info security

Ace your homework & exams now with Quizwiz!

database shadowing A mirroring technology used in databases, in which information is written to at least two hard drives for the purpose of redundancy.

electronic discovery (e-discovery) The process of producing for a court or external attorney all electronically stored information pertinent to a legal proceeding. 209-210

firmware Software instructions that have been written into read-only memory (ROM) or a programmable ROM (PROM) chip. 252-256

loss potential The potential losses that can be accrued if a threat agent actually exploits a vulnerability. Gold - 106, Silver - Not specifically cited in the index

CMM Capability Maturity Model, a maturity framework for evaluating and improving the software development process 430, 462, 466-467

CMP Crisis Management Plan 409-411

COBIT Control Objectives for Information and related Technology, a control framework for employing information security governance best practices within an organization 95

1 , 3

COCOM Committee for Multilateral Export Controls, a munitions law which was in effect from 1947 to 1994. It was designed to control the export of critical technologies (including cryptography) to "Iron Curtain" countries during the cold war 39, 160

COM Component Object Model, locates, and connects objects locally 460

COOP Continuity of Operations Plan, a plan to maintain operations during a disaster 407-408

CORBA Common Object Request Broker Architecture, an open vendor-neutral networked object broker framework 460-461

COTS Commercial Off-the-Shelf Software, third-party developed commercial software available to the generic public 468-469

CPPT Continuity Planning Project Team, a team comprised of stakeholders within an organization and focuses on identifying who would need to play a role in specific emergency event were to occur 397-398

2 , 3 , 8

CPU Central Processing unit, the "brains" of the computer, capable of controlling and performing mathematical calculations 87-88, 117-118, 121-123, 430-431

CRL Certificate Revocation Lists, PKI component which lists digital certificates that have been revoked 178

CSIRT Computer Security Incident Response Team, the group that is tasked with monitoring, identifying, and responding to security incidents 358

CSMA Carrie Sense Multiple Access, a method used by Ethernet networks to allowed shared usage of a baseband network, and avoid collisions 249

CSRF Cross-Site Request Forgery, third-party redirect of static content within the security context of a trusted site 465

CSU/DSU Channel Service Unit/Data Service Unit, DCE device 277

CTR Counter, a stream mode of DES that uses a counter for feedback 163

CWR New TCP flag, Congestion Window Reduced 238

Cable modem Provide Internet access via broadband cable TV 283

Cache memory The fastest memory on the system, required to keep up with the CPU as it fetches and executes instructions 87-88

Caesar Cipher A rot-3 substitution cipher 150-151

Callback Modem-based authentication system 283

Caller ID Identifies the calling phone number, sometimes used as a weak authentication method 283-284

Candidate keys Any attribute (column) in the table with unique values 451

Capability A capability outlines the objects a subject can access and the operations the subject can carry out on the different objects. It indicates the access rights for a specific subject; many times, the capability is in the form of a ticket. 797-798

Capability Maturity Model - CMM Capability Maturity Model, a maturity framework for evaluating and improving the software development process 430, 462, 466-467

Capability Maturity Model Integration (CMMI) A process model that captures the organization's maturity and fosters continuous improvement. 1112-1113

Carrier Sense Multiple Access - CSMA Carrier Sense Multiple Access, a method used by Ethernet networks to allowed shared usage of a baseband network, and avoid collisions 219, 248-249

2 , 3 , 8

Central Processing Unit - CPU Central Processing unit, the "brains" of the computer, capable of controlling and performing mathematical calculations 87-88, 117-118, 120-123, 430-431

Centralized access control Concentrates access control in one logical point for a system or organization 309-311

Certificate Authority PKI component that authenticates the identity of a person or organization before issuing a certificate to them 178

Certificate Revocation List Certificate Revocation Lists, PKI component which lists digital certificates that have been revoked 178

2 , 3

Certification A detailed inspection that verifies whether a system meets the documented security requirements 92-93, 108-109, 113-115

Cleartext In data communications, cleartext is the form of a message or data, which is transferred or stored without cryptographic protection. 1153

Client-side attacks Attack where a user downloads malicious content 140

Clipper Chip (Failed) 1993 Escrowed Encryption Standard (EES), which used the Skipjack algorithm 182

Clipping level A minimum reporting threshold level 295-296

Closed Circuit Television - CCTV Closed Circuit Television, a detective device used to aid guards in detecting the presence of intruders in restricted areas 185-187

Closed source Software released in executable form: the source code is kept confidential 435

Closed system System using proprietary hardware or software 119

Cloud computing The use of share remote computing devices for the purpose of providing improved efficiencies, performance, reliability, scalability, and security. 322, 969-970, 1141

3 , 4

Coaxial Network cabling that has an inner copper core separated by an insulator from a metallic braid or shield 202, 247

Code Repositories Secure service for storing source code of projects, a public example is GitHub 448

Codebreakers (The) David Kahn's history of cryptography 154

Cohesion OOP concept that describes as independent object. Objects with high cohesion have low coupling 458-459

Cold Site A backup site with raised floor, power, utilities, and physical security, and no configured systems or data 406

Collection Limitation Principle OECD Privacy Guideline principle which states personal data collection should have limits, be obtained in a lawful manner, and, unless there is a compelling reason to the contrary, with the individuals knowledge and approval. 37

3 , 4

Collision Two or more plaintexts that generate the same hash 170-171, 248-249

Collusion An agreement between two or more individuals to subvert the security of a system 347

Collusion Two or more people working together to carry out a fraudulent activity. More than one person would need to work together to cause some type of destruction or fraud; this drastically reduces its probability. 155, 416

Color of law Acting on the authority of law enforcement 28-29

Combinatorial software testing Black box testing method that seeks to identify and test all unique combinations of software inputs 338

Commandments of Computer Ethics The Computer Ethics institute code of ethics 48

Dictionary attack Password cracking method that uses a [redefined list of words like a dictionary , running each word through a hash algorithm 297

Differential backup An archive of any files that have been changed since the last full backup was performed 377

Differential cryptanalysis Seeks to find the "difference" between related plaintexts that are encrypted 174

Diffie-Hellman Key Agreement protocol Key agreement allows two parties to securely agree on a symmetric key via public channel with no prior key exchange 169

Diffusion The order of plaintext should be dispersed in the ciphertext 147

EAP-TTLS EAP tunneled transport layer security, simplifies EAP-TLS by dropping the client side certificate requirement 280

EAP-Transport Layer Security EAP-Transport Layer security, uses PKI, requiring both server-side and client side certificates 280

EAPOL EAP Over LAN, a Layer 2 protocol for varying EAP 280

ECB / Electonic Code Book mode The simplest and weakest mode of DES 161 - 162

ECE / New TCP Flag 238

ECPA / Electronic Communications Privacy Act Provides search and seizure protection to non-telephony electronic communications 40

Lightweight Directory Access Protocol See—LDAP - Lightweight Directory Access Protocol, open protocol for interfacing and querying directory service information provided by network operating systems. Uses port 389 via TCP or UDP 314

Hand Geometry biometric control that uses measurements from within specific points on the subjects hand 307

Hardcopy Data any data that is accessed through reading or writing on paper rather than processing through a computer system 92, 413-414

Harrison-Ruzzo-Ullman Model maps subjects, objects, and accessrights to an access matrix. It is considered a variation to the graham-dennis model 112

Hash Function one-way encryption using an algorigthm and no key 103, 170-171, 176-178, 181, 296-300

Hash of Variable Length Hash algorithm that creates message digests of 128, 160, 192, 224, or 256 bits in length, using 3, 4, or 5 rounds. 171

Hashed Message Authentication Code (HMAC) Hash function that uses a key 177-178

Health Insurance Portability and Accountability Act (HIPAA) Health insurance portability and accountability act, united states regulation which protects healthcare information 14, 40, 42-43, 54-55, 97

Hearsay second-hand evidence 26

Hebern Machines class of cryptographic devices known as rotor machines, includes enigma and SIGABA 156-158

Hierarchical Database Database that forms a tree 451, 454-455

High Availability (HA) Cluster multiple systems that can be seamlessly leveraged to maintain the availability of the service or application being provided. Also called a failover cluster 253-254, 382, 416, 455

High-Data-Rate Digital Subscriber Line (HDSL) Matches SDSL speeds using two pairs of copper. HDSL is used to provide inexpensive T1 service. 283

High-data-rate Digital Subscriber Line (HDSL) high-data-rate DSL, matches SDSL speeds using two pairs of copper 283

High-level Data link control (HDLC) Successor to SDLC. HDLC adds error correction and flow control, as well as two additional modes (ARM and ABM). 256

Hold-Down Timers, Routing Information protocol distance vector routing protocol safeguard that avoids flapping 270-271

Honeynet a network of honeypots 370-371

Honeypot a system designed to attract attackers 370

Host-Based Intrusion Detection Systems (HIDS) Host based intrusion detection systems, a detective technical control 365

Host-Based Intrusion Prevention Systems (HIPS) Host based intrusion prevention system, preventative device that processes information within the host 365

Host-To-Host Transport Layer (TCP/IP transport layer) Connects the internet layer to the application layer. Where applications are addressed on a network via ports. 226, 237-241

Hot Site a backup site with all necessary hardware and critical applications data mirrored in real time 406

Hub Layer 1 network access device that acts as a multiport repeater 263

Hybrid Attack password attack that appends, prepends, or changes characters in words from a dictionary 300

Hybrid Risk Analysis combines quantitative and qualitative risk analysis 67

Hypertext Markup Language (HTML) hypertext markup language, used to display web content 140, 245, 286-287

Hypertext Transport Protocol (HTTP) hypertext transfer protocol, a protocol to transmit web data via a network 245

Hypertext Transport Protocol Secure (HTTPS) hypertext transport protocol secure, HTTP using SSL, or TLS 179, 245

Hypervisor Mode allows guests or operating in ring 0, controlled by a hypervisor in ring "-1" 118

Hypervisor software or operating system that controls access between virtual guests and host hardware 103, 131-132, 265-266

I/O Controller Hub (ICH) CPU Southbridge bus connects input/output (I/O) devices such as disk, keyboard, mouse, CD drive, USB ports,etc.. 120

IP Internet protocol, includes all IPV4 and IPv6 227-229, 232, 233-234

IPv4 Internet protocol Version 4, commonly called IP. It's the fundamental protocol of the internet 227-229, 232, 233-234

IPv6 Autoconfiguration autoconfiguration of a unique IPv6 address, omitting the need for static addressing for DHCP 227, 229-233

IPv6 Internet protocol Version 6, the successor of IPv4, featuring the far larger address space, simpler routing, and simpler address assignment 227, 229-233

ISDN Integrated Services Digital Network, provides digital service via copper pair 282-283

ISM Industrial, Scientific, and Medical, wireless bands set aside for unlicensed use 259

ISO 17799 A broad-based approach for information security code of practice by the International Organization for Standardization 94-95

ISO 22301 Management-focused business continuity guideline called "Business continuity management systems - Requirements" 422-423

ISO/IEC-27031 Technically-focused business continuity guideline that is part of the ISO 27000 series 422-423

ITIL Information Technology Infrastructure Library, is a framework for providing best services in IT Service Management 95

ITSEC Information Technology Security Evaluation Criteria, the first successful 114-115

Identification association of an individual 15-16

Identify preventative controls third step of the NIST SP 800-34 contigency planning process 384, 422

Identity as a Service (IDaaS) Identity as a service, also called cloud identity, allows organizations to leverage closed service for identity management 312-313

Inference Deductive attack where a user is able to use lower-level access to learn restricted information 143-144

Inference Engines Expert system component that follows the tree formed by knowledge base, and fires a rule where there is a match 469-470

Information Technology Infrastructure Library (ITIL) Framework for providing best services in IT Service Management (ITSM). 95

Information Technology Security Evaluation Criteria (ITSEC) First successful evaluation model that separates functionality (how well a system works) from assurance ( the ability to evaluate the security of a system) 114-115

Inheritance objects inherit capabilities from their parent class 457-458

Initial Software Capability Maturity Model (CMM) Phase 1 : software process is characterized as ad hoc, and occassionally even chaotic. Few processes are defined, and success depends on individual effort 430, 462, 466-467

Lightweight Extensible Authentication Protocol See—LEAP - Lightweight Extensible Authentication Protocol, a Cisco-proprietary protocol released before 802.1X was finalized 280

Internet Relay Chat (IRC) internet relay chat, a global network of chat servers and clients 72, 285

Internet Security Association and Key Management Protocol (ISAKMP) Internet Security Association and Key Management Protocol manages the Ipsec Security Association process 180

Internet Small Computer System Interface (iSCSI) A converged protocol that encapsulates SCSI data on TCP segments in order to allow peripherals to be connected to computers across networks. Gold - 512, Silver - 256 & 257

Internet Small Computer System Interface (iSCSI) SAN protocol that allows for leveraging existing networking infrastructure and protocols to interface with storage 256-257

Internet a global collection of peered networks running tcp/ip 221

Interpreted Code code that is compiled on the fly each time the program is run 431

Interrupt Indicates an asynchronous CPU event has occurred 121

Linear cryptanalysis Known plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key 175

Legal liability Liability enforced through civil law 23

Lightweight Directory Access Protocol (LDAP) A directory service based on a subset of the X.500 standard that allows users and applications to interact with a directory. Gold - 735-736, Silver - 314

Link Control Protocol See—LCP -Link Control Protocol, the initial unauthenticated connected used by CHAP 278

Link state Routing protocols that factor in additional metrics for determining the best route, including bandwidth 269, 271

Live forensics Taking a binary image of physical memory, gathering details about running processes, and gathering network connection data 354-355

Password Authentication Protocol See PAP 278, 320

Password Cracking An offline technique in which the attacker has gained access to the password hashes or database 296-300

Password guessing An online technique that involves attempting to authenticate as a particular user to the system 295-296

Patch management The process of managing software updates 372

Patent Intellectual property protection that grants a monopoly on the right to use, make, or sell an invention for a period of time 32

Payment Card Industry Data Security Standard (PCI-DSS) An information security standard for organizations that are involved in payment card transactions. Gold - 80-81, Silver - 41, 44, 94

Payment Card Industry Data Security Standard See PCI DSS 41, 44, 94

RADIUS / Remote Authentication Dial In User Service A UDP-based third-party authentication system. 279, 318-319

4,5

RADIUS remote authentication dial in user service, a UDP-based third-party authenction system (like pvault)

RAID 0 RAID striped set

RAID 1 + 0 RAID 0 combined with RAID 1, sometimes called RAID 10

RAID 1 RAID mirrored set

RAID 10 RAID 1 + 0

RAID 2 RAID hamming code

RAID 3 RAID striped set with dedicated parity (byte level)

RAID 4 RAID striped set with dediciated parity (block level)

RAID 5 RAID striped set with distibuted parity

RAID 6 RAID striped set with dual distrubuted parity

RAID redundant array of inexpensive disks, a method of using multiple disk drives to achieve greater data reliabilty, greater speed, or both (striping, mirroring, or parity)

2,3

RAM random access memory, memory that allows any address to be directly accessed

RAT / Remote Access Trojans Trojan Horses which may be remotely controlled. 72

RAT remote access trojans, trojan hourse which may be remotely controlled

RBAC / Role-Based Access Controls Subjects are grouped into roles and each defined role has access permissions based upon the role, not the individual. 293, 321-323

RBAC role-based access controls, subjects are grouped into roles and each defined role has access permission base dupon the role, not the individual (there is also MAC & DAC)

RC4 rivest cipher 4, used to provide confidentiality by WPA

RC5 rivest cipher 5, symmetric block cipher by RSA laboratories

RC6 rivest cipher 6, symmetric block cipher by RSA laboratories, AES finalist

REST / Representational State Transfer Used to implement web services. 142

RFC 1918 addresses Private IPv4 addresses which may be used for internal traffic. 233-234

