Читаем CISSP Practice полностью

Examples include (1) masquerading attacks resulting from untrusted code that was accepted and executed code that was developed elsewhere, (2) gaining unauthorized access to computational resources residing at the browser (e.g., security options) or its underlying platform (e.g., system registry), and (3) using authorized access based on the user’s identity in an unexpected and disruptive fashion (e.g., to invade privacy or deny service).

Browsing

The act of searching through storage to locate or acquire information without necessarily knowing the existence or the format of the information being sought.

Brute force attack

A form of guessing attack in which the attacker uses all possible combinations of characters from a given character set and for passwords up to a given length. A form of brute force attack is username harvesting, where applications differentiate between an invalid password and an invalid username, which allows attackers to construct a list of valid user accounts. Countermeasures against brute force attacks include strong authentication with SSL/TLS, timeouts with delays, lockouts of user accounts, password policy with certain length and mix of characters, blacklists of IP addresses and domain names, and logging of invalid password attempts.

Bucket brigade attack

A type of attack that takes advantage of the store-and-forward mechanism used by insecure networks such as the Internet. It is similar to the man-in-the middle attack.

Buffer

An area of random access memory or CPU used to temporarily store data from a disk, communication port, program, or peripheral device.

Buffer overflow attack

(1) A method of overloading a predefined amount of space in a buffer, which can potentially overwrite and corrupt data in memory. (2) It is a condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.

Bus topology

A bus topology is a network topology in which all nodes (i.e., stations) are connected to a central cable (called the bus or backbone) and all stations are attached to a shared transmission medium. Note that linear bus topology is a variation of bus topology.

Business continuity plan (BCP)

The documentation of a predetermined set of instructions or procedures that describe how an organization’s business functions will be sustained during and after a significant disruption.

Business impact analysis (BIA)

An analysis of an IT system’s requirements, processes, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption.

Business process improvement (BPI)

It focuses on how to improve an existing process or service. BPI is also called continuous process improvement.

Business process reengineering (BPR)

It focuses on improving efficiency, reducing costs, reducing risks, and improving service to internal and external customers. Radical change is an integral part of BPR.

Business recovery/resumption plan (BRP)

The documentation of a predetermined set of instructions or procedures that describe how business processes will be restored after a significant disruption has occurred.

Business rules processor

The sub-component of a service-oriented architecture (SOA) that manages and executes the set of complex business rules that represent the core business activity supported by the component.

Bypass capability

The ability of a service to partially or wholly circumvent encryption or cryptographic authentication.

C

C2C

Consumer-to-consumer (C2C) is an electronic commerce model involving consumers selling directly to consumers (e.g., eBay).

Cache attack

Computer processors are equipped with a cache memory, which decreases the memory access latency. First, the processor looks for the data in cache and then in the memory. When the data is not where the processor is expecting, a cache-miss occurs. The cache-miss attacks enable an unprivileged process to attack other processes running in parallel on the same processor, despite partitioning methods used (for example, memory protection, sandboxing, and virtualization techniques). Attackers use the cache-miss situation to attack weak symmetric encryption algorithms (for example, DES). AES is stronger than DES, and the former should be used during the execution of a processor on a known plaintext.

Callback

Procedure for identifying and authenticating a remote information system terminal, whereby the host system disconnects the terminal and reestablishes the contact.