of labs in Modules 1 through 5.
• For all examinees other than those in attendance of an ILT/Certification Course: if
authorized, can be monitored by a certified C•CURE 9000 instructor (or a duly-assigned
proctor) in a lab environment that includes all materials listed in Part II: Equipment.
■ Performance Exam 1 Part III can be monitored by a certified C•CURE 9000 instructor (or a duly-
assigned proctor) in a lab environment that includes all materials listed in Part II: Equipment.
2. Equipment
This performance exam will require the student/examinee to perform tasks using the following
C•CURE 9000 Student Workstation items:
■ C•CURE 9000 Workstation
• C•CURE 9000 Computer
• Monitor
• Keyboard
• Mouse
• Speakers (optional)
• C•CURE 9000 v2.80 software & license
— Provided and listed by the instructor
• Windows Server software
• Adobe Acrobat Reader software
• Digital C•CURE 9000 Manuals
— Available in “Manuals” folder
• iSTAR Controller
• Door Reader/Simulator and associated/provided cabling and connectors
• Network Switch/Cable (if required at training site)
3. Scoring

The scoring for Performance Exam 1 (PE1) is based on a three-part score. The combined scores of
the three parts of the Performance Exam will make-up 50% of the course’s overall score.
■ PE1 Part 1: 35 Points
4. Performance Exam Lengths

PE1 consists of three parts. Each part’s time for exam completion is based on which exam method
the student/examinee is associated with:
■ Part I – Install and Set-Up a C•CURE 9000 Server
• For all ILT/Certification Course students:
— Time as required by instructor for Day 1-2 Student Guide Lab completions
• For all examinees other than ILT/Certification Course examinees:
— 2 hours
■ Part II – Configure C•CURE 9000 and associated equipment for functional Access Control
• For all ILT/Certification Course students:
— Time as required by instructor for Day 1-2 Student Guide Lab completions
• For all examinees other than ILT/Certification Course examinees:
— 2 hours
■ Part III – Identify C•CURE 9000 faults, troubleshoot and resolve faults
— 30 minutes
A. PE1 PART I – Install and Set-up a C•CURE 9000 Server

Performance Exam Part I
Using C•CURE 9000 technical documents and the Student Guide (for guidance), the student shall
install and configure a full version of C•CURE 9000 Server using the equipment/resources listed
in Section II of this exam, utilizing the classroom’s network capabilities (as identified by the
instructor).

For all ILT/Certification Course Students:

If students are attending an Instructor Led Training (ILT) and/or Certification version of this
course, the students can successfully complete this portion of the exam by performing all Student
Guide Labs in Days 1 and 2. Instructor will score specific labs throughout course flow.
For all examinees other than ILT/Certification Course students:
Complete each of the below listed elements in the exam’s Performance Exam Tasks. Ensure your
instructor/proctor reviews the results of the task on your workstation. The instructor/proctor will
score you on the PE Part I performance criteria listed below.
Performance Exam Tasks:
• Install C•CURE 9000 Server onto existing Windows Server drive/image
— Use provided C•CURE 9000 software identified by instructor
• Include Language Pack
• Use SQL Express (provided in C•CURE 9000 software) for database
• Configure using local authentication
— Write down local authentication inputs for instructor to review
• Install provided C•CURE 9000 license
— Use provided C•CURE 9000 license identified by instructor
• Configure with security passphrase (write it down to show instructor)
• Do not connect/configure to an iSTAR Controller yet
• Do not add hardware (readers, doors, etc.) yet
• Set credentials for admin and users
— Admin = highest credential
— User = lower credential
• Activate applicable (required) services
B. PE1 PART II – Configure C•CURE 9000 and Associated Equipment for Functional
Access Control
Performance Exam Part II:
configure C•CURE 9000 into a functional access control site, using the equipment/resources
listed in Section II of this exam.
For all ILT/Certification Course Students:

If students are attending an Instructor Led Training (ILT) and/or Certification version of this
course, the students can successfully complete this portion of the exam by performing all Student
Guide Labs in Days 3, 4 and 5. Instructor will score specific labs throughout course flow.
For all examinees other than ILT/Certification Course students:
Complete each of the following listed elements in the exam’s Performance Exam Tasks. Ensure
your instructor/proctor reviews the results of the task on your workstation. The
instructor/proctor will score you on the PE Part I performance criteria listed below.
Performance Exam Tasks:
• Add a cluster and an iSTAR Controller
• Configure the iSTAR Controller for use on C•CURE 9000
• Activate applicable iSTAR Controller services
• Add a Reader to the iSTAR ACM Board
— Configure the Reader and associated Door simulator inputs and outputs to the iSTAR
Controller
• Add Access Rights for admins and users
• Add Events
— Weekend Event
— No access to non-admin credentials over a Saturday and Sunday (full 24-
hours for each day)
— Alarm Event
— Door held open alarm (>10 seconds)
— Audible
— Holiday Event
— Christmas Holiday (25 December each year)
— Ties to Weekend event access (listed above)
• Assign a reader card to yourself as administrator with administrative credentials/privileges
• Add Personnel. Assign “John Doe” and “Jane Doe” to Personnel database with no access
control cards
— Assign John Doe with:
• user credentials
• expired credential
— Assign Jane Doe with
• administrator credentials
• active credential
• Add a generic map

— Insert Reader input/output icons and associated events

— Add the “C•CURE 9000 Reception User Guide” PDF from the “Manuals” folder as an
attachment
• Change a variable (stated by instructor on the board)
• Perform a proper back-up for recovery purposes.
C. PE1 PART III – Identify C•CURE 9000 Faults, Troubleshoot and Resolve Faults
Performance Exam Part III:
Required for all AC9001 Exam Takers/ILT/Certification Course students:
identify faults in their C•CURE 9000 training station hardware and/or software, using the
equipment/resources listed in Section II of this exam. The student will then troubleshoot the fault,
identifying its primary fault source (or related combined sources) and resolve the faults to place
C•CURE 9000 training station into satisfactory, operational condition.
• • The instructor/proctor, prior to this part of the exam will ask the student to step out of the
lab/classroom so as in insert faults in the student’s station. The student will then be
recalled to the classroom, where upon the student shall find, isolate and correct each fault
the instructor/proctor entered.
• • Upon completion of each fault find, isolation and correction, inform the
instructor/proctor. The instructor/proctor will verify if the student performed the necessary
performance tasks to meet this exam part’s criteria.
5. Upon PE1 Part I, II and III Completion
When all three parts of PE1 are completed, the instructor/proctor with tally your scores.
Instructors/Proctors have the option of reviewing the exam results with you upon
instructor/proctor discretion and/or allotment of time.

Glossary
8-bit, 16-bit, 32-bit, 64-bit
Capable of transferring 8, 16, 32, or 64 bits, respectively, on data bus lines. Eight bits are sometimes
referred to as a byte. Sixteen bits is a word. Thirty-two bits is a double word and sixty-four bits is a
quad word.
8-bit, 16-bit, 24-bit, 32-bit color

Specifies the number of possible colors. The number is a power of 2. Example: 8 bit color means 28 =
256 colors; 16 bit color means 216 = 65,536 colors, etc. 24 bit and 32 bit color are sometimes
referred to as true color.
10BaseT
A version of Ethernet in which stations are attached by twisted pair cable, the traditional cables used
for telephone lines. 10BaseT uses a star topology, and has a bandwidth of 10 megabits per second.
10BaseFL
A version of Ethernet that uses fiber and has a bandwidth of 10 megabits per second.
100BaseTX
A version of Ethernet that uses copper and has a bandwidth of 100 megabits per second.
100BaseFX
A version of Ethernet that uses fiber and has a bandwidth of 100 megabits per second.
1000BaseLX,SX
A version of Ethernet that uses fiber and has a bandwidth of 1 Gb per second.
1000BaseT
A version of Ethernet that uses copper and has a bandwidth of 1 Gb per second.
ABA 2
American Banking Association track 2. The track that magnetic signaling cards are normally recorded
on. The iSTAR field controllers support both Wiegand signaling and Magnetic (ABA 2) signaling.
access card

Token (typically a plastic card) by which a person is identified to the security system for access
control, usually for admittance through a door or passageway.
ACM
See Access Control Module .
Access Control Module

