Index_S

 < Free Open Study > 



S

SAG SQL (SQL Access Group), 273, 274

Salami attacks, 307-308, 319, 324

SAM (Security Accounts Manager), 116

Sandboxing, 72, 83

SATAN (Security Administration Tool for Analyzing Networks), 19

SAT (Security Access Tokens), 220

Scanners, 44

Screened hosts, 137

Screened subnets, 137

SDLC (Synchronous Data Link Control), 116

SDLC (System Development LifeCycle), 278-283, 292, 299

Secure European System for Applications in a Multi-vendor Environment (SESAME), 27

Secure HTTP (SHTTP), 165-166

Secure / Multipurpose Internet Mail Extensions (S / MIME), 166-167

Secure Remote Procedure Call (RPC), 126, 135

Secure Shell (SSH), 115, 167, 291

Secure Sockets Layer (SSL), 19, 84, 166, 182, 187

Security Access Tokens (SAT), 220

Security Accounts Manager (SAM), 116

Security controls, 286

domains, 286

kernels, 286

objects, 286

permissions, 286

process isolation, 286-287

subjects, 286

Security Identifier (SID), 30

Security monitoring, 41

Security policies, 29, 241

Acceptable Use Policies (AUPs), 211-212

CIA Triad, 212-213, 234

code of ethics, 215-216

defined and described, 19, 210

disposal / destruction of information, 213-214

documentation, 227-233

Due Care and Diligence, 212, 235

e-mail and, 62

guidelines security baselines, 133-134

Human Resources and, 214

incident response, 122, 216

management principles and, 212-213

personnel issues, 214-215

physical security and, 201

separation of duties, 213

SLAs (Service Level Agreements), 213

see also Documentation

Security services, 138

Serial Line Internet Protocol (SLIP), 117

Serpent algorithm, 158

Server certificates, 169-170

Server farms, 210

Servers

DMZs and, 129

file / print servers, 261-262

hardening server applications, 257-263, 291

IIS (Internet Information Server), 79

RAS (Remote Access Service), 57-59

remote access or communications servers, 56

server clustering, 210, 234

server farms, 210

Web servers, 257-258

Service Level Agreements (SLAs), 213, 234

Service packs, 257

Services. See Protocols and services

SESAME (Secure European System for Applications in a Multi-vendor Environment), 27

Session layer of OSI, 96

S / FTP (Secure FTP), 78

Shielded twisted pair (STP) cables, 105

SHTTP (Secure HTTP), 165-166

SID (Security Identifier), 30

Signal bounce, 98

Signature intrusion analysis, 119

Signatures. See Digital signatures

Simple Mail Transfer Protocol. See SMTP (Simple Mail Transfer Protocol) Relay

Single Sign-On (SSO) authentication systems, 26-27, 220-221, 235

Site surveys, 82, 86-87

Skipjack algorithm, 158

Slag code, 254

SLAs (Service Level Agreements), 213, 234

Smart cards, 44, 111, 145

defined, 19

Smart tokens, 24-25

S / MIME (Secure / Multipurpose Internet Mail Extensions), 63, 83, 85, 166-167

SMTP (Simple Mail Transfer Protocol) Relay, 75-76, 84, 129, 137, 258-259

Smurf attacks, 37-38

Sniffers, 19, 39-40, 44, 126

SNMP (Simple Network Management Protocol), 137

Social engineering, 40

Software. See Applications

Software piracy, 308, 320

Spam, 19, 40, 62, 259

cookies and, 71

Spoofing attacks, 19, 37-38, 40, 46, 258

Sprinkler systems, 200, 238

Spyware, 338-339, 352

SQL (Structured Query Language), 273, 274, 292

SSH (Secure Shell), 115, 167, 291

SSL (Secure Sockets Layer), 19, 65, 84, 166, 182, 187

SSO (Single Sign-On) authentication systems, 26-27, 220-221, 235, 242-243

Stalking, 310, 320

Standards, IEEE 802 specifications, 94-95

Star topology, 100-101

State objects. See Cookies

Statistical intrusion analysis, 51, 119-120

Stealth viruses, 254, 336, 353

Storage, 295

data storage systems, 288-289, 293

data warehousing, 267-268

of documentation, 232-233

garbage collection (storage reclamation), 274

keys, 177-178

off-site storage and disaster recovery, 205

primary storage, 288, 293

RAM (Random Access Memory), 288

real storage, 289

secondary storage, 289, 293

sequential storage, 289, 293

virtual storage, 289, 293

see also Media, removable

Stream ciphers, 190

Strong User Authentication (SUA), 22

Structured Query Language (SQL), 273, 274, 292

SUA (Strong User Authentication), 22

Subjects, 286, 287

Supervisor mode, 289-290

Supplicants, 59

Surveillance, 317

CCTV, 234, 317, 328

COAST (Computer Operations, Audit, and Security Technology), 318

SVCs (Switched Virtual Circuits), 117

Switched Virtual Circuits (SVCs), 117

Switches, 131, 135

Symantec, 134

Symmetric-key encryption, 124, 155-160, 184-185

SYN attacks, 36-37

Synchronous Data Link Control (SDLC), 116

System Access Control Lists (SACLs), 30

System development

certification and accreditation, 283-284

program languages and execution, 284-285, 293, 294

security controls, 286-287

separation of duties, 283

System Development LifeCycle (SDLC), 278-283, 292, 296

System Development LifeCycle (SDLC), 292, 296

analysis, 279-280

design, 280

development, 280

disposition, 282-283

feasibility, 279

implementation, 281

maintenance (operational), 281-282

testing, 280-281

System infectors, 335, 352

System requirements, 383

Systems architecture, documenting, 227-228



 < Free Open Study > 



The Security+ Exam Guide. TestTaker's Guide Series
Security + Exam Guide (Charles River Media Networking/Security)
ISBN: 1584502517
EAN: 2147483647
Year: 2003
Pages: 136

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net