Index
A
- absolute addressing, 178
- abstraction, 181, 465
- abuse/misuse case testing, 368–369
- acceptability, 339
- acceptable use policies (AUPs), 149
- acceptance testing, 446–447, 465
- access aggregation, 355
- access control, 159–162, 180, 229, 349–353
- access control attacks, 353–355
- access control list (ACL), 352, 465
- access management, 438
- Access Matrix model, 161, 465
- Access Points (APs), 272–273
- access provisioning lifecycle, 355–356
- access rights/permissions, 352
- accessibility, as a consideration for choosing locations, 226
- accidents, in disaster recovery (DR) plan, 416
- account management, 371–372
- accountability
- about, 343
- as a basic control requirement, 164–165
- defined, 465
- accreditation, 167–169, 465
- acquisitions, 46, 136–138, 465
- active hubs, 278
- active IDS, 289
- active-active, 465
- active-passive, 465
- ActiveX, 466
- activities, logging and monitoring, 391–394
- ad hoc, 273
- Adaptive Chosen Ciphertext Attack (ACCA), 223
- Adaptive Chosen Plaintext Attack (ACPA), 223
- adaptive exam, 17
- address bus, 176
- Address Resolution Protocol (ARP), 264, 466
- address space, 466
- addressing personnel safety and security concerns, 428
- Adleman, Len (Dr), 211, 214
- administrative controls, 126, 466
- administrative laws, 55, 56, 466
- administrative management and control
- about, 111–112
- compliance, 115–116
- consultant controls, 115
- contractor controls, 115
- employment agreements and policies, 114
- employment candidate screening, 112–114
- employment termination processes, 115
- privacy, 116
- vendor controls, 115
- Advanced Encryption Standard (AES), 211, 466
- advisory policies, 86
- adware, 466
- African Network Information Centre (AFRINIC), 258
- age, as a criteria for commercial data classification, 144
- agent, 466
- agent of change, 32
- aggregation, 187, 397, 466
- Agile, 434–436, 466
- Agile Maturity Model (AMM), 437, 466
- Agile Project Management For Dummies (Layton), 436
- American Accounting Association (AAA), 48
- American Bar Association (ABA), 391
- American Council on Education's College Credit Recommendation Service (ACE CREDIT), 14
- American Institute of Certified Public Accountants (AICPA), 48
- American National Standards Institute (ANSI), 10, 207
- American Registry for Internet Numbers (ARIN), 257–258
- American Society for Industrial Security (ASIS), 25, 30, 35
- American Standard Code for Information Interchange (ASCII), 248
- analog signaling, 277
- analysis, 376, 386
- analytic attack, 221
- Annualized Loss Expectancy (ALE), 120, 466
- Annualized Rate of Occurrence (ARO), 120, 466
- anomaly-based endpoint protection, 293
- anomaly-based IDS, 392
- anti-malware, 411
- antivirus software, 466
- Anton Piller order, 385
- applet, 466
- application firewall, 467
- Application Layer (Layer 7) (OSI Reference Model), 245–247, 467
- Application Layer (TCP/IP Model), 279, 467
- application penetration test, 363, 467
- application programming interfaces (APIs), 317, 450, 467
- application scan, 467
- application software, 467
- application state, 174
- application virtualization, 309
- application whitelisting, 293, 467
- application-level gateway, 284–285
- applications, 395
- apprenticeship program, 140
- archive, 220, 467
- ARCnet, 264
- area identifiers, 254
- Arithmetic Logic Unit (ALU), 173
- artificial intelligence (AI), 467
- Asia-Pacific Network Information Centre (APNIC), 257
- aspirating devices, 236
- asset check-in/check-out log, 230
- asset inventory, 394, 467
- Asset Security domain
- about, 143
- classifying information, 143–146
- determining data security controls, 151–153
- determining ownership, 146–147
- establishing handling requirements, 154
- maintaining ownership, 146–147
- protecting privacy, 148–149
- retention, 150
- supporting assets, 143–146
- assets
- about, 117
- controlling physical and logical access to, 316–318
- defined, 467
- supporting, 143–146
- valuation of, 117–118, 129–130, 355, 467
- Associate of (ISC)2 certification, 33
- assurance, 164, 166
- asymmetric algorithm, 467
- asymmetric algorithm cryptography. See asymmetric key cryptography
- Asymmetric Digital Subscriber Line (ADSL), 267
- asymmetric key cryptography
- about, 212–214
