|
Acceptable use policy, 16, 43, 49–50, 389–390
Access control, 147–165
AAA, 147
accounting, 152–154
assigning administrative status, 37
authorization, See Authorization
central servers (RADIUS/TACACS+), 163–165
default to secure state, 37
discretionary (DAC), 148–149
mandatory (MAC), 149–150
passwords, See Passwords
physical countermeasures, 45–46, 54
role-based (nondiscretionary), 150–152
security labels, 149
ACK bit (TCP header), 104–105, 107, 192, 214
SYN attack, 111–112
Address Resolution Protocol (ARP), 74, 82–84
Administrative countermeasures, 42–45, 49, See also Access control; Passwords
Advanced Encryption Standard (AES), 130
Alerts, 35–36, 264–266
Alias, 141
Annualized loss expectancy (ALE), 27–28, 32
Annualized rate of occurrence (ARO), 26–27, 31–32
Anomaly detection systems (ADSs), 259
Apple Talk, 72
Application layer, 72
filtering, 199, 226
proxy, 196
Application security, 137–146
patches, 137–138, 244
Asymmetric encryption algorithms, 130–134
Asymmetric keys, 121–122
ATM, 64, 72, 281–282
packet prioritization, 337
Attributes standard (PKCS), 182
Auditing
penetration testing, See Network penetration testing
router/firewall configuration, 221–222
Authentication, 147–148, See also Passwords
biometric identification, 32, 160–163
certificates and certification authorities, 123, 167–168, See also Public key infrastructure
Internet Key Exchange, 321
IPSec ESP options, 315
public key infrastructure function, 184, 185
trust models, 172–177
Web servers, 183
Authentication header (AH), 306, 307, 310–313
NAT interoperability, 327–328
security parameters index, 311–312
Authorization
discretionary access control (DAC), 148–149
mandatory access control (MAC), 149–150
nondiscretionary access control, 150–152
privileges, 150
security labels, 149
Autonomous system, 96–99
|