RFI / Remote File Inclusion Altering web URLs to include remote content. 463

RFID / Radio-Frequency Idnetification A type of contact less card technology. 191, 262-263

Responsible Disclosure The practice of privately sharing vulnerability information with a vendor, and withholding public release until a patch is available. 466

SRAM Static Random Access Memory, expensive and fast memory that uses small latches called "flip-flops" to store bits 87,88

SRTP / Secure Real-time Transport Protocol Used to provide secure VoIP. 258

SRTP Secure Real-time Transport Protocol used to provide secure VoIP 258

SSD Solid State Drive, a combination of flash memory (EEPROM) and DRAM 81,89-90

SSH / Secure Shell A secure replacement for Telnet, FTP and the UNIX "R" commands. 243

SSH secure shell, a secure replacement for telnet, ftp and the unix "R" commands 243

SSID / Service Set Identifier Acts as a wireless network name. 11, 261

SSID service set identifier, acts as a wireless network name 261

SSL / Secure Sockets Layer Authenticates and provides confidentiality to network traffic such as web traffic. 179, 282

3,4

SSL Secure Sockets Layer, authenticates and provides confidentiality to network traffic such as web traffic 179,282

SSO Single Sign On, allows a subject to authenticate once and then access multiple systems 309, 310-18

STP / Shielded Twisted Pair Network cabling that contains additional metallic shielding around each twisted pair of wires. 201-202

STP Shielded Twisted Pair, network cabling that contains additional metallic shielding around each twisted pair of wires 201-2

SVC Switched Virtual Circuit, a circuit that is established on demand

SYN TCP flag, synchronize a connection 238-9

SYN flood resource exhaustion DoS attack that fills a system's half-open connection table

SaaS / Software as a Service Completely configured cloud-based application, from the operating system on up. 132-133

Salt A random number that is hashed with a password. Allows one password to hash multiple ways. 300

Sanction Action taken as a result of policy violation. 17

Sashimi Model Development model with highly overlapping steps; it can be thought of as a real-world successor to the Waterfall Model. 438-439

Savepoint A clean snapshot of the database tables. 455

Schema Describes the attributes and values of the database tables. 453

Scoping The process of determining which portions of a standard will be employed by an organization. 81

Screened host architecture Older flat network design using one router to filter external traffic to and from a bastion host via an ACL. 275-276

Screened subnet architecture Two firewalls screening a DMZ. 276

Script kiddies Attackers who target computer systems with tools they have little or no understanding of. 69-70

Scrum Agile development model that uses small teams, roles include Scrum Master and Product Owner. 440-441

Scrum Master Senior member of the organization who acts as a coach for the Scrum team. 440-441

Search Warrant Court order that allows a legal search. 27-29

TFTP Trivial File Transfer Protocol, a simple way to transfer files with no authentication or directory structure 243

TGS Ticket Granting Service, a Kerberos service which grants access to services 315-8

TGT Ticket Granting Ticket, Kerberos credentials encrypted with the TGS key 315-8

TKIP Temporal Key Integrity Protocol - user to provide integrity py WPA 262

TLS Tunnel Layer Security - the sucessor to SSL 179,280,282,286

TNI Trusted Network Interpretation - the red Book 114

TPM (Trusted Platform Module) A processor that can provide additional security capabilities at the hardware level, allowing for hardware-based cryptographic operations 126

Table a group of related data in a relational database 451-2

2, 3, 7

Tactical Goals Midterm goals to accomplish. These may be milestones to accomplish within a project or specific projects to accomplish in a year. Strategic, tactical, and operational goals make up a planning horizon. N/A

Tailgating following an authorized person into a building without providing credentials, AKA piggybacking 103,192

Tailoring the process of customizing a standard for an organization 81

Take-Grant Protection Method Determines the safety of a given computer system that follows specific rules 110

Threat Any potential danger that a vulnerability will be exploited by a threat agent. 6, 106-107, 148-149, 332-335, 414, 416 (Gold Book)

Throughput The process of authenitcain to a system (such as a biometric authentication system) 305

Ticket Dara that authenticates a Kerberos principal's identity

Ticket Granting Service (TGS) A kerberos service which grants access to services 315-318

Ticket Granting Ticket (TGT) Kerberos credentials encrypted with the TGS' key 315-318

Type I error False Reject Rate (FRR) occurs when an authorised subject is rejected as invalid 305

Type II Error False Acceptance Rate (FAR) , occurs when an authorised subject is accepted as valid 305

due diligence the process of systematically evaluating information to identify vulnerabilities, threats, and issues relating to an organization's overall risk. 145, 924, 1053, 1054

eDiscovery / Electronic Discovery Pertains to legal counsel gaining access to pertinent ESI (Electronic Stored Information) during the pre-trial discovery phase of civil legal proceedings 357

cryptanalysis The practice of breaking cryptosystems and algorithms used in encryption and decryption processes. 339-340, 411, 412

cryptography the science of secret writing that enables storage and transmission of data in a form that is available only to the intended individuals. 335-350

cryptology The study of cryptography and cryptanalysis.

cryptosystem The hardware or software implementation of cryptography. 340-350

data a rest (DAR) Data that resides in external or auxiliary storage devices such as hard disk drives, solid-states drives, or DVDs. 99, 216-217

data classification Assignments to data that indicates the level of availability, integrity, and confidentiality that is required for each type of information 193-198

data custodian An individual who is responsible for the maintenance and protection of the data. This role is usually filled by the IT department (usually the network administrator). The duties include performing regular backups of the data; implementing security mechanisms; periodically validating the integrity of the data; restoring the data from backup media; and fulfilling the rudiments specified in the company's security policy, standards, and guidelines that pertain to information security and data protection. 204

data in transit or data in motion (DIM) Data that is moving between computing nodes over a data network such as the Internet. 99, 217-218

data in use Data that temporarily resides in primary storage such as registers, caches, or RAM while the CPU is using it. 99, 218-219

data leak prevention (DLP) The actions that organizations take to prevent unauthorized external parties from gaining access to sensitive data. 226-234

data mining The analysis of the data held in data warehouses in order to produce new and useful information. 1174-1177

data remanence A measure of the magnetic flux density remaining after removal of the applied magnetic force, which is used to erase data, Refers to any data remaining on magnetic storage media 211-214

data warehousing the process of combining data from multiple databases or data sources into a large data store for the purpose of providing more extensive information retrieval and data analysis. 1174-1177

permissions The type of authorized interactions that a subject can have with an object. Examples include read, write, execute, add, modify, and delete. Gold - 887-888, Silver - 128-130

personnel security The procedures that are established to ensure that all personnel who have access to sensitive information have the required authority as well as appropriate clearances. Procedures confirm a person's background and provide assurance of necessary trustworthiness. Gold - 154-159, 928-929, Silver - 52-55

presentation layer layer 6 of the OSI model, presents data to the application in a comprehensible way

pretty good privacy PGP

preventive controls prevents actions from occuring

primary key unique attribute in a relational database table, used to join tables (as in SQL or MS Access)

primary rate interface PRI

principal kerberos client (user) or service

1,8

principle of least privilege granting subjects the minimum amount of authorization required (never give a person, program or process more permission than is required)

user A person or process that is accessing a computer system. 722, 728

user ID A unique set of characters or code that is used to identify a specific user to a system. 776

Type 2 Authentication Something you have 301-303

Type 3 Authenication Something you are 304-308

KDC Key Distribution Center, a Kerberos service that authenticates principals 315-318

1,4

Managed mode 802.11 mode that clients use to connect to an AP 11, 260-261

Passphrase A long static password, comprised of words in a phrase or sentence 295

SAN / Storage Area Network Provides block-level disk storage via a network. 256-257

SDLC / Synchronous Data Link Control (Telecommunications) A synchronous layer 2 WAN protocol that uses polling to transmit data. 255-256

SDLC / Systems Development Life Cycle (Applications) A system development model that focuses on security in every phase. 429, 443-447

SDN / Software Defined Networking Separates a router's control plane from the data (forwarding) plane. Routing decisions are made remotely, instead of on each individual router. 258-259

SDSL / Symmetric Digital Subscriber Line DSL with matching upload and download speeds. 283

SHA-1 / Secure Hash Algorithm 1 A hash function that creates a 160-bit message digest. 171, 176-178

SHA-2 / Secure Hash Algorithm 2 A hash function that includes SHA-224, SHA-256, SHA-384, and SHA-512, named after the length of the message digest each creates. 171, 176-178

SIGABA Rotor machine used by the United States through World War II into the 1950s. 157-158

SIP / Session Initiation Protocol A VoIP signaling protocol. 258

SIP Session Initiation Protocol, a VoIP signaling protocol 258

SLA / Service Level Agreement Contractual agreement that helps assure availability. 44, 375-376

SLA Service Level Agreement, contractual agreement that helps assure availability 44, 375-6

SLE Single Loss Expectancy, the cost of a single loss 62

SLIP / Serial Line Internet Protocol A Layer 2 protocol which provides IP connectivity via asynchronous connections such as serial lines and modems. 280-281

SLIP Serial Line Internet Protocol, a Layer 2 protocol which provides IP connectivity via asynchronous connections such as serial lines and modems 280-1

SMDS Switched Multimegabit Data Service, an older WAN technology that is similar to ATM

SMTP / Simple Mail Transfer Protocol A store-and-forward protocol used to exchange email between servers. 222, 243

SMTP Simple mail transfer protocol, a store-and-forward protocol used to exchange email between servers 222,243

SNMP / Simple Network Management Protocol Used to monitor network devices. 244-245

SNMP simple network management protocol, unsed to monitor network devices 244-5

SOAP used to implement web services, used to stand for Simple Object Access Protocol, now simply "SOAP" 142

SOCKS popular circuit-level proxy 274

SONET Synchronous Optical Networking, carries multiple T-carrier circuits via fiber optic cable 254

SOX / Sarbanes-Oxley Act Sarbanes-Oxley Act of 2002, created regulatory compliance mandates for publicly traded companies. 40

SOX Sarbanes-Oxley Act of 2002, created regulatory compliance mandates for publicly traded companies 40

SPAN port Switched port analyzer, receives traffic forwarded from other switch ports 266

SPI / Security Parameter Index Used to identify simplex IPsec security associations. 180

SPI Security Parameter Index, used to identify Simplex IPsec security violations 180

SQL Structured Query Language, the most popular database query language 451,454

1,4

Voice of Internet Protocol VOIP - carries voice via data networks 74, 222, 257-258

Baseline The minimum level of security necessary to support and enforce a security policy. 91-93

Baseline Uniform ways to implement a safeguard , administrative control 51

Baselining The process of capturing a point in time understanding of the current system security configuration 371

Distributed Denial of Service Distributed Denial of Service, an availability attack using many systems 27

EAP-TLS EAP-Transport Layer security, uses PKI, requiring both server-side and client side certificates 280

GFS / Grandfather Father Son A backup rotation method 415

ARM/Asynchronous Response Mode HDLC mode where secondary nodes may initiate communication with the primary 256

ARO/Annual Rate of Occurrence The number of losses suffered per year 11

ARPAnet The predecessor of the Internet 222

ASLR Address Space Layout Randomization, seeks to decrease the likelihood of successful exploitation by making memory address employed by the system less predictable 127

ATA Secure Erase Hardware-level secure erase command available on Solid State Drives (SSD's) that erases all blocks and also generates a new encryption key 90

ATM/Asynchronous Transfer Mode A WAN technology that uses fixed length cells 255

AV/Asset Value The Value of a protected asset 61

Abstraction Hides unnecessary details from the user 117

Acceptance Testing Testing to ensure the software meets the customers operational requirements 337

Access A subject's ability to view, modify, or communicate with an object. Access enables the flow of information between the subject and the object. 1082-1083, 722, 940-941

Access Control Lists/ACL Access Control List 275

Access Control Matrix Table defining what access permissions exist between specific subjects and objects 110

Access Control Mechanisms, controls, and methods of limiting access to resources to authorized subjects only. 797, 722

Access Control list (ACL) A list of subjects that are authorized to access a particular object. Typically, the types of access are read, write, execute, append, modify, delete, and create. 594, 764, 798

Access aggregation The collective entitlements granted by multiple systems to one user. Can lead to authorization creep 311

Account Lockout Disables an account after a set number of failed logins, sometimes during a specific time period 296

5, 7

Accountability A security principle indicating that individuals must be identifiable and must be held responsible for their actions. 814-818, 929-930, 1056

Accountability Holds individuals accountable for their actions 15

Accountability Principle OECD Privacy Guideline principle which states individuals should have the right to challenge the content of any personal data being held, and have a process for updating their personal data if found to be inaccurate or incomplete 37

Accreditation The data owners acceptance of the risk represented by a system 92

Accredited A computer system or network that has received official authorization and approval to process sensitive data in a specific operational environment. There must be a security evaluation of the system's hardware, software, configurations, and controls by technical personnel. 318-320

Act honorably, justly, responsibly, and legally Second canon of the (ISC)2 Code of ethics 46

Active RFID Powered RFID tags that can operate via larger distances 263

Active-active Cluster Involves multiple systems all of which are online and actively processing traffic or data 416

Active-passive Cluster Involves devices or systems that are already in place, configured, powered on and ready to begin processing network traffic should a failure occur on the primary system 416

ActiveX controls The functional equivalent of Java applets. They use digital certificates instead of a sandbox to provide security 142

Ad hoc mode 802.11 peer-to-peer mode with no central AP 261

Address Space Layout Randomization/ASLR Address Space Layout Randomization, seeks to decrease the likelihood of successful exploitation by making memory address employed by the system less predictable 127

Administrative Controls Implemented by creating and following organizational policy, procedures, or regulation. Also called directive controls 349

Administrative Controls Security mechanisms that are management's responsibility and referred to as "soft" controls. These controls include the development and publication of policies, standards, procedures, and guidelines; the screening of personnel; security-awareness training; the monitoring of system activity; and change control procedures. 886-905

Administrative Law Law enacted by government agencies, aka regulatory law 22

GIG / Global Information Grid The US DoD global network, one of the largest private networks in the world 224

GLBA / Gramm-Leach-Bliley Act Requires financial institutions to protect the confidentiality and integrity of consumer financial information 40

Genetic algorithms Creating computer algorithms via Darwinian evolution principals 472

Genetic programming Creating entire software programs (usually in the form of Lisp source code) via Darwinian evolution principals 472

Global Information Grid US Department of Defense (DoD) global network, one of the largest private networks in the world 221

Graham-Denning Model Provides more granuler approach for interaction between subjects and objects. 111-112

Gramm-Leach-Bliley Act (GLBA) Requires financial institutions to protect the confidentiality and integrity of consumer financial information 40

Grandfather-Father-Son Tape Rotation 3 sets of tapes: 7 daily tapes (the son), 4 weekly tapes (the father), and 12 monthly tapes (the grandfather). Once per week a son tape graduates to father. Once every 5 weeks a father graduates into a grandfather. After running for a year this method ensures there are backup tapes available for the past 7 days, weekly tapes for the past 4 weeks, and monthly tapes for the past 12 months. 415

Gross negligence The opposite of due care 19

Guideline A recommendation, administrative control 51-52

All pairs testing Form of combinatorial software testing that tests unique pairs of inputs otherwise known as (Pairwise testing) 338

Bottom-Up programming Starts with the low-level technical implementation details and works up to the concept of the complete program 434

Breach notification Notification of persons whose personal data has been, or is likely to have been, compromised 43

CIA triad Confidentiality, Integrity and Availability 12-15

CIDR Classless Inter-Domain Routing, allows for many network sizes beyond the arbitrary stateful network sizes 231-233

