Читаем CISSP Practice полностью

The number of times the hardware ceases to function in a given time period.

Fallback procedures

(1) In the event of a failure of transactions or the system, the ability to fallback to the original or alternate method for continuation of processing. (2) The ability to go back to the original or alternate method for continuation of computer processing.

False acceptance

When a biometric system incorrectly identifies an individual or incorrectly verifies an impostor against a claimed identity.

False acceptance rate (FAR)

The probability that a biometric system will incorrectly identify an individual or will fail to reject an impostor. The rate given normally assumes passive impostor attempts. The FAR is stated as the ratio of the number of false acceptances divided by the number of identification attempts.

False match rate

Alternative to false acceptance rate. Used to avoid confusion in applications that reject the claimant if their biometric data matches that of an applicant.

False negative

(1) An instance of incorrectly classifying malicious activity or content as benign. (2) An instance in which a security tool intended to detect a particular threat fails to do so. (3) When a tool does not report a security weakness where one is present.

False non-match rate

Alternative to false rejection rate. Used to avoid confusion in applications that reject the claimant if their biometric data matches that of an applicant.

False positive

(1) An instance in which a security tool incorrectly classifies benign activity or content as malicious. (2) When a tool reports a security weakness where no weakness is present. (3) An alert that incorrectly indicates that malicious activity is occurring.

False positive rate

The number of false positives divided by the sum of the number of false positives and the number of true positives.

False rejection

When a biometric system fails to identify an applicant or fails to verify the legitimate claimed identity of an applicant.

False rejection rate (FRR)

The probability that a biometric system will fail to identify an applicant, or verify the legitimate claimed identity of an applicant. The FRR is stated as the ratio of the number of false rejections divided by the number of identification attempts.

Fault

A physical malfunction or abnormal pattern of behavior causing an outage, error, or degradation of communications services on a communications network. Fault detection, error recovery, and failure recovery must be built into a computer system to tolerate faults.

Fault injection testing

Unfiltered and invalid data are injected as input into an application program to detect faults in resource operations and execution functions.

Fault management

The prevention, detection, reporting, diagnosis, and correction of faults and fault conditions. Fault management includes alarm surveillance, trouble tracking, fault diagnosis, and fault correction.

Fault-tolerance mechanisms

The ability of a computer system to continue to perform its tasks after the occurrence of faults and operate correctly even though one or more of its component parts are malfunctioning. Synonymous with resilience.

Fault tolerant controls

The ability of a processor to maintain effectiveness after some subsystems have failed. These are hardware devices or software products such as disk mirroring or server mirroring aimed at reducing loss of data due to system failures or human errors. It is the ability of a processor to maintain effectiveness after some subsystems have failed. This is a technical and preventive control and ensures availability control.

Fault-tolerant programming

Fault tolerant programming is robust programming plus redundancy features, and is partially similar to N-version programming.

Feature

An advantage attributed to a system.

Federated trust

Trust established within a federation, enabling each of the mutually trusting realms to share and use trust information (e.g., credentials) obtained from any of the other mutually trusting realms.

Federation

A collection of realms (domains) that have established trust among themselves. The level of trust may vary, but typically include authentication and may include authorization.

Fetch protection

A system-provided restriction to prevent a program from accessing data in another user’s segment of storage. This is a technical and preventive control.

Fiber-optic cable