clean 1 The act of removing a virus from a system and repairing the damage caused by the virus. 2 The act of removing data from a storage media for reuse in the same security environment. clean power Nonfluctuating pure power. clearing A method of sufficiently deleting media that will be reused in the same secured envi- ronment. Also known as overwriting. click-wrap license agreement A software agreement in which the contract terms are either written on the software box or included in the software documentation. During the installation process, you are required to click a button indicating that you have read the terms of the agree- ment and agree to abide by them. clipping level A threshold value used in violation analysis auditing. Crossing the clipping level triggers recording of relevant event data to an audit log. closed-circuit television CCTV A security system using video cameras and video recording devices. closed head system See wet pipe system. clustering or key clustering A weakness in cryptography where a plaintext message gener- ates identical ciphertext messages using the same algorithm but using different keys. coaxial cable A cable with a center core of copper wire surrounded by a layer of insulation and then by a conductive braided shielding and finally encased in an insulation sheath. Coaxial cable is fairly resistant to EMI, has a low cost, and is easy to install. code See cipher. cohesive or cohesiveness An object is highly cohesive if it can perform a task with little or no help from other objects. Highly cohesive objects are not as dependent upon other objects as objects with lower cohesion. Objects with higher cohesion are often better. Highly cohesive objects perform tasks alone and have low coupling. cognitive password A variant of the password authentication factor that asks a series of questions about facts or predefined responses that only the subject should know. cold sites Standby facilities large enough to handle the processing load of an organization and with appropriate electrical and environmental support systems. collision attack See birthday attack. collusion An agreement between multiple people to perform an unauthorized or illegal action. commercial businessprivate sector classification The security labels commonly employed on secure systems used by corporations. Common corporate or commercial security labels are confidential, proprietary, private, sensitive, and public. Committed Information Rate CIR A contracted minimum guaranteed bandwidth alloca- tion for a virtual circuit. Common Body of Knowledge CBK The areas of information prescribed by ISC 2 as the source of knowledge for the CISSP exam. common mode noise Electromagnetic interference EMI noise generated by the difference in power between the hot and ground wires of a power source or operating electrical equipment. Common Object Request Broker Architecture CORBA An international standard for dis- tributed computing. CORBA enables code operating on a computer to locate resources located elsewhere on the network. companion virus A variation of the file infector virus. A companion virus is a self-contained executable file that escapes detection by using a filename similar to, but slightly different from, a legitimate operating system file. compartmented A type of MAC environment. Compartmentalized or compartmented envi- ronments have no relationship between one security domain and another. To gain access to an object, the subject must have the exact specific clearance for that object’s security domain. compartmented mode See compartmented security mode. compartmented mode workstations A computer system in which all users have the same clearance. The concept of need-to-know is used to control access to sensitive data and the system is able to process data from multiple sensitivity levels at the same time. compartmented security mode A security mode in which systems process two or more types of compartmented information. All system users must have an appropriate clearance to access all information processed by the system but do not necessarily have a need to know all of the information in the system. compensation access control A type of access control that provides various options to other existing controls to aid in the enforcement and support of a security policy. competent A distinction of evidence that means that the evidence must be obtained legally. Evidence that results from an illegal search would be inadmissible because it is not competent. compiled languages A computer language that is converted into machine language before distribution or execution. compliance checking The process by which it is ensured that all of the necessary and required elements of a security solution are properly deployed and functioning as expected. compliance testing Another common usage of auditing. Verification that a system complies with laws, regulations, baselines, guidelines, standards, and policies is an important part of maintaining security in any environment. Component Object Model COM Microsoft’s standard for the use of components within a process or between processes running on the same system. compromise If system security has been broken, the system is considered compromised.