| < Day Day Up > |
|
DAC (Discretionary Access Control), 29, 43
DACEs (Discretionary Access Control Entries), 30
DACLs (Discretionary Access Control Lists), 30
Data
classification criteria, 229–230, 244
data abstraction, 287–289, 293
data hiding, 287
data repositories, 261
dictionaries, 267–268
diddling attacks, 307, 323
encyclopedias, 267–268
primary storage, 288, 293
real storage, 289, 293
secondary storage, 289, 293
sequential storage, 289, 293
storage systems, 288–289, 293
virtual storage, 289, 293
see also Databases
Database Management System (DBMS), 273–274
Databases, 294
aggregation of rights, 270–271, 292, 299
Database Management System (DBMS), 273–274
data mining, 268–270, 292
data warehouses, 267–268
defined and described, 263–266
denormalization, 272
flat databases, 266
garbage collection (storage reclamation), 274
hierarchical databases, 266
inference and security, 270, 292
keys, 265
metadata, 265, 291
Multilevel Security (MLS), 272–273
network databases, 267
object-oriented databases, 267
OLTP (Online Transaction Processing), 274–275
partitioning, 272, 292
perturbation, 272
polyinstantiation, 271–272, 292
queries, 265
relational databases, 264, 266–267, 274
relationships (one-to-one, one-to-many, many-to-many), 265, 266, 291
security issues, 270–273
system high model, 273
terminology, 264–266, 295–296, 299
tuples, 265
views, 265–266, 292, 299
Data Circuit Terminating Equipment (DCE), 117
Data classification criteria, 229–230, 244
Data Encryption Standard (DES), 18, 156–157
Data Link Layer, 97
Data marts, 267–268
DAT (digital audio tape), 108
DBMS (Database Management System), 273–274
DCE (Data Circuit Terminating Equipment), 117
DCEs (distributed computing environments), 248–249, 291
Decryption, 17
Degradation of service, 38–39
Degrees, databases, 264
Demilitarized Zones (DMZs), 129, 135, 146
Denial of Service (DoS) attacks, 18, 36–38, 44, 50
Denormalization and database security, 272, 296
DES (Data Encryption Standard), 18
Detective controls, 202, 243
Devices, 137, 143–144, 238
Asynchronous Transfer Mode (ATM) switches, 131, 135
bridges, 131–132
brouters, 138
firmware updates for, 255–256
hardware segmentation, memory allocation, 287
hubs, 132
mobile and wireless device security, 238
modems, 132–133
routers, 130–131, 143–144
switches, 131, 135
Telecom / PBX, 132
DHCP (Dynamic Host Configuration Protocol), 260–261
Dial-up (asynchronous), 57
Dictionaries, data dictionaries, 267–268
Dictionary attacks, 38
Diddling attacks, 307, 323
Digital audio tape (DAT), 108
Digital linear tape (DLT), 108
Digital signatures, 18, 151–152, 186
hashing and, 164
PKI and, 168–169
Digital Subscriber Line (DSL), 118
Directories, UNIX directories, 349
Directory security, 76–77, 261
Disaster recovery, 240
alternative sites (hot, warm, and cold), 206–207, 240
business continuity planning, 208–210
defined, 202
disaster recovery plans, 207–208, 209, 234, 240
fault tolerance, 209–210
GFS backups, 203–204, 239–240
server clustering, 210
Discretionary access, 21
matrices, 31
Discretionary Access Control (DAC), 29, 43, 48
Discretionary Access Control Entries (DACEs), 30
Discretionary Access Control Lists (DACLs), 30
Diskettes, 110
Disk mirroring, 209
Distributed computing environments (DCEs) and, 248–249, 291
DMZs (Demilitarized Zones), 129, 135, 146
DNS (Domain Name Service), 90, 129, 135, 167–168, 259–260
inverse queries, 260
DNSSEC (Domain Name System Security), 167–168, 259–260
Documentation, 241–242
change documentation, 228–229, 235
data classification criteria, 229–230, 244
destruction and prevention policies, 233
inventories and logs, 231–232
notification procedures, 230–231, 235
standards, policies and guidelines, 227
storage and retention of, 232–233
systems architecture, 227–228
Domain Name Service (DNS), 90, 129, 135, 167–168, 259–260
inverse queries, 260
Domain Name System Security (DNSSEC), 167–168, 259–260
Domains, 286
databases and, 265
Doors, physical security, 234
DoS (Denial of Service) attacks. See Denial of Service (DoS) attacks
Dropper files, 339
DRPs (disaster recovery plans), 207–208, 209, 234
DSL (Digital Subscriber Line), 57, 118
speeds, 136
Dual-homed hosts, 137
Due Care and Due Diligence, 212, 235
Dumpster diving, 241–242
Dynamic Host Configuration Protocol (DCHP), 260–261, 291
| < Day Day Up > |
|