Читаем CISSP Practice полностью

IDS operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the operating system. Furthermore, unlike network-based IDSs, host-based IDSs can more readily “see” the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks. It is a program that monitors the characteristics of a single host and the events occurring within the host to identify and stop suspicious activity.

Host-based security

The technique of securing an individual system from attack. It is dependent on an operating system and its version.

Host-to-front-end protocol

A set of conventions governing the format and control of data that are passed from a host to a front-end machine.

Hot failover device

Computer systems will have at least one backup mechanism in that when the primary device fails or is taken off-line, the hot failover device comes online and maintains all existing communications sessions; no disruption of communications occurs. This concept can be applied to firewalls.

Hotfix

Microsoft’s term to bundle hotfixes (patches) into service packs for easier and faster installation.

Hot-site

(1) An alternate site with a duplicate IT already set up and running, which is maintained by an organization or its contractor to ensure continuity of service for critical systems in the event of a disaster. (2) A fully operational offsite data processing facility equipped with hardware and system software to be used in the event of a disaster.

Hot spare

A hot spare drive is a physical hot standby drive installed in the RAID disk array that is active and connected but is inactive until an active drive fails. When a key component fails, the hot spare is switched into operation. A hot spare reduces the mean time to recovery (MTTR), thus supporting redundancy and availability. Hot spare requires hot swapping or hot plugging by a human operator (Wikipedia).

Hot spots

Hot spots consist of one or more Wi-Fi access points positioned on a ceiling or wall in a public place to provide maximum wireless coverage for a wireless LAN.

Hot wash

Hot wash is a debriefing session conducted immediately after an exercise or test of an information system with the testing team, non-testing staff, and other participants to share problems and experiences.

Hubs

A hub can be thought of a central place from which all connections are made between networks and computers. Hubs are simple devices that connect network components, sending a packet of data to all other connected devices. Hubs operate in the physical layer of the ISO/OSI reference model.

Human threats

Examples of human threats include intentional/unintentional errors; sabotage of data, systems, and property; implanting of malicious code; and terrorist attacks.

Hybrid attack (password)

A form of guessing attack in which the attacker uses a dictionary that contains possible passwords and then uses variations through brute force methods of the original passwords in the dictionary to create new potential passwords. Hybrid Attack = Dictionary Attack + Brute Force Attack.

Hybrid security control

A security control that has the properties of both a common security control and a system-specific security control (i.e., one part of the control is deemed to be common, whereas another part of the control is deemed to be system-specific).

Hybrid topology

Hybrid topology is a combination of any two different basic network topologies (e.g., combination of star topology and bus topology). The tree topology is an example of a hybrid topology where a linear bus backbone connects star-configured networks.

Hyperlink

An electronic link providing direct access from one distinctively marked place in a hypertext or hypermedia document to another in the same or a different document.

Hypertext markup language (HTML)

A markup language that is a subset of standard generalized markup language (SGML) and is used to create hypertext and hypermedia documents on the Web incorporating text, graphics, sound, video, and hyperlinks. It is a mechanism used to create Web pages on the Internet.

Hypertext transfer protocol (HTTP)

(1) The native protocol of the Web, used to transfer hypertext documents on the Internet. (2) A standard method for communication between clients and Web servers.

Hypervisor