Shared Flashcard Set

Details

CISSP Glossary
Over 900 Terms dealing with CISSP CBK from the book by James Michael, Stewart, Ed Tittel Mike Chapple: CISSP® Certified Information Systems Security Professional Study Guide Fourth Edition
924
Computer Science
Undergraduate 4
06/23/2010

Additional Computer Science Flashcards

 


 

Cards

Term
* (star) Integrity Axiom (* Axiom)
Definition
An axiom of the Biba model that states that a subject at a specific classification level cannot write data to a higher classification level. This is often shortened to “no write up.”
Term
* (star) Security Property (* Property)
Definition

A property of the Bell-LaPadula model that states that a subject at a specific classification level cannot write data to a lower classification level. This is often shortened to "no write down."

 

 

Term
1000Base-T
Definition
A form of twisted-pair cable that supports 1000Mbps or 1Gbs throughput at 100 meter distances. Often called Gigabit Ethernet.
Term
100Base-TX
Definition
Another form of twisted-pair cable similar to 100Base-T.
Term
10Base-T
Definition
A type of network cable that consists of four pairs of wires that are twisted around each other and then sheathed in a PVC insulator. Also called twisted-pair.
Term
10Base2
Definition
A type of coaxial cable. Often used to connect systems to backbone trunks. 10Base2 has a maximum span of 185 meters with maximum throughput of 10Mpbs. Also called thinnet.
Term
10Base5
Definition
A type of coaxial cable. Often used as a network's backbone. 10Base5 has a max- imum span of 500 meters with maximum throughput of 10Mpbs. Also called thicknet.
Term
802.11i (WPA-2)
Definition
An amendment to the 802.11 standard that defines a new authentication and encryption technique that is similar to IPSec. To date no real-world attack has compro- mised a properly configured WPA-2 wireless network.
Term
802.1x
Definition
A form of wireless authentication protection that requires all wireless clients to pass a gauntlet of RADIUS or TACACS services before network access is granted.
Term
ACID model
Definition
The letters in ACID represent the four required characteristics of database transactions: atomicity,  consistency,  isolation,  and durability.
Term
AND
Definition
The operation (represented by the ^ symbol) that checks to see whether two values are both true.
Term
APIPA
Definition
See automatic private IP addressing (APIPA).
Term
ActiveX
Definition
Microsoft's component object model (COM) technology used in web applications. ActiveX is implemented using any one of a variety of languages including Visual Basic, C, C++, and Java.
Term
Address Resolution Protocol (ARP)
Definition
A subprotocol of the TCP/IP protocol suite that operates at the Data Link layer (layer 2). ARP is used to discover the MAC address of a system by polling using its IP address.
Term
Advanced Encryption Standard (AES)
Definition
The encryption standard selected in October 2000 by the National Institute for Standards and Technology (NIST) that is based on the Rijndael cipher.
Term
Application layer
Definition
Layer 7 of the Open Systems Interconnection (OSI) model.
Term
Assurance
Definition
The degree of confidence that security needs are satisfied Assurance must be continually maintained, updated, and reverified.
Term
Authentication Header (AH)
Definition
An IPSec protocol that provides authentication, integrity, and non-repudiation
Term
Authentication Service (AS)
Definition
An element of the Kerberos Key Distribution Center (KDC). The AS verifies or rejects the authenticity and timeliness of tickets.
Term
Base+Offset addressing
Definition
An addressing scheme that uses a value stored in one of the CPU's registers as the base location from which to begin counting. The CPU then adds the offset supplied with the instruction to that base address and retrieves the operand from the computed memory location.
Term
Basic Input/Output System (BIOS)
Definition
The operating system independent primitive instructions that a computer needs to start up and load the operating system from disk.
Term
Basic Rate Interface (BRI)
Definition
An ISDN service type that provides two B, or data,channels and one D, or management,channel. Each B channel offers 64Kbps,and the D channel offers 16Kbps.
Term
Bell-LaPadula model
Definition
A confidentiality-focused security model based on the state machine model and employing mandatory access controls and the lattice model.
Term
Biba model
Definition
An integrity-focused security model based on the state machine model and employing mandatory access controls and the lattice model.
Term
Blowfish
Definition
A block cipher that operates on 64-bit blocks of text and uses variable-length keys ranging from a relatively insecure 32 bits to an extremely strong 448 bits.
Term
Bluetooth (802.15)
Definition
A wireless standard commonly used to pair accessories to cell phones or computers.
Term
Business Continuity Planning (BCP)
Definition
The assessment of a variety of risks to organizational processes and the creation of policies,plans,and procedures to minimize the impact those risks might have on the organization if they were to occur.
Term
Business Impact Assessment (BIA)
Definition
An analysis that identifies the resources that are critical to an organizationÕs ongoing viability and the threats posed to those resources. It also assesses the likelihood that each threat will actually occur and the impact those occurrences will have on the business.
Term
CIA Triad
Definition
The three essential security principles of confidentiality,integrity,and availability. cipher,A system that hides the true meaning of a message. Ciphers use a variety of techniques
Term
Children's Online Privacy Protection Act (COPPA)
Definition
A law in the United States that places specific demands upon websites that cater to children or knowingly collect infor- mation from children.
Term
Cipher Block Chaining (CBC)
Definition
A process in which each block of unencrypted text is XORed with the block of cipher text immediately preceding it before it is encrypted using the DES algorithm.
Term
Cipher Feedback (CFB)
Definition
A mode in which the DES algorithm is used to encrypt the preceding block of cipher text. This block is then XORed with the next block of plain text to produce the next block of cipher text.
Term
Clark-Wilson model
Definition
A model that employs limited interfaces or programs to control and maintain object integrity.
Term
Committed Information Rate (CIR)
Definition
A contracted minimum guaranteed bandwidth allocation for a virtual circuit.
Term
Common Body of Knowledge (CBK)
Definition
The areas of information prescribed by (ISC)2 as the source of knowledge for the CISSP exam.
Term
Common Object Request Broker Architecture (CORBA)
Definition
An international standard for distributed computing. CORBA enables code operating on a computer to locate resources located elsewhere on the network.
Term
Component Object Model (COM)
Definition
Microsoft's standard for the use of components within a process or between processes running on the same system.
Term
Computer Fraud and Abuse Act
Definition
A U.S. law written to exclusively cover computer crimes that cross state boundaries to avoid infringing upon states' rights.
Term
Computer Security Act (CSA) of 1987
Definition
A U.S. law that mandates baseline security require- ments for all federal agencies.
Term
Confidential
Definition
A government/military classification used for data of a confidential nature. Unauthorized disclosure of confidential data will have noticeable effects and cause damage to national security. This classification is used for all data between secret and sensitive but unclassified classifications.
Term
Control Objectives for Information and related Technology (CobiT)
Definition
A security concept infrastructure used to organize the complex security solution of companies.
Term
Copper Distributed Data Interface (CDDI)
Definition
Deployment of FDDI using twisted-pair (in other words,copper) wires. This reduces the maximum segment length to 100 meters and is susceptible to interference.
Term
DNS poisoning
Definition
The act of altering or falsifying the information of DNS to route or misdirect legitimate traffic.
Term
Data Definition Language (DDL)
Definition
The database programming language that allows for the creation and modification of the database's structure (known as the schema).
Term
Data Encryption Standard (DES)
Definition
A standard cryptosystem proposed in 1977 for all government communications. Many government entities continue to use DES for crypto- graphic applications today despite that it was superseded by Advanced Encryption Standard (AES) in December 2001.
Term
Data Link layer
Definition
The 2nd level in the OSI model protocol stack.
Term
Data Manipulation Language (DML)
Definition
The database programming language that allows users to interact with the data contained within the schema.
Term
Delphi technique
Definition
An anonymous feedback and response process used to arrive at a group consensus.
Term
Diffie-Hellman algorithm
Definition
A key exchange algorithm useful in situations in which two parties might need to communicate with each other but they have no physical means to exchange key material and there is no public key infrastructure in place to facilitate the exchange of secret keys.
Term
Digital Millennium Copyright Act
Definition
A law that establishes the prohibition of attempts to circumvent copyright protection mechanisms placed on a protected work by the copyright holder and limits the liability of Internet service providers when their circuits are used by criminals violating the copyright law.
Term
Digital Signature Standard (DSS)
Definition
A standard that specifies that all federally approved digital signature algorithms must use a secure hashing function.
Term
Direct Memory Access (DMA)
Definition
A mechanism that allows devices to exchange data directly with real memory (RAM) without requiring assistance from the CPU.
Term
Direct Sequence Spread Spectrum (DSSS)
Definition
A wireless technology that employs all of the available frequencies simultaneously in parallel.
Term
Disaster Recovery Planning (DRP)
Definition
Term that describes the actions an organization takes to resume normal operations after a disaster interrupts normal activity.
Term
Discretionary Security Property
Definition
Property that states that the system uses an access control matrix to enforce discretionary access control.
Term
Distributed Component Object Model (DCOM)
Definition
An extension of COM to support distributed computing. This is Microsoft's answer to CORBA.
Term
Dynamic Host Configuration Protocol (DHCP)
Definition
A protocol used to assign TCP/IP configuration settings to systems upon bootup. DHCP uses port 67 for server point-to-point response and port 68 for client request broadcast. DHCP supports centralized control and management of network addressing.
Term
Economic Espionage Act of 1996
Definition
A law that states that anyone found guilty of stealing trade secrets from a U.S. corporation with the intention of benefiting a foreign government or agent may be fined up to $500,+000 and imprisoned for up to 15 years and that anyone found guilty of stealing trade secrets under other circumstances may be fined up to $250,+000 and imprisoned for up to 10 years.
Term
El Gamal
Definition
The explanation of how the mathematical principles behind the Diffie-Hellman key exchange algorithm could be extended to support an entire public key cryptosystem used for the encryption and decryption of messages.
Term
Electronic Codebook (ECB)
Definition
The simplest encryption mode to understand and the least secure. Each time the algorithm processes a 64-bit block,it simply encrypts the block using the chosen secret key. This means that if the algorithm encounters the same block multiple times,it produces the same encrypted block.
Term
Electronic Communications Privacy Act (ECPA)
Definition
The law that makes it a crime to invade an individualÕs electronic privacy. It protects against the monitoring of email and voice mail com- munications and prevents providers of those services from making unauthorized disclosures of their content.
Term
Encapsulating Security Payload (ESP)
Definition
An element of IPSec that provides encryption to protect the confidentiality of transmitted data but can also perform limited authentication.
Term
Escrowed Encryption Standard
Definition
A failed government attempt to create a back door to all encryption solutions. The solution employed the Clipper chip,which used the Skipjack algorithm.
Term
Ethernet
Definition
A common shared media LAN technology.
Term
Ethical Hackers
Definition
Those trained in responsible network security methodology,with a philosophy toward nondestructive and nonintrusive testing,ethical hackers attack security systems on behalf of their owners seeking to identify and document vulnerabilities so that they may be remediated before malicious hackers can exploit them. Ethical hackers use the same methods to test security that unethical ones do but report what they find rather than seeking to turn them to their advantage.
Term
Fair Cryptosystems
Definition
A failed government attempt to create a back door to all encryption solutions. This technology used a segmented key that was divided among several trustees.
Term
Family Educational Rights and Privacy Act (FERPA)
Definition
A specialized privacy bill that affects any educational institution that accepts any form of funding from the federal government (the vast majority of schools). It grants certain privacy rights to students older than the age of 18 and the parents of minor students.
Term
Federal Information Processing Standard 140 (FIPS-140)
Definition
FIPS-140 defines the hardware
and software requirements for cryptographic modules that the federal government uses.
Term
Federal Sentencing Guidelines
Definition
A 1991 law that provides punishment guidelines for breaking federal laws.
Term
Fiber Distributed Data Interface (FDDI)
Definition
A high-speed token-passing technology that employs two rings with traffic flowing in opposite directions. FDDI offers transmission rates of 100Mbps and is often used as a backbone to large enterprise networks.
Term
Fourth Amendment
Definition
An amendment to the U.S. Constitution that prohibits government agents from searching private property without a warrant and probable cause. The courts have expanded their interpretation of the Fourth Amendment to include protections against wiretapping and other invasions of privacy.
Term
Frame Relay
Definition
A shared connection medium that uses packet-switching technology to establish virtual circuits for customers.
Term
Frequency Hopping Spread Spectrum (FHSS)
Definition
An early implementation of the spread spectrum concept. This wireless access technology transmits data in a series while constantly changing the frequency in use.
Term
Gantt chart
Definition
A type of bar chart that shows the interrelationships over time between projects and schedules. It provides a graphical illustration of a schedule that helps to plan, coordinate, and track specific tasks in a project.
Term
Government Information Security Reform Act of 2000
Definition
Act that amends the United States Code to implement additional information security policies and procedures.
Term
Gramm-Leach-Bliley (GLBA) Act
Definition
A law passed in 1999 that eased the strict governmental barriers between financial institutions. Banks,insurance companies,and credit providers were severely limited in the services they could provide and the information they could share with each other. GLBA somewhat relaxed the regulations concerning the services each organization could provide.
Term
Halon
Definition
A fire-suppressant material that converts to toxic gases at 900 degrees Fahrenheit and depletes the ozone layer of the atmosphere and is therefore usually replaced by an alternative material.
Term
Hashed Message Authentication Code (HMAC)
Definition
An algorithm that implements a partial digital signatureÑit guarantees the integrity of a message during transmission,but it does not provide for nonrepudiation.
Term
Health Insurance Portability and Accountability Act (HIPAA)
Definition
A law passed in 1996 that made numerous changes to the laws governing health insurance and health maintenance orga- nizations (HMOs). Among the provisions of HIPAA are privacy regulations requiring strict security measures for hospitals,physicians,insurance companies,and other organizations that process or store private medical information about individuals.
Term
High-Level Data Link Control (HDLC)
Definition
A layer 2 protocol used to transmit data over syn- chronous communication lines. HDLC is an ISO standard based on IBM's SDLC. HDLC supports full-duplex communications, supports both point-to-point and multipoint connections, offers flow control, and includes error detection and correction.
Term
High-Speed Serial Interface (HSSI)
Definition
A layer 1 protocol used to connect routers and multi- plexers to ATM or Frame Relay connection devices.
Term
Hypertext Transfer Protocol
Definition
The protocol used to transmit web page elements from a web server to web browsers (over the well-known service TCP/UDP port address 80).
Term
Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)
Definition
A standard that uses port 443 to negotiate encrypted communications sessions between web servers and browser clients.
Term
IP Payload Compression (IPcomp) protocol
Definition
A protocol that allows IPSec users to achieve enhanced performance by compression packets prior to the encryption operation.
Term
IP Security (IPSec)
Definition
A standards-based mechanism for providing encryption for point-to-point TCP/IP traffic.
Term
IP header protocol field value
Definition
An element in an IP packet header that identifies the protocol used in the IP packet payload (usually this will be 6 for TCP,17 for UDP,or 1 for ICMP,or any of a number of other valid routing protocol numbers).
Term
IP probes
Definition
An attack technique that uses automated tools to ping each address in a range. Systems that respond to the ping request are logged for further analysis. Addresses that do not produce a response are assumed to be unused and are ignored.
Term
IP spoofing
Definition
The process by which a malicious individual reconfigures their system so that it has the IP address of a trusted system and then attempts to gain access to other external resources.
Term
Identity Theft and Assumption Deterrence Act
Definition
An act that makes identity theft a crime against the person whose identity was stolen and provides severe criminal penalties (up to a 15-year prison term and/or a $250,+000 fine) for anyone found guilty of violating it.
Term
Integrated Services Digital Network (ISDN)
Definition
A digital end-to-end communications mechanism. ISDN was developed by telephone companies to support high-speed digital communications over the same equipment and infrastructure that is used to carry voice communications.
Term
International Organization for Standardization (ISO)
Definition
An independent oversight organization that defines and maintains computer, networking, and technology standards, along with more than 13,+000 other international standards for business, government, and society.
Term
Internet Key Exchange (IKE)
Definition
A protocol that provides for the secure exchange of cryptographic keys between IPSec participants.
Term
Internet Mail Authentication Protocol (IMAP)
Definition
A protocol used to pull email messages from an inbox on an email server down to an email client. IMAP is more secure than POP3, uses port 143, and offers the ability to pull headers down from the email server as well as to store and manage messages on the email server without having to download to the local client first.
Term
Internet Message Access Protocol (IMAP)
Definition
A protocol used to transfer email messages from an email server to an email client.
Term
Internet Security Association and Key Management Protocol (ISAKMP)
Definition
A protocol that provides background security support services for IPSec.
Term
Java
Definition
A platform-independent programming language developed by Sun Microsystems.
Term
Kerberos
Definition
A ticket-based authentication mechanism that employs a trusted third party to provide identification and authentication.
Term
Kerchoff's assumption
Definition
The idea that all algorithms should be public but all keys should remain private. Kerchoff's assumption is held by a large number of cryptologists,but not all of them.
Term
KryptoKnight
Definition
A ticket-based authentication mechanism similar to Kerberos but based on peer-to-peer authentication.
Term
LAN extender
Definition
A remote access,multilayer switch used to connect distant networks over WAN links. This is a strange beast of a device in that it creates WANs but marketers of this device steer clear of the term WAN and use only the terms LAN and extended LAN. The idea behind this device was to make the terminology easier to understand and thus make the device easier to sell than a more conventional WAN device grounded in complex concepts and terms.
Term
Layer 2 Forwarding (L2F)
Definition
A protocol developed by Cisco as a mutual authentication
Term
Layer 2 Tunneling Protocol (L2TP)
Definition
A point-to-point tunnel protocol developed by com- bining elements from PPTP and L2F. L2TP lacks a built-in encryption scheme but typically relies upon IPSec as its security mechanism.
Term
Low Water-Mark Mandatory Access Control (LOMAC)
Definition
A loadable kernel module for Linux designed to protect the integrity of processes and data. It is an OS security architecture extension or enhancement that provides flexible support for security policies.
Term
MD2 (Message Digest 2)
Definition
A hash algorithm developed by Ronald Rivest in 1989 to provide a secure hash function for 8-bit processors.
Term
MD4
Definition
An enhanced version of the MD2 algorithm,released in 1990. MD4 pads the message to ensure that the message length is 64 bits smaller than a multiple of 512 bits.
Term
MD5
Definition
The next version the MD algorithm,released in 1991,which processes 512-bit blocks of the message,but it uses four distinct rounds of computation to produce a digest of the same length as the MD2 and MD4 algorithms (128 bits).
Term
MIME Object Security Services (MOSS)
Definition
Standard that provides authenticity, confidentiality, integrity, and nonrepudiation for email messages.
Term
MONDEX
Definition
A type of electronic payment system and protocol designed to manage cash on smart cards.
Term
Media Access Control (MAC) address
Definition
A 6-byte address written in hexadecimal. The first three bytes of the address indicate the vendor or manufacturer of the physical network interface. The last three bytes make up a unique number assigned to that interface by the manufacturer. No two devices on the same network can have the same MAC address.
Term
NOT
Definition
An operation (represented by the ~ or ! symbol) that reverses the value of an input variable. This function operates on only one variable at a time.
Term
Network Address Translation (NAT)
Definition
A mechanism for converting the internal non-routable IP addresses found in packet headers into public IP addresses for transmission over the Internet.
Term
Network layer
Definition
Layer 3 of the OSI model.
Term
OR
Definition
An operation (represented by the ⁄ symbol) that checks to see whether at least one of the input values is true.
Term
OSI model
Definition
See Open Systems Interconnection (OSI) model.
Term
Open Systems Interconnection (OSI) model
Definition
A standard model developed to establish a common communication structure or standard for all computer systems.
Term
Orthogonal Frequency-Division Multiplexing (OFDM)
Definition
A wireless technology that employs a digital multicarrier modulation scheme that allows for a more tightly compacted transmission.
Term
Output Feedback (OFB)
Definition
A mode in which DES XORs plain text with a seed value. For the first encrypted block, an initialization vector is used to create the seed value. Future seed values are derived by running the DES algorithm on the preceding seed value. The major advantage of OFB mode is that transmission errors do not propagate to affect the decryption of future blocks.
Term
Password Authentication Protocol (PAP)
Definition
A standardized authentication protocol for PPP. PAP transmits usernames and passwords in the clear. PAP offers no form of encryption; it simply provides a means to transport the logon credentials from the client to the authentication server.
Term
Point-to-Point Protocol (PPP)
Definition
A full-duplex protocol used for the transmission of TCP/IP packets over various non-LAN connections,such as modems, ISDN, VPNs, Frame Relay, and so on. PPP is widely supported and is the transport protocol of choice for dial-up Internet connections.
Term
Point-to-Point Tunneling Protocol (PPTP)
Definition
An enhancement of PPP that creates encrypted tunnels between communication endpoints. PPTP is used on VPNs but is often replaced by L2TP.
Term
Port Address Translation (PAT)
Definition
A mechanism for converting the internal nonroutable IP addresses found in packet headers into public IP addresses and port numbers for transmission over the Internet. PAT supports a many-to-one mapping of internal to external IP addresses by using ports.
Term
Post Office Protocol (POP)
Definition
