Читаем CISSP Practice полностью

Malicious code attackers use an attack-in-depth strategy to carry out their goal of attacking with programs written intentionally to cause harm or destruction.

Malicious mobile code

Software that is transmitted from a remote system to be executed on a local system, typically without the user’s explicit instruction. It is growing with the increased use of Web browsers. Many websites use mobile code to add legitimate functionality, including Active X, JavaScript, and Java. Unfortunately, although it was initially designed to be secure, mobile code has vulnerabilities that allow entities to create malicious programs. Users can infect their computers with malicious mobile code (e.g., a Trojan horse program that transmits information from the user’s PC) just by visiting a website.

Malware

A computer program that is covertly placed onto a computer with the intent to compromise the privacy, accuracy, confidentiality, integrity, availability, or reliability of the victim’s data, applications, or operating system, or otherwise annoying or disrupting the victim. Common types of malware threats include viruses, worms, malicious mobile code, Trojan horses, rootkits, spyware, freeware, shareware, and some forms of adware programs.

Malware signature

A set of characteristics of known malware instances that can be used to identify known malware and some new variants of known malware.

Man-in-the-middle (MitM) attack

(1) A type of attack that takes advantage of the store-and-forward mechanism used by insecure networks such as the Internet (also called bucket brigade attack). (2) Actively impersonating multiple legitimate parties, such as appearing as a client to an access point and appearing as an access point to a client. This allows an attacker to intercept communications between an access point and a client, thereby obtaining authentication credentials and data. (3) An attack on the authentication protocol run in which the attacker positions himself in between the claimant and verifier so that he can intercept and alter data traveling between them. (4) An attack against public key algorithms, where an attacker substitutes his public key for the requested public key.

Managed or enterprise environment

An inward-facing environment that is very structured and centrally managed.

Managed interfaces

Managed interfaces allow connections to external networks or information systems consisting of boundary protection devices arranged according to an organization’s security architecture.

Managed interfaces employing boundary protection devices include proxies, gateways, routers, firewalls, software/hardware guards, or encrypted tunnels (e.g., routers protecting firewalls and application gateways residing on a protected demilitarized zone). Managed interfaces, along with controlled interfaces, use boundary protection devices. These devices prevent and detect malicious and other unauthorized communications.

Management controls

The security controls (i.e., safeguards or countermeasures) for an information system that focus on the management of risk and the management of information system security. They include actions taken to manage the development, maintenance, and use of the system, including system-specific policies, procedures, rules of behavior, individual roles and responsibilities, individual accountability, and personnel security decisions.

Management message (WMAN/WiMAX)

A management message (MM) is a message used for communications between a BS and SS/MS. These messages (e.g., establishing communication parameters, exchanging privacy settings, and performing system registration events) are not encrypted and thus are susceptible to eavesdropping attacks.

Management network

A separate network strictly designed for security software management.

Management server

A centralized device that receives information from sensors or agents and manages them.

Mandatory access control

Access controls that are driven by the results of a comparison between the user’s trust-level/clearance and the sensitivity designation of the information. A means of restricting access to objects (system resources) based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects (users) to access information of such sensitivity.

Mandatory protection

The result of a system that preserves the sensitivity labels of major data structures in the system and uses them to enforce mandatory access controls.

Mantraps

Mantraps provide additional security at the entrances to high-risk areas. For highly sensitive areas, mantraps require a biometric measure such as fingerprints combined with the weight of the person entering the facility.