R


RA (Registration Authority)

In a PKI infrastructure, the RA is responsible for verifying certificate contents for the CA. See also PKI, CA.

RADIUS (Remote Authentication Dial-In User Service)

An open-source, User Datagram Protocol (UDP)-based client-server protocol used to authenticate remote users.

RARP (Reverse ARP)

A protocol used by diskless workstations to query and discover their own IP address.

RAS (Remote Access Service)

A remote access protocol typically used over dial-up facilities.

Real (or physical) evidence

Tangible objects from the actual crime, such as the tools or weapons used and any stolen or damaged property.

Recovery controls

Controls that restore systems and information.

Recovery Time Objective (RTO)

The period of time that a business process must be recovered (during a disaster) in order to ensure the survival of the organization.

Reduced-Instruction-Set-Computing (RISC)

A microprocessor instruction set architecture that utilizes a smaller and simpler instruction set that is more efficient than CISC. See also Complex Instruction Set Computing.

Reference monitor

An abstract machine that mediates all access to an object by a subject.

Repository

In a PKI infrastructure, a repository is a system that accepts certificates and CRLs from a CA and distributes them to authorized parties. See also CA, PKI.

RFI (Radio Frequency Interference)

Electrical noise caused by electrical components, such as fluorescent lighting and electric cables.

Rijndael

The encryption algorithm used by the Advanced Encryption Standard. See also AES.

Ring

A network topology where all devices are connected to a closed loop.

Risk acceptance

Accepting the loss associated with a potential risk.

Risk analysis

A method used to identify and assess threats and vulnerabilities in a business, process, system, or activity.

Risk assignment (or transference)

Transferring the potential loss associated with a risk to a third party, such as an insurance company.

Risk mitigation

Reducing risk to a level that is acceptable to an organization.

Risk reduction

Mitigating risk by implementing the necessary security controls, policies, and procedures to protect an asset.

Role-based access control (RBAC)

A method for implementing discretionary access controls in which access decisions are based on group membership according to organizational or functional roles.

Rotation of duties (or job rotations)

Regularly transferring key personnel into different positions or departments within an organization.

Router

A network device that forwards packets among dissimilar networks.

RSA (Rivest, Shamir, Adleman)

A key transport algorithm based on the difficulty of factoring a number that is the product of two large prime numbers.

Rule-based access control

A method for applying mandatory access control by matching an object’s sensitivity label and a subject’s sensitivity label to determine whether access should be granted or denied.




CISSP For Dummies
CISSP For Dummies
ISBN: 0470537914
EAN: 2147483647
Year: 2004
Pages: 242

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net