A protocol used to transfer email messages from an email server to an email client.
Term
Presentation layer
Definition
Layer 6 of the OSI model.
Term
Pretty Good Privacy (PGP)
Definition
A public/private key system that uses the IDEA algorithm to encrypt files and email messages. PGP is not a standard but rather an independently developed product that has wide Internet grass roots support.
Term
Primary Rate Interface (PRI)
Definition
An ISDN service type that provides up to 23 B channels and one D channel. Thus,a full PRI ISDN connection offers 1.544 Mbps throughput,the same as a T1 line.
Term
Privacy Act of 1974
Definition
A law that mandates that government agencies maintain only records that are necessary for the conduct of their business and destroy those records when they are no longer needed for a legitimate function of government. It provides a formal procedure for individuals to gain access to records the government maintains about them and to request that incorrect records be amended. The Privacy Act also restricts the way the federal government can deal with private information about individual citizens.
Term
Privacy Enhanced Mail (PEM)
Definition
An email encryption mechanism that provides authentication ,integrity, confidentiality ,and nonrepudiation. PEM is a layer 7 protocol. PEM uses RSA, DES, and X.509.
Term
Program Evaluation Review Technique (PERT)
Definition
A project-scheduling tool. It is a method used to judge the size of a software product in development and calculate the standard deviation (SD) for risk assessment. PERT relates the estimated lowest possible size,the most likely size,and the highest possible size of each component. PERT is used to direct improvements to project management and software coding in order to produce more efficient software. As the capabilities of programming and management improve, the actual produced size of software should be smaller.
Term
RADIUS
Definition
See Remote Authentication Dial-In User Service (RADIUS).
Term
RFC 1918
Definition
The public standard that defines public and private IP addresses.
Term
RSA
Definition
See Rivest, Shamir, and Adleman (RSA).
Term
Remote Authentication Dial-In User Service (RADIUS)
Definition
A service used to centralize the
authentication of remote dial-up connections.
Term
Reverse Address Resolution Protocol (RARP)
Definition
A subprotocol of the TCP/IP protocol suite that operates at the Data Link layer (layer 2). RARP is used to discover the IP address of a system by polling using its MAC address.
Term
Rijndael block cipher
Definition
A block cipher that was selected to replace DES. The Rijndael cipher allows the use of three key strengths: 128 bits,192 bits,and 256 bits.
Term
Rivest, Shamir, and Adleman (RSA)
Definition
A public key encryption algorithm named after Rivest, Shamir, and Adleman, its inventors.
Term
S/MIME
Definition
See Secure Multipurpose Internet Mail Extensions (S/MIME). sabotage,A criminal act committed against an organization by a knowledgeable employee.
Term
SESAME
Definition
A ticket-based authentication mechanism similar to Kerberos.
Term
SYN flood attack
Definition
A type of DoS. A SYN flood attack is waged by not sending the final ACK packet,which breaks the standard three-way handshake used by TCP/IP to initiate communi- cation sessions.
Term
Secret
Definition
A government/military classification, used for data of a secret nature. Unauthorized disclosure of secret data could cause serious damage to national security.
Term
Secure Electronic Transaction (SET)
Definition
A security protocol for the transmission of transactions over the Internet. SET is based on RSA encryption and DES. SET has the support of major credit card companies, such as Visa and MasterCard.
Term
Secure HTTP (S-HTTP)
Definition
The second major protocol used to provide security on the World Wide Web.
Term
Secure Hash Algorithm (SHA)
Definition
A government standard hash function developed by the National Institute of Standards and Technology (NIST) and specified in an official government publication.
Term
Secure Multipurpose Internet Mail Extensions (S/MIME)
Definition
A protocol used to secure the transmission of email and attachments.
Term
Secure Remote Procedure Call (S-RPC)
Definition
An authentication service. S-RPC is simply a means to prevent unauthorized execution of code on remote systems.
Term
Secure Shell (SSH)
Definition
An end-to-end encryption technique. This suite of programs provides encrypted alternatives to common Internet applications such as FTP, Telnet, and rlogin. There are actually two versions of SSH. SSH1 supports the DES,3 DES, IDEA,and Blowfish algorithms. SSH2 drops support for DES and IDEA but adds support for several other algorithms.
Term
Secure Sockets Layer (SSL)
Definition
An encryption protocol developed by Netscape to protect the communications between a web server and a web browser.
Term
Sequenced Packet Exchange (SPX)
Definition
The Transport layer protocol of the IPX/SPX protocol suite from Novell.
Term
Serial Line Internet Protocol (SLIP)
Definition
An older technology developed to support TCP/IP com- munications over asynchronous serial connections,such as serial cables or modem dial-up.
Term
Session layer
Definition
Layer 5 of the OSI model.
Term
Simple Integrity Axiom (SI Axiom)
Definition
An axiom of the Biba model that states that a subject at a specific classification level cannot read data with a lower classification level. This is often shortened to Òno read down.Ó
Term
Simple Key Management for IP (SKIP)
Definition
An encryption tool used to protect sessionless datagram protocols.
Term
Simple Mail Transfer Protocol (SMTP)
Definition
The primary protocol used to move email messages from clients to servers and from server to server.
Term
Simple Security Property (SS property)
Definition
A property of the Bell-LaPadula model that states that a subject at a specific classification level cannot read data with a higher classification level. This is often shortened to Òno read up.Ó
Term
Skipjack
Definition
Associated with the Escrowed Encryption Standard, an algorithm that operates on 64-bit blocks of text. It uses an 80-bit key and supports the same four modes of operation supported by DES. Skipjack was proposed but never implemented by the U.S. government. It provides the cryptographic routines supporting the Clipper and Capstone high-speed encryption chips designed for mainstream commercial use.
Term
Switched Multimegabit Data Services (SMDS)
Definition
A connectionless network communication service. SMDS provides bandwidth on demand. SMDS is a preferred connection mechanism for linking remote LANs that communicate infrequently.
Term
Synchronous Data Link Control (SDLC)
Definition
A layer 2 protocol employed by networks with dedicated or leased lines. SDLC was developed by IBM for remote communications with SNA systems. SDLC is a bit-oriented synchronous protocol.
Term
TACACS
Definition
See Terminal Access Controller Access Control System (TACACS).
Term
TCP wrapper
Definition
An application that can serve as a basic firewall by restricting access based on user IDs or systems IDs.
Term
TEMPEST
Definition
The study and control of electronic signals produced by various types of electronic hardware,such as computers,televisions,phones,and so on. Its primary goal is to prevent EM and RF radiation from leaving a strictly defined area so as to eliminate the possibility of external radiation monitoring,eavesdropping,and signal sniffing.
Term
Take-Grant model
Definition
A model that employs a directed graph to dictate how rights can be passed from one subject to another or from a subject to an object. Simply put, a subject with the grant right can grant another subject or another object any other right they possess. Like-wise, a subject with the take right can take a right from another subject.
Term
Terminal Access Controller Access Control System (TACACS)
Definition
An alternative to RADIUS. TACACS is available in three versions: original TACACS, XTACACS (extended TACACS), and TACACS+. TACACS integrates the authentication and authorization processes. XTACACS keeps the authentication,authorization,and accounting processes separate. TACACS+ improves XTACACS by adding two-factor authentication.
Term
Top Secret
Definition
The highest level of government/military classification. Unauthorized disclosure of top-secret data will cause exceptionally grave damage to national security.
Term
Transmission Control Protocol (TCP)
Definition
A connection-oriented protocol located at layer 4 of the OSI model stack.
Term
Transport layer
Definition
Layer 4 of the OSI model.
Term
Trojan horse
Definition
A malicious code object that appears to be a benevolent program, such as a game or simple utility that performs the 'cover' functions as advertised but also carries an unknown payload,such as a virus.
Term
Type 1 authentication factor
Definition
Something you know,such as a password,personal identification number (PIN), combination lock, passphrase, mother's maiden name, or favorite color.
Term
Type 2 authentication factor
Definition
Something you have,such as a smart card,ATM card,token device,or memory card.
Term
Type 3 authentication factor
Definition
Something you are, such as fingerprints, voice print, retina pattern, iris pattern, face shape, palm topology, or hand geometry.
Term
USA Patriot Act of 2001
Definition
An act implemented after the September 11, 2001,terrorist attacks. It greatly broadened the powers of law enforcement organizations and intelligence agencies across a number of areas,including the monitoring of electronic communications.
Term
Uniform Computer Information Transactions Act (UCITA)
Definition
A federal law designed for adoption by each of the 50 states to provide a common framework for the conduct of computer-related business transactions.
Term
User Datagram Protocol (UDP)
Definition
A connectionless protocol located at layer 4 of the OSI model.
Term
Vernam cipher
Definition
A device that implements a 26-character modulo 26 substitution cipher.
Term
Vigenere cipher
Definition
A polyalphabetic substitution cipher.
Term
Voice over IP (VoIP)
Definition
A network service that provides voice communication services by transporting the voice traffic as network packets over an IP network.
Term
WiFi Protected Access (WPA)
Definition
An early alternative to WEP based on a secret passphrase and employing the LEAP and TKIP crypto systems. It is attackable through passphrase guessing.
Term
WiMax (802.16)
Definition
A wireless standard that defines citywide wireless access technologies. This standard has yet to be widely deployed.
Term
WinNuke attack
Definition
A type of DoS. A WinNuke attack is a specialized assault against Windows 95 systems. Out-of-band TCP data is sent to a victimÕs system,which causes the OS to freeze.
Term
Wired Equivalency Protocol (WEP)
Definition
A protocol that provides both 40- and 128-bit encryption options to protect communications within the wireless LAN.
Term
Wired Equivalent Privacy (WEP)
Definition
A form of encrypted authentication that employs RC4. WEP supports only one-way authentication from client to WAP. WEP is considered insufficient for security because of several deficiencies in its design and implementation.
Term
Wireless Application Protocol (WAP)
Definition
A functioning industry-driven protocol stack that allows users through their WAP-capable devices,such as cell phones,to communicate over a carrier's network with the Internet.
Term
X.25
Definition
An older WAN protocol that uses carrier switching to provide end-to-end connections
Term
XOR
Definition
A function that returns a true value when only one of the input values is true. If both values are false or both values are true,the output of the XOR function is false.
Term
Zero Knowledge Teams
Definition
These possess only primary information about an organization during a security assessment or penetration t
Term
abnormal activity
Definition
Any system activity that does not normally occur on your system. Also known as suspicious activity
Term
abstraction
Definition
The collection of similar elements into groups classes or roles for the assignment of security controls restrictions or permissions as a collective.
Term
acceptance testing
Definition
A form of testing that attempts to verify that a system satisfies the stated criteria for functionality and possibly also for security capabilities of a product. It is used to determine whether end users or customers will accept the completed product.
Term
accepting risk
Definition
The valuation by management of the cost/benefit analysis of possible safeguards and the determination that the cost of the countermeasure greatly outweighs the possible cost of loss because of a risk.
Term
access
Definition
The transfer of information from an object to a subject.
Term
access control
Definition
The mechanism by which subjects are granted or restricted access to objects.
Term
access control list (ACL)
Definition
The column of an access control matrix that specifies what level of access has over an object.
Term
access control matrix
Definition
A table of subjects and objects that indicates the actions or functions that each subject can perform on each object. Each column of the matrix is an ACL. Each row of the matrix is a capability list.
Term
access tracking
Definition
Auditing logging and monitoring the attempted access or activities of a subject. Also referred to as activity tracking.
Term
account lockout
Definition
An element of the password policy's programmatic controls that disables a user account after a specified number of failed logon attempts. Account lockout is an effective countermeasure to brute-force and dictionary attacks against a system's logon prompt.
Term
accountability
Definition
The process of holding someone responsible (accountable) for something. In this context accountability is possible if a subject's identity and actions can be tracked and verified.
Term
accreditation
Definition
The formal declaration by the Designated Approving Authority (DAA) that an IT system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.
Term
active content
Definition
Web programs that users download to their own computer for execution rather than consuming server-side resources.
Term
addressing
Definition
The means by which a processor refers to various locations in memory.
Term
administrative access controls
Definition
The policies and procedures defined by an organization's security policy to implement and enforce overall access control. Examples of administrative access controls include hiring practices background checks,  data classification,  security training,  vacation history, reviews,  work supervision,  personnel controls,  and testing.
Term
administrative law
Definition
Regulations that cover a range of topics from procedures to be used within a federal agency to immigration policies that will be used to enforce the laws passed by Congress. Administrative law is published in the Code of Federal Regulations (CFR).
Term
administrative physical security controls
Definition
Security controls that include facility construction, and selection site management,  personnel controls,  awareness training,  and emergency response and procedures.
Term
admissible evidence
Definition
Evidence that is relevant to determining a fact. The fact that the evidence seeks to determine must be material (in other words,  related) to the case. In addition the evidence must be competent,meaning that it must have been obtained legally. Evidence that results from an illegal search would be inadmissible because it is not competent.
Term
advisory policy
Definition
A policy that discusses behaviors and activities that are acceptable and defines consequences of violations. An advisory policy discusses the senior management's desires for security and compliance within an organization. Most policies are advisory.
Term
agent
Definition
Intelligent code objects that perform actions on behalf of a user. They typically take initial instructions from the user and then carry on their activity, in an unattended manner, for a predetermined period of time,until certain conditions are met, or for an indefinite period.
Term
aggregate functions
Definition
SQL functions,such as COUNT(),MIN(),MAX(),SUM(),and AVG(),that can be run against a database to produce an information set.
Term
aggregation
Definition
A number of functions that combine records from one or more tables to produce potentially useful information.
Term
alarm
Definition
A mechanism that is separate from a motion detector and triggers a deterrent, or triggers a repellant,and/or triggers a notification. Whenever a motion detector registers a significant or meaningful change in the environment, it triggers an alarm.
Term
alarm triggers
Definition
Notifications sent to administrators when a specific event occurs.
Term
amplifier
Definition
See repeater.
Term
analytic attack
Definition
An algebraic manipulation that attempts to reduce the complexity of a cryptographic algorithm. This attack focuses on the logic of the algorithm itself.
Term
annualized loss expectancy (ALE)
Definition
The possible yearly cost of all instances of a specific realized threat against a specific asset. The ALE is calculated using the formula ALE = single loss expectancy (SLE) * annualized rate of occurrence (ARO).
Term
annualized rate of occurrence (ARO)
Definition
The expected frequency that a specific threat or risk will occur (in other words, become realized) within a single year.
Term
anomaly detection
Definition
See behavior-based detection.
Term
applet
Definition
Code objects sent from a server to a client to perform some action. Applets are self-contained miniature programs that execute independently of the server that sent them.
Term
application-level gateway firewall
Definition
A firewall that filters traffic based on the Internet service (in other words, application) used to transmit or receive the data. Application-level gateways are known as second-generation firewalls.
Term
assembly language
Definition
A higher-level alternative to machine language code. Assembly languages use mnemonics to represent the basic instruction set of a CPU but still requires hardware-specific knowledge.
Term
asset
Definition
Anything within an environment that should be protected. The loss or disclosure of an asset could result in an overall security compromise, loss of productivity, reduction in profits, additional expenditures, discontinuation of the organization, and numerous intangible consequences.
Term
asset valuation
Definition
A dollar value assigned to an asset based on actual cost and nonmonetary expenses,such as costs to develop, maintain, administer, advertise, support,repair,and replace; as well as other values,such as public confidence, industry support, productivity enhancement, knowledge equity, and ownership benefits.
Term
asset value (AV)
Definition
A dollar value assigned to an asset based on actual cost and nonmonetary expenses.
Term
assigning risk
Definition
See transferring risk.
Term
assurance
Definition
The degree of confidence that security needs are satisfied. Assurance must be continually maintained, updated, and reverified
Term
asymmetric key
Definition
Public key cryptosystems that use a pair of keys (public and private) for each participant. Messages encrypted with one key from the pair can only be decrypted with the other key from the same pair.
Term
asynchronous transfer mode (ATM)
Definition
A cell-switching technology rather than a packet- switching technology like Frame Relay. ATM uses virtual circuits much like Frame Relay,but because it uses fixed-size frames or cells,it can guarantee throughput. This makes ATM an excellent WAN technology for voice and video conferencing.
Term
atomicity
Definition
One of the four required characteristics of all database transactions. A database trans- action must be an "all-or-nothing" affair. If any part of the transaction fails,the entire transaction must be rolled back, as if it never occurred.
Term
attack
Definition
The exploitation of a vulnerability by a threat agent, attacker or any person who attempts to perform a malicious action against a system.
Term
attenuation
Definition
The loss of signal strength and integrity on a cable because of the length of the cable.
Term
attribute
Definition
A column within a table of a relational database.
Term
audit trails
Definition
The records created by recording information about events and occurrences into a database or log file. Audit trails are used to reconstruct an event, to extract information about an incident, to prove or disprove culpability, and much more.
Term
auditing
Definition
A methodical examination or review of an environment to ensure compliance with regulations and to detect abnormalities, unauthorized occurrences, or outright crimes.
Term
auditor
Definition
The person or group responsible for testing and verifying that the security policy is properly implemented and the derived security solutions are adequate.
Term
authentication
Definition
The process of verifying or testing that the identity claimed by a subject is valid.
Term
authentication protocols
Definition
Protocol used to provide the transport mechanism for log-on credentials.
Term
authority before the lifetimes of the certificates have expired. certificates
Definition
Endorsed copies of an individualÕs public key that verifies their identity.
Term
authorization
Definition
A process that ensures that the requested activity or object access is possible given the rights and privileges assigned to the authenticated identity (in other words, subject).
Term
automatic private IP addressing (APIPA)
Definition
A feature of Windows that assigns an IP address to a system should DHCP address assignment fail.
Term
auxiliary alarm system
Definition
An additional function that can be added to either local or centralized alarm systems. The purpose of an auxiliary alarm system is to notify local police or fire services when an alarm is triggered.
Term
availability
Definition
The assurance that authorized subjects are granted timely and uninterrupted access to objects.
Term
awareness
Definition
A form of security teaching that is a prerequisite to training. The goal of awareness is to bring security into the forefront and make it a recognized entity for students/users.
Term
badges
Definition
Forms of physical identification and/or of electronic access control devices.
Term
baseband
Definition
A communication medium that supports only a single communication signal at a time.
Term
baseline
Definition
The minimum level of security that every system throughout the organization must meet.
Term
bastion host
Definition
a special purpose computer on a network specifically designed and configured to withstand attacks. The computer generally hosts a single application, for example a proxy server, and all other services are removed or limited to reduce the threat to the computer. It is hardened in this manner primarily due to its location and purpose, which is either on the outside of the firewall or in the DMZ and usually involves access from untrusted networks or computers.
Term
behavior
Definition
In the context of object-oriented programming terminology and techniques, the results or output from an object after processing a message using a method.
Term
behavior-based detection
Definition
An intrusion discovery mechanism used by IDS. Behavior-based detection finds out about the normal activities and events on your system through watching and learning. Once it has accumulated enough data about normal activity, it can detect abnormal and possible malicious activities and events. Also known as statistical intrusion detection,anomaly detection,and heuristics-based detection.
Term
best evidence rule
Definition
A rule that states when a document is used as evidence in an court proceeding, the original document must be introduced. Copies will not be accepted as evidence unless certain exceptions to the rule apply.
Term
bind variable
Definition
A placeholder for SQL literal values,such as numbers or character strings.
Term
biometrics
Definition
The use of human physiological or behavioral characteristics as authentication factors for logical access and identification for physical access.
Term
birthday attack
Definition
An attack in which the malicious individual seeks to substitute in a digitally signed communication with a different message that produces the same message digest, thereby maintaining the validity of the original digital signature. This is based on the statistical anomaly that in a room with 23 people, the probability of two of more people having the same birthday is greater than 50 percent.
Term
black-box testing
Definition
A form of program testing that examines the input and output of a program without focusing on its internal logical structures.
Term
blackout
Definition
A complete loss of power.
Term
block cipher
Definition
A cipher that applies the encryption algorithm to an entire message block at the at the same time. Transporation ciphers are examples of block ciphers.
Term
bluejacking
Definition
Highjacking a Bluetooth connection to eavesdrop or extract information from devices.
Term
boot sector
Definition
The portion of a storage device used to load the operating system and the types of viruses that attack that process.
Term
bridge
Definition
A network device used to connect networks with different speeds, cable types, or topologies that still use the same protocol. A bridge is a layer 2 device.

