info security

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

7

database shadowing A mirroring technology used in databases, in which information is written to at least two hard drives for the purpose of redundancy.

2

electronic discovery (e-discovery) The process of producing for a court or external attorney all electronically stored information pertinent to a legal proceeding. 209-210

2

firmware Software instructions that have been written into read-only memory (ROM) or a programmable ROM (PROM) chip. 252-256

1

loss potential The potential losses that can be accrued if a threat agent actually exploits a vulnerability. Gold - 106, Silver - Not specifically cited in the index

8

CMM Capability Maturity Model, a maturity framework for evaluating and improving the software development process 430, 462, 466-467

7

CMP Crisis Management Plan 409-411

2

COBIT Control Objectives for Information and related Technology, a control framework for employing information security governance best practices within an organization 95

1 , 3

COCOM Committee for Multilateral Export Controls, a munitions law which was in effect from 1947 to 1994. It was designed to control the export of critical technologies (including cryptography) to "Iron Curtain" countries during the cold war 39, 160

8

COM Component Object Model, locates, and connects objects locally 460

7

COOP Continuity of Operations Plan, a plan to maintain operations during a disaster 407-408

8

CORBA Common Object Request Broker Architecture, an open vendor-neutral networked object broker framework 460-461

8

COTS Commercial Off-the-Shelf Software, third-party developed commercial software available to the generic public 468-469

7

CPPT Continuity Planning Project Team, a team comprised of stakeholders within an organization and focuses on identifying who would need to play a role in specific emergency event were to occur 397-398

2 , 3 , 8

CPU Central Processing unit, the "brains" of the computer, capable of controlling and performing mathematical calculations 87-88, 117-118, 121-123, 430-431

3

CRL Certificate Revocation Lists, PKI component which lists digital certificates that have been revoked 178

7

CSIRT Computer Security Incident Response Team, the group that is tasked with monitoring, identifying, and responding to security incidents 358

4

CSMA Carrie Sense Multiple Access, a method used by Ethernet networks to allowed shared usage of a baseband network, and avoid collisions 249

8

CSRF Cross-Site Request Forgery, third-party redirect of static content within the security context of a trusted site 465

4

CSU/DSU Channel Service Unit/Data Service Unit, DCE device 277

3

CTR Counter, a stream mode of DES that uses a counter for feedback 163

4

CWR New TCP flag, Congestion Window Reduced 238

4

Cable modem Provide Internet access via broadband cable TV 283

2

Cache memory The fastest memory on the system, required to keep up with the CPU as it fetches and executes instructions 87-88

3

Caesar Cipher A rot-3 substitution cipher 150-151

4

Callback Modem-based authentication system 283

4

Caller ID Identifies the calling phone number, sometimes used as a weak authentication method 283-284

8

Candidate keys Any attribute (column) in the table with unique values 451

5

Capability A capability outlines the objects a subject can access and the operations the subject can carry out on the different objects. It indicates the access rights for a specific subject; many times, the capability is in the form of a ticket. 797-798

8

Capability Maturity Model - CMM Capability Maturity Model, a maturity framework for evaluating and improving the software development process 430, 462, 466-467

8

Capability Maturity Model Integration (CMMI) A process model that captures the organization's maturity and fosters continuous improvement. 1112-1113

4

Carrier Sense Multiple Access - CSMA Carrier Sense Multiple Access, a method used by Ethernet networks to allowed shared usage of a baseband network, and avoid collisions 219, 248-249

2 , 3 , 8

Central Processing Unit - CPU Central Processing unit, the "brains" of the computer, capable of controlling and performing mathematical calculations 87-88, 117-118, 120-123, 430-431

5

Centralized access control Concentrates access control in one logical point for a system or organization 309-311

3

Certificate Authority PKI component that authenticates the identity of a person or organization before issuing a certificate to them 178

3

Certificate Revocation List Certificate Revocation Lists, PKI component which lists digital certificates that have been revoked 178

2 , 3

Certification A detailed inspection that verifies whether a system meets the documented security requirements 92-93, 108-109, 113-115

8

Cleartext In data communications, cleartext is the form of a message or data, which is transferred or stored without cryptographic protection. 1153

3

Client-side attacks Attack where a user downloads malicious content 140

3

Clipper Chip (Failed) 1993 Escrowed Encryption Standard (EES), which used the Skipjack algorithm 182

5

Clipping level A minimum reporting threshold level 295-296

3

Closed Circuit Television - CCTV Closed Circuit Television, a detective device used to aid guards in detecting the presence of intruders in restricted areas 185-187

8

Closed source Software released in executable form: the source code is kept confidential 435

3

Closed system System using proprietary hardware or software 119

3

Cloud computing The use of share remote computing devices for the purpose of providing improved efficiencies, performance, reliability, scalability, and security. 322, 969-970, 1141

3 , 4

Coaxial Network cabling that has an inner copper core separated by an insulator from a metallic braid or shield 202, 247

8

Code Repositories Secure service for storing source code of projects, a public example is GitHub 448

3

Codebreakers (The) David Kahn's history of cryptography 154

8

Cohesion OOP concept that describes as independent object. Objects with high cohesion have low coupling 458-459

7

Cold Site A backup site with raised floor, power, utilities, and physical security, and no configured systems or data 406

1

Collection Limitation Principle OECD Privacy Guideline principle which states personal data collection should have limits, be obtained in a lawful manner, and, unless there is a compelling reason to the contrary, with the individuals knowledge and approval. 37

3 , 4

Collision Two or more plaintexts that generate the same hash 170-171, 248-249

7

Collusion An agreement between two or more individuals to subvert the security of a system 347

1

Collusion Two or more people working together to carry out a fraudulent activity. More than one person would need to work together to cause some type of destruction or fraud; this drastically reduces its probability. 155, 416

1

Color of law Acting on the authority of law enforcement 28-29

6

Combinatorial software testing Black box testing method that seeks to identify and test all unique combinations of software inputs 338

1

Commandments of Computer Ethics The Computer Ethics institute code of ethics 48

5

Dictionary attack Password cracking method that uses a [redefined list of words like a dictionary , running each word through a hash algorithm 297

7

Differential backup An archive of any files that have been changed since the last full backup was performed 377

3

Differential cryptanalysis Seeks to find the "difference" between related plaintexts that are encrypted 174

3

Diffie-Hellman Key Agreement protocol Key agreement allows two parties to securely agree on a symmetric key via public channel with no prior key exchange 169

3

Diffusion The order of plaintext should be dispersed in the ciphertext 147

4

EAP-TTLS EAP tunneled transport layer security, simplifies EAP-TLS by dropping the client side certificate requirement 280

4

EAP-Transport Layer Security EAP-Transport Layer security, uses PKI, requiring both server-side and client side certificates 280

4

EAPOL EAP Over LAN, a Layer 2 protocol for varying EAP 280

3

ECB / Electonic Code Book mode The simplest and weakest mode of DES 161 - 162

4

ECE / New TCP Flag 238

1

ECPA / Electronic Communications Privacy Act Provides search and seizure protection to non-telephony electronic communications 40

5

Lightweight Directory Access Protocol See—LDAP - Lightweight Directory Access Protocol, open protocol for interfacing and querying directory service information provided by network operating systems. Uses port 389 via TCP or UDP 314

5

Hand Geometry biometric control that uses measurements from within specific points on the subjects hand 307

2

Hardcopy Data any data that is accessed through reading or writing on paper rather than processing through a computer system 92, 413-414

3

Harrison-Ruzzo-Ullman Model maps subjects, objects, and accessrights to an access matrix. It is considered a variation to the graham-dennis model 112

3

Hash Function one-way encryption using an algorigthm and no key 103, 170-171, 176-178, 181, 296-300

3

Hash of Variable Length Hash algorithm that creates message digests of 128, 160, 192, 224, or 256 bits in length, using 3, 4, or 5 rounds. 171

3

Hashed Message Authentication Code (HMAC) Hash function that uses a key 177-178

1

Health Insurance Portability and Accountability Act (HIPAA) Health insurance portability and accountability act, united states regulation which protects healthcare information 14, 40, 42-43, 54-55, 97

1

Hearsay second-hand evidence 26

3

Hebern Machines class of cryptographic devices known as rotor machines, includes enigma and SIGABA 156-158

8

Hierarchical Database Database that forms a tree 451, 454-455

7

High Availability (HA) Cluster multiple systems that can be seamlessly leveraged to maintain the availability of the service or application being provided. Also called a failover cluster 253-254, 382, 416, 455

4

High-Data-Rate Digital Subscriber Line (HDSL) Matches SDSL speeds using two pairs of copper. HDSL is used to provide inexpensive T1 service. 283

4

High-data-rate Digital Subscriber Line (HDSL) high-data-rate DSL, matches SDSL speeds using two pairs of copper 283

4

High-level Data link control (HDLC) Successor to SDLC. HDLC adds error correction and flow control, as well as two additional modes (ARM and ABM). 256

4

Hold-Down Timers, Routing Information protocol distance vector routing protocol safeguard that avoids flapping 270-271

7

Honeynet a network of honeypots 370-371

7

Honeypot a system designed to attract attackers 370

7

Host-Based Intrusion Detection Systems (HIDS) Host based intrusion detection systems, a detective technical control 365

7

Host-Based Intrusion Prevention Systems (HIPS) Host based intrusion prevention system, preventative device that processes information within the host 365

5

Host-To-Host Transport Layer (TCP/IP transport layer) Connects the internet layer to the application layer. Where applications are addressed on a network via ports. 226, 237-241

7

Hot Site a backup site with all necessary hardware and critical applications data mirrored in real time 406

4

Hub Layer 1 network access device that acts as a multiport repeater 263

5

Hybrid Attack password attack that appends, prepends, or changes characters in words from a dictionary 300

1

Hybrid Risk Analysis combines quantitative and qualitative risk analysis 67

4

Hypertext Markup Language (HTML) hypertext markup language, used to display web content 140, 245, 286-287

4

Hypertext Transport Protocol (HTTP) hypertext transfer protocol, a protocol to transmit web data via a network 245

4

Hypertext Transport Protocol Secure (HTTPS) hypertext transport protocol secure, HTTP using SSL, or TLS 179, 245

3

Hypervisor Mode allows guests or operating in ring 0, controlled by a hypervisor in ring "-1" 118

3

Hypervisor software or operating system that controls access between virtual guests and host hardware 103, 131-132, 265-266

3

I/O Controller Hub (ICH) CPU Southbridge bus connects input/output (I/O) devices such as disk, keyboard, mouse, CD drive, USB ports,etc.. 120

4

IP Internet protocol, includes all IPV4 and IPv6 227-229, 232, 233-234

4

IPv4 Internet protocol Version 4, commonly called IP. It's the fundamental protocol of the internet 227-229, 232, 233-234

4

IPv6 Autoconfiguration autoconfiguration of a unique IPv6 address, omitting the need for static addressing for DHCP 227, 229-233

4

IPv6 Internet protocol Version 6, the successor of IPv4, featuring the far larger address space, simpler routing, and simpler address assignment 227, 229-233

4

ISDN Integrated Services Digital Network, provides digital service via copper pair 282-283

4

ISM Industrial, Scientific, and Medical, wireless bands set aside for unlicensed use 259

2

ISO 17799 A broad-based approach for information security code of practice by the International Organization for Standardization 94-95

7

ISO 22301 Management-focused business continuity guideline called "Business continuity management systems - Requirements" 422-423

7

ISO/IEC-27031 Technically-focused business continuity guideline that is part of the ISO 27000 series 422-423

2

ITIL Information Technology Infrastructure Library, is a framework for providing best services in IT Service Management 95

3

ITSEC Information Technology Security Evaluation Criteria, the first successful 114-115

1

Identification association of an individual 15-16

7

Identify preventative controls third step of the NIST SP 800-34 contigency planning process 384, 422

5

Identity as a Service (IDaaS) Identity as a service, also called cloud identity, allows organizations to leverage closed service for identity management 312-313

3

Inference Deductive attack where a user is able to use lower-level access to learn restricted information 143-144

8

Inference Engines Expert system component that follows the tree formed by knowledge base, and fires a rule where there is a match 469-470

2

Information Technology Infrastructure Library (ITIL) Framework for providing best services in IT Service Management (ITSM). 95

3

Information Technology Security Evaluation Criteria (ITSEC) First successful evaluation model that separates functionality (how well a system works) from assurance ( the ability to evaluate the security of a system) 114-115

8

Inheritance objects inherit capabilities from their parent class 457-458

8

Initial Software Capability Maturity Model (CMM) Phase 1 : software process is characterized as ad hoc, and occassionally even chaotic. Few processes are defined, and success depends on individual effort 430, 462, 466-467

4

Lightweight Extensible Authentication Protocol See—LEAP - Lightweight Extensible Authentication Protocol, a Cisco-proprietary protocol released before 802.1X was finalized 280

4

Internet Relay Chat (IRC) internet relay chat, a global network of chat servers and clients 72, 285

3

Internet Security Association and Key Management Protocol (ISAKMP) Internet Security Association and Key Management Protocol manages the Ipsec Security Association process 180

4

Internet Small Computer System Interface (iSCSI) A converged protocol that encapsulates SCSI data on TCP segments in order to allow peripherals to be connected to computers across networks. Gold - 512, Silver - 256 & 257

4

Internet Small Computer System Interface (iSCSI) SAN protocol that allows for leveraging existing networking infrastructure and protocols to interface with storage 256-257

4

Internet a global collection of peered networks running tcp/ip 221

8

Interpreted Code code that is compiled on the fly each time the program is run 431

3

Interrupt Indicates an asynchronous CPU event has occurred 121

3

Linear cryptanalysis Known plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key 175

1

Legal liability Liability enforced through civil law 23

5

Lightweight Directory Access Protocol (LDAP) A directory service based on a subset of the X.500 standard that allows users and applications to interact with a directory. Gold - 735-736, Silver - 314

4

Link Control Protocol See—LCP -Link Control Protocol, the initial unauthenticated connected used by CHAP 278

4

Link state Routing protocols that factor in additional metrics for determining the best route, including bandwidth 269, 271

7

Live forensics Taking a binary image of physical memory, gathering details about running processes, and gathering network connection data 354-355

4

Password Authentication Protocol See PAP 278, 320

5

Password Cracking An offline technique in which the attacker has gained access to the password hashes or database 296-300

5

Password guessing An online technique that involves attempting to authenticate as a particular user to the system 295-296

7

Patch management The process of managing software updates 372

1

Patent Intellectual property protection that grants a monopoly on the right to use, make, or sell an invention for a period of time 32

2

Payment Card Industry Data Security Standard (PCI-DSS) An information security standard for organizations that are involved in payment card transactions. Gold - 80-81, Silver - 41, 44, 94

1

Payment Card Industry Data Security Standard See PCI DSS 41, 44, 94

5

RADIUS / Remote Authentication Dial In User Service A UDP-based third-party authentication system. 279, 318-319

4,5

RADIUS remote authentication dial in user service, a UDP-based third-party authenction system (like pvault)

7

RAID 0 RAID striped set

7

RAID 1 + 0 RAID 0 combined with RAID 1, sometimes called RAID 10

7

RAID 1 RAID mirrored set

7

RAID 10 RAID 1 + 0

7

RAID 2 RAID hamming code

7

RAID 3 RAID striped set with dedicated parity (byte level)

7

RAID 4 RAID striped set with dediciated parity (block level)

7

RAID 5 RAID striped set with distibuted parity

7

RAID 6 RAID striped set with dual distrubuted parity

7

RAID redundant array of inexpensive disks, a method of using multiple disk drives to achieve greater data reliabilty, greater speed, or both (striping, mirroring, or parity)

2,3

RAM random access memory, memory that allows any address to be directly accessed

1

RAT / Remote Access Trojans Trojan Horses which may be remotely controlled. 72

1

RAT remote access trojans, trojan hourse which may be remotely controlled

5

RBAC / Role-Based Access Controls Subjects are grouped into roles and each defined role has access permissions based upon the role, not the individual. 293, 321-323

5

RBAC role-based access controls, subjects are grouped into roles and each defined role has access permission base dupon the role, not the individual (there is also MAC & DAC)

4

RC4 rivest cipher 4, used to provide confidentiality by WPA

3

RC5 rivest cipher 5, symmetric block cipher by RSA laboratories

3

RC6 rivest cipher 6, symmetric block cipher by RSA laboratories, AES finalist

3

REST / Representational State Transfer Used to implement web services. 142

4

RFC 1918 addresses Private IPv4 addresses which may be used for internal traffic. 233-234

8

RFI / Remote File Inclusion Altering web URLs to include remote content. 463

4

RFID / Radio-Frequency Idnetification A type of contact less card technology. 191, 262-263

8

Responsible Disclosure The practice of privately sharing vulnerability information with a vendor, and withholding public release until a patch is available. 466

2

SRAM Static Random Access Memory, expensive and fast memory that uses small latches called "flip-flops" to store bits 87,88

4

SRTP / Secure Real-time Transport Protocol Used to provide secure VoIP. 258

4

SRTP Secure Real-time Transport Protocol used to provide secure VoIP 258

2

SSD Solid State Drive, a combination of flash memory (EEPROM) and DRAM 81,89-90

4

SSH / Secure Shell A secure replacement for Telnet, FTP and the UNIX "R" commands. 243

4

SSH secure shell, a secure replacement for telnet, ftp and the unix "R" commands 243

4

SSID / Service Set Identifier Acts as a wireless network name. 11, 261

4

SSID service set identifier, acts as a wireless network name 261

4

SSL / Secure Sockets Layer Authenticates and provides confidentiality to network traffic such as web traffic. 179, 282

3,4

SSL Secure Sockets Layer, authenticates and provides confidentiality to network traffic such as web traffic 179,282

5

SSO Single Sign On, allows a subject to authenticate once and then access multiple systems 309, 310-18

3

STP / Shielded Twisted Pair Network cabling that contains additional metallic shielding around each twisted pair of wires. 201-202

3

STP Shielded Twisted Pair, network cabling that contains additional metallic shielding around each twisted pair of wires 201-2

4?

