Читаем CISSP Practice полностью

The use of failover clusters to provide high availability of computing services. Failover means the system detects hardware/software faults and immediately restarts the application on another system without requiring human intervention. It uses redundant computers or nodes and configures the nodes before starting the application on it. A minimum of two nodes is required to provide redundancy but in reality it uses more than two nodes. Variations in node configurations include active/active (good for software configuration), active/passive (good for hardware configuration), N+1 (good for software configuration), N+M (where M is more than one standby servers), and N-to-N (where clusters redistribute the services from the failed node to the active node, thus eliminating the need for a standby node). Cluster computing is often used for critical databases, file sharing on a network, high-performance systems, and electronic commerce websites. An advantage of cluster computing is that it uses a heartbeat private network connection to monitor the health and status of each node in the cluster. Disadvantages include (1) split-brain situation where all the private links can go down simultaneously, but the cluster nodes are still working, and (2) data corruption on the shared storage due to duplicate services (Wikipedia).

Coaxial cable

It is a thin cable similar to the one used in cable television connection. A coaxial cable has a solid copper wire, an inner insulation covering this core, a braided metallic ground shield, and an outer insulation.

Code division multiple access (CDMA)

A spread spectrum technology for cellular networks based on the Interim Standard-95 (IS-95) from the Telecommunications Industry Association (TIA).

Codebook attack

A type of attack where the intruder attempts to create a codebook of all possible transformations between plaintext and ciphertext under a single key.

Coder decoder (CODEC)

Coverts analog voice into digital data and back again. It may also compress and decompress the data for more efficient transmission. It is used in plain old telephone service (POTS).

Cohesion

A measure of the strength of association of the elements within a program module; the modularity is greater for higher strength modules. The best level of cohesion is functional (high-strength) and the worst level of cohesion is coincidental (low-strength). In functional cohesion, all components contribute to the one single function of a module. In coincidental cohesion, components are grouped by accident, not by plan. A higher (strong) cohesion value is better. Interfaces exhibiting strong cohesion and weak coupling are less error prone. If various modules exhibit strong internal cohesion, the inter-module coupling tends to be minimal, and vice versa.

Cold-site

A backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event that the user has to move from their main computing location to an alternate site.

Collision

A condition in which two data packets are transmitted over a medium at the same time from two or more stations. Two or more distinct inputs produce the same output.

Collision detection

When a collision is detected, the message is retransmitted after a random interval.

Commercial software

Software available through lease or purchase in the commercial market from an organization representing itself to have ownership of marketing rights in the software.

Common criteria (CC)

The Common Criteria represents the outcome of a series of efforts to develop criteria for evaluation of IT security that is broadly useful within the international community. It is a catalog of security functionality and assurance requirements.

Common data security architecture (CDSA)

It is a set of layered security services that address communications and data security problems in the emerging Internet and Intranet application space. CDSA focuses on security in peer-to-peer (P2P) distributed systems with homogeneous and heterogeneous platform environments, and applies to the components of a client/server application. CDSA supports existing, secure protocols, such as SSL, S/MIME, and SET.

Common gateway interface (CGI) scripts

These are insecure programs that allow the Web server to execute an external program when particular URLs are accessed.

Common law (case law)

Law based on preceding cases.

Common security control