- Diffie-Hellman key exchange, 215, 476
- El Gamal, 215
- Elliptic Curve (EC), 216
- Merkle-Hellman (Trapdoor) Knapsack, 215–216
- RSA algorithm, 214–215
- asymmetric key system, 467
- asynchronous communication, 271
- Asynchronous Transfer Mode (ATM), 268, 467
- attack tree, 134
- attacks, 221–222. See also specific attacks
- attenuation, 275, 278
- attestation, as a function of TPM, 181
- attribute-based access control (ABAC), 352–353, 467
- audit trail, 468
- audits/auditing, 165, 377, 438, 444–445, 467
- augmented reality (AR), 468
- authenticated scans, 360, 468
- authentication
- cryptography and, 196
- defined, 328, 468
- improper, 449
- single factor, 330–335
- Authentication Header (AH), 307, 468
- authorization
- as a data integrity measure, 158
- defined, 468
- implementing and managing mechanisms for, 348–353
- automatic controls, 126, 468
- autonomous system (AS), 255
- availability, 52, 159, 414, 468
- awareness, 138–139, 375, 423
B
- backdoor, 468
- background check, 468
- backup media encryption, 413
- backup verification data, 374–375, 406
- backups, 92–94, 154, 413
- bare metal hypervisors, 309
- base addressing, 178
- baseband signaling, 274
- baselines, 87, 152, 468
- Basic Input-Output System (BIOS), 178
- bastion host, 286
- beam devices, 236
- Beaver, Kevin (author)
- Hacking For Dummies, 364
- Hacking Wireless Networks For Dummies, 282
- behavior-based endpoint protection, 293
- Bell-LaPadula model, 160–161, 468
- best evidence, 380, 468
- best evidence rule, 381, 468
- Best Practices in Internal Investigations, 391
- Biba integrity model, 161, 468
- binding, as a function of TPM, 181
- biometrics, 337–343, 468
- Birthday Attack, 222, 468
- birthright access, 345
- bit error ratio (BER), 275
- Bitcoin, 299
- black-box testing, 469
- blacklisting, 410, 469
- blackout, 469
- block ciphers, 202–203, 469
- Blowfish Algorithm, 211
- bluejacking, 310–311
- bluesnarfing, 310–311
- Bluetooth, 469
- bollards, 230, 318, 469
- “boot camps,” 15
- bootkit, 469
- Border Gateway Protocol (BGP), 255
- bot, 469
- botnet, 469
- bounce site, 311
- breach, 469
- bridge, 271, 469
- bridge mode, 273
- bring your own device (BYOD), 469
- broadband signaling, 274
- broadcast, 265, 469
- broadcast storm, 271
- brownout, 469
- brute-force attack, 221, 353, 469
- buffer overflow, 301, 353–354, 449, 469
- Building Security in Maturity Model (BSIMM), 157, 437, 469
- buildings, in disaster recovery (DR) plan, 416
- burden of proof, 54
- bus, 469, 470
- Bus Interface Unit (BIU), 173
- Bus topology, 274
- Business Continuity Plan (BCP)
- about, 89, 90, 375–376
- developing, 106–110
- implementing, 110–111
- participating in, 427
- requirements for, 87–111
- Business Impact Analysis (BIA)
- about, 88, 90, 98–99
- Criticality Assessment, 100–101
- defined, 470
- determining Maximum Tolerable Outage (MTO), 102
- establishing Maximum Tolerable Downtime (MTD), 101–102
- establishing recovery targets, 102–105
- identifying key players, 101
- Resource Requirements portion, 106
- Vulnerability Assessment, 99–100
- business records exception, 382
- business strategy, aligning security function to, 44–45
C
- CAE-CD programs, 12
- California Security Breach Information Act (SB-1386), 81
- Callback feature, 304
- Caller ID, 303, 470
- caller ID spoofing, 470
- campus area network (CAN), 243
- The Candy-from-a-Baby Fallacy, 82
- Capability Maturity Model Integration (CMMI), 437, 470
- carbon dioxide (CO2), 237
- Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA), 263
- Carrier Sense Multiple Access with Collision Detection (CSMA/CD), 263
- case law, 53
- cash reserves, 420
- ceilings, as a building design consideration, 227
- Center for Cyber Safety and Education, 27
- Center for Internet Security (CIS) (website), 170, 434
- Central Processing Unit (CPU), 173–176, 470
- Certificate Authority (CA), 220, 470
- certificate programs, 140
- Certification and Accreditation Professional (CAP), 33, 433
- certifications. See also CISSP certification
- Check Point Security Administration, 36
- choosing, 37–38
- defined, 470
- earning, 32–38
- networking, 456
- non-(ISC)2, 34–37
- non-technical/non-vendor, 34–36
- technical/vendor, 36–37
- writing exam questions, 26
