Читаем CISSP Practice полностью

(1) The collection of transmitted voice or data and the sending of that data to a listening device. (2) Cutting in on a communications line to get information. Two types of wiretapping exist: active and passive. Active wiretapping is the attaching of an unauthorized device, such as a computer terminal, to a communications circuit for the purpose of obtaining access to data through the generation of false messages or control signals or by altering the communications of legitimate users. Passive wiretapping is the monitoring and/or recording of data transmitted over a communication link.

Work factor

The amount of work necessary for an attacker to break the system or network should exceed the value that the attacker would gain from a successful compromise.

Workflow Management System (WFMS)

A computerized information system that is responsible for scheduling and synchronizing the various tasks within the workflow, in accordance with specified task dependencies, and for sending each task to the respective processing entity (e.g., Web server or database server). The data resources that a task uses are called work items. WFMS is the basis for work flow policy access control system.

Workflow manager

The sub-component that enables one component to access services on other components to complete its own processing in a service-oriented architecture (SOA). The workflow manager determines which external component services must be executed and manages the order of service execution.

Workstation

(1) A piece of computer hardware operated by a user to perform an application. Provides users with access to the distributed information system or other dedicated systems; input/output via a keyboard and video display terminal; or any method that supplies the user with the required input/output capability. Computer power embodied within the workstation may be used to furnish data processing capability at the user level. (2) A high-powered PC with multifunctions and connected to the host computer.

World Wide Web (WWW)

A system of Internet hosts that support documents formatted in HTML, which contains links to other documents (hyperlinks), and to audio and graphics images. Users can access the Web with special applications called browsers (e.g., Netscape and Internet Explorer).

Worm

A self-replicating and self-contained program that propagates (spreads) itself through a network into other computer systems without requiring a host program or any user intervention to replicate.

Write

A fundamental operation that results only in the flow of information from a subject to an object.

Write access

Permission to write an object.

Write blocker

A device that allows investigators to examine media while preventing data writes from occurring on the subject media.

Write protection

Hardware or software methods of preventing data from being written to a disk or other medium.

X

X3.93

Used for data encryption algorithm (All standards starting with X belong to International Organization for Standards ISO).

X9.9

Used for message authentication.

X9.17

Used for cryptographic key management (Financial Institution Key Management).

X9.30

Used for digital signature algorithm (DSA) and the secure hash algorithm (SHA-1).

X9.31

Used for rDSA signature algorithm.

X9.42

Used for agreement of symmetric keys using discrete logarithm cryptography.

X9.44

Used for the transport of symmetric algorithm keys using reversible public key cryptography.

X9.52

Used for triple data encryption algorithm (TDEA).

X9.62

Used for elliptic curve digital signature algorithm.

X9.63

Used for key agreement and key transport using elliptic curve-based cryptography.

X9.66

Used for cryptography device security.

X12

Defines EDI standards for many U.S. industries (e.g., healthcare and insurance).

X.21

Defines the interface between terminal equipment and public data networks.

X.25

A standard for the network and data link levels of a communications network. It is a WAN protocol.

X.75

A standard that defines ways of connecting two X.25 networks.

X.121

Network user address used in X.25 communications.

X.400

Used in e-mail as a message handling protocol for reformatting and sending e-mails.

X.500

A standard protocol used in electronic directory services.

X.509

A standard protocol used in digital certificates and defines the format of a public key certificate.

X.800

Used as a network security standard.

X. 509 certificate