1 , 7

CIRT Computer Incident Response Team, a team that performs incident handling 19, 358

"Bad" Blocks/Clusters/sectors Good disk blocks marked as bad 354

CISC Complex Instruction Set Computers, CPU instructions that are longer and more powerful 122-123

Cryptology The science of secure communications 146

Date Encryption Standard See - DES 161-165, 181

802.11 Wireless networking standard 259

802.11-1997 The original mode of 802.11 operated at 2mbs using the 2.4 GHz frequency 260

802.11a 802.11 mode that operates at 54 mbps using the 5 GHz frequency 260

802.11b 802.11 mode that operates at 11 mbps using the 2.4 GHz frequency 260

802.11g 802.11 mode that operates at 54 mbps using the 2.4 GHz frequency 260

802.11i The first 802.11 wireless security standard that provides reasonable security 259

802.11n 802.11 mode that uses both 2.4 and 5 GHz frequencies and allows speeds of 144 mbps and beyond 260

802.1X Port-based Network Access Control layer 2 authentication 146

4GL / Fourth-generation programming language Designed to increase programmer's efficiency by automating the creation of computer programming code 433

4GL Fourth-generation programming language designed to increase programmers efficiency by automating the creation of computer programming code 433

Authorization Creep Occurs when employees not only maintain old access rights but also gain new ones as they move from one division to another within an organization. 311

ABM Asynchronous Mode HDLC combined mode where nodes may act as primary or secondary, initiating transmission without receiving permission 256

ACK TCP flag, acknowledge received data 238

ADSL Asymmetric Digital Subscriber Line, DSL featuring faster download speeds than upload 283

AH/Authentication Header Authentication Header, Ipsec protocol that provides authentication and integrity for each packet of network data 179

AIC triad The three security principles: availability, intregrity, and confidentiality. 3-8

ALE/Annualized Loss Expectancy The cost of loss due to a risk over a year 11

ALU/Arithmetic Logic Unit CPU Component that performs mathematical calculations 120

ANN/Artificial Neural Networks Simulate neural networks found in humans and animals 470

API/Application Programmers Interface Allows an application to communicate with another application, or an operating system, database, network, etc. For example, The Google Maps API allows an application to integrate 3rd-party content such as restaurants overlaid on a Google Map 449

ARCNET Attached Resource Computer Network, a Legacy LAN technology that uses tokens 249

Advance and protect the profession Fourth canon of the (ISC)2 Code of Ethics 47

Advanced Encryption Standard/AES Advanced Encryption Standard, a block cipher using 128 bit, 192 bit, or 256 bit keys to encrypt 128-bit blocks of data 148

Agents of law enforcement Private citizens carrying out actions on the behalf of law enforcement 28

Aggregation Mathematical attack where a user is able to use lower-level access to learn restricted information 144

3,8

Aggregation The act of combining information from separate sources of a lower classification level that results in the creation of information of a higher classification level, which the subject does not have the necessary rights to access. 324-325, 1169-1170

Agile Software Development Flexible software development model that evolved as a reaction to rigid software development models such as the Waterfall Model 439

Allocated Space Portions of disk partition that are marked as actively containing data 353

Availability Assures information is available when needed 11

Availability The reliability and accessibility of data and resources to authorized identified individuals in a timely manner. 3-4

Analog Communications that sends a continuous wave of information 185

Annualized Rate of Occurrence (ARO) The value that represents the estimated possibility of a specific threat taking place within a one-year timeframe. 114

Annualized loss expectancy (ALE) A dollar amount that estiamtes the loss potenial from a risk in a span of a year. Single Loss Expectancy (SLE) x annualized rate of occurrence (ARO) = ALE 114, 115, 120

Antimalware Software whose principal functions include the identification and mitigation of malware; also known as antivirus, although this term could be specific to only one type of malware. 1187-1190

Antivirus Software Software designed to prevent and detect malware infections 56

Applet Small pieces of mobile code that are embedded in other software such as web browsers 141

Application Layer (OSI) Layer 7 of the OSI model where the user interfaces with the computer application. 224

Application Layer (TCP/IP) TCP/IP model layer that combines Layers 5 through 7 of the OSI model 226

Application-layer proxy Proxy firewall that operates up to Layer 7 274

Artificial Intelligence The science of programming electronic computers to "think" more intelligently, sometimes mimicking the ability of mammal brains 469

Backward chaining Expert system mode that starts with begins with a premise and works backwards 470

Baseband Network with one channel; can only send one signal at a time 220

Assembly Language Low-level computer programming Language with instructions that are short mnemonics, such as "ADD", "SUB" (subtract) and "JMP" (jump) that match to machine language instructions 431

Asset A resource that is valuable to an organization and must be protected 79

Assurance Ameasurement of confidence in the level of protection that a specific security control delivers and the degree to which is enforces the security policy. 313

Asymmetric Encryption Encryption that uses two keys: if you encrypt with one you may decrypt with the other 103

Asynchronous Dynamic Token Authentication that is not synchronized with a central server, includes challenge-response tokens 303

Attack An attempt to bypass security controls in a system with the mission of using that system or compromising it. An attack is usually accomplished by exploiting a current vulnerability. 100-101

Attribute A Column in a relational database table 450

Audit Trail A chronological set of logs and records used to provide evidence of a system's performance or activity that took place on the system. These logs and records can be used to attempt to reconstruct past events and track the activities that took place, and possibly detect and identify intruders. 814-818

Authenticate To verify the identity of a subject requesting the use of a system and/or access to network resources. The steps to giving a subject access to an object should be identification, authentication, and authorization. 739-761

Authentication Proof of an Identity claim 15

Authorization Actions an individual can perform on a system 15

Awareness Security Control designed to change user behavior 52

BCI The Business Continuity Institute 423

BCP Business Continuity Plan, A long-term plan to ensure the continuity of business operations 347, 348, 383-424

BCP/DRP project manager The key point of contact for ensuring that a BCP/DRP is not only completed, but also routinely tested 397

BGP Border Gateway Protocol, the routing protocol used on the Internet 271

2 , 3

BIOS Basic Input output System, typically stored in firmware 88-89, 125-126, 128

BIOS/Basic Input Output System Typically stored in Firmware 88

3 , 4

BOOTP Bootstrap Protocol, used for bootstrapping via a network by diskless systems 135, 245

BRI Basic Rate interface, provides two 64 K digital ISDN channels 282

BRI/Basic Rate Interface Provides two 64k digital ISDN channels 282

BRP Business Recovery Plan, details the steps required to restore normal business operations after recovering from a disruptive event. Also known as the Business Resumption Plan 408, 412-417

BS-25999 Continuity standard by the British Standards institution (BSI) 422-423

Back Door An undocumented way of gaining access to a computer system. After a system is compromised, an attacker may load a program that listens on a port )back door) so that the attacker can enter the system at any time. A back door is also referred to as a trapdoor. 827

Back up Copy and move data to a medium so that it may be restored if the original data is corrupted or destroyed. A full backup copies all the data from the system to the backup medium. An incremental backup copies only the files that have been modified since the previous backup. A differential backup backs up all files since the last full backup. 1010-1028

Backdoor A shortcut in a system that allows a user to bypass security checks 138

Background checks A Verification of a person's background and experience, Also called pre-employment screening 52

Bastion Host Any host placed on the internet that is not protected by another device 274

Bayesian filtering Uses mathematical formulas to assign probabilities to make decisions such as identifying spam 471

Bell-LaPadula Model The model uses a formal state transition model that describes its access controls and how they should perform. When the system must transition from one state to another, the security of the system should never be lowered or compromised. See also multilevel security, simple security proeprty, and start property (*-property). 307-308, 309, 312

Bell-LaPadula Security model focused on maintaining the confidentiality of objects 106

Best evidence rule Requires use of the strongest possible evidence 26

Best practice A consensus of the best way to protect the confidentiality, integrity and availability of assets 21, 24

Biba Model A formal state transition system of a computer security policy that describes a set of access control rules designed to ensure data integrity. 308-309, 313

Biba Security model focused on maintaining the integrity of objects 107-108

Big Bang testing Integration testing that tests all integrated software components 337

Binary image Bit-level copy of memory 353

Biometrics When used within computer security, identifies individuals by physiological characteristics, such as a fingerprint, hand geometry, or pattern in the iris. 727, 744-751

Black box software testing Gives the tester no internal details: the software is treated as a black box that receives inputs 330, 336

1 , 6

Black hat Unethical hacker or researcher 69, 331

Blacklist A set of known bad resources such as IP addresses, domain names, or applications. 987

Blowfish Block cipher using from 32 through 448 bit (the default is 128) keys to encrypt 64 bits of data 168

Bluetooth 802.15 networking, a PAN wireless technology 262

Bollard A post designed to stop a car, typically deployed in front of building entrances 184-185

Book cipher Cryptographic method that uses whole words from a well-known text such as a dictionary as a one-to-one replacement for plaintext 154

Boot sector virus Virus that infects the boot sector of a PC, which ensures the virus loads upon system startup 138

3 , 4

Bootstrap Protocol - BOOTP Bootstrap Protocol, used for bootstrapping via a network by diskless systems 135, 245

Border Gateway Protocol - BGP Border Gateway Protocol, the routing protocol used on the Internet 271

Bot A computer system running malware that is controlled via a botnet 72

Botnet A central bot command and control (C&C) network, managed by humans 72

Brewer-Nash / Chinese Wall Model Model designed to avoid conflicts of interest by prohibiting one person, like a consultant, from accessing multiple conflict of interest categories (CoIs) 109

Bridge Layer 2 device that has two ports and connects network segments together 263-264

Broadband Network with multiple channels; can send multiple signals at a time, like cable TV 220

Broadcast Traffic that is sent to all stations on a LAN 236-237

4, 5, 6

Browsing Searching through storage media looking for specific information without necessarily knowing what format the information is in. A browsing attack is one in which the attacker looks around a computer system either to see what looks interesting or to find specific information. 690-700, 738, 900-902, 1145, 1155

3 , 5

Brute force attack Attack that attempts every possible key or combination 171-172, 190, 299-300

3, 5

Brute-Force Attack An attack that continually tries different inputs to achieve a predefined goal, which can be used to obtain credentials for unauthorized access. 371, 752, 835-836

Buffer overflow Condition where an attacker can inset data beyond the end of a buffer variable 463-464

Bus Physical network topology that connects network nodes in a string 250-251

Business Continuity Plan - BCP Business Continuity Plan, A long-term plan to ensure the continuity of business operations 347, 348, 383-424

Business Impact Analysis (BIA) A functional analysis in which a team collects data, documents business functions, develops a hierarchy of business functions, and applies a classification scheme to indicate each individual function's criticality level. 146-152, 1030-1031

Business Owners Also called Mission Owners, members of senior management who create the information security program and ensure that it is properly staffed, funded, and has organization priority 85

Business Recovery Plan - BRP Business Recovery Plan, details the steps required to restore normal business operations after recovering from a disruptive event. Also known as the Business Resumption Plan 408, 412-417

Business Resumption Plan - BRP Business Recovery Plan, details the steps required to restore normal business operations after recovering from a disruptive event. Also known as the Business Resumption Plan 408, 412-417

Business interruption testing Partial or complete failover to an alternate site 419

Bytecode Machine-independent interpreted code, used by Java 431

CASE Computer-Aided Software Engineering, uses programs to create assist in the creation and maintenance of other computer programs 434

CBC Cipher Block Chaining, a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted 163

CCD Charged Couple Discharge, a digital CCTV 185-186

CCMP Counter Mode CBC MAC Protocol, used by WPA2 to create a MIC 262

CCTV Closed Circuit Television, a detective device used to aid guards in detecting the presence of intruders in restricted areas 185-187

CDN Content Distribution networks (also Content Delivery Networks) use a series of distributed caching servers to improve performance and lower the latency of downloaded online content 287

CER Crossover Error Rate, describes the point where the False Reject Rate (FRR) and the False Accept Rate (FAR) are equal 293, 305-306

CFB Cipher Feedback, a stream mode DES that is similar to block-mode CBC 163

4 , 5

CHAP Challenge Handshake Authentication Protocol, a more secure network authentication protocol that uses a shared secret 278, 320

Certification The technical evaluation of the security components and their compliance for the purpose of accreditation. A certification process can use safeguard evaluation, risk analysis, verification, testing, and auditing techniques to assess the appropriateness of a specific system processing a certain level of information within a particular environment. The certification is the testing of the security component or system, and the accreditation is the approval from management of the security component or system. 318-320

1 , 5

Chain of custody Requires that once evidence is acquired, full documentation regarding who, what, when and where evidence was handled is maintained 27, 29, 297

Chaining Block cipher mechanism that seeds the previous encrypted block into the next block to be encrypted 161

4 , 5

Challenge Handshake Authentication Protocol - CHAP Challenge Handshake Authentication Protocol, a more secure network authentication protocol that uses a shared secret 278, 320

7 , 8

Change management The process of understanding, communicating, and documenting changes 373-375, 420, 449-450

Channel Service Unit/Data Service Unit - CSU/DSU Channel Service Unit/Data Service Unit, DCE device. 277

Charged Couple Discharge - CCD Charged Couple Discharge, a digital CCTV 185-186

Checklist testing Lists all necessary components required for successful recovery, and ensures that they are, or will be, readily available should a disaster occur. Also knows as consistency testing 418

Chinese Wall Model Model designed to avoid conflicts of interest by prohibiting one person, like a consultant, from accessing multiple conflict of interest categories (CoIs) 109

3 , 4 , 5

Cipher A Cryptographic algorithm 103, 146, 148, 150-159, 161-168, 170-171, 176-178, 181, 261-262, 296-300

Cipher Block Chaining - CBC Cipher Block Chaining, a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted 163

Cipher Feedback - CFB Cipher Feedback, a stream mode DES that is similar to block-mode CBC 163

Cipher disk Cryptographic device that uses two concentric disks, each with an alphabet around the periphery 151-153

Ciphertext A encrypted message 146, 173-174

Ciphertext Data that has been encrypted and is unreadable until it has been converted into plaintext. 337, 340

Circuit-level proxy Proxy firewall that operates at Layer 5 274

Circuit-switched network Network that provides a dedicated circuit or channel between two nodes 221

Circumstantial evidence Evidence that servers to establish the circumstances related to particular points or even other evidence 25

Civil law (legal system) Legal system that leverages codified laws or statues to determine what is considered within the bounds of law 20

Civil law Law that resolves disputes between individuals or organizations 20, 22-23

Clark-Wilson Model An integrity model that addresses all three integrity goals: prevent unauthorized users from making modification, prevent authorized users from making improper modifications, and maintain internal and external consistency through auditing. 309-310, 313

Clark-Wilson Real-world integrity model that protects integrity by having subjects access objects via programs 108-109

Class I gate Residential gate designed for home use 184

Class II gate Commercial gate, such as a parking garage gate 184

Class III gate Industrial/limited access gate, such as a loading dock 184

Class IV gate Restricted access gate, used at an airport or prison 184

Classful address IPv4 networks in classes A through E 232

Classification A systematic arrangement of objects into groups or categories according to a set of established criteria. Data and resources can be assigned a level of sensitivity as they are being created, amended, enhanced, stored, or transmitted. The classification level then determines the extent to which the resource needs to be controlled and secured, and is indicative of its value in terms of information assets. 193-198

Classless Inter-Domain Routing - CIDR Classless Inter-Domain Routing, allows for many network sizes beyond the arbitrary stateful network sizes 231-233

Clearance A determination, typically made by a senior security professional, about whether or not a user can be trusted with a specific level of information 83

Commercial Off-the-Shelf Software See - COTS 468-469

Commit Makes changes to a database permanent 455

Common Criteria An internationally agreed upon standard for describing and testing the security of IT projects 115-116

