Читаем CISSP Practice полностью

A network on which messages are encrypted (e.g., using DES, AES, or other appropriate algorithms) to prevent reading by unauthorized parties.

Encryption

(1) Conversion of plaintext to ciphertext though the use of a cryptographic algorithm. (2) The process of changing plaintext into ciphertext for the purpose of security or privacy.

Encryption algorithm

A set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.

Encryption certificate

A certificate containing a public key that is used to encrypt electronic messages, files, documents, or data transmissions, or to establish or exchange a session key for these same purposes.

Encryption process

(1) The process of changing plaintext into ciphertext for the purpose of security or privacy. (2) Encryption is the conversion of data into a form, called a ciphertext, which cannot be easily understood by unauthorized people. (3) It is the conversion of plaintext to ciphertext through the use of a cryptographic algorithm. (4) The process of a confidentiality mode that transforms usable data into an unreadable form.

End-point protection platform

It is safeguards implemented through software to protect end-user computers such as workstations and laptops against attack (e.g., antivirus, antispyware, antiadware, personal firewalls, and hot-based intrusion detection systems).

End-point security

End-point protection platforms require end-point security products such as (1) use of anti-malware software; if not available, use of rootkit detectors, (2) use of personal firewalls, (3) use of host-based intrusion detection and prevention systems, (4) use of mobile code restrictively, (5) use of cryptography in file encryption, full disk encryption, and VPN connections, (6) implementation of TLS or XML gateways or firewalls, (7) placing remote access servers in internal DMZ, and (8) use of diskless nodes and thin clients with minimal functionality.

End-to-end encryption

(1) Encryption of information at the origin within a communications network and postponing decryption to the final destination point. (2) Communications encryption in which data is encrypted when being passed through a network, but routing, addresses, headers, and trailer information are not encrypted (i.e., remains visible). (3) It is encryption of information at its origin and decryption at its intended destination without intermediate decryption. This is a technical and preventive control.

End-to-end security

The safeguarding of information in a secure telecommunication system by cryptographic or protected distribution system means from point of origin to point of destination. This is a technical and preventive control.

End-to-end testing

A testing approach to verify that a defined set of interrelated systems that collectively support an organizational core business area or function interoperates as intended in an operational environment. It is conducted when a major system in the end-to-end chain is modified or replaced.

End-user device

A personal computer (e.g., desktop and laptop), consumer device (e.g., personal digital assistant [PDA] and smart phone), or removable storage media (e.g., USB flash drive, memory card, external hard drive, and writeable CD or DVD) that can store information.

Enhanced messaging service (EMS)

An improved message system for global system for mobile communications (GSM) mobile phone allowing picture, sound, animation, and text elements to be conveyed through one or more concatenated short message service (SMS).

Enterprise architecture

The description of an enterprise’s entire set of information systems: how they are configured, how they are integrated, how they interface to the external environment at the enterprise’s boundary, how they are operated to support the enterprise mission, and how they contribute to the enterprise’s overall security posture.

Entity

(1) Any participant in an authentication exchange; such a participant may be human or nonhuman, and may take the role of the claimant and/or verifier. (2) It is either a subject (an active element generally in the form of a person, process, or device that causes information to flow among objects or changes the system state) or an object (a passive element that contains or receives information). Note: Access to an object potentially implies access to the information it contains. (3) It is an active element in an open system. (4) It is an individual (person) or organization, device, or process. (5) A collection of information items conceptually grouped together and distinguished from their surroundings. An entity (party) is described by its attributes, and entities can be linked or have relationships to other entities (parties).