SVC Switched Virtual Circuit, a circuit that is established on demand

4

SYN TCP flag, synchronize a connection 238-9

4

SYN flood resource exhaustion DoS attack that fills a system's half-open connection table

3

SaaS / Software as a Service Completely configured cloud-based application, from the operating system on up. 132-133

5

Salt A random number that is hashed with a password. Allows one password to hash multiple ways. 300

1

Sanction Action taken as a result of policy violation. 17

8

Sashimi Model Development model with highly overlapping steps; it can be thought of as a real-world successor to the Waterfall Model. 438-439

8

Savepoint A clean snapshot of the database tables. 455

8

Schema Describes the attributes and values of the database tables. 453

1

Scoping The process of determining which portions of a standard will be employed by an organization. 81

4

Screened host architecture Older flat network design using one router to filter external traffic to and from a bastion host via an ACL. 275-276

4

Screened subnet architecture Two firewalls screening a DMZ. 276

1

Script kiddies Attackers who target computer systems with tools they have little or no understanding of. 69-70

8

Scrum Agile development model that uses small teams, roles include Scrum Master and Product Owner. 440-441

8

Scrum Master Senior member of the organization who acts as a coach for the Scrum team. 440-441

1

Search Warrant Court order that allows a legal search. 27-29

4

TFTP Trivial File Transfer Protocol, a simple way to transfer files with no authentication or directory structure 243

5

TGS Ticket Granting Service, a Kerberos service which grants access to services 315-8

5

TGT Ticket Granting Ticket, Kerberos credentials encrypted with the TGS key 315-8

4

TKIP Temporal Key Integrity Protocol - user to provide integrity py WPA 262

3

TLS Tunnel Layer Security - the sucessor to SSL 179,280,282,286

3

TNI Trusted Network Interpretation - the red Book 114

3

TPM (Trusted Platform Module) A processor that can provide additional security capabilities at the hardware level, allowing for hardware-based cryptographic operations 126

8

Table a group of related data in a relational database 451-2

2, 3, 7

Tactical Goals Midterm goals to accomplish. These may be milestones to accomplish within a project or specific projects to accomplish in a year. Strategic, tactical, and operational goals make up a planning horizon. N/A

3

Tailgating following an authorized person into a building without providing credentials, AKA piggybacking 103,192

2

Tailoring the process of customizing a standard for an organization 81

3

Take-Grant Protection Method Determines the safety of a given computer system that follows specific rules 110

1

Threat Any potential danger that a vulnerability will be exploited by a threat agent. 6, 106-107, 148-149, 332-335, 414, 416 (Gold Book)

5

Throughput The process of authenitcain to a system (such as a biometric authentication system) 305

5

Ticket Dara that authenticates a Kerberos principal's identity

5

Ticket Granting Service (TGS) A kerberos service which grants access to services 315-318

5

Ticket Granting Ticket (TGT) Kerberos credentials encrypted with the TGS' key 315-318

5

Type I error False Reject Rate (FRR) occurs when an authorised subject is rejected as invalid 305

5

Type II Error False Acceptance Rate (FAR) , occurs when an authorised subject is accepted as valid 305

1

due diligence the process of systematically evaluating information to identify vulnerabilities, threats, and issues relating to an organization's overall risk. 145, 924, 1053, 1054

7

eDiscovery / Electronic Discovery Pertains to legal counsel gaining access to pertinent ESI (Electronic Stored Information) during the pre-trial discovery phase of civil legal proceedings 357

3

cryptanalysis The practice of breaking cryptosystems and algorithms used in encryption and decryption processes. 339-340, 411, 412

3

cryptography the science of secret writing that enables storage and transmission of data in a form that is available only to the intended individuals. 335-350

3

cryptology The study of cryptography and cryptanalysis.

3

cryptosystem The hardware or software implementation of cryptography. 340-350

2

data a rest (DAR) Data that resides in external or auxiliary storage devices such as hard disk drives, solid-states drives, or DVDs. 99, 216-217

2

data classification Assignments to data that indicates the level of availability, integrity, and confidentiality that is required for each type of information 193-198

2

data custodian An individual who is responsible for the maintenance and protection of the data. This role is usually filled by the IT department (usually the network administrator). The duties include performing regular backups of the data; implementing security mechanisms; periodically validating the integrity of the data; restoring the data from backup media; and fulfilling the rudiments specified in the company's security policy, standards, and guidelines that pertain to information security and data protection. 204

2

data in transit or data in motion (DIM) Data that is moving between computing nodes over a data network such as the Internet. 99, 217-218

2

data in use Data that temporarily resides in primary storage such as registers, caches, or RAM while the CPU is using it. 99, 218-219

2

data leak prevention (DLP) The actions that organizations take to prevent unauthorized external parties from gaining access to sensitive data. 226-234

8

data mining The analysis of the data held in data warehouses in order to produce new and useful information. 1174-1177

2

data remanence A measure of the magnetic flux density remaining after removal of the applied magnetic force, which is used to erase data, Refers to any data remaining on magnetic storage media 211-214

8

data warehousing the process of combining data from multiple databases or data sources into a large data store for the purpose of providing more extensive information retrieval and data analysis. 1174-1177

3

permissions The type of authorized interactions that a subject can have with an object. Examples include read, write, execute, add, modify, and delete. Gold - 887-888, Silver - 128-130

1

personnel security The procedures that are established to ensure that all personnel who have access to sensitive information have the required authority as well as appropriate clearances. Procedures confirm a person's background and provide assurance of necessary trustworthiness. Gold - 154-159, 928-929, Silver - 52-55

2

presentation layer layer 6 of the OSI model, presents data to the application in a comprehensible way

4

pretty good privacy PGP

1

preventive controls prevents actions from occuring

8

primary key unique attribute in a relational database table, used to join tables (as in SQL or MS Access)

4

primary rate interface PRI

5

principal kerberos client (user) or service

1,8

principle of least privilege granting subjects the minimum amount of authorization required (never give a person, program or process more permission than is required)

5

user A person or process that is accessing a computer system. 722, 728

5

user ID A unique set of characters or code that is used to identify a specific user to a system. 776

5

Type 2 Authentication Something you have 301-303

5

Type 3 Authenication Something you are 304-308

5

KDC Key Distribution Center, a Kerberos service that authenticates principals 315-318

1,4

Managed mode 802.11 mode that clients use to connect to an AP 11, 260-261

5

Passphrase A long static password, comprised of words in a phrase or sentence 295

4

SAN / Storage Area Network Provides block-level disk storage via a network. 256-257

4

SDLC / Synchronous Data Link Control (Telecommunications) A synchronous layer 2 WAN protocol that uses polling to transmit data. 255-256

8

SDLC / Systems Development Life Cycle (Applications) A system development model that focuses on security in every phase. 429, 443-447

4

SDN / Software Defined Networking Separates a router's control plane from the data (forwarding) plane. Routing decisions are made remotely, instead of on each individual router. 258-259

4

SDSL / Symmetric Digital Subscriber Line DSL with matching upload and download speeds. 283

3

SHA-1 / Secure Hash Algorithm 1 A hash function that creates a 160-bit message digest. 171, 176-178

3

SHA-2 / Secure Hash Algorithm 2 A hash function that includes SHA-224, SHA-256, SHA-384, and SHA-512, named after the length of the message digest each creates. 171, 176-178

3

SIGABA Rotor machine used by the United States through World War II into the 1950s. 157-158

4

SIP / Session Initiation Protocol A VoIP signaling protocol. 258

4

SIP Session Initiation Protocol, a VoIP signaling protocol 258

7

SLA / Service Level Agreement Contractual agreement that helps assure availability. 44, 375-376

7

SLA Service Level Agreement, contractual agreement that helps assure availability 44, 375-6

1

SLE Single Loss Expectancy, the cost of a single loss 62

4

SLIP / Serial Line Internet Protocol A Layer 2 protocol which provides IP connectivity via asynchronous connections such as serial lines and modems. 280-281

4

SLIP Serial Line Internet Protocol, a Layer 2 protocol which provides IP connectivity via asynchronous connections such as serial lines and modems 280-1

4?

SMDS Switched Multimegabit Data Service, an older WAN technology that is similar to ATM

4

SMTP / Simple Mail Transfer Protocol A store-and-forward protocol used to exchange email between servers. 222, 243

4

SMTP Simple mail transfer protocol, a store-and-forward protocol used to exchange email between servers 222,243

4

SNMP / Simple Network Management Protocol Used to monitor network devices. 244-245

4

SNMP simple network management protocol, unsed to monitor network devices 244-5

3

SOAP used to implement web services, used to stand for Simple Object Access Protocol, now simply "SOAP" 142

4

SOCKS popular circuit-level proxy 274

4

SONET Synchronous Optical Networking, carries multiple T-carrier circuits via fiber optic cable 254

1

SOX / Sarbanes-Oxley Act Sarbanes-Oxley Act of 2002, created regulatory compliance mandates for publicly traded companies. 40

1

SOX Sarbanes-Oxley Act of 2002, created regulatory compliance mandates for publicly traded companies 40

4

SPAN port Switched port analyzer, receives traffic forwarded from other switch ports 266

3

SPI / Security Parameter Index Used to identify simplex IPsec security associations. 180

3

SPI Security Parameter Index, used to identify Simplex IPsec security violations 180

8

SQL Structured Query Language, the most popular database query language 451,454

1,4

Voice of Internet Protocol VOIP - carries voice via data networks 74, 222, 257-258

1

Baseline The minimum level of security necessary to support and enforce a security policy. 91-93

1

Baseline Uniform ways to implement a safeguard , administrative control 51

7

Baselining The process of capturing a point in time understanding of the current system security configuration 371

1

Distributed Denial of Service Distributed Denial of Service, an availability attack using many systems 27

4

EAP-TLS EAP-Transport Layer security, uses PKI, requiring both server-side and client side certificates 280

7

GFS / Grandfather Father Son A backup rotation method 415

4

ARM/Asynchronous Response Mode HDLC mode where secondary nodes may initiate communication with the primary 256

1

ARO/Annual Rate of Occurrence The number of losses suffered per year 11

4

ARPAnet The predecessor of the Internet 222

3

ASLR Address Space Layout Randomization, seeks to decrease the likelihood of successful exploitation by making memory address employed by the system less predictable 127

2

ATA Secure Erase Hardware-level secure erase command available on Solid State Drives (SSD's) that erases all blocks and also generates a new encryption key 90

4

ATM/Asynchronous Transfer Mode A WAN technology that uses fixed length cells 255

1

AV/Asset Value The Value of a protected asset 61

3

Abstraction Hides unnecessary details from the user 117

6

Acceptance Testing Testing to ensure the software meets the customers operational requirements 337

5

Access A subject's ability to view, modify, or communicate with an object. Access enables the flow of information between the subject and the object. 1082-1083, 722, 940-941

4

Access Control Lists/ACL Access Control List 275

3

Access Control Matrix Table defining what access permissions exist between specific subjects and objects 110

5

Access Control Mechanisms, controls, and methods of limiting access to resources to authorized subjects only. 797, 722

5

Access Control list (ACL) A list of subjects that are authorized to access a particular object. Typically, the types of access are read, write, execute, append, modify, delete, and create. 594, 764, 798

5

Access aggregation The collective entitlements granted by multiple systems to one user. Can lead to authorization creep 311

5

Account Lockout Disables an account after a set number of failed logins, sometimes during a specific time period 296

5, 7

Accountability A security principle indicating that individuals must be identifiable and must be held responsible for their actions. 814-818, 929-930, 1056

1

Accountability Holds individuals accountable for their actions 15

1

Accountability Principle OECD Privacy Guideline principle which states individuals should have the right to challenge the content of any personal data being held, and have a process for updating their personal data if found to be inaccurate or incomplete 37

2

Accreditation The data owners acceptance of the risk represented by a system 92

3

Accredited A computer system or network that has received official authorization and approval to process sensitive data in a specific operational environment. There must be a security evaluation of the system's hardware, software, configurations, and controls by technical personnel. 318-320

1

Act honorably, justly, responsibly, and legally Second canon of the (ISC)2 Code of ethics 46

4

Active RFID Powered RFID tags that can operate via larger distances 263

7

Active-active Cluster Involves multiple systems all of which are online and actively processing traffic or data 416

7

Active-passive Cluster Involves devices or systems that are already in place, configured, powered on and ready to begin processing network traffic should a failure occur on the primary system 416

3

ActiveX controls The functional equivalent of Java applets. They use digital certificates instead of a sandbox to provide security 142

4

Ad hoc mode 802.11 peer-to-peer mode with no central AP 261

3

Address Space Layout Randomization/ASLR Address Space Layout Randomization, seeks to decrease the likelihood of successful exploitation by making memory address employed by the system less predictable 127

7

Administrative Controls Implemented by creating and following organizational policy, procedures, or regulation. Also called directive controls 349

6

Administrative Controls Security mechanisms that are management's responsibility and referred to as "soft" controls. These controls include the development and publication of policies, standards, procedures, and guidelines; the screening of personnel; security-awareness training; the monitoring of system activity; and change control procedures. 886-905

1

Administrative Law Law enacted by government agencies, aka regulatory law 22

4

GIG / Global Information Grid The US DoD global network, one of the largest private networks in the world 224

1

GLBA / Gramm-Leach-Bliley Act Requires financial institutions to protect the confidentiality and integrity of consumer financial information 40

8

Genetic algorithms Creating computer algorithms via Darwinian evolution principals 472

8

Genetic programming Creating entire software programs (usually in the form of Lisp source code) via Darwinian evolution principals 472

4

Global Information Grid US Department of Defense (DoD) global network, one of the largest private networks in the world 221

4

Graham-Denning Model Provides more granuler approach for interaction between subjects and objects. 111-112

1

Gramm-Leach-Bliley Act (GLBA) Requires financial institutions to protect the confidentiality and integrity of consumer financial information 40

8

Grandfather-Father-Son Tape Rotation 3 sets of tapes: 7 daily tapes (the son), 4 weekly tapes (the father), and 12 monthly tapes (the grandfather). Once per week a son tape graduates to father. Once every 5 weeks a father graduates into a grandfather. After running for a year this method ensures there are backup tapes available for the past 7 days, weekly tapes for the past 4 weeks, and monthly tapes for the past 12 months. 415

1

Gross negligence The opposite of due care 19

1

Guideline A recommendation, administrative control 51-52

6

All pairs testing Form of combinatorial software testing that tests unique pairs of inputs otherwise known as (Pairwise testing) 338

8

Bottom-Up programming Starts with the low-level technical implementation details and works up to the concept of the complete program 434

1

Breach notification Notification of persons whose personal data has been, or is likely to have been, compromised 43

1

CIA triad Confidentiality, Integrity and Availability 12-15

4

CIDR Classless Inter-Domain Routing, allows for many network sizes beyond the arbitrary stateful network sizes 231-233

