1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 323
Выбрать главу

Logical protection

Protection against unauthorized access (including unauthorized use, modification, substitution, and disclosure in the case of credentials service providers (CSPs) by means of the module software interface (MSI) under operating system control. The MSI is a set of commands used to request the services of the module, including parameters that enter or leave the module’s cryptographic boundary as part of the requested service. Logical protection of software sensitive security parameters (SSPs) does not protect against physical tampering. SSP includes critical security parameters and public security parameters.

Logical record

Collection of one or more data item values as viewed by the user.

Logical system definition

The planning of an automated information system prior to its detailed design. This would include the synthesis of a network of logical elements that perform specific functions.

Loop testing

It is an example of white-box testing technique that focuses exclusively on the validity of loop constructs. Unstructured loops should e redesigned to reflect the use of structured programming constructs because they are difficult and time-consuming to test.

Low-impact system

An information system in which all three security objectives (i.e., confidentiality, integrity, or availability) are assigned a potential impact value of low.

M

Machine types

(1) A real machine is the physical computer in a virtual machine environment. A real-time system is a computer and/or software that reacts to events before the events become obsolete. For example, airline collision avoidance systems must process radar input, detect a possible collision, and warn air traffic controllers or pilots while they still have time to react. (2) A virtual machine is a functional simulation of a computer and its associated devices, including an operating system. (3) Multi-user machines have at least two execution states or modes of operation: privileged and unprivileged. The execution state must be maintained in such a way that it is protected from the actions of untrusted users. Some common privileged domains are those referred to as: executive, master, system, kernel, or supervisor, modes; unprivileged domains are sometimes called user, application, or problem states. In a two-state machine, processes running in a privileged domain may execute any machine instruction and access any location in memory. Processes running in the unprivileged domain are prevented from executing certain machine instructions and accessing certain areas of memory. Examples of machines include Turing, Mealy, and Moore machines.

Macro virus

(1) A specific type of computer virus that is encoded as a macro embedded in some document and activated when the document is handled. (2) A virus that attaches itself to application documents, such as word processing files and spreadsheets, and uses the application’s macro-programming language to execute and propagate.

Magnetic remanence

A measure of the magnetic flux density remaining after removal of the applied magnetic force. It refers to any data remaining on magnetic storage media after removal of the electrical power.

Mail server

A host that provides “electronic post office” facilities. It stores incoming mail for distribution to users and forwards outgoing mail. The term may refer to just the application that performs this service, which can reside on a machine with other services. This term also refers to the entire host including the mail server application, the host operating system, and the supporting hardware. Mail server administrators are system architects responsible for the overall design and implementation of mail servers.

Mail transfer agent (MTA)

A program running on a mail server that receives messages from mail user agents (MUAs) or other MTAs and either forwards them to another MTA or, if the recipient is on the MTA, delivers the message to the local delivery agent (LDA) for delivery to the recipient (e.g., Microsoft Exchange).

Mail user agent (MUA)

A mail client application used by an end user to access a mail server to read, compose, and send e-mail messages (e.g., Microsoft Outlook).

Mailbombing

Flooding a site with enough mail to overwhelm its electronic mail (e-mail) system. Used to hide or prevent receipt of e-mail during an attack, or as retaliation against a website.

Main mode

Mode used in IPsec phase 1 to negotiate the establishment of an Internet key exchange security association (IKESA) through three pairs of messages.

Maintainability

The effort required locating and fixing an error in an operational program or the effort required to modify an operational program (flexibility).

Maintenance hook

Special instructions in software to allow easy maintenance and additional feature development. These are not clearly defined during access for design specification. Hooks frequently allow entry into the code at unusual points or without the usual checks, so they are a serious security risk if they are not removed prior to live implementation. Maintenance hooks are special types of trapdoors.

Major application

An application that requires special attention to security because of the risk and magnitude of the harm resulting from the loss, misuse, or unauthorized access to, or modification of, the information in the application. A breach in a major application might comprise many individual application programs and hardware, software, and telecommunications components. Major applications can be either a major application system or a combination of hardware and software in which the only purpose of the system is to support a specific mission-related function.

Malicious code

(1) Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. (2) A program that is written intentionally to carry out annoying or harmful actions, which includes viruses, worms, Trojan horses, or other code-based entity that successfully infects a host. Same as malware.

Malicious code attacks

Malicious code attackers use an attack-in-depth strategy to carry out their goal of attacking with programs written intentionally to cause harm or destruction.

Malicious mobile code

Software that is transmitted from a remote system to be executed on a local system, typically without the user’s explicit instruction. It is growing with the increased use of Web browsers. Many websites use mobile code to add legitimate functionality, including Active X, JavaScript, and Java. Unfortunately, although it was initially designed to be secure, mobile code has vulnerabilities that allow entities to create malicious programs. Users can infect their computers with malicious mobile code (e.g., a Trojan horse program that transmits information from the user’s PC) just by visiting a website.

Malware

A computer program that is covertly placed onto a computer with the intent to compromise the privacy, accuracy, confidentiality, integrity, availability, or reliability of the victim’s data, applications, or operating system, or otherwise annoying or disrupting the victim. Common types of malware threats include viruses, worms, malicious mobile code, Trojan horses, rootkits, spyware, freeware, shareware, and some forms of adware programs.

Malware signature

A set of characteristics of known malware instances that can be used to identify known malware and some new variants of known malware.

~ 323 ~