|
|
ABA (American Bankers Association), 361
Acceptable Use policies, 425–426, 462–463, 500
access attacks, 50, 51–52, 500
access control, 11–12, 259–266, 439–440
about, 259
biometrics, 265–266, 503
in cryptographic systems, 330–331
DAC, 12, 440, 506
defined, 11, 500
evaluating security systems, 264–265
MAC, 11, 62, 439–440
overview, 439
partitioning, 263–264, 264
perimeter security, 261–262, 261, 521
physical barriers for, 259, 260, 521
RBAC, 12, 440, 525
security zones, 262–263, 263
Access Control Lists (ACLs), 235, 500
access points, 500
accountability, 23, 500
accounting, 500
ACK (acknowledgment), 500
ACLs (Access Control Lists), 235, 500
acquiring evidence, 456
Active Directory, 243, 500
active responses, 181–184
deception, 183, 184
defined, 500
network configuration changes, 182, 183
terminating connections or sessions, 181, 182
active sniffing, 72
ActiveX, 135, 500
activity, 175, 500
ad hoc RF network, 501
AD-IDS (Anomaly-Detection IDS), 178, 178, 501
Address Resolution Protocol (ARP), 62, 502
administrative policies, 7, 501
administrators. See also security management; security policies and procedures
accountability, 23, 500
administrative policies, 7, 501
communicating security standards, 481–482
configuration management, 463, 505
defined, 175, 501
educating users in security, 475–476
increasing user awareness of security, 474–475
keeping pace with security standards, 476–478
notification policies, 460
websites on security issues, 479–480
Advanced Encryption Standard (AES), 321, 501
AES (Advanced Encryption Standard), 321, 501
AFS (Apple File Sharing), 230
AH (Authentication Header), 501
ALE (annualized loss expectancy), 470, 501
alerts, 175
algorithm attacks, 344
algorithm errors, 317
algorithms, 319–324
algorithm attacks, 344
algorithm errors, 317
asymmetric, 322–323, 323, 502
CAST, 321, 503
IDEA, 322, 513
MDA, 319–320
RSA asymmetric, 324
SHA, 319
symmetric, 320–322
work factor of, 325
alternate site plans, 418–420
cold sites, 419, 505
hot sites, 418
warm sites, 419, 533
American Bankers Association (ABA), 361
analyzer, 175
annualized loss expectancy (ALE), 470, 501
annualized rate of occurrence (ARO), 470, 501
anomaly detection, 501
Anomaly-Detection IDS (AD-IDS), 178, 178, 501
anonymous authentication, 122, 501
anonymous logon for FTP, 137
antivirus engine, 501
antivirus software, 11–12, 85–86, 501
APIs (Application Programming Interfaces), 67, 501
Apple
AFS, 230
AppleTalk protocol, 173, 501
hardening Macintosh OS/NOS, 228
applets
Java, 134
signed, 134–135
appliances, 106, 501
application backups, 412
application exploitation, 75
application hardening, 236–246
data repositories, 241–242, 506
databases, 244–246
access and design of, 245
technologies for, 244
vulnerabilities of servers, 245
DHCP services, 241
directory services, 242–243, 242
DNS servers, 238–239
e-mail servers, 237, 237
file and print servers and services, 240
FTP servers, 237–238
NNTP servers, 239
web servers, 236
Application layer, 60–61, 60, 501
Application Programming Interfaces (APIs), 67, 501
archiving keys, 381–383, 381
armored viruses, 82, 502
ARO (annualized rate of occurrence), 470, 501
ARP (Address Resolution Protocol), 62, 502
ARP table, 502
assessment test, xxxviii–xlv
assessment test answers, xlvi–xlix
asset identification, 31–32
assets, 502
asymmetric algorithms, 322–323, 323, 502
asymmetrical keys, 385, 385
ATT Wireless, 105
attacks, 50–100
auditing processes and files, 88
birthday, 344–345, 503
brute force, 58, 317, 503
buffer overflow, 503
cryptographic, 343–345
defined, 50, 502
exam essentials, 90–91
key terms, 92–93
overview, 88–89
review question answers, 99–100
review questions, 94–98
social engineering, 86–87, 266–267
software exploitation, 75–76
strategies for, 50–58
access attacks, 50, 51–52, 500
back door attacks, 55–56
Denial of Service attacks, 53
Distributed Denial of Service attacks, 53–54, 54
man in the middle attacks, 57, 57, 517
modification and repudiation attacks, 52–53
password guessing attacks, 58, 520
replay attacks, 57–58, 58
spoofing attacks, 56–57, 56
surviving malicious code, 76–86
antivirus software, 11–12, 85–86, 501
logic bombs, 84–85, 84, 516
Trojan horses, 80, 83–84, 532
viruses, 11, 76–83
worms, 85
TCP/IP security concerns, 59–75
about TCP/IP protocol suite, 59–60, 60
application interfaces, 67, 67
Application layer, 60–61
encapsulation, 63–64, 64
Host-to-Host (Transport) layer, 60, 61–62
Internet layer, 62–63
Network Interface layer, 63
network sniffers, 68–69, 518
overview, 59
port scans, 69–70
TCP attacks, 70–72
TCP ports, 65–66
TCP three-way handshake, 66–67, 66
UDP attacks, 72–74
audit files
defined, 88, 502
reducing amount of logged traffic in, 180
auditing, 436–437
defined, 436, 502
escalation audits, 438
evaluating standards documents, 282
privilege, 437, 522
reports to management, 439
usage, 437–438
auditors, 292, 502
authenticating evidence, 456–457, 502
authentication, 12–19
anonymous, 122, 501
biometric devices, 18, 265–266
certificates, 14, 15
CHAP, 14, 14, 504
common protocols and services, 20–21
in cryptographic systems, 328–329, 329
cryptography systems and, 346
defined, 12–13, 502
Kerberos, 16, 16
multi-factor systems of, 17, 17, 19
nonessential protocols and services, 21
security tokens, 15, 15, 527
setting up, 18–19
smart cards, 17, 18, 154, 383–384
username/password, 13, 13
WAP protocol, 122
Authentication Header (AH), 501
availability
of data in security topologies, 23
defined, 502
five nines, 402
high, 402–405, 511
awareness
defined, 502
of security issues, 474–475
|
|