Term
broadband
Definition
A communication medium that supports multiple communication signals simultaneously.
Term
broadcast
Definition
A communications transmission to multiple but unidentified recipients.
Term
broadcast address
Definition
A broadcast network address that is used during a smurf attack.
Term
brouter
Definition
A network device that first attempts to route and then defaults to bridging if routing fails.
Term
brownout
Definition
A period of prolonged low voltage.
Term
brute force
Definition
An attack pattern characterized by a mechanical series of sequential or combi- natorial inputs utilized in an automated attempt to identify security properties (usually pass- words) in a given system (see brute-force attack).
Term
brute-force attack
Definition
An attack made against a system to discover the password to a known identity (in other words,username). A brute-force attack uses a systematic trial of all possible character combinations to discover an accountÕs password.
Term
buffer overflow
Definition
A vulnerability that can cause a system to crash or allow the user to execute shell commands and gain access to the system. Buffer overflow vulnerabilities are especially prevalent in code developed rapidly for the Web using CGI or other languages that allow unskilled programmers to quickly create interactive web pages.
Term
business attack
Definition
An attack that focuses on illegally obtaining an organizationÕs confidential information.
Term
cache RAM
Definition
A process by that takes data from slower devices and temporarily stores it in
Term
campus area network (CAN)
Definition
A network that spans a college,university,or a multibuilding office complex.
Term
capability list
Definition
Each row of an access control matrix is a capability list. A capability list is tied to the subject; it lists valid actions that can be taken on each object.
Term
cardinality
Definition
The number of rows in a relational database. cell suppression,The act of suppressing (or hiding) individual data items inside a database
Term
centralized access control
Definition
Method of control in which all authorization verification is performed by a single entity within a system.
Term
centralized alarm system
Definition
An alarm system that signals a remote or centralized monitoring station when the alarm is triggered.
Term
certificate authority
Definition
An agency that authenticates and distributes digital certificates. certificate revocation list (CRL),The list of certificates that have been revoked by a certificate
Term
certificate revocation list (CRL)
Definition
The list of certificates that have been revoked by a certificate before the lifetimes of the certificates have expired.
Term
certification
Definition
The comprehensive evaluation,made in support of the accreditation process,of the technical and nontechnical security features of an IT system and other safeguards to estab- lish the extent to which a particular design and implementation meets a set of specified security requirements.
Term
chain of evidence
Definition
The process by which an object is uniquely identified in a court of law. Challenge Handshake Authentication Protocol (CHAP),One of the authentication protocols
Term
change management
Definition
The means by which changes to an environment are logged and moni- tored in order to ensure that any change does not lead to reduced or compromised security.
Term
checklist test
Definition
A process in which copies of the disaster recovery checklists are distributed to the members of the disaster recovery team for their review.
Term
chosen cipher-text attack
Definition
An attack in which the attacker has the ability to decrypt chosen portions of the cipher-text message.
Term
chosen plain-text attack
Definition
An attack in which the attacker has the ability to encrypt plain-text messages of their choosing and then analyze the cipher-text output of the encryption algorithm.
Term
cipher text
Definition
A message that has been encrypted for transmission.
Term
civil laws
Definition
Laws that form the bulk of the body of laws in the United States. They are designed to provide for an orderly society and govern matters that are not crimes but require an impartial arbiter to settle disputes between individuals and organizations.
Term
class
Definition
In the context of object-oriented programming terminology and techniques,a collection of common methods from a set of objects that defines the behavior of those objects.
Term
classification
Definition
A label that is applied to a resource to indicate its sensitivity or value to an organization and therefore designate the level of security necessary to protect that resource.
Term
classification level
Definition
Another term for a security label. An assigned importance or value placed on objects and subjects.
Term
clean power
Definition
Nonfluctuating pure power. clearing,A method of sufficiently deleting media that will be reused in the same secured
Term
clearing
Definition
A method of sufficiently deleting media that will be reused in the same secured environment
Term
click-wrap license agreement
Definition
A software agreement in which the contract terms are either written on the software box or included in the software documentation. During the installation process,you are required to click a button indicating that you have read the terms of the agreement and agree to abide by them.
Term
clipping level
Definition
A threshold value used in violation analysis auditing. Crossing the clipping level triggers the recording of relevant event data to an audit log.
Term
closed head system
Definition
See wet pipe system.
Term
closed-circuit television (CCTV)
Definition
A security system using video cameras and video recording devices.
Term
clustering (or key clustering)
Definition
A weakness in cryptography where a plain-text message generates identical cipher-text messages using the same algorithm but using different keys.
Term
coaxial cable
Definition
A cable with a center core of copper wire surrounded by a layer of insulation and then by a conductive braided shielding and finally encased in an insulation sheath. Coaxial cable is fairly resistant to EMI,has a low cost,and is easy to install.
Term
code
Definition
See cipher.
Term
cognitive password
Definition
A variant of the password authentication factor that asks a series of questions about facts or predefined responses that only the subject should know.
Term
cohesive (or cohesiveness)
Definition
An object is highly cohesive if it can perform a task with little or no help from other objects. Highly cohesive objects are not as dependent upon other objects as objects with lower cohesion. Objects with higher cohesion are often better. Highly cohesive objects perform tasks alone and have low coupling.
Term
cold sites
Definition
Standby facilities large enough to handle the processing load of an organization and with appropriate electrical and environmental support systems.
Term
collision attack
Definition
See birthday attack.
Term
collusion
Definition
An agreement between multiple people to perform an unauthorized or illegal action.
Term
commercial business/private sector classification
Definition
The security labels commonly employed on secure systems used by corporations. Common corporate or commercial security labels are confidential, proprietary, private, sensitive, and public.
Term
common mode noise
Definition
Electromagnetic interference (EMI) noise generated by the difference in power between the hot and ground wires of a power source or operating electrical equipment.
Term
companion virus
Definition
A variation of the file infector virus. A companion virus is a self-contained executable file that escapes detection by using a filename similar to,but slightly different from,a legitimate operating system file.
Term
compartmented security mode
Definition
A security mode in which systems process two or more types of compartmented information. All system users must have an appropriate clearance to access all information processed by the system but do not necessarily need to know all the information in the system.
Term
compensation access control
Definition
A type of access control that provides various options to other existing controls to aid in the enforcement and support of a security policy.
Term
competent
Definition
A distinction of evidence that means that the evidence must be obtained legally. Evidence that results from an illegal search would be inadmissible because it is not competent.
Term
compiled languages
Definition
A computer language that is converted into machine language before distribution or execution.
Term
compliance testing
Definition
Another common usage of auditing. Verification that a system complies with laws, regulations, baselines, guidelines, standards,and policies is an important part of maintaining security in any environment.
Term
compromise
Definition
If system security has been broken,the system is considered compromised.
Term
computer architecture
Definition
An engineering discipline concerned with the construction of computing systems from the logical level.
Term
computer crime
Definition
Any crime that is perpetrated against or with the use of a computer.
Term
concentrator
Definition
See repeater.
Term
conclusive evidence
Definition
Incontrovertible evidence that overrides all other forms of evidence.
Term
concurrency
Definition
A security mechanism that endeavors to make certain that the information stored in a database is always correct or at least has its integrity and availability protected. Concurrency uses a 'lock" feature to allow an authorized user to make changes and then "unlocks' data elements only after all changes are complete.
Term
confidentiality
Definition
The assurance that information is protected from unauthorized disclosure and the defined level of secrecy is maintained throughout all subject-object interactions.
Term
configuration management
Definition
The process of logging, auditing, and monitoring activities related to security controls and security mechanisms over time. This data is then used to identify agents of change, whether objects, subjects, programs, communication pathways,or even the network itself.
Term
confinement (or confinement property)
Definition
The principle that allows a process to read from and write to certain memory locations and resources only. This is an alternate name for the * (star) Security Property of the Bell-LaPadula model.
Term
confusion
Definition
It occurs when the relationship between the plain text and the key is complicated enough that an attacker can't just alter the plain text and analyze the result in order to determine the key.
Term
consistency
Definition
One of the four required characteristics of all database transactions (the other three are atomicity, isolation, and durability). All transactions must begin operating in an environment that is consistent with all of the database's rules.
Term
contamination
Definition
The result of mixing of data with a different classification level and/or need- to-know requirement.
Term
content-dependent access control
Definition
A form of access control based on the contents or payload of an object.
Term
continuity
Definition
A goal an organization can accomplish by having plans and procedures to help mitigate the effects a disaster has on its continuing operations and to speed the return to normal operations.
Term
contractual license agreement
Definition
A written contract between the software vendor and the customer outlining the responsibilities of each.
Term
control
Definition
The use of access rules to limit a subject's access to an object.
Term
controls gap
Definition
The difference between total risk and residual risk.
Term
copyright
Definition
Law that guarantees the creators of
"original works of authorship"' protection against the unauthorized duplication of their work.
Term
corrective access control
Definition
An access control deployed to restore systems to normal after an unwanted or unauthorized activity has occurred. Examples of corrective access controls include alarms, mantraps, and security policies.
Term
corrective controls
Definition
Instructions,procedures,or guidelines used to reverse the effects of an unwanted activity,such as attacks or errors.
Term
countermeasures
Definition
Actions taken to patch a vulnerability or secure a system against an attack. Countermeasures can include altering access controls, reconfiguring security settings, installing new security devices or mechanisms, adding or removing services, and so on.
Term
coupling
Definition
The level of interaction between objects. Lower coupling means less interaction. Lower coupling delivers better software design because objects are more independent. Lower coupling is easier to troubleshoot and update. Objects with low cohesion require lots of assistance from other objects to perform tasks and have high coupling.
Term
covert channel
Definition
The means by which data can be communicated outside of normal,expected,or detectable methods.
Term
covert storage channel
Definition
A channel that conveys information by writing data to a common storage area where another process can read it.
Term
covert timing channel
Definition
A channel that conveys information by altering the performance of a system component or modifying a resource's timing in a predictable manner.
Term
cracker
Definition
Malicious users intent on waging an attack against a person or system. Crackers may be motivated by greed, power, or recognition. Their actions can result in stolen property (data, ideas, and so on), disabled systems, compromised security, negative public opinion, loss of market share, reduced profitability, and lost productivity.
Term
creeping privilege(s)
Definition
When a user account accumulates privileges over time as job roles and assigned tasks change.
Term
criminal law
Definition
Body of laws that the police and other law enforcement agencies enforce. Criminal law contains prohibitions against acts such as murder, assault, robbery, arson, theft, and similar offenses.
Term
critical path analysis
Definition
A systematic effort to identify relationships between mission-critical applications, processes, and operations and all of the necessary supporting elements.
Term
criticality prioritization
Definition
The prioritization of mission-critical assets and processes during the creation of BCP/DRP.
Term
crossover error rate (CER)
Definition
The point at which the false acceptance rate (FAR) equals the false rejection rate (FRR). This is the point from which performance is measured in order to compare the capabilities of different biometric devices.
Term
cryptanalysis
Definition
The study of methods to defeat codes and ciphers. cryptographic key, Cryptographic keys provide the 'secret' portion of a cryptographic
Term
cryptography
Definition
Algorithms applied to data that are designed to ensure confidentiality, integrity, authentication, and/or nonrepudiation.
Term
cryptosystem
Definition
System in which a shared secret key or pairs of public and private keys are used by communicating parties to facilitate secure communication.
Term
cryptovariable
Definition
Another name for the key used to perform encryption and decryption activities.
Term
custodian
Definition
A subject that has been assigned or delegated the day-to-day responsibilities of classifying and labeling objects and properly storing and protecting objects. The custodian is typically the IT staff or the system security administrator.
Term
cyclic redundancy check (CRC)
Definition
Similar to a hash total,a value that indicates whether a message has been altered or damaged in transit.
Term
data circuit-terminating equipment (DCE)
Definition
A networking device that performs the actual transmission of data over the Frame Relay as well as establishing and maintaining the virtual circuit for the customer.
Term
data classification
Definition
Grouping data under labels for the purpose of applying security controls and access restrictions.
Term
data custodian
Definition
The user who is assigned the task of implementing the prescribed protection defined by the security policy and upper management. The data custodian performs any and all activities necessary to provide adequate protection for data and to fulfill the requirements and responsibilities delegated to him from upper management.
Term
data dictionary
Definition
Central repository of data elements and their relationships. Stores critical information about data usage, relationships, sources, and formats.
Term
data diddling
Definition
The act of changing data.
Term
data extraction
Definition
The process of extracting elements of data from a large body of data to construct a meaningful representation or summary of the whole.
Term
data hiding
Definition
The process of preventing data from being known by a subject.
Term
data mart
Definition
The storage facility used to secure metadata.
Term
data mining
Definition
A technique or tool that allows analysts to comb through data warehouses and look for potential correlated information amid the historical data.
Term
data steward
Definition
See data custodian
Term
data terminal equipment (DTE)
Definition
A networking device that acts like a router or a switch and
provides the customer’s network access to the Frame Relay network.
Term
data warehouse
Definition
Large databases used to store large amounts of information from a variety of databases for use in specialized analysis techniques.
Term
database
Definition
An electronic filing system for organizing collections of information. Most data- bases are organized by files, records, and fields.
Term
database management system (DBMS)
Definition
An application that enables the storage,modification,and extraction of information from a database.
Term
database partitioning
Definition
The act of dividing a database up into smaller sections or individual databases; often employed to segregate content with varying sensitivity labels.
Term
de-encapsulation
Definition
The process of stripping a layer's header and footer from a PDU as it travels up the OSI model layers.
Term
decentralized access control
Definition
System of access control in which authorization verification is performed by various entities located throughout a system.
Term
decision support system (DSS)
Definition
An application that analyzes business data and presents it so as to make business decisions easier for users. DSS is considered an informational application more so than an operational application. Often a DSS is employed by knowledge workers (such as help desk or customer support) and by sales services (such as phone operators).
Term
declassification
Definition
The process of moving a resource into a lower classification level once its value no longer justifies the security protections provided by a higher level of classification.
Term
decrypt
Definition
The process of reversing a cryptographic algorithm that was used to encrypt a message.
Term
dedicated mode
Definition
See dedicated security mode.
Term
dedicated security mode
Definition
Mode in which the system is authorized to process only a specific classification level at a time. All system users must have clearance and a need to know that information.
Term
degaussing
Definition
The act of using a magnet to return media to its original pristine unused state.
Term
degree
Definition
The number of columns in a relational database.
Term
delegation
Definition
In the context of object-oriented programming,the forwarding of a request by an object to another object or delegate. An object delegates if it does not have a method to handle the message.
Term
delta rule
Definition
Also known as the learning rule. It is the feature of expert systems that allows them to learn from experience.
Term
deluge system
Definition
Another form of dry pipe (fire suppression) system that uses larger pipes and therefore a significantly larger volume of water. Deluge systems are inappropriate for environments that contain electronics and computers.
Term
denial of service (DoS)
Definition
A type of attack that prevents a system from processing or responding to legitimate traffic or requests for resources and objects.
Term
deny risk
Definition
See reject risk.
Term
detective access control
Definition
An access control deployed to discover unwanted or unauthorized activity. Examples of detective access controls include security guards, supervising users, incident investigations, and intrusion detection systems (IDSs).
Term
detective control
Definition
See detective access control.
Term
detective control
Definition
Any security mechanism used to verify the effectiveness of directive and preventive controls.
Term
deterrent access control
Definition
An access control that discourages violations of a security policy.
Term
dictionary attack
Definition
An attack against a system designed to discover the password to a known identity (in other words, a username). In a dictionary attack,a script of common passwords and dictionary words is used to attempt to discover an account's password.
Term
differential backup
Definition
A type of backup that stores all files that have been modified since the time of the most recent full backup.
Term
diffusion
Definition
When a change in the plain-text results in multiple changes spread throughout the cipher text.
Term
digital signature
Definition
A method for ensuring a recipient that a message truly came from the claimed sender and that the message was not altered while in transit between the sender and recipient.
Term
direct addressing
Definition
A process by which the CPU is provided with the actual address of the memory location to be accessed.
Term
direct evidence
Definition
Evidence that proves or disproves a specific act through oral testimony based on information gathered through the witness's five senses.
Term
directive access control
Definition
An access control that directs,confines,or controls the actions of subjects to force or encourage compliance with security policy.
Term
directory service
Definition
A centralized database of resources available to the network, much like a telephone directory for network services and assets. Users, clients, and processes consult the directory service to learn where a desired system or resource resides.
Term
disaster
Definition
An event that brings great damage,loss,or destruction to a system or environment.
Term
disaster recovery plan
Definition
A document that guides the recovery efforts necessary to restore your business to normal operations as quickly as possible.
Term
discretionary access control
Definition
A mechanism used to control access to objects. The owner or creator of an object controls and defines the access other subjects have to it.
Term
distributed access control
Definition
A form of access control in which authorization verification is performed by various entities located throughout a system.
Term
distributed data model
Definition
In a distributed data model, data is stored in more than one database but remains logically connected. The user perceives the database as a single entity, even though it comprises numerous parts interconnected over a network. Each field may have numerous children as well as numerous parents. Thus, the data mapping relationship is many-to-many.
Term
distributed denial of service (DDoS)
Definition
A distributed denial of service occurs when the attacker compromises several systems to be used as launching platforms against one or more victims. The compromised systems used in the attack are often called slaves or zombies. A DDoS attack results in the victims being flooded with data from numerous sources.
Term
distributed reflective denial of service (DRDoS)
Definition
DRDoS attacks take advantage of the normal operation mechanisms of key Internet services,such as DNS and router update protocols. DRDoS attacks function by sending numerous update,session,or control packets to various Internet service servers or routers with a spoofed source address of the intended victim. A DRDoS attack can result in so much traffic that upstream systems are adversely affected by the sheer volume of data focused on the victim.
Term
documentary evidence
Definition
Any written items brought into court to prove a fact at hand. This type of evidence must also be authenticated.
Term
domain
Definition
1) A realm of trust or a collection of subjects and objects that share a common security policy. Each domain's access control is maintained independently of other domains' access control. This results in decentralized access control when multiple domains are involved.

