Index_A
A
AAA (authentication, authorization, and accounting). See also 802.1x port-based authentication
accounting on Cisco Secure PIX Firewall, 301 “302
accounting on IOS-based equipment, 300 “301
authentication on Cisco Secure PIX Firewall, 292 “295
authentication on IOS-based equipment, 282
authorization on Cisco Secure PIX Firewall, 297 “300
authorization on IOS-based equipment, 295 “296
firewalls and, 48
login authentication with RADIUS, 282 “287
login authentication with TACACS+, 287 “292
mechanisms used for, 9, 281
acceptable-use policy (AUP)
communicating to users, 392
content filtering as support to, 207
overview, 35
access control lists. See ACLs (access control lists)
access points (APs). See WAPs (wireless access points)
accounting. See also AAA (authentication, authorization, and accounting)
Cisco Secure PIX Firewall, 301 “302
IOS-based equipment, 300 “301
accounting (asset management), 335
ACK ( acknowledgement ), 409
acknowledgement (ACK), 409
ACLs (access control lists)
compared with segmentation of network, 373
implementing, 4, 10 “12
for traffic filtering, 182 “187
ActiveX applets, 212
administrative assistants, 484
administrators
individual roles and responsibilities, 507 “508
reviewing security practices of, 398
training/ educating , 28
as user type, 25
AES (Advanced Encryption Standard), 142, 266
AH (Authentication Header), 136 “140
alarms
analyzing, 88
false positives vs. true positives, 75
ALE (Annualized Loss Expectancy), 493, 495
alerts
Cisco IDS, 99 “102
Kiwi Syslog, 323 “328
PureSecure, 98 “99
WhatsUp Gold, 316
ALO (Annualized Rate of Occurrence), 493
analog/ISDN policy, 30
Annualized Loss Expectancy (ALE), 493
Annualized Rate of Occurrence (ALO), 493
anomaly detection, 77
antivirus policy. See also viruses
overview, 30
application proxies, 10, 40 “41
applications
patches/updates, 472
removing unnecessary, 50
testing in change management process, 441
updating in change management process, 442 “443
APs (access points). See WAPs (wireless access points)
archiving data, 328 “329
ARP poisoning , 380
assets, assigning value to, 490 “491
attachments, e-mail, 236 “237
audit, vulnerability assessment, risk assessment policy, 31
Audit/Vulnerability Assessment/Penetration Testing Group, 508
auditing
components of, 399
configuration management and, 331 “332
external audit, 422 “425
internal audits , 400
methods , 400
port scanning with Nmap, 406 “410
tools and documentation for, 400 “406
vulnerability assessment with Nessus, 410 “422
auditors
financial auditors, 521
as potential champions , 484
AUP (acceptable-use policy)
communicating to users, 392
content filtering as support to, 207
overview, 35
authentication. See also AAA (authentication, authorization, and accounting)
Cisco Secure PIX Firewall, 292 “295
firewalls and, 48
IKE and, 146 “150
on IOS-based equipment, 282
login authentication with RADIUS, 282 “287
login authentication with TACACS+, 287 “292
NTP and, 62
port-based. See 802.1x port-based authentication
VPNs and, 121 “123
Authentication Header (AH), 136 “140
authentication servers
802.1x networks, 303
RADIUS/TACAS, 249 “250, 266
authorization
Cisco Secure PIX Firewall, 297 “300
firewalls and, 48
IOS-based equipment, 295 “296
types of, 296
VPNs and, 121 “123
auto-negotiation , VTP, 199
Hardening Network Infrastructure. Bulletproof Your Systems Before You Are Hacked.
ISBN: N/A
EAN: N/A
EAN: N/A
Year: 2004
Pages: 125
Pages: 125