L

Question 1

lattice-based access control model

Answer 1

A mathematical model that allows a system to easily represent the different security levels and control access attempts based on those levels. Every pair of elements has a highest lower bound and a lowest upper bound of access rights. The classes stemmed from military designations.

Question 2

least privilege

Answer 2

The security principle that requires each subject to be granted the most restrictive set of privileges needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use.

Question 3

life-cycle assurance

Answer 3

Confidence that a trusted system is designed, developed, and maintained with formal designs and controls. This includes design specification and verification, implementation, testing, configuration management, and distribution.

Question 4

Lightweight Directory Access Protocol (LDAP)

Answer 4

A directory service based on a subset of the X.500 standard that allows users and applications to interact with a directory.

Question 5

link encryption

Answer 5

A type of encryption technology that encrypts packets’ headers, trailers, and the data payload. Each network communications node, or hop, must decrypt the packets to read its address and routing information and then re-encrypt the packets. This is different from end-to-end encryption.

Question 6

logic bomb

Answer 6

A malicious program that is triggered by a specific event or condition.

Question 7

loss potential

Answer 7

The potential losses that can be accrued if a threat agent actually exploits a vulnerability.