An iSTAR module that provides 8 readers, 8 outputs, and 16 inputs. There can be two ACM modules
per iSTAR. See ACM8W.
ACM8W
The ACM8W includes on-board reader processors that can support up to eight direct wired Wiegand
or proximity read head type modules. The ACM8W supports connections of up to eight RM Series
Readers or RM-4 Modules and has eight output relays and 16 Class A supervised inputs. The
ACM8W can also support up to eight I/8 Input Modules and eight
R/8 Output Modules.
action
An assigned response to a state change in a security object that requests a state change in another
security object. For example, an event could cause an action, with the action being “activate output.”
action request
A protocol message asking the target to change the state of an object. The target will act on the state
change request based on the object’s cause list.
activate
To cause a security object to become active, triggering the actions associated with the security object.
Active Directory
Active Directory provides a single point of management for Windows-based user accounts, clients,
servers, and applications. It also helps organizations integrate systems not using Windows with
Windows-based applications, and Windows-compatible devices, thus consolidating directories and
easing management of the entire network operating system.
activity
An activity is a collection of data that identifies and describes what is occurring in a subsystem
application. Activities occurring in subsystem applications are reported to the iSTAR General
Controller Module as Event Messages.

activity log
The portion of the journal database containing records of real-time system activity. See also
historical journal.
ADA
See alternate shunt.
administration privileges
Software privilege categories which control users’ level of access to menus and dialog boxes in the
Administration application.
■ One administration privilege may give users full rights (edit/create/delete/edit default) for
certain dialog boxes.
■ Another privilege may give them edit/create/delete rights.
■ A third privilege may give them only view rights for the dialog boxes.
■ A last group of users might be restricted from those dialog boxes entirely - have no access
privileges at all.
alarm circuit
The complete path of the electric current, including the input circuit, wiring, and alarm device.
alarm, alert
Sometimes used to refer to the active state of an alarm object.
alarm device
A sensor that is either on or off, connected to a C•CURE input. See also input.
alarm title
The display on an American Dynamics (AD) CCTV monitor of a cardholder’s name and admitted or
rejected status at a door. The Set Alarm Title action activates this display when a cardholder attempts
access at the door.
alternate master
The alternate master assumes responsibility for communications with the host and cluster in the
event of a communications failure on the primary communications path. If the secondary
communications path uses a second connection on the master, there is no alternate master
possibility.

alternate shunt
The Alternate Shunt (ADA) flag on a cardholder’s record is set when a person has Americans with
Disabilities (ADA) status. You configure the door output that activates to open the door when a user
with the Alternate Shunt (ADA) flag set swipes his or her card on a door-by-door basis. The alternate
shunt is sometimes used to control aircraft loading doors. The ADA output that is associated with the
alternate shunt is a 100 milli-second pulse output that is used to control automatic doors.
Americans with Disabilities (ADA) Act

See alternate shunt.
analog
Pertaining to or being a device or signal that is continuously varying in strength or quantity, such as
voltage or audio, rather than being a signal based on discrete units, such as the binary digits 1 and 0.
A lighting dimmer switch is an analog device because it is not based on absolute settings.
annunciate
To report the state of a security object (such as an event or input) on the Event Monitor or General
Activity monitor.
ANSI
Acronym for American National Standards Institute. A voluntary, nonprofit organization of business
and industry groups formed in 1918 for the development and adoption of trade and communication
standards in the United States. ANSI is the American representative of ISO (the International
Organization for Standardization). Among its many concerns, ANSI has developed recommendations
for the use of programming languages including FORTRAN, C, and COBOL, and various networking
technologies.
antipassback
Antipassback prevents a person from going through any door if they are not at that door “legally.” It
prevents “passing back” a card for another person to use as well as “tailgating.” See also global anti-
passback by cluster .
apC (legacy controllers)
application programming interface

A set of routines used by an application program to direct the performance of procedures by the
computer’s operating system. Acronym API. Also called application program interface.
APT-2

An alarm panel that monitors fire alarms, burglar alarms, forced entry events, and other security-
related activities. The APT-2 connect using a bi-directional interface. The panel can be installed
through a serial COMM port on the server or on the network through a terminal server.
archiving
Relocating video to offline, permanent storage for future retrieval. This process is handled by the
digital video server system. Also refers to archiving prior historical journals.
area
A location monitored with one or more entrance readers and one or more exit readers for
antipassback control and general monitoring of a cardholder’s location.
arm
To enable a security object so it will report state changes and act on action requests. Disarmed
supervised inputs will continue to report wiring tampering or supervision errors (short and open
conditions). Inputs and events can be armed.
armed
To “pay attention” to a security object. When a security object is armed, the system pays attention to
any changes in its state and can then perform appropriate actions. An intrusion zone that is armed is
considered to be in armed mode. See armed mode.
armed mode
Intrusion zone mode during which the area is protected - all doors are locked and all inputs are
armed. No one can enter an armed intrusion zone without activating these inputs and causing an
intrusion zone violation.
ASCII
Acronym for American Standard Code for Information Interchange. A coding scheme using seven or
eight bits, assigning numeric values to up to 256 characters, including letters, numerals, punctuation
marks, control characters, and other symbols. ASCII was developed in 1968 to standardize data
transmission among disparate hardware and software systems and is built into most minicomputers
and all PCs. ASCII is divided into two sets: 128 characters (standard ASCII) and an additional 128
(extended ASCII).
asset tracking
A system that is configured to detect and log asset movement. In such a configuration, access control
and asset tracking may be linked: asset movement plays a part in the access decision at a door.

audit log
The portion of the journal database containing records of configuration data that has been changed.
See also historical journal.
audit trail
The feature that tracks configuration changes, such as additions, modifications, and deletions, made
to security objects and personnel records in the configuration database.
automated personnel import

The process of importing personnel information from an external ODBC database rather than from
flat files. The process executes periodically in background mode and can also be triggered by
executing a DLL that can be purchased as part of the Real-time Application Programming Interface
(API). See also ODBC (open database connectivity) and DLL (dynamic link library).
baud rate
Rate of serial data transfer. Equivalent to bits per second. In most cases, divide this number by 10 to
get the number of bytes per second. This is because the typical character has 1 start bit, 8 data bits,
and 1 stop bit for a total of 10.
bit
A BInary digiT. The basic building block of card formats, computers and data transfer. A bit has 2
stable states, one and zero.
bits per second

Rate of serial data transfer.
backbone
In a hierarchical network, the backbone is the top level, employing high-speed data transmission and
serving as a major access point; smaller networks connect to the backbone.
backup
The technique of making copies of data that can be recovered in the event of a failure of the system.
The standard C•CURE backup is for the configuration database (CF), the current journal, and prior
journals. Badge portraits, sounds and maps should be separately backed up. Also see Not Ready to
Arm.
badge design module

The Badge Design module is a feature that allows the ability to define and save badge layouts,
including images, text, and barcodes, which can be sized and placed according to need.
badging
The ID option lets you layout, create and print badges.
Bi-directional Interface
A general purpose interface for third-party devices. The interface is through an RS-232
communications port which can also be through a terminal server. The user can define actions to
transmit and receive data to and from the device. Radionics alarm panels, the Stentofon intercom
system, and the Simplex-Grinnel fire panel have been interfaced to the C•CURE using this feature.
Bi-Di Action
An output message to a Bi-Di device.
Bi-Di Action Protocol

A set of Bi-Di actions.
Bi-Di Device
The device that the Bi-Di interface is communicating with. Supported devices are Radionics,
Stentofon, Inovonics, BiDVideo, Simplex-Grinnel Fire, and General Purpose.
Bi-Di Gateway
An Inovonics Gateway that multiple Inovonics transmitters can interface to.
Bi-Di Message Protocol

The mechanism to capture an incoming message from a Bi-Di device. The Message Protocol can be
used to activate events.
Bi-Di Poll
A form of a optional Bi-Di action that is used to poll the device.
Biometrics
The technique of using physical characteristics of a person such as finger prints, hand geometry, eye
structure or voice pattern for access control.
BLE

Bluetooth low energy (Bluetooth LE, BLE, Bluetooth Smart) is a wireless personal area network technology.
Mobile operating systems including iOS, Android, Windows Phone and BlackBerry, as well as MacOS, Linux,
Windows 8 and Windows 10, support Bluetooth Smart. It is characterized by low power requirements,
small size and cost, and compatibility with mobile phones, tablets, and computers.
bridge
A device that governs the flow of traffic between networks and network segments, forwarding
packets between them. The bridge sends a message from one network segment to another, if it is
addressed to the other segment; messages within a network segment are kept within the network,
thus making the flow of traffic more efficient. The device connects networks using the same
communications protocols so that information can be passed from one to the other. The device also
connects two LANs (local area networks), whether or not they use the same protocols, and allows
information to flow between them. The bridge operates at the ISO/OSI data link layer. Bridges have
been mostly replaced by switching hubs.
bridge router
A device that supports the functions of both a bridge and router. A bridge router links two segments
of a local or wide area network passing packets of data between either network as necessary, using
Level 2 addresses for routing.
byte
A group of 8 bits. Is sometimes broken into two 4 bit nibbles.
camera iris
The user can specify different iris settings for live video feeds and during flash snapshot capture. A
delay can also be specified, allowing for manual synchronization between snapshot capture and the
flash trigger.
camera type
Indicates the camera type, either Dome or Video. Dome cameras cover an area on a 360 degree
basis; video cameras are stationary, but may have zoom or move controls that allow a range of
coverage manipulated by an operator.
card format
The way information is encoded on a security access card. A definition of which field is the card
number, facility code, site code, etc.
card format offset

