Index_P

Previous page
Table of content
Next page

  < Day Day Up > 


P

Packet filtering

firewalls, 92

security table, 161

Panavision International, L.P. v. Toepen, 349

Partition status, 302

Password(s), 65, 66

accounts, 314

aging, 470

assurance, 470

BIOS, 101, 151, 274

brute force, 194, 311

changing, 298

cracking, 299

applications, 303

utilities, 236

Web pages, 303

default, 274

file, shadow, 166

hashes, 314

maintenance, 67

one-time, 66, 469

-protected

files, 303

screensaver, 101

removal, 139

screensaver, 151

weak, 139

Patent

protection, 351, 352

validity, 352

Payment gateway, 215

PBX, see Telephone Branch Exchange

PDA, see Personal digital assistant

PDD 63, see President's Decision Directive

Pen register installation, 393

Performance

checks, 113

metrics, 43

reviews, 107

standards, 43

testing, 69

PERL, 172

Personal digital assistant (PDA), 82

PGP, 504

Physical and environmental safety, 76

access controls, 76

building collapse, 76

fire safety factors, 76

plumbing leaks, 76

utilities failures, 76

workplace safety, 76

Physical facilities

protection strategies concerning, 30

redundant, 30

Physical write blocker utilities, 284

POC, see Points of contact

Points of contact (POC), 481, 482

Policies and procedures, 41-109

auditors, 103-105

data controls, 104

disaster recovery and business continuity, 104-105

systems development and programming policies, 104

workstation audit policies, 105

connecting to Internet, 69-71

e-mail policy, 51

e-mail storage, 54

employee privacy expectations and legal rights, 57-69

attorney-client communications using e-mail, 64-65

copyright violation, 68

ECPA, 58

employee copyright concerns, 61-62

employee labor organization, 63

employee software installation, 68

employees and trade secrets, 62-63

employees working at home, 59-60

harassment, discrimination, and defamation, 60-61

part-time and full-time employees, 60

passwords, 65-66

privacy acknowledgments, 59

privacy arguments, 59

reasons to monitor and audit employee behavior, 59

security through obscurity, 67

shoulder surfing, 67

something person has, 66

something person is, 66

something person knows, 66

spamming, spoofing, and organization, 63-64

use of banners, 68-69

employee use of e-mail, 54-57

attachments, 56

bad news, 55

confidentiality, 55

e-mail for managers, 57

encrypted communications, 57

forwarded e-mail, 56

message priority, 56

negotiations, 55

out-of-band communications, 57

plain, professional language, 55-56

salutations and signatures, 56

spam, 56

spelling and grammar, 56-57

enhancements to written policies, 50-51

audio/video productions, 50-51

classroom training sessions, 51

forensics policy, 78-81

secure sockets layer, 84

service set identifier, 83-84

virtual privacy network, 84

wireless network security, 82-85

wireless policies, 84-85

information systems support policies, 98-100

data entry, 99

technical support, 99-100

information technology human resources management policies, 105-108

employee departures on good terms, 108

employee termination, 107-108

getting best candidates for position, 105-106

job interviews, 106-107

performance reviews, 107

information tsunami, 51-52

Internet firewall policy, 91-95

application firewalls, 93

authentication, 92

firewall administration, 94

firewall types, 92-93

hardware firewall architectures, 93-94

remote firewall administration, 95

intrusion detection policies, 95-96

host-based IDs, 96

network and host IDs, 96

network management policies, 77-78

network vulnerability assessment policies, 85-87

identifying exposures, 86-87

plan to conduct vulnerability assessments, 86

resolving exposures, 87

organization of documents, 53-54

physical and environmental safety, 76-77

policies and procedures involving outsourcing, 89-91

policies, procedures, standards, and politics, 41-42

policy distributions, 50

policy of policy development, 44-48

changes, 46

common policy components, 45-46

doing policy right first time, 48

executive approvals, 46

policy exemptions, 46

policy team members, 45

team leadership, 45

vetting policies, 48

violations, 46-48

policy writing techniques, 48-50

application, 49

eternal view, 49

gender words, 49

plain language, 48-49

responsibility for compliance, 50

spelling and grammar, 49

securing systems, 100-103

systems development life cycle, 71-75

benefits, 72

documentation, 73-74

integrated product team, 72-73

management controls, 73

system accreditation and certification, 74-75

trust models, 44

vendor policies and procedures, 87-89

consultant procedures, 88-89

evaluating proposals, 89

outsource potentials, 88

outsource vendor selection procedures, 89

Web server policies and procedures, 97-98

Web server security policies and procedures, 97

Policy(ies)

employee privacy, 91

exemptions, 46

firewall administration, 94, 95

firewall backup, 95

forensics, 78

information system support, 98

Internet firewall, 91

intrusion detection, 95

IT human resources management, 105

outsourcing, 89

reasons for documenting, 43

systems development, 75, 104

vendor, 87

Web server, 97

wireless, 84

workstation audit, 104

Polygraph testing, 397

Pornography, 6

Port numbers, well-known, 409-449

POST, see Power-On Self Test

Power-On Self Test (POST), 272

President's Decision Directive (PDD 63), 8

Press

relations, 36, 37

releases, 485

Preventive controls, 117

Printer

laser, 476

logging, 476

sharing, 142

Print spooler files, 303

Privacy, 381-407

acknowledgments, 59

arguments, 59

employee, 391-397

employee legal defense, 395-396

employee monitoring best practices, 396-397

employee polygraphs, 397

legalities in employee monitoring, 391-392

monitoring e-mail and employee workstation conduct, 394-395

oral communications, 392

trap and trace and pen register installations, 393

video and still camera monitoring, 393-394

wire communications, 392-393

expectations, 381-383

information ownership, 382

information vulnerability in organization, 382-383

threats to information privacy, 383

industry-specific issues, 397-402

access to financial records, 397-398

Cable TV Privacy Act, 401

Children's Online Privacy Protection Act, 402-404

Fair Credit Reporting Act, 399-400

Family Education Privacy Rights, 400-401

Federal Privacy Act, 405

Gramm-Leach-Bliley Act, 398

Health Insurance Portability and Accountability Act, 398-399

safe harbor issues in United States, 405-407

wrongful disclosure of videotape rental or sale records, 401-402

protection, 383-391

auditing of privacy practices, 385-386

employee privacy training, 388-389

handling privacy in supply chains, 389-391

information assets inventory, 384

nonconsent information use, 388

policies and procedures, 385

privacy training best practices, 389

safeguarding, processing, and storing privacy data, 386-387

technology relevant to, 384-385

Web site privacy, 386

violations, 24

Privilege escalation, 23

Professional conduct, 61

Program flowchart, 129

Project failure, 11

Property ownership, 381

Prosecutors, risk assessment reviews by, 38

Protected works, 346

Proximate causation, 357

Proxy server, 464, 466

Public key encryption, RSA, 282

Public relations, 331, 485

Public service announcements, 231


 < Day Day Up > 


Previous page
Table of content
Next page
Critical Incident Management
Critical Incident Management
ISBN: 084930010X
EAN: 2147483647
Year: 2004
Pages: 144
Authors: Alan B. Sterneckert
BUY ON AMAZON
WebLogic: The Definitive Guide
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
InDesign Type: Professional Typography with Adobe InDesign CS2
What is Lean Six Sigma
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy