M Flashcards
maintenance hook
Instructions within a program’s code that enable the developer or maintainer to enter the program without having to go through the usual access control and authentication processes. Maintenance hooks should be removed from the code before it is released to production; otherwise, they can cause serious security risks. Also called trapdoor or back door.
malware
Malicious software. Code written to perform activities that circumvent the security policy of a system. Examples are viruses, malicious applets, Trojan horses, logical bombs, and worms.
mandatory access control (MAC)
An access policy that restricts subjects’ access to objects based on the security clearance of the subject and the classification of the object. The system enforces the security policy, and users cannot share their files with other users.
masquerading
Impersonating another user, usually with the intention of gaining unauthorized access to a system.
message authentication code (MAC)
In cryptography, a message authentication code (MAC) is a generated value used to authenticate a message. A MAC can be generated by HMAC or CBC-MAC methods. The MAC protects both a message’s integrity (by ensuring that a different MAC will be produced if the message has changed) and its authenticity, because only someone who knows the secret key could have modified the message.
multilevel security
A class of systems containing information with different classifications. Access decisions are based on the subject’s security clearances, need to know, and formal approval.
Multiprotocol Label Switching (MPLS)
A converged data communications protocol designed to improve the routing speed of high-performance networks.
