|
|
RA (registration authority), 356
radio frequency interference (RFI), 400
RADIUS (Remote Authentication Dial-In User Service), 51, 449
random numbers, caution with, 378
RBAC (role-based access control), 113
reconnaissance attacks, 528–535
recovery from incidents, 299
reference monitors, 140
registration authority (RA), 356
remote access authentication, 50–52
remote access protocols, 434
Remote Authentication Dial-In User Service (RADIUS), 449
removable media, securing, 72
repeaters, 401
replay, 49
reporting mechanisms, 13
research
into antivirus protection, 537
into risk, 256
reset (RST) packets, 405
resources for further reading
code of ethics/canons, 4
DNS spoofing, 521
fragmentation attacks, 518
intrusion detection systems, 213
scorecards, 212
social engineering, 526
study resources, 27
Trojan horses, 497
viruses, 484, 509
white-hat hacking, 480
wireless network security, 209
restoring data backups, 276
retention periods, for media, 196
revoking digital certificates, 362
RFI (radio frequency interference), 400
rights/permissions, determining, 70
Rijndael algorithm, 336
ring purges, 421
risk assessment, 125–129
business impact assessments and, 269
security management planning and, 151
risk management, 15–20, 229–324
exercises for, 234, 252–254
identifying/analyzing risk, 257–266
mitigating risk, 254–268
safeguards against risks, 256, 264–266
specialty areas of (list), 16–19
steps in/cycle, 231–234
types of risks and threats, 245–254
accidental, 251
deliberate, 247–251
environmental, 247
risk, response, and recovery domain, 15–20
role-based access control (RBAC), 113
roles/responsibilities, 11
ROT-13 (Rotate 13), 327
rotating schemes for backups, 274
ROUTE tool, 290
routers, 447
Network layer and, 402
RSA algorithm, 332
RSA Security (vendor), 333
RST packets, 405
runts (frame errors), 436
|
|