1 , 7

CIRT Computer Incident Response Team, a team that performs incident handling 19, 358

7

"Bad" Blocks/Clusters/sectors Good disk blocks marked as bad 354

3

CISC Complex Instruction Set Computers, CPU instructions that are longer and more powerful 122-123

3

Cryptology The science of secure communications 146

3

Date Encryption Standard See - DES 161-165, 181

4

802.11 Wireless networking standard 259

4

802.11-1997 The original mode of 802.11 operated at 2mbs using the 2.4 GHz frequency 260

4

802.11a 802.11 mode that operates at 54 mbps using the 5 GHz frequency 260

4

802.11b 802.11 mode that operates at 11 mbps using the 2.4 GHz frequency 260

4

802.11g 802.11 mode that operates at 54 mbps using the 2.4 GHz frequency 260

4

802.11i The first 802.11 wireless security standard that provides reasonable security 259

4

802.11n 802.11 mode that uses both 2.4 and 5 GHz frequencies and allows speeds of 144 mbps and beyond 260

3

802.1X Port-based Network Access Control layer 2 authentication 146

8

4GL / Fourth-generation programming language Designed to increase programmer's efficiency by automating the creation of computer programming code 433

8

4GL Fourth-generation programming language designed to increase programmers efficiency by automating the creation of computer programming code 433

5

Authorization Creep Occurs when employees not only maintain old access rights but also gain new ones as they move from one division to another within an organization. 311

4

ABM Asynchronous Mode HDLC combined mode where nodes may act as primary or secondary, initiating transmission without receiving permission 256

4

ACK TCP flag, acknowledge received data 238

4

ADSL Asymmetric Digital Subscriber Line, DSL featuring faster download speeds than upload 283

3

AH/Authentication Header Authentication Header, Ipsec protocol that provides authentication and integrity for each packet of network data 179

1

AIC triad The three security principles: availability, intregrity, and confidentiality. 3-8

1

ALE/Annualized Loss Expectancy The cost of loss due to a risk over a year 11

3

ALU/Arithmetic Logic Unit CPU Component that performs mathematical calculations 120

8

ANN/Artificial Neural Networks Simulate neural networks found in humans and animals 470

8

API/Application Programmers Interface Allows an application to communicate with another application, or an operating system, database, network, etc. For example, The Google Maps API allows an application to integrate 3rd-party content such as restaurants overlaid on a Google Map 449

4

ARCNET Attached Resource Computer Network, a Legacy LAN technology that uses tokens 249

1

Advance and protect the profession Fourth canon of the (ISC)2 Code of Ethics 47

3

Advanced Encryption Standard/AES Advanced Encryption Standard, a block cipher using 128 bit, 192 bit, or 256 bit keys to encrypt 128-bit blocks of data 148

1

Agents of law enforcement Private citizens carrying out actions on the behalf of law enforcement 28

3

Aggregation Mathematical attack where a user is able to use lower-level access to learn restricted information 144

3,8

Aggregation The act of combining information from separate sources of a lower classification level that results in the creation of information of a higher classification level, which the subject does not have the necessary rights to access. 324-325, 1169-1170

8

Agile Software Development Flexible software development model that evolved as a reaction to rigid software development models such as the Waterfall Model 439

7

Allocated Space Portions of disk partition that are marked as actively containing data 353

1

Availability Assures information is available when needed 11

1

Availability The reliability and accessibility of data and resources to authorized identified individuals in a timely manner. 3-4

3

Analog Communications that sends a continuous wave of information 185

1

Annualized Rate of Occurrence (ARO) The value that represents the estimated possibility of a specific threat taking place within a one-year timeframe. 114

1

Annualized loss expectancy (ALE) A dollar amount that estiamtes the loss potenial from a risk in a span of a year. Single Loss Expectancy (SLE) x annualized rate of occurrence (ARO) = ALE 114, 115, 120

8

Antimalware Software whose principal functions include the identification and mitigation of malware; also known as antivirus, although this term could be specific to only one type of malware. 1187-1190

1

Antivirus Software Software designed to prevent and detect malware infections 56

3

Applet Small pieces of mobile code that are embedded in other software such as web browsers 141

4

Application Layer (OSI) Layer 7 of the OSI model where the user interfaces with the computer application. 224

4

Application Layer (TCP/IP) TCP/IP model layer that combines Layers 5 through 7 of the OSI model 226

4

Application-layer proxy Proxy firewall that operates up to Layer 7 274

8

Artificial Intelligence The science of programming electronic computers to "think" more intelligently, sometimes mimicking the ability of mammal brains 469

8

Backward chaining Expert system mode that starts with begins with a premise and works backwards 470

4

Baseband Network with one channel; can only send one signal at a time 220

8

Assembly Language Low-level computer programming Language with instructions that are short mnemonics, such as "ADD", "SUB" (subtract) and "JMP" (jump) that match to machine language instructions 431

2

Asset A resource that is valuable to an organization and must be protected 79

3

Assurance Ameasurement of confidence in the level of protection that a specific security control delivers and the degree to which is enforces the security policy. 313

3

Asymmetric Encryption Encryption that uses two keys: if you encrypt with one you may decrypt with the other 103

5

Asynchronous Dynamic Token Authentication that is not synchronized with a central server, includes challenge-response tokens 303

1

Attack An attempt to bypass security controls in a system with the mission of using that system or compromising it. An attack is usually accomplished by exploiting a current vulnerability. 100-101

8

Attribute A Column in a relational database table 450

5

Audit Trail A chronological set of logs and records used to provide evidence of a system's performance or activity that took place on the system. These logs and records can be used to attempt to reconstruct past events and track the activities that took place, and possibly detect and identify intruders. 814-818

5

Authenticate To verify the identity of a subject requesting the use of a system and/or access to network resources. The steps to giving a subject access to an object should be identification, authentication, and authorization. 739-761

1

Authentication Proof of an Identity claim 15

1

Authorization Actions an individual can perform on a system 15

1

Awareness Security Control designed to change user behavior 52

7

BCI The Business Continuity Institute 423

7

BCP Business Continuity Plan, A long-term plan to ensure the continuity of business operations 347, 348, 383-424

7

BCP/DRP project manager The key point of contact for ensuring that a BCP/DRP is not only completed, but also routinely tested 397

4

BGP Border Gateway Protocol, the routing protocol used on the Internet 271

2 , 3

BIOS Basic Input output System, typically stored in firmware 88-89, 125-126, 128

2

BIOS/Basic Input Output System Typically stored in Firmware 88

3 , 4

BOOTP Bootstrap Protocol, used for bootstrapping via a network by diskless systems 135, 245

4

BRI Basic Rate interface, provides two 64 K digital ISDN channels 282

4

BRI/Basic Rate Interface Provides two 64k digital ISDN channels 282

7

BRP Business Recovery Plan, details the steps required to restore normal business operations after recovering from a disruptive event. Also known as the Business Resumption Plan 408, 412-417

7

BS-25999 Continuity standard by the British Standards institution (BSI) 422-423

5

Back Door An undocumented way of gaining access to a computer system. After a system is compromised, an attacker may load a program that listens on a port )back door) so that the attacker can enter the system at any time. A back door is also referred to as a trapdoor. 827

8

Back up Copy and move data to a medium so that it may be restored if the original data is corrupted or destroyed. A full backup copies all the data from the system to the backup medium. An incremental backup copies only the files that have been modified since the previous backup. A differential backup backs up all files since the last full backup. 1010-1028

3

Backdoor A shortcut in a system that allows a user to bypass security checks 138

1

Background checks A Verification of a person's background and experience, Also called pre-employment screening 52

4

Bastion Host Any host placed on the internet that is not protected by another device 274

8

Bayesian filtering Uses mathematical formulas to assign probabilities to make decisions such as identifying spam 471

3

Bell-LaPadula Model The model uses a formal state transition model that describes its access controls and how they should perform. When the system must transition from one state to another, the security of the system should never be lowered or compromised. See also multilevel security, simple security proeprty, and start property (*-property). 307-308, 309, 312

3

Bell-LaPadula Security model focused on maintaining the confidentiality of objects 106

1

Best evidence rule Requires use of the strongest possible evidence 26

1

Best practice A consensus of the best way to protect the confidentiality, integrity and availability of assets 21, 24

3

Biba Model A formal state transition system of a computer security policy that describes a set of access control rules designed to ensure data integrity. 308-309, 313

3

Biba Security model focused on maintaining the integrity of objects 107-108

3

Big Bang testing Integration testing that tests all integrated software components 337

7

Binary image Bit-level copy of memory 353

5

Biometrics When used within computer security, identifies individuals by physiological characteristics, such as a fingerprint, hand geometry, or pattern in the iris. 727, 744-751

6

Black box software testing Gives the tester no internal details: the software is treated as a black box that receives inputs 330, 336

1 , 6

Black hat Unethical hacker or researcher 69, 331

7

Blacklist A set of known bad resources such as IP addresses, domain names, or applications. 987

3

Blowfish Block cipher using from 32 through 448 bit (the default is 128) keys to encrypt 64 bits of data 168

4

Bluetooth 802.15 networking, a PAN wireless technology 262

3

Bollard A post designed to stop a car, typically deployed in front of building entrances 184-185

3

Book cipher Cryptographic method that uses whole words from a well-known text such as a dictionary as a one-to-one replacement for plaintext 154

3

Boot sector virus Virus that infects the boot sector of a PC, which ensures the virus loads upon system startup 138

3 , 4

Bootstrap Protocol - BOOTP Bootstrap Protocol, used for bootstrapping via a network by diskless systems 135, 245

4

Border Gateway Protocol - BGP Border Gateway Protocol, the routing protocol used on the Internet 271

1

Bot A computer system running malware that is controlled via a botnet 72

1

Botnet A central bot command and control (C&C) network, managed by humans 72

3

Brewer-Nash / Chinese Wall Model Model designed to avoid conflicts of interest by prohibiting one person, like a consultant, from accessing multiple conflict of interest categories (CoIs) 109

4

Bridge Layer 2 device that has two ports and connects network segments together 263-264

4

Broadband Network with multiple channels; can send multiple signals at a time, like cable TV 220

4

Broadcast Traffic that is sent to all stations on a LAN 236-237

4, 5, 6

Browsing Searching through storage media looking for specific information without necessarily knowing what format the information is in. A browsing attack is one in which the attacker looks around a computer system either to see what looks interesting or to find specific information. 690-700, 738, 900-902, 1145, 1155

3 , 5

Brute force attack Attack that attempts every possible key or combination 171-172, 190, 299-300

3, 5

Brute-Force Attack An attack that continually tries different inputs to achieve a predefined goal, which can be used to obtain credentials for unauthorized access. 371, 752, 835-836

8

Buffer overflow Condition where an attacker can inset data beyond the end of a buffer variable 463-464

4

Bus Physical network topology that connects network nodes in a string 250-251

7

Business Continuity Plan - BCP Business Continuity Plan, A long-term plan to ensure the continuity of business operations 347, 348, 383-424

1

Business Impact Analysis (BIA) A functional analysis in which a team collects data, documents business functions, develops a hierarchy of business functions, and applies a classification scheme to indicate each individual function's criticality level. 146-152, 1030-1031

2

Business Owners Also called Mission Owners, members of senior management who create the information security program and ensure that it is properly staffed, funded, and has organization priority 85

7

Business Recovery Plan - BRP Business Recovery Plan, details the steps required to restore normal business operations after recovering from a disruptive event. Also known as the Business Resumption Plan 408, 412-417

7

Business Resumption Plan - BRP Business Recovery Plan, details the steps required to restore normal business operations after recovering from a disruptive event. Also known as the Business Resumption Plan 408, 412-417

7

Business interruption testing Partial or complete failover to an alternate site 419

8

Bytecode Machine-independent interpreted code, used by Java 431

8

CASE Computer-Aided Software Engineering, uses programs to create assist in the creation and maintenance of other computer programs 434

3

CBC Cipher Block Chaining, a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted 163

3

CCD Charged Couple Discharge, a digital CCTV 185-186

4

CCMP Counter Mode CBC MAC Protocol, used by WPA2 to create a MIC 262

3

CCTV Closed Circuit Television, a detective device used to aid guards in detecting the presence of intruders in restricted areas 185-187

4

CDN Content Distribution networks (also Content Delivery Networks) use a series of distributed caching servers to improve performance and lower the latency of downloaded online content 287

5

CER Crossover Error Rate, describes the point where the False Reject Rate (FRR) and the False Accept Rate (FAR) are equal 293, 305-306

3

CFB Cipher Feedback, a stream mode DES that is similar to block-mode CBC 163

4 , 5

CHAP Challenge Handshake Authentication Protocol, a more secure network authentication protocol that uses a shared secret 278, 320

3

Certification The technical evaluation of the security components and their compliance for the purpose of accreditation. A certification process can use safeguard evaluation, risk analysis, verification, testing, and auditing techniques to assess the appropriateness of a specific system processing a certain level of information within a particular environment. The certification is the testing of the security component or system, and the accreditation is the approval from management of the security component or system. 318-320

1 , 5

Chain of custody Requires that once evidence is acquired, full documentation regarding who, what, when and where evidence was handled is maintained 27, 29, 297

3

Chaining Block cipher mechanism that seeds the previous encrypted block into the next block to be encrypted 161

4 , 5

Challenge Handshake Authentication Protocol - CHAP Challenge Handshake Authentication Protocol, a more secure network authentication protocol that uses a shared secret 278, 320

7 , 8

Change management The process of understanding, communicating, and documenting changes 373-375, 420, 449-450

4

Channel Service Unit/Data Service Unit - CSU/DSU Channel Service Unit/Data Service Unit, DCE device. 277

3

Charged Couple Discharge - CCD Charged Couple Discharge, a digital CCTV 185-186

7

Checklist testing Lists all necessary components required for successful recovery, and ensures that they are, or will be, readily available should a disaster occur. Also knows as consistency testing 418

3

Chinese Wall Model Model designed to avoid conflicts of interest by prohibiting one person, like a consultant, from accessing multiple conflict of interest categories (CoIs) 109

3 , 4 , 5

Cipher A Cryptographic algorithm 103, 146, 148, 150-159, 161-168, 170-171, 176-178, 181, 261-262, 296-300

3

Cipher Block Chaining - CBC Cipher Block Chaining, a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted 163

3

Cipher Feedback - CFB Cipher Feedback, a stream mode DES that is similar to block-mode CBC 163

3

Cipher disk Cryptographic device that uses two concentric disks, each with an alphabet around the periphery 151-153

3

Ciphertext A encrypted message 146, 173-174

3

Ciphertext Data that has been encrypted and is unreadable until it has been converted into plaintext. 337, 340

4

Circuit-level proxy Proxy firewall that operates at Layer 5 274

4

Circuit-switched network Network that provides a dedicated circuit or channel between two nodes 221

1

Circumstantial evidence Evidence that servers to establish the circumstances related to particular points or even other evidence 25

1

Civil law (legal system) Legal system that leverages codified laws or statues to determine what is considered within the bounds of law 20

1

Civil law Law that resolves disputes between individuals or organizations 20, 22-23

3

Clark-Wilson Model An integrity model that addresses all three integrity goals: prevent unauthorized users from making modification, prevent authorized users from making improper modifications, and maintain internal and external consistency through auditing. 309-310, 313

3

Clark-Wilson Real-world integrity model that protects integrity by having subjects access objects via programs 108-109

3

Class I gate Residential gate designed for home use 184

3

Class II gate Commercial gate, such as a parking garage gate 184

3

Class III gate Industrial/limited access gate, such as a loading dock 184

3

Class IV gate Restricted access gate, used at an airport or prison 184

4

Classful address IPv4 networks in classes A through E 232

1

Classification A systematic arrangement of objects into groups or categories according to a set of established criteria. Data and resources can be assigned a level of sensitivity as they are being created, amended, enhanced, stored, or transmitted. The classification level then determines the extent to which the resource needs to be controlled and secured, and is indicative of its value in terms of information assets. 193-198

4

Classless Inter-Domain Routing - CIDR Classless Inter-Domain Routing, allows for many network sizes beyond the arbitrary stateful network sizes 231-233

2

Clearance A determination, typically made by a senior security professional, about whether or not a user can be trusted with a specific level of information 83

8

Commercial Off-the-Shelf Software See - COTS 468-469

8

Commit Makes changes to a database permanent 455

2

Common Criteria An internationally agreed upon standard for describing and testing the security of IT projects 115-116