The offsetting or shifting of another card field such as Facility code into the personnel database card
number. This technique is used to differentiate between duplicate card numbers.
card format complement

The ability of applying what is known as the “ones complement” to a card field. The ones
complement means to reverse all of the bits. Example: the 1’s complement of 01100011 is
10011100. This technique is sometimes used to confuse would-be hackers.
cardholder
An employee or visitor who has been given a functional security access card. The access the card
provides is determined by values assigned in the clearance database.
card number
Name of a 32 bit field in the cardholder database that represents the card number. This field can also
include parts of other fields that have been offset into it. Also, a field on an access card. It is the field
that uniquely identifies that card. See also personnel and user.
card reader
See Reader.
carrier
See paging carrier.
cause list
The set of actions that affect the current state of an object. For example, all the active output change
requests together affect the status for an output. The cause list always has at least one ‘cause,’ which
is the default state of the value. The state is determined by the highest priority cause. If causes have
equal priority, the most recent one takes precedence.
CCTV
Closed Circuit TeleVision. A feature that lets you control video cameras and monitors that are
attached to a CCTV switcher.
ccure.ini
The initialization file that is read every time any of the C•CURE software modules is executed. It
contains configuration information such as how many characters there are in the PIN. There is a
diagnostic program called Diag System that is used to edit the file. The file is located in the
%root%\ccure800 directory.

C•CURE Central
A browser-based cardholder management application that can be purchased separately. This
application enables a user to administer personnel for a network of servers.
C•CURE ID
The imaging and badging system available as an option.
clearance
A security object containing a list of doors and/or elevators along with times during which the
cardholder is allowed access.
client
A PC that uses the services provided by a Server, which contains centralized data. The Client provides
the administration interface, reporting capabilities, monitoring, maps and badging.
client time zone

The time zone for a client PC, set on the Windows8.1/10 Control Panel using the Date/Time icon.
Closed Circuit Television (CCTV)

See CCTV.
cluster
A cluster is a user-defined group of one or more iSTAR controllers that can communicate with each
other, such that a designated Master is the centered iSTAR communicator with the host.
coaxial cable
A round, flexible, two-conductor cable consisting of (from the center outwards) a copper wire, a layer
of protective insulation, a braided metal mesh sleeve, and an outer shield, or jacket of PVC or fire-
resistant material. The shield prevents signals transmitted on the center wire from affecting nearby
components and prevents external interference from affecting the signal carried on the center wire.
Coaxial cable is used in networks and is similar to the type of wiring that is used for cable television.
common data
All data in the database that is considered system-wide data and that is not partitioned. Access to
common data is limited by user privileges. Common data includes object types such as inputs,
outputs, readers, areas, time zones, and personnel views.
communications

See primary communications path and secondary communications path.
company code
See site code and facility code.
connection path database

Contains the following information on all iSTAR controllers in the cluster: MAC address, IP address,
type of device (master, member, host), and connection method (Ethernet, serial, dialup). See also
media access control (MAC) address.
connection verification (keep alive or heartbeat)

A short message, sent by the Host or an iSTAR controller during periods of message inactivity that
lets the recipient know that the transmitter is connected and operating correctly. Users configure the
message frequency.
controller ID
The 32-bit IP Address of each General Controller Module that uniquely identifies each iSTAR.
controller or cluster member (slave)

An iSTAR controller that is connected to a master controller within a cluster.
Cross cluster antipassback

The ability to enforce antipassback across multiple iSTAR clusters.
DB-9
A standard 9-pin connector that is typically used with COMM ports.
DB-25
A standard 25-pin connector that is typically used with COMM ports and modems.
DCE
Data Communications Equipment. The port should have female pins and the required crossover
connection inside the device. A modem is a typical DCE device. When you connect a DTE device to a
DCE device there is no need to provide an external crossover (null modem).
deactivate
To cause a security object to become inactive.

DES
Data Encryption Standard - The name of the Federal Information Processing Standard (FIPS), which
describes the data encryption algorithm (DEA). DES and DEA are interchangeable. The DEA has a 64-
bit block size and uses a 56-bit key during execution (8 parity bits a re stripped off from the full 64-
bit key).
DES 3
Triple DES (3 DES) - The same as DES except that the input data is, in effect, encrypted three times
using three keys. This mode of encryption is sometimes referred to as DES-EDE.
DHCP
Dynamic Host Configuration Protocol. A server that leases out and manages IP addresses on the
network.
Diag system
A utility program used to edit the ccure.ini file. See also ccure.ini.
dialup
apCs, apC/8Xs, and apC/Ls (all legacy controllers) that communicate with the host via standard
telephone lines and Software House provided Multitech modems. These panels are connected to the
host only when a telephone connection has been established. See also direct connect.
digital
Related to digits or the way they are represented. In computing, analogous to binary because the
computers familiar to most people process information coded as combinations of binary digits (bits).
digital video cameras

NetVue provides independent camera configuration, which includes camera name (up to 32
characters), description, maximum pre-alarm time, and maximum post-alarm time.
NetVue also provides independent camera controls, including pan and tilt zoom controls. NetVue
recognizes the digital video server (DVS) and channel to which the camera is connected.
digital video servers (DVS)

NetVue is a scalable system, so different digital video systems may be used. It is necessary for users
to obtain the appropriate license for each supported video server system in their configuration.
Currently, Nice, Loronix, Integrel and Intellex Systems are supported.
direct cable connection

A link between the I/O ports of two computers using a single cable rather than a modem or other
interface device.
direct connect
apCs, apC/8Xs, and apC/Ls (all legacy controllers) that are in continuous communication with the
host. These panels may be directly wired to the host with copper or fiber optics, or connected long
distance via lease line modems or line drivers. The host expects to be in communication with the
panels at all times as contrasted to dialup panels where the contact is periodic. See also dialup.
directional input
Input used to define directionality for doors with asset tracking.
disarmed
To ignore a security object’s state changes, but still monitor supervision errors. An intrusion zone
that is disarmed is considered to be in disarmed mode. See disarmed mode.
disarmed mode
Intrusion zone mode that allows personnel to move freely throughout the intrusion zone without
causing intrusion zone violations. When an intrusion zone is in disarmed mode, the inputs assigned
to that intrusion zone are disarmed and do not generate intrusion zone violations when activated.
When the intrusion zone is in disarmed mode, the user may configure the intrusion zone doors to be
both unlocked, allowing free access, or locked to control access.
DLL (dynamic link library)

A collection of library routines, any of which can be called when needed by a larger program that is
running in the computer. The small program that lets the larger program communicate with a
specific device - for example, a printer or scanner - is often packaged as a DLL program (usually
referred to as a DLL file). DLL files save space in RAM. When, and if, a DLL file is needed, it is loaded
and run. For example, as long as a Microsoft Word user is editing a document, the printer DLL file
does not need to be loaded into RAM. When the user decides to print the document, the Word
application then causes the printer DLL file to be loaded and run.
DNS
Domain Name Service. A server or series of servers that translates IP addresses into Fully Qualified
Domain Names (FQDN) or FQDNs to IP addresses.
Domain

A group of computers and devices on a network that are administered as a unit with common rules and
procedures. Within the Internet, domains are defined by the IP address. Domains also refer to the
redundant servers and associated failover group under Legato AAM.
door
The passageway through which the system controls access. A door can be configured with up to two
access readers and a Door Latch Relay, or one reader and a Request to Exit (RTE). If you have the
Asset Manager option, the door can also include up to two asset readers.
door latch relay

An output in the system which controls the physical lock for the door.
door switch monitor (DSM)

An input that monitors whether a door is opened or closed. It can be set for automatic shunting so
alarms do not occur during normal door access.
DRAM
Dynamic Random Access Memory for local database/event storage on the GCM.
dry contact
A relay contact that does not have a voltage source on it. Used to switch power to an output device.
DSN (data source name)

