Copyrighted Material
Total Page:16
File Type:pdf, Size:1020Kb
Index Note to the Reader: Throughout this index boldfaced page numbers indicate primary discussions of a topic. Italicized page numbers indicate illustrations. A discretionary access controls, 22 elements, 8–11 AAA protocols, 31–32 email, 182 abstraction exam essentials, 39–41 object-oriented programming, 512 federated identity management, 30–31 in security, 211 identification. See identification software development, 317–318 identity and access provisioning life cycle, abuse in voice communications, 187–188 35–38 acceptable use policies, 182, 222 Kerberos, 28–29 acceptance, risk, 255 lattice-based, 23, 23, 445 access aggregation attacks, 53 mandatory access controls, 24–25 access control, 1 monitoring. See monitoring AAA protocols, 31–32 nondiscretionary access controls, 22 attacks, 47 overview, 2–3 access aggregation, 53 permissions, rights, and privileges, 4–5 asset valuation, 49–50 policies, 4 denial of service, 62 RADIUS, 32 exam essentials, 80–82 review questions, 42–45 overview, 48 role-based, 25–26 password, 54–58, 58 rule-based, 22–23 preventing, 62–64 security operations principles, 21–22 review questions, 83–86 single sign-on, 27–28, 30–31 risk elements, 49 summary, 38–39 smart cards, 61–62 TACACS+, 32 social engineering, 59–61 technical controls, 761 spoofing, 58–59 types, 5–7 summary, 79 users, owners, and custodians, 3 threat modeling, 50–52 written lab, 41 vulnerability analysis,COPYRIGHTED 53 access MATERIAL control lists (ACLs) written lab, 82 access control matrices, 443 authentication. See authentication DACs, 22 authorization, 33–34 firewalls, 33, 115 centralized vs. decentralized, 26–27 access control matrices, 33, 443–444 CIA Triad, 3–4 access control triples, 448 content-dependent, 288–289 access points in wireless networks, 132–137 defense-in-depth strategy, 7–8, 8 access review audits, 75 Diameter, 32–33 bbindex.inddindex.indd 883333 330/05/120/05/12 66:44:44 PPMM 834 accessibility security in site design – annexes in Common Criteria accessibility security in site design, 750 administrative physical security accountability controls, 747 access control, 11 Administrator group audits, 76 description, 515 admissible evidence, 715 monitoring, 71–72 Advanced Encryption Standard (AES), 135, security governance, 220 391–392 accounts Advanced Persistent Threat (APT), 52 dual administrator, 76–77 advisory policies, 222 lockout controls, 63 adware, 339 managing, 64 AES (Advanced Encryption Standard), 135, reviews, 36 391–392 revocation, 37–38 agents accreditation in evaluation models, DoS attacks, 191 466–468 overview, 279–280 ACID model, 286–287 relay, 181 acknowledge (ACK) packets, 102, 104–105 aggregation ACLs (access control lists) access aggregation attacks, 53 access control matrices, 443 databases, 290–291 DACs, 22 agile software development, 308–309 firewalls, 33, 115 AHs (Authentication Headers), 159, 426 ACTA (Anti-Counterfeiting Trade alarms, 758, 761 Agreement), 692 ALE (annualized loss expectancy) acting phase in IDEAL model, 311, 311 impact assessment, 629 active content in malicious code, 339 threat/risk calculations, 249–251 active IDS responses, 594 algorithms, defined, 367 ActiveX controls alternate processing sites, 657 signing, 340 cold sites, 657–658 vulnerabilities, 281, 506–507 continuity planning, 632 actual cash value (ACV) clause, 654–655 hot sites, 658–659 ad hoc networks, 133 mobile sites, 659–660 Adams, Douglas, 122 multiple, 661 Address Resolution Protocol (ARP) service bureaus, 660 cache poisoning, 109 warm sites, 659 description, 109 alternative systems, 632 purpose, 94 ALUs (arithmetic-logical units), 494 spoofing, 194 American Civil War, cryptography in, 363 addresses amplifiers, 120 IP. See IP (Internet Protocol) analog communications in LANs, MAC, 94, 112 141–142 addressing memory, 494 analysis of incidents, 732 Adleman, Leonard, 406 analytic attacks, 428 administrative access controls, 7, 8 AND operation, 369 administrative law, 684–685 annexes in Common Criteria, 463 bbindex.inddindex.indd 883434 330/05/120/05/12 66:44:44 PPMM annualized loss expectancy (ALE) – asynchronous dynamic password tokens 835 annualized loss expectancy (ALE) ARP (Address Resolution Protocol) impact assessment, 629 cache poisoning, 109 threat/risk calculations, 249–251 description, 109 annualized rate of occurrence (ARO) purpose, 94 likelihood assessment, 627, 629 spoofing, 194 threat/risk calculations, 249–250 arpspoof tool, 194 anomaly detection, 592 “Arrangement on the Recognition of Anti-Counterfeiting Trade Agreement Common Criteria Certificates in the (ACTA), 692 Field of IT Security”, 461 antivirus (AV) mechanisms, 332–333, 581 ASs (authentication services), 28 APIPA (Automatic Private IP assembly code, 300 Addressing), 169 assembly language, 300 