1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 314
Выбрать главу

Hardware tokens

Hardware tokens (also called hard tokens or eTokens) are devices with computing capability integrated into the device.

Hash algorithm

Algorithm that creates a hash based on a message.

Hash-based message authentication code (HMAC)

(1) A symmetric key authentication method using hash function. (2) A message authentication code (MAC) that uses a cryptographic key in conjunction with a hash function. (3) A MAC that utilizes a keyed hash.

Hash code

The string of bits that is the output of a hash function.

Hash function

A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties: (1) one-way states that it is computationally infeasible to find any input that maps to any pre-specified output, and (2) collision resistant states that it is computationally infeasible to find any two distinct inputs that map to the same output. The hash function may be used to produce a checksum, called a hash value or message digest, for a potentially long string or message.

Hash total

The use of specific mathematical formulae to produce a quantity (often appended to and) used as a checksum or validation parameter for the data it protects. This is a technical and detective control.

Hash value

(1) The fixed-length bit string produced by a hash function. (2) The result of applying a hash function to information. See message digest.

Hashing

The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data.

Hedging

Taking a position opposite to the exposure or risk. Because they reduce exposures and risks, risk mitigation techniques are examples of hedging.

High assurance guard

An enclave boundary protection device that controls access between a LAN that an enterprise system has a requirement to protect, and an external network that is outside the control of the enterprise system, with a high degree of assurance.

High availability

A failover feature to ensure availability during device or component interruptions.

High-impact system

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a potential impact value of high.

High-level data link control (HDLC) protocol

HDLC is a bit-oriented protocol with frame structure consisting of address, control, data, and checksum (cyclic redundancy code) fields (Tanenbaum).

Hijacking

An attack that occurs during an authenticated session with a database or system. The attacker disables a user’s desktop system, intercepts responses from the application, and responds in ways that probe the session.

Holder-of-key assertion

An assertion that contains a reference to a symmetric key or a public key (corresponding to a private key) possessed by the subscriber. The relying party may require the subscriber to prove their identity.

Honeynet

A network of honeypots designed to attract hackers so that their intrusions can be detected and analyzed, and to study the hackers’ behavior. Organizations should consult their legal counsel before deploying a honeynet for any legal ramifications of monitoring an attacker’s activity.

Honeypot

A fake production system designed with firewalls, routers, Web services, and database servers that looks like a real production system, but acts as a decoy and is studied to see how attackers do their work. It is a host computer that is designed to collect data on suspicious activity and has no authorized users other than security administrators and attackers. Organizations should consult their legal counsel before deploying a honeypot for any legal ramifications of monitoring an attacker’s activity.

Host

(1) Any node that is not a router. (2) Any computer-based system connected to the network and containing the necessary protocol interpreter software to initiate network access and carry out information exchange across the communications network. (3) The term can refer to almost any kind of computer, including a centralized mainframe that is a host to its terminals, a server that is host to its clients, or a desktop personal computer (PC) that is host to its peripherals. In network architectures, a client station (user’s machine) is also considered a host because it is a source of information to the network, in contrast to a device, such as a router or switch that directs traffic. This definition encompasses typical mainframe computers and workstations connected directly to the communications sub-network and executing the inter-computer networking protocols. A terminal is not a host because it does not contain the protocol software needed to perform information exchange. A router or switch is not a host either. A workstation is a host because it does have such capability. Host platforms include operating systems, file systems, and communications stacks.

Host-based firewall

A software-based firewall installed on a server to monitor and control its incoming and outgoing network traffic. Security in host-based firewalls is generally at the application level, rather than at a network level.

Host-based intrusion detection system (IDS)

IDS operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the operating system. Furthermore, unlike network-based IDSs, host-based IDSs can more readily “see” the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks. It is a program that monitors the characteristics of a single host and the events occurring within the host to identify and stop suspicious activity.

Host-based security

The technique of securing an individual system from attack. It is dependent on an operating system and its version.

Host-to-front-end protocol

A set of conventions governing the format and control of data that are passed from a host to a front-end machine.

Hot failover device

Computer systems will have at least one backup mechanism in that when the primary device fails or is taken off-line, the hot failover device comes online and maintains all existing communications sessions; no disruption of communications occurs. This concept can be applied to firewalls.

Hotfix

Microsoft’s term to bundle hotfixes (patches) into service packs for easier and faster installation.

Hot-site

(1) An alternate site with a duplicate IT already set up and running, which is maintained by an organization or its contractor to ensure continuity of service for critical systems in the event of a disaster. (2) A fully operational offsite data processing facility equipped with hardware and system software to be used in the event of a disaster.

Hot spare

A hot spare drive is a physical hot standby drive installed in the RAID disk array that is active and connected but is inactive until an active drive fails. When a key component fails, the hot spare is switched into operation. A hot spare reduces the mean time to recovery (MTTR), thus supporting redundancy and availability. Hot spare requires hot swapping or hot plugging by a human operator (Wikipedia).

~ 314 ~