Читаем CISSP Practice полностью

Asynchronous transfer mode (ATM) network is a fast packet switching network, which is the foundation for the broadband integrated services digital network (B-ISDN). ATM uses cell technology to transfer data at high speeds using packets of fixed size. The ATM network is a non-IP wide-area network (WAN) because the Internet Protocol (IP) does not fit well with the connection-oriented ATM network. IP is a connectionless protocol.

Attack

(1) The realization of some specific threat that impacts the confidentiality, integrity, accountability, or availability of a computational resource. (2) The act of trying to bypass security controls on a system or a method of breaking the integrity of a cipher. (3) An attempt to obtain a subscriber’s token or to fool a verifier into believing that an unauthorized individual possesses a claimant’s token. (4) An attack may be active, resulting in the alteration of data, or passive, resulting in the release of data. Note: The fact that an attack is made does not necessarily mean it will succeed. The degree of success depends on system vulnerability or activity and the effectiveness of existing countermeasures.

Attack-in-depth strategy

Malicious code attackers use an attack-in-depth strategy in order to carry out their goal. Single-point solutions cannot stop all of their attacks. Defense-in-depth strategy can stop these attacks.

Attack signature

A specific sequence of events indicative of an unauthorized access attempt.

Attacker

(1) A party who is not the claimant or verifier but wishes wants to successfully execute the authentication protocol as a claimant. (2) A party who acts with malicious intent to assault an information system.

Attacker’s work factor

The amount of work necessary for an attacker to break the system or network should exceed the value that the attacker would gain from a successful compromise.

Attribute

A distinct characteristic of real-world objects often specified in terms of their physical traits, such as size, shape, weight, and color. Objects in cyber-world might have attributes describing things such as size, type of encoding, and network address. Attributes are properties of an entity. An entity is described by its attributes. In a database, the attributes of an entity have their analogues in the fields of a record. In an object database, instance variables may be considered attributes of the object.

Attribute-based access control (ABAC)

(1) Access control based on attributes associated with and about subjects, objects, targets, initiators, resources, or the environment. It is an access control ruleset that defines the combination of attributes under which an access may take place. (2) An access control approach in which access is mediated based on attributes associated with subjects (requesters) and the objects to be accessed. Each object and subject has a set of associated attributes, such as location, time of creation, and access rights. Access to an object is authorized or denied depending upon whether the required (e.g., policy-defined) correlation can be made between the attributes of that object and of the requesting subject.

Attribute-based authorization

A structured process that determines when a user is authorized to access information, systems, or services based on attributes of the user and of the information, system, or service.

Attribute certificate

A live scan of a person’s biometric measure is translated into a biometric template, which is then placed in an attribute certificate.

Audit

The independent examination of records and activities to assess the adequacy of system controls, to ensure compliance with established controls, policies, and operational procedures, and to recommend necessary changes in controls, policies, or procedures.

Audit reduction tools

Preprocessors designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tools can remove many audit records known to have little security significance. These tools generally remove records generated by specified classes of events, such as records generated by nightly backups.

Audit trail

(1) A chronological record of system activities that is sufficient to enable the reconstruction and examination of the sequence of events and activities surrounding or leading to an operation, procedure, or event in a security-relevant transaction from inception to results. (2) A record showing who has accessed an IT system and what operations the user has performed during a given period. (3) An automated or manual set of records providing documentary evidence of user transactions. (4) It is used to aid in tracing system activities. This is a technical and detective control.

Auditability