CISSP Glossary PDF

11/22/2015 Printable Flash Cards
Term 1 Definition 1
An axiom of the Biba
model that states that
a subject at a specific
* (star) Integrity classification level
Axiom (* Axiom) cannot write data to a
higher classification
level. This is often
shortened to “no
Term 2 Definition 2
A property of the Bell
LaPadula model that
states that a subject
* (star) Security at a specific
Property (* Property) classification level
cannot write data to a
lower classification
Term 3 Definition 3
A form of twistedpair
cable that supports
1000Mbps or 1Gbs
1000BaseT throughput at 100
meter distances.
Often called Gigabit
Ethernet.
http://www.flashcardmachine.com/print/?topic_id=847667 1/157
Term 4 Definition 4
Another form of
100BaseTX twistedpair cable
similar to 100BaseT.
Term 5 Definition 5
A type of network
cable that consists of
four pairs of wires
10BaseT that are twisted
around each other
and then sheathed in
a PVC insulator. Also
Term 6
called twistedpair. Definition 6
A type of coaxial
cable. Often used to
connect systems to
10Base2 backbone trunks.
10Base2 has a
maximum span of 185
meters with maximum
throughput of
Term 7 Definition 7
A type of coaxial
cable. Often used as a
network's backbone.
10Base5 10Base5 has a max
imum span of 500
meters with maximum
throughput of
Term 8
10Mpbs. Also called Definition 8
An amendment to the
802.11 standard that
defines a new
802.11i (WPA2) authentication and
encryption technique
that is similar to
IPSec. To date no
Term 9
realworld attack has Definition 9
A form of wireless
authentication
protection that
802.1x requires all wireless
clients to pass a
gauntlet of RADIUS or
TACACS services
before network
Term 10 Definition 10
The letters in ACID
represent the four
required
ACID model characteristics of
database
transactions:
atomicity,
Term 11
consistency, Definition 11
The operation
(represented by the ^
AND symbol) that checks
to see whether two
values are both true.
See automatic private
APIPA IP addressing
(APIPA).
Microsoft's
component object
model (COM)
ActiveX technology used in
web applications.
ActiveX is
implemented using
any one of a variety of
A subprotocol of the
TCP/IP protocol suite
that operates at the
Address Resolution Data Link layer (layer
Protocol (ARP) 2). ARP is used to
discover the MAC
address of a system
by polling using its IP
The encryption
standard selected in
October 2000 by the
Advanced Encryption National Institute for
Standard (AES) Standards and
Technology (NIST)
that is based on the
Rijndael cipher.
Layer 7 of the Open
Systems
Application layer
Interconnection (OSI)
model.
The degree of
confidence that
security needs are
Assurance satisfied Assurance
must be continually
maintained, updated,
and reverified.
An IPSec protocol
that provides
Authentication
authentication,
Header (AH)
integrity, and non
repudiation
An element of the
Kerberos Key
Distribution Center
Authentication
(KDC). The AS
Service (AS)
verifies or rejects the
authenticity and
timeliness of tickets.
An addressing
scheme that uses a
value stored in one of
Base+Offset the CPU's registers
addressing as the base location
from which to begin
counting. The CPU
Term 21
then adds the offset Definition 21
The operating system
independent primitive
instructions that a
Basic Input/Output
computer needs to
System (BIOS)
start up and load the
operating system
from disk.
An ISDN service type
that provides two B,
or data,channels and
Basic Rate Interface one D, or
(BRI) management,channel.
Each B channel offers
64Kbps,and the D
channel offers
A confidentiality
focused security
model based on the
BellLaPadula model state machine model
and employing
mandatory access
controls and the
lattice model.
An integrityfocused
security model based
on the state machine
Biba model model and employing
mandatory access
controls and the
lattice model.
A block cipher that
operates on 64bit
blocks of text and
Blowfish uses variablelength
keys ranging from a
relatively insecure 32
bits to an extremely
Term 26
strong 448 bits. Definition 26
A wireless standard
commonly used to
Bluetooth (802.15) pair accessories to
cell phones or
computers.
The assessment of a
variety of risks to
organizational
Business Continuity processes and the
Planning (BCP) creation of
policies,plans,and
procedures to
minimize the impact
An analysis that
identifies the
resources that are
Business Impact critical to an
Assessment (BIA) organizationÕs
ongoing viability and
the threats posed to
Term 29
those resources. It Definition 29
The three essential
security principles of
confidentiality,integrity,and
CIA Triad availability. cipher,A
system that hides the
true meaning of a
message. Ciphers use
Term 30
a variety of Definition 30
A law in the United
States that places
Children's Online specific demands
Privacy Protection upon websites that
Act (COPPA) cater to children or
knowingly collect
infor mation from
children.
A process in which
each block of
unencrypted text is
Cipher Block XORed with the block
Chaining (CBC) of cipher text
immediately
preceding it before it
Term 32
is encrypted using Definition 32
A mode in which the
DES algorithm is
used to encrypt the
Cipher Feedback preceding block of
(CFB) cipher text. This block
is then XORed with
the next block of plain
Term 33
text to produce the Definition 33
A model that employs
limited interfaces or
ClarkWilson model programs to control
and maintain object
integrity.
A contracted
Committed
minimum guaranteed
Information Rate
bandwidth allocation
(CIR)
for a virtual circuit.
The areas of
information
Common Body of prescribed by (ISC)2
Knowledge (CBK) as the source of
knowledge for the
CISSP exam.
An international
standard for
Common Object distributed
Request Broker computing. CORBA
Architecture (CORBA) enables code
operating on a
computer to locate
resources located
Microsoft's standard
for the use of
Component Object components within a
Model (COM) process or between
processes running on
the same system.
A U.S. law written to
exclusively cover
computer crimes that
Computer Fraud and
cross state
Abuse Act
boundaries to avoid
infringing upon
states' rights.
A U.S. law that
mandates baseline
Computer Security
security require
Act (CSA) of 1987
ments for all federal
agencies.
A government/military
classification used for
data of a confidential
Confidential nature. Unauthorized
disclosure of
confidential data will
have noticeable
Term 41
effects and cause Definition 41
A security concept
Control Objectives for
infrastructure used to
Information and
organize the complex
related Technology
security solution of
(CobiT)
companies.
Deployment of FDDI
using twistedpair (in
other words,copper)
Copper Distributed wires. This reduces
Data Interface (CDDI) the maximum
segment length to 100
meters and is
susceptible to
The act of altering or
falsifying the
DNS poisoning information of DNS to
route or misdirect
legitimate traffic.
The database
programming
language that allows
Data Definition for the creation and
Language (DDL) modification of the
database's structure
(known as the
Term 45
schema). Definition 45
A standard
cryptosystem
proposed in 1977 for
Data Encryption all government
Standard (DES) communications.
Many government
entities continue to
use DES for crypto
The 2nd level in the
Data Link layer OSI model protocol
stack.
The database
programming
Data Manipulation language that allows
Language (DML) users to interact with
the data contained
within the schema.
An anonymous
feedback and
Delphi technique response process
used to arrive at a
group consensus.
A key exchange
algorithm useful in
situations in which
DiffieHellman two parties might
algorithm need to communicate
with each other but
they have no physical
Term 50
means to exchange Definition 50
A law that establishes
the prohibition of
attempts to
Digital Millennium circumvent copyright
Copyright Act protection
mechanisms placed
on a protected work
Term 51
by the copyright Definition 51
A standard that
specifies that all
federally approved
Digital Signature
digital signature
Standard (DSS)
algorithms must use
a secure hashing
function.
