Читаем CISSP Practice полностью

A group of computers and other devices dispersed over a relatively limited area and connected by a communications link that enables a device to interact with any other on the network. A user-owned, user-operated, high-volume data transmission facility connecting a number of communicating devices (e.g., computers, terminals, word processors, printers, and mass storage units) within a single building or several buildings within a physical area. A LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected to other LANs over any distance via telephone lines and radio waves. A system of LANs connected in this way is called a wide-area network (WAN). Bridges and switches are used to interconnect different LANs. LANs and MANs are non-switched networks, meaning they do not use routers.

Local delivery agent (LDA)

A program running on a mail server that delivers messages between a sender and recipient if their mailboxes are both on the same mail server. An LDA may also process the message based on a predefined message filter before delivery.

Location-based commerce (L-commerce)

A mobile-commerce (m-commerce) application targeted to a customer whose location, preferences, and needs are known in real time.

Lock-and-key protection system

A protection system that involves matching a key or password with a specific access requirement.

Locking-based attacks

Attacks that degrade a system performance and service. This attack is used to hold a critical system locked most of the time, releasing it only briefly and occasionally. The result is a slow running browser. This results in a degradation of service, a mild form of DoS. Countermeasures against locking-based attacks include system backups and upgrading/patching software can help in maintaining a system’s integrity.

Locks

Locks are used to prevent concurrent updates to a record. Various types of locks include page-level, row-level, area-level, and record-level. This is a technical and preventive control.

Lockstep computing

Lockstep systems are redundant computing systems that run the same set of operations at the same time in parallel. The output from lockstep operations can be compared to determine if there has been a fault. The lockstep systems are set up to progress from one state to the next state, as they closely work together. When a new set of inputs reaches the system, the system processes them, generates new outputs, and updates its state. Lockstep systems provide redundancy against hardware failures, not against software failures. Other redundant configurations include dual modular redundancy (DMR) systems and triple modular redundancy (TMR) systems. In DMR, computing systems are duplicated. Unlike the lockstep systems, there is a master/slave configuration in DMR where the slave is a hot-standby to the master. When the master fails at some point, the slave is ready to continue from the previous known good state. In TMR, computing systems are triplicated as voting systems. If one unit’s output disagrees with the other two, the unit is detected as having failed. The matched output from the other two is treated as correct. Similar to lockstep systems, DMR and TMR systems provide redundancy against hardware failures, not against software failures (Wikipedia).

Log

A record of the events occurring within an organization’s systems and networks. Log entries are individual records within a log.

Log analysis

Studying log entries to identify events of interest or suppress log entries for insignificant events.

Log archival

Retaining logs for an extended period of time, preferably on removable media, a storage area network (SAN), or a specialized log archival appliance or server.

Log clearing

Removing all entries from a log that precede certain date and time.

Log compression

Storing a log file in a way that reduces the amount of storage space needed for the file without altering the meaning of its contents.

Log conversion

Parsing a log in one format and storing its entries in a second format.

Log correlation

Correlating events by matching multiple log entries from a single source or multiple sources based on logged values, such as timestamps, IP addresses, and event types.

Log file integrity checking

Comparing the current message digest for a log file to the original message digest to determine if the log file has been modified.

Log filtering

The suppression of log entries from analysis, reporting, or long-term storage because their characteristics indicate that they are unlikely to contain information of interest.

Log management

The process for generating, transmitting, storing, analyzing, and disposing of log data.