S


SA (security association), 107

sabotage, 254, 342

sacrificial lamb (bastion host), 104

Safe Harbor, 322

safeguard, BC23

sag, BC23

sandbox, for Java, 156

SANS (Systems Administration, Network- ing, and Security), 15, 381, BC33–BC34

Sarbanes-Oxley Act (SOX), 321–322

S-boxes (Substitution boxes), 192

SBU (Sensitive but Unclassified), 128, BC23

scalar processor, 225

scan

application scan, 68, BC2

definition, BC23

finger scan systems, 51

host scan, 68

port scan, 68, 268, BC20

vulnerability scan, 268

screened-host gateway, 104–105

screening router, 103, BC23

screw-type connector, 78

script injection, 115

script kiddies, 182, 311

SDLC (software development life cycle), 69, BC25

SDLC (Synchronous Data Link Control), 90

SDSL (Single-Line Digital Subscriber Line), 89

search warrant, 328

secondary evidence, 324, BC23

secondary memory, 227

Secret information, 128

secret key (symmetric key cryptography), 198–203, BC27

secure and signed message format, 205, BC23

Secure Electronic Transaction (SET), 100, 214, BC24

Secure European System and Applications in a Multi-vendor Environment (SESAME), BC24

Secure Hash Algorithm (SHA-1), 209

Secure HypterText Transfer Protocol (S-HTTP), 100, 214–215, BC24

Secure Key Exchange Mechanism (SKEME), 107

secure message format, BC23

Secure Multipurpose Internet Mail Extensions (S/MIME), 99, 212, BC24

Secure Remote Procedure Call (S-RPC), 100

Secure Shell (SSH or SSH-2), 96, 216, BC25

Secure Sockets Layer (SSL), 107–108

Secure Sockets Layer/Transport Layer Security (SSL/TLS), 96, 214, BC25

Security Architecture and Design domain

access control models, 232–235

computer architecture, 223–229

definition, 22, 223

evaluation criteria, 235–241

prep test questions about, 244–246

recovery procedures, 231

resources for, 243

security architecture, 229–232

system certification and accreditation, 241–242

security association (SA), 107

security awareness, 146–147, BC23

security badges, 347–348

security clearance, 133–134

security controls, 169–173, 259–262

security guards, 346

security kernel, 171, 229–230, BC23

security management, 21, 132–133

security modes of operation, 230–231, BC23

security organizations, 30–31, 375–381. See also (ISC)2

Security Parameter Index (SPI), 107, 215

security perimeter, BC24

security policy, 131

Security Protocol ID, 107

security protocols, 96–97, 99–100

self-study, resources for, 13–14

senior management policies, 131, 136

Sensitive but Unclassified (SBU), 128, BC23

sensitive information, handling, 252

sensitivity labels, 64–65, BC24

separation of duties and responsibilities, 138, 256–257, BC24

separation of privilege, 170

September 11, disaster recovery planning changed by, 279

Sequenced Packet Exchange (SPX), 96

sequential memory, 227

Serial Line IP (SLIP), 87, BC24

Service Level Agreement (SLA), 132, 172–173, BC24

SESAME (Secure European System and Applications in a Multi-vendor Environment), 59, BC24