A mechanism that
allows devices to
exchange data
Direct Memory directly with real
Access (DMA) memory (RAM)
without requiring
assistance from the
Term 53
CPU. Definition 53
A wireless technology
Direct Sequence that employs all of the
Spread Spectrum available frequencies
(DSSS) simultaneously in
parallel.
Term that describes
the actions an
organization takes to
Disaster Recovery
resume normal
Planning (DRP)
operations after a
disaster interrupts
normal activity.
Property that states
that the system uses
Discretionary an access control
Security Property matrix to enforce
discretionary access
control.
An extension of COM
Distributed to support distributed
Component Object computing. This is
Model (DCOM) Microsoft's answer to
CORBA.
A protocol used to
assign TCP/IP
Dynamic Host configuration settings
Configuration to systems upon
Protocol (DHCP) bootup. DHCP uses
port 67 for server
pointtopoint
response and port 68
A law that states that
anyone found guilty
of stealing trade
Economic Espionage secrets from a U.S.
Act of 1996 corporation with the
intention of benefiting
a foreign government
or agent may be fined
The explanation of
how the mathematical
principles behind the
El Gamal DiffieHellman key
exchange algorithm
could be extended to
support an entire
public key
The simplest
encryption mode to
understand and the
Electronic Codebook least secure. Each
(ECB) time the algorithm
processes a 64bit
block,it simply
encrypts the block
The law that makes it
a crime to invade an
Electronic individualÕs
Communications electronic privacy. It
Privacy Act (ECPA) protects against the
monitoring of email
and voice mail com
munications and
An element of IPSec
that provides
Encapsulating encryption to protect
Security Payload the confidentiality of
(ESP) transmitted data but
can also perform
limited
authentication.
A failed government
attempt to create a
back door to all
Escrowed Encryption encryption solutions.
Standard The solution
employed the Clipper
chip,which used the
Skipjack algorithm.
A common shared
Ethernet media LAN
technology.
Those trained in
responsible network
security
Ethical Hackers methodology,with a
philosophy toward
nondestructive and
nonintrusive
Term 66
testing,ethical Definition 66
A failed government
attempt to create a
back door to all
Fair Cryptosystems encryption solutions.
This technology used
a segmented key that
was divided among
several trustees.
A specialized privacy
bill that affects any
Family Educational educational
Rights and Privacy institution that
Act (FERPA) accepts any form of
funding from the
federal government
(the vast majority of
FIPS140 defines the
hardware
Federal Information and software
Processing Standard requirements for
140 (FIPS140) cryptographic
modules that the
federal government
uses.
A 1991 law that
Federal Sentencing provides punishment
Guidelines guidelines for
breaking federal laws.
A highspeed token
passing technology
that employs two
Fiber Distributed Data rings with traffic
Interface (FDDI) flowing in opposite
directions. FDDI
offers transmission
rates of 100Mbps and
An amendment to the
U.S. Constitution that
prohibits government
Fourth Amendment agents from
searching private
property without a
warrant and probable
cause. The courts
A shared connection
medium that uses
packetswitching
Frame Relay technology to
establish virtual
circuits for
customers.
An early
implementation of the
Frequency Hopping spread spectrum
Spread Spectrum concept. This
(FHSS) wireless access
technology transmits
data in a series while
constantly changing
A type of bar chart
that shows the
interrelationships
Gantt chart over time between
projects and
schedules. It provides
a graphical
illustration of a
Act that amends the
United States Code to
Government
implement additional
Information Security
information security
Reform Act of 2000
policies and
procedures.
A law passed in 1999
that eased the strict
governmental barriers
GrammLeachBliley between financial
(GLBA) Act institutions.
Banks,insurance
companies,and credit
providers were
A firesuppressant
material that converts
to toxic gases at 900
Halon degrees Fahrenheit
and depletes the
ozone layer of the
atmosphere and is
therefore usually
An algorithm that
implements a partial
Hashed Message digital signatureÑit
Authentication Code guarantees the
(HMAC) integrity of a message
during
transmission,but it
does not provide for
A law passed in 1996
that made numerous
Health Insurance changes to the laws
Portability and governing health
Accountability Act insurance and health
(HIPAA) maintenance orga
nizations (HMOs).
Among the provisions
A layer 2 protocol
used to transmit data
over syn chronous
HighLevel Data Link communication lines.
Control (HDLC) HDLC is an ISO
standard based on
IBM's SDLC. HDLC
supports fullduplex
A layer 1 protocol
used to connect
HighSpeed Serial routers and multi
Interface (HSSI) plexers to ATM or
Frame Relay
connection devices.
The protocol used to
transmit web page
elements from a web
Hypertext Transfer server to web
Protocol browsers (over the
wellknown service
TCP/UDP port
Term 83
address 80). Definition 83
A standard that uses
port 443 to negotiate
Hypertext Transfer
encrypted
Protocol over Secure
communications
Sockets Layer
sessions between
(HTTPS)
web servers and
browser clients.
A protocol that allows
IPSec users to
IP Payload achieve enhanced
Compression performance by
(IPcomp) protocol compression packets
prior to the
encryption operation.
A standardsbased
mechanism for
IP Security (IPSec) providing encryption
for pointtopoint
TCP/IP traffic.
An element in an IP
packet header that
identifies the protocol
IP header protocol used in the IP packet
field value payload (usually this
will be 6 for TCP,17
for UDP,or 1 for
Term 87
ICMP,or any of a Definition 87
An attack technique
that uses automated
tools to ping each
IP probes address in a range.
Systems that respond
to the ping request
are logged for further
analysis. Addresses
The process by which
a malicious individual
reconfigures their
IP spoofing system so that it has
the IP address of a
trusted system and
then attempts to gain
access to other
An act that makes
identity theft a crime
Identity Theft and against the person
Assumption whose identity was
Deterrence Act stolen and provides
severe criminal
penalties (up to a 15
year prison term
A digital endtoend
communications
Integrated Services mechanism. ISDN
Digital Network was developed by
(ISDN) telephone companies
to support highspeed
digital
communications over
An independent
oversight
International organization that
Organization for defines and maintains
Standardization (ISO) computer,
networking, and
technology
standards, along with
A protocol that
provides for the
Internet Key secure exchange of
Exchange (IKE) cryptographic keys
between IPSec
participants.
A protocol used to
pull email messages
Internet Mail from an inbox on an
Authentication email server down to
Protocol (IMAP) an email client. IMAP
is more secure than
POP3, uses port 143,
and offers the ability
A protocol used to
Internet Message transfer email
Access Protocol messages from an
(IMAP) email server to an
email client.
Internet Security A protocol that
Association and Key provides background
Management Protocol security support
(ISAKMP) services for IPSec.
A platform
independent
Java programming
language developed
by Sun Microsystems.
A ticketbased
authentication
mechanism that
Kerberos employs a trusted
third party to provide
identification and
authentication.
The idea that all
algorithms should be
public but all keys
Kerchoff's should remain
assumption private. Kerchoff's
assumption is held by
a large number of
Term 99
cryptologists,but not Definition 99
A ticketbased
authentication
mechanism similar to
KryptoKnight
Kerberos but based
on peertopeer
authentication.
