Index_E

E

EBCDIC (Extended Binary-Coded Decimal Interchange Mode), 407

ECB (Electronic Code Book), 337, 349

education, role played in security, 235-237

electromagnetic interference (EMI), 400

Electronic Code Book (ECB), 337, 349

EMI (electromagnetic interference), 400

employment agreements, 145

employment policies/practices, 11, 144-148

encapsulating security payload protocol (ESP), 454

EnCase data recovery software, 310

for evidence collection (exercise), 312

encryption, 326, 342-379

algorithms for, 330-342

goals of, 328

link, 402

Presentation layer and, 407

sniffing attacks and, 458

See also cryptography

enhanced hubs, 400, 437

enterprise authentication, 45-52

environmental risks and threats, 132, 247

eradication of incidents, 298

escrow, for keys, 371-373

ESP protocol, 454

Ethernet, 417-419

event monitoring, 215

evidence, 305-313

collecting/preserving, 307-313

exercise for, 312

importance of care when handling, 311

evidence files, 307

examinations, 2, 5

study resources for, 27

exclusive OR (XOR), 343

exercises

access control objects, 34-36

alternate sites for business operations, 281

ARO, determining, 266

ARP spoofing, 438

binary math with XOR, 343-345

brute force attacks, cracking, 74-77

DAC model, viewing on UNIX, 114

data recovery software, 312

digital certificates, 361

evidence, collecting/preserving, 312

FTP, cracking with sniffing tool, 529-531

NT password hashes, cracking, 339-341

Ping of Death attack, 515

risk management, 234, 252-254

security checklist audit, 199-201

virus reports, creating, 486-491

volatile data in memory, viewing for incident investigation, 291

wardialers, using, 207

exploits, 497-525

Extended Binary-Coded Decimal Interchange Mode (EBCDIC), 407

external auditors, 185-188