|
Cache poisoning, 145
Certificate revocation list (CRL), 180
Certificates, 123, 167–168, See also Public key infrastructure
management, 172, 183–185
procedure for locating, 177
single sign-on system, 169
smart cards, 169
X.509 format, 177–180
Certification authority (CA), 123, 168, 170–171
trust models, 172–177
Certification protocols, See Public key infrastructure, protocols and standards
Certification Request Syntax, 182
Certifications, network security, 4–5
Chain of custody, 373, 379–380
Chat programs, 216, 217
Check Point, 241–242
Checksum
GRE, 290
IP, 80, 310–311
TCP, 108
UDP, 112
Christmas tree packet, 107
CIDR (classless interdomain routing), 91
Ciphertext, 119
Circuit-level proxy, 196
Cisco access list, 239–241
Cisco routers, 204
CISSP certification, 4
Classless interdomain routing (CIDR), 91
Clock synchronization, 139–141
Code Red, 226
Collision detection algorithms, 65
Collision domain, 65
Committed access rate (CAR), 113–114, 230–231
Common Criteria Specifications, 13
Compulsory tunneling, 276, 300
Computer crime trends, 364
Computer incident response team (CIRT), 363–368
Confidentiality, 14
Configuration guide, 9, 46, 54–55
Consumer rights, 12
Continuity planning, 383–388, See also Disaster recovery planning
Copper cabling, 59–61, 63–64
Cost-benefit analysis, 33–34, See also Risk analysis
Countermeasures, defining, 18
Countermeasures selection, 31–46, 392
access levels, 37
administrative countermeasures, 42–45
alerting capability, 35–36
assigning administrative status, 37
auditing support, 36
cost-benefit analysis, 33–34
default to secure state, 37
device security, 40–41
flexibility and functionality, 38
interoperability, 35
isolation from protected assets, 36
modularity, 39
override functionality, 40
physical countermeasures, 45–46, 49, 54–55
reset capability, 36
system performance impacts, 41–42
testability, 42
upgradeability, 42
user acceptance, 34–35
user interface, 38–40
Covert channels, 86
Cryptanalysis, 128–129
Cryptographic Message Syntax Standard, 182
Cryptographic Token Information Format, 183
Cryptographic Token Interface, 182
Cryptography, 119–135, See also Encryption
digital signatures, 125, 126
key exchange protocol, 132, See also Key exchange
keys, 120–123
public key cryptography, 121–123, See also Public key infrastructure
Public Key Cryptography Standards (PKCS), 181–183
terminology, 119
|