- Certified Business Continuity Planner (CBCP), 35
- Certified Chief Information Security Officer (C|CISO), 35
- Certified Cloud Security Professional (CCSP), 33
- Certified Ethical Hacker (C|EH), 36
- Certified in Risk and Information Systems Control (CRISC), 34
- Certified in the Governance of Enterprise IT (CGEIT), 34
- Certified Information Privacy Professional (CIPP), 35
- Certified Information Privacy Professional/Europe (CIPP/E), 35
- Certified Information Security Manager (CISM), 34
- Certified Information Systems Auditor (CISA), 34
- Certified Information Systems Security Professional (CISSP). See CISSP
- Certified Protection Professional (CPP), 35
- Certified Secure Software Lifecycle Professional (CSSLP), 33, 440
- chain of custody, 383–386, 470
- chain of evidence, 382, 383–386, 470
- Challenge Handshake Authentication Protocol (CHAP), 304, 325, 470
- change management, 395, 412, 439, 442–443, 470
- character conversion, 247
- Cheat Sheet (website),
- Check Point Security Administration certifications, 36
- checklist test, of disaster recovery (DR) plan, 424
- Children's Online Privacy Protection Act (COPPA) (1998), 77
- choose your own device (CYOD), 470
- Chosen Ciphertext Attack (CCA), 223
- Chosen Plaintext Attack (CPA), 223, 470
- Chosen Text Attack (CTA), 223
- CIA Triad, 51–52, 157–159, 470
- Cipher Block Chaining (CBC), 208–209, 470–471
- Cipher Block Chaining Message Authentication Code Protocol (CCMP), 282
- Cipher Feedback (CFB) mode, 209, 471
- ciphers, 199, 210–205, 470
- ciphertext, 199, 471
- Ciphertext Only Attack (COA), 222–223
- circuit-level gateway, 284
- circuit-switched networks, 267–268, 471
- circumstantial evidence, 381, 471
- Cisco certifications, 11
- CISSP certification
- about, –2, –10
- concentrations in, 33–34
- domains of, 10
- exam overview, 17–20
- exam preparation, 12–16
- exam registration, 16–17
- post-exam, 20–21
- promoting, 30–31
- renewing, 20–21
- requirements for, 10–12
- uses for, 23–39
- using as an agent of change, 32
- CISSP Certification Exam Outline, 12, 13
- CISSP training, 14
- civil disturbances, in disaster recovery (DR) plan, 416
- Civil Law systems, 54–55, 57, 471
- civil requirements, for investigations, 391
- cladding, 276
- Clark-Wilson integrity model, 161–162, 471
- classifications, 54, 143–146, 471
- classroom training, 139
- clearance level, 146
- client-based systems, assessing and mitigating vulnerabilities in, 185–186
- climatology, as a consideration for choosing locations, 226
- Clipper Chip, 221
- closed systems, 182, 471
- closed-head system, 236
- cloud, 471
- cloud access security broker (CASB) systems, 291–292, 395, 471
- cloud assets, 395
- cloud backup, 93
- cloud communications, 296
- Cloud Security Alliance (CSA), 192
- cloud-based access controls, 327–328
- cloud-based malware detection, 410
- cloud-based spam filtering, 410
- cloud-based systems, assessing and mitigating vulnerabilities in, 190–192
- cluster(ing), 471
- coaxial cable, 274–275, 471
- COBIT, 48, 153, 472
- code coverage analysis, 370
- code of ethics, 472
- code repositories, 443–444
- code review and testing, 368, 472
- coding, secure practices for, 448–452
- coercion, 382
- cold site, 97, 98, 413, 472
- collecting security process data, 371–376
- collision, 218
- collision domain, 471
- commercial data classification, 144–145
- commercial software, 448
- Committed Access Rate (CAR), 312
- Committee of Sponsoring Organizations of the Treadway Commission (COSO), 48–49
- Common Body of Knowledge (CBK), 10, 26
- Common Criteria for Information Technology Security Evaluation, 167, 472
- common law, 53, 472
- common vulnerability scoring system (CVSS), 362, 472
- common-mode noise, 232
- Communication and Network Security domain
- about, 239
- designing secure communication channels, 295–310
- implementing design principles in network architectures, 239–279
- Open Systems Interconnection (OSI) Reference Model, 241–278
- preventing/mitigating network attacks, 310–313
- secure network components, 280–295
- TCP/IP Model, 241–243
- communication channels
- data communications, 308
- email, 296–300
- facsimile, 302
- multimedia collaboration, 302–303
- remote access, 303–308
- virtualization, 309–310
