Читаем CISSP Practice полностью

Weakly bound credentials (e.g., unencrypted password files) require additional integrity protection or access controls to ensure that unauthorized parties cannot spoof and/or tamper with the binding of the identity to the token representation within the credential.

Weakness

A piece of code that may lead to vulnerability.

Weakness suppression system

A feature that permits the user to a flag a line of code not to be reported by the tool in subsequent scans.

Web 2.0

The second-generation of Internet-based services that let people collaborate and create information online in new ways, such as social networking sites, wikis, and communication tools.

Web administrator

The Web equivalent of a system administrator. Web administrators are system architects responsible for the overall design, implementation, and maintenance of a Web server. They may or may not be responsible for Web content, which is traditionally the purview of the Webmaster.

Web-based threats

Examples include security assertions markup language (SAML) threats and extensible markup language (XML) threats. Examples of SAML threats include assertion manufacture, modification, disclosure, repudiation, redirect, reuse, and substitution. Examples of XML threats include dictionary attacks, DoS attacks, SQL command injection attacks, confidentiality and integrity attacks, and XML injection attacks.

Web browser

Client software used to view Web content, which includes the graphical user interface (GUI), MIME helper applications, language and byte code Java interpreters, and other similar program components.

Web browser plug-in

A mechanism for displaying or executing certain types of content through a Web browser.

Web bug

(1) A tiny image, invisible to a user, placed on Web pages in such a way to enable third parties to track use of Web servers and collect information about the user, including IP address, host name, browser type and version, operating system name and version, and Web browser cookies. (2) It is a tiny graphic on a website that is referenced within the hypertext markup language (HTML) content of a Web page or e-mail to collect information about the user viewing the HTML content.

Web content filtering software

A program that prevents access to undesirable websites, typically by comparing a requested website address to a list of known bad websites with the help of blacklists.

Web documents

Forms and interactive Web pages are created using hypertext markup language (HTML). XML can replace HTML.

Webmaster

A person responsible for the implementation of a website. Webmasters must be proficient in hypertext markup language (HTML) and one or more scripting and interface languages, such as JavaScript and Perl. They may or may not be responsible for the underlying server, which is traditionally the responsibility of the Web server administrator.

Web mining

Data mining techniques for discovering and extracting information from Web documents. Web mining explores both Web content and Web usage.

Web-oriented architecture (WOA)

A set of Web protocols (e.g., HTTP and plain XML) to provide dynamic, scalable, and interoperable Web services.

Web portal

Provides a single point of entry into the service-oriented architecture (SOA) for requester entities, enabling them to access Web services transparently from any device at virtually any location.

Web server

A computer that provides World Wide Web (WWW) services on the Internet. It includes the hardware, operating system, Web server software, transmission control protocol/Internet protocol (TCP/IP), and the website content (Web pages). If the Web server is used internally and not by the public, it may be known as an “intranet server.”

Web server administrator

The Web server equivalent of a system administrator. Web server administrators are system architects responsible for the overall design, implementation, and maintenance of Web servers. They may or may not be responsible for Web content, which is traditionally the responsibility of the Webmaster.

Web service

A software component or system designed to support interoperable machine or application-oriented interaction over a network. A Web service has an interface described in a machine-processable format (specifically services description language WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP messages, typically conveyed using HTTP with an XML serialization in conjunction with other Web-related standards.

Web service interoperability (WS-I) basic profile

A set of standards and clarifications to standards that vendors must follow for basic interoperability with SOAP products.