2) An area of study for the CISSP exam.
Term
dry pipe system
Definition
A fire suppression system that contains compressed air. Once suppression is triggered, the air escapes,which opens a water valve that in turn causes the pipes to fill and discharge water into the environment.
Term
due care
Definition
The steps taken to ensure that assets and employees of an organization have been secured and protected and that upper management has properly evaluated and assumed all unmitigated or transferred risks.
Term
due diligence
Definition
The extent to which a reasonable person will endeavor under specific circumstances to avoid harming other people or property.
Term
dumb cards
Definition
Human-readable-only card IDs that usually have a photo and written information about the authorized bearer. Dumb cards are for use in environments where automated controls are infeasible or unavailable but security guards are practical.
Term
dumpster diving
Definition
The act of digging through the refuse,remains,or leftovers from an organization or operation in order to discover or infer information about the organization.
Term
durability
Definition
One of the four required characteristics of all database transactions (the other three are atomicity,consistency,and isolation). The concept that database transactions must be resilient. Once a transaction is committed to the database,it must be preserved. Databases ensure durability through the use of backup mechanisms,such as transaction logs.
Term
dwell time
Definition
The length of time a key on the keyboard is pressed. This is an element of the keystroke dynamics biometric factor.
Term
dynamic packet-filtering firewalls
Definition
A firewall that enables real-time modification of the filtering rules based on traffic content. Dynamic packet-filtering firewalls are known as fourth-generation firewalls.
Term
dynamic passwords
Definition
Passwords that do not remain static for an extended period of time. Dynamic passwords can change on each use or at a regular interval,such as every 30 days.
Term
eavesdropping
Definition
Another term for sniffing. However,eavesdropping can include more than just capturing and recording network traffic. Eavesdropping also includes recording or listening to audio communications,faxes,radio signals,and so on.
Term
education
Definition
A detailed endeavor where students/users learn much more than they actually need to know to perform their work tasks. Education is most often associated with users pursuing certification or seeking job promotion.
Term
electromagnetic interference (EMI)
Definition
A type of electrical noise that can do more than just cause problems with how equipment functions; it can also interfere with the quality of com- munications,transmissions,and playback.
Term
electronic access control (EAC)
Definition
A type of smart lock that uses a credential reader,an electromagnet,and a door-closed sensor.
Term
electronic vaulting
Definition
A storage scenario in which database backups are transferred to a remote site in a bulk transfer fashion. The remote location may be a dedicated alternative recovery site (such as a hot site) or simply an offsite location managed within the company or by a contractor for the purpose of maintaining backup data.
Term
electronically erasable PROM (EEPROM)
Definition
A storage system that uses electric voltages delivered to the pins of the chip to force erasure. EEPROMs can be erased without removal from the com- puter,giving them much greater flexibility than standard PROM and EPROM chips.
Term
elliptic curve cryptography
Definition
A new branch of public key cryptography that offers similar security to established public key cryptosystems at reduced key sizes.
Term
elliptic curve group
Definition
Each elliptic curve has a corresponding elliptic curve group made up of the points on the elliptic curve along with the point O,located at infinity. Two points within the same elliptic curve group (P and Q) can be added together with an elliptic curve addition algorithm.
Term
employee
Definition
Often referred to as the user when discussing IT issues. See also user.
Term
employment agreement
Definition
A document that outlines an organizationÕs rules and restrictions,security policy,and acceptable use and activities policies; details the job description; outlines vio- lations and consequences; and defines the length of time the position is to be filled by the employee.
Term
encapsulation
Definition
The process of adding a header and footer to a PDU as it travels down the OSI model layers.
Term
encrypt
Definition
The process used to convert a message into cipher text. encryption,The art and science of hiding the meaning or intent of a communication from
Term
end user
Definition
See user.
Term
end-to-end encryption
Definition
An encryption algorithm that protects communications between two parties (in other words,a client and a server) and is performed independently of link encryption. An example of this would be the use of Privacy Enhanced Mail (PEM) to pass a message between a sender and a receiver. This protects against an intruder who might be mon- itoring traffic on the secure side of an encrypted link or traffic sent over an unencrypted link.
Term
enrollment
Definition
The process of establishing a new user identity or authentication factor on a system. Secure enrollment requires physical proof of a personÕs identity or authentication factor. Generally,if the enrollment process takes longer than two minutes,the identification or authorization mechanism (typically a biometric device) is not approved.
Term
entity
Definition
A subject or an object.
Term
erasable PROM (EPROM)
Definition
A PROM chip that has a small window through which the illu- mination of a special ultraviolet light causes the contents of the chip to be erased. After this process is complete,the end user can burn new information into the EPROM.
Term
erasing
Definition
A delete operation against a file,a selection of files,or the entire media. In most cases,the deletion or erasure process removes only the directory or catalog link to the data. The actual data remains on the drive.
Term
espionage
Definition
The malicious act of gathering proprietary,secret,private,sensitive,or confiden- tial information about an organization for the express purpose of disclosing and often selling that data to a competitor or other interested organization (such as a foreign government).
Term
ethical hacking
Definition
See penetration testing.
Term
ethics
Definition
The rules that govern personal conduct. Several organizations have recognized the need for standard ethics rules,or codes,and have devised guidelines for ethical behavior. These rules are not laws but are minimum standards for professional behavior. They should provide you with a basis for sound,professional,ethical judgment.
Term
evidence
Definition
In the context of computer crime,any hardware,software,or data that you can use to prove the identity and actions of an attacker in a court of law.
Term
exact actions necessary to implement a specific security mechanism
Definition
control,or solution.
Term
excessive privilege(s)
Definition
More access,privilege,or permission than a userÕs assigned work tasks dictate. If a user account is discovered to have excessive privilege,the additional and unnecessary benefits should be immediately curtailed.
Term
exit interview
Definition
An aspect of a termination policy. The terminated employee is reminded of their legal responsibilities to prevent the disclosure of confidential and sensitive information.
Term
expert opinion
Definition
A type of evidence consisting of the opinions and facts offered by an expert. An expert is someone educated in a field and who currently works in that field.
Term
expert system
Definition
A system that seeks to embody the accumulated knowledge of humankind on a particular subject and apply it in a consistent fashion to future decisions.
Term
exposure
Definition
The condition of being exposed to asset loss because of a threat. Exposure involves being susceptible to the exploitation of a vulnerability by a threat agent or event.
Term
exposure factor (EF)
Definition
The percentage of loss that an organization would experience if a specific asset were violated by a realized risk.
Term
extranet
Definition
A cross between the Internet and an intranet. An extranet is a section of an orga- nizationÕs network that has been sectioned off so that it acts as an intranet for the private net- work but also serves information to the public Internet. Extranets are often used in B2B applications,between customers and suppliers.
Term
face scan
Definition
An example of a biometric factor,which is a behavioral or physiological charac- teristic that is unique to a subject. A face scan is a process by which the shape and feature layout of a personÕs face is used to establish identity or provide authentication.
Term
fail-open
Definition
The response of a system to a failure so that it defaults to an ÒallowÓ posture.
Term
fail-safe
Definition
The response of a system to a failure so that it defaults to a ÒdenyÓ posture.
Term
fail-secure
Definition
See fail-safe.
Term
false acceptance rate (FAR)
Definition
Error that occurs when a biometric device is not sensitive enough and an invalid subject is authenticated. Also referred to as a Type 2 error.
Term
false rejection rate (FRR)
Definition
Error that occurs when a biometric device is too sensitive and a valid subject is not authenticated. Also referred to as a Type 1 error.
Term
fault
Definition
A momentary loss of power.
Term
fence
Definition
A perimeter-defining device. Fences are used to clearly differentiate between areas that are under a specific level of security protection and those that are not. Fencing can include a wide range of components, materials, and construction methods.
Term
fiber-optic
Definition
A cabling form that transmits light instead of electrical signals. Fiber-optic cable supports throughputs up to 2 Gbps and lengths of up to 2 kilometers.
Term
file infector
Definition
Virus that infects different types of executable files and triggers when the operating system attempts to execute them. For Windows-based systems,these files end with .exe and .com extensions.
Term
financial attack
Definition
A crime that is carried out to unlawfully obtain money or services.
Term
fingerprints
Definition
The patterns of ridges on the fingers of humans. Often used as a biometric authentication factor.
Term
firewall
Definition
A network device used to filter traffic. A firewall is typically deployed between a private network and a link to the Internet, but it can be deployed between departments within an organization. Firewalls filter traffic based on a defined set of rules.
Term
firmware
Definition
Software that is stored in a ROM chip.
Term
flight time
Definition
The length of time between key presses. This is an element of the keystroke dynamics form of biometrics.
Term
flooding
Definition
An attack that involves sending enough traffic to a victim to cause a DoS. Also referred to as a stream attack.
Term
fraggle
Definition
A form of denial-of-service attack similar to smurf, but it uses UDP packets instead of ICMP.
Term
fragment
Definition
When a network receives a packet larger than its maximum allowable packet size, it breaks it up into two or more fragments. These fragments are each assigned a size (corresponding to the length of the fragment) and an offset (corresponding to the starting location of the fragment).
Term
fragmentation attacks
Definition
An attack that exploits vulnerabilities in the fragment reassembly functionality of the TCP/IP protocol stack.
Term
frequency analysis
Definition
A cryptographic analysis or attack that looks for repetition of letters in an encrypted message and compares that with the statistics of letter usage for a specific language,such as the frequency of the letters E, T, A, O, N, R, I,S, and H in the English language.
Term
full backup
Definition
A complete copy of data contained on the protected device on the backup media. This also refers to the process of making a complete copy of data, as in 'performing a full backup'.
Term
full-interruption tests
Definition
A disaster recovery test that involves actually shutting down operations at the primary site and shifting them to the recovery site.
Term
full-knowledge teams
Definition
These possess a full body of knowledge over the operation,configuration,and utilization of hardware and software inventory prior to a security assessment or penetration test.
Term
gate
Definition
A controlled exit and entry point in a fence.
Term
gateway
Definition
A networking device that connects networks that are using different network protocols.
Term
government/military classification
Definition
The security labels commonly employed on secure systems used by the military. Military security labels range from highest sensitivity to lowest: top secret, secret, confidential, sensitive but unclassified, and unclassified (top secret, secret,and confidential are collectively known as classified).
Term
granular object control
Definition
A very specific and highly detailed level of control over the security settings of an object.
Term
ground
Definition
The wire in an electrical circuit that is grounded (that is, connected with the earth).
Term
group
Definition
An access control management simplification mechanism similar to a role. Similar users are made members of a group. A group is assigned access to an object. Thus,all members of the group are granted the same access to an object. The use of groups greatly simplifies the administrative overhead of managing user access to objects.
Term
grudge attack
Definition
Attack usually motivated by a feeling of resentment and carried out to damage an organization or a person. The damage could be in the loss of information or harm to the organization or a person's reputation. Often the attacker is a current or former employee or someone who wishes ill will upon an organization.
Term
guideline
Definition
A document that offers recommendations on how standards and baselines are implemented. Guidelines outline methodologies, include suggested actions, and are not compulsory.
Term
hacker
Definition
A technology enthusiast who does not have malicious intent. Many authors and the
media often use the term when they are actually discussing issues relating to crackers.
Term
hand geometry
Definition
A type of biometric control that recognizes the physical dimensions of a hand. This includes width and length of the palm and fingers. It can be a mechanical or image- edge (in other words,visual silhouette) graphical solution.
Term
handshaking
Definition
A three-way process utilized by the TCP/IP protocol stack to set up connections between two hosts.
Term
hardware
Definition
An actual physical device, such as a hard drive, LAN card, printer,and so on.
Term
hardware segmentation
Definition
A technique that implements process isolation at the hardware level by enforcing memory access constraints.
Term
hardware segmentation
Definition
A technique that implements process isolation at the hardware level by enforcing memory access constraints.
Term
hash
Definition
See hash function.
Term
hash function
Definition
The process of taking a full message and generating a unique output value derived from the content of the message. This value is commonly referred to as the message digest.
Term
hash total
Definition
A checksum used to verify the integrity of a transmission. See also cyclic redundancy check (CRC).
Term
hash value
Definition
A number that is generated from a string of text and is substantially smaller than the text itself. A formula creates a hash value in a way that it is extremely unlikely that any other text will produce the same hash value.
Term
hearsay evidence
Definition
Evidence consisting of statements made to a witness by someone else out- side of court. Computer log files that are not authenticated by a system administrator can also be considered hearsay evidence.
Term
heart/pulse pattern
Definition
An example of a biometric factor,which is a behavioral or physiological characteristic that is unique to a subject. The heart/pulse pattern of a person is used to establish identity or provide authentication.
Term
heuristics-based detection
Definition
See behavior-based detection.
Term
hierarchical
Definition
A form of MAC environment. Hierarchical environments relate the various clas- sification labels in an ordered structure from low security to medium security to high security. Each level or classification label in the structure is related. Clearance in a level grants the subject access to objects in that level as well as to all objects in all lower levels but prohibits access to all objects in higher levels.
Term
hierarchical data model
Definition
A form of database that combines records and fields that are related in a logical tree structure. This is done so that each field can have one child or many or no children but each field can have only a single parent. Therefore,the data mapping relationship is one-to-many.
Term
high-level languages
Definition
Programming languages that are not machine languages or assembly languages. These languages are not hardware dependent and are more understandable by humans. Such languages must be converted to machine language before or during execution.
Term
hijack attack
Definition
An attack in which a malicious user is positioned between a client and server and then interrupts the session and takes it over. Often, the malicious user impersonates the client so they can extract data from the server. The server is unaware that any change in the communication partner has occurred.
Term
honey pot
Definition
Individual computers or entire networks created to serve as a snare for intruders. The honey pot looks and acts like a legitimate network, but it is 100 percent fake. Honey pots tempt intruders with unpatched and unprotected security vulnerabilities as well as hosting attractive, tantalizing,but faux data. Honey pots are designed to grab an intruder's attention and direct them into the restricted playground while keeping them away from the legitimate network and confidential resources.
Term
host-based IDS
Definition
An intrusion detection system (IDS) that is installed on a single computer and can monitor the activities on that computer. A host-based IDS is able to pinpoint the files and processes compromised or employed by a malicious user to perform unauthorized activity.
Term
hostile applet
Definition
Any piece of mobile code that attempts to perform unwanted or malicious activities.
Term
hot site
Definition
A configuration in which a backup facility is maintained in constant working order,with a full complement of servers, workstations, and communications links ready to assume primary operations responsibilities.
Term
hub
Definition
A network device used to connect multiple systems together in a star topology. Hubs repeat inbound traffic over all outbound ports.
Term
hybrid
Definition
A type of MAC environment. A hybrid environment combines the hierarchical and compartmentalized concepts so that each hierarchical level can contain numerous sub-compartments that are isolated from the rest of the security domain. A subject must have not only the correct clearance but also the need-to-know for the specific compartment in order to have access to the compartmentalized object.
Term
identification
Definition
The process by which a subject professes an identity and accountability is initiated. The identification process can consist of a user providing a username, a logon ID, a PIN, a smart card or a process providing a process ID number.
Term
identification card
Definition
A form of physical identification; generally contains a picture of the subject and/or a magnetic strip with additional information about a subject.
Term
ignore risk
Definition
Denying that a risk exists and hoping that by ignoring a risk it will never be realized.
Term
immediate addressing
Definition
A way of referring to data that is supplied to the CPU as part of an instruction.
Term
impersonation
Definition
The assumption of someone's identity or online account, usually through the mechanisms of spoofing and session replay. An impersonation attack is considered a more active attack than masquerading.
Term
implementation attack
Definition
This type of attack exploits weaknesses in the implementation of a cryptography system. It focuses on exploiting the software code, not just errors and flaws but methodology employed to program the encryption system.
Term
inappropriate activities
Definition
Actions that may take place on a computer or over the IT infrastructure and that may not be actual crimes but are often grounds for internal punishments or termination. Some types of inappropriate activities include viewing inappropriate content, sexual and racial harassment, waste,and abuse.
Term
incident
Definition
The occurrence of a system intrusion.
Term
incremental backups
Definition
A backup that stores only those files that have been modified since the time of the most recent full or incremental backup. This is also used to mean the process of creating such a backup.
Term
indirect addressing
Definition
The memory address that is supplied to the CPU as part of the instruction and doesn't contain the actual value that the CPU is to use as an operand. Instead,the memory address contains another memory address (perhaps located on a different page). The CPU then retrieves the actual operand from that address.
Term
industrial espionage
Definition
The act of someone using illegal means to acquire competitive information.
Term
inference
Definition
An attack that involves using a combination of several pieces of nonsensitive information to gain access to information that should be classified at a higher level.
Term
inference engine
Definition
The second major component of an expert system that analyzes information in the knowledge base to arrive at the appropriate decision.
Term
information flow model
Definition
A model that focuses on the flow of information to ensure that security is maintained and enforced no matter how information flows. Information flow models are based on a state machine model.
Term
information hiding
Definition
Placing data and a subject at different security domains for the purpose of hiding the data from that subject.
Term
informative policy
Definition
A policy that is designed to provide information or knowledge about a specific subject, such as company goals, mission statements, or how the organization interacts with partners and customers. An informative policy is nonenforceable.
Term
inherit (or inheritance)
Definition
In object-oriented programming,inheritance refers to a class having one or more of the same methods from another class. So when a method has one or more of the same methods from another class, it is said to have 'inherited' them.
Term
initialization vector (IV)
Definition
A 'nonce' used by numerous cryptography solutions to increase the strength of encrypted data by increasing the randomness of the input.
Term
inrush
Definition
An initial surge of power usually associated with connecting to a power source, whether primary or alternate/secondary.
Term
instance
Definition
In object-oriented programming,an instance can be an object, example, or representation of a class.
Term
integrity
Definition
A state characterized by the assurance that modifications are not made by unauthorized users and authorized users do not make unauthorized modifications.
Term
intellectual property
Definition
Intangible assets,such as secret recipes or production techniques.
Term
interpreted languages
Definition
Programming languages that are converted to machine language one command at a time at the time of execution.
Term
interrupt (IRQ)
Definition
A mechanism used by devices and components in a computer to get the attention of the CPU.
Term
intranet
Definition
A private network that is designed to host the same information services found on the Internet.
Term
intrusion
Definition
The condition in which a threat agent has gained access to an organization's infrastructure through the circumvention of security controls and is able to directly imperil assets. Also referred to as penetration.
Term
intrusion detection
Definition
A specific form of monitoring both recorded information and real-time events to detect unwanted system access.
Term
intrusion detection system (IDS)
Definition
A product that automates the inspection of audit logs and real-time system events. IDSs are generally used to detect intrusion attempts, but they can also be employed to detect system failures or rate overall performance.
Term
iris scans
Definition
An example of a biometric factor, which is a behavioral or physiological characteristic that is unique to a subject. The colored portion of the eye that surrounds the pupil is used to establish identity or provide authentication.
Term
isolation
Definition
A concept that ensures that any behavior will affect only the memory and resources associated with the process.
Term
job description
Definition
A detailed document outlining a specific position needed by an organization. A job description includes information about security classification, work tasks, and so on.
Term
job responsibilities
Definition
The specific work tasks an employee is required to perform on a regular basis.
Term
job rotation
Definition
A means by which an organization improves its overall security by rotating employees among numerous job positions. Job rotation serves two functions.

