2025CISSP認(rèn)證考試指南AIO術(shù)語表_第1頁
2025CISSP認(rèn)證考試指南AIO術(shù)語表_第2頁
2025CISSP認(rèn)證考試指南AIO術(shù)語表_第3頁
2025CISSP認(rèn)證考試指南AIO術(shù)語表_第4頁
2025CISSP認(rèn)證考試指南AIO術(shù)語表_第5頁
已閱讀5頁,還剩35頁未讀, 繼續(xù)免費(fèi)閱讀

付費(fèi)下載

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡介

(AIO目錄(AIO 11.1. 71.1.1.access 71.1.2.accesscontrol 71.1.3.accesscontrollistACL) 81.1.4.accesscontrolmechanism 81.1.5.accountability 81.1.6.accredited 91.1.7.add-onsecurity 91.1.8.administrativecontrols 91.1.9.aggregation 91.1.10.AICtriadAIC 93 91.1.11.annualizedlossexpectancyALE) 91.1.12.antimalware 91.1.13.annualizedrateofoccurrenceARO) 101.1.14.assurance 101.1.15.attack 101.1.16.audittrail 101.1.17.authenticate 101.1.18.authorization 101.1.19.availability 101.2. 111.2.1.backdoor 111.2.2.backup 111.2.3.baseline 111.2.4.Bell-LaPadulamodelBell-LaPadula 111.2.5.BibamodelBiba 111.2.6.biometrics 111.2.7.blacklist 121.2.8.browsing 121.2.9.brute-forceattack 121.2.10.businessimpactanalysisBIA)業(yè)務(wù)影響分析 121.3. 121.3.1.callback 121.3.2.capability 121.3.3.capabilitymaturitymodelintegration(CMMI)能力成熟 131.3.4.certification 131.3.5.challenge/responsemethod 131.3.6.ciphertext 131.3.7.Clark-WilsonmodelClark-Wilson 131.3.8.classification 131.3.9.cleartext 131.3.10.cloudcomputing 141.3.11.collusion 141.3.12.communicationssecurity 141.3.13.compartment 141.3.14.compensatingcontrols 141.3.15.compromise 141.3.16.computerfraud 141.3.17.confidentiality 141.3.18.configurationmanagement 151.3.19.confinement 151.3.20.contingencyplan 151.3.21.controlzone 151.3.22.copyright 151.3.23.cost/benefitanalysis成本/ 151.3.24.countermeasure 151.3.25.covertchannel 161.3.26.covertstoragechannel 161.3.27.coverttimingchannel 161.3.28.cryptanalysis 161.3.29.cryptography 161.3.30.cryptology 161.3.31.cryptosystem 161.4. 171.4.1.dataatrest 171.4.2.dataclassification 171.4.3.datacustodian 171.4.4.DataEncryptionStandardDES) 171.4.5.dataintransit(ordatainmotion)傳輸中的數(shù)據(jù)(運(yùn)動(dòng) 171.4.6.datainuse 171.4.7.dataleakprevention(DLP)數(shù)據(jù)泄露防護(hù) 171.4.8.datamining 181.4.9.dataremanence 181.4.10.datawarehousing 181.4.11.databaseshadowing 181.4.12.declassification 181.4.13.dedicatedsecuritymode 181.4.14.degauss 181.4.15.DelphitechniqueDelphi 181.4.16.denialofserviceDoS) 191.4.17.DevOps 191.4.18.dial-up 191.4.19.dictionaryattack 191.4.20.digitalsignature 191.4.21.disasterrecoveryplan 191.4.22.discretionaryaccesscontrolDAC) 191.4.23.DistributedNetworkProtocol3(DNP3)分布式網(wǎng)絡(luò)協(xié)3(DNP3) 201.4.24.domain 201.4.25.duecare 201.4.26.duediligence 201.5. 201.5.1.electronicdiscoverye-discovery)電子發(fā)現(xiàn)(e- 201.5.2.electronicvaulting 201.5.3.emanations 201.5.4.encryption 211.5.5.end-to-endencryption 211.5.6.exposure 211.5.7.exposurefactor 211.6. 211.6.1.failover 211.6.2.fail-safe 211.6.3.FibreChanneloverEthernet(FCoE)光纖通道以太網(wǎng) 211.6.4.firmware 221.6.5.formalsecuritypolicymodel 221.6.6.formalverification 221.7. 221.7.1.gateway 221.7.2.guideline 221.8. 221.8.1.handshakingprocedure 221.8.2.honeynet 231.8.3.honeypot 231.9. 231.9.1.identification 231.9.2.inference 231.9.3.informationowner 231.9.4.IntegratedProductTeamIPT)集成產(chǎn)品開發(fā)團(tuán)隊(duì) 231.9.5.integrity 231.9.6.InternetSmallComputerSystemInterfaceiSCSI)互聯(lián)網(wǎng) 241.9.7.intrusiondetectionsystem(IDS) 241.9.8.isolation 241.10. 