|
|
acceptable use policies (AUPs), 146, 286
acceptance, 117
access control lists (ACLs)
Network layer and, 402
routers and, 448
access control systems, 30
administering, 68–73
methodologies for, 60
models of, 61–68, 112–114
monitoring, 71
access controls, 6–9, 29–100
modes of operation for, 133–135
objectives/parts of, 31–40
obtaining access to objects (exercise), 34–36
policies for, 56–58
specialty areas of (list), 7–9
access controls domain, 6–9
access problems, 132
account administration, 68
account request and tracking, 147
accountability, 38–40, 103
accreditation, 117
accuracy, 394
ACLs. See access control lists
acronyms, 22
active monitor, 421
active/passive network attacks, 456
Address Resolution Protocol (ARP protocol)
MAC address and, 402, 521
spoofing and, 521
Address Resolution Protocol tool (ARP tool), 289
administration domain, 9–12
administration. See security administration; password administration
administrative access control policy implementation, 58
Advanced Encryption Standard algorithm (AES algorithm), 335
agents, 510
AH protocol, 454
ALE (Annual Loss Expectancy), 263
algorithms, 330–342
alignment errors, 437
alternate sites, for business operations, 279
exercise for, 281
American Standard Code for Information Interchange (ASCII), 407
analyses
business impact, 183
cost/benefit, 265
crime scene, 292
trend, 215
Annual Loss Expectancy (ALE), 263
Annualized Rate of Occurrence (ARO), 263–267
exercise for, 266
anomaly detection, 213
antivirus software, 535–537
application exploits, 522–525
application filtering firewalls, 444
application gateways, overflow attacks and, 524
Application layer, 407
application layer gateways, 444
application viruses, 484
applications, access problems surrounding, 132
ARO (Annualized Rate of Occurrence), 263–267
exercise for, 266
ARP protocol, MAC address and, 402, 521
ARP spoofing, 521
exercise for, 438
ARP tool, 289
ARPAnet, 424
ASCII (American Standard Code for Information Interchange), 407
asset identification, 258–261
assumption of risk, 255
assurance, 37, 118
asymmetric encryption, 330–333
Asynchronous Transfer Mode (ATM), 427
attackers, 479
attacks, 8, 21, 73–82
Application layer and, 408
Data Link layer and, 402
DoS. See denial of service attacks
against network resources, 455–461
recognizing infected system and, 482
social engineering and, 526
Transport layer and, 403
audit daemon, 193
audit data sources, 192–211
audit device driver, 193
audit manager, 194
audit subsystem, 192–195
audit trails, 38, 196–198
auditing, 12–14, 175–228
importance of audit usages, 181
methods for, 190
process of according to DoD, 188
specialty areas of (list), 13
See also monitoring
auditing and monitoring domain, 12–14
auditors, 185–188
AUPs (acceptable use policies), 146, 286
authentication, 7, 34, 329
IPSec, 454
multifactor, 104
for remote access, 50–52
sniffing attacks and, 458
types of, 40–52
authentication audit trails, 39
authentication header protocol (AH protocol), 454
authentication logs, 39
authentication protocols, 433
authentication tokens, 47
authorization, 34
availability, 38, 112, 394
avoidance of risk, 255
|
|