Common Object Request Broker Architecture See- COBRA 460-461

Common law Legal system that places significant emphasis on particular cases and judicial precedent as a determinant of laws 21

Communications Security Controls in place to protect information as it is being transmitted, especially by telecommunications mechanisms. 512-517

2 , 3

Compartmentalization Technical enforcement of need to know 82-83, 113, 117

Compensation controls Additional security controls put in place to compensate for weaknesses in other controls 57

Compensatory damages Damages provided as compensation 23

Compiler Convert source code, such as C or Basic, and compile it into machine code 431

Complex Instruction Set Computer See - CISC 122-123

Component Object Model See - COM 460

Computer Fraud and Abuse Act Title 18 United States Code Section 1030 40, 41-42

1 , 7

Computer Incident Response Team See - CIRT 19, 358

Computer Security Incident Response Team See - CSIRT 358

Computer bus The primary communication channel on a computer system 119-120

Computer crimes Crimes using computers 30-31

Computer-Aided Software Engineer See - CASE 434

Conduct the business impact analysis (BIA) Second step of the NIST SP 800-34 contingency planning process 399-403

1 , 2 , 3 , 6 , 7 , 8

Confidentiality Seeks to prevent the unauthorized disclosure of information 11-15, 36-38, 40, 42-43, 54-55, 84, 97, 123-126, 146-147, 331-332, 448, 451

Configuration Management The identification, control, accounting, and documentation of all changes that take place to system hardware, software, firmware, supporting documentation, and test results throughout the lifespan of the system. 933-940

Configuration management The process of developing a consistent system security configuration that can be leveraged throughout an organization 450

Confusion The relationship between the plaintext and ciphertext should be confused (or random) as possible 147

Consistency testing See - Checklist testing 418

Constrained user interface Presents a user with limited controls on information, such as an ATM keypad 453

Containment phase Incident response phase that attempts to keep further damage from occurring as a result of the incident 361

Content Distribution Networks See - CDN 287

Content-dependent access controls Adds additional criteria beyond identification and authentication: the actual content the subject is attempting to access 323

Context-dependent access control Adds additional criteria beyond identification and authentication: the context of the access, such as time 323

Contingency Plan A plan put in place before any potential emergencies, with the mission of dealing with possible future emergencies. It pertains to training peronnel, performing backups, preparing critical facilities, and recoving from an emergency or disaster so that business operations can continue. 983-984

Continuity Planning Project Team See - CPPT 397-398

Continuity of Operations Plan See - COOP 407-408

Continuity of Support Plan Focuses narrowly on support of specific IT systems and applications 408

Contraband check Seek to identify objects that are prohibited to enter a secure perimeter (such as an airplane) 193

Control Objectives for Information and related Technology See - COBIT 95

Control Zone The space within a facility that is used to protect sensitive processing equipment. Controls are in place to protect equipment from physical or technical unauthorized entry or compromise. The zone can also be used to prevent electrical waves carrying sensitive data from leaving the area. 811, 822

Control unit CPU component that acts as a traffic cop, sending instructions to the ALU 120

Convergence All routers on a network agree on the state of routing 269

Copyright Type of intellectual property that protects the form of expression in artistic, musical, or literary works 32-36

Corrective controls Controls that correct a damaged system or process 56

Corroborative evidence Evidence that provides additional support for a fact that might have been called into question 25-26

Counter Mode CBC MAC Protocol See - CCMP 262

Counter Mode See - CTR 163

Coupling OOP concept that connects objects to others. Highly coupled objects have low cohesion 458-459

Covert channel Any communications that violates security policy 109-110, 136-137

Cracker A black hat hacker 69

Criminal law Law where the victim can be seen as society itself 22

Crippleware Partially functioning proprietary software, often with key features disabled. The user is typically required to make a payment to unlock the full functionality 435

Crisis Management Plan See - CMP 409-411

Cross-Site Request Forgery See - CSRF 465

Cross-Site Scripting See - XSS 465

Crossover Error Rate See - CER 293, 305-306

Crossover Genetic algorithm concept that combines two algorithms 472

3 , 5

Cryptanalysis The science of breaking encrypted messages (recovering their meaning) 146, 171-176, 299-300

Cryptographic Protocol Governance Describes the process of selecting the right cipher and implementation for the right job 149-150

Cryptography Science of creating messages whose meaning is hidden 146-150

Custodian Provides hands-on protection of assets 86

Customary Law Customs or practices that are so commonly accepted by a group that the custom is treated as law 21, 24

Cyber Incident Response Plan Plan designed to respond to disruptive cyber events, including network-based attacks, worms, computer viruses, Trojan horses, etc. 409

Cybersquatting Registering internet domain names associated with another organization's intellectual property 35-36

5 , 6

DAC Discretionary Access Control, gives subjects full control of objects they have or been given access to, including sharing objects with other subjects 293, 321, 349

DAD Disclosure, Alteration, and Destruction, the opposite of Confidentiality, Integrity and Availability 13-14

DARPA Defense Advanced Research Projects Agency, funders of the original MILNET and ARPANET 221-222

DBA Database Administrator, role that manages databases 450

DBMS Database management system, controls all across all access to the database and enforces database security 450

DCE Data Circuit-Terminating equipment, a device that networks DTEs, such as a router 453

DCOM Distributed component object model, locates, and connects objects across a network 460

DDL Data Definition language, used to create, modify, and delete tables 454

DEA Data Encryption Algorithm, described by DES 161

DEP Data Execution Prevention, which can be enabled within hardware and/or software, and makes specific pages of the stack non-executable 126

DES Data Encryption Standard, a symmetric block cipher using a 56-bit key and 64-bit block size 161

DHCP Dynamic Host Configuration protocol, assigns temporary IP address leases to systems, as well as DNS and default gateway configurations 245

DMZ Demilitarized Zone network, used to separate trusted from untrusted networks 276

DNP3 Distributed Network Protocol, provides an open standard used primarily within the energy sector for interoperability between various vendors' SCADA and smart grid applications 256

DNS Domain Name System, a distributed global hierarchical database that translates names to IP Addresses, and vice versa 244

DNS reflection attack Spoofed Dos attack using third-party DNS servers 244

DNSSEC Domain Name server security extensions, provides authentication and integrity to DNS reponces via the use of public key encryption 244

DRAM Dynamic Random Access Memory, stores bits in small capacitors (Like small batteries), cheaper, and slower than SRAM 88

DRP Disaster Recovery Plan, a short-term plan to recover from a disruptive event 384

DSSS Direct Sequence Spared Spectrum, uses the entire wireless band at once 259

DSl Digital subscriber Line, uses existing copper pairs to provide digital service to homes and small offices 283

DTE Data terminal equipment, a Network "terminal," such as a desktop, server, or actual terminal 277

DTE/DCE Connection that spans the Demarc 277

Data Circuit-Terminating Equipment See - DCE 277

Data Definition Language See - DDL 453-454

3 , 4

Data Encryption Algorithm See - DEA 161-168, 181, 262

Data Encryption Standard (DES) Symmetric key encryption algorithm that was adopted by the government as a federal standard for protecting sensitive unclassified information. DES was later replaced with Advanced Encryption Standard (AES). 339, 370-377

Data Execution Prevention See - DEP 126-127

Data Mining Used to search for patterns, such as fraudulent activity, in a data warehouse 145

Data Owner A management employee responsible for assuring that specific data is protected 85

Data Processor Role that manages data on behalf of data controllers. An outsourced payroll company is an example of data processor 86

Data Quality Principle OECD Privacy guideline principle that states personal data should be complete, accurate, and maintained in a fashion consistent with the purposes for the data collection 37

Data Warehouse A Large collection of Data 456

Data controllers Role that creates and manages sensitive data within the organization. Human resources employees are an example: they create and manage sensitive data, such as salary and benefit data, reports from employee sanctions, etc.. 86

Data dictionary Contains a description of the database tables, including the schema, database view information, and information about authorized database administrator and user accounts 453

4 , 8

Data hiding See - Encapsulation (object) 226, 457

Data link layer Layer 2 of the OSI model, handles access to the physical layer as well as local area network communication 223, 236-237, 263-266

Data remanence See-Remanence 87

Database A structured collection of related data 450

Database Administrators Database Administrator, role that manages databases 450

Database Journal A log of all database transactions. Should a database becomes corrupted, the database can be reverted to a backup copy, and then subsequent transactions can be "replayed" from the journal, restoring database integrity 450

Database management system Database management system, controls all across all access to the database and enforces database security 450

Database replication Mirrors a Live database, allowing simultaneous reads and writes to multiple replicated databases by clients 455

Database shadowing two or more identical databases that are updated simultaneously 455

Database view The results of a database query 453

Ddos Distributed Denial of Service, an availability attack using many systems 27

Deadbolt A rigid locking mechanism that is held in place by a key, and prevents the door from opening or fully closing when extended 189

Defense in Depth Application of Multiple safeguards that span multiple domains to protect an asset 19

Degaussing Destroying the integrity of the magnetization of the storage media, making the data unrecoverable 91

Delphi technique A group decision method used to ensure that each member of a group gives an honest and anonymous opinion pertaining to the company's risks. 118

Demarc Demarcation point, where the ISP's responsibility end, and the customer's begins 198

Demilitarized Zone Demilitarized Zone network, used to separate trusted from untrusted networks 276

Denial of Service Denial of Service, an attack on availability 27

Detection controls Controls that alert during or after a successful attack 56

Detection phase Incident response phase that analyses events in order to determine weather they might comprise a security incident 56

Deterrent controls Deter users from performing actions on a system 56

DevOps A more agile development and support model, echoing agile programming methods including Sashimi and Scrum. Developers directly support operational function 450

DevOps The practice of incorporating developers and members of operations and quality assurance (QA) staff into software development projects to align their incentives and enable frequent, efficient, and reliable releases of software products. 1109-1110

Develop an IT contingency plan Fifth step of the NIST SP 800-34 contingency planning process 422

Develop recovery strategy Forth step of the NIST SP 800-34 contingency planning process 422

Develop the contingency planning policy statement First step of the NIST SP 800-34 contingency planning process 422

Diameter RADIUS successor, designed to provide an improved Authentication, Authorization , and accounting (AAA) framework 319

Digital signature Provides nonrepudiation, which includes authentication of the identity of the signer, and proof of the document's integrity 176

Digital subscriber line Digital subscriber Line, uses existing copper pairs to provide digital service to homes and small offices 283

Direct evidence Testimony provided by a witness regarding what the witness actually experienced 25

Disaster Any disruptive event that interrupts normal systems, operations. 385

Disaster recovery plan Disaster Recovery Plan, a short-term plan to recover from a disruptive event 384

Disclosure, Alteration and Destruction See--DAD 14

Discretionary access control See --DAC 321

Diskless workstation Computer systems that contains CPU, Memory, and Firmware, but no hard drive, type of thin client 135

Distributed Network Protocol 3 (DNP3) A communications protocol designed for use in SCADA systems, particular those within the power sector, that does not include routing functionality. 3, 496

Distributed Network Protocol See DPN3 256

Distributed component object model DCOM 460

Divestitures Also known as de-mergers and de-acquisitions, and represent flip side of acquisition: one company becomes two or more 46

DoS Denial of Service, an attack on availability 27

Domain Name Server security extensions Domain Name server security extensions, provides authentication and integrity to DNS response via the use of public key encryption 244

Domain Name systems Domain Name System, a distributed global hierarchical database that translates names to IP Addresses, and vice versa 244

Domains of trust Access control Module used by windows active directory 244

Dual Factor Authentication See Strong Authentication 294

Dual homed host Host with 2 Network interfaces one connected to a trusted network and the other connected to an untrusted network 275

Due Diligence The management of Due care 24

Due care Requires that key organizational stakeholders are prudent in carrying out their duties, aka that "prudent man rule" 24

Dynamic host configuration protocol Dynamic Host Configuration protocol, assigns temporary IP address leases to systems, as well as DNS and default gateway configurations 245

Dynamic password Changes at regular intervals 294

Dynamic signatures Biometric control that measures the process by which someone signs their name 308

Dynamic testing Tests code while executing it 335

E1 Dedicated 2.048 megabit circuits that carries 30 channels 254

E3 24 E1s 254

EAP / Extensible Authentication Protocol A layer 2 authentication framework that describes many specific authentication protocols 278 - 280

EAP Extensible Authentication Protocol, a Layer 2 authentication framework that describes many specific authentication protocols 280

EAP OVER LAN EAP Over LAN, a Layer 2 protocol for varying EAP 280

EAP tunneled transport layer security EAP tunneled transport layer security, simplifies EAP-TLS by dropping the client side certificate requirement 280

EAP-FAST EAP-Flexible Authentication via Secure Tunneling, designed by Cisco to replace LEAP 280

EEPROM / Electrically -Erasable Programmable Read Only Memory Electrically erasable memory via the use of flashing program 88 - 90

EF / Exposure Factor The percentage of value an asset lost due to an iincident 62, 63

EGP / Exterior Gateway Protocol An exterior gateway protocol used by Private networks like Intreanets 268 - 269

EOC / Emergency Operations Center The command post established during or just after an emergency event 411

ESP / Encapsulating Security Payload Ipsec protocol which Payload primarily provides confidentiality by encrypting packet data 179 - 181, 281 - 282

EU Data Protection Directive Privacy directive which allows for the free flow of information while still maintaining consistent protections of each member nations citizens data 36 - 38

EULA / End User License Agreement A form of software licensing agreement 34, 435

Electronic vaulting Batch process of electronically transmitting data that is to be backed up on a routine, regularly scheduled time interval 415

Emanations Energy which escape an slectronic system, and which may be remotely monitored under certain circumstances 136

Encapsulation / Network Takes information from a higher network layer and adds a header to it, treating the higher-layer information as data 226

Encapsulation / Object Contains and hides the details of an object's method 457

Enigman Rotor machine used by German Axis powers during World War II 157

Enrollment The process of enrolling with a system (such as a biometric authentication system), creating an account for the first time 304

Enticement Making the conditions for commission of a crime favorable for those already intent on breaking the law 30

Entitlements The permissions granted to a user 311 - 312

Entity Integrity Requires that each tuple has a unique primary key that is not null 452

Entrapment A legal defense wher the defendant claims an agent of law enforcement persuaded the defendant to commit a crime that he or she would otherwise not have committed 30

Ephemeral ports TCP/IP ports 1024 and higher 237 - 238

Eradication phase Incident response phase that cleans a compromised system 361

Hacker Controversial term that may mean explorer or someone who maliciously attacks systems 68-69, 71-72

Ethics Doing what is morally right 46 - 49, 69

Exclusive Or Binary operation that is true if one of two inputs (but not both) are true 149

Executive Succession Planning Determines an organizations line of succession 411 - 412

Exfiltration Policy-violating removal of sensitive data fram a secure perimeter 193

Exigent circumstances With respect to evidence acquisition, justification for the seizure of evidence without a warrant due to the extreme likelihood that the evidence will be destroyed 27 - 30

Expert systems Seeks to replicate the knowledge and decision-making capability of human experts 469 - 470

Extranet A connection between private Intranets 221

FAR / False Accept Rate Occurs when an unauthorized subject is accepted as valid, Also known as a type II error 293, 305 - 306

Hacktivist Hacker activist, someone who attacks computer systems for political reasons 71-72

FCIP / Fibre Channel over IP SAN protocol that encapsulates Fibre Channel frames via Ethernet and TCP/IP 257

FCoE / Fibre Channel over Ethernet SAN protocol that leverages Fibre Channel, but can be transmitted across standard Ethernet networks. Does not use TCP/IP 256 - 257

FDDI / Fiber Distributge Data Interface Legacy LAB technology that uses light 249 - 250