A remote
access,multilayer
switch used to
LAN extender connect distant
networks over WAN
links. This is a
strange beast of a
Term 101
device in that it Definition 101
A protocol developed
Layer 2 Forwarding
by Cisco as a mutual
(L2F)
authentication
A pointtopoint
tunnel protocol
developed by com
Layer 2 Tunneling bining elements from
Protocol (L2TP) PPTP and L2F. L2TP
lacks a builtin
encryption scheme
but typically relies
A loadable kernel
module for Linux
Low WaterMark designed to protect
Mandatory Access the integrity of
Control (LOMAC) processes and data. It
is an OS security
architecture
Term 104
extension or Definition 104
A hash algorithm
developed by Ronald
MD2 (Message Digest Rivest in 1989 to
2) provide a secure hash
function for 8bit
processors.
An enhanced version
of the MD2
algorithm,released in
MD4 1990. MD4 pads the
message to ensure
that the message
length is 64 bits
smaller than a
The next version the
MD
algorithm,released in
MD5 1991,which processes
512bit blocks of the
message,but it uses
four distinct rounds
Term 107
of computation to Definition 107
Standard that
provides authenticity,
MIME Object Security confidentiality,
Services (MOSS) integrity, and
nonrepudiation for
email messages.
A type of electronic
payment system and
MONDEX protocol designed to
manage cash on
smart cards.
A 6byte address
written in
hexadecimal. The first
Media Access Control three bytes of the
(MAC) address address indicate the
vendor or
manufacturer of the
physical network
An operation
(represented by the ~
or ! symbol) that
NOT reverses the value of
an input variable. This
function operates on
only one variable at a
time.
A mechanism for
converting the
internal nonroutable
Network Address IP addresses found in
Translation (NAT) packet headers into
public IP addresses
for transmission over
the Internet.
Layer 3 of the OSI
Network layer
model.
An operation
(represented by the ∕
symbol) that checks
OR
to see whether at
least one of the input
values is true.
See Open Systems
OSI model Interconnection (OSI)
model.
A standard model
developed to
Open Systems establish a common
Interconnection (OSI) communication
model structure or standard
for all computer
systems.
A wireless technology
that employs a digital
Orthogonal multicarrier
FrequencyDivision modulation scheme
Multiplexing (OFDM) that allows for a more
tightly compacted
transmission.
A mode in which DES
XORs plain text with a
seed value. For the
Output Feedback first encrypted block,
(OFB) an initialization vector
is used to create the
seed value. Future
seed values are
A standardized
authentication
Password protocol for PPP. PAP
Authentication transmits usernames
Protocol (PAP) and passwords in the
clear. PAP offers no
form of encryption; it
Term 119
simply provides a Definition 119
A fullduplex protocol
used for the
transmission of
PointtoPoint TCP/IP packets over
Protocol (PPP) various nonLAN
connections,such as
modems, ISDN, VPNs,
Term 120
Frame Relay, and so Definition 120
An enhancement of
PPP that creates
PointtoPoint encrypted tunnels
Tunneling Protocol between
(PPTP) communication
endpoints. PPTP is
used on VPNs but is
often replaced by
A mechanism for
converting the
internal nonroutable
Port Address IP addresses found in
Translation (PAT) packet headers into
public IP addresses
and port numbers for
Term 122
transmission over the Definition 122
A protocol used to
transfer email
Post Office Protocol
messages from an
(POP)
email server to an
email client.
Layer 6 of the OSI
Presentation layer
model.
A public/private key
system that uses the
IDEA algorithm to
Pretty Good Privacy encrypt files and
(PGP) email messages. PGP
is not a standard but
rather an
independently
An ISDN service type
that provides up to 23
B channels and one D
Primary Rate channel. Thus,a full
Interface (PRI) PRI ISDN connection
offers 1.544 Mbps
throughput,the same
as a T1 line.
A law that mandates
that government
agencies maintain
Privacy Act of 1974 only records that are
necessary for the
conduct of their
business and destroy
those records when
An email encryption
mechanism that
provides
Privacy Enhanced authentication
Mail (PEM) ,integrity,
confidentiality ,and
nonrepudiation. PEM
is a layer 7 protocol.
A projectscheduling
tool. It is a method
Program Evaluation used to judge the size
Review Technique of a software product
(PERT) in development and
calculate the standard
deviation (SD) for risk
assessment. PERT
See Remote
Authentication DialIn
RADIUS
User Service
(RADIUS).
The public standard
that defines public
RFC 1918
and private IP
addresses.
See Rivest, Shamir,
RSA
and Adleman (RSA).
A service used to
Remote
centralize the
Authentication DialIn
authentication of
User Service
remote dialup
(RADIUS)
connections.
A subprotocol of the
TCP/IP protocol suite
Reverse Address that operates at the
Resolution Protocol Data Link layer (layer
(RARP) 2). RARP is used to
discover the IP
address of a system
by polling using its
A block cipher that
was selected to
replace DES. The
Rijndael block cipher Rijndael cipher allows
the use of three key
strengths: 128
bits,192 bits,and 256
bits.
A public key
encryption algorithm
Rivest, Shamir, and
named after Rivest,
Adleman (RSA)
Shamir, and Adleman,
its inventors.
See Secure
Multipurpose Internet
Mail Extensions
S/MIME (S/MIME). sabotage,A
criminal act
committed against an
organization by a
Term 137
knowledgeable Definition 137
A ticketbased
authentication
SESAME
mechanism similar to
Kerberos.
A type of DoS. A SYN
flood attack is waged
by not sending the
SYN flood attack final ACK
packet,which breaks
the standard three
way handshake used
by TCP/IP to initiate
A government/military
classification, used
for data of a secret
Secret nature. Unauthorized
disclosure of secret
data could cause
serious damage to
Term 140
national security. Definition 140
A security protocol
for the transmission
of transactions over
Secure Electronic the Internet. SET is
Transaction (SET) based on RSA
encryption and DES.
SET has the support
Term 141
of major credit card Definition 141
The second major
Secure HTTP (S protocol used to
HTTP) provide security on
the World Wide Web.
A government
standard hash
function developed
Secure Hash by the National
Algorithm (SHA) Institute of Standards
and Technology
(NIST) and specified
Term 143
in an official Definition 143
A protocol used to
Secure Multipurpose
secure the
Internet Mail
transmission of email
Extensions (S/MIME)
and attachments.
An authentication
service. SRPC is
Secure Remote
simply a means to
Procedure Call (S
prevent unauthorized
RPC)
execution of code on
remote systems.
An endtoend
encryption technique.
This suite of
Secure Shell (SSH) programs provides
encrypted
alternatives to
common Internet
Term 146
applications such as Definition 146
An encryption
protocol developed
by Netscape to
Secure Sockets Layer
protect the
(SSL)
communications
between a web server
and a web browser.
The Transport layer
Sequenced Packet protocol of the
Exchange (SPX) IPX/SPX protocol
suite from Novell.
An older technology
developed to support
TCP/IP com
Serial Line Internet munications over
Protocol (SLIP) asynchronous serial
connections,such as
serial cables or
Term 149
modem dialup. Definition 149
Layer 5 of the OSI
Session layer
model.
An axiom of the Biba
model that states that
a subject at a specific
Simple Integrity classification level
Axiom (SI Axiom) cannot read data with
a lower classification
shortened to Òno
An encryption tool
Simple Key
used to protect
Management for IP
sessionless datagram
(SKIP)
protocols.
The primary protocol
used to move email
Simple Mail Transfer
messages from
Protocol (SMTP)
clients to servers and
from server to server.
A property of the Bell
LaPadula model that
Simple Security states that a subject
Property (SS at a specific
property) classification level
cannot read data with
a higher classification
Associated with the
Escrowed Encryption
Standard, an
Skipjack algorithm that
operates on 64bit
blocks of text. It uses
an 80bit key and
supports the same
A connectionless
network
Switched communication
Multimegabit Data service. SMDS
Services (SMDS) provides bandwidth
on demand. SMDS is
a preferred
connection
A layer 2 protocol
employed by
networks with
Synchronous Data dedicated or leased
Link Control (SDLC) lines. SDLC was
developed by IBM for
remote
communications with
See Terminal Access
Controller Access
TACACS
Control System
(TACACS).
