Читаем CISSP Practice полностью

The purpose of mutation analysis is to determine the thoroughness with which an application program has been tested and, in the process, detect errors. A large set of version or mutation of the original program is created by altering a single element of the program (e.g., variable, constant, or operator) and each mutant is then tested with a given collection of test datasets.

Mutual authentication

Occurs when parties at both sides of a communication activity authenticate each other. Providing mutual assurance regarding the identity of subjects and/or objects. For example, a system needs to authenticate a user, and the user needs to authenticate that the system is genuine.

N

NAK attack

See Negative acknowledgment (NAK) attack

Name spaces

Names are given to objects, which are only meaningful to a single subject, and thus cannot be addressed by other subjects.

Natural threats

Examples of natural threats include hurricanes, tornados, floods, and fires.

Need-to-know

The necessity for access to, knowledge of, or possession of specific information required to perform official tasks or services. The custodian, not the prospective recipient, of the classified or sensitive unclassified information determines the need-to-know.

Need-to-know violation

The disclosure of classified or other sensitive information to a person cleared but who has no requirement for such information to carry out assigned job duties.

Need-to-withhold

The necessity to limit access to some confidential information when broad access is given to all the information.

Negative acknowledgement (NAK) attack

(1) In binary synchronous communications, a transmission control character is sent as a negative response to data received by an attacker. A negative response means a reply was received that indicate that data was not received correctly or that a command was incorrect or unacceptable. (2) A penetration technique capitalizing on a potential weakness in an operating system that does not handle asynchronous interrupts properly, thus leaving the system in an unprotected state during such interrupts. An NAK means that a transmission was received with error (negative). An ACK (acknowledgment) means that a transmission was received without error (positive).

Net-centric architecture

A complex system of systems composed of subsystems and services that are part of a continuously evolving, complex community of people, devices, information, and services interconnected by a network that enhances information sharing and collaboration. Examples of this architecture include service-oriented architectures and cloud computing architectures.

Net present value (NPV) method

The most straightforward economic comparison is net present value (NPV). NPV is the difference between the present value (PV) of the benefits and the PV of the costs.

This method can be used to assess the financial feasibility of an investment in information security program.

Network

(1) Two or more systems connected by a communications medium. (2) An open communications medium, typically, the Internet, that is used to transport messages between the claimant and other parties. Unless otherwise stated no assumptions are made about the security of the network; it is assumed to be open and subject to active attacks (e.g., impersonation, man-in-the-middle, and session hijacking) and passive attacks (e.g., eavesdropping) at any point between the parties (e.g., claimant, verifier, CSP, or relying party).

Network access control (NAC)

A feature provided by some firewalls that allows access based on a user’s credentials and the results of health checks performed on the telework client device.

Network address translation (NAT)

(1) A routing technology used by many firewalls to hide internal system addresses from an external network through use of an addressing schema. (2) A mechanism for mapping addresses on one network to addresses on another network, typically private addresses to public addresses.

Network address translation (NAT) and port address translation (PAT)

Both NAT and PAT are used to hide internal system addresses from an external network by mapping internal addresses to external addresses, by mapping internal addresses to a single external address or by using port numbers to link external system addresses with internal systems.

Network administrator