FDE / Full Disk Encryption Whole Disk Encryption 96 - 97, 126, 149, 370

FDX / Fetch and execute Mechanism that allows the CPU to receive machine language instructions and execute them. Also called "Fetch, Decode, Execute" 121

FHSS / Frequency Hopping Spread Spectrume Uses a mumber of small frequency channels throughout the wireless band and "hops" through them in pseudorandom order 259 - 260

FIN TCP fral, finish a connection (gracefully) 238 - 239

FIdM / Federated Identity Management Applies Single Sign On at a much wider scale: tanging from cross-organization to Internet scale 312

FRR / False Reject Rate Occurs when an authorized subject is rejected as invalid, Also known as a type I error 293, 305 - 306

FTP / File Transfer Protocol Used to transfer files to and from servers 242 - 243

Facial Scan Bimetric control that compares a picture of a face to pictures stored in a database 308

Failover cluster Multiple systems that can be seamlessly leveraged to maintain the availability of the service or application being provided. Also called a failover cluster 382

Fair use doctrine Allows someone to duplicate copyrighted material without requiring the payment, consent, or even knowledge of the copyright holder 34

Faraday Cage Shields enclosed objects from EMI 263

Feedback Stream cipher mechanism that seeds the previous encrypted bit into the next bit to be encrypted 161

Fiber Channel over Ethernet (FCoE) A converged protocol that allows Fiber Channel frames to ride over Ethernet networks 511

Fiber Optic network cable Uses light to carry information 202, 248

Fibre Channel Non-Ethernet/IP fiber optic storage technology 257

Field of view The entire area viewed by a camera 185

Fingerprint scan Biometric scan of the minutae (specific details of the fingerprint) 305, 306 - 307

Firewall Device that filters traffic based on layers 3 (IP Addresses) and 4 (ports) 271 - 277

Firmware Stores small programs that do not change frequently, such as a compute's BIOS 88 - 89

First sale doctrine Allows a legitimate purchaser of copyrighted material to sell it to another person 34

Fitness function Genetic algorithm concept that assigns a score to an evolved algorithm 472

Flash memory A specific type of EEPROM, used for small portalbe disk drives 89

Half Duplex sends or receives at one tome only (not simultanesouly), like a walkie-talkie 220

Footcandle One lumen per square foot 185

Foreign key A key in a related database table that matches a primary key in the parent database 452

Formal access approval Documented approval from the data owner for a subject to access certain objects 83

Free software Controversial term that is defined differently by different groups. "Gree" may mean free of charge, or "free" may mean the user is free to use the software in any way they would like, including modifying it 435

Freeware Software that is free of charge 435

Domain #

Front of Card Back of Card Page Number(s) for More Information

Full backup An archive of all files 377, 414

Full disclosure The controverial practice of releasing vulnerability details publicly 466

Full duplex Two-way simultaneous transmission, like two people having a face-to-face conversation 220

Full knowledge test A penetration test where the tester is provided with inside information at the start of the test 330

Fuzzing / Fuzz testing A type of black box testing that enters random malformed data as inputs into software programs to determine if they will crash 337 - 338

GAN / Global Area Network A global collection of WAN's 221

Impact The severity of damage, sometimes expressed in dollars (value) 60

Incremental Backup an archive of all files that have changed since the last backup of any kind was performed 377, 414

Individual Participation Protocol OECD privacy guideline principle that states indivdual should have control over their data 37

Industrial, Scientific, and Medical (ISM) Radium Spectrum (bands) that are set aside for unlicensed use, meaning you do not need to acquire a license from an organization such as the FCC to use them 259

Installation testing testing software as it is installed and first operated 337

Instance One copy of an object 457

Integrated Circuits Cards (ICC) Alias for "Smart Card". Physical access control device that's contains a computer circuit 190-192

Integrated Product Team (IPT) Integrated product team, a customer-focused group that focuses on the entire lifecycle of a project 447

Integrated Services Digital Network (ISDN) Earlier attempt to provide digital service via 'copper pair'. Commonly used for teleconferencing and videoconferencing. 282-283

Integration testing testing multiple software components as they are combined into a working system 314, 337

Integrity Axiom Biba property which states "no write-up" 107

Integrity seeks to prevent unauthorized modification of information 11

Intellectual property intangible property that resulted from a creative act 31-36, 134-135

Interface Definition Language (IDL) Interface definition language, used by COBRA objects to communicate 460-461

Interface Testing tests all the ways users can interact with the application, and is concerned with appropriate functionality being exposed. From a security-oriented vantage point, the goal is to ensure that security is uniformly applied across the various interfaces 339

Interior Gateway Protocol (IGP) OSI Layer 3 Routing Protocol used for private networks, like Intranets 268-269

International Data Encryption Algorithm (IDEA) International data encryption algorithm, a symmetric block cipher using a 128 bit key and 64 bit block size 165

Internet Control Message Protocol (ICMP) Internet control message protocol 225, 228, 240-241, 272-273, 364-365

Internet Key Exchange (IKE) Internet key exchange, manages the IPSec encryption algorithm 180-181

Internet Layer (TCP/IP) tcp/ip model layer that aligns with the layer 3 of the OSI model, describes IP Addresses and routing 225-226, 227-241

Internet Message Access Protocol (IMAP) Internet message access protocol, an email client protocol 243

Internet Protocol (TCP/IP) TCP/IP model layer that aligns with layer 3 (network) layer of the OSI Model. This is where IP Addresses and routing lives. 225-226, 227-241

Internet Protocol Security (IPSEC) internet protocol security, a suite of protocols that provide a cryptographic layer to both IPv4 and IPv6 98, 179-181

Intranet A privately owned network running TCP/IP 221

Intrusion Detection System (IDS) Intrusion detection system, a detective technical control 363-366, 461-462

Intrusion Detection System (IDS) Software employed to monitor and detect possible attacks and behaviors that vary from the normal and expected activity. The IDS can be network based, which monitors network traffic, or host based, which monitors activities of a specific system and protects system files and control mechanisms. Gold - 822, Silver - 363-366, 461 & 462

Intrusion Prevention System (IPS) Preventative device designed to prevent malicious actions 363-366

Iris Scan passive biometric scan of the iris (colored portion of the eye) 307

Kerberos A third-party authentication service that may be used to support Single Sign On 314-318

3,4

Layering Separates hardware and software functionality into modular tiers 116-118,222-226

1,7

Least privilege See—Principle of least privilege - Granting subjects the minimum amount of authorization required to do their jobs, also known as minimum necessary access 17-18, 349

JSON JavaScript Object Notation, a data interchange format 142

3,8

Java An object-oriented language used not only to write applets, but also as a general-purpose programming language 141-142, 431

JavaScript Object Notation See JSON - JavaScript Object Notation, a data interchange format 142

Jefferson Disks Cryptographic device invented by Thomas Jefferson that used multiple wheels, each with an entire alphabet along the ridge 153-154

Kernel The heart of the operating system, that usually runs in ring 0. It provides the interface between hardware and the rest of the operating system, including applications 117-118, 127-128

Key Distribution Center See—KDC Key Distribution Center, a Kerberos service that authenticates principals 315-318

Key lock Preventive device that requires a physical key to unlock 187-190

Keyboard dynamics Biometric control that refers to how hard a person presses each key and the rhythm by which the keys are pressed 308

Knowledge base Expert system component that consists of "if/then" statements 469-470

L2F Layer 2 Forwarding, designed to tunnel PPP 281

L2TP Layer 2 Tunneling Protocol, combines PPTP and L2F 281

LAN Local Area Network, a comparatively small network, typically confined to a building or an area within one 249,263-264,250-251,248-249,249-250,221,253-254,266-267,250-253,263,233-234,252,219, 267-271,266,252-253,219, 264-266,248-249,251

LCP Link Control Protocol, the initial unauthenticated connected used by CHAP 278

LDAP Lightweight Directory Access Protocol, open protocol for interfacing and querying directory service information provided by network operating systems. Uses port 389 via TCP or UDP 314

LEAP Lightweight Extensible Authentication Protocol, a Cisco-proprietary protocol released before 802.1X was finalized 280

LLC Logical Link Control, layer 2 protocol that handles LAN communications 223

LWP See—Thread - A lightweight process (LWP) 121-122

Label Security level assigned to an object, such as confidential, secret or top secret 82

Lattice-Based Access Controls Nondiscretionary access control with defined upper and lower bounds implemented by the system 106-107

Layer 2 Tunneling Protocol See—L2TP - Layer 2 Tunneling Protocol, combines PPTP and L2F 281

1,3

Layered defense See—Defense-in-depth Application of multiple safeguards that span multiple domains to protect an asset 19, 145

Local Area Network See—LAN - Local Area Network, a comparatively small network, typically confined to a building or an area within one 249,263-264,250-251,248-249,249-250,221,253-254,266-267,250-253,263,233-234,252,219, 267-271,266,252-253,219, 264-266,248-249,251

Lock bumping Attack on locks using a shaved key, which bumps the pins, allowing the lock to turn 188

Lock picking The art of unlocking a lock without a key 188-189

Logical Link Control See—LLC- Logical Link Control, layer 2 protocol that handles LAN communications 223

Logical Unit Numbers See—LUN - Logical Unit Numbers, provide a way of addressing storage across the network. Also used for basic access control for network accessible storage 257

Lux One lumen per square meter 185

3,5,7

MAC (Access Control) Mandatory Access Control, system-enforced access control based on subject's clearances and object's labels 104-105, 128, 293, 321, 349

MAN Metropolitan Area Network, typically confined to a city, a zip code, or a campus or office park 221

MCH See—Northbridge - Connects the CPU to RAM and video memory, also called the Memory Controller Hub (MCH) 120

3,4

MD5 Message Digest 5, a hash function that creates a 128-bit message digest 171, 177-178, 280

1,4

MIC Message Integrity Check, integrity protocol used by WPA2 11i, 262

MOR Minimum Operating Requirements, describes the minimum environmental and connectivity requirements in order to operate computer equipment 403

MPLS Multiprotocol Label Switching, provides a way to forward WAN data via labels 255

MTBF Mean Time Between Failures, quantifies how long a new or repaired system will run on average before failing 348, 388, 402-403

MTD Maximum Tolerable Downtime, the total time a system can be inoperable before an organization is severely impacted 385, 393, 399, 400-401

MTTR Maximum Transmission Unit, the maximum PDU size on a network 348, 403

MTU Maximum Transmission Unit, the maximum PDU size on a network 228-229

Machine code Software that is executed directly by the CPU 430-431

Magnetic stripe card Passive device that contains no circuits. Sometimes called swipe cards: they are used by swiping through a card reader 190-192

Maintenance hook Shortcut installed by system designers and programmers to allow developers to bypass normal system checks during development 137

1,3,7

Malicious Code See—Malware -Malicious software, any type of software which attacks an application or system 19, 72, 137-139, 369-370

1,3,7

Malware Malicious software, any type of software which attacks an application or system 19, 72, 137-139, 369-370

3,5,6

Mandatory Access Control See—MAC - Media Access Control, layer 2 protocol that transfers data to and from the physical layer 104-105, 128, 293, 321, 349

Mandatory leave Forcing staff to take vacation or time away from the office. Also known as forced vacation 351

Mantrap A preventive physical control with two doors. Each door requires a separate form of authentication to open 103, 192

1,4

Master mode 802.11 mode used by Aps 11, 261

Maximum Allowable Downtime See—MTD - Maximum Tolerable Downtime, the total time a system can be inoperable before an organization is severely impacted 385, 393, 399, 400-401

Maximum Tolerable Downtime See—MTD - Maximum Tolerable Downtime, the total time a system can be inoperable before an organization is severely impacted 385, 393, 399, 400-401

Maximum Transmission Unit See—MTU - Maximum Transmission Unit, the maximum PDU size on a network 228-229

Mean Time Between Failures See—MTBF - Mean Time Between Failures, quantifies how long a new or repaired system will run on average before failing 348, 388, 402-403

Mean Time to Repair See—MTTR - Mean Time to Repair, describes how long it will take to recover a failed system 348, 403

Media Access Control See—MAC - Mandatory Access Control, system-enforced access control based on subject's clearances and object's labels 177-178

Minimum Operating Requirements See—MOR - Minimum Operating Requirements, describes the minimum environmental and connectivity requirements in order to operate computer equipment 403

Minutiae Specific fingerprint details that include whorls, ridges, bifurcation, and others 306

Mirroring Complete duplication of data to another disk, used by some levels of RAID 348, 379-381

Outsourcing Use of a third party to provide information technology support services which were previously performed in-house 54-55

Memory Controller Hub See—Northbridge - Connects the CPU to RAM and video memory, also called the Memory Controller Hub (MCH) 120

2,3

Memory Volatile or nonvolatile computer storage 123,87-88,87,123-126, 134,81, 87-90,124-125

Mesh Physical network topology that interconnects network nodes to each other 253-254

Message Authention Code (MAC) An access policy that restricts subjects' access to objects based on the security clearance of the subject and the classification of the object. The system enforces the security policy, and users cannot share their files with other users. Gold - 389-393, 668, 729, 936, Silver - 177-178

3,4

Message Digest 5 See—MD5 - Message Digest 5, a hash function that creates a 128-bit message digest 171, 177-178, 280

1,4

Message Integrity Check See—MIC - Message Integrity Check, integrity protocol used by WPA2 11i, 262

Method The function performed by an object 456-458

Metropolitan Area Network See—MAN - Metropolitan Area Network, typically confined to a city, a zip code, or a campus or office park 221

Microkernels A modular kernel 128

Microwave motion detector Active motion detector that uses microwave energy 193

Middleware Connects programs to programs 460-461

Northbridge Connects the CPU to RAM and video memory, also called the memory controller hub (MCH) 120

Mission Owners See—Business Owners - Also called Mission Owners, members of senior management who create the information security program and ensure that it is properly staffed, funded, and has organizational priority 85

Mobile sites DRP backup site option that is a "data centers on wheels"; towable trailers that contain racks of computer equipment, as well as HVAC, fire suppression and physical security 407

Modem Modulator/Demodulator; takes binary data and modulates it into analog sound that can be carried on phone networks 276, 282-283

Modes of Operation Dedicated, system-high, compartmented, and multilevel modes 112-113

1,4

Monitor mode 802.11 read-only mode used for sniffing 11, 261

Monoalphabetic cipher Substitution cipher using one alphabet 148, 150-151

Monolithic kernel A statically compiled kernel 128

Motherboard Contains computer hardware including the CPU, memory slots, firmware, and peripheral slots such as PCI (Peripheral Component Interconnect) slots 119-120

Multicast One-to-many network traffic, and the "many" is preselected 236

Multipartite virus Virus that spreads via multiple vectors. Also called multipart virus 138

Multiprocessing Runs multiple processes on multiple CPUs 122

Multiprotocol Label Switching (MPLS) A converged data communications protocol designed to improve the routing speed of high-performance networks. Gold - 511, 573, 574, 615-616, Silver - 255

Multiprotocol Label Switching See—MPLS - Multiprotocol Label Switching, provides a way to forward WAN data via labels 255

Multitasking Allows multiple tasks (heavy weight processes) to run simultaneously on one CPU 122

Mutation Genetic algorithm concept that introduces random changes to algorithms 472

Mutual Aid Agreement See Reciprocal agreement 406-407

NAT Network Address Translation, translates IP addresses 234-235

NDA Nondisclosure agreement, a contractual agreement that ensures that an individual or organization appreciates their legal responsibility to maintain the confidentiality of sensitive information 35, 351

NIC Network Interface Card, a card that connects a system to a network 225,227,236-237

NIDS Network based intrusion detection system, a detective technical control 364-365

NIPS Network intrusion prevention system, a device designed to prevent malicious network traffic 364-365

