Glossary- S

Question 1

sabotage

Answer 1

Deliberate damage of an organization’s asset.

Question 2

salvage

Answer 2

The process of recovering components or assets that still have value after a disaster.

Question 3

sample

Answer 3

A portion of a population of records that is selected for auditing.

Question 4

sample mean

Answer 4

The sum of all samples divided by the number of samples.

Question 5

sample standard deviation

Answer 5

A computation of the variance of sample values from the sample mean. This is a measurement of the “spread” of values in the sample.

Question 6

sampling

Answer 6

A technique that is used to select a portion of a population when it is not feasible to test an entire population.

Question 7

sampling risk

Answer 7

The probability that a sample selected does not represent the entire population. This is usually expressed as a percentage, as the numeric inverse of the con- fidence coefficient. See also confidence coefficient.

Question 8

SAS 70 (Statement of Accounting Standards No. 70)

Answer 8

An external audit of a service provider. An SAS 70 audit is performed according to rules established by the American Institute of Certified Public Accountants (AICPA). Deprecated by SSAE16. See also SSAE16.

Question 9

scanning attack

Answer 9

An attack on a computer or network with the intention of discover- ing potentially vulnerable computers or programs.

Question 10

screened shielded twisted pair (S/STP)

Answer 10

A type of twisted-pair cable where a thick metal shield protects each pair of conductors, plus an outer shield that protects all of the conductors together. See also twisted-pair cable.

Question 11

screened unshielded twisted pair (S/UTP)

Answer 11

A type of twisted-pair cable where the entire cable has a thick metal shield that protects the cables. See also twisted-pair cable.

Question 12

screening router

Answer 12

A network device that filters network traffic based on source and destination IP addresses and ports. See also firewall.

Question 13

script kiddie

Answer 13

An inexperienced computer hacker who uses tools developed by others to illegally access computers and networks.

Question 14

Scrum

Answer 14

An iterative and incremental methodology used for rapid and agile software development.

Question 15

secondary storage

Answer 15

A computer’s long-term storage of information, usually imple- mented with hard disk drives or static random access memory (SRAM).

Question 16

secure copy (SCP)

Answer 16

A TCP/IP application layer protocol used as a file transfer protocol that is similar to remote copy (RCP), but is protected using secure shell (SSH). See re- mote copy (RCP), secure shell (SSH).

Question 17

secure electronic transaction (SET)

Answer 17

A protocol used to protect credit card transac- tions that uses a digital envelope. SET has been deprecated by Secure Sockets Layer (SSL) and Transport Layer Security (TLS). See also digital envelope, Secure Sockets Layer (SSL), and Transport Layer Security (TLS).

Question 18

Secure File Transfer Protocol (SFTP)

Answer 18

A TCP/IP application layer protocol that is an extension of the FTP protocol, where authentication and file transfer are encrypted us- ing SSH. Sometimes referred to as SSH File Transfer Protocol. See also File Transfer Protocol (FTP), secure shell (SSH).

Question 19

Secure Hypertext Transfer Protocol (SHTTP)

Answer 19

A protocol used to encrypt webpages between web servers and web browsers. Often confused with Hypertext Transfer Proto- col Secure (HTTPS).

Question 20

Secure Multipurpose Internet Mail Extensions (S/MIME)

Answer 20

An e-mail security proto- col that provides sender and recipient authentication and encryption of message con- tent and attachments.

Question 21

secure shell (SSH)

Answer 21

A TCP/IP application layer protocol that provides a secure chan- nel between two computers whereby all communications between them are encrypted. SSH can also be used as a tunnel to encapsulate and thereby protect other protocols.

Question 22

Secure Sockets Layer (SSL)

Answer 22

An encryption protocol used to encrypt webpages re- quested with the HTTPS (Hypertext Transfer Protocol/Secure) URL. Deprecated by Transport Layer Security (TLS). See also Transport Layer Security (TLS), Hypertext Transfer Protocol Secure (HTTPS).

Question 23

security awareness

Answer 23

A formal program used to educate employees, users, customers, or constituents on required, acceptable, and unacceptable security-related behaviors.

Question 24

security governance

Answer 24

Management’s control over an organization’s security program.

Question 25

security guards

Answer 25

Personnel who control passage at entry points or roam building premises looking for security issues such as unescorted visitors.

Question 26

security incident

Answer 26

An event where the confidentiality, integrity, or availability of infor- mation (or an information system) has been compromised.

Question 27

security incident response

Answer 27

The formal, planned response that is enacted when a se- curity incident has occurred. See also security incident.

Question 28

security policy

Answer 28

See information security policy.

Question 29

security requirements

Answer 29

Formal statements that describe the required security charac- teristics that a system must support.

Question 30

segregation of duties

Answer 30

The concept that ensures single individuals do not possess ex- cess privileges that could result in unauthorized activities such as fraud or the manipu- lation or exposure of sensitive data.

