|
|
M of N Control, 382–383, 516
MAC address, 516
MAC (Mandatory Access Control), 11, 62, 439–440, 516
MAC (Media Access Control), 62, 517
MAC (Message Authentication Code), 62, 326, 326–327, 327, 517
Macintosh, 228. See also Apple
macro viruses, 82–83, 516
magnetic tape media, 151–152
malicious code, 76–86
antivirus software, 11–12, 85–86, 501
defined, 516
logic bombs, 84–85, 84, 516
viruses, 76–83
armored, 82, 502
companion, 82
defined, 11, 76–77
hoaxes, 83, 131, 511
how they work, 78, 78, 79
macro, 82–83
multipartite, 81, 81
phage, 82
polymorphic, 79–80
retrovirus, 81, 524
stealth virus, 80, 81
symptoms of, 77–78
transmission in networks, 83
Trojan horse, 80, 83–84, 532
worms, 85
man in the middle attacks, 57, 57, 517
management and policies, 6–9
managers, 176
Mandatory Access Control (MAC), 11, 62, 439–440, 516
mantraps, 259, 260, 517
mathematical attacks, 345, 517
mathematical cryptography, 313–315
McAfee Corporation, 480
MD-IDS (Misuse-Detection IDS), 176, 177, 517
MDA (Message Digest Algorithm), 319–320, 517
Mean Time Between Failure (MTBF), 421, 517
Mean Time To Repair (MTTR), 421, 517
media, 103, 517
Media Access Control (MAC), 62, 517
Melissa virus, 79, 85
mesh trust models, 341–342, 341
Message Authentication Code (MAC), 62, 326, 326–327, 327, 517
message digest, 328, 517
Message Digest Algorithm (MDA), 319–320, 517
Metal Oxide Varistors (MOVs), 271
methodology for forensic investigations, 455–457
acquiring evidence, 456
authenticating evidence, 456–457, 502
Microsoft
Active Directory, 243, 500
file systems, 228–229
hardening
Windows 9x systems, 221
Windows 2000, 223–224, 224
Windows .NET Server 2003, 225
Windows NT 4 systems, 222–223
Windows XP, 224–225
NetBEUI, 172, 172
NetBIOS, 171, 519
SQL Server, 244
updating from Windows 9x to XP, 225
WINS, 172, 172, 533
Microsoft Certified Professional Magazine, 491
Microsoft Internet Information Server (IIS)
port scans and, 69–70
vulnerability of mail system in, 121
microwave communications, 149–151, 150
microwaves, 112
military information classifications, 289–291
Misuse-Detection IDS (MD-IDS), 176, 177, 517
mobile devices and WAP protocol, 121–122, 122
modems, 114, 517
modification attacks, 52, 517
monitoring communications, 167–212
exam essentials, 203–204
exam objectives, 167
honey pots, 86, 183, 184, 185–186, 511
incident response, 187–191
adjusting procedures, 191
documenting, 191
incident identification, 188–189
overview, 187–188, 187
repairing damage, 190
instant messaging, 196–199
8.3 file naming, 197–198
overview, 196–197, 196
packet sniffing of, 198–199
privacy and, 199
vulnerabilities of, 197
Intrusion Detection Systems, 174–185
active responses, 181–184
AD-IDS, 178, 178, 501
components used for network monitoring, 177
host-based, 184–185, 185
MD-IDS, 176, 177, 517
N-IDS, 178–180, 178, 179
passive response, 180–181
terms used in, 175–176
key terms, 204–205
network monitoring, 168–174
Apple and AppleTalk protocol, 173
Microsoft protocols and susceptibilities, 170–173
Network File System, 173
Novell protocols and susceptibilities, 170–171, 171
overview, 168–169
systems for, 173–174, 174
TCP/IP and potential threats, 169–170
overview, 201–203
review question answers, 211–212
review questions, 206–210
signal analysis/signal intelligence, 199–201
enumeration, 201
footprinting, 200, 238, 510
overview, 199–200
scanning, 200–201
wireless systems, 192–196
IEEE 802.1x wireless protocols, 112, 124, 193–194, 500, 512
overview, 192
vulnerabilities of, 195–196
WAP, 194–195, 195
WEP, 195, 372
WTLS for, 192, 192, 372
MOVs (Metal Oxide Varistors), 271
MTBF (Mean Time Between Failure), 421, 517
MTTR (Mean Time To Repair), 421, 517
multi-factor authentication systems, 17, 17, 19, 517
multicasting, 140, 517
multipartite viruses, 81, 81, 517
multiple barrier systems, 259, 260
multiple key pairs, 386
myth of unbreakable codes, 316–319
|
|