NIST SP 800-34 NIST Special Publication 800-34 "Contingency Planning Guide for Information Technology Systems" 384,422

NRM Normal response mode, SDLC/HDLC mode where secondar nodes can transmit when given permission by the primary 256

NS Nonce sum, the newest TCP flag, used for congestion notification 238

Need to know Requirement that subjects need to know infomration before accessing it 17-18, 84, 349

Network Access Layer TCP/IP model layer that combines layers 1 and 2 of the OSI model. It describes Layer 1 issues such as energy, bits and the medium used to carry them 225, 227

Network Address Translation See NAT 234-235

Network Interface Card See NIC 225, 227, 236-237

Network Intrusion Prevention System See NIPS 364-365

Network layer Layer 3 of the OSI model, describes routing data from a system on one LAN to a system on another 224, 267-277

Network model (databases) Type of hierarchical database that allows branches to have two parents 454-455

Network model (telecommunications) A description of how a network protocol suite operates N/A

Network stack A network protocol suite programmed in software or hardware 222-226

Network-based Intrusion Detection Systems See NIDS 364-365

Non-repudiation Assurance that a specific user performed a specific transaction and assurance that that the transaction did not change 17, 146-147

Nonce Sum See NS 238

Nondisclosure agreement See NDA 35, 351

Nondiscretionary access control Access control based on subjects' roles or tasks 321-323

Noninterference model Ensures that data at different security domains remain separate from one another 109-110

Normal Response Mode See NRM 256

Normalization Seeks to make the data in a database table logically concise, organized and consistent 453

OCSP Online Certificate Status Protocol 178

OCTAVE Operationally Critical Threat, Asset and Vulnerability Evaluation, a risk management framework from Carnegie Mellon University 94

OECD Privacy Guidelines Organization for Economic Cooperation and Development privacy guidelines, containing eight principles 37

OEP Occupant Emergency Plan, a facility-based plan focused on safety and evacuation 384-385,409

OFB Output Feedback, a stream mode of DES that uses portions of the keyfor feedback 163

OFDM Orthogonal Frequency-Division Multiplexing, a newer wireless multiplexing method, allowing simultaneous transmission using multiple independent wireless frequencies that do not interfere with each other 260

OLE Oblject Linking and Embedding, part of DCOM which links documents to other documents 460

OOA Object-Oriented Analysis, high-level approach to understanding a problem domain that identifies all objects and their interaction 461-462

OOD Object-Oriented Design, a high-level object-oriented approach to designing software 461-462

OOP Object-Oriented Programming, changes the older procedural programming methodology, and treats a program as a series of connected objects that communicate via messages 455,456-461

ORBs Object Request Brokers, used to locate and communicate with objects 460-461

OSI Model A network model with seven layers: physical, data link, network, transport, session, presentation, application 219, 223-225

OSPF Open Shortest Path First, an open link state routing protocol 271

OUI Organizationally unique identifier, first 24-bits of a MAC address 227

Object Linking and Embedding See OLE 460

Object Request Brokers See ORBs 460-461

Object encapsulation Treats a process as a "black box" 457

Object-Oriented Analysis See OOA 461-462

Object-Oriented Database Database that combines data with functions (code) in an object-oriented framework 451,455

Object-Oriented Design See OOD 461-462

Object-Oriented Programming See OOP 455,456-461

Occupant Emergency Plan See OEP 384-385,409

Offshoring Outsourcing to another country 54-55

One-Time Pad Theoretically unbreakable encryption using paired pads of random characters 155-156

One-Time password Password that may be used for a single authentication 295

Online Certificate Status Protocol See OCSP 178

Open Shortest Path First See OSPF 271

Open source Software with publicly published source code, allowing anyone to inspect, modify, or compile the code 435

Open system System using open hardware and standards, using standard componenets from a variety of vendors 119

Openness Principle OECD Privacy Guideline principle that states collection and use of personal data should be readily available 37

Operating System Software that operates a computer 127-131

Operationally Critical Threat, Asset, and Vulnerability Evaluation See OCTAVE 94

Optimizing CMM Phase 5 430,462,466-467

Orange Book See TCSEC 104, 113-115

Organizationally Unique Identifier See OUI 227

Orthogonal Frequency-Division Multiplexing See OFDM 260

Output Feedback See OFB 163

Overt Channel Authorized communication that complies with security policy 136

PAN Personal Area Network, a very small network with a range of 100 m or much less 221

PAP Password Authentication Protocol, an insecure network authentication protocol that exposes passwords in cleartext 278, 320

PCI-DSS Payment Card Industry Data Security Standard, a security standard created by the Payment Card Industry Security Standards Council (PCI SSC) 41, 44, 94

PDA Personal Data Assistant, a small networked computer that can fit in the palm of your hand 286

PDU Protocol Data Unit, a header and data at one layer of a network stack 226, 228-229

PGP Pretty Good Privacy, software that integrates asymmetric, symmetric and hash cryptography 181

PII personally identifiable information, data associate with a specific person, such as credit card data

PIN personal identification number, a number-based password

PKI public key infrastructure leverages symmetric, asymmetric and hash-based cyrptography to manage digital certificates

PLD programable logic device, field-programmable hardware

POP post office protocol, an email client protocol

POST power on self test, performs basic computer hardware testes, including verifying the integrity of the BIOS, testing the memory, identifying system devices, among other tasks. Machines can fail this, it may come with beeps.

PPP point-to-point protocol, a layer 2 protocol that has largely replaces SLIP, adding confidentiality, integrity and authenticaion (CIA triad)

PRI primary rate interface, provides 23 64K digital ISDN channels (as in conjuction with BRI)

PROM programmable read only memory, memory that can be written to once, typically at the factory

PSH TCP flac, push data to application layer

PVC permanent virtual circuit, a circuite that is always connected

PaaS Platform as a service, provides a pre-configured operating system, and the customer configures the application 132-133

Packet Filter A simple and fast firewall that has no concept of state 219, 271-272

Packet Layer 3 PDU 226

Packet-switched network A form of networking where bandwidth is shared and data is carried in units called packets 219, 221-222, 227-229, 254-255

Pairwise testing Form of combinatorial software testing that tests unique pairs of inputs 338

Panic bar Egress device that opens externally facing doors from the inside 194

Parallel Processing Recovery of critical processing components at an alternate computing facility, without impacting regular production systems 418-419

Parent Class OOP concept that allows objects to inherit capabilites from parents 457-458

Parity A means to achieve data redundancy without incurring the same degree of cost as that of mirroring in terms of disk usage and write performance 379-381

Partial Knowledge Test A penetration test where the tester is provided with partial inside information at the start of the test 330

Passive RFID Unpowered RFID tags 262-263

Passive infrared sensor Passive motion detector that detects infrared energy created by body head 193

Penetration test Security test designed to determine if an attacker can penetrate an organization 44-45, 330-332

Permutation (Also called transposition) provides confusion by rearranging the characters of the plaintext, anagram-style 147

Personal Area Network See PAN 221

Personal Digital Assistant See PDA 286

Personal Identification Number See PIN 294, 303

Personally Identifiable Information See PII 97, 13-14, 42-43, 54-55, 36-38

Phishing Malicious attack that poses as a legitimate site such as a bank, attempting to steal account credentials 73-74

Public Key Infrastructure (PKI) A framework of programs, procedures, communication protocols, and public key cryptography that enables a diverse group of individuals to communicate securely. Gold - 383, 399-404, 670, 1116, Silver - 178-179, 181

QoS quality of service, gives specific traffic precedence over other traffic on packet-switched networks

RAD rapid application development, rapidly develops software via the use of prototypes, "dummy" GUIs, back-end databases, and more

RADIUS (Remote Authentication Dial-in User Service) A security service that authenticates and authorizes dial-up users and is a centralized access control mechanism. 801-807 (Gold book)

RIP / Routing Information Protocol A distance vector routing protocol that uses hop count as its metric. 270-271

RISC / Reduced Instruction Set Computer CPU instructions which are short and simple. 122-123

ROM Read Only Memory 81, 87-89

RPO / Recovery Point Objective The amount of data loss or system inaccessibility (measured in time) that an organization can withstand. 401-402

RSN / Robust Security Network Part of 802.11i that allows changes to cryptographic ciphers as new vulnerabilities are discovered. 262

RST TCP flag, reset (tear down) a connection. 238-239

RTO / Recovery Time Objective The maximum time allowed to recover business or IT systems. 401, 402

RTP / Real Time Protocol VoIP protocol designed to carry streaming audio and video. 258

3,5

Rainbow Table acts as a databae that contains the hashed output for most or all possible passwords (as mentioned on McGuiver TV show)

Read An operation that results in the flow of information from an object to a subject and does not give the subject the ability to modify the object or the data within the object. 260-261 (Gold Book)

Recovery Planning An operation that results in the flow of information from an object to a subject and does not give the subject the ability to modify the object or the data within the object. 1038 (Gold Book)

Recovery Point Objective The acceptable amount of data loss measured in time. 1003-1005, 1029 (Gold Book)

Recovery Time Objective The maximum time period within which a business process must be restored to a designated service level after a disaster to avoid unacceptable consequences. 1002-1005, 1029 (Gold Book)

Reference Monitor Concept An access control concept that refers to an abstract machine that mediates all accesses to objects by subjects. The security kernel enforces the reference monitor concept. 304-306 (Gold Book)

Relational database Contains two-dimensional tables of related data. 451-453

Reliability The assurance of a given system, or individual component, performing its mission adequately for a specified period of time under the expected operating conditions. 1029 (Gold Book)

Religious law Legal system that uses religious doctrine or interpertation as a source of legal understanding and statutes. 21

Remanence Data that might persist after removal attemps. 81, 87-90, 91

Remote Journaling A method of transmitting changes to data to an offsite facility. This takes place as a parallel processing of transactions, meaning that changes to that data are saved locally and to an off-site facility. These activities take place in real time and provide redundancy and fault tolerance. 1026 (Gold Book)

Remote journaling Saves database checkpoints and the database journal to a remote site. In the event of failure at the primary site, the database may be recovered. 415

Remote meeting technology Newer technology that allows users to conduct online meetings via the Internet, including desktop sharing functionality. 286

Remote wipe The ability to remotely erase a mobile device. 286

Repeatable CMM / Capability Maturity Model phase 2. 430, 462, 466-467

Repeater Layer 1 device that receives bits on one port, and "repeats" them out the other port. 263

Reporting phase Incident response phase that provides a final report on the incident. 361-362

Repudiation When the sender of a message denies sending the message. The countermeasure to this is to implement digital signatures. 17 (Silver Book)

Reserved ports TCP/IP ports 1023 and lower. 237-238

Residual Risk The remaining risk after the security controls have been applied. The conceptual formulas that explain the difference between total and residual risk are: threats x vulnerability x asset value = total risk (threats x vulnerability x asset value) x control gaps = residual risk 123-124 (Gold Book)

Retina scan Biometric laser scan of the capillaries which feed the retina. 306-307

Return on Investment Money saved by deploying a safeguard. 63-64

Rijndael Cipher which became AES, named after authors Vincent Rijmen and Joan Daemen. 166

Ring (physical) Physical network topology that connects nodes in a physical ring. 252

Ring model Form of CPU hardware layering that separates and protects domains (such as kernel mode and user mode) from each other. 117-118

Risk Analysis A method of identifying risks and assessing the possible damage that could be caused in order to justify security safeguards. 102-103 (Gold Book)

Risk Analysis Matrix A quadrant used to map the likelihood of a risk occurring against the consequences (or impact) that risk would have. 58-68

Risk Management The process of identifying, assessing, and reducing the risk to an acceptable level and implementing the right mechanisms to maintain the level of risk. 126-130 (Gold Book)

Risk The likelihood of a threat agent taking advantage of a vulnerability and the resulting business impact. A risk is the loss potential, or probability, that a threat will exploit a vulnerability. 124-125 (Gold Book)

Rollback Restores a database after a failed commit. 455

Rootkit Malware that replaces portions of the kernel and/or operating system. 138

Rotation Cipher Substitution cipher that shifts each character of ciphertext a fixed amount past each plaintext character. 150-151

Rotation of Duties Requires that critical functions or responsibilities are not continuously performed by the same person without interruption. Also known as job rotation. 350-351

Router Layer 3 device that routes traffic from one LAN to another, based on IP addresses. 219, 224, 267-271

Rule-based access control Uses a series of defined rules, restrictions, and filters for accessing objects within a system. 323

Running-key cipher Cryptographic method that uses whole words from a well-known text such as a dictionary, "adding" letters to plaintext using modular math. 154

S/MIME / Secure/Multipurpose Internet Mail Extensions Leverages PKI to encrypt and authenticate MIME-encoded email. 181

SA / Security Association A simplex connection which may be used to negotiate ESP or AH parameters. 180

SAML / Security Assertion Markup Language An XML-based framework for exchanging security information, including authentication data. 312

Secondary Evidence Evidence consisting of copies of original documents and oral descriptions. 26

Security Safeguards Principle OECD Privacy Guideline principle that states personal data should be reasonably protected against unauthorized use, disclosure, or alteration. 37

Security assessments A holistic approach to assessing the effectiveness of access control. May use other tests as a subset, including penetration tests and vulnerability scans. 329-345

Security audit A test against a published standard. 332

Security domain The list of objects a subject is allowed to access. 117

Security property Bell-LaPadula property that states "no write-down" 104

Segment Layer 4 PDU / Protocol Data Unit. 226

Semantic integrity Requires that each value is consistent with the attribute data type 452

Seperation of duties Dividing sensitive transactions among multiple subjects 108-109, 349-350

Socket pair describes a unique connection between two nodes: source port, source IP, destination port and destination IP 238

7,8

Software escrow source code held by a neutral third party 416-7,447

Server-side attack Attack launched directly from an attacker to a listening service. Also called service-side attack 139-140

Servicemark Intellectual property protection that allows for the creation of a brand that distinguishes the source of services. 31-32

Session hijacking Compromise of an existing network sessions. 235

Session layer Layer 5 of the OSI model, manages sessions, which provide maintenance on connections. 224, 274

Shadow Database Similar to a replicated database, with one key difference: a shadow database mirrors all changes made to a primary database, but clients do not access the shadow. 415, 455-456

Shareware Fully functional proprietary software that may be initially used free of charge. If the user continues to use the Shareware for a specific period of time, the shareware license typically requires payment. 435

Shoulder surfing Physical attack where an attacker observes credentials, such as a key combination. 190

Shredding / Wiping Writes new data over each bit or block of file data. 91-92

Side-Channel attack Cryptographic attack which uses physical data to break a cryptosystem, such as monitoring CPU cycles or power consumption used while encrypting or decrypting. 175

Simple Security Property Bell-LaPadula property that states "no read up" (NRU). 104, 106

Simple integrity axiom Biba property that states "no read down". 107

Simplex One-way communication, like a car radio tuned to a music station. 220

Simulation test Recovery from a pretend disaster, goes beyond talking about the process and actually has teams carry out the recovery process. 418

Slack Space Space on a disk between the end-of-file marker and the end of the cluster 354

Smart Card a physical access control device containing an integrated circuit, AKA Integrated Circuit Card (ICC) 190-192,262-3

Smurf attack attack using an ICMP flood and directed broadcast addresses

Sniffing confidentiality attack on network traffic 264,296

Social Engineering uses the human mind to bypass security controls 172

Socket a combination of an IP address and a TCP or UDP port on one node 238

Source Code computer programming language instructions that are written in text that must be translated into machine code before execution by the CPU 430-1,448

Southbridge connects I/O devices such as disk, keyboard, mouse, CD drive, USB ports etc 120

Spear Phishing targeted phishing attack against a small number of high level victims 73-4

