|
|
N-IDS (Network-based IDS), 178–180, 178, 179, 519
NAT (Network Address Translation), 29, 29, 517
National Computing Security Center (NCSC), 517
National Infrastructure Protection Center (NIPC), 479
National Institute of Standards and Technology (NIST), 360, 479, 517–518
National Security Agency (NSA), 359, 518
National Security Institute (NSI), 479
NCP (Network Control Protocol), 124, 518
NCSC (National Computing Security Center), 517
NDPS (Novell Distributed Print Services), 519
NDS (NetWare Directory Services), 170, 171, 227, 518
Need to Know policies, 426–427, 518
NetBEUI (NetBIOS Extended User Interface), 172, 172, 220, 518
NetBIOS (Network Basic Input Output System), 171, 519
NetBus, 56
NetMeeting, 132
NetWare Directory Services (NDS), 170, 171, 227, 518
NetWare Link State Protocol (NLSP), 518
NetWare Loadable Module (NLM), 518
Network Address Translation (NAT), 29, 29, 517
Network-based IDS (N-IDS), 178–180, 178, 179, 519
Network Basic Input Output System (NetBIOS), 171, 519
network components, 106–122
configuring devices for secure networks, 234–235
firewalls, 106–110, 107
defined, 106, 510
packet filters, 107
proxy firewalls, 107–109, 107, 523
stateful inspection, 109–110
mobile devices, 121–122, 122
modems, 114, 517
network device updates, 233–234
network monitoring and diagnostics, 118–119
overview, 106
Remote Access Services, 114–115, 115
routers, 110–111, 110, 111, 525
servers, 121
switches, 112, 112
telecom/PBX systems, 115–116, 116
used for network monitoring, 177
VPNs, 117, 117
wireless access points, 112–113, 113, 534
workstations, 120
Network Control Protocol (NCP), 124, 518
Network File System (NFS), 173, 173, 229, 230, 519
network interface cards. See NICs
Network Interface layer, 63, 518
Network layer, 519
Network News Transfer Protocol (NNTP), 20, 239
Network Operations Center (NOC), 105, 518
network share connections, 240
network sniffers, 68–69, 118, 518. See also sniffers
networks. See also implementing secure networks; monitoring communications
ad hoc RF, 501
change management
change documentation, 464–465, 472–473, 504
change notification, 473–474
change staging, 471–472
scheduling changes, 471
changing configurations when intruder detected, 182, 183
client/server, 504
components, 106–122
configuring devices for secure networks, 234–235
firewalls, 106–110, 107
mobile devices, 121–122, 122
modems, 114, 517
network device updates, 233–234
overview, 106
Remote Access Services, 114–115, 115
routers, 110–111, 110, 111, 525
servers, 121
switches, 112, 112
telecom/PBX systems, 115–116, 116
VPNs, 117, 117
wireless access points, 112–113, 113, 534
workstations, 120
creating corporate connection to business partners, 30–31
defined, 518
hardening, 233–236
Access Control Lists, 235
configuring network devices, 234–235
enabling and disabling services and protocols, 235
network device updates, 233–234
implementing secure, 213–253
application hardening, 236–246
developing security baselines, 216–218
exam essentials, 248–249
exam objectives, 213
key terms, 249
network hardening, 233–236
OS/NOS hardening, 218–233
overview, 246–247
overview of threats, 214–216
review question answers, 255–256
review questions, 250–254
Internet connections and growth of, 127
monitoring, 118–119, 168–174
Apple and AppleTalk protocol, 173
components used for, 177
Intrusion Detection Systems (IDS), 118–119, 119
Microsoft protocols and susceptibilities, 170–173
Network File System, 173, 173
network monitors, 118
Novell protocols and susceptibilities, 170–171, 171
overview, 168–169
systems for, 173–174, 174
TCP/IP and potential threats, 169–170
network attached storage, 518
network binding, 219, 219, 220
network taps, 174, 174
operational security issues for, 4, 5–6, 6
partitioning, 263–264, 264, 520
placement of N-IDS in, 179
public, 523
smurf attacks, 73–74, 74
transmission of viruses in, 83
typical infrastructure of, 104
working with secure, 257–308
Business Continuity Planning, 276–279
exam essentials, 299–300
exam objectives, 257
information classification, 285–297
key terms, 300–301
overview, 258, 297–299
physical security, 258–276
policies, standards, and guidelines, 279–283
review question answers, 307–308
review questions, 302–306
security standards and ISO 17799, 283–285, 372–373, 515
NFS (Network File System), 173, 173, 229, 230, 519
NICs (network interface cards)
defined, 519
promiscuous mode for, 68
NIPC (National Infrastructure Protection Center), 479
NIST (National Institute of Standards and Technology), 360, 479, 517–518
NLM (NetWare Loadable Module), 518
NLSP (NetWare Link State Protocol), 518
NNTP (Network News Transfer Protocol), 20
NNTP servers, 239
NOC (Network Operations Center), 105, 518
non-repudiation, 330, 346, 519
nonessential services, 21, 519
Noninterference model, 296, 296, 519
NOS hardening. See OS hardening
notification
defined, 176, 519
as passive response to intrusion, 181
notification policies, 460, 519
Novell Distributed Print Services (NDPS), 519
Novell NetWare
about eDirectory, 170, 243
file systems, 229
OS/NOS hardening, 227
security and NDS, 170, 171, 227, 518
Novell Support Connection, 519
NSA/CSS (National Security Agency/Central Security Service), 360
NSA (National Security Agency), 359, 518
NSI (National Security Institute), 479
O
offsite storage, 409, 519
one-tier model, 245, 519
one-time pad, 519
one-way process, 314
onsite storage, 409, 520
Open Shortest Path First (OSPF), 111, 520
Open Systems Interconnect (OSI), 520
operational security, 4, 5–6, 6, 520
operator, 176, 510
organizational security policies, 460–465
OS hardening, 218–233
Apple Macintosh, 228
defined, 120, 520
file systems, 228–231, 230
Microsoft Windows 9x systems, 221
Microsoft Windows 2000, 223–224, 224
Microsoft Windows .NET Server 2003, 225
Microsoft Windows NT 4 systems, 222–223
Microsoft Windows XP, 224–225
network protocol configuration, 218–221
Novell NetWare, 227
operating system updates, 231–233
hotfixes, 232, 511
patches, 232–233, 521
service packs, 232, 527
UNIX/Linux, 226–227
OSI (Open Systems Interconnect), 520
OSPF (Open Shortest Path First), 111, 520
out-of-band encryption, 320, 520
owner, 291, 520
|
|