An application that
can serve as a basic
TCP wrapper firewall by restricting
access based on user
IDs or systems IDs.
The study and control
of electronic signals
produced by various
TEMPEST types of electronic
hardware,such as
computers,televisions,phones,a
so on. Its primary
goal is to prevent EM
A model that employs
a directed graph to
dictate how rights can
TakeGrant model be passed from one
subject to another or
from a subject to an
object. Simply put, a
Term 161
subject with the grant Definition 161
An alternative to
RADIUS. TACACS is
Terminal Access available in three
Controller Access versions: original
Control System TACACS, XTACACS
(TACACS) (extended TACACS),
and TACACS+.
Term 162
TACACS integrates Definition 162
The highest level of
government/military
classification.
Top Secret Unauthorized
disclosure of top
secret data will cause
exceptionally grave
damage to national
A connection
Transmission Control oriented protocol
Protocol (TCP) located at layer 4 of
the OSI model stack.
Layer 4 of the OSI
Transport layer
model.
A malicious code
object that appears to
be a benevolent
Trojan horse program, such as a
game or simple utility
that performs the
'cover' functions as
advertised but also
Something you
know,such as a
password,personal
Type 1 authentication identification number
factor (PIN), combination
lock, passphrase,
mother's maiden
name, or favorite
Something you
have,such as a smart
Type 2 authentication
card,ATM card,token
factor
device,or memory
card.
Something you are,
such as fingerprints,
voice print, retina
Type 3 authentication
pattern, iris pattern,
factor
face shape, palm
topology, or hand
geometry.
An act implemented
after the September
11, 2001,terrorist
USA Patriot Act of attacks. It greatly
2001 broadened the
powers of law
enforcement
Term 170
organizations and Definition 170
A federal law
designed for adoption
Uniform Computer by each of the 50
Information states to provide a
Transactions Act common framework
(UCITA) for the conduct of
computerrelated
Term 171
business Definition 171
A connectionless
User Datagram protocol located at
Protocol (UDP) layer 4 of the OSI
model.
A device that
implements a 26
Vernam cipher
character modulo 26
substitution cipher.
A polyalphabetic
Vigenere cipher
substitution cipher.
A network service
that provides voice
communication
Voice over IP (VoIP) services by
transporting the voice
traffic as network
packets over an IP
network.
An early alternative to
WEP based on a
secret passphrase
WiFi Protected and employing the
Access (WPA) LEAP and TKIP
crypto systems. It is
attackable through
Term 176
passphrase guessing. Definition 176
A wireless standard
that defines citywide
wireless access
WiMax (802.16)
technologies. This
standard has yet to
be widely deployed.
A type of DoS. A
WinNuke attack is a
specialized assault
WinNuke attack against Windows 95
systems. Outofband
TCP data is sent to a
victimÕs
system,which causes
A protocol that
provides both 40 and
128bit encryption
Wired Equivalency
options to protect
Protocol (WEP)
communications
within the wireless
LAN.
A form of encrypted
authentication that
employs RC4. WEP
Wired Equivalent supports only one
Privacy (WEP) way authentication
from client to WAP.
WEP is considered
insufficient for
A functioning
industrydriven
protocol stack that
Wireless Application allows users through
Protocol (WAP) their WAPcapable
devices,such as cell
phones,to
communicate over a
An older WAN
protocol that uses
X.25 carrier switching to
provide endtoend
connections
A function that
returns a true value
when only one of the
XOR input values is true. If
both values are false
or both values are
true,the output of the
Term 183
XOR function is false. Definition 183
These possess only
primary information
Zero Knowledge about an organization
Teams during a security
assessment or
penetration t
Any system activity
that does not
normally occur on
abnormal activity
your system. Also
known as suspicious
activity
The collection of
similar elements into
groups classes or
abstraction roles for the
assignment of
security controls
restrictions or
Term 186
permissions as a Definition 186
A form of testing that
attempts to verify that
a system satisfies the
acceptance testing stated criteria for
functionality and
possibly also for
security capabilities
of a product. It is
The valuation by
management of the
cost/benefit analysis
accepting risk of possible
safeguards and the
determination that the
cost of the
Term 188
countermeasure Definition 188
The transfer of
access information from an
object to a subject.
The mechanism by
which subjects are
access control
granted or restricted
access to objects.
The column of an
access control matrix
access control list
that specifies what
(ACL)
level of access has
over an object.
A table of subjects
and objects that
indicates the actions
access control matrix or functions that each
subject can perform
on each object. Each
column of the matrix
is an ACL. Each row
Auditing logging and
monitoring the
attempted access or
access tracking
activities of a subject.
Also referred to as
activity tracking.
An element of the
password policy's
programmatic
account lockout controls that disables
a user account after a
specified number of
failed logon attempts.
Term 194
Account lockout is an Definition 194
The process of
holding someone
responsible
accountability (accountable) for
something. In this
context accountability
is possible if a
Term 195
subject's identity and Definition 195
The formal
declaration by the
Designated
accreditation Approving Authority
(DAA) that an IT
system is approved to
operate in a particular
security mode using a
Web programs that
users download to
their own computer
active content for execution rather
than consuming
serverside
resources.
The means by which
a processor refers to
addressing
various locations in
memory.
The policies and
procedures defined
by an organization's
administrative access security policy to
controls implement and
enforce overall
access control.
Examples of
Regulations that
cover a range of
topics from
administrative law procedures to be
used within a federal
agency to
immigration policies
that will be used to
Security controls that
include facility
administrative construction, and
physical security selection site
controls management,
personnel controls,
awareness training,
and emergency
Evidence that is
relevant to
determining a fact.
admissible evidence The fact that the
evidence seeks to
determine must be
material (in other
words, related) to the
A policy that
discusses behaviors
and activities that are
advisory policy acceptable and
defines
consequences of
violations. An
Term 203
advisory policy Definition 203
Intelligent code
objects that perform
actions on behalf of a
agent user. They typically
take initial
instructions from the
user and then carry
Term 204
on their activity, in an Definition 204
SQL functions,such
as
COUNT(),MIN(),MAX(),SUM(),and
aggregate functions AVG(),that can be run
against a database to
produce an
information set.
A number of
functions that
combine records from
aggregation
one or more tables to
produce potentially
useful information.
A mechanism that is
separate from a
motion detector and
alarm triggers a deterrent,
or triggers a
repellant,and/or
triggers a notification.
Term 207
Whenever a motion Definition 207
Notifications sent to
administrators when
alarm triggers
a specific event
occurs.
amplifier See repeater.
An algebraic
manipulation that
attempts to reduce
analytic attack the complexity of a
cryptographic
algorithm. This attack
focuses on the logic
Term 210
of the algorithm itself. Definition 210
The possible yearly
cost of all instances
of a specific realized
annualized loss threat against a
expectancy (ALE) specific asset. The
ALE is calculated
using the formula
ALE = single loss
The expected
frequency that a
specific threat or risk
annualized rate of
will occur (in other
occurrence (ARO)
words, become
realized) within a
single year.
See behaviorbased
anomaly detection
detection.
