Читаем CISSP Practice полностью

Denial-of-quality (DoQ) results from lack of quality assurance (QA) methods and quality control (QC) techniques used in delivering messages, packets, and services. DoQ affects QoS and QoP, and could result in DoS.

Denial of service (DoS)

(1) Preventing or limiting the normal use or management of networks or network devices. (2) The prevention of authorized access to resources or the delaying of time-critical operations. Time-critical may be milliseconds or it may be hours, depending upon the service provided. Synonymous with interdiction.

Denial-of-service (DoS) attack

(1) An attack that prevents or impairs the authorized use of networks, operating systems, or application systems by exhausting resources. (2) A type of computer attack that denies service to users by either clogging the system with a deluge of irrelevant messages or sending disruptive commands to the system. (3) A direct attack on availability, it prevents a financial system service provider from receiving or responding to messages from a requester (customer). DoS attacks on the financial system service provider would not be detected by a firewall or an intrusion detection system because these countermeasures are based on either entry-point or per-host specific, but not based on a per-transaction or operation basis. In these situations, two standards (WS-Reliability and WS-ReliableMessaging) are available to guarantee that messages are sent and received in a service-oriented architecture (SOA). XML-gateways can be used to augment the widely accepted techniques because they are capable of preventing and detecting XML-based DoS. Note that DoS is related to QoS and QoP and is resulting from denial-of-quality (DoQ).

Deny-by-default

To block all inbound and outbound traffic that has not been expressly permitted by firewall policy (i.e., unnecessary services that could be used to spread malware).

Depth attribute

An attribute associated with an assessment method that addresses the rigor and level of detail associated with the application of the method. The values for the depth attribute, hierarchically from less depth to more depth, are basic, focused, and comprehensive.

Design verification

The use of verification techniques, usually computer-assisted, to demonstrate a mathematical correspondence between an abstract (security) model and a formal system specification.

Designated approving/accrediting authority

The individual selected by an authorizing official to act on their behalf in coordinating and carrying out the necessary activities required during the security certification and accreditation of an information system.

Desk check reviews

A review of programs by the program author to control and detect program logic errors and misinterpretation of program requirements.

Desktop administrators

These identify changes in login scripts along with Windows Registry or file scans, and implement changes in login scripts.

Destroyed compromised state

The cryptographic key life cycle state that zeroizes a key so that it cannot be recovered and it cannot be used and marks it as compromised, or that marks a destroyed key as compromised. For record purposes, the identifier and other selected metadata of a key may be retained.

Destroyed state

The cryptographic key life cycle state that zeroizes a key so that it cannot be recovered and it cannot be used. For record purposes, the identifier and other selected metadata of a key may be retained.

Destruction

The result of actions taken to ensure that media cannot be reused as originally intended and that information is virtually impossible to recover or prohibitively expensive.

Detailed design

A process where technical specifications are translated into more detailed programming specifications, from which computer programs are developed.

Detailed testing

A test methodology that assumes explicit and substantial knowledge of the internal structure and implementation detail of the assessment object. Also known as white box testing.

Detective controls

These are actions taken to detect undesirable events and incidents that have occurred. Detective controls enhance security by monitoring the effectiveness of preventive controls and by detecting security incidents where preventive controls were circumvented.

Device communication modes

Three modes of communication between devices include simplex (one-way communication in one direction), half-duplex (one-way at a time in two directions), and full-duplex (two-way directions at the same time). The half-duplex is used when the computers are connected to a hub rather than a switch. A hub does not buffer incoming frames. Instead, a hub connects all the lines internally and electronically.