An ODBC data source configured on the ODBC Data Source Administrator dialog box accessed from
the Windows 8.1/10 Control Panel. See also ODBC (open database connectivity).
DTE
Data Terminal Equipment. The port should have male pins. PCs and dumb terminals are typical DCE
devices. When you connect a DTE device to a DCE device there is no need to provide an external
crossover (null modem). When you connect a DTE to a DTE there is a need for an external crossover
or null modem.
duress message
A message sent if a person is forced by an intruder to open a door. The card formats are set up so
that a reverse swipe at a reader sends a duress message to the Monitoring Station. The duress
condition can also be signaled by entering the PIN plus 1 if it is a proximity card.
e-mail

Electronic mail (messages) automatically passed from one computer user to another through a
computer network and/or via modems over common-carrier lines.
employee
A cardholder with a Person Type of Employee. This person will usually have access to all or most
buildings and secure areas.
Entrance Delay Shunt

Used to configure inputs on an iSTAR intrusion zone. If the Entrance Delay Shunt is selected, the
input will not cause a violation during the entrance delay time. This is usually used to shunt a motion
sensor inside the zone if you have to enter the zone in order to disarm the zone.
Entrance Delay Trigger

Used to configure inputs on an iSTAR intrusion zone. If the Entrance Delay Trigger is selected, the
input will trigger an entrance delay when it is asserted. This might be used for a key operated door
into an iSTAR intrusion zone. Inputs that are configured to trigger an entrance delay must also be
shunted during the entrance delay.
ethernet
The most popular type of local area network, sending communications using signals carried by a
coaxial cable, fiber-optic cable, or by twisted pair wiring. Ethernet uses a bus or star topology and
relies on the form of access known as Carrier Sense Multiple Access with Collision Detection
(CSMA/CD) to regulate communication line traffic.
Each computer checks to see if another computer is transmitting and waits its turn to transmit. If two
computers accidentally transmit at the same time and their messages collide, they wait and send
again in turn. Data is transmitted in variable length frames containing delivery and control
information and up to 1,500 bytes of data.
The Ethernet standard provides for base band transmission at 10 megabits (10 million bits) per
second and is available in various forms, including those known as Thin Ethernet, Thick Ethernet,
10Base2, 10Base5, 10Base-F, and 10Base-T. The IEEE standard dubbed 802.3z, or Gigabit Ethernet,
operates at 10 times 100 Mbps speed. Software protocols used by Ethernet systems vary but include
Novell Netware and TCP/IP. The General Controller Modules support communication by means of
the Ethernet, using TCP/IP.
escort
A cardholder with a Person Type of Escort. This cardholder security clearance enables an employee
to act as an escort for one or more individuals or for a group of individuals.
escorted access

A feature that allows access to visitors when accompanied by a cardholder acting as an escort. The
escort is assigned a cardholder Person Type of Escort; those who are allowed access with the escort
are assigned a cardholder Person Type of Escorted Visitor. Escorted visitors gain access only when
with an escort.
escorted timer
After a visitor presents her card to a reader, a time out period activates during which the next
cardholder must present his card to the reader before a time-out occurs and the visitor is not
granted access.
escorted access violation

An Escorted Access Violation occurs when a visitor presents a card at a reader without a valid escort
also presenting a card, as well. A violation can also occur when a cardholder does not present his
card within the designated time period for access.
escorted visitor
Escorted Visitor is a cardholder Person Type. An escorted visitor can enter a facility only if
accompanied by a cardholder with an Escort Person Type clearance. An escort presents her badge at
a reader and then the escorted visitor presents his badge. Access is then granted to both cardholders.
even parity
An error checking mechanism that requires that the total number of one bits, including the parity bit,
is even. Used to verify the left side of Wiegand cards and for the longitudinal check character of a
magnetic card.
event
An event is a security object that lets you link actions, annunciations, and timed activations into one
component. Events are triggered by state changes such as input activations, rejected accesses, or
duress, or can be scheduled for specific times. Events can perform multiple functions depending on
the actions you associate with them. For example, you can configure an event so that it sounds an
alarm, or unlocks various doors.
event beeping (event-audible alert)

A system-wide option that causes the monitoring station to beep periodically when the highest-
priority unacknowledged event activates.
event breakthrough

A feature which causes the monitoring station to become the active window (pop open, move to the
top of the open applications, and enlarge) when an event requiring acknowledgment activates.
event priority
When events are configured they are given a priority level from 1 (low) to 200 (high). If two or more
events are trying to perform conflicting actions, the event with the highest priority will win. If the
conflicting events have the same priority, then the one that occurred last will win. Manual actions
executed from the Monitor Station are subject to the same priority rules.
event sound
A feature that causes the monitoring station to play a sound instead of a beep, once or periodically,
when the highest-priority unacknowledged event activates.
external database
An ODBC-compliant database outside the C·CURE System from which C·CURE personnel data
records are imported.
facility code
Data field on an access card that contains information unique to the facility where the card is issued.
field
Has two definitions:
In personnel views, a field is a dialog box element in the Layout area of the Configure Layout
dialog box that is composed of one or two widgets. For example, PIN and its edit field are one field.
In the personnel record database, a field contains values that are stored in the cardholder record
database.
Fire wall
A form of router that is programmed to allow only certain IP addresses and TCP ports to pass
through.
fixed data field

Field on an access card that is the same for all access cards of a particular card format used in the
system.
flash ROM
A non-volatile memory chip that you can reprogram online while the chip is installed in the panel.

follow input
An input whose activation triggers the arming of an intrusion zone and whose deactivation triggers
the disarming of the same intrusion zone. An input, such as a key or switch which has definite on and
off positions, is an example of a follow input. See also toggle input and input.
force arm
Action taken on an intrusion zone to change its mode to armed. If an intrusion zone’s status is Not
Ready to Arm, you must use the Force-Arm manual action to arm the zone. The status of an
intrusion zone in disarmed mode is Not Ready to Arm, if:
■ Any object assigned to the intrusion zone is not functioning normally.
■ An intrusion zone input is active.
■ An intrusion zone door is open.
See armed and armed mode
FQDN
Fully Qualified Domain Name. Example: HA1.accesssecurity.com
gateway router
A device that connects two computer networks that use different protocols. It translates between
protocols so that devices in the connected networks can exchange data. For example, commercial
online services often have gateways for sending email to Internet addresses. A Microsoft Gateway is
another word for Router.
gateway IP address
IP address for the gateway router.
GCM
General Controller Module - embedded microprocessor based controller card for iSTAR.
General Purpose Interface

See Bi-directional Interface.
global anti-passback by cluster

The sharing of cardholder anti-passback status among iSTAR controllers in a C•CURE area within a
cluster.
GMT

Greenwich mean time, the local time at the 0 meridian passing through Greenwich, England.
Greenwich mean time is the same everywhere. Also referred to as Universal Time (UT or UTC) or
ZULU time.
grace a card
Used to forgive an antipassback. It allows the next access by this cardholder to work. There is also a
Grace All function which allows all cardholders a free access.
group
A collection of security objects you can refer to using one name. Groups let you apply system
conditions (such as a time specification) to more than one object at a time. Generally, anywhere in
the system you can specify the name of a security object, you can also specify a group name. A
group contains only objects of the same type.
group box
A widget in the layout area of the Configure Layout dialog box that consists of a box and label. See
group of fields and widget.
group of fields
A group box and the fields and other group boxes that are located within the group box. See group
box.
header character
A value that defines the first character in a message from a Bi-Di device.
Hexadecimal
Using sixteen rather than ten as the base for representing numbers by digits. The hexadecimal
system uses the digits 0 through 9 for the digits zero through nine and the letters A through F
(uppercase or lowercase) for the digits ten through fifteen. One hexadecimal digit is equivalent to
four bits, and one byte can be expressed by two hexadecimal digits. For example, binary 0101 0011
corresponds to hexadecimal 53. To prevent confusion with decimal numbers, hexadecimal numbers
in programs or documentation are usually followed by H or preceded by &, $, or 0x. Thus, 10H =
decimal 16; 100H = decimal 256.
historical journal
The database that tracks two types of information: activity occurring in the system and monitored by
the system, such as accesses, rejects, event activations, and input/output state changes (activity log);
and changes made to the database through the Administration application, including additions,

modifications, and deletions of security objects and personnel records (audit log). The historical
journal may consist of several separate journal files.
historical video journal

