English Learning

1. in laymen's terms (用外行人的話來說)   the GNP or, in the laymen's terms, the amount of goods produced by a country.
2. at the mercy of  (憑...的擺布)   Workers are entirely at the mercy of dishonest employers.
3. once and for all (一勞永逸)   The core issue can be resolved once and for all.
4. out of sight, out of mind (眼不見為淨)
5. Leaving little room for guesswork (講得清楚，無須揣測)
6. at the bare minimum (最低限度)   We need to hit $20,000 in sales at the bare minimum.
7. includes, but not limited to (包含，但不僅止於...)
8. catch-22 (進退維谷，無法擺脫的困境) You can't get a job without experience, but you can't get experience unless you have a job - it's (a) catch-22.
9. urban myth: 來路不明，證據薄弱，卻廣為流傳的說法。
10. A thief crying to stop thief (作賊喊抓賊)
11. To ship the advantage in our favor (將情勢轉向對我們有利)
12. Bridge the technology gap. 追上技術的落後
13. Build on a rock-solid foundation. 建築在堅若磐石的基礎上
14. Get out of hand 一發不可收拾   If the situation gets out of hand, it cannot be controlled any more.
15. state-of-the-art: 最先進的   state-of-the-art security features
16. in the nutshell: 簡而言之
17. viable 可行的   viable alternative
18. economies of scale: 規模經濟
19. code of conduct: 行為規範
20. incentive: 激勵, 誘因
21. liability: 責任
22. successor: 後繼者  <-> precessor: 前任    -> succession plan: 接替計畫
23. vital: 重要的
24. infrequent: 不常見
25, black swan: 黑天鵝
26. rationale = explanation
27. norm 規範
28. pragmatic 務實
29. in lieu of 替代
30 anchor point 錨點
31, payback period 投資回收期
32. stringent 嚴格的
33. encompass 環繞
34. adaptability 適應性
35. warranty 保證
36. conduct 執行
37. paradigm 範例, 典範
38. intervention 介入 
    manual intervention. 人員介入 => The process is automatic and no manual intervention needed.
39. contemporary 現代的
    contemporary software development practice.
40. adhere to 堅持, 附著
   ensure that the problem escalation procedures are being adhered to properly.
41. in compliance with 合規
   documentation are completed, up to date and in compliance with the established standards.
42. at the present time 在現在這個時刻
   Organization do want to acquire more than what they need at the present time.
43. defer 延遲
   Capacity management increase efficiency and cost saving by deferring the cost of new capacity to a later date and optimizing capacity to business needs.
44. find a niche 找到利基
  OODBMS has found a niche in areas such as engineering, science and spatial databases.
45. glue 膠
   Middleware serves as the glue between two otherwise distinct application and provides services such as identification, authentication, authorization, directories and security.
46. prerequisite 先決條件
   adequate backup is a prerequisite to successful recovery
47. elapsed time 經過時間
   Elapsed time for completion of prescribed tasks
48. conformity 一致性, 遵守
  ensure conformity to applicable laws, regulation and standards
49. unsolicited 不請自來
   unsolicited commercial email or junk mail
50. trivial 瑣碎, 微小
   Organization should know all the points of entry into its information resource infrastructure which, in many organization, will not be a trivial task,
51. enrollment process 註冊程序
   Entering a user's biometric into a system occurs through an enrollment process by storing a user's particular biometric feature.
52. commensurate 相稱
   The frequency of the security administrator's review of computer access reports should be commensurate with the sensitivity of the computerized information being protected.
53. seasoned 老練的
  They require the attention of the most seasoned and experienced person of the software security team.
54. practitioner 從業者
   We trust that the software security best practices and model presented in this book will make this clear to all who read this book, whether you are an executive, manager, or practitioner.
55. concise 簡潔
56. stepping-stone 墊腳石
57. judicious 明智的
   You have to be very judicious with your resources if you plan to be successful.
58. daunting task 艱鉅任務
   You will use recruitment and leverage of software champions to manage his daunting task.
59.empirical 經驗的
   Scrum adopts an empirical approach, accepting that the problem cannot be fully understood or defined.
60. facilitate 促進
   This concept facilitate the ability to handle churn resulting from customer that change the requirement during project development.
61. yield: 產生
   SDL will yield incremental improvements in an overall holistic approach to software security.
62. attestation 認證
  customer required third-party attestation.
63 immune from 免於
64. enormous 巨大
   IaaS provides fer if any application-like features, but enormous extensibility.
65. derivative 衍生物
   There are derivative cloud deployment model emerging due to the maturation of market offering and customer demand.
66. rule of thumb 經驗法則
   As a rule of thumb, perimeterized solutions are less effective than de-perimeterized solution.
67. sole 唯一
   The cloud infrastructure is operated solely for a single organization.
68. on-premise/off-premise
69. agreed-upon goals
   Information security governance should be collaboration between customers and providers to achieve agreed-upon goals.
70. abreast 並肩, 與時俱進
   The parties must keep abreast of the legal and other requirements and ensure that operations remain compliant with applicable laws.
71. plethora of 多如牛毛
   IT in the cloud is increasingly subject to a plethora of policies and regulations.
72. inhibitor 抑制源
   Compliance is not an inhibitor of organizational effectiveness, but a complement to internally determined policies.
73. Attestation 鑑證
74. act on sb's behalf 以某人之身分...
   One type of third party is authorized to act on the company's behalf and use data in accordance with the company's privacy practice.
75. inadvertent: 非故意的
   Prevent inadvertent sharing of PII with unintended audiences.
76. articulate: 說出, 明白地說
   This will help articulate real cost to management.
77. This questions need to be carefully considered to prevent future fire fighting.
78.  In a nutshell: 簡而言之
79. cursory review: 隨意,非正式review
   cursory review of open-source development process without the proper training and experience.
80. anomalous: 異常的
   anomalous interaction
81. joint effort 共同努力
   The test plan is a joint effort by the project management, development and security team.
82. showstopper: and obstacle to further progress.
83. circumvent 規避
   circumvent security feature of the system
84. flesh out: 充實
85. regiment: 一群, 團
   A development organization typically has a very regimented development process.
86. To maximum capability
   In many instances, the security mechanisms of an information system are not configured properly or used to their maximum capability.