Читаем CISSP Practice полностью

Restore procedures are needed before, during, or after completion of certain transactions or events to ensure acceptable fault-recovery.

Checksum

A value automatically computed on data to detect error or manipulation during transmission. It is an error-checking technique to ensure the accuracy of data transmission. The number of bits in a data unit is summed and transmitted along with the data. The receiving computer then checks the sum and compares. Digits or bits are summed according to arbitrary rules and used to verify the integrity of data (that is, changes to data). This is a technical and detective control.

Chief information officer (CIO)

A senior official responsible for (1) providing advice and other assistance to the head of the organization and other senior management personnel of the organization to ensure that information technology is acquired and information resources are managed in a manner that is consistent with laws, executive orders, directives, policies, regulations, and priorities established by the head of the organization; (2) developing, maintaining, and facilitating the implementation of a sound and integrated information technology architecture for the organization; and (3) promoting the effective and efficient design and operation of all major information resources management processes for the organization, including improvements to work processes of the organization.

Chokepoint

A chokepoint creates a bottleneck in a system, whether the system is a social, natural, civil, military, or computer system. For example, the installation of a firewall in a computer system between a local network and the Internet creates a chokepoint and makes it difficult for an attacker to come through that network channel. In graph theory and network analysis, a chokepoint is any node in a network with a high centrality (Wikipedia).

Cipher

(1) A series of transformations that converts plaintext to ciphertext using the cipher key. (2) A cipher block chaining-message authentication code (CBC-MAC) algorithm. (3) A secret-key block-cipher algorithm used to encrypt data and to generate a MAC to provide assurance that the payload and the associated data are authentic.

Cipher key

Secret, cryptographic key that is used by the Key Expansion Routine to generate a set of Round Keys; can be pictured as a rectangular array of bytes, having four rows and NK columns.

Cipher suite

Negotiated algorithm identifiers, which are understandable in human readable form using a pneumonic code.

Ciphertext

(1) Data output from the cipher or input to the inverse cipher. (2) The result of transforming plaintext with an encryption algorithm. (3) It is the encrypted form of a plaintext message of data. Also known as crypto-text or enciphered information.

Circuit-level gateway firewall

A type of firewall that can be used either as a stand-alone or specialized function performed by an application-level gateway. It does not permit an end-to-end Transmission Control Protocol (TCP) connection. This firewall can be configured to support application-level service on inbound connections and circuit-level functions for outbound connections. It incurs overhead when examining the incoming application data for forbidden functions but does not incur that overhead on outgoing data.

Civil law

Law that deals with suits for breach of contract or tort cases, such as suits for personal injuries.

Claimant

(1) A party whose identity is to be verified using an authentication protocol. (2) An entity which is or which represents a principal for the purposes of authentication, together with the functions involved in an authentication exchange on behalf of that entity. (3) A claimant acting on behalf of a principal must include the functions necessary for engaging in an authentication exchange (e.g., a smart card (claimant) can act on behalf of a human user (principal)).

Claimed signatory

From the verifier’s perspective, the claimed signatory is the entity that purportedly generated a digital signature.

Class

(1) A set of objects that share a common structure and a common behavior. (2) A generic description of an object type consisting of instance variables and method definitions. Class definitions are templates from which individual objects can be created.

Class hierarchy

Classes can naturally be organized into structures (tree or network) called class hierarchies. In a hierarchy, a class may have zero or more superclasses above it in the hierarchy. A class may have zero or more classes below, referred to as its subclasses.

Class object

A class definition. Class definitions are objects that are instances of a generic class, or metaclass.

Classification