applets assessments hostile, 330 BIA. See business impact assessment vulnerabilities, 280–281, 505–506 (BIA) application attacks, 344 recovery plan development, 665 back doors, 346 vulnerability, 554–555 buffer overflows, 344–345 asset valuation exam essentials, 354–355 attacks, 49–50 masquerading, 352–353 defined, 243 privilege escalation attacks, 346 risk, 245–248 reconnaissance attacks, 350–352 asset value (AV) in BIA, 626, 628 review questions, 356–359 assets summary, 353–354 defined, 242 TOCTTOU issue, 345 managing, 549–550 Web applications, 346–350, 348 in threat modeling, 51 written lab, 355 assignment of risk, 255 application issues, 276 assurance distributed computing, 278–281 evaluation assurance levels, 463–464 local/nondistributed computing, overview, 454 276–277 software development security, 298 logs, 66 asymmetric cryptography, 365, 405 Application layer El Gamal, 408 OSI model, 98–99 elliptic curve, 408–409 TCP/IP model, 99–100, 100–101, 109–110 hash functions, 409–412 application-level gateway firewalls, 116 keys approval in continuity planning, 633 algorithms, 383–386, 384 APT (Advanced Persistent Threat), 52 managing, 419–420 arc radius of cable, 124 public and private, 405–406 arithmetic-logical units (ALUs), 494 RSA, 406–407 ARO (annualized rate of occurrence) asynchronous communications likelihood assessment, 627, 629 in LANs, 142 threat/risk calculations, 249–250 asynchronous dynamic password tokens, 16 bbindex.inddindex.indd 883535 330/05/120/05/12 66:44:44 PPMM 836 asynchronous tokens – backups asynchronous tokens, 15–16 Diameter, 32–33 asynchronous transfer mode (ATM), 177 Kerberos, 28–29 ATO (authorization to operate), 241 multifactor, 20–21, 63 atomicity in ACID model, 286 overview, 11–12 attachments, email, 184–185 passwords, 12–14 attackers protocols, 154 defined, 48 RADIUS, 32 threat modeling, 51 remote access, 163 attacks security governance, 218–219 access control. See access control smart cards, 14–15 application. See application attacks tokens, 15–16 cryptography, 428–430 Authentication Headers (AHs), 159, 426 defined, 244 authentication services (ASs), 28 incremental, 519 authorization network. See networks access control, 10–11 password. See passwords mechanisms, 33–34 preventive measures. See preventive security governance, 219 measures for attacks authorization to operate (ATO), 241 wireless communications, 136 automated provisioning systems, 35 attenuation, cable, 127 automated recovery, 608 attributes in relational databases, 283 automated recovery without undue loss, 608 auction sniping, 280 Automatic Private IP Addressing audio streaming, 692 (APIPA), 169 audit trails, 11 automatic rollover, 502 physical access, 761 auxiliary alarm systems, 758 purpose, 68–69 AV (antivirus) mechanisms, 332–333, 581 auditors, 73, 210 AV (asset value) in BIA, 626, 628 audits and auditing, 73–74 availability access controls, 64 CIA Triad, 3–4, 217–218 access review, 75 techniques for, 452–453 configuration, 314 AVG function, 290 entitlement, 75 awareness training, 263–264 external, 78 inspection, 74–75 privileged groups, 75–77 B report handling, 77–78 security, 561–562 back doors, 346, 516, 518 security governance, 219 back up keys, 420 authentication background checks, 259 access control, 9–10 backups, 666–667 biometric factors, 17–20, 19 best practices, 668–669 configuration, 314 disk-to-disk, 668 cryptography for, 365–366, 366 neglecting, 667 bbindex.inddindex.indd 883636 330/05/120/05/12 66:44:44 PPMM badges – brouters (bridge routers) 837 tapes black-box approaches formats, 667–668 key management, 420 protecting, 547–548 object-oriented programming, 512 rotating, 669 black-box testing, 315, 600–601 sensitive information, 541–542 black boxes in phreaking, 189 badges, 757 blackouts, 652, 764 bandwidth on demand, 176 block ciphers, 380 base+offset addressing, 494 blocking attachments, 184–185 baseband cable, 124–125 Blowfish block cipher, 390 baseband technology, 142 blue boxes, 189 baselines, 556, 557 Blue Screen of Death (BSOD), 299 images, 557–558, 557 bluebugging, 132 security governance, 222–223 bluejacking, 132 Basic Input/Output System (BIOS), bluesnarfing, 132 500–501 Bluetooth standard, 132 basic preventive measures, 579 Boca Ciega High School, 18 Basic Rate Interface (BRI), 174 Boehm, Barry, 306, 308 basic service set identifiers (BSSIDs), 133 Boeing record retention case, 545 bastion hosts, 117 bombings, 650 batch processing, 501 book ciphers, 379–380 battery backup power, 606, 764 Boolean mathematics, 368–371 BCI Good Practices Guide, 664 boot sectors, 330 BCP. See business continuity planning (BCP) Bootstrap Protocol (BootP), 110 beacon frames, 134 botmasters, 336 behavior-based detection, 591–593 botnets, 336, 587 behavioral biometric methods, 17 bots, 191, 279–280 behaviors in object-oriented bottom-up