| < Free Open Study > |
|
Cable modems, 57
Cables and cabling, 139, 140, 239
coaxial cables, 104–105, 198
crossover cables, 106
crosstalk, 198
fiber-optic cables, 107
RJ-11 and RJ-45 connectors, 106
shielded twisted pair (STP) cables, 105
shielding, 198
thicknet, 104
thinnet, 105
twisted-pair cables, 105
unshielded twisted pair (UTP) cables, 105–106
Cardinality, databases, 264, 294
CAST algorithm, 160
CAT5 UTP, 136
CCTV (closed circuit television), 234, 317, 328
Cells, databases, 264
Centralized access control, 43
Certificate policies, 171–172, 182
Certificate revocation lists (CRL), 174, 183
Certificates and certification, 51
certificate policies, 171–172, 182
certificate revocation lists (CRL), 174, 183
certification, 284, 292, 298
certification paths, 172
certification practice statements, 173, 182, 188
defined, 17, 182
destruction of, 179
expiration of, 179
Online Certificate Status Protocol (OCSP), 174
personal certificates, 170–171
PKI and, 168–176
policy constraints extension, 172
policy mapping extensions, 172
renewal, 179
revocation of, 173–174, 183
server certificates, 169–170
Certification Authority (CA), 152–153, 182, 186
defined, 17
CGI (Common Gateway Interface), 74–75
Challenge-Handshake Authentication Protocol (CHAP), 57, 116–117, 136, 141–142
Change controls, 287–288
Change documentation, 228–229, 235
CHAP (Challenge-Handshake Authentication Protocol), 57, 116–117, 136, 141–142
Chernobyl virus, 341, 353
Choke point, 134
CIA Triad, 212–213, 234, 237–238
application hardening and, 262–263
CIH virus, 341
Cipher text, 17
Circuit gateways, 127, 136, 141
CISes (Computer Information Systems), 278
Civil law, 302, 320, 327
Clark-Wilson access control model, 22
Classifications (labels), 30
Clearances, 30
Clustering, 210, 234
COAST (Computer Operations, Audit, and Security Technology), 318
Coaxial cables, 104–105
Commands, UNIX / LINUX, 350–351
Common Gateway Interface (CGI), 74–75
Communications security
directory security, 76–77
802.1X, 59–61
FTP (File Transfer Protocol), 77–80, 84, 129, 146, 259–260, 291
remote access, 56–59
wireless security, 80–82, 232
see also E-mail security; Web security
Compilers and compilation, 285–286
CompTIA Security+ Certification Exam
communications domain of, 4–5
cost of, 5–6
cryptography domain of, 5
general security domain of, 4
infrastructure security domain of, 5
operational / Organizational domain of, 5
practice exams, 363–380
preparation for, 1–2, 9–10, 11–12
prerequisites for, 5–6
registration for, 5–6
scope of, 3–6
structure and format of exam, 8–9
test site requirements, 7–8
tools, tips, and study techniques, 8–9
value of, 3
CompTIA Web site, 8, 13
Computer Abuse Amendments Act (1994), 305
Computer Ethics Institute, 311–312
Computer Fraud and Abuse Act (1986), 304
Computer Information Systems (CISes), 278
Computer Operations, Audit, and Security Technology (COAST), 318
Computer Security Act (1987), 304–305
Computing environments
distributed (DCEs), 248–249, 291
local / non-distributed, 253–254
Confidentiality and privacy, 69–70, 212, 241–242, 244
CIA Triad, 212–213, 234
computer information privacy, 69–70
cryptography, 150
data classification criteria, 229–230
defined, 182
leaks, 62
protecting, 62
Web security, 69–70
Connectivity. See Media, removable
Content, illegal Internet content, 309–311
Contingency planning, 208–210, 234
Cookies, 69–71, 83, 89
Copyrights, 303
Corrective controls, 202, 243
Countermeasures, 17
Covert channels, 272, 292, 297
Crackers, 17, 39, 44, 50
Cracks, 17
Crimes, computer related, 243, 321–328, 325–326
cyber stalking, 310, 320
embezzlement, 309
espionage, 308–309, 319
forensics, 222–223, 243
fraud, 309, 319, 326
hackers and hacking, 18, 310, 319
illegal content, 309
investigation, 313–317
MOM (motive, opportunity, means), 317–318, 320, 326
pornography, 310–311
software piracy, 308, 320
surveillance, 317–318
see also Attacks; Ethics; Laws
Criminal law, 302, 320
CRM (Customer Relationship Management), 269–270, 297
Crossover cables, 106
Crosstalk, 198
Cryptography
access control, 153–154
algorithms and, 154–165
authentication and, 152
confidentiality, 150
defined, 17, 149
digital signatures, 152–153, 164, 168–169
DNSSEC, 167–168, 259–260
integrity, 151, 163, 182
message digests, 151, 187
nonrepudiation, 18, 151, 182
SHTTP, 166
S / MIME, 166–167
SSH, 167
SSL and, 166, 182, 187
standards and protocols, 165–168
trust models, 174–176, 183, 186
see also Algorithms; Encryption; Keys
CSMA / CD error detection, 99
Custodian, defined, 221
Customer Relationship Management (CRM), 269–270, 297
| < Free Open Study > |
|