8

Common Object Request Broker Architecture See- COBRA 460-461

1

Common law Legal system that places significant emphasis on particular cases and judicial precedent as a determinant of laws 21

4

Communications Security Controls in place to protect information as it is being transmitted, especially by telecommunications mechanisms. 512-517

2 , 3

Compartmentalization Technical enforcement of need to know 82-83, 113, 117

1

Compensation controls Additional security controls put in place to compensate for weaknesses in other controls 57

1

Compensatory damages Damages provided as compensation 23

8

Compiler Convert source code, such as C or Basic, and compile it into machine code 431

3

Complex Instruction Set Computer See - CISC 122-123

8

Component Object Model See - COM 460

1

Computer Fraud and Abuse Act Title 18 United States Code Section 1030 40, 41-42

1 , 7

Computer Incident Response Team See - CIRT 19, 358

7

Computer Security Incident Response Team See - CSIRT 358

3

Computer bus The primary communication channel on a computer system 119-120

1

Computer crimes Crimes using computers 30-31

8

Computer-Aided Software Engineer See - CASE 434

7

Conduct the business impact analysis (BIA) Second step of the NIST SP 800-34 contingency planning process 399-403

1 , 2 , 3 , 6 , 7 , 8

Confidentiality Seeks to prevent the unauthorized disclosure of information 11-15, 36-38, 40, 42-43, 54-55, 84, 97, 123-126, 146-147, 331-332, 448, 451

7

Configuration Management The identification, control, accounting, and documentation of all changes that take place to system hardware, software, firmware, supporting documentation, and test results throughout the lifespan of the system. 933-940

8

Configuration management The process of developing a consistent system security configuration that can be leveraged throughout an organization 450

3

Confusion The relationship between the plaintext and ciphertext should be confused (or random) as possible 147

7

Consistency testing See - Checklist testing 418

8

Constrained user interface Presents a user with limited controls on information, such as an ATM keypad 453

7

Containment phase Incident response phase that attempts to keep further damage from occurring as a result of the incident 361

4

Content Distribution Networks See - CDN 287

5

Content-dependent access controls Adds additional criteria beyond identification and authentication: the actual content the subject is attempting to access 323

5

Context-dependent access control Adds additional criteria beyond identification and authentication: the context of the access, such as time 323

7

Contingency Plan A plan put in place before any potential emergencies, with the mission of dealing with possible future emergencies. It pertains to training peronnel, performing backups, preparing critical facilities, and recoving from an emergency or disaster so that business operations can continue. 983-984

7

Continuity Planning Project Team See - CPPT 397-398

7

Continuity of Operations Plan See - COOP 407-408

7

Continuity of Support Plan Focuses narrowly on support of specific IT systems and applications 408

3

Contraband check Seek to identify objects that are prohibited to enter a secure perimeter (such as an airplane) 193

2

Control Objectives for Information and related Technology See - COBIT 95

5

Control Zone The space within a facility that is used to protect sensitive processing equipment. Controls are in place to protect equipment from physical or technical unauthorized entry or compromise. The zone can also be used to prevent electrical waves carrying sensitive data from leaving the area. 811, 822

3

Control unit CPU component that acts as a traffic cop, sending instructions to the ALU 120

4

Convergence All routers on a network agree on the state of routing 269

1

Copyright A legal right that protects the expression of ideas. 70, 64-65

1

Copyright Type of intellectual property that protects the form of expression in artistic, musical, or literary works 32-36

1

Corrective controls Controls that correct a damaged system or process 56

1

Corroborative evidence Evidence that provides additional support for a fact that might have been called into question 25-26

4

Counter Mode CBC MAC Protocol See - CCMP 262

3

Counter Mode See - CTR 163

8

Coupling OOP concept that connects objects to others. Highly coupled objects have low cohesion 458-459

3

Covert channel Any communications that violates security policy 109-110, 136-137

1

Cracker A black hat hacker 69

1

Criminal law Law where the victim can be seen as society itself 22

8

Crippleware Partially functioning proprietary software, often with key features disabled. The user is typically required to make a payment to unlock the full functionality 435

7

Crisis Management Plan See - CMP 409-411

8

Cross-Site Request Forgery See - CSRF 465

8

Cross-Site Scripting See - XSS 465

5

Crossover Error Rate See - CER 293, 305-306

8

Crossover Genetic algorithm concept that combines two algorithms 472

3 , 5

Cryptanalysis The science of breaking encrypted messages (recovering their meaning) 146, 171-176, 299-300

3

Cryptographic Protocol Governance Describes the process of selecting the right cipher and implementation for the right job 149-150

3

Cryptography Science of creating messages whose meaning is hidden 146-150

1

Custodian Provides hands-on protection of assets 86

1

Customary Law Customs or practices that are so commonly accepted by a group that the custom is treated as law 21, 24

7

Cyber Incident Response Plan Plan designed to respond to disruptive cyber events, including network-based attacks, worms, computer viruses, Trojan horses, etc. 409

1

Cybersquatting Registering internet domain names associated with another organization's intellectual property 35-36

5 , 6

DAC Discretionary Access Control, gives subjects full control of objects they have or been given access to, including sharing objects with other subjects 293, 321, 349

1

DAD Disclosure, Alteration, and Destruction, the opposite of Confidentiality, Integrity and Availability 13-14

4

DARPA Defense Advanced Research Projects Agency, funders of the original MILNET and ARPANET 221-222

8

DBA Database Administrator, role that manages databases 450

8

DBMS Database management system, controls all across all access to the database and enforces database security 450

8

DCE Data Circuit-Terminating equipment, a device that networks DTEs, such as a router 453

8

DCOM Distributed component object model, locates, and connects objects across a network 460

8

DDL Data Definition language, used to create, modify, and delete tables 454

3

DEA Data Encryption Algorithm, described by DES 161

3

DEP Data Execution Prevention, which can be enabled within hardware and/or software, and makes specific pages of the stack non-executable 126

3

DES Data Encryption Standard, a symmetric block cipher using a 56-bit key and 64-bit block size 161

4

DHCP Dynamic Host Configuration protocol, assigns temporary IP address leases to systems, as well as DNS and default gateway configurations 245

4

DMZ Demilitarized Zone network, used to separate trusted from untrusted networks 276

4

DNP3 Distributed Network Protocol, provides an open standard used primarily within the energy sector for interoperability between various vendors' SCADA and smart grid applications 256

4

DNS Domain Name System, a distributed global hierarchical database that translates names to IP Addresses, and vice versa 244

4

DNS reflection attack Spoofed Dos attack using third-party DNS servers 244

4

DNSSEC Domain Name server security extensions, provides authentication and integrity to DNS reponces via the use of public key encryption 244

2

DRAM Dynamic Random Access Memory, stores bits in small capacitors (Like small batteries), cheaper, and slower than SRAM 88

7

DRP Disaster Recovery Plan, a short-term plan to recover from a disruptive event 384

4

DSSS Direct Sequence Spared Spectrum, uses the entire wireless band at once 259

4

DSl Digital subscriber Line, uses existing copper pairs to provide digital service to homes and small offices 283

4

DTE Data terminal equipment, a Network "terminal," such as a desktop, server, or actual terminal 277

4

DTE/DCE Connection that spans the Demarc 277

4

Data Circuit-Terminating Equipment See - DCE 277

8

Data Definition Language See - DDL 453-454

3 , 4

Data Encryption Algorithm See - DEA 161-168, 181, 262

3

Data Encryption Standard (DES) Symmetric key encryption algorithm that was adopted by the government as a federal standard for protecting sensitive unclassified information. DES was later replaced with Advanced Encryption Standard (AES). 339, 370-377

3

Data Execution Prevention See - DEP 126-127

3

Data Mining Used to search for patterns, such as fraudulent activity, in a data warehouse 145

2

Data Owner A management employee responsible for assuring that specific data is protected 85

2

Data Processor Role that manages data on behalf of data controllers. An outsourced payroll company is an example of data processor 86

1

Data Quality Principle OECD Privacy guideline principle that states personal data should be complete, accurate, and maintained in a fashion consistent with the purposes for the data collection 37

8

Data Warehouse A Large collection of Data 456

1

Data controllers Role that creates and manages sensitive data within the organization. Human resources employees are an example: they create and manage sensitive data, such as salary and benefit data, reports from employee sanctions, etc.. 86

8

Data dictionary Contains a description of the database tables, including the schema, database view information, and information about authorized database administrator and user accounts 453

4 , 8

Data hiding See - Encapsulation (object) 226, 457

4

Data link layer Layer 2 of the OSI model, handles access to the physical layer as well as local area network communication 223, 236-237, 263-266

2

Data remanence See-Remanence 87

8

Database A structured collection of related data 450

8

Database Administrators Database Administrator, role that manages databases 450

8

Database Journal A log of all database transactions. Should a database becomes corrupted, the database can be reverted to a backup copy, and then subsequent transactions can be "replayed" from the journal, restoring database integrity 450

8

Database management system Database management system, controls all across all access to the database and enforces database security 450

8

Database replication Mirrors a Live database, allowing simultaneous reads and writes to multiple replicated databases by clients 455

8

Database shadowing two or more identical databases that are updated simultaneously 455

8

Database view The results of a database query 453

1

Ddos Distributed Denial of Service, an availability attack using many systems 27

3

Deadbolt A rigid locking mechanism that is held in place by a key, and prevents the door from opening or fully closing when extended 189

1

Defense in Depth Application of Multiple safeguards that span multiple domains to protect an asset 19

2

Degaussing Destroying the integrity of the magnetization of the storage media, making the data unrecoverable 91

1

Delphi technique A group decision method used to ensure that each member of a group gives an honest and anonymous opinion pertaining to the company's risks. 118

3

Demarc Demarcation point, where the ISP's responsibility end, and the customer's begins 198

4

Demilitarized Zone Demilitarized Zone network, used to separate trusted from untrusted networks 276

1

Denial of Service Denial of Service, an attack on availability 27

1

Detection controls Controls that alert during or after a successful attack 56

1

Detection phase Incident response phase that analyses events in order to determine weather they might comprise a security incident 56

1

Deterrent controls Deter users from performing actions on a system 56

9

DevOps A more agile development and support model, echoing agile programming methods including Sashimi and Scrum. Developers directly support operational function 450

8

DevOps The practice of incorporating developers and members of operations and quality assurance (QA) staff into software development projects to align their incentives and enable frequent, efficient, and reliable releases of software products. 1109-1110

7

Develop an IT contingency plan Fifth step of the NIST SP 800-34 contingency planning process 422

7

Develop recovery strategy Forth step of the NIST SP 800-34 contingency planning process 422

7

Develop the contingency planning policy statement First step of the NIST SP 800-34 contingency planning process 422

5

Diameter RADIUS successor, designed to provide an improved Authentication, Authorization , and accounting (AAA) framework 319

3

Digital signature Provides nonrepudiation, which includes authentication of the identity of the signer, and proof of the document's integrity 176

4

Digital subscriber line Digital subscriber Line, uses existing copper pairs to provide digital service to homes and small offices 283

1

Direct evidence Testimony provided by a witness regarding what the witness actually experienced 25

7

Disaster Any disruptive event that interrupts normal systems, operations. 385

7

Disaster recovery plan Disaster Recovery Plan, a short-term plan to recover from a disruptive event 384

1

Disclosure, Alteration and Destruction See--DAD 14

5

Discretionary access control See --DAC 321

3

Diskless workstation Computer systems that contains CPU, Memory, and Firmware, but no hard drive, type of thin client 135

4

Distributed Network Protocol 3 (DNP3) A communications protocol designed for use in SCADA systems, particular those within the power sector, that does not include routing functionality. 3, 496

4

Distributed Network Protocol See DPN3 256

8

Distributed component object model DCOM 460

1

Divestitures Also known as de-mergers and de-acquisitions, and represent flip side of acquisition: one company becomes two or more 46

1

DoS Denial of Service, an attack on availability 27

4

Domain Name Server security extensions Domain Name server security extensions, provides authentication and integrity to DNS response via the use of public key encryption 244

4

Domain Name systems Domain Name System, a distributed global hierarchical database that translates names to IP Addresses, and vice versa 244

4

Domains of trust Access control Module used by windows active directory 244

5

Dual Factor Authentication See Strong Authentication 294

4

Dual homed host Host with 2 Network interfaces one connected to a trusted network and the other connected to an untrusted network 275

1

Due Diligence The management of Due care 24

1

Due care Requires that key organizational stakeholders are prudent in carrying out their duties, aka that "prudent man rule" 24

4

Dynamic host configuration protocol Dynamic Host Configuration protocol, assigns temporary IP address leases to systems, as well as DNS and default gateway configurations 245

5

Dynamic password Changes at regular intervals 294

5

Dynamic signatures Biometric control that measures the process by which someone signs their name 308

6

Dynamic testing Tests code while executing it 335

4

E1 Dedicated 2.048 megabit circuits that carries 30 channels 254

4

E3 24 E1s 254

4

EAP / Extensible Authentication Protocol A layer 2 authentication framework that describes many specific authentication protocols 278 - 280

4

EAP Extensible Authentication Protocol, a Layer 2 authentication framework that describes many specific authentication protocols 280

4

EAP OVER LAN EAP Over LAN, a Layer 2 protocol for varying EAP 280

4

EAP tunneled transport layer security EAP tunneled transport layer security, simplifies EAP-TLS by dropping the client side certificate requirement 280

4

EAP-FAST EAP-Flexible Authentication via Secure Tunneling, designed by Cisco to replace LEAP 280

2

EEPROM / Electrically -Erasable Programmable Read Only Memory Electrically erasable memory via the use of flashing program 88 - 90

1

EF / Exposure Factor The percentage of value an asset lost due to an iincident 62, 63

4

EGP / Exterior Gateway Protocol An exterior gateway protocol used by Private networks like Intreanets 268 - 269

7

EOC / Emergency Operations Center The command post established during or just after an emergency event 411

3

ESP / Encapsulating Security Payload Ipsec protocol which Payload primarily provides confidentiality by encrypting packet data 179 - 181, 281 - 282

1

EU Data Protection Directive Privacy directive which allows for the free flow of information while still maintaining consistent protections of each member nations citizens data 36 - 38

1

EULA / End User License Agreement A form of software licensing agreement 34, 435

7

Electronic vaulting Batch process of electronically transmitting data that is to be backed up on a routine, regularly scheduled time interval 415

3

Emanations Energy which escape an slectronic system, and which may be remotely monitored under certain circumstances 136

4

Encapsulation / Network Takes information from a higher network layer and adds a header to it, treating the higher-layer information as data 226

8

Encapsulation / Object Contains and hides the details of an object's method 457

3

Enigman Rotor machine used by German Axis powers during World War II 157

5

Enrollment The process of enrolling with a system (such as a biometric authentication system), creating an account for the first time 304

1

Enticement Making the conditions for commission of a crime favorable for those already intent on breaking the law 30

5

Entitlements The permissions granted to a user 311 - 312

8

Entity Integrity Requires that each tuple has a unique primary key that is not null 452

1

Entrapment A legal defense wher the defendant claims an agent of law enforcement persuaded the defendant to commit a crime that he or she would otherwise not have committed 30

4

Ephemeral ports TCP/IP ports 1024 and higher 237 - 238

7

Eradication phase Incident response phase that cleans a compromised system 361

1

Hacker Controversial term that may mean explorer or someone who maliciously attacks systems 68-69, 71-72

1

Ethics Doing what is morally right 46 - 49, 69

3

Exclusive Or Binary operation that is true if one of two inputs (but not both) are true 149

7

Executive Succession Planning Determines an organizations line of succession 411 - 412

3

Exfiltration Policy-violating removal of sensitive data fram a secure perimeter 193

1

Exigent circumstances With respect to evidence acquisition, justification for the seizure of evidence without a warrant due to the extreme likelihood that the evidence will be destroyed 27 - 30

8

Expert systems Seeks to replicate the knowledge and decision-making capability of human experts 469 - 470

4

Extranet A connection between private Intranets 221

5

FAR / False Accept Rate Occurs when an unauthorized subject is accepted as valid, Also known as a type II error 293, 305 - 306

1

Hacktivist Hacker activist, someone who attacks computer systems for political reasons 71-72

4

FCIP / Fibre Channel over IP SAN protocol that encapsulates Fibre Channel frames via Ethernet and TCP/IP 257

4

FCoE / Fibre Channel over Ethernet SAN protocol that leverages Fibre Channel, but can be transmitted across standard Ethernet networks. Does not use TCP/IP 256 - 257