Video actions are listed in the Journal, along with the associated event id. It is possible to replay the
video segment from the Journal Replay function.
Holiday
An object that nullifies Time Specification based activities when the Holiday occurs. This is the object
that ensures that the doors do not unlock on Thanksgiving but do unlock on other Thursdays.
Holidays can be configured to be Once, Weekly, Monthly, and Yearly.
Holiday list
Groups of Holidays. There can be a maximum of 24 lists downloaded to iSTARs.
home server
A read-only field on the Personnel dialog box that identifies the home server of a personnel record
for C•CURE Central, the browser-based central cardholder management system. The home server is
the name of the server where the personnel record was created and controls whether or not the
global data of a personnel record can be edited. This field must be added to the Personnel dialog
box.
host
The database and journal applications, residing on a host computer, interfaced to the iSTAR
intelligent computer system. The host is used for initial cluster configuration, report activity
generation, and management of peripheral hardware.
HostID
During the installation, C•CURE 9000 generates a 12-hex character HostID that identifies each
network interface card (NIC) in the Server computer. The integrator must choose any one of the
HostIDs to send to Software House to request a new encrypted permanent license.
I/8 input module

A Reader Bus Module that monitors 8 supervised inputs and 1 tamper input. The I/8 Input Module
connects to the reader bus on the iSTAR ACM.
I/8 CSI

The I8-CSI (Configurable Supervised Inputs) module enhances the functionality of the standard I/8
module by supporting numerous supervised circuit types and end-of-line (EOL) resistance values,
allowing the I8-CSI to accommodate existing field wiring without changing EOL resistors.
ICU
iSTAR Configuration Utility. Used to setup the initial IP address and Master/Slave status.
input
A security object that reports on the state of the security system. An input is connected to a switch
which may be an alarm device. Examples of inputs are door switch monitors and motion detectors.
Also known as a monitor point. See also security object and alarm device.
intrusion zone (iSTAR)

User-defined group of doors and inputs that delineate a physical area monitored for alarms. The
inputs assigned to an intrusion zone are usually used to monitor intrusion in the area. The doors
assigned to an intrusion zone are used to define the entrance and exit points for the zone. In addition
to doors and inputs, the user may assign four events to an intrusion zone. These events are used to
indicate the current mode and status of the intrusion zone.
intrusion zone doors

One or more doors assigned to an intrusion zone that define the entrance and exit points for the
intrusion zone.
Intrusion zone events (iSTAR)

Events that indicate the current mode and status of an iSTAR intrusion zone.
intrusion zone inputs

One or more inputs assigned to an intrusion zone that define the intrusion monitoring points for the
area.
intrusion zone readers

All readers assigned to the intrusion zone doors.
IP-ACM
An iSTAR module that provides management of 2 Doors with up to 2 RM or Wiegand readers, 4
inputs and 2 outputs. The IP-ACM connects to an Ultra controller GCM via Ethernet over TCP/IP.
There can be two IP-ACM modules per iSTAR Ultra controller.

IP Address
Short for Internet Protocol address. A 32-bit (4-byte) binary number that uniquely identifies a host
(computer) connected to other TCP/IP hosts, for the purposes of communication through the
transfer of packets. An IP address is expressed in “dotted quad” format, consisting of the decimal
values of its four bytes, separated with periods; for example, 127.0.0.1. The first one, two, or three
bytes of the IP address identify the network the host is connected to; the remaining bits identify the
host itself. The 32 bits of all 4 bytes together can signify 232, or roughly 4 billion, hosts. (A few small
ranges within that set of numbers are not used.) Also called Internet Protocol number, IP number.
IP address (Version 4)
The IP Address (version 4) is a logical 32-bit number, divided into 4 bytes of 8 bits, that is configured
for all devices communicating on a network using the TCP/IP protocol. Each device, including iSTAR
controllers, must have a unique IP address. Example 172.31.101.234.
IP address (Version 6)
Version 6 IP addresses will support 128-bit numbers. Also known as IPng. IP version 6 consists of 8
groups of 16 bits. Example 22:62457:1:0:0:345:89:7654.
ipconfig
A Windows command to display the IP addresses of the NIC cards on a computer. Can also be used
to release or renew a DHCP lease of an IP address.
ISO
Short for International Organization for Standardization (often incorrectly identified as an acronym
for International Standards Organization), an international association of countries, each of which is
represented by its leading standard-setting organization—for example, ANSI (American National
Standards Institute) for the United States. The ISO works to establish global standards for
communications and information exchange. Primary among its accomplishments is the widely
accepted ISO/OSI model, which defines standards for the interaction of computers connected by
communications networks. ISO is not an acronym; rather, it is derived from the Greek word isos,
which means “equal” and is the root of the prefix “iso.”
ISO/OSI reference model

Short for International Organization for Standardization Open Systems Interconnection reference
model. A layered architecture (plan) that standardizes levels of service and types of interaction for
computers exchanging information through a communications network. The ISO/OSI reference
model separates computer-to-computer communications into seven protocol layers, or levels, each
building—and relying—upon the standards contained in the levels below it. The lowest of the seven
layers deals solely with hardware links; the highest deals with software interactions at the

application-program level. It is a fundamental blueprint designed to help guide the creation of

networking hardware and software. Also called OSI reference model.
issue code
Field on the access card that indicates how many times the card has been replaced. Is unique per
individual and is considered as part of the access decision.
iSTAR System
The collection of all iSTAR controllers that are configured by and report to a host. An intelligent
controller system built around the embedded Windows CE operating system. iSTAR is a self
operating networked device; a host downloads a database and journal information into the firmware
upon initializing.
journal
See historical journal.
Keypad Commands
A feature that allows you to enter commands through a reader keypad. These commands are linked
to events which can cause the various event actions to occur. The events that a keypad command is
linked to must be downloaded to an iSTAR cluster.
keypad duress
A feature that allows a user at a door in a duress situation (being held at gun point, for example) to
enter a code that triggers an alarm — if the reader has a keypad. Duress is indicated by entering
PIN+1 on the keypad; for example, if the user’s PIN is 1234, enter 1235 on the keypad to indicate
duress. See also duress message.
KPC
See Key Pad Commands.
LAN
Local Area Network. A network that connects computers that are close to each other, usually in the
same building, linked by a cable.
latency
Generally, wasted time such as waiting for a disk seek. Also used to define the time it takes to get
from one end of a network to the other.

LBJ
The jumpers that are used to configure features on iSTAR XL’s, I/8’s, R/8’s, etc. are sometimes
referred to as “little black jumpers” or LBJs.
LCD
Liquid Crystal Display. A display that is used on RM readers and RM-4s.
LED
Light Emitting Diode. Display lights that are used in many parts of the hardware. The colors are
green, red, and yellow.
logical Input
A logical input can be either a physical input triggered by a device or a user-defined message. See
also user defined message.
logical network
A way to describe the topology, or layout, of a computer network. Referring to a logical (rather than
physical) topology describes the way information moves through the network—for example in a
straight line (bus topology) or in a circle (ring topology). The difference between describing a
network as logical or physical is sometimes subtle because the physical network (the actual layout of
hardware and cabling) doesn’t necessarily resemble the logical network (the path followed by
transmissions). A logical ring, for example, might include groups of computers cabled octopus-like to
hardware “collection points” which, in turn, are cabled to one another. In such a network, even
though the physical layout of computers and connecting hardware might not visually resemble a
ring, the logical layout followed by network transmissions would, indeed, be circular.
MAG 14 format
Industry standard magnetic format. Has a facility code, site code, card number, and issue code. Uses
Magnetic signaling.
manual action
An action performed by security personnel from the Event Monitor or General Activity Monitor, such
as locking or unlocking a door, activating or deactivating an output or event, or disarming an input
or event. Manual actions can be programmed beforehand by the administrator.
master controller

The Master Controller is the iSTAR controller that is responsible for Host communications for a
cluster of iSTAR controllers. Each of the controllers in the cluster is connected to the Master
Controller via Ethernet and all communication with the Host is routed through the Master Controller.
media access control (MAC) address

MAC addresses are unique hardware addresses that are flashed onto network devices, including
iSTAR controllers. They are 48-bit values that are split into 12 nibbles. Example: 00-50-f9-00-10-ab.
The first 6 nibbles are known as the vendor portion. All iSTARs will have a MAC address of 00-50-f9-
nn-nn-nn.
MIFARE
A contactless smart card method that operates at 13.56 MHz.
mode
A state variable of a reader on a door that determines, in general, how access requests are processed;
the mode can be locked, unlocked, or secure.
modem
An electronic device that converts the computer system’s digital information into analog information
and transmits it over a telephone line. When receiving, a modem converts signals from analog to
digital. The procedure is known as MOdulate-DEModulate.
monitoring privileges
Software privilege categories which control users’ level of access to security objects and activity
messages at the monitoring station and in journal replay. If access to a specific security object is
restricted, users cannot view the object’s status at the monitoring station, view activity messages or
journal replays referencing the object, or perform manual actions on the object.
MRM
The original RM reader module. Replaced by the RM-4.
NAT
Network Address Translation. A type of gateway that allows computers on one side to communicate
to the other side using a public IP address that is common to all of them. The NAT server routes the
information to and from the computers using unique TCP ports for each computer.
NetVideo
See NetVue.

