Oakley Key Exchange Protocol, 107
object, 157, 158, BC18
object reuse, BC18
objectives, 129, BC18
object-oriented application, 157–158
object-oriented database, 159
OFB (Output Feedback), 201, BC18
One-time Pad, 196, BC18
one-time password, 53, BC18
one-to-many search, 48
one-to-one search, 48
one-way function, 205, 209, BC18
one-way hashing algorithm, 209
open message format, BC18
open system, 230, BC18
Open Systems Interconnection model. See OSI model
Open Web Applications Security Project (OWASP), 167
operating system (OS), 229, BC18
operations controls, 259–262
Operations Security domain
administrative controls, 261
administrative management and control, 256–258
antivirus and malware management, 248
audit trails, 262–267
auditing, 262
backups, 248–249
definition, 23, 247
fraud detection system, 251–252
ISO 27001 code, 259
least privilege, 249
legal requirements for data security, 251
monitoring, 267–272
need-to-know, 249
prep test questions about, 274–276
privacy, 250–251
privileged functions, 250
record retention, 252
remote access, 253
resources for, 273
security controls, 259–262
sensitive information, handling, 252
threats and countermeasures, 253–256
orange book, 235–239, BC19
OS (operating system), 229
OS detection, 68
OSI (Open Systems Interconnection) model
Application Layer (Layer 7), 98–100
Data Link Layer (Layer 2), 81–92
definition, 75–76, BC19
mnemonic to remember layers of, 75
Network Layer (Layer 3), 92–94
Physical Layer (Layer 1) of, 76–81
Presentation Layer (Layer 6), 98
Session Layer (Layer 5), 97–98
Transport Layer (Layer 4), 94–97
Output Feedback (OFB), 201, BC18
outsourcing, 132
OWASP (Open Web Applications Security Project), 167
owner, 136–137, BC14, BC19