Читаем CISSP Practice полностью

(1) A password consisting only of decimal digits. (2) A secret that a claimant memorizes and uses to authenticate his identity.

Personal identity verification (PIV) card

A physical artifact (e.g., identity card and smart card) issued to an individual that contains stored identity credentials (e.g., photograph, cryptographic keys, and digitized fingerprint representation) such that the claimed identity of the cardholder can be verified against the stored credentials by another person (human readable and verifiable) or an automated process (computer readable and verifiable).

Penetration

The successful act of bypassing the security mechanisms of a system.

Penetration signature

The characteristics or identifying marks produced by a penetration.

Penetration study

A study to determine the feasibility and methods for defeating system controls.

Penetration testing

(1) A test methodology in which assessors, using all available documentation (e.g., system design, source code, and manuals) and working under specific constraints, attempt to circumvent or defeat the security features of an information system. (2) Security testing in which evaluators mimic real-world attacks in an attempt to identify ways to circumvent the security features of an application, system, or network. Penetration testing often involves issuing real attacks on real systems and data, using the same tools and techniques used by actual attackers. Most penetration tests involve looking for combinations of vulnerabilities on a single system or multiple systems that can be used to gain more access than could be achieved through a single vulnerability.

Per-call key

A unique traffic encryption key is generated automatically by certain secure telecommunications systems to secure single voice or data transmissions.

Perfect forward secrecy

An option available during quick mode that causes a new-shared secret to be created through a Diffie-Hellman exchange for each IPsec SA (security association).

Perimeter

A boundary within which security controls are applied to protect assets. A security perimeter typically includes a security kernel, some trusted-code facilities, hardware, and possibly some communications channels.

Perimeter-based security

The technique of securing a network by controlling access to all entry and exit points of the network.

Perimeter protection (logical)

The security controls such as e-mail gateways, proxy servers, and firewalls provide logical access perimeter security controls, and they act as the first line-of-defense.

Perimeter protection (physical)

The objective of physical perimeter or boundary protection is to deter trespassing and to funnel employees, visitors, and the public to selected entrances. Gates and security guards provide the perimeter protection.

Permissions

A description of the type of authorized interactions (such as read, write, execute, add, modify, and delete) that a subject can have with an object.

Personal-area network (PAN)

It is used by an individual or in a home-based business connecting desktop PC, laptop PC, notebook PC, and PDA with a mouse, keyboard, and printer.

Personal computer (PC)

A desktop or laptop computer running a standard PC operating system (e.g., Windows Vista, Windows XP, Linux/UNIX, and Mac OS X).

Personal firewall

A software-based firewall installed on a desktop or laptop computer to monitor and control its incoming and outgoing network traffic, and which blocks communications that are unwanted.

Personal firewall appliance

A device that performs functions similar to a personal firewall for a group of computers on a home network.

Personnel screening

A protective measure applied to determine that an individual’s access to sensitive, unclassified automated information is admissible. The need for and extent of a screening process are normally based on an assessment of risk, cost, benefit, and feasibility as well as other protective measures in place. Effective screening processes are applied in such a way as to allow a range of implementation, from minimal procedures to more stringent procedures commensurate with the sensitivity of the data to be accessed and the magnitude of harm or loss that could be caused by the individual. This is a management and preventive control.

Personnel security