NetVue
An optional feature, integrating both live and stored digital video through a network . The integration
includes both Software House-provided equipment, such as Intellex, and third-party equipment, such
as NICE.
NetVue action
Defined activity performed by the Digital Video System, such as capturing video and real-time
recording of events. See also action, event, and manual action.
NetVue mapping
Allows the launching of live video at the Monitoring Station from NetVue dome and fixed video
camera icons located on a map of the facility (configured in the Administration application). The
icon’s shape/color indicates the current state of the dome or fixed camera.
network
A group of computers and associated devices that are connected by communications facilities. A
network can involve permanent connections, such as cables, or temporary connections made
through telephone or other communication links. A network can be as small as a LAN (local area
network) consisting of a few computers, printers, and other devices, or it can consist of many small
and large computers distributed over a vast geographic area (WAN or wide area network).
Network Interface card (NIC)

An interface to a network that has an IP address. Used in the host computer and iSTARs. Some
computers can have more than one and are then called multi-homed.
nibble
A group of 4 bits. Half of a byte.
node
A personal computer on a network.
Not Ready to Arm

A state of an intrusion zone that indicates that one of the monitored conditions of the intrusion zone
is asserted. If the zone were to be armed, it would immediately have a violation. When Not Ready to
Arm is true, you must either correct the condition or Force Arm the zone. If you Force Arm the zone,
there will not be a violation but the Not Ready to Arm condition will persist. The reason you might
Force Arm is that the monitored device might be faulty and until the device is repaired or replaced,
you still want to arm the zone.

null modem
A device that provides the required crossover when connecting a DTE device to a DTE device.
ODBC (open database connectivity)

ODBC refers to a standard API that allows programmers to access a database using SQL commands.
A user of Windows can define ODBC drivers and pre-configured, named ODBC connections from the
control panel.
odd parity
An error checking mechanism that requires that the total number of one bits, including the parity bit,
is odd. Used to verify the right side of Wiegand cards and for each character of a magnetic card.
offline
Pertaining to the operation of a security object. When a security object such as a event is offline;
ignores all state changes of the object, including requests to arm it.
offset value
A feature allowing users to create a card number composed of two or more fields in the card format.
Useful when there are multiple cards with the same card numbers and different facility or site codes.
on-board Flash ROM

Non-volatile storage device on the General Controller Module that stores the iSTARs firmware, MAC
address, IP address, and IP address of the Gateway router. This firmware is easily upgraded through
the host or ICU utility.
online
Pertaining to the operation of a security object. When a security object is online, the monitors state
changes of the object.
output
A security object that turns a device on or off when given instructions from the system. Also known
as a control point.
page
To transmit a message to a pager device.
page message

The message that a user creates and transmits to a pager device.
paging carrier
The service or device that communicates with a pager to send pages.
partitioning
Segmenting the data in a database so that users of the system may create and have access only to
the data in their assigned segment(s). Access to data in a database partition is limited by the user’s
partition assignment, followed by their user privileges.
partition administrator
The person responsible for the configuration and maintenance of all common data in the database.
The partition administrator is also responsible for creating and monitoring partitions.
passback
A term designating a specific anti-passback violation wherein an access card is presented at an anti-
passback reader that accesses the same area/region as the last recorded access for that card. The
computer assumes the cardholder has already passed through a reader with the same area
assignments, but has not yet been recorded as passing the other way. (On readers with DSMs, the
computer only logs the cardholder into the area if the card has been presented and the door opened.
For doors without DSMs, the cardholder is automatically logged into the area when the access is
granted.) The computer assumes the cardholder from the first presentation already entered the area
and that a second cardholder is now trying to enter using the first person’s card, which was “passed
back” to them.
PC CARD
Previously referred to as PCMCIA - industry standard interface to small, plug-in peripheral cards,
such as modems, memory expansion, and network cards. iSTAR supports a Type III slot.
Personal Identification Number (PIN)

A number assigned to a cardholder by a system administrator. It can be entered on a card reader
keypad for further identification.
personnel
A person about whom information, such as name and card number, is stored in a personnel record .
personnel record
A collection of data items, such as name and card number, which identify a person .

personnel view
Personnel record dialog boxes customized for specific users.
physical network
One of two ways of describing the topology, or layout, of a computer network; the other is logical
network. A physical network refers to the actual configuration of the hardware forming a network—
that is, to the computers, connecting hardware, and, especially, the cabling patterns that give the
network its shape. Basic physical layouts include the bus, ring, and star topologies.
Ping
A Windows command that can be used to determine connection to a network device.
post-alarm time
Defines the stop time for a video segment.
pre-alarm time
Defines the start time for a video segment.
primary communications path

The Primary Communications Path is the first communication path that is used by a controller and a
host in an iSTAR cluster.
priority
A method by which the system orders events at the event monitor and resolves conflicts between
two or more causes with conflicting actions. If two events affect the same security object, the
prevailing action is that of the event with the highest priority.
Progress database
The database used in the C•CURE 800.
property
The definition of attributes for a tab control, widget, field, or group of fields. This term is applicable to
the configuration layout dialog boxes for personnel.
PTZ
A control that enables remote camera actions Pan, Tilt, or Zoom, to be performed on a NetVue dome
camera.

pulse
To activate or deactivate an output for a previously specified length of time.
R/8 Output Module

A Reader-bus Module that controls 8 outputs and monitors 1 tamper input.
Radionics
A brand of alarm system that is integrated with the system.
RAM
Random access memory.
RAS/RRAS (Remote Access Service)

A Windows feature that allows remote users access to the network. Also used by iSTAR for dialup
and direct serial connections.
Reader
A physical device, also called a read head, that incorporates specific technology to read cards and
interacts with an access control card to communicate card reads. Also known as a card reader.
Reader-bus
The RS-485 port on an ACM which is used to communicate with reader-bus modules (RM Reader,
I/8 and R/8) in a bus topology.
Reader-bus module
An RM Reader Module, I/8 Input Module or R/8 Output Module which communicates with an ACM
via the reader-bus. All reader-bus modules communicate using the ACM reader-bus Protocol.
receiver
A major component in a Radionics alarm system that communicates with elements of the alarm
system. May also be referred to as a gateway or communications receiver.
receiver number
Each general purpose receiver has a unique number.
recipient

Person to whom an e-mail or page is sent.
relay
A component of an output. All Software House outputs have associated relays except for the RM-4
outputs. When using the RM-4 outputs connect an ARM-1 relay module.
Remote Access Service

See RAS/RRAS (Remote Access Service).
replication
The capability to duplicate personnel data between a C•CURE Central server and local servers.
request to exit (RTE)

An exit request made by activating an input. The system ignores (shunts) the associated door’s
monitor and unlocks the door, if necessary.
RM
Reader Module used to convert magnetic and Wiegand data from a reader, as well as bi-directional
control data, to an RS-485 bit stream to talk to a controller (iSTAR). The board can be housed in RM
Readers or externally connected to readers. The RM-4 personality module provides two supervised
inputs and two outputs. The RM-4 outputs do not have relays, only the drive circuitry; so an auxiliary
relay module, the ARM-1, must be wired within 25ft. of the output. The RM-4E has relay outputs and
built-in circuitry for maglock doors.
RM Reader Module
A Reader-bus Module with a read head used to read magnetic or Wiegand card data, 2 general
purpose supervised inputs, 2 outputs, 1 tamper input, an audible sounder, and an optional LCD
display and an optional keypad.
RM LCD messages
Messages displayed on an RM reader that indicate different states to cardholders. Users can
customize sets of messages for the facility or site.
RoHS
Restriction of Hazardous Substances. A CE directive to prohibit lead and other substances on
electronic printed circuit boards.
Roll call report