241.10.1.kernel 241.10.2.key 241.10.3.keystrokemonitoring 241.11. 251.11.1.lattice-basedaccesscontrolmodel 251.11.2.leastprivilege 251.11.3.life-cycleassurance 251.11.4.LightweightDirectoryAccessProtocol(LDAP)輕量級目 251.11.5.linkencryption 251.11.6.logicbomb 251.11.7.lostpotential 251.12. 261.12.1.maintenancehook 261.12.2.malware 261.12.3.mandatoryaccesscontrolMAC)強(qiáng)制訪問控制 261.12.4.masquerading 261.12.5. 261.12.6.multilevelsecurity 261.12.7.MultiprotocolLabelSwitching(MPLS) 271.13. 271.13.1.needtoknow 271.13.2.node 271.13.3.nonrepudiation 271.14. 271.14.1.object 271.14.2.objectreuse 271.14.3.one-timepad 271.14.4.operationalassurance 291.14.5.operationalgoals 291.14.6.operator 291.14.7.overtchannel 291.15. 291.15.1.password 291.15.2.paymentcardindustrydatasecuritystandard(PCI 291.15.3.penetration 301.15.4.penetrationtesting透測 301.15.5.permission 301.15.6.personnelsecurity 301.15.7.physicalcontrols 301.15.8.physicalsecurity 301.15.9.piggyback 301.15.10.plaintext 301.15.11.playbackattack 311.15.12.privacy 311.15.13.procedure 311.15.14.protectionring 311.15.15.protocol 311.15.16.pseudo-flaw 311.15.17.publickeyencryption 311.15.18.publickeyinfrastructurePKI) 311.15.19.purge 321.16. 321.16.1.qualitativeriskanalysis 321.16.2.quantitativeriskanalysis 321.17. 321.17.1.RADIUSRemoteAuthenticationDial-inUserService)遠(yuǎn) 321.17.2.read 321.17.3.recoveryplanning 321.17.4.recoverypointobjective 331.17.5.recoverytimeobjective 331.17.6.referencemonitorconcept 331.17.7.reliability 331.17.8.remotejournaling 331.17.9.repudiation 331.17.10.residualrisk 331.17.11.risk 331.17.12.riskanalysis 341.17.13.riskmanagement 341.17.14.role-basedaccesscontrol(RBAC)角色訪問控制, 341.18. 341.18.1.safeguard 341.18.2.sandboxing 341.18.3.secureconfigurationmanagement 341.18.4.SecurityAssertionMarkupLanguage(SAML)安全斷言 341.18.5.securityevaluation 351.18.6.securitykernel 351.18.7.securitylabel 351.18.8.securityperimeter 351.18.9.securitypolicy 351.18.10.securitytesting 351.18.11.sensitiveinformation 351.18.12.separationofduties 351.18.13.shouldersurfing 361.18.14.simplesecurityproperty 361.18.15.singlelossexpectancySLE) 361.18.16.singlesign-onSSO)單點(diǎn)登錄 361.18.17.socialengineering 361.18.18.software-definednetworking(SDN)軟件定義聯(lián)網(wǎng) 361.18.19.spoofing 361.18.20.standard 361.18.21.starproperty*-property) 371.18.22.strategicgoal 371.18.23.subject 371.18.24.supervisorstate 371.18.25.supervisorycontrolanddataacquisition(SCADA)數(shù) 371.18.26.synthetictransaction 371.19. 371.19.1. System)終端訪問控制器訪問控制系統(tǒng) 371.19.2.tacticalgoals 391.19.3.technicalcontrol 391.19.4. 391.19.5.threat 391.19.6.top-downapproach 391.19.7.topology 391.19.8.totalrisk 391.19.9.trademark 401.19.10.Trojanhorse 401.19.11.trustedcomputersystem 401.19.12.trustedcomputingbaseTCB) 401.19.13.trustedpath 401.19.14.trustedrecovery 401.20. 401.20.1.user 401.20.2.userID 401.21. 411.21.1.validation 411.21.2.virus 411.21.3.vulnerability 411.22. 