Spiral Model Software Development model designed to control risk 429,441-2

Split horizon Distance vector routing protocol safeguard will not send a route update via an interface it learned the route from 270

Spoofing masquerading as another endpoint

Spring-bolt lock a locking mechanism that springs in and out of the door jamb 188-9

Standard Describes the specific use of technology, often applied to hardware and software administrative control 51,52

Star physical network topology that connects each node to a central device such as a hub or a switch 252-3

Stateful firewall Firewall with a state table that allows the firewall to compare current packets to previous 219,272-3

Static Route Fixed routing entries 267

Static Testing tests code passively, the code is not running 335-6

Static password Reusable passwords that may or may not expire 295

Statutory Damages damages prescribed by law 23

Stealth Virus Virus that hides itself from the OS and other protective software, such as anti-virus software 138

Steganography The science of hidden communication 182-3

Storage Channel Covert channel that uses shared storage, such as a temporary directory to allow two subjects to signal each other 136

Strike Plate plate in the door jamb with a slot for a deadbolt or spring-bolt lock 188

Striping Spreading data across multiple disks to achieve performance gains, used by some levels of RAID 348,379-81

Strong Authentication Requires that the user present more than one authentication factor, also called dual factor authentication 295,303

Strong Tranquility property Bell-LaPudula property that states security labels will not change while the system is operating 106

Structured walkthrough Thorough review of a DRP by individuals that are knowledgeable about the systems and services targeted for recovery, AKA tabletop exercise 418

Subject an active entity on an Information System which accesses or changes data 106

Substitution cryptographic method that replaces one character with another 147,182-3

TEMPEST A standard for shielding electromagnetic emanations from computer equipment 136

Swapping uses virtual memory to copy contents in primary memory (RAM) to or from secondary memory 124-5

Switch Layer 2 device that carries traffic on one LAN 219,364-6

Symmetric Encryption Encryption that uses one key to encrypt and decrypt 160-168

Synchronous Dynamic Token use time or counters to synchronize a displayed token code with the code expected by the authentication server 302-3

Synthetic Transactions Also called synthetic monitoring, involves building scripts or tools that simulate activities normally performed in an application 336-7

System Owner a manager responsible for the actual computers that house data, including hardware and software config, updates, patching, etc 85-6

System call allow processes to communicate with the kernel and provide a window between CPU rings 118

System unit computer case, containing all of the internal electronic components including motherboard, internal disk drives, power supply etc

T1 a dedicated 1.544 megabit circuit that carries 24 64 bit DSO channels 254

T3 28 bundled T1s 254

TACACS (Terminal Access Controller Access Control System) A client/server authentication protocol that provides the same type of functionality as RADIUS and is used as a central access control mechanism mainly for remote users. 801-805

TACACS Terminal Access Controller Access Controller System, a SSO method often used for network equipment 319

TAP Test Access Port, provides a way to tap into network traffic and see all unicast streams on a network 236

TCP Transmission Control Protocol, uses a 3-way handshake to create reliable connections across a network 237-239,272-274,364-365

TCP Transmission Control Protocol, uses a 3-way handshake to create reliable connections across a network 237-9, 272-4,364-5

TCP/IP Model a network model with 4 layers: network access, Internet, transport and application 219,225-245

TCSEC Trusted Computer System Evaluation Critera - aka the Orange Book, evluaiton model developed by the departmnet of defence 104,113-115

TCSEC Trusted Computer System Evaluation Criteria, AKA the Orange Book, evaluation model developed by the US Dept of Defense 104,113-5

Teardrop Attack a malformed packet DoS attack that targets issues with systems' fragmentation reassembly

Technical Controls Implemented using software, hardware or firmware that restricts logical access on an information technology system 145-6

Technical Controls These controls, also called logical access control mechanisms, work in software to provide confidentiality, integrity, or availability protection. Some examples are passwords, identification and authentication methods, security devices, auditing, and he configuration of the network. 8-12, 811-814, 865-866 (Gold Book)

Telnet protocol that provides terminal emulation over a network using TCP port 23 242

Tempest The study and control of spurious electronic signals emitted by electrical equipment. Tempest equipment is implemented to prevent intruders from picking up information through the airwaves with listening devices. 821 (Gold Book)

Tempest The study and control of spurious electronic signals emitted by electrical equipment. Tempest equpment is implemented to prevent intruders from picking up information through the airwaves with listening devices. 821

Thread A lightweight process (LWP) 121-122

Threat A potentially negative ocurrence 11, 58-60

Thicknet Older type of coaxial cable, used for ethernet bus networking 247,248

Thin client applications use a web browser as a universal client, providing access to robust applications that are downloaded from the thin client server and run in the client's browser 135

Thin clients Simple computer systems the rely on centralise applications and data 135

Thinnet Older type of coaxial cable, used for Ethernet bus networking 247, 248

Time multiplexing Shares system resources between mulitiple processes, eahc with a dedicated slice of time 124

Time of Check/Time of Use (TOCTOU) alrering a condition after it has been checked by the operating system, but before it Is used 464-465

Timing Channel Covert channel that relies on the system clock to inder sensitve information 109-110

Token Ring Legacy LAN techniology that uses tokens 249

Top-Down Programming Starts with the broadest and highest level requirements (the concept of the final program) works down towards the low-level tehcnical implementation details 434

Top-down Approach An approach in which the initiation, support, and direction for a project come from top management and work their way down through middle management and then to staff members. 434 (Silver Book)

Topology The physical construction of how nodes are connected to form a network. 523 (Gold Book)

Total Cost of Ownership (TCO) The cost of a safeguard 51,62-63

Total Risk When a safeguard is not implemented, an origination is faced with the total risk of that particular vulnerability. 123-124 (Gold Book)

Turnstile Device designed to prevent tailgating by enforcing a 'one person per authentication' rules 192

Twofish AES finalist,encrypting 128-bit blocks usinf 128 through 256 bit keys 168

Type 1 Authentication Something you know 294-301

Traceability Matrix Maps customers' requirements to the software testing plan: it 'traces' the 'requirements', and ensures they are being met 336

Traceroute Command the ues ICMP Time Exceeded messages to trace a network route 241

Trade secret Business-propriety information that is important to an organizations ability to compete 34-35

Trademark A legal right that protects a word, name, product shape, symbol, color, or combination of these used to identify a product or company. 65 (Gold Book)

Trademark Intellectual property protection that allows for the creation of a brand that distinguishes the source of products 31-32,35

1,7

Training Security control designed to provide a skill set 52,419-420

Transport Layer (OSI) TCP/IP model layer that connects the internet layer to the application layer 224,237-239,271-277

Transposition Permutation - provides confustion by rearranging the characterso fthe plain-text, anagram style 147

Tree Physical network topology with a root node, and branch node that are at least three level deep 251

Triple DES 56-bit DES applied three times per block 164-165

Trivial Transfer Protocol (TFTP) a simple way to transfer files withouht the use of authentication or directory structure 243

Trojan Horse A computer program that has an apparently or actually useful function, but that also contains hidden malicious capabilities to exploit a vulnerability and/or provide unauthorized access into a system. 530, 1186 ( Gold Book)

1,3

Trojan Malware that performs two functions: one benigns (such as a game) and one malicious. Also called trojan horses 72,138

Trojan horse A computer program that has an apparently or actually useful function, but that also contains hidden malicious capabilities to exploit a vulnerability and/or provide unauthorized access into a system. 530, 1186

Trusted Computer System A system that has the necessary controls to ensure that the security policy will not be compromised and that can process a range of sensitive or classified information simultaneously. 302-304 (Gold Book)

Trusted Computing Base (TCB) All the protection mechanisms within a computer system (software, hardware, and firmware) that are responsible for enforcing a security policy. 302-304 (Gold Book)

Trusted Path A mechanism within the system that enables the user to communicate directly with the TCB. This mechanism can be activated only by the user or the TCB and not by an untrusted mechanism or process. 303 (Gold Book)

Trusted Recovery A set of procedures restores a system and its data in a trusted manner after system has been disrupted or a system failure has occurred. 933-935 (Gold Book)

Truth table Table used to map all the results of a mathmatical operaiont such as XOR 149

Tuple A row in a relational database table 451

Typosquatting Registering internet domain names comprised of likely misspellings or mistyping of legitmate domain trademarks 35-36

UDP User Datagram Protocol, a simpler and faster cousin of to TCP 225-226,239,272

URG TCP flag, packet contains urgent data 238

USA PATRIOT ACT Uniting and Strengthening America by Promoting Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 40,42

Ultrasonic motion detector Actuve motion detector that uses ultrasonic energy 193

Unallocated space Portions of a disk partition whoc do not contain active data 353

Unicast One-to-one netork traffi, such as a client surfing the web 236

Unit Testing Low-level tests of software components, such as functions, procedures or objects 337

3,4

Unshielded Twister Pair (UTP) Network cabling that uses pairs of wire twisted together 201-202,220,246-247

Use Limitation Principle OECD Privacy Guideline principle that states personal data should never be disclosed without either consent of the individual or lgel requirement 37

User A person or process that is accessing a computer system. 814-818, 929-930 (Gold Book)

User ID A unique set of characters or code that is used to identify a specific user to a system.

VDSL Very High Rate Digital Subscriber Line - DSL, featuring much faster asymmetric speeds 283

VLAN LAN, which can be thought of as a virtual switch 264-266

Validation The act of performing tests and evaluations to test a system's security level to see if it complies with security specifications and requirements. 1096, 1148-1153 (Gold Book)

Vernam Cipher One-time pad using a teletypewriter, invented by Gilbert Vernam 156

Vigenere Cipher Ployalphabetic cipher names after Blaise de Vignère, using a Vignère Square 151-152

Virtual Memory Provides virtual address mapping between applications and hardward memory 124-125

3,4

Virtual Private Network VPN - a method to send private data over insecure network, such as the internet 179-181, 280-282

3,4

Virtualization Adds a software layer between an operating system and the inderlying computer hardware 103, 118,131-132,265-266,284-285

Virus A small application, or string of code, that infects applications. The main function of a virus is to reproduce, and it requires a host application to do this. It can damage data directly or degrade system performance. 53, 820, 1178-1181 (Gold Book)

Virus malware the requires a carrier to propagate 137-138,139,368-369

Vulnerability A weakness in a system 11

Vulnerability Management Management of vulnerability information 372-373

Vulnerability Scanning A process to discover poor configurations and missing patches in an environment 372-373

Vulnerability The absence or weakness of a safeguard that could be exploited. 113 (Gold Book)

WAN Wide area network, typically covering cities, states, or countries 221,253-256

WAP Wireless Application Protocol, designed to provide secure web services to handheld wireless devices such as smart phones 286-287

WEP wired equivalent privacy, a very weak 802.11 security protocol 261

3,4

WLAN Wireless Local Area Network 146,259-262,279-280

2,3

WORM Write Once Read Many, memory wich can be written to once, and read many times 92,126

WSDL Web Services Description Language, provides details about how web services are to be invoked 142

Walkthrough drill Also known as a simulation test, recovery form a pretend disaster, goes beyond talking about the process and actually has teams carry out the recovery process 418

War Dialing An attack in which a long list of phone numbers I inserted into a war-dialing program in the hope of finding a modem that can be exploited to gain unauthorized access. 836, 874 (Gold Book)

War dialing Uses modem to dial a series of phone numbers, looking for an answering modm carrier tone 330

Warded lock Preventative device that turn a key through channels (called wards) to unlock 188

Warm site A backup site with all the necesssary hardware and connectivity, and configured computes without live data 406

Wassenaar Arrangement Munitions law that followed COCOM, beginning in 1996 39,160

Watchdog timer Recovers a system by rebooting after critical processes hang or crash 122

Waterfall model An application development model that uses riged phases; when one phase end, the next begins 429,436-439

Weak tranquility property Bell-Lapadula property that states security labels wil not change in a way that violates security policy 106

Well-formed transactions Clark-Wilson control to enforce contol over applications 108

Whitelist A set of known good resources such as IP addresses, domain names, or applications. 966, 987 (Gold Book)

2,3

Whole Disk Encryption FDE - Full Disk Encryption 96-97,126,149,370

Wi-Fi Protected Access 2 WPA2 - the full implementation of 802.11i 262

Wi-Fi Protected Access WPA - a partial implementation of 802.11i 262

Wiping Writes new data over each bit or block of file data. Also called shredding 91

Work Factor The estimated time and effort required for an attacker to overcome a security control. 343, 385-386 (Gold Book)

Work Recovery Time WRT - the time required to configure a recovered system 401,402

Work factor The amount of time required to break a cryptosystem (decrypt a ciphertext without a key) 147

Worm An independent program that can reproduce by copying itself from one system to another. It may damage data directly or degrade system performance by tying up resources. 478-479, 1178, 1182 (Gold Book)

1,3

Worm malware that self-propogates 58-59,138-139

Write An operation that results in the flow of information from a subject to an object. 880 ( Gold Book)

X.25 Older packet switched Wan protocol 255

XML / Extensible Markup Language A markup language designed as a standard way to encode documents and data 142

XML eXtensible Markup Language, a markup language designed as a standard way to encode documents and data 142

XOR Exclusive OR, binary operation that is true if one of two inputs (but not both) are true 149

XP / Extreme Programming An Agile development method that uses pairs of programmers who work off a detailed specification 429, 441

XP eXtreme Programming, an agile development method that users paits of programmers who work off detailed specification 429,441

XSS Cross Site Scripting, third-party execution of web scripting languages such as Javascript within the security content of a trusted site 465

Zachman Framework Provides 6 frameworks for providing information security, asking what, how, where, who, when and why, and mapping those frameworks across rules including planner, owner, designer, builder, programmer and user 111

Zero knowledge test A blind penetration test where the tester has no inside information at the start of the test 330

7,8

Zero-day exploit An exploit for a vulnerability with no available vendor patch 373,466

Zombie aka Bot - a computer system running malware that is controlled by a botnet 72

cost/benefit analysis An assessment that is performed to ensure that the cost of a safeguard does not outweighs the benefit of the safeguard. Spending more to protect an asset than the asset is actually worth does not make good business sense. All possible safeguards must be evaluated to ensure that the most security-effective and cost-effective choice is made. 102, 120

countermeasure A control, method, technique, or procedure that is put into place to prevent a threat agent from exploiting a vulnerability. A countermeasure is put into place to mitigate risk. Also called a safeguard or control 7, 102, 121-122

covert channel A communications path that enables a process to transmit information in a way that violates the system's security policy 310-311

covert storage channel A covert channel that involves writing to a storage location by one process and the direct or indirect ready of the storage location by another process. Covert storage channels typically involve a resource (for example, sectors on a disk) that is shared by two subjects at different security levels. 310-311

covert timing channel A covert channel in which one process modulates its system resource (for example, CPU cycles), which is interpreted by a second process as some type of communication. 311

declassification An administrative decision or procedure to remove or reduce the security classification information. 193-198

dedicated security mode The mode in which a system operates if all users have the clearance or authorization to access, and the need to know about, all data processed within the system. All users have been given formal access approval for all information on the system and have signed nondisclosure agreements pertaining to this information.

degauss Process that demagnetizes magnetic media so that a very low residue of magnetic induction is left on the media. Used to effectively erase data from media. 214, 221

denial of service (DoS) Any action, or series of actions, that prevents a system, or its resources, from functioning in accordance with its intended purpose. 566, 588, 603, 696-698

dial-up The service whereby a computer terminal can use telephone lines, usually via a modem, to initiate and continue communications with another computer system. 644-645

dictionary attack A form of attack in which an attacker uses a large set of likely combinations to guess a secret, usually a password. 752, 835

digital signature An electronic signature based upon cryptographic methods of originator authentication, computer by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified. 396-399, 757

disaster recovery plan A plan developed to help a company recover from a disaster. It provides procedures for emergency response, extended backup operations, and post-disaster recovery when an organization suffers a loss of computer processing capability or resources and physical facilities. 1002-1030

discretionary access control (DAC) An access control model and policy that restricts access to objects based on the identity of the subjects and the groups to which those subjects belong. The data owner has the discretion of allowing or denying others access to the resources it owns. 787-790, 794, 795, 1171

domain The set of objects that a subject is allowed to access. Within this domain, all subjects and objects share a common security policy, procedures, and rules, and they are managed by the same management system.