First, it provides a type of knowledge redundancy.

Second, moving personnel around reduces the risk of fraud, data modification, theft, sabotage, and misuse of information.
Term
kernel
Definition
The part of an operating system that always remains resident in memory (so that it can run on demand at any time).
Term
kernel proxy firewalls
Definition
A firewall that is integrated into an operating system's core to provide multiple levels of session and packet evaluation. Kernel proxy firewalls are known as fifth-generation firewalls.
Term
key
Definition
A secret value used to encrypt or decrypt messages.
Term
key distribution center (KDC)
Definition
An element of the Kerberos authentication system. The KDC maintains all the secret keys of enrolled subjects and objects. A KDC is also a COMSEC facility that distributes symmetric crypto keys, especially for government entities.
Term
key escrow system
Definition
A cryptographic recovery mechanism by which keys are stored in a database and can be recovered only by authorized key escrow agents in the event of key loss or damage.
Term
keystroke dynamics
Definition
A biometric factor that measures how a subject uses a keyboard by analyzing flight time and dwell time.
Term
keystroke monitoring
Definition
The act of recording the keystrokes a user performs on a physical keyboard. The act of recording can be visual (such as with a video recorder) or logical/technical (such as with a capturing hardware device or a software program).
Term
keystroke patterns
Definition
An example of a biometric factor, which is a behavioral or physiological characteristic that is unique to a subject. The pattern and speed of a person typing a passphrase is used to establish identity or provide authentication.
Term
knowledge base
Definition
A component of an expert system, the knowledge base contains the rules known by an expert system and seeks to codify the knowledge of human experts in a series of 'if/then' statements.
Term
knowledge-based detection
Definition
An intrusion discovery mechanism used by IDS and based on a database of known attack signatures. The primary drawback to a knowledge-based IDS is that it is effective only against known attack methods.
Term
known plain-text attack
Definition
An attack in which the attacker has a copy of the encrypted message along with the plain-text message used to generate the cipher text (the copy). This greatly assists the attacker in breaking weaker codes.
Term
land attack
Definition
A type of DoS. A land attack occurs when the attacker sends numerous SYN packets to a victim and the SYN packets have been spoofed to use the same source and destination IP address and port number as the victim's. This causes the victim to think it sent a TCP/IP session opening packet to itself, which causes a system failure, usually resulting in a freeze, crash, or reboot.
Term
lattice-based access control
Definition
A variation of nondiscretionary access controls. Lattice-based access controls define upper and lower bounds of access for every relationship between a subject and object. These boundaries can be arbitrary, but they usually follow the military or corporate security label levels.
Term
layering
Definition
The use of multiple security controls in series to provide for maximum effectiveness of security deployment.
Term
learning rule
Definition
See delta rule.
Term
licensing
Definition
A contract that states how a product is to be used.
Term
lighting
Definition
One of the most commonly used forms of perimeter security control. The primary purpose of lighting is to discourage casual intruders,trespassers,prowlers,and would-be thieves who would rather perform their malicious activities in the dark.
Term
link encryption
Definition
An encryption technique that protects entire communications circuits by creating a secure tunnel between two points. This is done by using either a hardware or software solution that encrypts all traffic entering one end of the tunnel and decrypts all traffic exiting the other end of the tunnel.
Term
local alarm systems
Definition
Alarm systems that broadcast an audible signal that can be easily heard up to 400 feet away. Additionally,local alarm systems must be protected from tampering and dis- ablement,usually by security guards. In order for a local alarm system to be effective,there must be a security team or guards positioned nearby who can respond when the alarm is triggered.
Term
local area network (LAN)
Definition
A network that is geographically limited,such as within a single office,building,or city block.
Term
log analysis
Definition
A detailed and systematic form of monitoring. The logged information is analyzed in detail to look for trends and patterns as well as abnormal, unauthorized, illegal, and policy-violating activities.
Term
logging
Definition
The activity of recording information about events or occurrences to a log file or database.
Term
logic bomb
Definition
Malicious code objects that infect a system and lie dormant until they are triggered by the occurrence of one or more conditions.
Term
logical access control
Definition
A hardware or software mechanism used to manage access to resources and systems and provide protection for them. They are the same as technical access controls. Examples of logical or technical access controls include encryption, smart cards, passwords,biometrics, constrained interfaces, access control lists, protocols, firewalls, routers, intrusion detection systems, and clipping levels.
Term
logon credentials
Definition
The identity and the authentication factors offered by a subject to establish access.
Term
logon script
Definition
A script that runs at the moment of user logon. A logon script is often used to map local drive letters to network shares,to launch programs, or to open links to often accessed systems.
Term
loopback address
Definition
The IP address used to create a software interface that connects to itself via the TCP/IP protocol. The loopback address is handled by software alone. It permits testing of the TCP/IP protocol stack even if network interfaces or their device drivers are missing or damaged.
Term
machine language
Definition
A programming language that can be directly executed by a computer.
Term
macro viruses
Definition
A virus that utilizes crude technologies to infect documents created in the Microsoft Word environment.
Term
mail-bombing
Definition
An attack in which sufficient numbers of messages are directed to a single user's inbox or through a specific STMP server to cause a denial of service.
Term
maintenance
Definition
The variety of tasks that are necessary to ensure continued operation in the face of changing operational,data processing,storage,and environmental requirements.
Term
maintenance hooks
Definition
Entry points into a system that only the developer of the system knows; also called back doors.
Term
malicious code
Definition
Code objects that include a broad range of programmed computer security threats that exploit various network, operating system, software, and physical security vulnerabilities to spread malicious payloads to computer systems.
Term
man-in-the-middle attack
Definition
A type of attack that occurs when malicious users are able to position themselves between the two endpoints of a communication's link. The client and server are unaware that there is a third party intercepting and facilitating their communication session.
Term
man-made disasters
Definition
Disasters cause by humans, including explosions, electrical fires, terrorist acts, power outages, utility failures, hardware/software failures, labor difficulties, theft, and vandalism.
Term
mandatory access control
Definition
An access control mechanism that uses security labels to regulate subject access to objects.
Term
mandatory vacations
Definition
A security policy that requires all employees to take vacations annually so their work tasks and privileges can be audited and verified. This often results in easy detection of abuse,fraud,or negligence.
Term
mantrap
Definition
A double set of doors that is often protected by a guard. The purpose of a mantrap is to contain a subject until their identity and authentication is verified.
Term
masquerading
Definition
Using someone else's security ID to gain entry into a facility or system.
Term
massively parallel processing (MPP)
Definition
Technology used to create systems that house hundreds or even thousands of processors,each of which has its own operating system and memory/bus resources.
Term
master boot record (MBR)
Definition
The portion of a hard drive or floppy disk that the computer uses to load the operating system during the boot process.
Term
master boot record (MBR) virus
Definition
Virus that attacks the MBR. When the system reads the infected MBR, the virus instructs it to read and execute the code stored in an alternate location,thereby loading the entire virus into memory and potentially triggering the delivery of the virus's payload.
Term
maximum tolerable downtime (MTD)
Definition
The maximum length of time a business function can be inoperable without causing irreparable harm to the business.
Term
mean time to failure (MTTF)
Definition
The length of time or number of uses a hardware or media component can endure before its reliability is questionable and it should be replaced.
Term
meet-in-the-middle attack
Definition
An attack in which the attacker uses a known plain-text message. The plain text is then encrypted using every possible key (k1),while the equivalent cipher text is decrypted using all possible keys (k2).
Term
memory
Definition
The main memory resources directly available to a system's CPU. Primary memory normally consists of volatile random access memory (RAM) and is usually the most high- performance storage resource available to a system.
Term
memory card
Definition
A device that can store data but cannot process it; often built around some form of flash memory.
Term
memory page
Definition
A single chunk of memory that can be moved to and from RAM and the paging file on a hard drive as part of a virtual memory system.
Term
memory-mapped I/O
Definition
A technique used to manage input/output between system components and the CPU.
Term
message
Definition
The communications to or input for an object (in the context of object-oriented programming terminology and concepts).
Term
message digest (MD)
Definition
A summary of a message's content (not unlike a file checksum) produced by a hashing algorithm.
Term
metadata
Definition
The results of a data mining operation on a data warehouse.
Term
metamodel
Definition
A model of models. Because the spiral model encapsulates a number of iterations
of another model (the waterfall model), it is known as a metamodel.
Term
methods
Definition
The actions or functions performed on input (messages) to produce output (behaviors) by objects in an object-oriented programming environment.
Term
microcode
Definition
A term used to describe software that is stored in a ROM chip. Also called firmware.
Term
middle management
Definition
See security professional.
Term
military and intelligence attacks
Definition
Attacks that are launched primarily to obtain secret and restricted information from law enforcement or military and technological research sources.
Term
mitigate risk
Definition
See reducing risk.
Term
mitigated
Definition
The process by which a risk is removed.
Term
mobile sites
Definition
Non-mainstream alternatives to traditional recovery sites that typically consist of self-contained trailers or other easily relocated units.
Term
module testing
Definition
When each independent or self-contained segment of code for which there exists a distinct and separate specification is tested independently of all other modules. This can also be called component testing. This can be seen as a parent or superclass of unit testing.
Term
modulo
Definition
The remainder value left over after a division operation is performed.
Term
monitoring
Definition
The activity of manually or programmatically reviewing logged information looking for specific information.
Term
motion detector
Definition
A device that senses the occurrence of motion in a specific area.
Term
motion sensor
Definition
See motion detector.
Term
multicast
Definition
A communications transmission to multiple identified recipients.
Term
multilevel mode
Definition
See multilevel security mode.
Term
multilevel security mode
Definition
A system that is authorized to process information at more than one level of security even when all system users do not have appropriate clearances or a need to know for all information processed by the system.
Term
multipartite virus
Definition
A virus that uses more than one propagation technique in an attempt to penetrate systems that defend against only one method or the other.
Term
multiprocessing
Definition
A technology that makes it possible for a computing system to harness the power of more than one processor to complete the execution of a single application.
Term
multiprogramming
Definition
The pseudo-simultaneous execution of two tasks on a single processor coordinated by the operating system for the purpose of increasing operational efficiency. Multiprogramming is considered a relatively obsolete technology and is rarely found in use today except in legacy systems.
Term
multistate
Definition
Term used to describe a system that is certified to handle multiple security levels simultaneously by using specialized security mechanisms that are designed to prevent information from crossing between security levels.
Term
multitasking
Definition
A system handling two or more tasks simultaneously.
Term
multithreading
Definition
A process that allows multiple users to use the same process without interfering with each other.
Term
mutual assistance agreement (MAA)
Definition
An agreement in which two organizations pledge to assist each other in the event of a disaster by sharing computing facilities or other technolog- ical resources.
Term
natural disaster
Definition
A disaster that is not caused by man, such as earthquakes, mud slides, sink holes, fires, floods, hurricanes, tornadoes, falling rocks, snow, rainfall, ice, humidity, heat, extreme cold, and so on.
Term
need-to-know
Definition
The requirement to have access to,knowledge about,or possession of data or a resource in order to perform specific work tasks. A user must have a need to know in order to gain access to data or resources. Even if that user has an equal or greater security classification than the requested information,if they do not have a need to know,they are denied access.
Term
negligence
Definition
Failure to exercise the degree of care considered reasonable under the circumstances,resulting in an unintended injury to another party.
Term
network-based IDS
Definition
An IDS installed onto a host to monitor a network. Network-based IDSs detect attacks or event anomalies through the capture and evaluation of network packets.
Term
neural network
Definition
A system in which a long chain of computational decisions that feed into each other and eventually add up to produce the desired output is set up.
Term
noise
Definition
A steady interfering disturbance.
Term
non-disclosure agreement (NDA)
Definition
A document used to protect the confidential information within an organization from being disclosed by a former employee. When a person signs an NDA,they agree not to disclose any information that is defined as confidential to anyone outside of the organization. Often,violations of an NDA are met with strict penalties.
Term
non-discretionary access control
Definition
An access control mechanism that regulates subject access to objects by using roles or tasks.
Term
nonce
Definition
A random number generator variable used in cryptography software and creates a new and unique value every time it is used often based on a timestamp based seed value.
Term
noninterference model
Definition
A model loosely based on the information flow model. The non- interference model is concerned with the actions of one subject affecting the system state or actions of another subject.
Term
nonrepudiation
Definition
A feature of a security control or an application that prevents the sender of a message or the subject of an activity or event from denying that the event occurred.
Term
nonvolatile
Definition
See nonvolatile storage.
Term
nonvolatile storage,
Definition
A storage system that does not depend upon the presence of power to maintain its contents, such as magnetic/optical media and nonvolatile RAM (NVRAM).
Term
normalization
Definition
The database process that removes redundant data and ensures that all attributes are dependent on the primary key.
Term
object
Definition
A passive entity that provides information or data to subjects. An object can be a file, a database, a computer, a program, a process, a file, a printer, a storage media, and so on.
Term
object linking and embedding (OLE)
Definition
A Microsoft technology used to link data objects into or from multiple files or sources on a computer.
Term
object-oriented programming (OOP)
Definition
A method of programming that uses encapsulated code sets called objects. OOP is best suited for eliminating error propagation and mimicking or modeling the real world.
Term
object-relational database
Definition
A relational database combined with an object-oriented programming environment.
Term
one-time pad
Definition
An extremely powerful type of substitution cipher that uses a different key for each message. The key length is the same length as the message.
Term
one-time password
Definition
A variant of dynamic passwords that is changed every time it is used.
Term
one-upped constructed password
Definition
A password with a single-character difference from its
present form in a dictionary list.
Term
one-way encryption
Definition
A mathematical function performed on passwords, messages, CRCs, and so on, that creates a cryptographic code that cannot be reversed.
Term
one-way function
Definition
A mathematical operation that easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values. Public key cryptosystems are all based upon some sort of one-way function.
Term
open system authentication (OSA)
Definition
A connection scheme for wireless networks where no real authentication is required,as long as a radio signal can be transmitted between the client and WAP, then communications are allowed.
Term
operational plans
Definition
Short-term and highly detailed plans based on the strategic and tactical plans. Operational plans are valid or useful only for a short time. They must be updated often (such as monthly or quarterly) to retain compliance with tactical plans. Operational plans are detailed plans on how to accomplish the various goals of the organization.
Term
operations security triple
Definition
The relationship between asset,vulnerability,and threat.
Term
organizational owner
Definition
See senior management.
Term
overt channel
Definition
An obvious, visible, detectable ,known method of communicating that is addressed by a security policy and subsequently controlled by logical or technical access controls.
Term
overwriting
Definition
See clearing.
Term
owner
Definition
The person who has final corporate responsibility for the protection and storage of data. The owner may be liable for negligence if they fail to perform due diligence in establishing and enforcing security policy to protect and sustain sensitive data. The owner is typically the CEO, president, or department head.
Term
package
Definition
In the context of the Common Criteria for information technology security evaluation, a package is a set of security features that can be added or removed from a target system.
Term
packet
Definition
A portion of a message that contains data and the destination address; also called a datagram.