Code objects sent
from a server to a
client to perform
applet some action. Applets
are selfcontained
miniature programs
that execute
independently of the
A firewall that filters
traffic based on the
Internet service (in
applicationlevel other words,
gateway firewall application) used to
transmit or receive
the data. Application
level gateways are
A higherlevel
alternative to machine
language code.
assembly language Assembly languages
use mnemonics to
represent the basic
instruction set of a
CPU but still requires
Anything within an
environment that
should be protected.
asset The loss or
disclosure of an asset
could result in an
overall security
compromise, loss of
A dollar value
assigned to an asset
based on actual cost
asset valuation and nonmonetary
expenses,such as
costs to develop,
maintain, administer,
Term 218
advertise, Definition 218
A dollar value
assigned to an asset
asset value (AV) based on actual cost
and nonmonetary
expenses.
assigning risk See transferring risk.
The degree of
confidence that
security needs are
assurance satisfied. Assurance
must be continually
maintained, updated,
and reverified
Public key
cryptosystems that
use a pair of keys
asymmetric key (public and private)
for each participant.
Messages encrypted
with one key from the
pair can only be
A cellswitching
technology rather
than a packet
asynchronous switching technology
transfer mode (ATM) like Frame Relay.
ATM uses virtual
circuits much like
Frame Relay,but
One of the four
required
characteristics of all
atomicity database
transactions. A
database trans
action must be an
Term 224
"allornothing" affair. Definition 224
The exploitation of a
vulnerability by a
threat agent, attacker
attack or any person who
attempts to perform a
malicious action
against a system.
The loss of signal
strength and integrity
attenuation on a cable because of
the length of the
cable.
A column within a
attribute table of a relational
database.
The records created
by recording
information about
audit trails events and
occurrences into a
database or log file.
Audit trails are used
Term 228
to reconstruct an Definition 228
A methodical
examination or review
of an environment to
auditing ensure compliance
with regulations and
to detect
abnormalities,
unauthorized
The person or group
responsible for
testing and verifying
auditor that the security
policy is properly
implemented and the
derived security
Term 230
solutions are Definition 230
The process of
verifying or testing
authentication that the identity
claimed by a subject
is valid.
Protocol used to
authentication provide the transport
protocols mechanism for logon
credentials.
authority before the Endorsed copies of
lifetimes of the an individualÕs
certificates have public key that
expired. certificates verifies their identity.
A process that
ensures that the
requested activity or
authorization object access is
possible given the
rights and privileges
assigned to the
Term 234
authenticated identity Definition 234
A feature of Windows
that assigns an IP
automatic private IP
address to a system
addressing (APIPA)
should DHCP address
assignment fail.
An additional function
that can be added to
either local or
auxiliary alarm centralized alarm
system systems. The purpose
of an auxiliary alarm
system is to notify
Term 236
local police or fire Definition 236
The assurance that
authorized subjects
availability are granted timely
and uninterrupted
access to objects.
A form of security
teaching that is a
prerequisite to
awareness training. The goal of
awareness is to bring
security into the
forefront and make it
a recognized entity
Forms of physical
identification and/or
badges
of electronic access
control devices.
A communication
medium that supports
baseband only a single
communication signal
at a time.
The minimum level of
security that every
baseline system throughout
the organization must
meet.
a special purpose
computer on a
network specifically
bastion host designed and
configured to
withstand attacks.
The computer
Term 242
generally hosts a Definition 242
In the context of
objectoriented
programming
behavior terminology and
techniques, the
results or output from
an object after
Term 243
processing a Definition 243
An intrusion
discovery mechanism
used by IDS.
behaviorbased Behaviorbased
detection detection finds out
about the normal
activities and events
on your system
A rule that states
when a document is
used as evidence in
best evidence rule an court proceeding,
the original document
must be introduced.
Copies will not be
Term 245
accepted as evidence Definition 245
A placeholder for SQL
literal values,such as
bind variable
numbers or character
strings.
The use of human
physiological or
behavioral
biometrics characteristics as
authentication factors
for logical access and
identification for
physical access.
An attack in which the
malicious individual
seeks to substitute in
birthday attack a digitally signed
communication with a
different message
that produces the
Term 248
same message Definition 248
A form of program
testing that examines
the input and output
blackbox testing of a program without
focusing on its
internal logical
structures.
A complete loss of
blackout
power.
A cipher that applies
the encryption
algorithm to an entire
block cipher message block at the
at the same time.
Transporation ciphers
are examples of block
Term 251
ciphers. Definition 251
Highjacking a
Bluetooth connection
bluejacking to eavesdrop or
extract information
from devices.
The portion of a
storage device used
to load the operating
boot sector
system and the types
of viruses that attack
that process.
A network device
used to connect
networks with
bridge different speeds,
cable types, or
topologies that still
use the same
Term 254
protocol. A bridge is a Definition 254
A communication
medium that supports
multiple
broadband
communication
signals
simultaneously.
A communications
transmission to
broadcast multiple but
unidentified
recipients.
A broadcast network
broadcast address address that is used
during a smurf attack.
A network device that
first attempts to route
brouter and then defaults to
bridging if routing
fails.
A period of prolonged
brownout
low voltage.
An attack pattern
characterized by a
mechanical series of
brute force sequential or combi
natorial inputs
utilized in an
automated attempt to
Term 260
identify security Definition 260
An attack made
against a system to
discover the
bruteforce attack password to a known
identity (in other
words,username). A
bruteforce attack
Term 261
uses a systematic Definition 261
A vulnerability that
can cause a system
to crash or allow the
buffer overflow user to execute shell
commands and gain
access to the system.
Buffer overflow
vulnerabilities are
An attack that
focuses on illegally
obtaining an
business attack
organizationÕs
confidential
information.
A process by that
takes data from
cache RAM slower devices and
temporarily stores it
in
A network that spans
campus area network a college,university,or
(CAN) a multibuilding office
complex.
Each row of an
access control matrix
is a capability list. A
capability list capability list is tied
to the subject; it lists
valid actions that can
be taken on each
Term 266
object. Definition 266
The number of rows
in a relational
database. cell
cardinality suppression,The act
of suppressing (or
hiding) individual
data items inside a
Term 267
database Definition 267
Method of control in
which all
authorization
centralized access
verification is
control
performed by a single
entity within a
system.
An alarm system that
signals a remote or
centralized alarm centralized
system monitoring station
when the alarm is
triggered.
An agency that
authenticates and
distributes digital
certificate authority certificates. certificate
revocation list
(CRL),The list of
certificates that have
been revoked by a
The list of certificates
that have been
revoked by a
certificate revocation
certificate before the
list (CRL)
lifetimes of the
certificates have
expired.
The comprehensive
evaluation,made in
support of the
certification accreditation
process,of the
technical and
nontechnical security
features of an IT
The process by which
an object is uniquely
identified in a court of
chain of evidence law. Challenge
Handshake
Authentication
Protocol (CHAP),One
of the authentication
The means by which
changes to an
environment are
change management logged and moni
tored in order to
ensure that any
change does not lead
to reduced or
A process in which
copies of the disaster
recovery checklists
checklist test are distributed to the
members of the
disaster recovery
team for their review.
attacker has the
chosen ciphertext ability to decrypt
attack chosen portions of
the ciphertext
message.
attacker has the
ability to encrypt
chosen plaintext plaintext messages
attack of their choosing and
then analyze the
ciphertext output of
the encryption
A message that has
cipher text been encrypted for
transmission.
