Index_D

D

DAC (Discretionary Access Control), 12, 440, 506

data

custodian of, 291, 506

integrity of, 22–23, 506

owner of, 291

user of, 291

Data Encryption Standard (DES), 321

data integrity, 506

Data Link layer, 506

data packet, 506

data repositories, 241–242, 506

data source, 175, 506

databases, 244–246

access and design of secure, 245

backing up, 410–411, 411

exploitation of, 75

technologies for hardening, 244

vulnerabilities of servers, 245

datagram, 506

DDoS (Distributed Denial of Service) attacks, 53–54, 54, 506

decentralized key generation, 374–376, 375, 376

deceptive actions when intruder detected, 183, 184

decryption, 506

default gateway, 506

demilitarized zone (DMZ), 26, 27, 506

Denial of Service attacks. See DoS attacks

DES (Data Encryption Standard), 321

desensitizing, 273

designing security

business needs, 31–35, 33

asset identification, 31–32

risk assessment, 32

threat identification, 32–35, 33

goals for topologies, 22–34

accountability, 23, 500

availability, 23

confidentiality, 22

integrity, 22–23

requirements for security policies, 7

security zones, 27, 527

vulnerabilities in software and systems, 35–36

destination port number, 506

detection

defined, 506

of information violations, 9–10

DHCP (Dynamic Host Configuration Protocol), 241, 508

dictionary attack, 58, 506

differential backups, 413, 507

Diffie-Hellman key, 324, 507

digital signatures, 327–328, 328, 507

direct-sequence, 507

direct-sequence spread spectrum (DSSS), 193, 507

directories, 507

directory services

Active Directory, 243, 500

defined, 507

eDirectory, 170, 243

LDAP, 243

NDS, 170, 171, 227

security for, 242–243, 242

disaster recovery, 405–420

backups, 406–409, 502

defined, 405–406, 507

disaster recovery plans, 409–420

alternate sites, 418–420

backup plan issues, 410–412, 411

defined, 8, 409–410, 507

developing backup plans, 413–415, 414

recovering a system, 417–418

types of backups, 412–413

disaster recovery plans (DRPs), 409–420

alternate sites, 418–420

backup plan issues, 410–412, 411

defined, 8, 409–410, 507

developing backup plans, 413–415, 414

backup server method, 416–417, 416

defined, 502

full archival method, 415, 415

grandfather, father, son method, 413–415, 414, 510–511

system recovery, 417–418

types of backups, 412–413

Discretionary Access Control (DAC), 12, 440, 506

disk duplexing, 405

disk mirroring, 404–405, 507

disk striping

defined, 404, 507

with parity, 405, 507

diskettes as removable media, 153

Distributed Denial of Service (DDoS) attacks, 53–54, 54, 506

DMZ (demilitarized zone), 26, 27, 506

DNS (Domain Name Service), 20, 243, 508

DNS servers

application hardening, 238–239

defined, 507

DNS zone, 507

documentation

best practices and, 460–467

change, 464–465, 472–473

disposal and destruction policies for, 429

documenting incident response, 191

evaluating standards documents, 282

DoD Networking Model, 507

Domain Name Service (DNS), 20, 243, 508

domains, 508

DoS (Denial of Service) attacks

defined, 53, 506

DNS, 238

on file and print servers and services, 240

DRPs. See disaster recovery plans

DSSS (direct-sequence spread spectrum), 193

dual-homed firewalls, 108–109, 108, 108

dual-homed hosts, 508

due care policies, 428

dumb terminal, 508

dumpster diving, 51, 508

duplexed hard drives, 508

duplicate servers, 508

Dynamic Host Configuration Protocol (DHCP), 241, 508

dynamic routing, 508

dynamically allocated port, 508



CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net