session hijacking (spoofing), 62, 118, 178, BC24–25

Session Layer (Layer 5), OSI model, 97–98

SET (Secure Electronic Transaction), 100, 214, BC24

severe weather damage, 341

sexual harassment, 255

SHA-1 (Secure Hash Algorithm), 209

shielded twisted pair cable (STP), 79, 80

S-HTTP (Secure HypterText Transfer Protocol), 100, 214–215, BC24

signature dynamics, 53

signature-based IDS, 109, 270

Simovits Consulting, BC33

simple integrity property, 66, 234, BC4

Simple Key Management for Internet Protocols (SKIP), 97, BC24

Simple Mail Transfer Protocol (SMTP), 99, 112

Simple Network Management Protocol (SNMP), 99

simple security property (ss property), 66, 233, BC4

simplex mode, 97

single key (symmetric key cryptography), 198–203, BC27

Single Loss Expectancy (SLE), 142

single point of failure, avoiding, 126

single sign-on (SSO), BC26

Single-Line Digital Subscriber Line (SDSL), 89

site design, 343–345

The Site Security Handbook (RFC 2196), 131

SKEME (Secure Key Exchange Mechanism), 107

S/Key protocol, 53

SKIP (Simple Key Management for Internet Protocols), 97, BC24

SLA (Service Level Agreement), 132, 172–173, BC24

Slashdot Web site, BC33

SLE (Single Loss Expectancy), 142

SLIP (Serial Line IP), 87, BC24

smart card, 348

SMDS (Switched Multimegabit Data Service), 90, BC24

S/MIME (Secure Multipurpose Internet Mail Extensions), 99, 212, BC24

SMTP (Simple Mail Transfer Protocol), 99, 112

Smurf attack, 118, BC25

sniffing, 179, BC25

SNMP (Simple Network Management Protocol), 99

social engineering, 62, 178, 269, BC25

software. See also Application Security domain

antivirus software, 180–181, 248, BC2

application software, BC2

definition, 228, BC25

integrity of, 154

malware, BC16

software development life cycle (SDLC), 69, BC25

software escrow agreements, 287

SONET (Synchronous Optical Network), BC27

SOX (Sarbanes-Oxley Act), 321–322

spam, BC25

spam over instant messaging (SPIM), 114

spam over Internet telephony (SPIT), 114

spam prevention, 112–114

spear phishing, BC25

SPI (Security Parameter Index), 107, 215

spike, BC25

spoofing (session hijacking), 62, 118, 178, BC24–25

SPX (Sequenced Packet Exchange), 96

spyware, BC25

SQL (Structured Query Language), 98

SRAM (Static RAM), 227

S-RPC (Secure Remote Procedure Call), 100

ss property (simple security property), 66, 233, BC4

SSCP (Systems Security Certified Practitioner), 32, 380

SSH or SSH-2 (Secure Shell), 96, 216, BC25

SSL (Secure Sockets Layer), 107–108

SSL/TLS (Secure Sockets Layer/Transport Layer Security), 96, 214, BC25

SSO (single sign-on), 54–58, BC26

stack (buffer) overflow attack, 62, 115, BC5

standards, 130–131, BC26

star integrity property (* integrity property), 66, 234, BC4

star property (* property), 66, 233, BC4

star topology, 77, BC26

state machine model, 65, BC26

stateful inspection firewall, 102, BC26

static password, 53, BC26

static password tokens, 54

Static RAM (SRAM), 227

statistical anomaly-based IDS, 109

statistical attack, 217

statutory damages, 305, BC26

steganography, 197–198, BC26

storage areas, 347

STP (shielded twisted pair cable), 79–80

stream cipher, 191, BC26

strong authentication, BC26

Structured Query Language (SQL), 98

study groups, 30, 367

study plan, 12–16

subject, BC26

subpoena, 328

Substitution boxes (S-boxes), 192

substitution cipher, 192, BC26

superscalar processor, 225

supervisor mode, 172, BC26

surge, BC26

surveillance, 349–350

switch, 81, 91, BC26

Switched Multimegabit Data Service (SMDS), 90, BC24

Switched Virtual Circuit (SVC), 89–90

symmetric key cryptography, 198–203, BC27

SYN flood, 117, BC27

synchronous communication, 91

Synchronous Data Link Control (SDLC), 90

synchronous dynamic password tokens, 54

Synchronous Optical Network (SONET), BC27

system access controls, 43–44, 59–62, BC27

system high mode, 171, 231, BC27

system messages, at logon, 47

system test, 166

Systems Administration, Networking, and Security (SANS), 15, 381, BC33–BC34

systems development life cycle, 162–169

Systems Security Certified Practitioner (SSCP), 32, 380




CISSP For Dummies
CISSP For Dummies
ISBN: 0470537914
EAN: 2147483647
Year: 2004
Pages: 242

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net