1、 773 2004,CRC Press LLC.All rights reserved.Appendix A Glossary Abend:The abnormal termination of a computer application or job be-cause of a non-system condition or failure that causes a program tohalt.Abstraction:The process of identifying the characteristics that distin-guish a collection of simi
2、lar objects;the result of the process ofabstraction is a type.Acceptable Use Policy(AUP):A definition of what is acceptable onlinebehavior,and what is not.Acceptance Testing:The formal testing conducted to determine whethera software system satisfies its acceptance criteria,enabling the cus-tomer to
3、 determine whether to accept the system.Access:The ability of a subject to view,change,or communicate with anobject.Typically,access involves a flow of information between thesubject and the object.Access Control:The process of allowing only authorized users,programs,or other computer system(i.e.,ne
4、tworks)to access the resourcesof a computer system.Access Control List(ACL):Most network security systems operate by al-lowing selective use of service.An Access Control List is the usualmeans by which access to,and denial of,service is controlled.It issimply a list of the services available,each wi
5、th a list of the hostspermitted to use the services.Access Control Mechanisms:Hardware,software,or firmware featuresand operating and management procedures in various combinationsdesigned to detect and prevent unauthorized access and to permitauthorized access to a computer system.Access Period:A se
6、gment of time,generally expressed on a daily or week-ly basis,during which access rights prevail.Access Type:The nature of access granted to a particular device,pro-gram,or file(e.g.,read,write,execute,append,modify,delete,orcreate).Accountability:A security principle stating that individuals must b
7、e ableto be identified.With accountability,violations or attempted viola-tions can be traced to individuals who can be held responsible fortheir actions.AU1707_A01.fm Page 773 Tuesday,November 4,2003 1:36 PM 774 OFFICIAL(ISC)2 GUIDE TO THE CISSP EXAM Accreditation:A program whereby a laboratory demo
8、nstrates that some-thing is operating under accepted standards to ensure qualityassurance.Acknowledgment(ACK):A type of message sent to indicate that a blockof data arrived at its destination without error.A negative acknowl-edgment is called a“NAK.”Active Object:An object that has its own process;t
9、he process must beongoing while the active object exists.Active Wiretapping:The attachment of an unauthorized device(e.g.,acomputer terminal)to a communications circuit to gain access todata by generating false messages or control signals or by alteringthe communications of legitimate users.ActiveX:
10、Microsofts Windows-specific non-Java technique for writing ap-plets.ActiveX applets take considerably longer to download than theequivalent Java applets;however,they more fully exploit the featuresof Windows.ActiveX is sometimes said to be a“superset of Java.”Ada:A programming language that allows u
11、se of structured techniquesfor program design;concise but powerful language designed to fillgovernment requirements for real-time applications.Add-On Security:The retrofitting of protection mechanisms,implement-ed by hardware,firmware,or software,on a computer system thathas become operational.Addre
12、ss:(1)A sequence of bits or characters that identifies the destina-tion and sometimes the source of a transmission.(2)An identification(e.g.,number,name,or label)for a location in which data is stored.Address Mapping:The process by which an alphabetic Internet addressis converted into a numeric IP a
13、ddress,and vice versa.Address Mask:A bit mask used to identify which bits in an IP addresscorrespond to the network address and subnet portions of the ad-dress.This mask is often referred to as the subnet mask because thenetwork portion of the address can be determined by the class in-herent in an I
14、P address.The address mask has ones in positionscorresponding to the network and subnet numbers and zeros in thehost number positions.Address Resolution:A means for mapping network layer addresses ontomedia-specific addresses.Address Resolution Protocol(ARP):The Internet protocol used to dy-namicall
15、y map Internet addresses to physical(hardware)addresseson the local area network.Limited to networks that support hardwarebroadcast.Administrative Security:The management constraints,operational pro-cedures,accountability procedures,and supplemental controls es-tablished to provide an acceptable lev
16、el of protection for sensitivedata.AU1707_A01.fm Page 774 Tuesday,November 4,2003 1:36 PM 775 Glossary Agent:In the client/server model,the part of the system that performsinformation preparation and exchange on behalf of a client or serverapplication.Aggregation:A relation,such as CONSISTS OF or CO
17、NTAINS betweentypes that defines the composition of a type from other types.Aging:The identification,by date,of unprocessed or retained items in afile.This is usually done by date of transaction,classifying itemsaccording to ranges of data.Algorithm:A computing procedure designed to perform a task s
18、uch asencryption,compressing,or hashing.Aliases:Used to reroute browser requests from one URL to another.American National Standards Institute(ANSI):The agency that recom-mends standards for computer hardware,software,and firmwaredesign and use.American Registry for Internet Numbers(ARIN):A nonprofi