Question 31

separation of duties

Answer 31

See segregation of duties.

Question 32

serial line interface protocol (SLIP)

Answer 32

A network protocol used to transport TCP/IP | packets over point-to-point serial connections (usually RS-232).

Question 33

server

Answer 33

A centralized computer used to perform a specific task.

Question 34

service continuity management

Answer 34

The IT function that consists of activities concerned with the organization’s ability to continue providing services, primarily in the event that a natural or man-made disaster has occurred. See also IT service management, busi- ness continuity planning, and disaster recovery planning.

Question 35

service desk

Answer 35

The IT function that handles incidents and service requests on behalf of customers by acting as a single point of contact. See also IT service management.

Question 36

service-level agreement (SLA)

Answer 36

An agreement that specifies service levels in terms of the quantity of work, quality, timeliness, and remedies for shortfalls in quality or quantity.

Question 37

service-level management

Answer 37

The IT function that confirms whether IT is providing ad- equate service to its customers. This is accomplished through continuous monitoring and periodic review of IT service delivery. See also IT service management.

Question 38

service provider audit

Answer 38

An audit of a third-party organization that provides services to other organizations.

Question 39

service set identifier (SSID)

Answer 39

A friendly name that identifies a particular 802.11 wire- less network.

Question 40

session

Answer 40

Layer 5 of the OSI network model. See also OSI network model.

Question 41

session border controller

Answer 41

A device deployed in a VoIP network to control VoIP secu- | rity, connectivity, quality of service, and metering.

Question 42

session hijacking

Answer 42

An attack on a user’s browser session where the attacker intercepts the user’s session cookie from an unencrypted wired or wireless network and then uses the cookie to take over the victim’s browser session.

Question 43

session initiation protocol (SIP)

Answer 43

The network protocol used to set up and tear down Voice over IP (VoIP) and other communications connections. See also Voice over IP (VoIP).

Question 44

shielded twisted pair (STP)

Answer 44

A type of twisted-pair cable where a thin metal shield protects each pair of conductors. See also twisted-pair cable.

Question 45

Simple Mail Transfer Protocol (SMTP)

Answer 45

A TCP/IP application layer protocol that is used to transport e-mail messages.

Question 46

Simple Network Management Protocol (SNMP)

Answer 46

A TCP/IP application layer proto- col used by network devices and systems to transmit management messages indicating a need for administrative attention.

Question 47

Simple Object Access Protocol (SOAP)

Answer 47

A protocol that is used to facilitate the ex- change of structured information between systems.

Question 48

simulation

Answer 48

A test of disaster recovery, business continuity, or security incident re- sponse procedures where the participants take part in a “mock disaster” or incident to add some realism to the process of thinking their way through emergency response documents.

Question 49

single loss expectancy (SLE)

Answer 49

The financial loss when a threat is realized one time. SLE is defined as AV × EF. See also asset value (AV), exposure factor (EF).

Question 50

single sign-on

Answer 50

An interconnected environment where applications are logically con- nected to a centralized authentication server that is aware of the logged-in/-out status of each user. A user can log in once to the environment; each application and system is aware of a user’s log-in status and will not require the user to log in to each one separately.

Question 51

site classification policy

Answer 51

Policy that defines sensitivity levels, security controls, and security procedures for information processing sites and work centers.

Question 52

smart card

Answer 52

A small, credit-card–sized device that contains electronic memory and is accessed with a smart card reader and used in two-factor authentication.

Question 53

smart phone

Answer 53

A mobile phone equipped with an operating system and software ap- plications.

Question 54

snapshot

Answer 54

A continuous auditing technique that involves the use of special audit modules embedded in online applications that sample specific transactions. The mod- ule copies key database records that can be examined later on.

Question 55

sniffer

Answer 55

A program that can be installed on a network-attached system to capture net- work traffic being transmitted to or from the system.

Question 56

social engineering

Answer 56

The act of using deception to trick an individual into revealing secrets.

Question 57

Software as a Service (SaaS)

Answer 57

A software delivery model where an organization ob- tains a software application for use by its employees and the software application is hosted by the software provider, as opposed to the customer organization.

Question 58

software development life cycle (SDLC)

Answer 58

The life cycle process used to develop or acquire and maintain information systems. Also known as systems development life cycle.

Question 59

Software Engineering Institute Capability Maturity Model Integration (SEI CMMI)

Answer 59

A maturity model that is used to measure the maturity of an organization’s software development life cycle process.

Question 60

software licensing

Answer 60

The process of maintaining accurate records regarding the permit- ted use of software programs.

Question 61

software maintenance

Answer 61

An activity in the software development life cycle where mod- ifications are made to the software code.

Question 62

Software Process Improvement and Capability dEtermination (SPICE)

Answer 62

A maturity model that is based on the SEI CMM maturity model. SPICE has been made an inter- national standard: ISO 15504.

