List of Sidebars

Chapter 2: Access Controls

Head of the Class…
The Dawn of Biometrics

Notes from the Underground…
Using Sniffers to Attack

Damage & Defense…
Penetration Testing Tips

Chapter 3: Administration

Head of the Class…
Developers and Least Privilege

Damage & Defense…
NSA INFOSEC Assessment Methodology

Notes from the Underground…
Implementing Security Awareness Training

Chapter 4: Audit and Monitoring

Damage & Defense…
Log Tampering

Head of the Class…
The Best Laid Plans…

Head of the Class…
War Chalking

Notes from the Underground…
Social Engineering

Chapter 5: Risk, Response, and Recovery

Damage & Defense…
Contact Lists May Make the Difference When Fixing a Problem

Head of the Class…
Social Engineering

Notes from the Underground…
Law Enforcement versus Private Citizen

Head of the Class…
Forensic Procedures

Chapter 6: Cryptography

Head of the Class…
Theory versus Reality

Notes from the Underground…
Shhh… It's a Secret

Damage & Defense…
LANMAN Weaknesses…

Head of the Class…
Big Brother

Notes from the Underground…
Netscape's Original SSL Implementation:
How Not to Choose Random Numbers

Chapter 7: Data Communications

Head of the Class…
Common Network Topologies

Head of the Class…
Screensaver versus S/MIME

Notes from the Underground…
Points of Entry

Damage & Defense…
Network Infrastructure and Planning

Chapter 8: Malicious Code and Malware

Head of the Class…
How to Recognize the Symptoms of an Infected System

Damage & Defense…
Back Orifice Limitations

Damage & Defense…
What Makes DNS Spoofing So Dangerous?

Head of the Class…
Who's Listening?

Head of the Class…
Should Scanning Be Illegal?