Laws that form the
bulk of the body of
laws in the United
civil laws States. They are
designed to provide
for an orderly society
and govern matters
Term 279
that are not crimes Definition 279
In the context of
objectoriented
programming
class terminology and
techniques,a
collection of common
methods from a set of
objects that defines
A label that is applied
to a resource to
indicate its sensitivity
classification or value to an
organization and
therefore designate
the level of security
Term 281
necessary to protect Definition 281
Another term for a
security label. An
classification level assigned importance
or value placed on
objects and subjects.
Nonfluctuating pure
power. clearing,A
method of sufficiently
clean power
deleting media that
will be reused in the
same secured
A method of
sufficiently deleting
clearing media that will be
reused in the same
secured environment
A software agreement
in which the contract
terms are either
clickwrap license written on the
agreement software box or
included in the
software
Term 285
documentation. Definition 285
A threshold value
used in violation
analysis auditing.
clipping level Crossing the clipping
level triggers the
recording of relevant
event data to an audit
log.
closed head system See wet pipe system.
A security system
closedcircuit using video cameras
television (CCTV) and video recording
devices.
A weakness in
cryptography where a
plaintext message
clustering (or key generates identical
clustering) ciphertext messages
using the same
algorithm but using
different keys.
A cable with a center
core of copper wire
surrounded by a layer
coaxial cable of insulation and then
by a conductive
braided shielding and
finally encased in an
Term 290
insulation sheath. Definition 290
code See cipher.
A variant of the
password
authentication factor
cognitive password that asks a series of
questions about facts
or predefined
responses that only
the subject should
An object is highly
cohesive if it can
perform a task with
cohesive (or little or no help from
cohesiveness) other objects. Highly
cohesive objects are
not as dependent
Term 293
upon other objects as Definition 293
Standby facilities
large enough to
handle the
cold sites processing load of an
organization and with
appropriate electrical
and environmental
Term 294
support systems. Definition 294
collision attack See birthday attack.
An agreement
between multiple
collusion people to perform an
unauthorized or
illegal action.
The security labels
commonly employed
commercial on secure systems
business/private used by corporations.
sector classification Common corporate or
commercial security
labels are
confidential,
Electromagnetic
interference (EMI)
noise generated by
common mode noise the difference in
power between the
hot and ground wires
of a power source or
operating electrical
A variation of the file
infector virus. A
companion virus is a
companion virus selfcontained
executable file that
escapes detection by
using a filename
similar to,but slightly
A security mode in
which systems
process two or more
compartmented types of
security mode compartmented
information. All
system users must
have an appropriate
A type of access
control that provides
various options to
compensation access other existing
control controls to aid in the
enforcement and
support of a security
policy.
A distinction of
evidence that means
that the evidence
competent must be obtained
legally. Evidence that
results from an illegal
search would be
Term 302
inadmissible because Definition 302
A computer language
that is converted into
compiled languages machine language
before distribution or
execution.
Another common
usage of auditing.
Verification that a
compliance testing system complies with
laws, regulations,
baselines, guidelines,
standards,and
policies is an
If system security has
been broken,the
compromise
system is considered
compromised.
An engineering
discipline concerned
with the construction
computer architecture
of computing
systems from the
logical level.
Any crime that is
perpetrated against or
computer crime
with the use of a
computer.
concentrator See repeater.
Incontrovertible
evidence that
conclusive evidence
overrides all other
forms of evidence.
A security
mechanism that
endeavors to make
concurrency certain that the
information stored in
a database is always
correct or at least has
its integrity and
The assurance that
information is
protected from
confidentiality unauthorized
disclosure and the
defined level of
secrecy is maintained
Term 311
throughout all Definition 311
The process of
logging, auditing, and
monitoring activities
configuration related to security
management controls and security
mechanisms over
time. This data is then
Term 312
used to identify Definition 312
The principle that
allows a process to
confinement (or read from and write to
confinement certain memory
property) locations and
resources only. This
is an alternate name
for the * (star)
It occurs when the
relationship between
the plain text and the
confusion key is complicated
enough that an
attacker can't just
alter the plain text
Term 314
and analyze the result Definition 314
One of the four
required
consistency database transactions
(the other three are
atomicity, isolation,
and durability). All
Term 315
transactions must Definition 315
The result of mixing
of data with a
different
contamination
classification level
and/or need toknow
requirement.
A form of access
contentdependent control based on the
access control contents or payload
of an object.
A goal an
organization can
accomplish by having
continuity plans and procedures
to help mitigate the
effects a disaster has
on its continuing
Term 318
operations and to Definition 318
A written contract
between the software
contractual license vendor and the
agreement customer outlining
the responsibilities of
each.
The use of access
rules to limit a
control
subject's access to
an object.
The difference
controls gap between total risk and
residual risk.
Law that guarantees
the creators of
"original works of
copyright authorship"'
protection against the
unauthorized
duplication of their
work.
An access control
deployed to restore
systems to normal
corrective access after an unwanted or
control unauthorized activity
has occurred.
Examples of
Term 323
corrective access Definition 323
Instructions,procedures,or
guidelines used to
reverse the effects of
corrective controls
an unwanted
activity,such as
attacks or errors.
Actions taken to
patch a vulnerability
or secure a system
countermeasures against an attack.
Countermeasures can
include altering
access controls,
reconfiguring security
The level of
interaction between
objects. Lower
coupling coupling means less
interaction. Lower
coupling delivers
better software
Term 326
design because Definition 326
The means by which
data can be
communicated
covert channel
outside of
normal,expected,or
detectable methods.
A channel that
conveys information
covert storage by writing data to a
channel common storage area
where another
process can read it.
A channel that
conveys information
by altering the
covert timing channel performance of a
system component or
modifying a
resource's timing in a
predictable manner.
Malicious users intent
on waging an attack
against a person or
cracker system. Crackers may
be motivated by
greed, power, or
recognition. Their
actions can result in
When a user account
accumulates
privileges over time
creeping privilege(s)
as job roles and
assigned tasks
change.
Body of laws that the
police and other law
enforcement agencies
criminal law enforce. Criminal law
contains prohibitions
against acts such as
murder, assault,
robbery, arson, theft,
A systematic effort to
identify relationships
between mission
critical path analysis critical applications,
processes, and
operations and all of
the necessary
supporting elements.
The prioritization of
missioncritical
criticality
assets and processes
prioritization
during the creation of
BCP/DRP.
The point at which the
false acceptance rate
(FAR) equals the false
crossover error rate rejection rate (FRR).
(CER) This is the point from
which performance is
measured in order to
compare the
The study of methods
to defeat codes and
ciphers.
cryptanalysis cryptographic key,
Cryptographic keys
provide the 'secret'
portion of a
cryptographic
Algorithms applied to
data that are
designed to ensure
cryptography confidentiality,
integrity,
authentication, and/or
nonrepudiation.
System in which a
shared secret key or
pairs of public and
cryptosystem private keys are used
by communicating
parties to facilitate
secure
Term 338
communication. Definition 338
Another name for the
key used to perform
cryptovariable
encryption and
decryption activities.
A subject that has
been assigned or
delegated the dayto
custodian day responsibilities of
classifying and
labeling objects and
properly storing and
protecting objects.
Similar to a hash
total,a value that
cyclic redundancy indicates whether a
check (CRC) message has been
altered or damaged in
transit.
A networking device
that performs the
data circuit actual transmission
terminating of data over the
equipment (DCE) Frame Relay as well
as establishing and
maintaining the
Term 342
virtual circuit for the Definition 342
Grouping data under
labels for the purpose
data classification of applying security
controls and access
restrictions.
The user who is
assigned the task of
implementing the
data custodian prescribed protection
defined by the
security policy and
upper management.