Term
padded cell
Definition
Similar to a honey pot. When an intruder is detected by an IDS, the intruder is transferred to a padded cell. The padded cell has the look and layout of the actual network, but within the padded cell the intruder can neither perform malicious activities nor access any confidential data. A padded cell is a simulated environment that may offer fake data to retain an intruder's interest.
Term
palm geography
Definition
An example of a biometric factor,which is a behavioral or physiological characteristic that is unique to a subject. The shape of a person's hand is used to establish identity or provide authentication.
Term
palm scan
Definition
See palm topography.
Term
palm topography
Definition
An example of a biometric factor,which is a behavioral or physiological characteristic that is unique to a subject. The layout of ridges, creases, and grooves on a person's palm is used to establish identity or provide authentication. This is the same as a palm scan and similar to a fingerprint.
Term
parallel run
Definition
A type of new system deployment testing in which the new system and the old system are run in parallel.
Term
parallel tests
Definition
Testing that involves actually relocating personnel to an alternate recovery site and implementing site activation procedures.
Term
parole evidence rule
Definition
An rule that states that when an agreement between parties is put into written form, the written document is assumed to contain all the terms of the agreement and no verbal agreements may modify the written agreement.
Term
partial-knowledge teams
Definition
Possess a detailed account of organizational assets, including hardware and software inventory, prior to a penetration test.
Term
passphrase
Definition
A string of characters usually much longer than a password. Once the passphrase is entered,the system converts it into a virtual password for use by the authentication process. Passphrases are often natural-language sentences to allow for simplified memorization.
Term
password
Definition
A string of characters entered by a subject as an authentication factor.
Term
password policy
Definition
The section of an organization's security policy that dictates the rules, restrictions,and requirements of passwords. This can also indicate the programmatic controls deployed on a system to improve the strength of passwords.
Term
password restrictions
Definition
The rules that define the minimal requirements of passwords,such as length, character composition, and age.
Term
patent
Definition
A governmental grant that bestows upon an invention's creator the sole right to make,use,and sell that invention for a set period of time.
Term
pattern-matching detection
Definition
See knowledge-based detection.
Term
penetration
Definition
See intrusion.
Term
penetration testing
Definition
An activity used to test the strength and effectiveness of deployed security measures with an authorized attempted intrusion attack. Penetration testing should be performed only with the consent and knowledge of the management staff.
Term
permanent virtual circuit (PVC)
Definition
A predefined virtual circuit that is always available for a Frame Relay customer.
Term
personal identification number (PIN)
Definition
A number or code assigned to a person to be used as an identification factor. PINs should be kept secret.
Term
personnel management
Definition
An important factor in maintaining operations security. Personnel management is a form of administrative control or administrative management.
Term
phone phreaking
Definition
The process of breaking into telephone company computers to place free calls.
Term
physical access control
Definition
A physical barrier deployed to prevent direct contact with systems. Examples of physical access controls include guards, fences, motion detectors, locked doors, sealed windows,lights, cable protection, laptop locks, swipe cards, dogs, CCTV, mantraps,and alarms.
Term
physical controls for physical security
Definition
See physical access control. Physical layer,Layer 1 of the OSI model.
Term
piggybacking
Definition
The act of following someone through a secured gate or doorway without being identified or authorized personally.
Term
ping
Definition
A utility used to troubleshoot a connection to test whether a particular IP address is accessible.
Term
ping-of-death attack
Definition
A type of DoS. A ping-of-death attack employs an oversized ping packet. Using special tools,an attacker can send numerous oversized ping packets to a victim. In many cases,when the victimized system attempts to process the packets, an error occurs causing the system to freeze, crash, or reboot.
Term
plain old telephone service (POTS)
Definition
Normal telephone service.
Term
plaintext
Definition
A message that has not been encrypted.
Term
playback attack
Definition
See replay attack.
Term
policy
Definition
See security policy. polyalphabetic substitution, A cryptographic transformation that encrypts a message using
Term
polyalphabetic substitution
Definition
A cryptographic transformation that encrypts a message using letter-by-letter conversion and multiple alphabets from different languages or countries.
Term
polyinstantiation
Definition
The event that occurs when two or more rows in the same table appear to have identical primary key elements but contain different data for use at differing classification levels. Polyinstantiation is often used as a defense against some types of inference attacks.
Term
polymorphic virus
Definition
A virus that modifies its own code as it travels from system to system. The virus's propagation and destruction techniques remain the same, but the signature of the virus is somewhat different each time it infects a new system.
Term
polymorphism
Definition
In the context of object-oriented programming terminology and concepts,the characteristic of an object to provide different behaviors based upon the same message and methods owing to variances in external conditions.
Term
port
Definition
A connection address within a protocol.
Term
port scan
Definition
Software used by an intruder to probe all of the active systems on a network and determine what public services are running on each machine.
Term
postmortem review
Definition
An analysis and review of an activity after its completion to determine its success and whether processes and procedures need to be improved.
Term
preaction system
Definition
A combination dry pipe/wet pipe system. The system exists as a dry pipe until the initial stages of a fire (smoke, heat, and so on) are detected and then the pipes are filled with water. The water is released only after the sprinkler head activation triggers are melted by sufficient heat. If the fire is quenched before the sprinklers are triggered,the pipes can be manually emptied and reset. This also allows for manual intervention to stop the release of water before sprinkler triggering occurs. Preaction systems are the most appropriate water- based system for environments that include both computers and humans in the same locations.
Term
preventive access control
Definition
An access control deployed to stop an unwanted or unauthorized activity from occurring. Examples of preventive access controls include fences, security policies, security awareness training, and antivirus software.
Term
preventive control
Definition
Any security mechanism,tool,or practice that can deter and mitigate undesirable actions or events.
Term
primary memory
Definition
Storage that normally consists of volatile random access memory (RAM) and is usually the most high-performance storage resource available to a system.
Term
primary storage
Definition
The RAM that a computer uses to keep necessary information readily available.
Term
principle of least privilege
Definition
An access control philosophy that states that subjects are granted the minimal access possible for the completion of their work tasks.
Term
privacy
Definition
An element of confidentiality aimed at preventing personal or sensitive information about an individual or organization from being disclosed.
Term
private
Definition
A commercial business/private sector classification used for data of a private or personal nature that is intended for internal use only. A significant negative impact could occur for the company or individuals if private data is disclosed.
Term
private branch exchange (PBX)
Definition
A sophisticated telephone system often used by organizations to provide inbound call support, extension-to-extension calling, conference calling, and voicemail. This can be implemented as a stand-alone phone system network or can be integrated with the IT infrastructure.
Term
private key
Definition
A secret value that is used to encrypt or decrypt messages and is kept secret and known only to the user; used in conjunction with a public key in asymmetrical cryptography.
Term
privileged entity controls
Definition
See privileged operations functions.
Term
privileged mode
Definition
The mode designed to give the operating system access to the full range of instructions supported by the CPU.
Term
privileged operations functions
Definition
Activities that require special access or privilege to perform within a secured IT environment. In most cases, these functions are restricted to administrators and system operators.
Term
problem state
Definition
The state in which a process is actively executing.
Term
procedure
Definition
In the context of security,a detailed step-by-step how-to document describing the exact actions necessary to implement a specific security mechanism, control, or solution.
Term
process isolation
Definition
One of the fundamental security procedures put into place during system design. Basically, using process isolation mechanisms (whether part of the operating system or part of the hardware itself) ensures that each process has its own isolated memory space for storage of data and the actual executing application code itself.
Term
processor
Definition
The central processing unit in a PC; it handles all functions on the system.
Term
programmable read-only memory (PROM)
Definition
A PROM chip that does not have its contents 'burned in' at the factory as is done with standard ROM chips. Instead, special functionality is installed that allows the end user to burn in the contents of the chip.
Term
proprietary
Definition
A form of commercial business/private sector confidential information. If proprietary data is disclosed, it can have drastic effects on the competitive edge of an organization.
Term
protection profile
Definition
From the Common Criteria for information technology security evaluation, the evaluation element in which a subject states its security needs.
Term
protocol
Definition
A set of rules and restrictions that define how data is transmitted over a network medium (for example, twisted-pair cable, wireless transmission, and so on). Protocols make computer-to-computer communications possible.
Term
proximity reader
Definition
A passive device,field-powered device,or transponder that detects the presence of authorized personnel and grants them physical entry into a facility. The proximity device is worn or held by the authorized bearer. When they pass a proximity reader, the reader is able to determine who the bearer is and whether they have authorized access.
Term
proximity reader
Definition
A passive device, field-powered device, or transponder that detects the presence of authorized personnel and grants them physical entry into a facility. The proximity device is worn or held by the authorized bearer. When they pass a proximity reader, the reader is able to determine who the bearer is and whether they have authorized access.
Term
proxy
Definition
A mechanism that copies packets from one network into another. The copy process also changes the source and destination address to protect the identity of the internal or private network.
Term
prudent man rule
Definition
Invoked by the Federal Sentencing Guidelines,the rule that requires senior officials to perform their duties with the care that ordinary, prudent people would exercise under similar circumstances.
Term
pseudo-flaws
Definition
A technique often used on honey pot systems and on critical resources to emulate well-known operating system vulnerabilities.
Term
public
Definition
The lowest level of commercial business/private sector classification. Used for all data that does not fit in one of the higher classifications. This information is not readily disclosed, but if it is, it should not have a serious negative impact on the organization.
Term
public IP addresses
Definition
The addresses defined in RFC 1918,which are not routed over the Internet.
Term
public key
Definition
A value that is used to encrypt or decrypt messages and is made public to any user and used with a private key in asymmetric cryptography.
Term
public key infrastructure (PKI)
Definition
A hierarchy of trust relationships that makes it possible to facilitate communication between parties previously unknown to each other.
Term
purging
Definition
The process of erasing of media so it can be reused in a less secure environment.
Term
qualitative decision making
Definition
A decision making process that takes non-numerical factors, such as emotions, investor/customer confidence, workforce stability, and other concerns,into account. This type of data often results in categories of prioritization (such as high, medium, and low).
Term
qualitative risk analysis
Definition
Scenario-oriented analysis using ranking and grading for exposure ratings and decisions.
Term
quality assurance check
Definition
A form of personnel management and project management that oversees the development of a product. QA checks ensure that the product in development is consistent with stated standards, methods of practice, efficiency, and so on.
Term
quantitative decision making
Definition
The use of numbers and formulas to reach a decision. Options are often expressed in terms of the dollar value to the business.
Term
quantitative risk analysis
Definition
A method that assigns real dollar figures to the loss of an asset.
Term
radiation monitoring
Definition
A specific form of sniffing or eavesdropping that involves the detection, capture, and recording of radio frequency signals and other radiated communication methods, including sound and light.
Term
radio frequency identification (RFID)
Definition
A technology that uses electromagnetic or electro- static coupling in the radio frequency (RF) portion of the electromagnetic spectrum to identify a specific device. Each RFID tag includes a unique identifier,so that when a nearby antenna/ transceiver actives the tag, it transmits that identifier back to the antenna where that value is recorded,or used to trigger some kind of action. For example,most modern toll-road systems use RFID devices that drivers attach to the windshields of their cars,and each time a device is 'read' by an antenna,the vehicle owner's toll balance is incremented by the cost of that transit. RFID devices may also be used to track individuals (carrying tags), equipment (bearing tags),and so forth, within the premises of an enterprise for security monitoring.
Term
radio frequency interference (RFI)
Definition
A type of noise that is generated by a wide number of common electrical appliances,including fluorescent lights, electrical cables, electric space heaters, computers, elevators,motors, electric magnets,and so on. RFI can affect many of the same systems EMI affects.
Term
random access memory (RAM)
Definition
Readable and writable memory that contains information the computer uses during processing. RAM retains its contents only when power is continuously supplied to it.
Term
random access storage
Definition
Devices, such as RAM and hard drives, that allow the operating system to request contents from any point within the media.
Term
read-only memory (ROM)
Definition
Memory that can be read but cannot be written to.
Term
ready state
Definition
The state in which a process is ready to execute but is waiting for its turn on CPU.
Term
real evidence
Definition
Items that can actually be brought into a court of law; also known as object evidence.
Term
real memory
Definition
Typically the largest RAM storage resource available to a computer. It is normally composed of a number of dynamic RAM chips and therefore must be refreshed by the CPU on a periodic basis; also known as main memory or primary memory.
Term
realized risk
Definition
The incident, occurrence, or event when a risk becomes a reality and a and a breach, attack, penetration, or intrusion has occurred that may or may not result in loss, damage, or disclosure of assets.
Term
record
Definition
Contents of a table in a relational database.
Term
record retention
Definition
The organizational policy that defines what information is maintained and for how long. In most cases, the records in question are audit trails of user activity. This may include file and resource access, logon patterns, email ,and the use of privileges.
Term
record sequence checking
Definition
Similar to hash total checking,but instead of verifying content integrity,it involves verifying packet or message sequence integrity.
Term
recovery access control
Definition
A type of access control that is used to repair or restore resources, functions, and capabilities after a security policy violation.
Term
recovery strategies
Definition
The practices, policies, and procedures to recover a business that include designating first responders to major incidents, performing critical follow-up tasks, and obtaining insurance to reduce risk of financial loss.
Term
recovery time objective (RTO)
Definition
See maximum tolerable downtime (MTD).
Term
reference monitor
Definition
A portion of the security kernel that validates user requests against the system's access control mechanisms.
Term
reference profile
Definition
The digitally stored sample of a biometric factor.
Term
reference template
Definition
See reference profile.
Term
referential integrity
Definition
Used to enforce relationships between two tables. One table in the relationship contains a foreign key that corresponds to the primary key of the other table in the relationship.
Term
register
Definition
A limited amount of onboard memory in a CPU.
Term
register address
Definition
The address of a register,which is a small memory location directly on the CPU. When the CPU needs information from one of those registers to complete an operation, it can simply use the register address (for example, 'register one') to access the information.
Term
registration authority (RA)
Definition
A read-only version of a certificate authority that is able to distribute the CRL and perform certificate verification processes but is not able to create new certificates. An RA is used to share the workload of a CA.
Term
regulatory policy
Definition
A policy that is required whenever industry or legal standards are applicable to your organization. This policy discusses the regulations that must be followed and outlines the procedures that should be used to elicit compliance.
Term
reject risk
Definition
To deny that a risk exists or hope that by ignoring a risk,it will never be realized. It is an unacceptable response to risk. Also referred to as deny risk.
Term
relational database
Definition
A database that consists of tables that contain a set of related record relationship. The association of information in tables of a relational database.
Term
relevant
Definition
Characteristic of evidence that is applicable in determining a fact in a court of law.
Term
remote journaling
Definition
Transferring copies of the database transaction logs containing the transactions that occurred since the previous bulk transfer.
Term
remote mirroring
Definition