411.22.1.wardialing 411.22.2.whitelist 411.22.3.workfactor 411.22.4.worm 41accessaccesscontrolaccesscontrollistACL)ACL可以讀、寫、執(zhí)行、添加、更改、accesscontrolmechanismaccountabilityaccreditedadd-onsecurityadministrativecontrolsaggregationAICtriadAIC3annualizedlossexpectancyALE)ALEantimalwareannualizedrateofoccurrenceARO)assuranceattackaudittrailauthenticateauthorizationavailabilitybackdoorbackupbaselineBell-LaPadulamodelBell-LaPadula到危害。請參閱“multilevelsecurity(多級安全性simplesecurityproperty(簡單安全屬性starproperty(*屬性“。BibamodelBibabiometricsblacklistIPbrowsingbrute-forceattackbusinessimpactanalysisBIA)業(yè)務(wù)影響分析callbackcapabilitycapabilitymaturitymodelintegration(CMMI)能力成熟certificationchallenge/responsemethodciphertextClark-WilsonmodelClark-Wilson33個(gè)完整性目標(biāo)是:防止未授權(quán)用戶進(jìn)行classificationcleartextcloudcomputingcollusioncommunicationssecuritycompartmentcompensatingcontrolscompromisecomputerfraudconfidentialityconfigurationmanagementconfinementcontingencyplancontrolzonecopyrightcost/benefitanalysis成本/countermeasurecovertchannelcovertstoragechannelcoverttimingchannelcryptanalysiscryptographycryptologycryptosystemdataatrestdataclassificationdatacustodianIT(往往是網(wǎng)絡(luò)管理員擔(dān)任。DataEncryptionStandardDES)密標(biāo)準(zhǔn)(AdvancedEncryptionStandard,AES)所代替。dataintransit(ordatainmotion)傳輸中的數(shù)據(jù)(運(yùn)動(dòng)datainuseCPU常用到的寄存器、cachedataleakprevention(DLP)數(shù)據(jù)泄露防護(hù)dataminingdataremanencedatawarehousingdatabaseshadowingdeclassificationdedicatedsecuritymodedegaussDelphitechniqueDelphidenialofserviceDoS)DevOpsdial-updictionaryattackdigitalsignaturedisasterrecoveryplandiscretionaryaccesscontrolDAC)DistributedNetworkProtocol3(DNP3)分布式網(wǎng)絡(luò)協(xié)3(DNP3)SCADAdomainduecareduediligenceelectronicdiscoverye-discovery)電子發(fā)現(xiàn)(e-electronicvaultingemanationsencryptionend-to-endencryptionexposureexposurefactorfailoverfail-safeFibreChanneloverEthernet(FCoE)光纖通道以太網(wǎng)firmwareformalsecuritypolicymodelformalverificationgatewayguidelineIThandshakingprocedurehoneynethoneypotidentification1inferenceinformationownerIntegratedProductTeamIPT)集成產(chǎn)品開發(fā)團(tuán)隊(duì)integrityInternetSmallComputerSystemInterfaceiSCSI)互聯(lián)網(wǎng)TCPSCSIintrusiondetectionsystem(IDS)IDSIDS能監(jiān)控特定系統(tǒng)的活動(dòng)以及保護(hù)系統(tǒng)文件和控制機(jī)制。isolationkernelkey證和完整性的數(shù)字簽名機(jī)制和加密散列函數(shù)(也稱為HMAC)。keystrokemonitoringlattice-basedaccesscontrolmodelleastprivilegelife-cycleassuranceLightweightDirectoryAccessProtocol(LDAP)輕量級目基于X.500linkencryptionlogicbomblostpotentialmaintenancehookmalwaremalicioussoftwareapplet、特洛伊木馬、邏輯炸彈和蠕蟲。mandatoryaccesscontrolMAC)強(qiáng)制訪問控制masquerading在密碼術(shù)中,MAC是用于對消息進(jìn)行身份驗(yàn)證的生成值。MAC可由HMAC或CBC-MACMACmultilevelsecurityMultiprotocolLabelSwitching(MPLS)needtoknownodenonrepudiationobjectobjectreuseone-timepadoperationalassuranceoperationalgoalsoperatorovertchannelpasswordpaymentcardindustrydatasecuritystandard(PCIpenetrationpenetrationtesting透測permissionpersonnelsecurityphysicalcontrolsphysicalsecuritypiggybackplaintextplaybackattackprivacyprocedureprotectionringprotocolpseudo-flawpublickeyencryptionpublickeyinfrastructurePKI)purgequalitativeriskanalysisquantitativeriskanalysisRADIUSRemoteAuthenticationDial-inUserService)遠(yuǎn)readrecoveryplanningrecoverypointobjectiverecoverytimeobjectivereferencemonitorconceptreliabilityremot

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論