Question 63

software program library

Answer 63

The repository that contains program source code and that usually includes tools to manage the maintenance of source code.

Question 64

source code management

Answer 64

The techniques and tools used to manage application source code.

Question 65

source lines of code (SLOC)

Answer 65

A sizing technique for software development projects that represents the size of the planned program, expressed as lines of code.

Question 66

sourcing

Answer 66

The choices that organizations make when selecting the personnel that will perform functions and where those functions will be performed.

Question 67

spam

Answer 67

Unsolicited and unwanted e-mail.

Question 68

spam filter

Answer 68

A central program or device that examines incoming e-mail and removes all messages identified as spam.

Question 69

spike

Answer 69

A sharp increase in voltage that lasts for only a fraction of a second.

Question 70

spiral model

Answer 70

A software development life cycle process where the activities of re- quirements definition and software design go through several cycles until the project is complete. See also software development life cycle (SDLC).

Question 71

split custody

Answer 71

The concept of splitting knowledge of a specific object or task between two persons.

Question 72

spoofing

Answer 72

The act of changing the configuration of a device or system in an attempt to masquerade as a different, known, and trusted system or user.

Question 73

spyware

Answer 73

A type of malware where software performs one or more surveillance-type actions on a computer, reporting back to the spyware owner.

Question 74

SSAE16 (Statements on Standards for Attestation Engagements No. 16)

Answer 74

An exter- nal audit of a service provider. An SSAE16 audit is performed according to rules estab- lished by the American Institute of Certified Public Accountants (AICPA).

Question 75

standard

Answer 75

A statement that defines the technologies, protocols, suppliers, and meth- ods used by an IT organization.

Question 76

standard IT balanced scorecard

Answer 76

A management tool that is used to measure the per- formance and effectiveness of an IT organization.

Question 77

star topology

Answer 77

A network topology where a separate connection is made from a cen- tral device to each station.

Question 78

stateful inspection firewall

Answer 78

A network device that filters network traffic based on source and destination IP addresses and ports, and keeps track of individual TCP/IP ses- sions to make filtering decisions, permitting established connections. See also firewall.

Question 79

statement of impact

Answer 79

A description of the impact a disaster scenario will have on a business or business process.

Question 80

static random access memory (SRAM)

Answer 80

A form of semiconductor memory that does not require refreshing.

Question 81

statistical sampling

Answer 81

A sampling technique where items are chosen at random; each item has a statistically equal probability of being chosen. See also sampling.

Question 82

stop-or-go sampling

Answer 82

A sampling technique used to permit sampling to stop at the earliest possible time. This technique is used when the auditor feels that there is low risk or a low rate of exceptions in the population. See also sampling.

Question 83

storage area network (SAN)

Answer 83

A stand-alone storage system that can be configured to contain several virtual volumes and connected to many servers through fiber optic cables.

Question 84

strategic planning

Answer 84

Activities used to develop and refine long-term plans and objectives.

Question 85

stratified sampling

Answer 85

A sampling technique where a population is divided into classes or strata, based upon the value of one of the attributes. Samples are then selected from each class. See also sampling.

Question 86

stream cipher

Answer 86

This is a type of encryption algorithm that operates on a continuous stream of data, such as a video or audio feed.

Question 87

strong authentication

Answer 87

See two-factor authentication.

Question 88

subject

Answer 88

A person or a system. See also object.

Question 89

subnet mask

Answer 89

A numeric value that determines which portion of an IP address is used to identify the network and which portion is used to identify a station on the network. See also IP address.

Question 90

substantive testing

Answer 90

A type of testing that is used to determine the accuracy and integ- rity of transactions that flow through processes and systems.

Question 91

supercomputer

Answer 91

The largest type of computer that is capable of performing large, complex calculations such as weather forecasting and earthquake simulations.

Question 92

surge

Answer 92

See spike.

Question 93

switch

Answer 93

A device that is used to connect computers and other devices to a network. Unlike a hub, which sends all network packets to all stations on the network, a switch sends packets only to intended destination stations on the network.

Question 94

symmetric encryption

Answer 94

A method for encryption and decryption where it is necessary for both parties to possess a common encryption key.

Question 95

synchronous optical networking (SONET)

Answer 95

A class of common carrier telecommuni- cations network technologies used to transport voice and data over fiber optic networks at very high speeds.

Question 96

synchronous replication

Answer 96

A type of replication where writing data to a local and to a remote storage system is performed as a single operation, guaranteeing that data on the remote storage system is identical to data on the local storage system. See also replication.

Question 97

system classification policy

Answer 97

Policy that specifies levels of security for systems storing classified information.

Question 98

system hardening

Answer 98

See hardening.

Question 99

system testing

Answer 99

The portion of software testing where an entire system is tested.