Читаем CISSP Practice полностью

(1) It is used for highly confidential data transmission. (2) It is an Internet Protocol (IP) connection between two sites over a public IP network so that only source and destination nodes can decrypt the traffic packets. (3) A means by which certain authorized individuals (such as remote employees) can gain secure access to an organization’s intranet by means of an extranet (a part of the internal network that is accessible via the Internet). (4) A tunnel that connects the teleworker’s computer to the organization’s network. (5) A virtual network, built on top of an existing physical network that provides a secure communications tunnel for data and other information transmitted between networks. (6) VPN is used to securely connect two networks or a network and a client system, over an insecure network such as the Internet. (7) A VPN typically employs encryption to secure the connection. (8) It is a protected information system link utilizing tunneling, security controls, and endpoint address translation giving the impression of a dedicated (leased) line. (9) A VPN is a logical network that is established, at the application layer of the open systems interconnection (OSI) model, over an existing physical network and typically does not include every node present on the physical network. Authorized users are granted access to the logical network. For example, there are a number of systems that enable one to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Virtual (pure-play) organizations

Organizations that conduct their business activities solely online through the Internet.

Virtualization

The simulation of the software and/or hardware upon which other software runs using virtual machine. It allows organizations to reduce costs by running multiple Web servers on a single host computer and by providing a mechanism for quickly responding to attacks against a Web server. There are several concepts in virtualization such as application virtualization, bare metal (native) virtualization, full virtualization, hosted virtualization, operating system virtualization, para-virtualization, and tape virtualization.

Virus

(1) It is a self-replicating computer program that runs and spreads by modifying other programs or files. (2) It is a malware computer program form that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use e-mail programs to spread itself to other computers, or even erase everything on a hard disk. It is similar to a Trojan horse insofar as it is a program that hides within a program or data file and performs some unwanted function when activated. The main difference is that a virus can replicate by attaching a copy of itself to other programs or files, and may trigger an additional “payload” when specific conditions are met.

Virus hoax

An urgent warning message about a nonexistent virus.

Virus signature

Alternations to files or applications indicating the presence of a virus, detectable by virus scanning software.

Virus trigger

A condition that causes a virus payload to be executed, usually occurring through user interaction (e.g., opening a file, running a program, and clicking on an e-mail file attachment).

Voice over Internet Protocol (VoIP)

It is the transmission of voice over packet-switched IP networks used in traditional telephone handsets, conferencing units, and mobile units.

Volatile memory

Memory that loses its content when power is turned off or lost.

Volatile security controls

Measure how frequently a control is likely to change over time subsequent to its implementation. These controls should be assessed and monitored more frequently, and examples include configuration management family (for example, configuration settings, software patches, and system component inventory). This is because system configurations experience high rates of change, and unauthorized or unanalyzed changes in the system configuration often render the system vulnerable to exploits.

Volume encryption

The process of encrypting an entire volume, which is a logical unit of storage composing a file system, and permitting access to the data on the volume only after proper authentication is provided.

Vulnerability