Term 344
The data custodian Definition 344
Central repository of
data elements and
their relationships.
data dictionary Stores critical
information about
data usage,
relationships,
Term 345
sources, and formats. Definition 345
The act of changing
data diddling
data.
The process of
extracting elements
of data from a large
data extraction body of data to
construct a
meaningful
representation or
Term 347
summary of the Definition 347
The process of
preventing data from
data hiding
being known by a
subject.
The storage facility
data mart used to secure
metadata.
A technique or tool
that allows analysts
to comb through data
data mining warehouses and look
for potential
correlated
information amid the
Term 350
historical data. Definition 350
data steward See data custodian
A networking device
that acts like a router
or a switch and
data terminal
provides the
equipment (DTE)
customer’s network
access to the Frame
Relay network.
Large databases used
to store large
amounts of
data warehouse information from a
variety of databases
for use in specialized
analysis techniques.
An electronic filing
system for organizing
collections of
database information. Most
data bases are
organized by files,
records, and fields.
An application that
enables the
database
storage,modification,and
management system
extraction of
(DBMS)
information from a
database.
The act of dividing a
database up into
smaller sections or
database partitioning individual databases;
often employed to
segregate content
with varying
sensitivity labels.
The process of
stripping a layer's
header and footer
deencapsulation
from a PDU as it
travels up the OSI
model layers.
System of access
control in which
authorization
decentralized access
verification is
control
performed by various
entities located
throughout a system.
An application that
analyzes business
data and presents it
decision support so as to make
system (DSS) business decisions
easier for users. DSS
is considered an
Term 359
informational Definition 359
The process of
moving a resource
into a lower
declassification classification level
once its value no
longer justifies the
security protections
Term 360
provided by a higher Definition 360
The process of
reversing a
cryptographic
decrypt
algorithm that was
used to encrypt a
message.
See dedicated
dedicated mode
security mode.
Mode in which the
system is authorized
to process only a
dedicated security specific classification
mode level at a time. All
system users must
have clearance and a
Term 363
need to know that Definition 363
The act of using a
magnet to return
degaussing
media to its original
pristine unused state.
The number of
degree columns in a
relational database.
In the context of
objectoriented
programming,the
delegation forwarding of a
request by an object
to another object or
delegate. An object
Term 366
delegates if it does Definition 366
Also known as the
learning rule. It is the
feature of expert
delta rule
systems that allows
them to learn from
experience.
Another form of dry
pipe (fire
suppression) system
deluge system that uses larger pipes
and therefore a
significantly larger
volume of water.
Term 368
Deluge systems are Definition 368
A type of attack that
prevents a system
from processing or
denial of service responding to
(DoS) legitimate traffic or
requests for
resources and
Term 369
objects. Definition 369
deny risk See reject risk.
An access control
deployed to discover
unwanted or
detective access unauthorized activity.
control Examples of detective
access controls
include security
Term 371
guards, supervising Definition 371
See detective access
detective control
control.
Any security
mechanism used to
verify the
detective control
effectiveness of
directive and
preventive controls.
An access control
deterrent access that discourages
control violations of a
security policy.
An attack against a
system designed to
discover the
dictionary attack password to a known
identity (in other
words, a username).
In a dictionary
Term 375
attack,a script of Definition 375
A type of backup that
stores all files that
have been modified
differential backup
since the time of the
most recent full
backup.
When a change in the
plaintext results in
diffusion multiple changes
spread throughout
the cipher text.
A method for
ensuring a recipient
that a message truly
digital signature came from the
claimed sender and
that the message was
not altered while in
Term 378
transit between the Definition 378
A process by which
the CPU is provided
with the actual
direct addressing
address of the
memory location to
be accessed.
Evidence that proves
or disproves a
specific act through
direct evidence oral testimony based
on information
gathered through the
witness's five senses.
An access control
that
directs,confines,or
directive access controls the actions
control of subjects to force or
encourage
compliance with
Term 381
security policy. Definition 381
A centralized
database of
resources available to
directory service the network, much
like a telephone
directory for network
services and assets.
Users, clients, and
An event that brings
great damage,loss,or
disaster destruction to a
system or
environment.
A document that
guides the recovery
efforts necessary to
disaster recovery
restore your business
plan
to normal operations
as quickly as
possible.
A mechanism used to
control access to
objects. The owner or
discretionary access
creator of an object
control
controls and defines
the access other
subjects have to it.
A form of access
control in which
authorization
distributed access
verification is
control
performed by various
entities located
throughout a system.
In a distributed data
model, data is stored
in more than one
distributed data database but remains
model logically connected.
The user perceives
the database as a
single entity, even
A distributed denial of
service occurs when
the attacker
distributed denial of compromises several
service (DDoS) systems to be used
as launching
platforms against one
or more victims. The
DRDoS attacks take
advantage of the
distributed reflective normal operation
denial of service mechanisms of key
(DRDoS) Internet services,such
as DNS and router
update protocols.
DRDoS attacks
Any written items
brought into court to
documentary prove a fact at hand.
evidence This type of evidence
must also be
authenticated.
1) A realm of trust or
a collection of
subjects and objects
domain that share a common
security policy. Each
domain's access
control is maintained
independently of
A fire suppression
system that contains
compressed air. Once
dry pipe system suppression is
triggered, the air
escapes,which opens
a water valve that in
Term 392
turn causes the pipes Definition 392
The steps taken to
ensure that assets
and employees of an
due care organization have
been secured and
protected and that
upper management
Term 393
has properly Definition 393
The extent to which a
reasonable person
will endeavor under
due diligence specific
circumstances to
avoid harming other
people or property.
Humanreadableonly
card IDs that usually
have a photo and
dumb cards written information
about the authorized
bearer. Dumb cards
are for use in
Term 395
environments where Definition 395
The act of digging
through the
refuse,remains,or
dumpster diving leftovers from an
organization or
operation in order to
discover or infer
Term 396
information about the Definition 396
One of the four
required
durability database transactions
(the other three are
atomicity,consistency,and
isolation). The
concept that database
The length of time a
key on the keyboard
is pressed. This is an
dwell time
element of the
keystroke dynamics
biometric factor.
A firewall that enables
realtime modification
of the filtering rules
dynamic packet based on traffic
filtering firewalls content. Dynamic
packetfiltering
firewalls are known
as fourthgeneration
Passwords that do
not remain static for
an extended period of
dynamic passwords time. Dynamic
passwords can
change on each use
or at a regular
interval,such as every
Another term for
sniffing.
However,eavesdropping
eavesdropping can include more
than just capturing
and recording
network traffic.
Term 401
Eavesdropping also Definition 401
A detailed endeavor
where students/users
learn much more than
education they actually need to
know to perform their
work tasks. Education
is most often
Term 402
associated with users Definition 402
A type of electrical
noise that can do
more than just cause
electromagnetic problems with how
interference (EMI) equipment functions;
it can also interfere
with the quality of
com
A type of smart lock
that uses a credential
electronic access
reader,an
control (EAC)
electromagnet,and a
doorclosed sensor.
A storage scenario in
which database
backups are
electronic vaulting transferred to a
remote site in a bulk
transfer fashion. The
remote location may
Term 405
be a dedicated Definition 405
A storage system that
uses electric voltages
electronically delivered to the pins
erasable PROM of the chip to force
(EEPROM) erasure. EEPROMs
can be erased without
removal from the
com puter,giving
A new branch of
public key
cryptography that
elliptic curve
offers similar security
cryptography
to established public
key cryptosystems at
reduced key sizes.
Each elliptic curve
has a corresponding
elliptic curve group
elliptic curve group made up of the points
on the elliptic curve
along with the point
O,located at infinity.
