Читаем CISSP Practice полностью

Refers to the recording and retransmission of message packets in the network. It is frequently undetectable but can be prevented by using packet time-stamping and packet-sequence counting.

Packet sniffer

Software that observes and records network traffic. It is a passive wiretapping.

Packet snarfing

Also known as eavesdropping.

Padded cell systems

An attacker is seamlessly transferred to a special padded cell host.

Padding

Meaningless data added to the start or end of messages. They are used to hide the length of the message or to add volume to a data structure that requires a fixed size.

Pairwise trust

Establishment of trust by two entities that have direct business agreements with each other.

Parameters

Specific variables and their values used with a cryptographic algorithm to compute outputs useful to achieve specific security goals.

Pareto’s law

It is called the 80/20 rule, which can be applied to IT in that 80 percent of IT-related problems come from 20 percent of IT-related causes or issues.

Parity

Bit(s) used to determine whether a block of data has been altered.

Parity bit

A bit indicating whether the sum of a previous series of bits is even or odd.

Parity checking

A hardware control that detects data errors during transmission. It compares the sum of a previous set of bits with the parity bit to determine if an error in the transmission or receiving of the message has occurred. This is a technical and detective control.

Parkinson’s law

Parkinson’s law states that work expands to fill the time available for its completion. Regarding IT, we can state an analogy that data expands to fill the bandwidth available for data transmission.

Partitioned security mode

Information system security mode of operation wherein all personnel have the clearance, but not necessarily formal access approved and need-to-know, for all information handled by an information system.

Partitioning

The act of logically dividing a media into portions that function as physically separate units.

Passive attack

(1) An attack against an authentication protocol where the attacker intercepts data traveling along the network between the claimant and verifier, but does not alter the data (i.e., eavesdropping). (2) An attack that does not alter systems or data.

Passive fingerprinting

Analyzing packet headers for certain unusual characteristics or combinations of characteristics that are exhibited by particular operating systems or applications.

Passive security testing

Security testing that does not involve any direct interaction with the targets, such as sending packets to a target.

Passive sensor

A sensor that is deployed so that it monitors a copy of the actual network traffic.

Passive testing

Nonintrusive security testing primarily involving reviews of documents such as policies, procedures, security requirements, software code, system configurations, and system logs.

Passive wiretapping

The monitoring or recording of data while data is transmitted over a communications link, without altering or affecting the data.

Passphrase

A relatively long password consisting of a series of words, such as a phrase or full sentence.

Password

(1) A protected/private string of letters, numbers, and/or special characters used to authenticate an identity or to authorize access to data and system resources. (2) A secret that a claimant memorizes and uses to authenticate his identity. (3) Passwords are typically character strings (e.g., letters, numbers, and other symbols) used to authenticate an identity or to verify access authorizations. This is a technical and preventive control.

Password authentication protocol (PAP)

A protocol that allows enables peers connected by a Point-to- Point Protocol (PPP) link to authenticate each other using the simple exchange of a user-name and password. It is not a secure protocol because it transmits data in a plaintext.

Password cracker

An application testing for passwords that can be easily guessed such as words in the dictionary or simple strings of characters (e.g., “abcdefgh” or “qwertyuiop”).

Password cracking

The process of recovering secret passwords stored in a computer system or transmitted over a network.

Password protected

(1) The ability to protect a file using a password access control, protecting the data contents from being viewed with the appropriate viewer unless the proper password is entered. (2) The ability to protect the contents of a file or device from being accessed until the correct password is entered.

Password synchronization