Maintaining a live database server at the backup site. It is the most advanced database backup solution.
Term
repeater
Definition
A network device used to amplify signals on network cabling to allow for longer distances between nodes. Can also be called a concentrator or amplifier.
Term
replay attack
Definition
An attack in which a malicious user records the traffic between a client and server. The packets sent from the client to the server are then played back or retransmitted to the server with slight variations of the time stamp and source IP address (in other words, spoofing). In some cases,this allows the malicious user to restart an old communication link with a server. Also referred to as a playback attack.
Term
residual risk
Definition
Risk that comprises specific threats to specific assets against which upper management chooses not to implement a safeguard. In other words,residual risk is the risk that management has chosen to accept rather than mitigate.
Term
restricted interface model
Definition
A model that uses classification-based restrictions to offer only subject-specific authorized information and functions. One subject at one classification level will see one set of data and have access to one set of functions while another subject at a different classification level will see a different set of data and have access to a different set of functions.
Term
retina scan
Definition
An example of a biometric factor,which is a behavioral or physiological characteristic that is unique to a subject. The blood vessel pattern at the back of the eyeball is used to establish identity or provide authentication.
Term
returns to a secure state after an error
Definition
failure,or reboot.
Term
reverse engineering
Definition
This is considered an unethical form of engineering. Programmers decompile code to understand all the intricate details of its functionality, especially when employed for the purpose of creating a similar, competing, or compatible product.
Term
reverse hash matching
Definition
The process of discovering the original message that has been hashed by generating potential messages, hashing them,and comparing their hash value to the original. When H(M) = H(M'),then M = M'.
Term
revocation
Definition
A mechanism that allows a PKI certificate to be canceled,effectively removing a user from the system.
Term
risk
Definition
The likelihood that any specific threat will exploit a specific vulnerability to cause harm to an asset. Risk is an assessment of probability,possibility,or chance. Risk = threat + vulnerability.
Term
risk analysis
Definition
An element of risk management that includes analyzing an environment for risks, evaluating each risk as to its likelihood of occurring and cost of damage, assessing the cost of various countermeasures for each risk, and creating a cost/benefit report for safeguards to present to upper management.
Term
risk management
Definition
A detailed process of identifying factors that could damage or disclose data,evaluating those factors in light of data value and countermeasure cost,and implementing cost-effective solutions for mitigating or reducing risk.
Term
risk tolerance
Definition
The ability of an organization to absorb the losses associated with realized risks.
Term
role-based access control
Definition
A form of nondiscretionary access controls that employs job function roles to regulate subject access to objects.
Term
root
Definition
The administrator level of a system.
Term
rootkit
Definition
A specialized software package that allows hackers to gain expanded access to
a system.
Term
router
Definition
A network device used to control traffic flow on networks. Routers are often used to connect similar networks together and control traffic flow between them. They can function using statically defined routing tables or employ a dynamic routing system.
Term
rule-based access control
Definition
A variation of mandatory access controls. A rule-based system uses a set of rules, restrictions ,or filters to determine what can and cannot occur on the system, such as granting subject access, performing an action on an object, or accessing a resource. Firewalls, proxies, and routers are common examples of rule-based access control systems.
Term
running key cipher
Definition
A form of cryptography in which the key is a designation of a changing source,such as the third page of the New York Times.
Term
running state
Definition
The state in which a process is actively executing. This is another name for problem state.
Term
sabotage
Definition
A criminal act committed against an organization by a knowledgeable employee.
Term
safeguard
Definition
Anything that removes a vulnerability or protects against one or more specific threats. Also referred to as a countermeasure.
Term
sag
Definition
Momentary low voltage.
Term
salami attack
Definition
An attack performed by gathering small amounts of data to construct something of greater value or higher sensitivity.
Term
salt
Definition
A random number appended to a password before hashing to increase randomness and ensure uniqueness in the resulting stored hash value.
Term
sampling
Definition
A form of data reduction that allows an auditor to quickly determine the important issues or events from an audit trail.
Term
sandbox
Definition
A security boundary within which a Java applet executes.
Term
sanitization
Definition
Any number of processes that prepares media for destruction. Sanitization is the process that ensures that data cannot be recovered by any means from destroyed or dis- carded media. Sanitization can also be the actual means by which media is destroyed. Media can be sanitized by purging or degaussing without physically destroying the media.
Term
scanning
Definition
Similar to 'casing' a neighborhood prior to a burglary, the process by which a potential intruder looks for possible entryways into a system. Scanning can indicate that illegal activity will follow, so it is a good idea to treat scans as incidents and to collect evidence of scanning activity.
Term
scavenging
Definition
A form of dumpster diving performed electronically. Online scavenging searches for useful information in the remnants of data left over after processes or tasks are completed. This could include audit trails, log files, memory dumps, variable settings, port mappings, cached data, and so on.
Term
schema
Definition
The structure that holds the data that defines or describes a database. The schema is written using a Data Definition Language (DDL).
Term
scripted access
Definition
A method to automate the logon process with a script that provides the logon credentials to a system. It is considered a form of single sign-on.
Term
search warrant
Definition
A document obtained through the judicial system that allows law enforcement personnel to acquire evidence from a location without first alerting the individual believed to have perpetrated a crime.
Term
second-tier attack
Definition
An assault that relies upon information or data gained from eavesdropping or other similar data-gathering techniques. In other words, it is an attack that is launched only after some other attack is completed.
Term
secondary evidence
Definition
A copy of evidence or an oral description of the contents of best evidence.
Term
secondary memory
Definition
Magnetic/optical media and other storage devices that contain data not immediately available to the CPU.
Term
secondary storage
Definition
Data repositories that include magnetic and optical media, such as tapes, disks, hard drives, and CD/DVD storage.
Term
secure communication protocol
Definition
A protocol that uses encryption to provide security for the data transmitted by it.
Term
security ID
Definition
A form of physical identification; generally contains a picture of the subject and/or a magnetic strip with additional information about a subject.
Term
security association (SA)
Definition
In an IPSec session, the representation of the communication session and process of recording any configuration and status information about the connection.
Term
security kernel
Definition
The core set of operating system services that handles all user/application requests for access to system resources.
Term
security label
Definition
An assigned classification or sensitivity level used in security models to determine the level of security required to protect an object and prevent unauthorized access.
Term
security management planning
Definition
The act of thoroughly and systematically designing procedural and policy documentation to reduce risk and then to maintain risk at an acceptable level for a given environment.
Term
security perimeter
Definition
The imaginary boundary that separates the trusted computing base from the rest of the system.
Term
security policy
Definition
A document that defines the scope of security needs of an organization, prescribes solutions to manage security issues, and discusses the assets that need protection and the extent to which security solutions should go to provide the necessary protection.
Term
security professional
Definition
Trained and experienced network, systems, and security engineer who is responsible for following the directives mandated by senior management.
Term
security role
Definition
The part an individual plays in the overall scheme of security implementation and administration within an organization.
Term
security target
Definition
The evaluation element from the Common Criteria for information technology security evaluation in which a vendor states the security features of its product.
Term
semantic integrity mechanisms
Definition
A common security feature of a DBMS. This feature ensures that no structural or semantic rules are violated. It also checks that all stored data types are within valid domain ranges,that only logical values exist, and that any and all uniqueness constraints are met.
Term
senior management
Definition
A person or group who is ultimately responsible for the security maintained by an organization and who should be most concerned about the protection of its assets. They must sign off on all policy issues, and they will be held liable for overall success or failure of a security solution. It is the responsibility of senior management to show prudent due care. Also referred to as organizational owner and upper management.
Term
sensitive
Definition
A commercial business/private sector classification used for data that is more sensitive than public data. A negative impact could occur for the company if sensitive data is disclosed.
Term
sensitive but unclassified
Definition
A government/military classification used for data of a sensitive or private nature but significant damage would not occur if disclosed.
Term
sensitivity
Definition
In regard to biometric devices,the level at which the device is configured for scanning.
Term
separation of duties and responsibilities
Definition
A common practice to prevent any single subject from being able to circumvent or disable security mechanisms. By dividing core administration or high-authority responsibilities among several subjects, no one subject has sufficient access to perform significant malicious activities or bypass imposed security controls.
Term
separation of privilege
Definition
The principle that builds upon the principle of least privilege. It requires the use of granular access permissions; that is, different permissions for each type of privileged operation. This allows designers to assign some processes rights to perform certain supervisory functions without granting them unrestricted access to the system.
Term
sequential storage
Definition
Devices that require that you read (or speed past) all of the data physically stored prior to the desired location. A common example of a sequential storage device is a magnetic tape drive.
Term
service bureaus
Definition
Businesses that lease computer time through contractual agreements and provide all IT needs in the event of some disaster or business interruption that requires a disaster recovery plan or business continuity plan to be enacted.
Term
service-level agreement (SLA)
Definition
A contractual obligation to your clients that requires you to implement sound BCP practices. Also used to assure acceptable levels of service from suppliers for sound BCP practices.
Term
session hijacking
Definition
An attack that occurs when a malicious individual intercepts part of a communication between an authorized user and a resource and then uses a hijacking technique to take over the session and assume the identity of the authorized user.
Term
shared key authentication (SKA)
Definition
A connection scheme for wireless networks that requires that some form of authentication must take place before network communications can occur. The 802.11 standard defines one optional technique for SKA known as WEP.
Term
shielded twisted-pair (STP)
Definition
A twisted-pair wire that includes a metal foil wrapper inside the outer sheath to provide additional protection from EMI.
Term
shoulder surfing
Definition
The act of gathering information from a system by observing the monitor or the use of the keyboard by the operator.
Term
shrink-wrap license agreement
Definition
A license written on the outside of software packaging. Such licenses get their name because they commonly include a clause stating that you acknowledge agreement to the terms of the contract simply by breaking the shrink-wrap seal on the package.
Term
signature dynamics
Definition
When used as a biometric, the use of the pattern and speed of a person writing their signature to establish identity or provide authentication.
Term
signature-based detection
Definition
The process used by antivirus software to identify potential virus infections on a system.
Term
simulation tests
Definition
A test in which disaster recovery team members are presented with a scenario and asked to develop an appropriate response. Some of these response measures are then tested. This may involve the interruption of noncritical business activities and the use of some operational personnel.
Term
single loss expectancy (SLE)
Definition
The cost associated with a single realized risk against a specific asset. The SLE indicates the exact amount of loss an organization would experience if an asset were harmed by a specific threat. SLE = asset value ($) * exposure factor (EF).
Term
single sign-on (SSO)
Definition
A mechanism that allows subjects to authenticate themselves only once to a system. With SSO,once subjects are authenticated,they can freely roam the network and access resources and service without being rechallenged for authentication.
Term
single state
Definition
Systems that require the use of policy mechanisms to manage information at different levels. In this type of arrangement,security administrators approve a processor and system to handle only one security level at a time.
Term
single-use passwords
Definition
A variant of dynamic passwords that are changed every time they are used.
Term
smart card
Definition
Credit-card-sized ID, badge, or security pass that has a magnetic strip, bar code, or integrated circuit chip embedded in it. Smart cards can contain information about the authorized bearer that can be used for identification and/or authentication purposes.
Term
smurf attack
Definition
A type of DoS. A smurf attack occurs when an amplifying server or network is used to flood a victim with useless data.
Term
sniffer attack
Definition
Any activity that results in a malicious user obtaining information about a network or the traffic over that network. A sniffer is often a packet-capturing program that duplicates the contents of packets traveling over the network medium into a file. Also referred to as a snooping attack.
Term
sniffing
Definition
A form of network traffic monitoring. Sniffing often involves the capture or duplication of network traffic for examination, re-creation, and extraction.
Term
snooping attack
Definition
See sniffer attack.
Term
social engineering
Definition
A skill by which an unknown person gains the trust of someone inside your organization and encourages them to make a change to the IT system in order to grant them access.
Term
socket
Definition
Another name for a port. software IP encryption.
Term
software IP encryption (SWIPE)
Definition
A layer 3 security protocol for IP. It provides authentication, integrity, and confidentiality using an encapsulation protocol. See software IP encryption.
Term
spam
Definition
The term describing unwanted email, newsgroup,or discussion forum messages. Spam can be as innocuous as an advertisement from a well-meaning vendor or as malignant as floods of unrequested messages with viruses or Trojan horses attached.
Term
spamming attacks
Definition
Sending significant amounts of spam to a system in order to cause a DoS or general irritation, consume storage space, or consume bandwidth and processing capabilities.
Term
spike
Definition
Momentary high voltage.
Term
split knowledge
Definition
The specific application of the ideas of separation of duties and two-man control into a single solution. The basic idea is that the information or privilege required to perform an operation is divided among multiple users. This ensures that no single person has sufficient privileges to compromise the security of the environment.
Term
spoofing
Definition
The act of replacing the valid source and/or destination IP address and node numbers with false ones.
Term
spoofing attack
Definition
Any attack that involves spoofed or modified packets.
Term
standards
Definition
Documents that define compulsory requirements for the homogenous use of hardware, software, technology, and security controls. They provide a course of action by which technology and procedures are uniformly implemented throughout an organization. Standards are tactical documents that define steps or methods to accomplish the goals and overall direction defined by security policies.
Term
state
Definition
A snapshot of a system at a specific instance in time. state machine model,A system that is designed so that no matter what function is performed,+
Term
state machine model
Definition
A system that is designed so that no matter what function is performed it is always a secure system.
Term
stateful inspection firewall
Definition
A firewall that evaluates the state or the context of network traffic. By examining source and destination address, application usage, source of origin, and relationship between current packets with the previous packets of the same session, stateful inspection firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities. Stateful inspection firewalls are known as third-generation firewalls.
Term
static packet-filtering firewall
Definition
A firewall that filters traffic by examining data from a message header. Usually the rules are concerned with source, destination, and port addresses. Static packet-filtering firewalls as known as first-generation firewalls.
Term
static password
Definition
Password that does not change over time or that remains the same for a significant period of time.
Term
static token
Definition
A physical means to provide identity, usually not employed as an authentication factor. Examples include a swipe card, a smart card, a floppy disk, a USB RAM dongle, or even something as simple as a key to operate a physical lock.
Term
station set identifier (SSID)
Definition
The name of a wireless network that each wireless client must know in order to communicate with the host access point.
Term
statistical attack
Definition
This type of attack exploits statistical weaknesses in a cryptosystem, such as such as floating-point errors or an inability to produce random numbers. It attempts to find vulnerabilities in the hardware or operating system hosting the cryptography application.
Term
statistical intrusion detection