A report that can be run from either the Administration client or the Monitoring Station, indicating
who is in a particular area. Typically used in emergencies.
ROM
Acronym for read-only memory. A semiconductor circuit into which code or data is permanently
installed by the manufacturing process.
router
A device that finds the best path for a data packet to be sent from one network to another. A router
stores and forwards electronic messages between networks, first determining all possible paths to
the destination address and then picking the most expedient route, based on the traffic load and the
number of hops.
Routing by Time of Day

Routing by Time Of Day (RTOD) is a feature that automatically changes a guard’s privileges based on
the time of day. RTOD builds upon Monitoring Privileges and Time Specifications. With RTOD, each
guard has two sets of monitoring privileges that are controlled by the security system’s
administrator. RTOD could be used to differentiate on-duty privileges versus off-duty privileges. The
on-duty privileges are applied during the Time Specification and the off-duty privileges are applied
outside of the Time Specification.
RS-232
An accepted industry standard for serial communications connections. Adopted by the Electrical
Industries Association, this Recommended Standard (RS) defines the specific lines and signal
characteristics used by serial communications controllers to standardize the transmission of serial
data between devices. Used to connect Bi-Directional devices to the host. Maximum length is 50 feet
without line drivers.
RS-422
A two-node serial connection wired the same as RS-485.
RS-485
A multi-node bus to connect up to 32 nodes. The method is a differential signal method, where the
transmit and receive signals have their own ground wire. The bus can be up to 4000 feet. RS-485 (2
wire) is used for all reader busses.
RTOD
See Routing by Time of Day.

RXD
Short for Receive (rx) Data. A line used to carry received serial data from one device to another, such
as from a modem to a computer. Pin 3 is the RXD line in RS-232-C connections.
salvo
A CCTV function that defines a group of cameras that can be called simultaneously to a contiguous
group of monitors.
secondary communications path

The Secondary Communications Path is used only if there is a communications failure on the
primary communications path between the host and the cluster master. Secondary communication
can be direct serial, dialup, or network.
secure door
Sets the door so that it cannot be unlocked. In essence, this action disarms the reader associated with
the secured door. This action is reversed by either locking or unlocking the door.
security object
An entity defined or controlled by the system: for example, inputs, outputs, holidays, and time
specifications.
security system integration

Any event can be associated with a digital video segment in real time and can have a video pre- and
post-time definition. The associated video segment can be retrieved at any Monitoring Station or
Administration application during a journal replay.
Any event that has been linked to a video segment and that has been annunciated at the Monitoring
Station will have an associated video icon so that the user can click the icon and view the pre-
recorded associated video segment.
sequence
A CCTV function that sequentially displays a selected series of camera video inputs on any monitor
for a pre-set amount of time (the dwell time).
serial
Serial means one by one. For example, in serial transmission, information is transferred one bit at a
time, and a serial computer has only one arithmetic logic unit, which must execute the whole
program one step at a time. RS-232, 422, and 485 are all serial transfer methods.

serial connect
iSTAR master, controller of an iSTAR cluster in continuous communication with the C•CURE
800/8000 host by means of a serial connection (RS-232). The host expects to be in communication
with the controller at all times, as contrasted to dialup iSTARs where the contact is periodic.
Connection is established using RAS. See also dialup and An interface to a network that has an IP
address. Used in the host computer and iSTARs. Some computers can have more than one and are
then called multi-homed..
serial connection/communication
The exchange of information between computers or between computers and peripheral devices one
bit at a time over a single channel. Serial communications can be synchronous or asynchronous.
Both sender and receiver must use the same baud rate, parity, and control information.
serial port
An input/output location (channel) that sends and receives data to and from a computer’s central
processing unit or a communications device one bit at a time. Serial ports are used for serial data
communication and as interfaces with some peripheral devices, such as mice and printers. Serial
ports typically use RS-232.
server
The PC that manages the security environment, including communications with PCs that perform
monitoring and administrative functions. The Server also stores and manages the application
configuration database and the historical journal.
server time zone

The time zone for the server PC, set on the Windows 2000/NT Control Panel using the Date/Time
icon.
shunt
To ignore an input. Most common use is to ignore the DSM when the door opens after a legitimate
door access or REX.
SIMM
Single Inline Memory Module.
site code
Field on an access card that identifies the site for companies that have several sites.

smart card
A card that can be written to. Some require contact and others are wireless. Smart cards can contain
a monetary balance that is deducted from when the card is used to buy something. It is now
common for smart cards to be used in access control. In one application, a math model of the
cardholder’s signature is stored on the card, thus preventing use of the card if is stolen.
source database
See external database.
Software Device Receiver

A device that works with the Programmable Bi-directional Interface and that is used to communicate
with various third-party devices, such as the Stentofon and APT-2. The Software Device Receiver
reads ASCII code from a device, sent by way of an RS-232 port. The code is converted into a format.
split screen
See split window.
split window
Splitting the Monitoring Station window horizontally to display the Event Monitor in the top pane and
the General Activity Monitor in the bottom pane. This allows you to view activity on both monitors at
the same time.
SQL (structured query language)

A language used to create, maintain, and query relational databases. It is an ISO and ANSI standard.
SQL uses regular English words for many of its commands, which makes it easy to use. It is often
embedded within other programming languages.
$standard partition
The default partition to which all users and security objects in a non-partitioned system belong. The
$Standard partition has certain special attributes:
■ A user assigned to this partition must be a partition administrator, and thus may edit objects in
all partitions.
■ Any objects created in this partition may reference objects from any other partition.
star topology
A network configuration based on a central hub, from which nodes radiate in a star-shaped pattern.
state change

Change of condition in security object: for example, inputs or readers. State changes can be normal
and planned or can be the result of other activity: for example, door forced open, rejected access, or
duress conditions.
subnet mask
Subnet masks are used to identify the part of the IP address that is used as the network id by
“masking” that part of the address. Subnet masks let you set up internal LANs on the network by
“masking” part of the IP address that is typically used for the host id. Masking is the process of
moving bits from the host id to the network id.
supervised input
An input that can detect normal, alert, open, shorted, or line fault circuit states. Line faults typically
occur when incorrect resistor values are used.
supervision error
Informs the system when the status of wiring between an input and an input circuit changes. If the
wiring is cut, the system reports an open circuit. If someone tries to jumper the wire (prevent the
device from reporting), the system reports a short circuit.
swipe
To pass a card through a reader. The swipe detects identification data encoded in a card, then refers
to the access record defined for that card. Access is granted or withheld based on the data in that
record and on whether or not the card number has been configured to have clearance.
system activities
A pre-defined set of situations that can be identified by the system. You can identify those situations
important to the security objectives, and you can customize which of these gets displayed at the
Monitoring Station.
system administrator
The person responsible for the configuration and maintenance of all system hardware as well as all
common data in the database. The system administrator is also responsible for creating partitions,
creating users and assigning them privileges and partition(s), and performing database backups. The
system administrator is also a partition administrator if the database is partitioned. See also partition
administrator.
system occurrence
Circumstances that indicate state changes to objects the system monitors, such as doors or readers.

system variables
A dialog box that allows certain system-wide security settings to be configured.
tab button
The title of a tab page. See tab page.
tab control
The set of tab pages in the Layout area of the Configure Layout dialog box. See tab page.
tab page
An individual page in the Layout area of the Configure Layout dialog box that contains the tab
button and any combination of widgets, fields, groups of fields on the page. See tab button.
tailgate
A term designating a specific anti-passback violation wherein an access card is presented from an
area/region that the system has no record of the card having entered. The computer assumes the
cardholder generating the violation entered the area by following the prior cardholder through an
entry door without presenting his or her own card.
TCP/IP
TCP/IP is a suite of protocols that allow communications across different network platforms. It is a
routable protocol providing access to the Internet and its resources. It consists of several protocols in
the Transport layer that operate in the Session layer. Almost all networks support TCP/IP as a
protocol.
TCP port
TCP/IP communications are typically between two IP addresses using a TCP port. The first 1024 ports
are reserved for internal TCP functions. Software House uses some in the 2500 - 2801 range.
C•CURE Central uses some in the 6900 range. Sometimes when there are communications problems
it is because a firewall or router is blocking the TCP that is required.
Telnet
Telnet is an internal TCP function that uses port 23. We sometimes use Telnet to login to a terminal
server in order to set it up.
template

An object used in exporting and importing personnel records (and in importing asset records); it
specifies the exact file format used for export and import.
thin client
A connection that executes its program from the computer that it is connected to. The C•CURE 9000
client applications can be run as thin clients. The login connections to C•CURE Central are thin client.
A thin client is similar to a dumb terminal connecting to a timesharing computer in an earlier
architecture.
third party device