19、t organiza-tion established for the purpose of administration and registrationof Internet Protocol(IP)numbers to the geographical areas currentlymanaged by Network Solutions(InterNIC).Those areas include,butare not limited to North America,South America,South Africa,andthe Caribbean.American Standar
20、d Code for Information Interchange(ASCII):A byte-oriented coding system based on an 8-bit code and used primarilyto format information for transfer in a data communicationsenvironment.Amplitude Modulation(AM):The technique of varying the amplitude orwavelength of a carrier wave in direct proportion
21、to the strength ofthe input signal while maintaining a constant frequency and phase.Analog:A voice transmission mode that is not digital in which informationis transmitted in its original form by converting it to a continuouslyvariable electrical signal.Analysis and Design Phase:The phase of the sys
22、tems development lifecycle in which an existing system is studied in detail and its func-tional specifications are generated.Annual Loss Expectancy(ALE):In risk assessment,the average monetaryvalue of losses per year.Anonymous FTP:A type of FTP that allows a user to log on to a remotehost,which the
23、user would otherwise not have access to,to down-load files.ANSI:See American National Standards Institute.Applet:A small Java program embedded in an HTML document.Application:Computer software used to perform a distinct function.Alsoused to describe the function itself.Application Layer:The top-most
24、 layer in the OSI Reference Model provid-ing such communication service is invoked through a softwarepackage.AU1707_A01.fm Page 775 Tuesday,November 4,2003 1:36 PM 776 OFFICIAL(ISC)2 GUIDE TO THE CISSP EXAM Application Objects:Applications and their components that are man-aged within an object-orie
25、nted system.Example operations on suchobjects are OPEN,INSTALL,MOVE,and REMOVE.Application Program Interface(API):A set of calling conventions defin-ing how a service is invoked through a software package.Architecture:The structure or ordering of components in a computationalor other system.The clas
26、ses and the interrelation of the classesdefine the architecture of a particular application.At another level,the architecture of a system is determined by the arrangement of thehardware and software components.The terms“logical architecture”and“physical architecture”are often used to emphasize this
27、distinc-tion.Array:Consecutive storage areas in memory that are identified by thesame name.The elements(or groups)within these storage areas areaccessed through subscripts.Artificial Intelligence(Al):A field of study involving techniques andmethods under which computers can simulate such human intel
28、lec-tual activities as learning.Assembler Language:A computer programming language in which alpha-numeric symbols represent computer operations and memory ad-dresses.Each assembler instruction translates into a single machinelanguage instruction.Assembler Program:A program language translator that c
29、onverts assem-bler language into machine code.Asynchronous:A variable or random time interval between successivecharacters,blocks,operations,or events.Asynchronous data trans-mission provides variable intercharacter time but fixed interbit timewithin characters.Asynchronous Transfer Mode(ATM):A tran
30、sfer mode in which data istransmitted in the form of 53-byte units called cells.Each cell consistsof a 5-byte header and a 48-byte payload.The term“asynchronous”in this context refers to the fact that cells from any one particularsource need not be periodically spaced within the overall cell stream.
31、That is,users are not assigned a set position in a recurring frame asis common in circuit switching.Atomicity:The assurance that an operation either changes the state ofall participating objects consistent with the semantics of the opera-tion or changes none at all.Attribute:A characteristic defined
32、 for a class.Attributes are used to main-tain the state of the object of a class.Values can be connected toobjects via the attributes of the class.Typically,the connected valueis determined by an operation with a single parameter identifyingthe object.Attributes implement the properties of a type.Au
33、dit:An independent review and examination of system records andactivities that test for the adequacy of system controls,ensure AU1707_A01.fm Page 776 Tuesday,November 4,2003 1:36 PM 777 Glossary compliance with established policy and operational procedures,andrecommend any indicated changes in contr
34、ols,policy,and proce-dures.Audit trail:A chronological record of system activities that is sufficientto enable the reconstruction,review,and examination of each eventin a transaction from inception to output of final results.Authentication:The act of identifying or verifying the eligibility of a sta
35、-tion,originator,or individual to access specific categories of infor-mation.Typically,a measure designed to protect against fraudulenttransmissions by establishing the validity of a transmission,message,station,or originator.Authorization:The granting of right of access to a user,program,orprocess.
