Читаем CISSP Practice полностью

A message indicating that a fault condition may exist or that a fault is likely to occur. In computer crime investigations, trap and trace means the attacker’s phone call is trapped and traced.

Trapdoor

A hidden software or hardware mechanism that responds to a special input used to circumvent the system’s security controls. Synonymous with backdoor.

Tree topology

Tree topology is a network topology which resembles an interconnection of start networks in that individual peripheral nodes are required to transmit to and receive from one another node only toward a central node. The tree topology is not required to act as repeaters or regenerators. The tree topology, which is a variation of bus topology, is subject to a single-point of failure of a transmission path to the node. The tree topology is an example of a hybrid topology where a linear bus backbone connects star-configured networks.

Triangulation

Identifying the physical location of a detected threat against a wireless network by estimating the threat’s approximate distance from multiple wireless sensors by the strength of the threat’s signal received by each sensor, and then calculating the physical location at which the threat would be the estimated distance from each sensor.

Triple DES (3DES)

An implementation of the data encryption standard (DES) algorithm that uses three passes of the DES algorithm instead of one as used in ordinary DES applications. Triple DES provides much stronger encryption than ordinary DES but it is less secure than AES.

Tripwire

Tripwire, a network security tool, monitors the permissions and checksums of important system files to detect if they have been replaced or corrupted. Tripwire can be configured to send an alert to the administrator should any file’s recomputed checksum fail to match its baseline, indicating that the file has been altered.

Trojan horse (aka Trojan)

(1) A useful or seemingly useful program that contains hidden code of a malicious nature. When the program is invoked, so is the undesired function whose effects may not become immediately obvious. (2) It is a nonself-replicating program that appears to have a useful purpose, but actually has a hidden malicious purpose. The name stems from an ancient exploit of invaders gaining entry to the city of Troy by concealing themselves in the body of a hollow wooden horse, presumed to be left behind by the invaders as a gift to the city. (3) A computer program with an apparent or actual useful function that contains additional (hidden) functions that surreptitiously exploit the legitimate authorizations of the invoking process to the detriment of security or integrity. (4) It usually masquerades as a useful program that a user would wish to execute.

True negative

A tool reports a weakness when it is not present.

True positive

A tool reports a weakness when it is present.

Trust

(1) A characteristic of an entity (e.g., person, process, key, or algorithm) that indicates its ability to perform certain functions or services correctly, fairly, and impartially, and that the entity and its identity are genuine. (2) A relationship between two elements, a set of activities and a security policy in which element X trusts element Y if and only if X has confidence that Y will behave in a well-defined way (with respect to the activities) that does not violate the given security policy. (3) It is a belief that a system meets its specifications. (4) The willingness to take actions expecting beneficial outcomes based on assertions by other parties.

Trust anchor (public key)

(1) One or more trusted public keys that exist at the base of a tree of trust or as the strongest link on a chain of trust and upon which a public key infrastructure (PKI) is constructed. (2) A public key and the name of a certification authority (CA) that is used to validate the first certificate in a sequence of certificates. (3) The trust anchor public key is used to verify the signature on a certificate issued by a trust anchor CA. The security of the validation process depends upon the authenticity and integrity of the trust anchor. Trust anchors are often distributed as self-signed certificates.

Trust anchor (DNS)

A validating DNSSEC-aware resolver uses a public key or hash as a starting point for building the authentication chain to a signed domain name system (DNS) response. In general, a validating resolver will need to obtain the initial values of its trust anchors via some secure or trusted means outside the DNS protocol. The presence of a trust anchor also implies that the resolver should expect the zone to which the trust anchor points to be signed. This is sometimes referred to as a “secure entry point.”

Trust anchor store