Читаем CISSP Practice полностью

Software made available to the public at no cost. The author retains the copyright rights and can place restrictions on the program’s use.

Frequency analysis attacks

A sequence of letters and words used in cryptographic keys, messages, and conversations between people when they are transforming the plaintext into ciphertext. This transformation is of two types: substitution and permutation. Both substitution ciphers (shifts the letters and words used in the plaintext) and transposition ciphers (permutes or scrambles the letters and words used in the plaintext) are subject to frequency analysis attack. These ciphers can be simple or complex, where the former uses a short sequence of letters and words and the latter uses a long sequence of letters and words. The goal of the attacker is to determine the cryptographic key used in the transformation of the plaintext into the ciphertext to complete his attack.

Front-end processors (FEP)

A front-end processor (FEP) is a programmed-logic or stored-program device that interfaces data communication equipment with an input/output bus or the memory of a data processing computer.

Full disk encryption (FDE)

The process of encrypting all the data on the hard drive used to boot a computer, including the computer’s operating system, and permitting access to the data only after successful authentication with the full disk encryption product. FDE is also called whole disk encryption.

Full-scale testing

Full-scale testing or full-interruption testing is disruptive and costly to an organization’s business processes and operations as computer systems will not be available on a 24×7 schedule.

Full tunneling

A method that causes all network traffic to go through the tunnel to the organization.

Fully connected topology

Fully connected topology is a network topology in which there is a direct path (branch) between any two nodes. With n nodes, there are n (n–1) / 2 direct paths or branches.

Functional design

A process in which the user’s needs are translated into a system’s technical specifications.

Functional testing

The portion of security testing in which the advertised security mechanisms of a system are tested, under operational conditions, for correct operation. This is a management and preventive control.

Functionality

Distinct from assurance, the functional behavior of a system. Functionality requirements include confidentiality, integrity, availability, authentication, and safety.

Fuzz testing

Similar to fault injection testing in that invalid data is input into the application via the environment, or input by one process into another process. Fuzz testing is implemented by tools called fuzzers, which are programs or script that submit some combination of inputs to the test target to reveal how it responds.

Fuzzy logic

It uses set theory, which is a mathematical notion that an element may have partial membership in a set. Fuzzy logic is used in insurance and financial risk assessment application systems.

G

G2B

Government-to-business (G2B) is an electronic government (e-government) model where interactions are taking place between governments and businesses and vice versa. Examples of interactions include procurement and acquisition transactions with business entities and payments to them (e.g., U.S. DoD doing business with Defense Contractors). Reverse auction is practiced in B2B or G2B e-commerce.

G2C

Government-to-citizens (G2C) is an electronic government model where interactions are taking place between a government and its citizens. Examples of interactions include entitlement payments (e.g., retirement and Medicare benefits), tax receipts, and refund payments.

G2E

Government-to-employees (G2E) is an electronic government model where interactions are taking place between government agencies and their employees.

G2G

Government-to-government (G2G) is an electronic government model where interactions are taking place within a government agency and those between other government agencies.

Galois counter mode (GCM) algorithm

Provides authenticated encryption and authenticated decryption functions for both confidential data and non- confidential data. Each of these functions is relatively efficient and parallel; consequently, high-throughput implementations are possible in both hardware and software. GCM provides stronger authentication assurance than a non-cryptographic checksum or error detecting code; in particular, GCM can detect both accidental modifications of the data and intentional, unauthorized modifications. The GCM is constructed with a symmetric key block cipher key a block size of 128 bits and a key size of at least 128 bits. The GCM is a mode of operation of the AES algorithm.