4

FDDI / Fiber Distributge Data Interface Legacy LAB technology that uses light 249 - 250

2

FDE / Full Disk Encryption Whole Disk Encryption 96 - 97, 126, 149, 370

3

FDX / Fetch and execute Mechanism that allows the CPU to receive machine language instructions and execute them. Also called "Fetch, Decode, Execute" 121

4

FHSS / Frequency Hopping Spread Spectrume Uses a mumber of small frequency channels throughout the wireless band and "hops" through them in pseudorandom order 259 - 260

4

FIN TCP fral, finish a connection (gracefully) 238 - 239

5

FIdM / Federated Identity Management Applies Single Sign On at a much wider scale: tanging from cross-organization to Internet scale 312

5

FRR / False Reject Rate Occurs when an authorized subject is rejected as invalid, Also known as a type I error 293, 305 - 306

4

FTP / File Transfer Protocol Used to transfer files to and from servers 242 - 243

5

Facial Scan Bimetric control that compares a picture of a face to pictures stored in a database 308

7

Failover cluster Multiple systems that can be seamlessly leveraged to maintain the availability of the service or application being provided. Also called a failover cluster 382

1

Fair use doctrine Allows someone to duplicate copyrighted material without requiring the payment, consent, or even knowledge of the copyright holder 34

4

Faraday Cage Shields enclosed objects from EMI 263

3

Feedback Stream cipher mechanism that seeds the previous encrypted bit into the next bit to be encrypted 161

4

Fiber Channel over Ethernet (FCoE) A converged protocol that allows Fiber Channel frames to ride over Ethernet networks 511

3

Fiber Optic network cable Uses light to carry information 202, 248

4

Fibre Channel Non-Ethernet/IP fiber optic storage technology 257

3

Field of view The entire area viewed by a camera 185

5

Fingerprint scan Biometric scan of the minutae (specific details of the fingerprint) 305, 306 - 307

4

Firewall Device that filters traffic based on layers 3 (IP Addresses) and 4 (ports) 271 - 277

2

Firmware Stores small programs that do not change frequently, such as a compute's BIOS 88 - 89

1

First sale doctrine Allows a legitimate purchaser of copyrighted material to sell it to another person 34

8

Fitness function Genetic algorithm concept that assigns a score to an evolved algorithm 472

2

Flash memory A specific type of EEPROM, used for small portalbe disk drives 89

3

Half Duplex sends or receives at one tome only (not simultanesouly), like a walkie-talkie 220

3

Footcandle One lumen per square foot 185

8

Foreign key A key in a related database table that matches a primary key in the parent database 452

2

Formal access approval Documented approval from the data owner for a subject to access certain objects 83

8

Free software Controversial term that is defined differently by different groups. "Gree" may mean free of charge, or "free" may mean the user is free to use the software in any way they would like, including modifying it 435

8

Freeware Software that is free of charge 435

Domain #

Front of Card Back of Card Page Number(s) for More Information

7

Full backup An archive of all files 377, 414

8

Full disclosure The controverial practice of releasing vulnerability details publicly 466

4

Full duplex Two-way simultaneous transmission, like two people having a face-to-face conversation 220

6

Full knowledge test A penetration test where the tester is provided with inside information at the start of the test 330

7

Fuzzing / Fuzz testing A type of black box testing that enters random malformed data as inputs into software programs to determine if they will crash 337 - 338

4

GAN / Global Area Network A global collection of WAN's 221

1

Impact The severity of damage, sometimes expressed in dollars (value) 60

7

Incremental Backup an archive of all files that have changed since the last backup of any kind was performed 377, 414

1

Individual Participation Protocol OECD privacy guideline principle that states indivdual should have control over their data 37

4

Industrial, Scientific, and Medical (ISM) Radium Spectrum (bands) that are set aside for unlicensed use, meaning you do not need to acquire a license from an organization such as the FCC to use them 259

6

Installation testing testing software as it is installed and first operated 337

8

Instance One copy of an object 457

3

Integrated Circuits Cards (ICC) Alias for "Smart Card". Physical access control device that's contains a computer circuit 190-192

8

Integrated Product Team (IPT) Integrated product team, a customer-focused group that focuses on the entire lifecycle of a project 447

4

Integrated Services Digital Network (ISDN) Earlier attempt to provide digital service via 'copper pair'. Commonly used for teleconferencing and videoconferencing. 282-283

6

Integration testing testing multiple software components as they are combined into a working system 314, 337

3

Integrity Axiom Biba property which states "no write-up" 107

1

Integrity seeks to prevent unauthorized modification of information 11

1

Intellectual property intangible property that resulted from a creative act 31-36, 134-135

8

Interface Definition Language (IDL) Interface definition language, used by COBRA objects to communicate 460-461

6

Interface Testing tests all the ways users can interact with the application, and is concerned with appropriate functionality being exposed. From a security-oriented vantage point, the goal is to ensure that security is uniformly applied across the various interfaces 339

4

Interior Gateway Protocol (IGP) OSI Layer 3 Routing Protocol used for private networks, like Intranets 268-269

3

International Data Encryption Algorithm (IDEA) International data encryption algorithm, a symmetric block cipher using a 128 bit key and 64 bit block size 165

4

Internet Control Message Protocol (ICMP) Internet control message protocol 225, 228, 240-241, 272-273, 364-365

3

Internet Key Exchange (IKE) Internet key exchange, manages the IPSec encryption algorithm 180-181

4

Internet Layer (TCP/IP) tcp/ip model layer that aligns with the layer 3 of the OSI model, describes IP Addresses and routing 225-226, 227-241

4

Internet Message Access Protocol (IMAP) Internet message access protocol, an email client protocol 243

4

Internet Protocol (TCP/IP) TCP/IP model layer that aligns with layer 3 (network) layer of the OSI Model. This is where IP Addresses and routing lives. 225-226, 227-241

3

Internet Protocol Security (IPSEC) internet protocol security, a suite of protocols that provide a cryptographic layer to both IPv4 and IPv6 98, 179-181

4

Intranet A privately owned network running TCP/IP 221

7

Intrusion Detection System (IDS) Intrusion detection system, a detective technical control 363-366, 461-462

7

Intrusion Detection System (IDS) Software employed to monitor and detect possible attacks and behaviors that vary from the normal and expected activity. The IDS can be network based, which monitors network traffic, or host based, which monitors activities of a specific system and protects system files and control mechanisms. Gold - 822, Silver - 363-366, 461 & 462

7

Intrusion Prevention System (IPS) Preventative device designed to prevent malicious actions 363-366

5

Iris Scan passive biometric scan of the iris (colored portion of the eye) 307

5

Kerberos A third-party authentication service that may be used to support Single Sign On 314-318

3,4

Layering Separates hardware and software functionality into modular tiers 116-118,222-226

1,7

Least privilege See—Principle of least privilege - Granting subjects the minimum amount of authorization required to do their jobs, also known as minimum necessary access 17-18, 349

3

JSON JavaScript Object Notation, a data interchange format 142

3,8

Java An object-oriented language used not only to write applets, but also as a general-purpose programming language 141-142, 431

3

JavaScript Object Notation See JSON - JavaScript Object Notation, a data interchange format 142

3

Jefferson Disks Cryptographic device invented by Thomas Jefferson that used multiple wheels, each with an entire alphabet along the ridge 153-154

3

Kernel The heart of the operating system, that usually runs in ring 0. It provides the interface between hardware and the rest of the operating system, including applications 117-118, 127-128

5

Key Distribution Center See—KDC Key Distribution Center, a Kerberos service that authenticates principals 315-318

3

Key lock Preventive device that requires a physical key to unlock 187-190

5

Keyboard dynamics Biometric control that refers to how hard a person presses each key and the rhythm by which the keys are pressed 308

8

Knowledge base Expert system component that consists of "if/then" statements 469-470

4

L2F Layer 2 Forwarding, designed to tunnel PPP 281

4

L2TP Layer 2 Tunneling Protocol, combines PPTP and L2F 281

4

LAN Local Area Network, a comparatively small network, typically confined to a building or an area within one 249,263-264,250-251,248-249,249-250,221,253-254,266-267,250-253,263,233-234,252,219, 267-271,266,252-253,219, 264-266,248-249,251

4

LCP Link Control Protocol, the initial unauthenticated connected used by CHAP 278

5

LDAP Lightweight Directory Access Protocol, open protocol for interfacing and querying directory service information provided by network operating systems. Uses port 389 via TCP or UDP 314

4

LEAP Lightweight Extensible Authentication Protocol, a Cisco-proprietary protocol released before 802.1X was finalized 280

4

LLC Logical Link Control, layer 2 protocol that handles LAN communications 223

3

LWP See—Thread - A lightweight process (LWP) 121-122

2

Label Security level assigned to an object, such as confidential, secret or top secret 82

3

Lattice-Based Access Controls Nondiscretionary access control with defined upper and lower bounds implemented by the system 106-107

4

Layer 2 Tunneling Protocol See—L2TP - Layer 2 Tunneling Protocol, combines PPTP and L2F 281

1,3

Layered defense See—Defense-in-depth Application of multiple safeguards that span multiple domains to protect an asset 19, 145

4

Local Area Network See—LAN - Local Area Network, a comparatively small network, typically confined to a building or an area within one 249,263-264,250-251,248-249,249-250,221,253-254,266-267,250-253,263,233-234,252,219, 267-271,266,252-253,219, 264-266,248-249,251

3

Lock bumping Attack on locks using a shaved key, which bumps the pins, allowing the lock to turn 188

3

Lock picking The art of unlocking a lock without a key 188-189

4

Logical Link Control See—LLC- Logical Link Control, layer 2 protocol that handles LAN communications 223

4

Logical Unit Numbers See—LUN - Logical Unit Numbers, provide a way of addressing storage across the network. Also used for basic access control for network accessible storage 257

3

Lux One lumen per square meter 185

3,5,7

MAC (Access Control) Mandatory Access Control, system-enforced access control based on subject's clearances and object's labels 104-105, 128, 293, 321, 349

4

MAN Metropolitan Area Network, typically confined to a city, a zip code, or a campus or office park 221

3

MCH See—Northbridge - Connects the CPU to RAM and video memory, also called the Memory Controller Hub (MCH) 120

3,4

MD5 Message Digest 5, a hash function that creates a 128-bit message digest 171, 177-178, 280

1,4

MIC Message Integrity Check, integrity protocol used by WPA2 11i, 262

7

MOR Minimum Operating Requirements, describes the minimum environmental and connectivity requirements in order to operate computer equipment 403

4

MPLS Multiprotocol Label Switching, provides a way to forward WAN data via labels 255

7

MTBF Mean Time Between Failures, quantifies how long a new or repaired system will run on average before failing 348, 388, 402-403

7

MTD Maximum Tolerable Downtime, the total time a system can be inoperable before an organization is severely impacted 385, 393, 399, 400-401

7

MTTR Maximum Transmission Unit, the maximum PDU size on a network 348, 403

4

MTU Maximum Transmission Unit, the maximum PDU size on a network 228-229

8

Machine code Software that is executed directly by the CPU 430-431

3

Magnetic stripe card Passive device that contains no circuits. Sometimes called swipe cards: they are used by swiping through a card reader 190-192

3

Maintenance hook Shortcut installed by system designers and programmers to allow developers to bypass normal system checks during development 137

1,3,7

Malicious Code See—Malware -Malicious software, any type of software which attacks an application or system 19, 72, 137-139, 369-370

1,3,7

Malware Malicious software, any type of software which attacks an application or system 19, 72, 137-139, 369-370

3,5,6

Mandatory Access Control See—MAC - Media Access Control, layer 2 protocol that transfers data to and from the physical layer 104-105, 128, 293, 321, 349

7

Mandatory leave Forcing staff to take vacation or time away from the office. Also known as forced vacation 351

3

Mantrap A preventive physical control with two doors. Each door requires a separate form of authentication to open 103, 192

1,4

Master mode 802.11 mode used by Aps 11, 261

7

Maximum Allowable Downtime See—MTD - Maximum Tolerable Downtime, the total time a system can be inoperable before an organization is severely impacted 385, 393, 399, 400-401

7

Maximum Tolerable Downtime See—MTD - Maximum Tolerable Downtime, the total time a system can be inoperable before an organization is severely impacted 385, 393, 399, 400-401

4

Maximum Transmission Unit See—MTU - Maximum Transmission Unit, the maximum PDU size on a network 228-229

7

Mean Time Between Failures See—MTBF - Mean Time Between Failures, quantifies how long a new or repaired system will run on average before failing 348, 388, 402-403

7

Mean Time to Repair See—MTTR - Mean Time to Repair, describes how long it will take to recover a failed system 348, 403

3

Media Access Control See—MAC - Mandatory Access Control, system-enforced access control based on subject's clearances and object's labels 177-178

7

Minimum Operating Requirements See—MOR - Minimum Operating Requirements, describes the minimum environmental and connectivity requirements in order to operate computer equipment 403

5

Minutiae Specific fingerprint details that include whorls, ridges, bifurcation, and others 306

7

Mirroring Complete duplication of data to another disk, used by some levels of RAID 348, 379-381

1

Outsourcing Use of a third party to provide information technology support services which were previously performed in-house 54-55

3

Memory Controller Hub See—Northbridge - Connects the CPU to RAM and video memory, also called the Memory Controller Hub (MCH) 120

2,3

Memory Volatile or nonvolatile computer storage 123,87-88,87,123-126, 134,81, 87-90,124-125

4

Mesh Physical network topology that interconnects network nodes to each other 253-254

3

Message Authention Code (MAC) An access policy that restricts subjects' access to objects based on the security clearance of the subject and the classification of the object. The system enforces the security policy, and users cannot share their files with other users. Gold - 389-393, 668, 729, 936, Silver - 177-178

3,4

Message Digest 5 See—MD5 - Message Digest 5, a hash function that creates a 128-bit message digest 171, 177-178, 280

1,4

Message Integrity Check See—MIC - Message Integrity Check, integrity protocol used by WPA2 11i, 262

8

Method The function performed by an object 456-458

4

Metropolitan Area Network See—MAN - Metropolitan Area Network, typically confined to a city, a zip code, or a campus or office park 221

3

Microkernels A modular kernel 128

3

Microwave motion detector Active motion detector that uses microwave energy 193

8

Middleware Connects programs to programs 460-461

3

Northbridge Connects the CPU to RAM and video memory, also called the memory controller hub (MCH) 120

2

Mission Owners See—Business Owners - Also called Mission Owners, members of senior management who create the information security program and ensure that it is properly staffed, funded, and has organizational priority 85

7

Mobile sites DRP backup site option that is a "data centers on wheels"; towable trailers that contain racks of computer equipment, as well as HVAC, fire suppression and physical security 407

4

Modem Modulator/Demodulator; takes binary data and modulates it into analog sound that can be carried on phone networks 276, 282-283

3

Modes of Operation Dedicated, system-high, compartmented, and multilevel modes 112-113

1,4

Monitor mode 802.11 read-only mode used for sniffing 11, 261

3

Monoalphabetic cipher Substitution cipher using one alphabet 148, 150-151

3

Monolithic kernel A statically compiled kernel 128

3

Motherboard Contains computer hardware including the CPU, memory slots, firmware, and peripheral slots such as PCI (Peripheral Component Interconnect) slots 119-120

4

Multicast One-to-many network traffic, and the "many" is preselected 236

3

Multipartite virus Virus that spreads via multiple vectors. Also called multipart virus 138

3

Multiprocessing Runs multiple processes on multiple CPUs 122

4

Multiprotocol Label Switching (MPLS) A converged data communications protocol designed to improve the routing speed of high-performance networks. Gold - 511, 573, 574, 615-616, Silver - 255

4

Multiprotocol Label Switching See—MPLS - Multiprotocol Label Switching, provides a way to forward WAN data via labels 255

3

Multitasking Allows multiple tasks (heavy weight processes) to run simultaneously on one CPU 122

8

Mutation Genetic algorithm concept that introduces random changes to algorithms 472

7

Mutual Aid Agreement See Reciprocal agreement 406-407

4

NAT Network Address Translation, translates IP addresses 234-235

7

NDA Nondisclosure agreement, a contractual agreement that ensures that an individual or organization appreciates their legal responsibility to maintain the confidentiality of sensitive information 35, 351

4

NIC Network Interface Card, a card that connects a system to a network 225,227,236-237

7

NIDS Network based intrusion detection system, a detective technical control 364-365

