|
|
EBCDIC (Extended Binary-Coded Decimal Interchange Mode), 407
ECB (Electronic Code Book), 337, 349
education, role played in security, 235-237
electromagnetic interference (EMI), 400
Electronic Code Book (ECB), 337, 349
EMI (electromagnetic interference), 400
employment agreements, 145
employment policies/practices, 11, 144-148
encapsulating security payload protocol (ESP), 454
EnCase data recovery software, 310
for evidence collection (exercise), 312
encryption, 326, 342-379
algorithms for, 330-342
goals of, 328
link, 402
Presentation layer and, 407
sniffing attacks and, 458
See also cryptography
enhanced hubs, 400, 437
enterprise authentication, 45-52
environmental risks and threats, 132, 247
eradication of incidents, 298
escrow, for keys, 371-373
ESP protocol, 454
Ethernet, 417-419
event monitoring, 215
evidence, 305-313
collecting/preserving, 307-313
exercise for, 312
importance of care when handling, 311
evidence files, 307
examinations, 2, 5
study resources for, 27
exclusive OR (XOR), 343
exercises
access control objects, 34-36
alternate sites for business operations, 281
ARO, determining, 266
ARP spoofing, 438
binary math with XOR, 343-345
brute force attacks, cracking, 74-77
DAC model, viewing on UNIX, 114
data recovery software, 312
digital certificates, 361
evidence, collecting/preserving, 312
FTP, cracking with sniffing tool, 529-531
NT password hashes, cracking, 339-341
Ping of Death attack, 515
risk management, 234, 252-254
security checklist audit, 199-201
virus reports, creating, 486-491
volatile data in memory, viewing for incident investigation, 291
wardialers, using, 207
exploits, 497-525
Extended Binary-Coded Decimal Interchange Mode (EBCDIC), 407
external auditors, 185-188
|
|