P


Packet Level Protocol (PLP), 89

packet (password) sniffing, 62, 268–269, BC19

packet-filtering firewall, 101–102, BC19

packet-switched network, 89–90

passive hub, 81

passive IDS, 108

passphrases, 45

Password Authentication Protocol (PAP), 110, BC19

password (packet) sniffing, BC19

passwords, 45–48, 53, BC19

patch and vulnerability management, 258

patent, 313, BC19

Patriot Act, BC19

P-boxes (Permutation boxes), 193

PBX fraud and abuse, 116

PEAP (Protected Extensible Authentication Protocol), BC19

PEM (Privacy Enhanced Mail), 99, 213, BC19

penetration testing, 67, 267–269, BC19

Permanent Virtual Circuit (PVC), 89–90

permissions, with DAC, 63

Permutation boxes (P-boxes), 193

permutation cipher, 192–193, BC28

personal identification number (PIN), 48, BC19

personnel, loss of, 343

personnel security policies and practices, 133–138

PGP (Pretty Good Privacy), 213, BC20

pharming, 113, BC20

phishing, 113, BC20

photo identification card, 347

phreakers, 183

physical address, 83

physical controls

for biometrics, 48

definition, 41–42, BC20

for Physical (Environmental) Security domain, 345–349

Physical (Environmental) Security domain

administrative controls, 356–357

definition, 24, 339, 357–358

environmental and life safety controls, 351–355

physical access controls, 345–349

prep test questions about, 359–361

resources for, 358

site and facility design, 343–345

technical controls, 349–351

threats, types of, 340–343

physical evidence, 324, BC22

Physical Layer (Layer 1), OSI model, 76–81

physical support, loss of, 254

PIN (personal identification number), 48, BC19

PKI (Public Key Infrastructure), 132–133, 210, BC20

plaintext, 196, BC20

PLP (Packet Level Protocol), 89

point-to-point links, WAN, 86–88

Point-to-Point Protocol (PPP), 87, 110, BC20

Point-to-Point Tunneling Protocol (PPTP), 106, BC20

policy, 130–131, BC20

polling networks, 83–84

polyalphabetic substitution, 192

polyinstantiation, 158, BC20

polymorphism, 158

pornography, 255

port scan, 68, 268, BC20

practice exam on CD-ROM, 13, 15, 367

Pre-Fetch Unit, 224

prep test questions in this book

for Access Control domain, 70–72

for Application Security domain, 185–187

for Business Continuity and Disaster Recovery Planning domain, 300–302

for Cryptography domain, 220–222

for Information Security and Risk Management domain, 149–151

for Legal, Regulations, Compliance, and Investigations domain, 336–338

for Operations Security domain, 274–276

for Physical (Environmental) Security domain, 359–361

practice exam on CD-ROM, 13, 15, 367

for Security Architecture and Design domain, 244–246

for Telecommunications and Network Security domain, 120–122

Presentation Layer (Layer 6), OSI model, 98

Pretty Good Privacy (PGP), 213, BC20

preventive controls, 259, BC20

principles for agents of change, 33

privacy, 124, 250–251, BC20

Privacy Enhanced Mail (PEM), 99, 213, BC19

privacy laws, 314–316

private key (symmetric key cryptography), 198–203, BC27

privileged entity controls, 260

privileged functions, 250

problem management, 271–272

procedures, 130, 132, BC21

process isolation, 169, BC21

processes, single point of failure for, 126

professional ethics, 130, 333–334, BC11

promiscuous mode, BC21

Protected Extensible Authentication Protocol (PEAP), BC19

protection domain, 227, BC21

protection rings, 230, BC21

Protection Test Unit (PTU), 224

proximate causation, 305, BC21

proxy server, BC2

prudent man rule, 305, BC21

pseudo flaw, 178, BC21

public key (asymmetric key cryptography), 203–207, BC3, BC21

Public Key Infrastructure (PKI), 132–133, 210, BC20

publications. See resources

punitive damages, 304–305, BC21

PVC (Permanent Virtual Circuit), 89–90




CISSP For Dummies
CISSP For Dummies
ISBN: 0470537914
EAN: 2147483647
Year: 2004
Pages: 242

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net