7

NIPS Network intrusion prevention system, a device designed to prevent malicious network traffic 364-365

7

NIST SP 800-34 NIST Special Publication 800-34 "Contingency Planning Guide for Information Technology Systems" 384,422

4

NRM Normal response mode, SDLC/HDLC mode where secondar nodes can transmit when given permission by the primary 256

4

NS Nonce sum, the newest TCP flag, used for congestion notification 238

2

Need to know Requirement that subjects need to know infomration before accessing it 17-18, 84, 349

5

Network Access Layer TCP/IP model layer that combines layers 1 and 2 of the OSI model. It describes Layer 1 issues such as energy, bits and the medium used to carry them 225, 227

4

Network Address Translation See NAT 234-235

4

Network Interface Card See NIC 225, 227, 236-237

7

Network Intrusion Prevention System See NIPS 364-365

4

Network layer Layer 3 of the OSI model, describes routing data from a system on one LAN to a system on another 224, 267-277

8

Network model (databases) Type of hierarchical database that allows branches to have two parents 454-455

4

Network model (telecommunications) A description of how a network protocol suite operates N/A

4

Network stack A network protocol suite programmed in software or hardware 222-226

7

Network-based Intrusion Detection Systems See NIDS 364-365

3

Non-repudiation Assurance that a specific user performed a specific transaction and assurance that that the transaction did not change 17, 146-147

4

Nonce Sum See NS 238

7

Nondisclosure agreement See NDA 35, 351

5

Nondiscretionary access control Access control based on subjects' roles or tasks 321-323

3

Noninterference model Ensures that data at different security domains remain separate from one another 109-110

4

Normal Response Mode See NRM 256

8

Normalization Seeks to make the data in a database table logically concise, organized and consistent 453

3

OCSP Online Certificate Status Protocol 178

2

OCTAVE Operationally Critical Threat, Asset and Vulnerability Evaluation, a risk management framework from Carnegie Mellon University 94

1

OECD Privacy Guidelines Organization for Economic Cooperation and Development privacy guidelines, containing eight principles 37

7

OEP Occupant Emergency Plan, a facility-based plan focused on safety and evacuation 384-385,409

3

OFB Output Feedback, a stream mode of DES that uses portions of the keyfor feedback 163

4

OFDM Orthogonal Frequency-Division Multiplexing, a newer wireless multiplexing method, allowing simultaneous transmission using multiple independent wireless frequencies that do not interfere with each other 260

8

OLE Oblject Linking and Embedding, part of DCOM which links documents to other documents 460

8

OOA Object-Oriented Analysis, high-level approach to understanding a problem domain that identifies all objects and their interaction 461-462

8

OOD Object-Oriented Design, a high-level object-oriented approach to designing software 461-462

8

OOP Object-Oriented Programming, changes the older procedural programming methodology, and treats a program as a series of connected objects that communicate via messages 455,456-461

8

ORBs Object Request Brokers, used to locate and communicate with objects 460-461

4

OSI Model A network model with seven layers: physical, data link, network, transport, session, presentation, application 219, 223-225

4

OSPF Open Shortest Path First, an open link state routing protocol 271

4

OUI Organizationally unique identifier, first 24-bits of a MAC address 227

8

Object Linking and Embedding See OLE 460

8

Object Request Brokers See ORBs 460-461

8

Object encapsulation Treats a process as a "black box" 457

8

Object-Oriented Analysis See OOA 461-462

8

Object-Oriented Database Database that combines data with functions (code) in an object-oriented framework 451,455

8

Object-Oriented Design See OOD 461-462

8

Object-Oriented Programming See OOP 455,456-461

7

Occupant Emergency Plan See OEP 384-385,409

1

Offshoring Outsourcing to another country 54-55

4

One-Time Pad Theoretically unbreakable encryption using paired pads of random characters 155-156

5

One-Time password Password that may be used for a single authentication 295

3

Online Certificate Status Protocol See OCSP 178

4

Open Shortest Path First See OSPF 271

8

Open source Software with publicly published source code, allowing anyone to inspect, modify, or compile the code 435

3

Open system System using open hardware and standards, using standard componenets from a variety of vendors 119

1

Openness Principle OECD Privacy Guideline principle that states collection and use of personal data should be readily available 37

3

Operating System Software that operates a computer 127-131

2

Operationally Critical Threat, Asset, and Vulnerability Evaluation See OCTAVE 94

8

Optimizing CMM Phase 5 430,462,466-467

3

Orange Book See TCSEC 104, 113-115

4

Organizationally Unique Identifier See OUI 227

4

Orthogonal Frequency-Division Multiplexing See OFDM 260

3

Output Feedback See OFB 163

3

Overt Channel Authorized communication that complies with security policy 136

4

PAN Personal Area Network, a very small network with a range of 100 m or much less 221

4

PAP Password Authentication Protocol, an insecure network authentication protocol that exposes passwords in cleartext 278, 320

1

PCI-DSS Payment Card Industry Data Security Standard, a security standard created by the Payment Card Industry Security Standards Council (PCI SSC) 41, 44, 94

4

PDA Personal Data Assistant, a small networked computer that can fit in the palm of your hand 286

4

PDU Protocol Data Unit, a header and data at one layer of a network stack 226, 228-229

3

PGP Pretty Good Privacy, software that integrates asymmetric, symmetric and hash cryptography 181

2

PII personally identifiable information, data associate with a specific person, such as credit card data

5

PIN personal identification number, a number-based password

5

PKI public key infrastructure leverages symmetric, asymmetric and hash-based cyrptography to manage digital certificates

2

PLD programable logic device, field-programmable hardware

4

POP post office protocol, an email client protocol

3

POST power on self test, performs basic computer hardware testes, including verifying the integrity of the BIOS, testing the memory, identifying system devices, among other tasks. Machines can fail this, it may come with beeps.

4

PPP point-to-point protocol, a layer 2 protocol that has largely replaces SLIP, adding confidentiality, integrity and authenticaion (CIA triad)

4

PRI primary rate interface, provides 23 64K digital ISDN channels (as in conjuction with BRI)

2

PROM programmable read only memory, memory that can be written to once, typically at the factory

4

PSH TCP flac, push data to application layer

4

PVC permanent virtual circuit, a circuite that is always connected

3

PaaS Platform as a service, provides a pre-configured operating system, and the customer configures the application 132-133

4

Packet Filter A simple and fast firewall that has no concept of state 219, 271-272

4

Packet Layer 3 PDU 226

4

Packet-switched network A form of networking where bandwidth is shared and data is carried in units called packets 219, 221-222, 227-229, 254-255

6

Pairwise testing Form of combinatorial software testing that tests unique pairs of inputs 338

3

Panic bar Egress device that opens externally facing doors from the inside 194

7

Parallel Processing Recovery of critical processing components at an alternate computing facility, without impacting regular production systems 418-419

8

Parent Class OOP concept that allows objects to inherit capabilites from parents 457-458

7

Parity A means to achieve data redundancy without incurring the same degree of cost as that of mirroring in terms of disk usage and write performance 379-381

6

Partial Knowledge Test A penetration test where the tester is provided with partial inside information at the start of the test 330

4

Passive RFID Unpowered RFID tags 262-263

3

Passive infrared sensor Passive motion detector that detects infrared energy created by body head 193

6

Penetration test Security test designed to determine if an attacker can penetrate an organization 44-45, 330-332

3

Permutation (Also called transposition) provides confusion by rearranging the characters of the plaintext, anagram-style 147

4

Personal Area Network See PAN 221

4

Personal Digital Assistant See PDA 286

5

Personal Identification Number See PIN 294, 303

1

Personally Identifiable Information See PII 97, 13-14, 42-43, 54-55, 36-38

1

Phishing Malicious attack that poses as a legitimate site such as a bank, attempting to steal account credentials 73-74

3

Public Key Infrastructure (PKI) A framework of programs, procedures, communication protocols, and public key cryptography that enables a diverse group of individuals to communicate securely. Gold - 383, 399-404, 670, 1116, Silver - 178-179, 181

4

QoS quality of service, gives specific traffic precedence over other traffic on packet-switched networks

8

RAD rapid application development, rapidly develops software via the use of prototypes, "dummy" GUIs, back-end databases, and more

5

RADIUS (Remote Authentication Dial-in User Service) A security service that authenticates and authorizes dial-up users and is a centralized access control mechanism. 801-807 (Gold book)

4

RIP / Routing Information Protocol A distance vector routing protocol that uses hop count as its metric. 270-271

3

RISC / Reduced Instruction Set Computer CPU instructions which are short and simple. 122-123

1

ROM Read Only Memory 81, 87-89

7

RPO / Recovery Point Objective The amount of data loss or system inaccessibility (measured in time) that an organization can withstand. 401-402

4

RSN / Robust Security Network Part of 802.11i that allows changes to cryptographic ciphers as new vulnerabilities are discovered. 262

4

RST TCP flag, reset (tear down) a connection. 238-239

7

RTO / Recovery Time Objective The maximum time allowed to recover business or IT systems. 401, 402

4

RTP / Real Time Protocol VoIP protocol designed to carry streaming audio and video. 258

3,5

Rainbow Table acts as a databae that contains the hashed output for most or all possible passwords (as mentioned on McGuiver TV show)

2

Read An operation that results in the flow of information from an object to a subject and does not give the subject the ability to modify the object or the data within the object. 260-261 (Gold Book)

7

Recovery Planning An operation that results in the flow of information from an object to a subject and does not give the subject the ability to modify the object or the data within the object. 1038 (Gold Book)

7

Recovery Point Objective The acceptable amount of data loss measured in time. 1003-1005, 1029 (Gold Book)

7

Recovery Time Objective The maximum time period within which a business process must be restored to a designated service level after a disaster to avoid unacceptable consequences. 1002-1005, 1029 (Gold Book)

3

Reference Monitor Concept An access control concept that refers to an abstract machine that mediates all accesses to objects by subjects. The security kernel enforces the reference monitor concept. 304-306 (Gold Book)

8

Relational database Contains two-dimensional tables of related data. 451-453

3

Reliability The assurance of a given system, or individual component, performing its mission adequately for a specified period of time under the expected operating conditions. 1029 (Gold Book)

1

Religious law Legal system that uses religious doctrine or interpertation as a source of legal understanding and statutes. 21

1

Remanence Data that might persist after removal attemps. 81, 87-90, 91

7

Remote Journaling A method of transmitting changes to data to an offsite facility. This takes place as a parallel processing of transactions, meaning that changes to that data are saved locally and to an off-site facility. These activities take place in real time and provide redundancy and fault tolerance. 1026 (Gold Book)

8

Remote journaling Saves database checkpoints and the database journal to a remote site. In the event of failure at the primary site, the database may be recovered. 415

4

Remote meeting technology Newer technology that allows users to conduct online meetings via the Internet, including desktop sharing functionality. 286

4

Remote wipe The ability to remotely erase a mobile device. 286

8

Repeatable CMM / Capability Maturity Model phase 2. 430, 462, 466-467

4

Repeater Layer 1 device that receives bits on one port, and "repeats" them out the other port. 263

7

Reporting phase Incident response phase that provides a final report on the incident. 361-362

1

Repudiation When the sender of a message denies sending the message. The countermeasure to this is to implement digital signatures. 17 (Silver Book)

4

Reserved ports TCP/IP ports 1023 and lower. 237-238

1

Residual Risk The remaining risk after the security controls have been applied. The conceptual formulas that explain the difference between total and residual risk are: threats x vulnerability x asset value = total risk (threats x vulnerability x asset value) x control gaps = residual risk 123-124 (Gold Book)

5

Retina scan Biometric laser scan of the capillaries which feed the retina. 306-307

1

Return on Investment Money saved by deploying a safeguard. 63-64

3

Rijndael Cipher which became AES, named after authors Vincent Rijmen and Joan Daemen. 166

4

Ring (physical) Physical network topology that connects nodes in a physical ring. 252

3

Ring model Form of CPU hardware layering that separates and protects domains (such as kernel mode and user mode) from each other. 117-118

1

Risk Analysis A method of identifying risks and assessing the possible damage that could be caused in order to justify security safeguards. 102-103 (Gold Book)

1

Risk Analysis Matrix A quadrant used to map the likelihood of a risk occurring against the consequences (or impact) that risk would have. 58-68

1

Risk Management The process of identifying, assessing, and reducing the risk to an acceptable level and implementing the right mechanisms to maintain the level of risk. 126-130 (Gold Book)

1

Risk The likelihood of a threat agent taking advantage of a vulnerability and the resulting business impact. A risk is the loss potential, or probability, that a threat will exploit a vulnerability. 124-125 (Gold Book)

8

Rollback Restores a database after a failed commit. 455

3

Rootkit Malware that replaces portions of the kernel and/or operating system. 138

3

Rotation Cipher Substitution cipher that shifts each character of ciphertext a fixed amount past each plaintext character. 150-151

7

Rotation of Duties Requires that critical functions or responsibilities are not continuously performed by the same person without interruption. Also known as job rotation. 350-351

4

Router Layer 3 device that routes traffic from one LAN to another, based on IP addresses. 219, 224, 267-271

5

Rule-based access control Uses a series of defined rules, restrictions, and filters for accessing objects within a system. 323

3

Running-key cipher Cryptographic method that uses whole words from a well-known text such as a dictionary, "adding" letters to plaintext using modular math. 154

3

S/MIME / Secure/Multipurpose Internet Mail Extensions Leverages PKI to encrypt and authenticate MIME-encoded email. 181

3

SA / Security Association A simplex connection which may be used to negotiate ESP or AH parameters. 180

5

SAML / Security Assertion Markup Language An XML-based framework for exchanging security information, including authentication data. 312

1

Secondary Evidence Evidence consisting of copies of original documents and oral descriptions. 26

1

Security Safeguards Principle OECD Privacy Guideline principle that states personal data should be reasonably protected against unauthorized use, disclosure, or alteration. 37

6

Security assessments A holistic approach to assessing the effectiveness of access control. May use other tests as a subset, including penetration tests and vulnerability scans. 329-345

6

Security audit A test against a published standard. 332

3

Security domain The list of objects a subject is allowed to access. 117

3

Security property Bell-LaPadula property that states "no write-down" 104

4

Segment Layer 4 PDU / Protocol Data Unit. 226

8

Semantic integrity Requires that each value is consistent with the attribute data type 452

7

Seperation of duties Dividing sensitive transactions among multiple subjects 108-109, 349-350

4

Socket pair describes a unique connection between two nodes: source port, source IP, destination port and destination IP 238

7,8

Software escrow source code held by a neutral third party 416-7,447

3

Server-side attack Attack launched directly from an attacker to a listening service. Also called service-side attack 139-140

1

Servicemark Intellectual property protection that allows for the creation of a brand that distinguishes the source of services. 31-32

4

Session hijacking Compromise of an existing network sessions. 235

4

Session layer Layer 5 of the OSI model, manages sessions, which provide maintenance on connections. 224, 274

8

Shadow Database Similar to a replicated database, with one key difference: a shadow database mirrors all changes made to a primary database, but clients do not access the shadow. 415, 455-456

8

Shareware Fully functional proprietary software that may be initially used free of charge. If the user continues to use the Shareware for a specific period of time, the shareware license typically requires payment. 435

3

Shoulder surfing Physical attack where an attacker observes credentials, such as a key combination. 190

1

Shredding / Wiping Writes new data over each bit or block of file data. 91-92

3

Side-Channel attack Cryptographic attack which uses physical data to break a cryptosystem, such as monitoring CPU cycles or power consumption used while encrypting or decrypting. 175

3

Simple Security Property Bell-LaPadula property that states "no read up" (NRU). 104, 106

3

Simple integrity axiom Biba property that states "no read down". 107

4

Simplex One-way communication, like a car radio tuned to a music station. 220

8

Simulation test Recovery from a pretend disaster, goes beyond talking about the process and actually has teams carry out the recovery process. 418

7

Slack Space Space on a disk between the end-of-file marker and the end of the cluster 354

3

Smart Card a physical access control device containing an integrated circuit, AKA Integrated Circuit Card (ICC) 190-192,262-3

4?

Smurf attack attack using an ICMP flood and directed broadcast addresses

4

Sniffing confidentiality attack on network traffic 264,296

3

Social Engineering uses the human mind to bypass security controls 172

4

Socket a combination of an IP address and a TCP or UDP port on one node 238

8

Source Code computer programming language instructions that are written in text that must be translated into machine code before execution by the CPU 430-1,448

3

Southbridge connects I/O devices such as disk, keyboard, mouse, CD drive, USB ports etc 120

1

Spear Phishing targeted phishing attack against a small number of high level victims 73-4

8

Spiral Model Software Development model designed to control risk 429,441-2

4

Split horizon Distance vector routing protocol safeguard will not send a route update via an interface it learned the route from 270

4?

