Читаем CISSP Practice полностью

A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties: (1) one-way states that it is computationally infeasible to find any input that maps to any pre-specified output, and (2) collision resistant states that it is computationally infeasible to find any two distinct inputs that map to the same output. The hash function may be used to produce a checksum, called a hash value or message digest, for a potentially long string or message.

Hash total

The use of specific mathematical formulae to produce a quantity (often appended to and) used as a checksum or validation parameter for the data it protects. This is a technical and detective control.

Hash value

(1) The fixed-length bit string produced by a hash function. (2) The result of applying a hash function to information. See message digest.

Hashing

The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data.

Hedging

Taking a position opposite to the exposure or risk. Because they reduce exposures and risks, risk mitigation techniques are examples of hedging.

High assurance guard

An enclave boundary protection device that controls access between a LAN that an enterprise system has a requirement to protect, and an external network that is outside the control of the enterprise system, with a high degree of assurance.

High availability

A failover feature to ensure availability during device or component interruptions.

High-impact system

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a potential impact value of high.

High-level data link control (HDLC) protocol

HDLC is a bit-oriented protocol with frame structure consisting of address, control, data, and checksum (cyclic redundancy code) fields (Tanenbaum).

Hijacking

An attack that occurs during an authenticated session with a database or system. The attacker disables a user’s desktop system, intercepts responses from the application, and responds in ways that probe the session.

Holder-of-key assertion

An assertion that contains a reference to a symmetric key or a public key (corresponding to a private key) possessed by the subscriber. The relying party may require the subscriber to prove their identity.

Honeynet

A network of honeypots designed to attract hackers so that their intrusions can be detected and analyzed, and to study the hackers’ behavior. Organizations should consult their legal counsel before deploying a honeynet for any legal ramifications of monitoring an attacker’s activity.

Honeypot

A fake production system designed with firewalls, routers, Web services, and database servers that looks like a real production system, but acts as a decoy and is studied to see how attackers do their work. It is a host computer that is designed to collect data on suspicious activity and has no authorized users other than security administrators and attackers. Organizations should consult their legal counsel before deploying a honeypot for any legal ramifications of monitoring an attacker’s activity.

Host

(1) Any node that is not a router. (2) Any computer-based system connected to the network and containing the necessary protocol interpreter software to initiate network access and carry out information exchange across the communications network. (3) The term can refer to almost any kind of computer, including a centralized mainframe that is a host to its terminals, a server that is host to its clients, or a desktop personal computer (PC) that is host to its peripherals. In network architectures, a client station (user’s machine) is also considered a host because it is a source of information to the network, in contrast to a device, such as a router or switch that directs traffic. This definition encompasses typical mainframe computers and workstations connected directly to the communications sub-network and executing the inter-computer networking protocols. A terminal is not a host because it does not contain the protocol software needed to perform information exchange. A router or switch is not a host either. A workstation is a host because it does have such capability. Host platforms include operating systems, file systems, and communications stacks.

Host-based firewall

A software-based firewall installed on a server to monitor and control its incoming and outgoing network traffic. Security in host-based firewalls is generally at the application level, rather than at a network level.

Host-based intrusion detection system (IDS)