Index_I
I
IATF, 48
attack classes, 51 “52
Defense-in-Depth strategy and, 53
defined, 51
Identity theft, 277
IEEE 802.1x, 228 “31
authentication, 229
defined, 228
IEEE 802.11, 117, 118
IEEE 802.11a, 121 “22
IEEE 802.11b, 122
IEEE 802.11g, 122 “23
IEEE 802.11h, 123
IEEE 802.11i, 302 “5
Illegal content, placement of, 220
Incident handling, 70 “71
process overview, 70 “84
process planning, 73
Incident Handling Process Planning (IHPP), 73
Incident Response Group Operations Handbook, 71
Incidents
containment, 77 “78
containment planning, 77 “78
containment strategies, 78
cyberattacks , countering , 82 “83
defined, 70
detection practices, 77
detection techniques, 76 “77
detection tools, 76
disruption of service, 72
eradication, 78 “79
espionage, 72
hoaxes , 72
identification, 75 “77
information, collecting/protecting, 74 “75
lessons learned implementation, 81
malicious code attacks, 71 “72
management of, 1, 69 “84
misuse, 72
postmortem analysis, 80
recovery, 79
reporting and communication, 81 “82
review and prevention, 79 “82
risk assessment, 81
system and network logging functions, 75 “76
types of, 71 “73
unauthorized access, 72
unauthorized utilization of services, 72
Independent Basic Service Sets (IBSSs), 303
Industrial espionage, 9 “12
cases, 10
consequences, 9 “10
defined, 10
economic, 10
measures against, 11 “12
reasons for, 9
See also Espionage
Information assurance, 47 “52
Information Assurance Technical Framework. See IATF
Information Sharing and Assessment Centers (ISACs), 83, 169
Information Technology System and Network Maintenance Policy, 164
Infrastructure attacks, 8
Insider attacks, 51 “52
Intermediate certificates, 131
Internal Access Control, 33
Internet fraud, 5 “7
categories, 5 “6
Nigerian Letter Scam, 6 “7
rise of, 5
Internet Fraud Complaint Center (IFCC), 5 “7
Internet Key Exchange (IKE), 248
Internet Service Providers (ISPs), 49, 105 “6
Intruder network access, 199 “205
active attacks, 199, 200
authentication weakness exploitation, 204
confidentiality weakness exploitation, 202 “3
cryptographic weakness exploitation, 204 “5
data integrity weakness exploitation, 203
MAC address spoofing/circumventing filters, 201 “2
passive attacks, 199 “200
rouge AP exploitation, 202
WEP decryption tools, 201
WLAN attacks, 200 “201
See also Intrusion process
Intrusion detection
host-based, 60 “65
network-based, 66 “67
Intrusion Detection Systems (IDSs), 275 “79
defined, 275
as effective tool, 279
host-based, 277
network-based, 276 “77
security policy and, 279
type decision, 276
wired network products, 275 “76
wireless, 276
Intrusion process, 191 “222
antennas, 210
application layer analyzers, 215
audit and discovery tools, 196 “98
DoS attacks/tools, 210 “13
network access, 199 “205
network discovery tools, 198
networking utilities, 198 “99
OS fingerprinting, 215
password gathering/cracking software, 205 “9
peer-to-peer attacks, 217
port scanning, 215
profiling, 191 “92
rogue devices, 213 “15
searching publicly available sources, 193 “94
share enumerators, 209
social engineering, 192 “93
war-chalking, 194 “95
war-driving, 194
war-flying, 195
wireless cards, 210
See also WLANs
Investigations, 112 “13
IPSec
drawbacks, 344
as open standards framework, 344
recommendation, 343
security features, 345
VPN connections, 344
IPSec/IKE, 249 “53
Authentication Header (AH), 250
Encapsulating Security Payload (ESP), 250, 251
problems, 253
support, 249
in wireless remote-access scenario, 251
See also Virtual Private Networks (VPNs)
Wireless Operational Security
ISBN: 1555583172
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 153
Pages: 153