Term 408
Two points within the Definition 408
Often referred to as
the user when
employee
discussing IT issues.
See also user.
A document that
outlines an
organizationÕs rules
employment and
agreement restrictions,security
policy,and acceptable
use and activities
Term 410
policies; details the Definition 410
The process of
adding a header and
encapsulation footer to a PDU as it
travels down the OSI
model layers.
The process used to
convert a message
into cipher text.
encrypt encryption,The art
and science of hiding
the meaning or intent
of a communication
from
end user See user.
An encryption
algorithm that
protects
endtoend encryption communications
between two parties
(in other words,a
client and a server)
and is performed
The process of
establishing a new
user identity or
enrollment authentication factor
on a system. Secure
enrollment requires
physical proof of a
personÕs identity or
A subject or an
entity
object.
A PROM chip that has
a small window
through which the
erasable PROM illu mination of a
(EPROM) special ultraviolet
light causes the
contents of the chip
Term 417
to be erased. After Definition 417
A delete operation
against a file,a
selection of files,or
erasing the entire media. In
most cases,the
deletion or erasure
process removes only
the directory or
The malicious act of
gathering
proprietary,secret,private,sensit
espionage confiden tial
information about an
organization for the
express purpose of
Term 419
disclosing and often Definition 419
See penetration
ethical hacking
testing.
The rules that govern
personal conduct.
Several organizations
ethics have recognized the
need for standard
ethics rules,or
codes,and have
devised guidelines for
In the context of
computer crime,any
hardware,software,or
evidence data that you can use
to prove the identity
and actions of an
attacker in a court of
Term 422
law. Definition 422
exact actions
necessary to
control,or solution.
implement a specific
security mechanism
More
access,privilege,or
permission than a
excessive privilege(s) userÕs assigned
work tasks dictate. If
a user account is
discovered to have
excessive
An aspect of a
termination policy.
The terminated
exit interview employee is reminded
of their legal
responsibilities to
prevent the
Term 425
disclosure of Definition 425
A type of evidence
consisting of the
opinions and facts
expert opinion offered by an expert.
An expert is someone
educated in a field
and who currently
Term 426
works in that field. Definition 426
A system that seeks
to embody the
accumulated
expert system knowledge of
humankind on a
particular subject and
apply it in a
consistent fashion to
The condition of
being exposed to
asset loss because of
exposure a threat. Exposure
involves being
susceptible to the
exploitation of a
Term 428
vulnerability by a Definition 428
The percentage of
loss that an
organization would
exposure factor (EF) experience if a
specific asset were
violated by a realized
risk.
A cross between the
Internet and an
intranet. An extranet
extranet is a section of an
orga nizationÕs
network that has been
sectioned off so that
it acts as an intranet
An example of a
biometric
factor,which is a
face scan behavioral or
physiological charac
teristic that is unique
to a subject. A face
Term 431
scan is a process by Definition 431
The response of a
system to a failure so
failopen
that it defaults to an
ÒallowÓ posture.
The response of a
system to a failure so
failsafe
that it defaults to a
ÒdenyÓ posture.
failsecure See failsafe.
Error that occurs
when a biometric
device is not
false acceptance rate sensitive enough and
(FAR) an invalid subject is
authenticated. Also
referred to as a Type
2 error.
Error that occurs
when a biometric
device is too
false rejection rate sensitive and a valid
(FRR) subject is not
authenticated. Also
referred to as a Type
1 error.
A momentary loss of
fault
power.
A perimeterdefining
device. Fences are
used to clearly
fence differentiate between
areas that are under a
specific level of
security protection
Term 438
and those that are Definition 438
A cabling form that
transmits light
instead of electrical
fiberoptic signals. Fiberoptic
cable supports
throughputs up to 2
Gbps and lengths of
up to 2 kilometers.
Virus that infects
different types of
executable files and
file infector triggers when the
operating system
attempts to execute
them. For Windows
Term 440
based systems,these Definition 440
A crime that is carried
out to unlawfully
financial attack
obtain money or
services.
The patterns of ridges
on the fingers of
fingerprints humans. Often used
as a biometric
authentication factor.
A network device
used to filter traffic. A
firewall is typically
firewall deployed between a
private network and a
link to the Internet,
but it can be deployed
Term 443
between departments Definition 443
Software that is
firmware
stored in a ROM chip.
The length of time
between key presses.
This is an element of
flight time
the keystroke
dynamics form of
biometrics.
An attack that
involves sending
enough traffic to a
flooding
victim to cause a
DoS. Also referred to
as a stream attack.
A form of denialof
service attack similar
fraggle to smurf, but it uses
UDP packets instead
of ICMP.
When a network
receives a packet
larger than its
fragment maximum allowable
packet size, it breaks
it up into two or more
fragments. These
fragments are each
An attack that
exploits
vulnerabilities in the
fragmentation attacks fragment reassembly
functionality of the
TCP/IP protocol
stack.
A cryptographic
analysis or attack that
looks for repetition of
frequency analysis letters in an
encrypted message
and compares that
with the statistics of
Term 450
letter usage for a Definition 450
A complete copy of
data contained on the
protected device on
full backup the backup media.
This also refers to the
process of making a
complete copy of
data, as in
A disaster recovery
test that involves
actually shutting
fullinterruption tests down operations at
the primary site and
shifting them to the
recovery site.
These possess a full
body of knowledge
over the
fullknowledge teams operation,configuration,and
utilization of
hardware and
software inventory
prior to a security
A controlled exit and
gate
entry point in a fence.
A networking device
that connects
gateway networks that are
using different
network protocols.
The security labels
commonly employed
on secure systems
government/military used by the military.
classification Military security
labels range from
highest sensitivity to
Term 456
lowest: top secret, Definition 456
A very specific and
highly detailed level
granular object
of control over the
control
security settings of
an object.
The wire in an
electrical circuit that
ground is grounded (that is,
connected with the
earth).
An access control
management
simplification
group mechanism similar to
a role. Similar users
are made members of
a group. A group is
Term 459
assigned access to Definition 459
Attack usually
motivated by a feeling
of resentment and
grudge attack carried out to damage
an organization or a
person. The damage
could be in the loss of
information or harm
A document that
offers
recommendations on
guideline how standards and
baselines are
implemented.
Guidelines outline
Term 461
methodologies, Definition 461
A technology
enthusiast who does
not have malicious
hacker intent. Many authors
and the
media often use the
term when they are
Term 462
actually discussing Definition 462
A type of biometric
control that
recognizes the
hand geometry physical dimensions
of a hand. This
includes width and
length of the palm
and fingers. It can be
A threeway process
utilized by the TCP/IP
handshaking protocol stack to set
up connections
between two hosts.
An actual physical
device, such as a
hardware
hard drive, LAN card,
printer,and so on.
A technique that
implements process
hardware isolation at the
segmentation hardware level by
enforcing memory
access constraints.
A technique that
implements process
hardware isolation at the
segmentation hardware level by
enforcing memory
access constraints.
hash See hash function.
The process of taking
a full message and
generating a unique
hash function output value derived
from the content of
the message. This
value is commonly
referred to as the
A checksum used to
verify the integrity of
a transmission. See
hash total
also cyclic
redundancy check
(CRC).

CISSP Glossary PDF

Uploaded by

Copyright:

Available Formats

CISSP Glossary PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CISSP Glossary PDF

Uploaded by

Copyright:

Available Formats

What are some types of network cables discussed?

What are some network protocols mentioned?

11/22/2015 Printable Flash Cards

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.