- virtualized networks, 309
- voice, 295–296
- Web, 300–302
- communications, 228, 417, 421–422
- communications management, 179, 416
- community cloud computing, 191, 472
- compensating controls, 126, 472
- compensatory damage, 54, 272
- Complex-Instruction-Set Computing (CISC), 175, 472
- compliance
- about, 53
- administrative management and control, 115–116
- defined, 472
- legislative and regulatory, 53–57
- privacy requirements, 57–58
- rewarding, 47
- Component Object Model (COM), 472
- CompTIA Security, 11, 36–37, 456
- computer architecture
- about, 173
- firmware, 178
- hardware, 173–176
- main memory, 176–178
- software, 179–180
- computer crimes, 58–63
- Computer Emergency Response Team (CERT), 472
- Computer Ethics Institute (CEI), 84–85
- Computer Incident Response Team (CIRT), 472
- Computer Technology Investigators Network (CTIN) (website), 30
- computer-adaptive testing, 15, 20
- computer-generated records, 381
- computer-stored records, 381
- The Computer Game Fallacy, 82
- The Computer Misuse Act (1990) (U.K.), 70
- concealment cipher, 473
- concentrator. See hub
- concept development, in engineering process, 156
- conclusive evidence, 381, 473
- conduit, 281
- Confidential government data classification, 146
- confidentiality, 51–52, 158, 196, 473
- confidentiality agreement, 473
- configuration management, 164, 395, 412, 439, 442–443, 473
- connection establishment, 248
- connection release, 249
- connection-oriented protocol, 250
- consensual surrender, of evidence, 385
- console login, 317
- constrained data item (CDI), 162
- consultant controls, 115
- container, 310, 472
- container-based endpoint protection, 293
- containerization, 180, 472
- content-distribution networks (CDNs), 294, 473
- contention-based networks, 263
- context-based access control (CBAC), 284
- continual improvement, 473
- continuing education requirements, 140
- continuing professional education (CPE), 473
- Continuity of Operations Planning (COOP), 89, 473
- continuous improvement, in risk management, 130–131
- continuous monitoring, 393, 473
- contractor controls, 115
- contributing, to ISC2 publications, 27
- contribution to revenue, as an asset value element, 118
- control assessment, 127–129
- control bus, 176
- control frameworks, 48–50, 473
- Control Unit, 173
- Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) (2003), 69
- controls, 125–126, 162–172, 473
- converged protocols, 260
- cooperation, importance of, 89
- copyright, 74, 473
- Copyright Act (1976), 74
- corrective controls, 126, 473
- corroborative evidence, 380, 473
- corroborative inquiry, as a control assessment technique, 128
- cost-effectiveness, risk management and, 123–124
- The Council of Europe's Convention on Cybercrime (2001), 70
- counter reset, 333
- counter threshold, 333
- countermeasure selection, 123–124
- countermeasures, 473
- covert channels, 164, 184, 473
- covert storage channel, 164
- covert timing channel, 164
- crash gates, 230, 318
- Creation stage, of ILM, 151
- credential management systems, 346–347
- crime, in disaster recovery (DR) plan, 416
- Crime Prevention Through Environmental Design (CPTED), 224–225
- criminal law, 53–54, 474
- criminal requirements, for investigations, 391
- critical support areas, 100
- Criticality Assessment, 100–101, 474
- cross-frame scripting (XFS). See frame injection
- Crossover Error Rate (CER), 338, 474
- Cross-site request forgery (CSRF), 301, 474
- Cross-site scripting (XSS), 301, 474
- crosstalk, 275
- cryptanalysis, 198, 474
- cryptocurrency, 299, 474
- cryptographic algorithm, 201
- cryptographic systems, assessing and mitigating vulnerabilities in, 189
- cryptography
- about, 153, 196–198
- alternatives to, 205–206
- ciphertext, 199
- decryption, 199–205
- defined, 474
- encryption, 199–205
- lifecycle of, 198
- maintaining communication security using, 279
- plaintext, 199
- cryptology, 198, 474
- cryptosystem, 201–202, 474
- cryptovariable, 201, 203–204, 474
- culpable negiligence, 50
- culpable negligence, 474
- custodian, 147, 474
- customary law systems, 57
- cutover, of disaster recovery (DR) plan, 426–427
- cyber attacks, in disaster recovery (DR) plan, 416
- cyber warfare, in disaster recovery (DR) plan, 416
