Читаем CISSP Practice полностью

The ability of a computer system to continue to function correctly despite the existence of a fault or faults in one or more of its component parts.

System security plan

Formal document that provides an overview of the security requirements for the information system and describes the security controls in place or planned for meeting those requirements.

System-specific control

A security control for an information system that has not been designated as a common security control or the portion of a hybrid control that is to be implemented within an information system.

Systems engineering

The systematic application of technical and managerial processes and concepts to transform an operational need into an efficient, cost-effective system using an iterative approach to define, analyze, design, build, test, and evaluate the system.

Systems software

(1) A major category of programs used to control the computer and process other programs, such as secure operating systems, communications control programs, and database managers. (2) Contrasts with applications software, which comprises the data entry, update, query, and report programs that process an organization’s data. (3) The operating system and accompanying utility programs that enable a user to control, configure, and maintain the computer system, software, and data.

System transparency

Transparency is the ability to simplify the task of developing management applications, hiding distribution details. There are different aspects of transparency such as access failure, location, migration replication, and transaction. Transparency means the network components or segments cannot be seen by insiders and outsiders and that actions of one user group cannot be observed by other user groups. It is achieved through process isolation and hardware segmentation concepts.

Switches

Switches, in the form of routers, interconnect when the systems forming one workgroup are physically separated from the systems forming other workgroups. For example, Ethernet switches establish a data link in which a circuit or a channel is connected to an Ethernet network. Switches and bridges are used to interconnect different LANs. A switch operates in the Data Link Layer of the ISO/OSI reference model.

T

T- lines

High-speed data lines leased from communications providers such as T-1 lines.

Tailgating

Same as piggybacking.

Tailored security control baseline

A set of security controls resulting from the application of tailoring guidance to the security control baseline. Tailoring is the process by which a security control baseline is modified based on (1) the application of scoping guidance; (2) the specification of compensating security controls, if needed; and (3) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements. In other words, the tailoring process modifies or aligns the baseline controls to fit the system conditions.

Tainted input

Input data that has not been examined or sanitized prior to use by an application.

Tamper

Unauthorized modification that alters the proper functioning of cryptographic or automated information system security equipment in a manner that degrades the security or functionality it provides.

Tamper detection

The automatic determination by a cryptographic module that an attempt has been made to compromise the physical security of the module.

Tamper evidence

The external indication that an attempt has been made to compromise the physical security of a cryptographic module. The evidence of the tamper attempt should be observable by an operator subsequent to the attempt.

Tamper response

The automatic action taken by a cryptographic module when a tamper attempt has been detected.

Tandem computing Tandem computers use single point tolerance system to create nonstop systems with uptimes measured in years. Single point tolerance means single backup where broken parts can be swapped out with new ones while the system is still operational (that is, hot swapping). The single point tolerant systems should have high mean time between failures (MTBF) and low mean time to repair (MTTR) before the backup fails (Wikipedia).

Tap

An analog device that permits signals to be inserted or removed from a twisted pair or coax cable.

Target of evaluation (TOE)