electronic vaulting The transfer of backup data to an offsite location. This process is primarily a batch process of transmitting data through communications lines to a server at an alternative location. 1026

emanations Electrical and electromagnetic signals emitted from electrical equipment that can transmit through the airwaves. These signals carry information that can be captured and deciphered, which can cause a security breach. These are also called emissions. 820-822

encryption The transformation of plaintext into unreadable ciphertext. 353-399

end-to-end encryption A technology that encrypts the data payload of a packet. 353-399

exposure An instance of being exposed to losses from a threat. A weakness or vulnerability can cause an organization to be exposed to possible damages. 7

exposure factor The percentage of loss a realized threat could have on a certain asset. 114

fail-safe A functionality that ensure that when software or system fails for any reason, it does not end up in a vulnerable state. After a failure, software might default to no access instead of allowing full control, which would be an example of a fail-safe measure. 434, 1063

failover A backup operation that automatically switches to a standby system if the primary system fails or is taken offline. It is an important fault-tolerant function that provides system availability. 1029

formal security policy model A mathematical statement of a security policy. When an operating system is created, it can be built upon a predeveloped model that lays out how all activates will take place in each and every situation. This model can be expressed mathematically, which is then translated into a programming language. 307-312

iSCSI Internet Small Computer System Interface, Storage Area Network (SAN) protocol transmitted via Ethernet and TCP/IP 256-257

isolation The containment of processes in a system in such a way that they are seperated from one another to ensure integrity and confidentiality. Gold - 1174, Silver - 265-266 speaks to network port isolation but the silver book doesn't speak specifically to the general philosophy of isolation.

kernel The core of an OS, a kernel manages the machine's hardware resources (including the processor and the memory) and provides and controls the way any other software component accesses these resources. Gold - N/A, Silver - 117-118, 127-128

key A discrete data set that contorls the operation of a cryptography algorithm. In encryption, a key specifies the particular transformation of plaintext to ciphertext, or vice versus, during encryption. Keys are also used in other cryptographic algorithms, such as digital signatures and keyed-hash functions (also known as HMACs), which are often used for authentication and integrity. Gold - 341-343, Silver - Key isn't specifically defined by itself here but is cited over and over in the encryption section.

keystroke monitoring A type of auditing that can review or record keystrokes entered by a user during an active session. Gold - 818, Silver - Not specifically cited in the index.

lattice-based access control mode A mathematical model that allows a system to easily represent the different security levels and control access attempts based on those levels. Every pair of elements has a highest lower bound and a lowest upper bound of access rights. The classes stemmed from military designations. Gold - N/A, Silver - 106-107

1,7

least privilege The security principle that requires each subject to be granted the most restrictive set of privileges needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use. Gold - 927 & 966, Silver - 17-18, 349

life-cycle assurance Confidence that a trusted system is designed, developed, and maintained with formal designs and controls. This includes design specification and verification, implementation, testing, configuration management, and distribution. Gold - 931, Silver - Not specifically cited in the index.

link encryption A type of encryption technology that encrypts packets' headers, trailers, and the data payload. Each network communications node, or hop, must decrypt the packets to read its address and routing information and then re-encrypt the packets. This is different from end-to-end encryption. Gold - 685-687, Silver - Not specifically cited in the index.

logic bomb A malicious program that is triggered by a specific event or condition. Gold - 1186, Silver - 138-139

maintenance hook Instructions within a program's code that enable the developer or maintainer to enter the program without having to go through the usual access control and authentication processes. Maintenance hooks should be removed from the code before it is released to production; otherwise, they can cause serious security risks. Also called trapdoor or back door. Gold - 333, Silver - 137

malware Malicious software. Code written to perform activities that circumvent the security policy of a system. Examples are viruses, malicious applets, Trojan horses, logical bombs, and worms. Gold - 1178-1194, Silver - 19, 72, 137-139, 369-370

masquerading Impersonating another user, usually with the intention of gaining unauthorized access to a system. Gold - 603, Silver - Not specifically cited in the index.

multilevel security A class of systems containing information with different classifications. Access decisions are based on the subject's security clearances, need to know, and formal approval. Gold - 306, Silver - Not specifically cited in the index.

2,7

need to know A security principle stating that users should have access only to the information and resources necessary to complete their tasks that fulfill their roles within an organization. Need to know is commonly used in access control criteria by operating systems and applications. Gold - 927, Silver - 17-18, 84, 349

nonrepudiation A service that ensures the sender cannot later falsely deny sending a message. Gold - 344, Silver - 17, 146-147

object A passive entity that contains or receives information. Access to an object potentially implies access to the information that it contains. Examples of objects include records, pages, memory segments, files, directories, directory trees, and programs. Gold - 722, Silver - modes of system operation 112-113

object reuse Reassigning to a subject media that previously contained information. Object reuse is a security concern because if insufficient measures were taken to erase the information on the media, the information may be disclosed to unauthorized personnel. Gold - 820, Silver - Not specifically cited in the index.

one-time pad A method of encryption in which the plaintext is combined with a random "pad," which should be the same length as the plaintext. This encryption process uses a nonrepeating set of random bits that are combined bitwise (XOR) with the message to produce ciphertext. A one-time pad is a perfect encryption scheme because it is unbreakable and each pad is used exactly once, but it is impractical because of all of the required overhead. Gold - 345-347, 362, Silver - 155-156

operational assurance A level of confidence of a trusted system's architecture and implementation that enforces the system's security policy. This can include system architecture, covert channel analysis, system integrity, and trusted recovery. Gold - 930-931, Silver - Not specifically cited in the index.

overt channel A path within a computer system or network that is designed for the authorized transfer of data. Gold - N/A, Silver - 136

password A sequence of characters used to prove one's identity. It is used during a logon process and should be highly protected. Gold - 753, Silver - The definition of password is not explicitly stated but it is referenced all over the place in IAM.

1,6

penetration testing Penetration testing is a method of evaluating the security of a computer system or network by simulating an attack that a malicious hacker would carry out. This is done so that vulnerabilities and weaknesses can be uncovered. Gold - 860, 869-873, 877, Silver - 44-45, 330-332

punitive damages damages designed to punish an individual or organization

photoelectric motion sensor active motin detector that sends a beam of light across a monitored space to a photoelectric sensor

physical controls Controls that pertain to controlling individual access into the facility and different departments, locking systems and removing unnecessary floppy or CD-ROM drives, protecting the perimeter of the facility, monitoring for intrusion, and checking environmental controls. Gold - 9, 808, 810-811, Silver - Not specfically cited in the index.

physical controls implemented with physical devices, such as locks, fencees, gates, etc.

physical layer leyer 1 of the OSI modek, descrives units of data like bits rpresented by enerby, and he medium use to carry them

physical security Controls and procedures put into place to prevent intruders from physically accessing a system or facility. The controls enforce access control and authorized access. Gold - 940-964, Silver - 183-199

piggyback Unauthorized access to a system by using another user's legitimate credentials. Gold - 434, 949, Silver - 192

ping of death (malformed packets) DoS that sends a malformed ICMP Echo Request (ping) that is larger than the maximum size of an IP packet

ping sends and ICMP Echos Request to a node and listens for an ICMP Echo Reply

piplining CPU feature that combines multiple steps into on combined process, allowing simultaneous fetch, decode, execuet and write steps for different instructions

plaintext In cryptography, the original readable text before it is encrypted. Gold - 337, 340, Silver - 146, 173

plaintext an uncreypted message

playback attack (same as replay attack?) Capturing data and resending the data at a later time in the hope of tricking the receiving system. This is usually carried out to obtain unauthorized access to specific resources. Gold - 413, 751, 771, 1154, Silver - 180, 317

point-to-point protocol PPP

point-to-point tunneling protocol PPTP

poison reverse distance vector routihng protocol safeguard that sets bad route to infinity

policy high-level management directives, administrative control

polyalphabetice cipher substitution cipher using multiple alphabets

polyinstantiation allows two different objects to have the same name. the name is based on the Latin roots for multiple (poly) and instances (instantiation)

polymorphic virus virus that changes its sinature upon infection of a new systme, attempting to evade signature-based antivirus software

polymorphism OOP concept based on the Greek roots "polyu" and "morph" meaning many and forms, respectively): allows an object to overload an operator, for example

post office protocol POP

power-on self-test POST

privacy act of 1974 protects US citizens' data that is being used by the federal government

privacy protection of the confidentiality of personal information

private key one half of asymmetric key pair, must be kept secure (cousin of symmetric key pair)

problem domain a specific challenge that needs to be addressed

procedural languages programming languages that use subroutines, procedures and functions

procedure Detailed step-by-step instructions to achieve a certain task, which are used by users, IT staff, operations staff, security members, and others. Gold - 93-94, Silver - 50-51, 52

procedure step-by-step guide for accomplishing a task, administrative control

process an executable program and its associated data loaded and running in memory

process isolation logical control that attempts to prevent on process from interfering with another

product owner scrum rold that serves as the voice of the business unit

programmable logic device PLD

programmable read only memory PROM

promiscuous access the ability to sniff all traffic on a network (sounds like promiscuous mode)

protect society, the commonwealth, and the infrastructure First canon of the (ISC)2 Code of Ethics

protected EAP PEAP

protocol A set of rules and formats that enables the standardized exchange of information between different systems. Gold - 562-566, Silver - protocol definition is not specifically cited in the index.

protocol data unit PDU

provide diligent and competent service to principals third canon of the (ISC)2 Code of Ethics

proxy firewall firewalls that terminate connections and act as intermediary servers

prudent man rule organization should engage in business practices that a prudent, right thinking, person would consider to be appropriate (ever watch what would you do?)

pseudo guard an unarmed security guard (sounds like a security monitor)

public key encryption A type of encryption that uses two mathematically related keys to encrypt and decrypt messages. The private key is known only to the owner, and the public key is available to anyone. Gold - 689, Silver - Not specifically cited in the index.

public key infrastructure PKI

public key one half of asymmetric key pari, may be publicly poste

purge The removal of sensitive data from a system, storage device, or peripheral device with storage capacity at the end of a processing period. This action is performed in such a way that there is assurance proportional to the sensitivity of the data that the data cannot be reconstructed. Gold - 220-221, Silver - Not specifically cited in the index.

purple allied name for the stepping-switch encryption device used by Japanese Axis powers durring WWII

purpose specification principle OECD privacy guidline principle that states the purpose for the data collection should be known, and the subsequent use of the data should be limited to the purposes outlined a the time of collection

qualitative risk analysis A risk analysis method that uses intuition and experience to judge an organization's exposure to risks. It uses scenarios and ratings systems. Compare to quantitative risk analysis. Gold - 112, 113, 116-119, 149, Silver - 67

qualitative risk analysis RA method which uses approximate values (different from quantitative - which is to quantify, how much, count, etc..)

quantitative risk analysis A risk analysis method that attempts to use percentages in damage estimations and assigns real numbers to the costs of countermeasures for particular risks and the amount of damage that could result from the risk. Compare to qualitative risk analysis. Gold - 112-119, Silver - 67

query language language that searches and updates a database

race condition TOCTOU

radio-frequency identification RFID (best known as scanning bar codes)

2,3

random access memory RAM

rapid application development RAD

read only memory ROM

real evidence evidence consisting of tangilbe or physical objects

real-time transport protocol RTP

realm a logical kerberos network

reciprocol agreement a bi-directional agreeement between two organizations in which one organization promises another organization it can move in and share space if it experiences a disaster. also known as a mutual aid agreement.

recovery controls controls that restore a damege system or process

recovery phase incident response phase that restores a previously compromised system to operational status

recovery point objective RPO

recovery time objective RTO

reduced instruction set computer RISC

reduction analysis the process of analyzing and lowering risk

redundant array of inexpensive disks RAID

redundant site an exact production dupliate of a system that has the capability to seamlessly operate all necessary IT operations withougt loss of services to the end user

reference monitor mediates all access between subjects and objects

referential integrity requires that every foreign key in a secondary table matches a primary key in the parent table

registers small storage locations used by the CPU to store instructions and data

regression testing testing software after updates, modifications or patches

regulatory law administrative law

tactical goals Midterm goals to accomplish. These may be milestones to accomplish within a project or specific projects to accomplish in a year. Strategic, tactical, and operational goals make up a planning horizon. 91

technical controls These controls, also called logical access control mechanisms, work in software to provide confidentiality, integrity, or availability protection. Some examples are passwords, identification and authentication methods, security devices, auditing, and the configuration of the network. 8-12, 811-814, 865-866

threat Any potential danger that a vulnerability will be exploited by a threat agent. 100

top-down approach An approach in which the initiation, support, and direction for a project come from top management and work their way down through middle management and then to staff members. 40

topology The physical construction of how nodes are connected to form a network. 523

total risk When a safeguard is not implemented, an organization is faced with the total risk of that particular vulnerability. 123-124

trademark A legal right that protects a word, name, product shape, symbol, color, or a combination of these used to identify a product or a company. 65

trusted computer system A system that has the necessary controls to ensure that the security policy will not be compromised and that can process a range of sensitive or classified information simultaneously. 302

trusted computing base (TCB) All of the protection mechanisms within a computer system (software, hardware, and firmware) that are responsible for enforcing a security policy. 302-304

trusted path A mechanism within the system that enables the user to communicate directly with the TCB. This mechanism can be activated only by the user or the TCB and not by an untrusted mechanism or process. 303

trusted recovery A set of procedures that restores a system and its data in a trusted manner after the system has been disrupted or a system failure has occurred. 933

validation The act of performing tests and evaluations to test a system's security level to see if it complies with security specifications and requirements. 1084

virus A small application, or string of code, that infects applications. The main function of a virus is to reproduce, and it requires a host application to do this. It can damage data directly or degrade system performance. 53, 820, 1178-1181

vulnerability The absence or weakness of a safeguard that could be exploited. 98-99

war dialing An attack in which a long list of phone numbers is inserted into a war-dialing program in the hope of finding a modem that can be exploited to gain unauthorized access. 836, 874

white box software testing gives the tester accesss to program source code, data structures, variables, etc 336

white hat ethical hacker or researcher 69

whitelist A set of known good resources such as IP addresses, domain names, or applications. 966, 987

work factor The estimated time and effort required for an attacker to overcome a security control. 343, 385-386

worm An independent program that can reproduce by copying itself from one system to another. It may damage data directly or degrade system performance by tying up resources. 478-479, 1178, 1182

write An operation that results in the flow of information from a subject to an object 311

info security

Related study sets

Unit 11 (FCPA)

Chapter 5: Competitive Advantage, Firm Performance, and Business Models

Chapter 52: Endocrine

Pulmonary Embolism Patients NCLEX

Chapter 2 - Health Insurance Providers

quizzes nutrition

ch 1 quiz questions

ECON 4020 Midterm 1: Quiz Questions

BCRC 21-01 Mod 13 Unit 6 OC Spray

Thesis Claims and Finding Evidence

Psychology module 5

Trivia Fun-First Day

Module 8 TESOL/TEFL

LinkedIn Test-December 2018

Chapter 15 Chemical Texture Services Vocab

Funds Chapter 44 : Pain Management - NCLEX

Data Structures Exam 2

MGMT 4110

Animal Farm Chapter 3

Economics Unit 2