Читаем CISSP Practice полностью

The average time to restore service following system failures that result on service outages. The time to restore includes all time from the occurrence of the failure until the restoral of service. A low MTTR means high system availability.

Measures

All the output produced by automated tools (for example, IDS/IPS, vulnerability scanners, audit record management tools, configuration management tools, and asset management tools) and various information security program-related data (for example, training and awareness data, information system authorization data, contingency planning and testing data, and incident response data). Measures also include security assessment evidence from both automated and manual collection methods. A “measure” is the result of gathering data from the known sources.

Mechanisms

An assessment object that includes specific protection-related items (for example, hardware, software, or firmware) employed within or at the boundary of an information system.

Media

Physical devices or writing surfaces including, but not limited to, magnetic tapes, optical disks, magnetic disks, large-scale integration (LSI) memory chips, flash ROM, and printouts (but not including display media) onto which information is recorded, stored, or printed within an information system.

Media access control address

A hardware address that uniquely identifies each component of an IEEE 802-based standard. On networks that do not conform to the IEEE 802 standard but do conform to the ISO/OSI reference model, the node address is called the Data Link Control (DLC) address.

Media gateway

It is the interface between circuit switched networks and IP network. Media gateway handles analog/digital conversion, call origination and reception, and quality improvement functions such as compression or echo cancellation.

Media gateway control protocol (MGCP)

MGCP is a common protocol used with media gateways to provide network management and control functions.

Media sanitization

A general term referring to the actions taken to render data written on media unrecoverable by both ordinary and extraordinary means.

Medium/media access control protocols

Protocols for the medium/media access control sublayer, which is the bottom part of the data link layer of the ISO/OSI reference model, include carrier sense multiple access with collision avoidance and collision detection (CSMA/CA and CSMA/CD), wavelength division multiple access (WDMA), Ethernet (thick, thin, fast, switched, and gigabit), logical link control (LLC), the 802.11 protocol stack for wireless LANs, the 802.15 for Bluetooth, the 802.16 for Wireless MANs, and the 802.1Q for virtual LANs. These are examples of broadcast networks with multi-access channels.

Meet-in-the-middle (MIM) attack

Occurs when one end is encrypted and the other end is decrypted, and the results are matched in the middle. MIM attack is made on block ciphers.

Melting

A physically destructive method of sanitizing media; to be changed from a solid to a liquid state generally by the application of heat. Same as smelting.

Memorandum of understanding/agreement

A document established between two or more parties to define their respective roles and responsibilities in accomplishing a particular goal. Regarding IT, it defines the responsibilities of two or more organizations in establishing, operating, and securing a system interconnection.

Memory cards

Memory cards are data storage devices used for personal authentication, access authorization, card integrity, and application systems.

Memory protection

It is achieved through the use of system partitioning, non-modifiable executable programs, resource isolation, and domain separation.

Memory resident virus

A virus that stays in the memory of infected systems for an extended period of time.

Memory scavenging

The collection of residual information from data storage.

Mesh computing

Provides application processing and load balancing capacity for Web servers using the Internet cache. It pushes applications, data, and computing power away from centralized points to local points of networks. It deploys Web server farms and clustering concepts, and is based on “charge for network services” model. Mesh computing implies non-centralized points and node-less availability.