An input device, such as a Stentofon, whose data is converted by a software receiver device . The
third party device is connected to the software receiver device by means of direct connect RS-232 or
a terminal server. The flow of data starts at the third party device, moves to the software device
receiver through RS-232 or TCP/IP, and is then sent by way of a Named Pipe.
time specification (time spec)

A security object that specifies a given range of times; used in access control and to automatically
cause events to happen during certain time periods.
timestamp field
An external database field which contains a numeric value that increases in magnitude with each
external database update. This field is used by the automated import function to retrieve new and
modified personnel data from the external database without getting records processed by an earlier
import.
time zone
Any of the 24 regions of the globe (loosely divided by longitude) throughout which the same
standard time is used.
toggle input
An input whose momentary activation can trigger either the arming or disarming of an intrusion
zone depending upon the zone’s prior mode and status. A momentary action key or switch that turns
in one direction to activate and then springs back is an example of a toggle input. See also follow
input and input.
tracert
A windows command to TRACE the Route to an IP address. It uses a Ping type of method to trace the
route.

trailer character
A value that defines the last character in a message from a Bi-Di device. The default value is 13 which
is a carriage return.
triggers
An initiation of a video event in NetVue option. Triggers fall into two categories: 1) those initiated by
a physical break in a dry contact, such as a door contact or by motion detection; 2) those triggers
configured to correspond with access control events, such as the unlocking of a door or setting off
an alarm. Triggers may included pre- and post-video time capture.
twain capture
Allows a user to capture an image using the industry standard twain interface. Twain capture
involves third party software and devices, such as scanners. After an image is imported using the
twain interface, a twain capture dialogue box opens, where the image can be both previewed and
edited.
Ultra
iSTAR Ultra controller. Models available are the Ultra, Ultra SE, Ultra Video. The Ultra has a
GCM running the Linux operating system, and up to two ACM or IP-ACM access control modules,
The Ultra can support up to 16 wired readers or 32 wireless readers.
“unacknowledged event” event

An event that is activated when another event has been active and unacknowledged longer than a
specified amount of time.
unsupervised input
An input that can detect only normal or alert circuit states in the alarm circuit. For example, if the
circuit is normally closed, an open circuit indicates an alarm, but the input cannot detect open or
shorted circuit states.
user
A person who has access to the Administration application and/or the Monitoring Station. A user is
always personnel, but personnel are not always users.
user defined message

When defined, user defined messages can trigger events.
user privileges

Software privilege categories that control which functions users can perform in the Administration
and Monitoring Station applications. There are administration privileges and monitoring privileges.
See also administration privileges and monitoring privileges.
UTC
For all practical purposes, the same as Greenwich Mean Time, which is used for the synchronization
of computers on the Internet. Also called coordinated universal time format.
video archiving
The process of relocating video to offline, permanent storage for future retrieval. This process is
handled by the digital video server system. Video archiving functions are limited to the features that
are currently available on the supported digital video servers. See the product documentation about
these servers for more information about archiving capacity.
video event
Live or Recorded Video. A video event is defined by an action (camera record for a set time)
associated with an access control event (lock door or open door). The access control event can be
configured to trigger the video event based on a pre-defined action (record the door opening for a
segment of time). Live video events can be used to monitor a location on a continuous basis in real
time.
video segment
The section of the video recording from the time the user starts the video event up to and including
the time the user stops the video event. For instance, when a user elects to play recorded video, the
Start Date/Time and Stop Date/Time can be entered, allowing the user to view a specific segment of
video associated with an event.
video segment ID
A unique index used to obtain a video segment from the video server. A Video Segment Id is used to
obtain the section of recording from the time the user starts the video event up to and including the
time the user stops the video event. The user can begin recording either manually or by assigning a
cause (access control event) to be associated with the video. For example, a door switch monitor can
be configured to initiate a video event with a 10-second pre-video time and a 10-second post video
time. The Video Segment Id is what is used to access or track that 20 second video segment. Causes
that may be associated with video events include any event. Video Segment Ids are assigned by the
video server .
video server

A server designed to deliver digital video and other broadband interactive services over a wide area
network or to employees on an intranet, a local area network.
visitor
A cardholder assigned a Personnel Type of Visitor. This person is able to access various buildings or
areas without an escort.
WAN
Wide area network. A network in which computers are connected to each other over a long distance,
using telephone lines and satellite communications. See LAN.
widget
Any single item in the Layout area of the Configure Layout dialog box. Widgets include objects such
as edit fields, labels for edit fields, sets of radio buttons and their labels.
Wiegand signaling
An interface method that uses Data1 and Data0 signals.
Wiegand technology card

A card that has small magnetic wires embedded in a laminate indicating the ones and zeros.
Wiegand 26 format
An HID industry standard that has an 8-bit facility code, a 16-bit card number and 2 parity bits.
Windows CE
Microsoft Windows CE is a 32-bit, Windows embedded real-time operating system. It is the
operating system that is running in the iSTAR GCM.
WOSA
Acronym for Windows Open Services Architecture, also known as Windows Open System
Architecture. A set of application programming interfaces from Microsoft that are intended to enable
Windows-based applications from different vendors to communicate with each other, such as over a
network. The interfaces within the WOSA standard include Open Database Connectivity (ODBC), the
Messaging Application Programming Interface (MAPI), the Telephony Application Programming
Interface (TAPI), Windows Sockets (Winsock), and Microsoft Remote Procedure Calls (RPC).
zone

Another term for a Radionics alarm point.


AC9001 Integrator Installer Day 5 Student Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AC9001 Integrator Installer Day 5 Student Guide

Uploaded by

Copyright:

Available Formats

C•CURE 9000

C•CURE 9000 Installer/Maintainer

Cyber Protection Program: Beyond simple device hardening

Reduce Cyber Security Risk from the Ground Up

Configuration Guidelines for Compliance

R apid Response to Vulnerabilities

Education and Advocacy

Tyco Security Products:

For more information on our program, visit www.tycosecurityproducts.com/cyberprotection.aspx

Safer, Smarter, Tyco.

A Higher Level Commitment

Expert Driven Designs

Welcome to our JCI Cyber Protection Learning Center!

JCI Cybersecurity Training Courses

Please use registration details provided after purchase.

Security Fundamentals for Practitioners

For more details please refer to the following:

Brochure Course Instructions Ordering and FAQ Details

C•CURE 9000 Online Course Registration Information

SOFTWARE HOUSE and AMERICAN DYNAMICS

Click here for a Quick Guide on how to enroll in a course.

Visit the Software House - American Dynamics Training site

Training Services for End User

Training Services for Technical staff

Courses & Materials

AC9641:C•CURE 9000 for Operators/Basic Administrators

LEVEL II – TECHNICIAN LEVEL

AC9001: C•CURE 9000 System Installer/Maintainer

How To Create An Account

• Innometriks Support Website: http://innometriksinc.com/support

Before Calling, ensure that you:

North America (NA) Customer Support Hours and Phone Numbers

Requires Enhanced SSA “7 x 24” Standby Telephone Support

For all other customers, billable on time and materials basis.

Examinations & Quizzes

NOTE: CHALLENGE EXAMS ARE RARELY AUTHORIZED.

Software version: 2.80

This manual is proprietary information of Software House. Unauthorized reproduction of any

© 2019 Tyco Security Products.

C•CURE 9000 Installer/Maintainer 1

Chapter 1 - Log Management 18

C•CURE 9000 AC9001 Installer/Maintainer Student Guide 16

Appendix A - Book 5 Review Questions and Answers 102

17 C•CURE 9000 AC9001 Installer/Maintainer Student Guide

Chapter 1 - Log Management

C•CURE 9000 AC9001 Installer/Maintainer Student Guide Chapter 1 18

Audit Log Purpose

19 Chapter 1 C•CURE 9000 AC9001 Installer/Maintainer Student Guide

To Access the Audit Log

3. Default Audit Query parameter is Last Hour.

6. The results can be filtered down to the desired subsets.

C•CURE 9000 AC9001 Installer/Maintainer Student Guide Chapter 1 20

Audit Log Entries

21 Chapter 1 C•CURE 9000 AC9001 Installer/Maintainer Student Guide

Audit Log: Primary and Secondary Objects (continued)

Operation Operator Primary Secondary Primary Object Secondary

Create Elevator Operator Elevator

Create Button Operator Elevator Floor

Delete Object Operator Object

Edit Object Operator Object

Reference Operator Cardholder Clearance

Reference Operator Reader Card Format

Reference Group name Holiday name .Group .Holiday

R apid Response to Vulnerabilities

Education and Advocacy