36、Backbone:The primary connectivity mechanism of a hierarchical distrib-uted system.All systems that have connectivity to an intermediatesystem on the backbone are assured of connectivity to each other.Backoff:The(usually random)retransmission delay enforced by conten-tious MAC protocols after a netwo
37、rk node with data to transmitdetermines that the physical medium is already in use.Backup and Recovery:The ability to recreate current master files usingappropriate prior master records and transactions.Backup Procedures:Provisions make for the recovery of data files andprogram libraries and for the
38、 restart or replacement of computerequipment after the occurrence of a system failure or disaster.Bandwidth:Difference between the highest and lowest frequencies avail-able for network signals.The term is also used to describe the ratedthroughput capacity of a given network medium or protocol.Baseba
39、nd:Characteristic of any network technology that uses a singlecarrier frequency and requires all stations attached to the networkto participate in every transmission.See broadband.BCP:The newest subseries of RFCs that are written to describe BestCurrent Practices in the Internet.Rather than specify
40、the best waysto use the protocols and the best ways to configure options to ensureinteroperability between various vendors products,BCPs carry theendorsement of the IESG.Between-the-Lines Entry:Access obtained through the use of active wire-tapping by an unauthorized user to a momentarily inactive t
41、erminalof a legitimate user assigned to a communications channel.BIOS:The BIOS is built-in software that determines what a computer cando without accessing programs from a disk.On PCs,the BIOS con-tains all the code required to control the keyboard,display screen,disk drives,serial communications,an
42、d a number of miscellaneousfunctions.Bit:A binary value represented by an electronic component that has avalue of 0 or 1.AU1707_A01.fm Page 777 Tuesday,November 4,2003 1:36 PM 778 OFFICIAL(ISC)2 GUIDE TO THE CISSP EXAM Bit Error Rate(BER):The probability that a particular bit will have thewrong valu
43、e.Bit Map:A specialized form of an index indicating the existence or non-existence of a condition for a group of blocks or records.Althoughthey are expensive to build and maintain,they provide very fastcomparison and access facilities.Bit Mask:A pattern of binary values that is combined with some va
44、lueusing bitwise AND with the result that bits in the value in positionswhere the mask is zero are also set to zero.Bit Rate:This is the speed at which bits are transmitted on a circuit,usually expressed in bits per second.Block Cipher:A method of encrypting text to produce ciphertext in whicha cryp
45、tographic key and algorithm are applied to a block of data asa group instead of one bit at a time.Body:One of four possible components of a message.Other componentsare the headings,attachment,and the envelope.Bounds Checking:The testing of computer program results for accessto storage outside of its
46、 authorized limits.Bridge:A device that connects two or more physical networks and for-wards packets between them.Bridges can usually be made to filterpackets,that is,to forward only certain traffic.Broadband:Characteristic of any network that multiplexes multiple,in-dependent network carriers onto
47、a single cable.Broadband technol-ogy allows several networks to coexist on one single cable;trafficfrom one network does not interfere with traffic from another be-cause the conversations happen on different frequencies in the“ether,”rather like the commercial radio system.Broadcast:A packet deliver
48、y system where a copy of a given packet isgiven to all hosts attached to the network.Example:Ethernet.Broadcast Storm:A condition that can occur on broadcast type networkssuch as Ethernet.This can happen for a number of reasons,rangingfrom hardware malfunction to configuration error and bandwidthsat
49、uration.Brouter:A concatenation of“bridge”and“router.”Used to refer to devicesthat perform both bridging and routing.Browser:Short for Web browser,a software application used to locate anddisplay Web pages.The two most popular browsers are NetscapeNavigator and Microsoft Internet Explorer.Both of th
50、ese are graphicalbrowsers,which means that they can display graphics as well as text.In addition,most modern browsers can present multimedia informa-tion,including sound and video,although they require plug-ins forsome formats.Browsing:The searching of computer storage to locate or acquire infor-mat
