Читаем CISSP Practice полностью

A Network Management Protocol used with a TCP/IP suite of protocols. SNMP specifies a set of management operations for retrieving and altering information in a management information base, authorization procedures for accessing information base tables, and mappings to lower TCP/IP layers. SNMP (1) is used to manage and control IP gateways and the networks to which they are attached, (2) uses IP directly, bypassing the masking effects of TCP error correction, (3) has direct access to IP datagrams on a network that may be operating abnormally, thus requiring careful management, (4) defines a set of variables that the gateway must store, and (5) specifies that all control operations on the gateway are a side-effect of fetching or storing those data variables (i.e., operations that are analogous to writing commands and reading status). SNMP version 3 should be used because the basic SNMP, SNMP version 1, and SNMP version 2 are not secure.

Simple Object Access Protocol (SOAP)

The Simple Object Access Protocol (SOAP) is an approach for performing remote procedure calls (RPCs) between application programs in a language-independent and system-independent manner. SOAP uses the extensible markup language (XML) for communicating between application programs on heterogeneous platforms. The client constructs a request as an XML message and sends it to the server, using HTTP. The server sends back a reply as an XML-formatted message. SOAP is an XML-based protocol for exchanging structured information in a decentralized, distributed environment. The SOAP has headers and message paths between nodes.

Simple power analysis (SPA) attack

A direct (primarily visual) analysis of patterns of instruction execution (or execution of individual instructions), obtained through monitoring the variations in electrical power consumption of a cryptographic module, for the purpose of revealing the features and implementations of cryptographic algorithms and subsequently the values of cryptographic keys.

Simplicity in security

Security mechanisms and information systems in general should be as simple as possible. Complexity is at the root of many security vulnerabilities and breaches.

Single-hop problem

The security risks resulting from a mobile software agent moving from its home platform to another platform.

Single point-of-failure

A security risk due to concentration of risk in one place, system, process, or with one person. Examples include placement of Web servers and DNS servers, primary telecommunication services, centralized identity management, central certification authority, password synchronization, single sign-on systems, firewalls, Kerberos, converged networks with voice and data, cloud storage services, and system administrators.

Single sign-on (SSO)

A SSO technology allows a user to authenticate once and then access all the resources the user is authorized to use.

Sink tree

A sink tree shows the set of optimal routes from all sources to a given destination, rooted at the destination. The goal of all routing algorithms is to identify and use the sink trees for all routers. A sink tree does not contain any loops so each packet is delivered within a finite and bounded number of hops. A spanning tree uses the sink tree for the router initiating the broadcast. A spanning tree is a subset of the subnet that includes all the routers but does not contain any loops.

Six-sigma

The phrase six-sigma is a statistical term that measures how far a given process deviates from perfection. The central idea behind six-sigma is that if one can measure how many “defects” are in a process, one can systematically figure out how to eliminate them and get as close to zero defects as possible.

Skimming

The unauthorized use of a reader to read tags without the authorization or knowledge of the tag’s owner or the individual in possession of the tag.

Sliding window protocols

Sliding window protocols, which are used to integrate error control and flow, are classified in terms of the size of the sender’s window and the size of the receiver’s window. When the sender’s window and the receiver’s window are equal to 1, the protocol is said to be in the stop-and-wait condition. When the sender’s window is greater than 1, the receiver can either discard all frames or buffer out-of-order frames. Examples of sliding window protocols, which are bit-oriented protocols, include SDLC, HDLC, ADCCP, and LAPB. All these protocols use flag bytes to delimit frames and bit stuffing to prevent flag bytes from occurring in the data. (Tanenbaum)

Smart card