Definition
See behavior-based detection. stealth virus,A virus that hides itself by actually tampering with the operating system to fool
Term
steganography
Definition
The act of embedding messages within another message,commonly used within an image or a WAV file.
Term
stop error
Definition
The security response of an operating system,such as Windows,when an application performs an illegal operation, such as accessing hardware or modifying/accessing the memory space of another process.
Term
stopped state
Definition
The state in which a process is finished or must be terminated. At this point,the operating system can recover all memory and other resources allocated to the process and reuse them for other processes as needed.
Term
strategic plan
Definition
A long-term plan that is fairly stable. It defines the organization's goals,mission,and objectives. A strategic plan is useful for about five years if it is maintained and updated annually. The strategic plan also serves as the planning horizon.
Term
stream attack
Definition
A type of DoS. A stream attack occurs when a large number of packets are sent to numerous ports on the victim system using random source and sequence numbers. The processing performed by the victim system attempting to make sense of the data will result in a DoS. Also referred to as flooding.
Term
stream ciphers
Definition
Ciphers that operate on each character or bit of a message (or data stream) one character/bit at a time.
Term
strong password
Definition
Password that is resistant to dictionary and brute-force attacks. Structured Query Language (SQL),The standard language used by relational databases to
Term
structured walk-through
Definition
A type of disaster recovery test,often referred to as a 'table-top exercise' in which members of the disaster recovery team gather in a large conference room and role-play a disaster scenario.
Term
subject
Definition
An active entity that seeks information about or data from passive objects through the exercise of access. A subject can be a user, a program, a process, a file, a computer, a database, and so on.
Term
subpoena
Definition
A court order that compels an individual or organization to surrender evidence or to appear in court.
Term
substitution cipher
Definition
Cipher that uses an encryption algorithm to replace each character or bit of the plain-text message with a different character,such as a Caesar cipher.
Term
supervisor state (or supervisory state)
Definition
The state in which a process is operating in a privileged,all-access mode.
Term
supervisory mode
Definition
Mode in which processes at layer 0 run,which is the ring where the operating system itself resides.
Term
switch
Definition
A network device that is an intelligent hub because it knows the addresses of the systems connected on each outbound port. Instead of repeating traffic on every outbound port, a switch repeats only traffic out of the port on which the destination is known to exist. Switches offer greater efficiency for traffic delivery, create separate broadcast and collision domains, and improve the overall throughput of data.
Term
switch
Definition
a switch repeats only traffic out of the port on which the destination is known to exist. Switches offer greater efficiency for traffic delivery,create separate broadcast and collision domains,and improve the overall throughput of data.
Term
switched virtual circuit (SVC)
Definition
A virtual circuit that must be rebuilt each time it is used; similar to a dial-up connection.
Term
symmetric key
Definition
An algorithm that relies upon a 'shared secret' encryption key that is distributed to all members who participate in communications. This key is used by all parties to both encrypt and decrypt messages.
Term
symmetric multiprocessing (SMP)
Definition
A type of system in which the processors share not only a common operating system but also a common data bus and memory resources. In this type of arrangement,it is not normally possible to use more than 16 processors.
Term
synchronous dynamic password token
Definition
Tokens used in a token device that generates pass- words at fixed time intervals. Time interval tokens require that the clock of the authentication server and the token device be synchronized. The generated password is entered by the subject along with a PIN, passphrase, or password.
Term
system call
Definition
A process by which an object in a less-trusted protection ring requests access to resources or functionality by objects in more-trusted protection rings.
Term
system high mode
Definition
See system-high security mode.
Term
system-high security mode
Definition
Mode in which systems are authorized to process only information that all system users are cleared to read and have a valid need to know. Systems running in this mode are not trusted to maintain separation between security levels, and all information processed by these systems must be handled as if it were classified at the same level as the most highly classified information processed by the system.
Term
table
Definition
The main building block of a relational database; also known as a relation.
Term
tactical plan
Definition
A midterm plan developed to provide more details on accomplishing the goals set forth in the strategic plan. A tactical plan is typically useful for about a year. It often prescribes and schedules the tasks necessary to accomplish organizational goals.
Term
task-based
Definition
An access control methodology in which access is granted based on work tasks or operations.
Term
teardrop attack
Definition
A type of DoS. A teardrop attack occurs when an attacker exploits a bug in operating systems. The bug exists in the routines used to reassemble fragmented packets. An attacker sends numerous specially formatted fragmented packets to the victim, which causes the system to freeze or crash.
Term
technical access control
Definition
The hardware or software mechanisms used to manage access to resources and systems and provide protection for those resources and systems. Examples of logical or technical access controls include encryption, smart cards, passwords, biometrics, constrained interfaces, access control lists,protocols, firewalls, routers, IDEs, and clipping levels. The same as logical access control.
Term
technical physical security controls
Definition
Security controls that use technology to implement some form of physical security,including intrusion detection systems, alarms, CCTV, monitoring, HVAC, power supplies, and fire detection and suppression.
Term
terrorist attacks
Definition
Attacks that differ from military and intelligence attacks in that the purpose is to disrupt normal life, whereas a military or intelligence attack is designed to extract secret information.
Term
test data method
Definition
A form of program testing that examines the extent of the system testing to locate untested program logic.
Term
testimonial evidence
Definition
Evidence that consists of the testimony of a witness, either verbal testimony in court or written testimony in a recorded deposition.
Term
thicknet
Definition
See 10Base5.
Term
thin client
Definition
A term used to describe a workstation that has little or no local processing or storage capacity. A thin client is used to connect to and operate a remote system.
Term
thinnet
Definition
See 10Base2.
Term
threat
Definition
A potential occurrence that may cause an undesirable or unwanted outcome for an organization or a specific asset.
Term
threat agents
Definition
People, programs,hardware,or systems that intentionally exploit vulnerabilities.
Term
threat events
Definition
Accidental exploitations of vulnerabilities.
Term
throughput rate
Definition
The rate at which a biometric device can scan and authenticate subjects. A rate of about six seconds or faster is required for general acceptance of a specific biometric control.
Term
ticket
Definition
An electronic authentication factor used by the Kerberos authentication system.
Term
ticket-granting service (TGS)
Definition
An element of the Kerberos authentication system. The TGS manages the assignment and expiration of tickets. Tickets are used by subjects to gain access to objects.
Term
time slice
Definition
A single chunk or division of processing time.
Term
time-of-use (TOU)
Definition
The time at which the decision is made by a subject to access an object.
Term
token
Definition
See token device.
Term
token device
Definition
A password-generating device that subjects must carry with them. Token devices are a form of a 'something you have' (Type 2) authentication factor.
Term
token ring
Definition
A token-passing LAN technology.
Term
topology
Definition
The physical layout of network devices and connective cabling. The common network topologies are ring, bus, star, and mesh.
Term
total risk
Definition
The amount of risk an organization would face if no safeguards were implemented. Threats * vulnerabilities * asset value = total risk.
Term
trade secret
Definition
Intellectual property that is absolutely critical to a business and would cause significant damage if it were disclosed to competitors and/or the public.
Term
trademark
Definition
A registered word, slogan, or logos used to identify a company and its products or services.
Term
traffic analysis
Definition
A form of monitoring in which the flow of packets rather than the actual content of packets is examined. Also referred to as trend analysis.
Term
training
Definition
The task of teaching employees to perform their work tasks and to comply with the security policy. All new employees require some level of training so they will be able to properly comply with all standards, guidelines, and procedures mandated by the security policy.
Term
transferring risk
Definition
Placing the cost of loss from a realized risk onto another entity or organization,such as purchasing insurance. Also referred to as assigning risk.
Term
transient
Definition
A short duration of line noise disturbance.
Term
transmission error correction
Definition
A capability built into connection or session-oriented protocols and services. If it is determined that a message, in whole or in part,was corrupted ,altered,or lost, a request can be made for the source to resend all or part of the message.
Term
transmission logging
Definition
A form of auditing focused on communications. Transmission logging records the details about source,destination, time stamps, identification codes, transmission status, number of packets, size of message, and so on.
Term
transparency
Definition
A characteristic of a service,security control, or access mechanism that is unseen by users. Transparency is often a desirable feature for security controls.
Term
transport mode
Definition
A mode of IPSec when used in a VPN. In transport mode, the IP packet data is encrypted, but the header of the packet is not.
Term
transposition cipher
Definition
Cipher that uses an encryption algorithm to rearrange the letters of a plain-text message to form the cipher-text message.
Term
trap door
Definition
Undocumented command sequence that allows software developers to bypass normal access restrictions.
Term
traverse mode noise
Definition
EMI noise generated by the difference in power between the hot and neutral wires of a power source or operating electrical equipment.
Term
trend analysis
Definition
See traffic analysis.
Term
triple DES (3DES)
Definition
A standard that uses three iterations of DES with two or three different keys to increase the effective key strength to 112 bits.
Term
trust
Definition
A security bridge established to share resources from one domain to another. A trust is established between two domains to allow users from one domain to access resources in another. Trusts can be one-way only, or they can be two-way.
Term
trusted computing base (TCB)
Definition
The combination of hardware,software,and controls that form a trusted base that enforces your security policy.
Term
trusted path
Definition
Secure channel used by the TCB to communicate with the rest of the system.
Term
trusted recovery process
Definition
On a secured system, a process that ensures the system always returns to a secure state after an error, failure, or reboot.
Term
trusted system
Definition
A secured computer system.
Term
tunnel mode
Definition
A mode of IPSec when used in a VPN. In tunnel mode,the entire IP packet is encrypted and a new header is added to the packet to govern transmission through the tunnel.
Term
tunneling
Definition
A network communications process that protects the contents of protocol packets by encapsulating them in packets of another protocol.
Term
turnstile
Definition
A form of gate that prevents more than one person at a time from gaining entry and often restricts movement in one direction.
Term
twisted-pair
Definition
See 10Base-T.
Term
two-factor authentication
Definition
Authentication that requires two factors.
Term
unclassified
Definition
The lowest level of classification. This is used for data that is neither sensitive nor classified. The disclosure of unclassified data does not compromise confidentiality or cause any noticeable damage.
Term
unicast
Definition
A communications transmission to a single identified recipient.
Term
uninterruptible power supply (UPS)
Definition
A type of self-charging battery that can be used to supply consistent clean power to sensitive equipment. A UPS functions basically by taking power in from the wall outlet, storing it in a battery, pulling power out of the battery, and then feeding that power to whatever devices are connected to it. By directing current through its battery, it is able to maintain a consistent clean power supply.
Term
unit testing
Definition
A method of testing software. Each unit of code is tested independently to discover any errors or omissions and to ensure that it functions properly. Unit testing should be performed by the development staff.
Term
unshielded twisted-pair (UTP)
Definition
A twisted-pair wire that does not include additional EMI protection. Most twisted-pair wiring is UTP.
Term
upper management
Definition
See senior management.
Term
user
Definition
Any person who has access to the secured system. A user's access is tied to their work tasks and is limited so they have only enough access to perform the tasks necessary for their job position (in other words,principle of least privilege). Also referred to as an end user and employee.
Term
user mode
Definition
The basic mode used by the CPU when executing user applications.
Term
view
Definition
A client interface used to interact with a database. The view limits what clients can see and what functions they can perform.
Term
violation analysis
Definition
A form of auditing that uses clipping levels.
Term
virtual machine
Definition
A software simulation of a computer within which a process executes. Each virtual machine has its own memory address space and communication between virtual machines is securely controlled.
Term
virtual memory
Definition
A special type of secondary memory that is managed by the operating system in such a manner that it appears to be real memory.
Term
virtual private network (VPN)
Definition
A network connection established between two systems over an existing private or public network. A VPN provides confidentiality and integrity for net- work traffic through the use of encryption.
Term
virtual private network (VPN) protocol
Definition
The protocols,such as PPTP, L2TP, and IPSec,that are used to create VPNs.
Term
virus
Definition
The oldest form of malicious code objects that plague cyberspace. Once they are in a system,they attach themselves to legitimate operating system and user files and applications and normally perform some sort of undesirable action, ranging from the somewhat innocuous display of an annoying message on the screen to the more malicious destruction of the entire local file system.
Term
voice pattern
Definition
An example of a biometric factor, which is a behavioral or physiological characteristic that is unique to a subject. The speech,tone, modulation, and pitch patterns of a person's voice are used to establish identity or provide authentication.
Term
volatile
Definition
See volatile storage.
Term
volatile storage
Definition
A storage medium,such as RAM,that loses its contents when power is removed from the resource.
Term
voluntarily surrender
Definition
The act of willingly handing over evidence.
Term
vulnerability
Definition
The absence or weakness of a safeguard or countermeasure. In other words,a vulnerability is the existence of a flaw, loophole, oversight, error, limitation, frailty, or susceptibility in the IT infrastructure or any other aspect of an organization.
Term
vulnerability scan
Definition
A test performed on a system to find weaknesses in the security infrastructure.
Term
vulnerability scanner
Definition
A tool used to test a system for known security vulnerabilities and weaknesses. Vulnerability scanners are used to generate reports that indicate the areas or aspects of the system that need to be managed to improve security.
Term
wait stat
Definition
The state in which a process is ready to execute but is waiting for an operation such as keyboard input, printing, or file writing to complete.
Term
war dialing
Definition
The act of using a modem to search for a system that will accept inbound connection attempts.
Term
warm site
Definition
A middle ground between hot sites and cold sites for disaster recovery specialists. A warm site always contains the equipment and data circuits necessary to rapidly establish operations but does not typically contain copies of the client's data.
Term
warning banners
Definition
Messages used to inform would-be intruders or attempted security policy violators that their intended activities are restricted and that any further activities will be audited and monitored. A warning banner is basically an electronic equivalent of a no trespassing sign.
Term
well-known ports
Definition
The first 1,024 ports of TCP and UDP. They are usually assigned to commonly used services and applications.
Term
wet pipe system
Definition
A fire suppression system that is always full of water. Water discharges immediately when triggered by a fire or smoke. Also known as a closed head system.
Term
white box testing
Definition
A form of program testing that examines the internal logical structures of a program.
Term
wide area network (WAN)
Definition
A network or a network of LANs that is geographically diverse. Often dedicated leased lines are used to establish connections between distant components.
Term
wireless networking (802.11)
Definition
A form of networking that uses radio waves as the connection medium following the 802.11 standard. Often called WiFi.
Term
work function or work factor
Definition
A way of measuring the strength of a cryptography system by measuring the effort in terms of cost and/or time. Usually the time and effort required to perform a complete brute-force attack against an encryption system is what the work function rating represents. The security and protection offered by a cryptosystem is directly proportional to the value of the work function/factor.
Term
worm
Definition
A form of malicious code that is self-replicating but is not designed to impose direct harm on host systems. The primary purpose of a worm is to replicate itself to other systems and gather information. Worms are usually very prolific and often cause a denial of service because of their consumption of system resources and network bandwidth in their attempt to self-replicate.
Term
zero knowledge proof
Definition
A concept of communication whereby a specific type of information is exchanged but no real data is exchanged. Great examples of this idea are digital signatures and digital certificates.
Supporting users have an ad free experience!