Spoofing masquerading as another endpoint

3

Spring-bolt lock a locking mechanism that springs in and out of the door jamb 188-9

1

Standard Describes the specific use of technology, often applied to hardware and software administrative control 51,52

4

Star physical network topology that connects each node to a central device such as a hub or a switch 252-3

4

Stateful firewall Firewall with a state table that allows the firewall to compare current packets to previous 219,272-3

4

Static Route Fixed routing entries 267

6

Static Testing tests code passively, the code is not running 335-6

5

Static password Reusable passwords that may or may not expire 295

1

Statutory Damages damages prescribed by law 23

3

Stealth Virus Virus that hides itself from the OS and other protective software, such as anti-virus software 138

3

Steganography The science of hidden communication 182-3

3

Storage Channel Covert channel that uses shared storage, such as a temporary directory to allow two subjects to signal each other 136

3

Strike Plate plate in the door jamb with a slot for a deadbolt or spring-bolt lock 188

7

Striping Spreading data across multiple disks to achieve performance gains, used by some levels of RAID 348,379-81

5

Strong Authentication Requires that the user present more than one authentication factor, also called dual factor authentication 295,303

3

Strong Tranquility property Bell-LaPudula property that states security labels will not change while the system is operating 106

7

Structured walkthrough Thorough review of a DRP by individuals that are knowledgeable about the systems and services targeted for recovery, AKA tabletop exercise 418

3

Subject an active entity on an Information System which accesses or changes data 106

3

Substitution cryptographic method that replaces one character with another 147,182-3

3

TEMPEST A standard for shielding electromagnetic emanations from computer equipment 136

3

Swapping uses virtual memory to copy contents in primary memory (RAM) to or from secondary memory 124-5

4

Switch Layer 2 device that carries traffic on one LAN 219,364-6

3

Symmetric Encryption Encryption that uses one key to encrypt and decrypt 160-168

5

Synchronous Dynamic Token use time or counters to synchronize a displayed token code with the code expected by the authentication server 302-3

6

Synthetic Transactions Also called synthetic monitoring, involves building scripts or tools that simulate activities normally performed in an application 336-7

2

System Owner a manager responsible for the actual computers that house data, including hardware and software config, updates, patching, etc 85-6

3

System call allow processes to communicate with the kernel and provide a window between CPU rings 118

2?

System unit computer case, containing all of the internal electronic components including motherboard, internal disk drives, power supply etc

4

T1 a dedicated 1.544 megabit circuit that carries 24 64 bit DSO channels 254

4

T3 28 bundled T1s 254

5

TACACS (Terminal Access Controller Access Control System) A client/server authentication protocol that provides the same type of functionality as RADIUS and is used as a central access control mechanism mainly for remote users. 801-805

5

TACACS (Terminal Access Controller Access Control System) A client/server authentication protocol that provides the same type of functionality as RADIUS and is used as a central access control mechanism mainly for remote users. 801-805 (Gold Book)

5

TACACS Terminal Access Controller Access Controller System, a SSO method often used for network equipment 319

4

TAP Test Access Port, provides a way to tap into network traffic and see all unicast streams on a network 236

4

TCP Transmission Control Protocol, uses a 3-way handshake to create reliable connections across a network 237-239,272-274,364-365

4

TCP Transmission Control Protocol, uses a 3-way handshake to create reliable connections across a network 237-9, 272-4,364-5

4

TCP/IP Model a network model with 4 layers: network access, Internet, transport and application 219,225-245

3

TCSEC Trusted Computer System Evaluation Critera - aka the Orange Book, evluaiton model developed by the departmnet of defence 104,113-115

3

TCSEC Trusted Computer System Evaluation Criteria, AKA the Orange Book, evaluation model developed by the US Dept of Defense 104,113-5

3?

Teardrop Attack a malformed packet DoS attack that targets issues with systems' fragmentation reassembly

3

Technical Controls Implemented using software, hardware or firmware that restricts logical access on an information technology system 145-6

1

Technical Controls These controls, also called logical access control mechanisms, work in software to provide confidentiality, integrity, or availability protection. Some examples are passwords, identification and authentication methods, security devices, auditing, and he configuration of the network. 8-12, 811-814, 865-866 (Gold Book)

4

Telnet protocol that provides terminal emulation over a network using TCP port 23 242

5

Tempest The study and control of spurious electronic signals emitted by electrical equipment. Tempest equipment is implemented to prevent intruders from picking up information through the airwaves with listening devices. 821 (Gold Book)

5

Tempest The study and control of spurious electronic signals emitted by electrical equipment. Tempest equpment is implemented to prevent intruders from picking up information through the airwaves with listening devices. 821

3

Thread A lightweight process (LWP) 121-122

1

Threat A potentially negative ocurrence 11, 58-60

4

Thicknet Older type of coaxial cable, used for ethernet bus networking 247,248

3

Thin client applications use a web browser as a universal client, providing access to robust applications that are downloaded from the thin client server and run in the client's browser 135

3

Thin clients Simple computer systems the rely on centralise applications and data 135

4

Thinnet Older type of coaxial cable, used for Ethernet bus networking 247, 248

3

Time multiplexing Shares system resources between mulitiple processes, eahc with a dedicated slice of time 124

8

Time of Check/Time of Use (TOCTOU) alrering a condition after it has been checked by the operating system, but before it Is used 464-465

3

Timing Channel Covert channel that relies on the system clock to inder sensitve information 109-110

4

Token Ring Legacy LAN techniology that uses tokens 249

8

Top-Down Programming Starts with the broadest and highest level requirements (the concept of the final program) works down towards the low-level tehcnical implementation details 434

8

Top-down Approach An approach in which the initiation, support, and direction for a project come from top management and work their way down through middle management and then to staff members. 434 (Silver Book)

3

Topology The physical construction of how nodes are connected to form a network. 523 (Gold Book)

1

Total Cost of Ownership (TCO) The cost of a safeguard 51,62-63

1

Total Risk When a safeguard is not implemented, an origination is faced with the total risk of that particular vulnerability. 123-124 (Gold Book)

3

Turnstile Device designed to prevent tailgating by enforcing a 'one person per authentication' rules 192

3

Twofish AES finalist,encrypting 128-bit blocks usinf 128 through 256 bit keys 168

5

Type 1 Authentication Something you know 294-301

6

Traceability Matrix Maps customers' requirements to the software testing plan: it 'traces' the 'requirements', and ensures they are being met 336

4

Traceroute Command the ues ICMP Time Exceeded messages to trace a network route 241

1

Trade secret Business-propriety information that is important to an organizations ability to compete 34-35

1

Trademark A legal right that protects a word, name, product shape, symbol, color, or combination of these used to identify a product or company. 65 (Gold Book)

1

Trademark Intellectual property protection that allows for the creation of a brand that distinguishes the source of products 31-32,35

1,7

Training Security control designed to provide a skill set 52,419-420

4

Transport Layer (OSI) TCP/IP model layer that connects the internet layer to the application layer 224,237-239,271-277

3

Transposition Permutation - provides confustion by rearranging the characterso fthe plain-text, anagram style 147

4

Tree Physical network topology with a root node, and branch node that are at least three level deep 251

3

Triple DES 56-bit DES applied three times per block 164-165

4

Trivial Transfer Protocol (TFTP) a simple way to transfer files withouht the use of authentication or directory structure 243

1

Trojan Horse A computer program that has an apparently or actually useful function, but that also contains hidden malicious capabilities to exploit a vulnerability and/or provide unauthorized access into a system. 530, 1186 ( Gold Book)

1,3

Trojan Malware that performs two functions: one benigns (such as a game) and one malicious. Also called trojan horses 72,138

8

Trojan horse A computer program that has an apparently or actually useful function, but that also contains hidden malicious capabilities to exploit a vulnerability and/or provide unauthorized access into a system. 530, 1186

3

Trusted Computer System A system that has the necessary controls to ensure that the security policy will not be compromised and that can process a range of sensitive or classified information simultaneously. 302-304 (Gold Book)

3

Trusted Computing Base (TCB) All the protection mechanisms within a computer system (software, hardware, and firmware) that are responsible for enforcing a security policy. 302-304 (Gold Book)

3

Trusted Path A mechanism within the system that enables the user to communicate directly with the TCB. This mechanism can be activated only by the user or the TCB and not by an untrusted mechanism or process. 303 (Gold Book)

7

Trusted Recovery A set of procedures restores a system and its data in a trusted manner after system has been disrupted or a system failure has occurred. 933-935 (Gold Book)

3

Truth table Table used to map all the results of a mathmatical operaiont such as XOR 149

8

Tuple A row in a relational database table 451

1

Typosquatting Registering internet domain names comprised of likely misspellings or mistyping of legitmate domain trademarks 35-36

4

UDP User Datagram Protocol, a simpler and faster cousin of to TCP 225-226,239,272

4

URG TCP flag, packet contains urgent data 238

1

USA PATRIOT ACT Uniting and Strengthening America by Promoting Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 40,42

3

Ultrasonic motion detector Actuve motion detector that uses ultrasonic energy 193

7

Unallocated space Portions of a disk partition whoc do not contain active data 353

4

Unicast One-to-one netork traffi, such as a client surfing the web 236

6

Unit Testing Low-level tests of software components, such as functions, procedures or objects 337

3,4

Unshielded Twister Pair (UTP) Network cabling that uses pairs of wire twisted together 201-202,220,246-247

1

Use Limitation Principle OECD Privacy Guideline principle that states personal data should never be disclosed without either consent of the individual or lgel requirement 37

5

User A person or process that is accessing a computer system. 814-818, 929-930 (Gold Book)

5

User ID A unique set of characters or code that is used to identify a specific user to a system.

4

VDSL Very High Rate Digital Subscriber Line - DSL, featuring much faster asymmetric speeds 283

4

VLAN LAN, which can be thought of as a virtual switch 264-266

9

Validation The act of performing tests and evaluations to test a system's security level to see if it complies with security specifications and requirements. 1096, 1148-1153 (Gold Book)

3

Vernam Cipher One-time pad using a teletypewriter, invented by Gilbert Vernam 156

3

Vigenere Cipher Ployalphabetic cipher names after Blaise de Vignère, using a Vignère Square 151-152

3

Virtual Memory Provides virtual address mapping between applications and hardward memory 124-125

3,4

Virtual Private Network VPN - a method to send private data over insecure network, such as the internet 179-181, 280-282

3,4

Virtualization Adds a software layer between an operating system and the inderlying computer hardware 103, 118,131-132,265-266,284-285

3

Virus A small application, or string of code, that infects applications. The main function of a virus is to reproduce, and it requires a host application to do this. It can damage data directly or degrade system performance. 53, 820, 1178-1181 (Gold Book)

3

Virus malware the requires a carrier to propagate 137-138,139,368-369

1

Vulnerability A weakness in a system 11

7

Vulnerability Management Management of vulnerability information 372-373

7

Vulnerability Scanning A process to discover poor configurations and missing patches in an environment 372-373

3

Vulnerability The absence or weakness of a safeguard that could be exploited. 113 (Gold Book)

4

WAN Wide area network, typically covering cities, states, or countries 221,253-256

4

WAP Wireless Application Protocol, designed to provide secure web services to handheld wireless devices such as smart phones 286-287

4

WEP wired equivalent privacy, a very weak 802.11 security protocol 261

3,4

WLAN Wireless Local Area Network 146,259-262,279-280

2,3

WORM Write Once Read Many, memory wich can be written to once, and read many times 92,126

3

WSDL Web Services Description Language, provides details about how web services are to be invoked 142

7

Walkthrough drill Also known as a simulation test, recovery form a pretend disaster, goes beyond talking about the process and actually has teams carry out the recovery process 418

6

War Dialing An attack in which a long list of phone numbers I inserted into a war-dialing program in the hope of finding a modem that can be exploited to gain unauthorized access. 836, 874 (Gold Book)

6

War dialing Uses modem to dial a series of phone numbers, looking for an answering modm carrier tone 330

3

Warded lock Preventative device that turn a key through channels (called wards) to unlock 188

7

Warm site A backup site with all the necesssary hardware and connectivity, and configured computes without live data 406

1

Wassenaar Arrangement Munitions law that followed COCOM, beginning in 1996 39,160

3

Watchdog timer Recovers a system by rebooting after critical processes hang or crash 122

8

Waterfall model An application development model that uses riged phases; when one phase end, the next begins 429,436-439

3

Weak tranquility property Bell-Lapadula property that states security labels wil not change in a way that violates security policy 106

3

Well-formed transactions Clark-Wilson control to enforce contol over applications 108

7

Whitelist A set of known good resources such as IP addresses, domain names, or applications. 966, 987 (Gold Book)

2,3

Whole Disk Encryption FDE - Full Disk Encryption 96-97,126,149,370

4

Wi-Fi Protected Access 2 WPA2 - the full implementation of 802.11i 262

4

Wi-Fi Protected Access WPA - a partial implementation of 802.11i 262

2

Wiping Writes new data over each bit or block of file data. Also called shredding 91

3

Work Factor The estimated time and effort required for an attacker to overcome a security control. 343, 385-386 (Gold Book)

7

Work Recovery Time WRT - the time required to configure a recovered system 401,402

3

Work factor The amount of time required to break a cryptosystem (decrypt a ciphertext without a key) 147

2

Worm An independent program that can reproduce by copying itself from one system to another. It may damage data directly or degrade system performance by tying up resources. 478-479, 1178, 1182 (Gold Book)

1,3

Worm malware that self-propogates 58-59,138-139

6

Write An operation that results in the flow of information from a subject to an object. 880 ( Gold Book)

4

X.25 Older packet switched Wan protocol 255

3

XML / Extensible Markup Language A markup language designed as a standard way to encode documents and data 142

3

XML eXtensible Markup Language, a markup language designed as a standard way to encode documents and data 142

3

XOR Exclusive OR, binary operation that is true if one of two inputs (but not both) are true 149

8

XP / Extreme Programming An Agile development method that uses pairs of programmers who work off a detailed specification 429, 441

8

XP eXtreme Programming, an agile development method that users paits of programmers who work off detailed specification 429,441

8

XSS Cross Site Scripting, third-party execution of web scripting languages such as Javascript within the security content of a trusted site 465

3

Zachman Framework Provides 6 frameworks for providing information security, asking what, how, where, who, when and why, and mapping those frameworks across rules including planner, owner, designer, builder, programmer and user 111

6

Zero knowledge test A blind penetration test where the tester has no inside information at the start of the test 330

7,8

Zero-day exploit An exploit for a vulnerability with no available vendor patch 373,466

1

Zombie aka Bot - a computer system running malware that is controlled by a botnet 72

1

cost/benefit analysis An assessment that is performed to ensure that the cost of a safeguard does not outweighs the benefit of the safeguard. Spending more to protect an asset than the asset is actually worth does not make good business sense. All possible safeguards must be evaluated to ensure that the most security-effective and cost-effective choice is made. 102, 120

1

countermeasure A control, method, technique, or procedure that is put into place to prevent a threat agent from exploiting a vulnerability. A countermeasure is put into place to mitigate risk. Also called a safeguard or control 7, 102, 121-122

3

covert channel A communications path that enables a process to transmit information in a way that violates the system's security policy 310-311

3

covert storage channel A covert channel that involves writing to a storage location by one process and the direct or indirect ready of the storage location by another process. Covert storage channels typically involve a resource (for example, sectors on a disk) that is shared by two subjects at different security levels. 310-311

3

covert timing channel A covert channel in which one process modulates its system resource (for example, CPU cycles), which is interpreted by a second process as some type of communication. 311

1

declassification An administrative decision or procedure to remove or reduce the security classification information. 193-198

1

dedicated security mode The mode in which a system operates if all users have the clearance or authorization to access, and the need to know about, all data processed within the system. All users have been given formal access approval for all information on the system and have signed nondisclosure agreements pertaining to this information.

