Index_C | Wireless Operational Security

C

Cable Act, 104 “5

Centralized Administration Model, 31 “32

CERT Coordination Center (CERT/CC), 168

Certificate Authority (CA), 129, 134

functioning, 134

process hierarchy, 134

root keys, 150

Certificates

chains, 130, 150

defined, 129

digital, 135, 256

distribution, 135 “36

intermediate, 131

introduction to, 129 “31

management, with PKI, 132 “37

revocation, 136

root, 129

solo, 130

SSL, 131

validation, 131 “32

Classification levels, 48

Client hijacking, 213

Close-in attacks, 51

CodeRed worm, 83 “84

Code signing, 149

Common Criteria (CC), 56 “57

defined, 56

evaluation, 56

Model, 56 “57

uses, 57

Common Gateway Interface (CGI) parameters, 88

Common Intrusion Detection Framework (CIDF), 66

Common Vulnerabilities and Exposures (CVE), 66

Communications

of computer trespassers, intercepting, 106 “8

incidents, 81 “82

providers, emergency disclosures, 105 “6

voice, 102

voice-mail , 102 “3

Communications Security (COMSEC), 59

Computer Emergency Response Team (CERT), 55

Computer Security Awareness and Training (CSAT), 15

Computer Security Incident Response Team (CSIRT), 73 “74

composition, 74

defined, 73

training, 74

See also Incident handling; incidents

Computer trespassers, 106 “8

Concepts, 3 “21

Confidentiality, 23

Kerberos, 290

per-packet data, 248

weakness exploitation, 202 “3

Configuration subversion, 90

Connected Limited Device Configuration (CLDC), 141

Constrained user interfaces, 35 “36

database views, 36

defined, 35

menu-driven systems, 35 “36

physically, 36

Content-based security, 138 “39

Cookie poisoning , 88 “89

Counter with Cipher Block Message Authentication Code Protocol (CCMP), 302 “3

Crack, 42 “43

Critical Infrastructure Assurance Office (CIAO), 83

Cryptographic weakness exploitation, 204 “5

Cryptography toolkits, 141 “47

B3 Security, 145 “47

Bouncy Castle (BC) lightweight API, 142 “43

mobile requirements, 141 “42

NTRU Neo for Java toolkit, 144 “45

Phaos Technology Micro Foundation toolkit, 143 “44

See also Mobile security

Cyberattacks

countering , 82 “83

real-world example, 83 “84

Cyber Attack Tiger Team (CATT), 55

Cybersecurity forensics, 112

Cybersecurity Operations Handbook , 3

Cyberterrorism prevention, 108 “12

aggregating damage caused by hackers, 110

counting state convictions as "prior offenses ," 111 “12

cybersecurity forensic capabilities, 112

damaging computers used for national security, 110 “11

definition of loss, 112

hacker's intent vs. degree of damages, 109 “10

mandatory minimum sentences elimination , 109

maximum penalty for hackers, 109

"protected computers," 111