|
|
e-mail exploitation, 76
encapsulation of, 63–64, 64
handling bounced message incidents, 189–190
Internet connections for, 129–130
scanning for viruses on e-mail servers, 237, 237
viruses spreading via, 78, 78, 79
vulnerabilities of, 130–131
EAL (Evaluation Assurance Levels), 217, 509
eavesdropping, 51, 508
ECC (Elliptic Curve Cryptosystem), 269, 324, 509
eDirectory, 170, 243
educating users about security, 474–476
EICAR (European Institute for Computer Antivirus Research), 480
802.1X wireless protocols, 112, 124, 193–194, 500
El Gamal algorithm, 324
Electromagnetic Interference (EMI), 272–273, 273, 508
electronic flashcards, xvi
electronic watermarking, 312
Elliptic Curve Cryptosystem (ECC), 269, 324, 509
EMI (Electromagnetic Interference), 272–273, 273, 508
Encapsulating Security Payload, 509
encapsulation, 63–64, 64, 89
encoding, 509
encryption, 359–363
defined, 509
governmental agency, 359–360
NIST, 360
NSA, 359
NSA/CSS, 360
industry association, 360–363
ABA, 361
CCITT, 362
development process for, 360, 361
IEEE, 363
IETF, 361, 512
ISOC, 361, 514
ITU, 362, 362
Public Domain Cryptography, 363
W3C, 361–362, 534
PGP, 363, 370, 370
encryption key, 509
End User License Agreements (EULAs), 287
enforcing policies, 466–467
enticement, 186, 509
entrapment, 186, 509
enumeration, 201, 509
environmental security, 267–276
environmental control systems, 270–271
fire suppression, 274–276, 275, 510
location and security of computer facility, 269–270
power systems, 271–272
shielding, 272–274, 273
wireless cells, 268–269
escalation, 189, 509
escalation audits, 438
Ethernet, 509
ethics policies
about, 424–425
dealing with sensitive information, 467
EULAs (End User License Agreements), 287
European Institute for Computer Antivirus Research (EICAR), 480
European Union (EU), 485–486
Evaluation Assurance Levels (EAL), 217, 509
Event Viewer (Windows 2000), 224
events
defined, 175–176, 509
incidents and, 188
evidence
acquiring, 456
authenticating, 456–457, 502
collection of, 458–459, 505
tainted, 458
exam. See Security+ exam
exam essentials
attacks, 90–91
cryptography, 347, 388–390
infrastructure and connectivity, 156–157
monitoring communications, 203–204
secure networks, 248–249, 299–300
security concepts, 38–40
security management, 488–489
security policies and procedures, 441–443
exam objectives
comprehensive list of, xxviii–xxxvi
cryptography, 309, 357
for infrastructure and connectivity, 101–102
monitoring communications, 167
secure networks, 213, 257
for security concepts, 1
security management, 453
security policies and procedures, 399–400
for threats, 49
weighting of on test, xxvi–xxvii
exam preparation. See Security+ exam
exposure factor, 509
external threats, 34–35, 509
Extranet, 26, 26, 117, 509
|
|