2

degauss Process that demagnetizes magnetic media so that a very low residue of magnetic induction is left on the media. Used to effectively erase data from media. 214, 221

4

denial of service (DoS) Any action, or series of actions, that prevents a system, or its resources, from functioning in accordance with its intended purpose. 566, 588, 603, 696-698

4

dial-up The service whereby a computer terminal can use telephone lines, usually via a modem, to initiate and continue communications with another computer system. 644-645

5

dictionary attack A form of attack in which an attacker uses a large set of likely combinations to guess a secret, usually a password. 752, 835

3

digital signature An electronic signature based upon cryptographic methods of originator authentication, computer by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified. 396-399, 757

7

disaster recovery plan A plan developed to help a company recover from a disaster. It provides procedures for emergency response, extended backup operations, and post-disaster recovery when an organization suffers a loss of computer processing capability or resources and physical facilities. 1002-1030

5

discretionary access control (DAC) An access control model and policy that restricts access to objects based on the identity of the subjects and the groups to which those subjects belong. The data owner has the discretion of allowing or denying others access to the resources it owns. 787-790, 794, 795, 1171

3

domain The set of objects that a subject is allowed to access. Within this domain, all subjects and objects share a common security policy, procedures, and rules, and they are managed by the same management system.

7

electronic vaulting The transfer of backup data to an offsite location. This process is primarily a batch process of transmitting data through communications lines to a server at an alternative location. 1026

5

emanations Electrical and electromagnetic signals emitted from electrical equipment that can transmit through the airwaves. These signals carry information that can be captured and deciphered, which can cause a security breach. These are also called emissions. 820-822

3

encryption The transformation of plaintext into unreadable ciphertext. 353-399

2

end-to-end encryption A technology that encrypts the data payload of a packet. 353-399

1

exposure An instance of being exposed to losses from a threat. A weakness or vulnerability can cause an organization to be exposed to possible damages. 7

1

exposure factor The percentage of loss a realized threat could have on a certain asset. 114

3

fail-safe A functionality that ensure that when software or system fails for any reason, it does not end up in a vulnerable state. After a failure, software might default to no access instead of allowing full control, which would be an example of a fail-safe measure. 434, 1063

7

failover A backup operation that automatically switches to a standby system if the primary system fails or is taken offline. It is an important fault-tolerant function that provides system availability. 1029

3

formal security policy model A mathematical statement of a security policy. When an operating system is created, it can be built upon a predeveloped model that lays out how all activates will take place in each and every situation. This model can be expressed mathematically, which is then translated into a programming language. 307-312

4

iSCSI Internet Small Computer System Interface, Storage Area Network (SAN) protocol transmitted via Ethernet and TCP/IP 256-257

8

isolation The containment of processes in a system in such a way that they are seperated from one another to ensure integrity and confidentiality. Gold - 1174, Silver - 265-266 speaks to network port isolation but the silver book doesn't speak specifically to the general philosophy of isolation.

3

kernel The core of an OS, a kernel manages the machine's hardware resources (including the processor and the memory) and provides and controls the way any other software component accesses these resources. Gold - N/A, Silver - 117-118, 127-128

3

key A discrete data set that contorls the operation of a cryptography algorithm. In encryption, a key specifies the particular transformation of plaintext to ciphertext, or vice versus, during encryption. Keys are also used in other cryptographic algorithms, such as digital signatures and keyed-hash functions (also known as HMACs), which are often used for authentication and integrity. Gold - 341-343, Silver - Key isn't specifically defined by itself here but is cited over and over in the encryption section.

5

keystroke monitoring A type of auditing that can review or record keystrokes entered by a user during an active session. Gold - 818, Silver - Not specifically cited in the index.

3

lattice-based access control mode A mathematical model that allows a system to easily represent the different security levels and control access attempts based on those levels. Every pair of elements has a highest lower bound and a lowest upper bound of access rights. The classes stemmed from military designations. Gold - N/A, Silver - 106-107

1,7

least privilege The security principle that requires each subject to be granted the most restrictive set of privileges needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use. Gold - 927 & 966, Silver - 17-18, 349

7

life-cycle assurance Confidence that a trusted system is designed, developed, and maintained with formal designs and controls. This includes design specification and verification, implementation, testing, configuration management, and distribution. Gold - 931, Silver - Not specifically cited in the index.

3

link encryption A type of encryption technology that encrypts packets' headers, trailers, and the data payload. Each network communications node, or hop, must decrypt the packets to read its address and routing information and then re-encrypt the packets. This is different from end-to-end encryption. Gold - 685-687, Silver - Not specifically cited in the index.

3

logic bomb A malicious program that is triggered by a specific event or condition. Gold - 1186, Silver - 138-139

3

maintenance hook Instructions within a program's code that enable the developer or maintainer to enter the program without having to go through the usual access control and authentication processes. Maintenance hooks should be removed from the code before it is released to production; otherwise, they can cause serious security risks. Also called trapdoor or back door. Gold - 333, Silver - 137

3

malware Malicious software. Code written to perform activities that circumvent the security policy of a system. Examples are viruses, malicious applets, Trojan horses, logical bombs, and worms. Gold - 1178-1194, Silver - 19, 72, 137-139, 369-370

4

masquerading Impersonating another user, usually with the intention of gaining unauthorized access to a system. Gold - 603, Silver - Not specifically cited in the index.

2

multilevel security A class of systems containing information with different classifications. Access decisions are based on the subject's security clearances, need to know, and formal approval. Gold - 306, Silver - Not specifically cited in the index.

2,7

need to know A security principle stating that users should have access only to the information and resources necessary to complete their tasks that fulfill their roles within an organization. Need to know is commonly used in access control criteria by operating systems and applications. Gold - 927, Silver - 17-18, 84, 349

3

nonrepudiation A service that ensures the sender cannot later falsely deny sending a message. Gold - 344, Silver - 17, 146-147

3

object A passive entity that contains or receives information. Access to an object potentially implies access to the information that it contains. Examples of objects include records, pages, memory segments, files, directories, directory trees, and programs. Gold - 722, Silver - modes of system operation 112-113

5

object reuse Reassigning to a subject media that previously contained information. Object reuse is a security concern because if insufficient measures were taken to erase the information on the media, the information may be disclosed to unauthorized personnel. Gold - 820, Silver - Not specifically cited in the index.

3

one-time pad A method of encryption in which the plaintext is combined with a random "pad," which should be the same length as the plaintext. This encryption process uses a nonrepeating set of random bits that are combined bitwise (XOR) with the message to produce ciphertext. A one-time pad is a perfect encryption scheme because it is unbreakable and each pad is used exactly once, but it is impractical because of all of the required overhead. Gold - 345-347, 362, Silver - 155-156

6

operational assurance A level of confidence of a trusted system's architecture and implementation that enforces the system's security policy. This can include system architecture, covert channel analysis, system integrity, and trusted recovery. Gold - 930-931, Silver - Not specifically cited in the index.

3

overt channel A path within a computer system or network that is designed for the authorized transfer of data. Gold - N/A, Silver - 136

5

password A sequence of characters used to prove one's identity. It is used during a logon process and should be highly protected. Gold - 753, Silver - The definition of password is not explicitly stated but it is referenced all over the place in IAM.

1,6

penetration testing Penetration testing is a method of evaluating the security of a computer system or network by simulating an attack that a malicious hacker would carry out. This is done so that vulnerabilities and weaknesses can be uncovered. Gold - 860, 869-873, 877, Silver - 44-45, 330-332

1

punitive damages damages designed to punish an individual or organization

3

photoelectric motion sensor active motin detector that sends a beam of light across a monitored space to a photoelectric sensor

5

physical controls Controls that pertain to controlling individual access into the facility and different departments, locking systems and removing unnecessary floppy or CD-ROM drives, protecting the perimeter of the facility, monitoring for intrusion, and checking environmental controls. Gold - 9, 808, 810-811, Silver - Not specfically cited in the index.

3

physical controls implemented with physical devices, such as locks, fencees, gates, etc.

4

physical layer leyer 1 of the OSI modek, descrives units of data like bits rpresented by enerby, and he medium use to carry them

3

physical security Controls and procedures put into place to prevent intruders from physically accessing a system or facility. The controls enforce access control and authorized access. Gold - 940-964, Silver - 183-199

3

piggyback Unauthorized access to a system by using another user's legitimate credentials. Gold - 434, 949, Silver - 192

4

ping of death (malformed packets) DoS that sends a malformed ICMP Echo Request (ping) that is larger than the maximum size of an IP packet

4

ping sends and ICMP Echos Request to a node and listens for an ICMP Echo Reply

6

piplining CPU feature that combines multiple steps into on combined process, allowing simultaneous fetch, decode, execuet and write steps for different instructions

3

plaintext In cryptography, the original readable text before it is encrypted. Gold - 337, 340, Silver - 146, 173

5

plaintext an uncreypted message

3

playback attack (same as replay attack?) Capturing data and resending the data at a later time in the hope of tricking the receiving system. This is usually carried out to obtain unauthorized access to specific resources. Gold - 413, 751, 771, 1154, Silver - 180, 317

4

point-to-point protocol PPP

4

point-to-point tunneling protocol PPTP

4

poison reverse distance vector routihng protocol safeguard that sets bad route to infinity

1

policy high-level management directives, administrative control

3

polyalphabetice cipher substitution cipher using multiple alphabets

4

polyinstantiation allows two different objects to have the same name. the name is based on the Latin roots for multiple (poly) and instances (instantiation)

4

polymorphic virus virus that changes its sinature upon infection of a new systme, attempting to evade signature-based antivirus software

8

polymorphism OOP concept based on the Greek roots "polyu" and "morph" meaning many and forms, respectively): allows an object to overload an operator, for example

4

post office protocol POP

3

power-on self-test POST

1

privacy act of 1974 protects US citizens' data that is being used by the federal government

1

privacy protection of the confidentiality of personal information

8

private key one half of asymmetric key pair, must be kept secure (cousin of symmetric key pair)

8

problem domain a specific challenge that needs to be addressed

8

procedural languages programming languages that use subroutines, procedures and functions

1

procedure Detailed step-by-step instructions to achieve a certain task, which are used by users, IT staff, operations staff, security members, and others. Gold - 93-94, Silver - 50-51, 52

1

procedure step-by-step guide for accomplishing a task, administrative control

3

process an executable program and its associated data loaded and running in memory

3

process isolation logical control that attempts to prevent on process from interfering with another

8

product owner scrum rold that serves as the voice of the business unit

2

programmable logic device PLD

2

programmable read only memory PROM

4

promiscuous access the ability to sniff all traffic on a network (sounds like promiscuous mode)

1

protect society, the commonwealth, and the infrastructure First canon of the (ISC)2 Code of Ethics

4

protected EAP PEAP

4

protocol A set of rules and formats that enables the standardized exchange of information between different systems. Gold - 562-566, Silver - protocol definition is not specifically cited in the index.

4

protocol data unit PDU

1

provide diligent and competent service to principals third canon of the (ISC)2 Code of Ethics

4

proxy firewall firewalls that terminate connections and act as intermediary servers

1

prudent man rule organization should engage in business practices that a prudent, right thinking, person would consider to be appropriate (ever watch what would you do?)

3

pseudo guard an unarmed security guard (sounds like a security monitor)

3

public key encryption A type of encryption that uses two mathematically related keys to encrypt and decrypt messages. The private key is known only to the owner, and the public key is available to anyone. Gold - 689, Silver - Not specifically cited in the index.

5

public key infrastructure PKI

5

public key one half of asymmetric key pari, may be publicly poste

2

purge The removal of sensitive data from a system, storage device, or peripheral device with storage capacity at the end of a processing period. This action is performed in such a way that there is assurance proportional to the sensitivity of the data that the data cannot be reconstructed. Gold - 220-221, Silver - Not specifically cited in the index.

3

purple allied name for the stepping-switch encryption device used by Japanese Axis powers durring WWII

1

purpose specification principle OECD privacy guidline principle that states the purpose for the data collection should be known, and the subsequent use of the data should be limited to the purposes outlined a the time of collection

1

qualitative risk analysis A risk analysis method that uses intuition and experience to judge an organization's exposure to risks. It uses scenarios and ratings systems. Compare to quantitative risk analysis. Gold - 112, 113, 116-119, 149, Silver - 67

1

qualitative risk analysis RA method which uses approximate values (different from quantitative - which is to quantify, how much, count, etc..)

1

quantitative risk analysis A risk analysis method that attempts to use percentages in damage estimations and assigns real numbers to the costs of countermeasures for particular risks and the amount of damage that could result from the risk. Compare to qualitative risk analysis. Gold - 112-119, Silver - 67

8

query language language that searches and updates a database

8

race condition TOCTOU

3

radio-frequency identification RFID (best known as scanning bar codes)

2,3

random access memory RAM

8

rapid application development RAD

1

read only memory ROM

1

real evidence evidence consisting of tangilbe or physical objects

4

real-time transport protocol RTP

5

realm a logical kerberos network

7

reciprocol agreement a bi-directional agreeement between two organizations in which one organization promises another organization it can move in and share space if it experiences a disaster. also known as a mutual aid agreement.

1

recovery controls controls that restore a damege system or process

7

recovery phase incident response phase that restores a previously compromised system to operational status

7

recovery point objective RPO

7

recovery time objective RTO

1

reduced instruction set computer RISC

1

reduction analysis the process of analyzing and lowering risk

7

redundant array of inexpensive disks RAID

7

redundant site an exact production dupliate of a system that has the capability to seamlessly operate all necessary IT operations withougt loss of services to the end user

3

reference monitor mediates all access between subjects and objects

8

referential integrity requires that every foreign key in a secondary table matches a primary key in the parent table

2

registers small storage locations used by the CPU to store instructions and data

3

regression testing testing software after updates, modifications or patches

1

regulatory law administrative law

1

tactical goals Midterm goals to accomplish. These may be milestones to accomplish within a project or specific projects to accomplish in a year. Strategic, tactical, and operational goals make up a planning horizon. 91

5

technical controls These controls, also called logical access control mechanisms, work in software to provide confidentiality, integrity, or availability protection. Some examples are passwords, identification and authentication methods, security devices, auditing, and the configuration of the network. 8-12, 811-814, 865-866

1

threat Any potential danger that a vulnerability will be exploited by a threat agent. 100

1

top-down approach An approach in which the initiation, support, and direction for a project come from top management and work their way down through middle management and then to staff members. 40

4

topology The physical construction of how nodes are connected to form a network. 523

1

total risk When a safeguard is not implemented, an organization is faced with the total risk of that particular vulnerability. 123-124

1

trademark A legal right that protects a word, name, product shape, symbol, color, or a combination of these used to identify a product or a company. 65

3

trusted computer system A system that has the necessary controls to ensure that the security policy will not be compromised and that can process a range of sensitive or classified information simultaneously. 302

3

trusted computing base (TCB) All of the protection mechanisms within a computer system (software, hardware, and firmware) that are responsible for enforcing a security policy. 302-304

3

trusted path A mechanism within the system that enables the user to communicate directly with the TCB. This mechanism can be activated only by the user or the TCB and not by an untrusted mechanism or process. 303

7

trusted recovery A set of procedures that restores a system and its data in a trusted manner after the system has been disrupted or a system failure has occurred. 933

8

validation The act of performing tests and evaluations to test a system's security level to see if it complies with security specifications and requirements. 1084

8

virus A small application, or string of code, that infects applications. The main function of a virus is to reproduce, and it requires a host application to do this. It can damage data directly or degrade system performance. 53, 820, 1178-1181

1

vulnerability The absence or weakness of a safeguard that could be exploited. 98-99

6

war dialing An attack in which a long list of phone numbers is inserted into a war-dialing program in the hope of finding a modem that can be exploited to gain unauthorized access. 836, 874

6

white box software testing gives the tester accesss to program source code, data structures, variables, etc 336

1

white hat ethical hacker or researcher 69

7

whitelist A set of known good resources such as IP addresses, domain names, or applications. 966, 987

3

work factor The estimated time and effort required for an attacker to overcome a security control. 343, 385-386

8

worm An independent program that can reproduce by copying itself from one system to another. It may damage data directly or degrade system performance by tying up resources. 478-479, 1178, 1182

3

write An operation that results in the flow of information from a subject to an object 311


Ensembles d'études connexes

Chapter 5: Competitive Advantage, Firm Performance, and Business Models

View Set

Pulmonary Embolism Patients NCLEX

View Set

Chapter 2 - Health Insurance Providers

View Set

ECON 4020 Midterm 1: Quiz Questions

View Set

BCRC 21-01 Mod 13 Unit 6 OC Spray

View Set

Thesis Claims and Finding Evidence

View Set

Chapter 15 Chemical Texture Services Vocab

View Set

Funds Chapter 44 : Pain Management - NCLEX

View Set