- Cybercrime Act (2001) (Australia), 70
- CyberSecurity Forensic Analyst (CSFA), 36
D
- Daemen, Joan (Dr), 211
- daily standup, 436
- damage assessment, 91–92
- data, 75, 187
- data access controls, 316, 349
- data breaches, 80–81
- data bus, 176
- Data Carrier Equipment (DCE), 272, 475
- data classification, 474
- data communications, 308
- Data Communications Equipment (DCE), 277
- data compression, 247
- data controller, 80, 474
- data destruction, 474
- data dictionary, 475
- data encapsulation, 475
- data encryption, 247
- data encryption key (DEK), 475
- Data Encryption Standard (DES), 204, 207–209, 475
- data hiding, 182
- data import/export, 351
- data integrity, 158–159, 375
- Data Link Layer (Layer 2) (OSI Reference Model), 261–273, 475
- data loss prevention (DLP), 291, 394, 475
- Data Over Cable Service Interface Specification (DOCSIS), 267, 475
- data ownership, 351–352
- data processing continuity planning, 97–98
- data processor, 80, 475
- Data Protection Act (DPA), 75
- data protection officer (DPO), 80, 475
- data recovery, 374–375
- data remanence, 149, 163, 475
- data replication, 171, 413
- data representation, 247
- data retention, 475
- data security controls, 151–153
- data storage requirements, 339
- Data Terminal Equipment (DTE), 272, 277, 475
- data transfer, 249
- data warehouse, 475
- database administrator, 11
- database management system (DBMS), 475
- database systems, assessing and mitigating vulnerabilities in, 187
- database table permissions, 316
- datagram, 251
- Davis, Peter T. (author)
- Hacking Wireless Networks For Dummies, 282
- Wireless Networks For Dummies, 266
- DCID 6/3, 169
- DDos mitigation, 410
- decentralized access control systems, 328
- deciphering. See decryption
- Decode Unit, 173
- decommissioning, in engineering process, 157
- decryption, 199–205, 475
- dedicated security mode, 183
- deep packet inspection (DPI), 475
- defense in depth, 170, 476
- Defense Information Technology Security Certification and Accreditation Process (DITSCAP), 168–169, 476
- deluge system, 237
- demilitarized zone (DMZ), 287
- demonstrative evidence, 380, 476
- Denial of Service (DoS), 289, 296, 301, 333, 476
- Department of Commerce, 69
- Department of Homeland Security (DHS), 12, 68
- design documentation, 165
- design specification and verification, 164
- desktop virtualization, 309
- Destination IP address, 307
- destruction, 154, 406
- destructware, 476
- detective controls, 125, 476
- deterrence, under criminal law, 53
- deterrent controls, 125, 476
- development, 106–110, 156
- device drivers, 179
- devices, controlling access to, 316–317
- DevOps, 439–440, 476
- DevSecOps, 476
- Diameter protocol, 305, 326, 476
- dictionary attack, 353, 476
- Diffie-Hellman key exchange, 215, 476
- digital certificates, 337, 476
- digital forensics, 389–390
- digital signaling, 277
- Digital Signature Standard (DSS), 216–217, 476
- digital signatures, 343
- Digital Subscriber Line (DSL), 267, 476
- digital watermarking, 206
- direct addressing, 178
- direct evidence, 380, 476
- Directive 95/46/EC on the protection of personal data (1995, EU), 69
- directory harvest attack (DHA), 476
- directory level permissions, 316
- disaster recovery (DR), 88, 89, 374–376, 415–427
- Disaster Recovery Certified Expert (DRCE), 35
- Disaster Recovery Institute International (DRII) (website), 30, 35
- discovery sampling, 128
- discretionary access control (DAC), 163, 351–352, 476
- discretionary security property, 160
- disk mirroring, 477
- disk striping, 477
- disk striping with parity, 477
- disposable ciphers, 203
- Disposition stage, of ILM, 152
- distance-vector protocol, 253
- distributed application, 477
- distributed denial of service (DDoS), 477
- Distributed Network Protocol (DNP3), 260, 477
- distributed systems, assessing and mitigating vulnerabilities in, 188–189
- Distribution stage, of ILM, 151
- divestitures, 46
- DNS cache poisoning, 477
- DNS hijacking, 477
- DNS Server attacks, 311
- documentary evidence, 380, 477
- documentation, 96–97, 165, 386–387
- domain homograph attack, 477
- domain name system (DNS), 477
- domain name system security extensions (DNSEEC), 477
- domains, 10, 477
- doors, as a building design consideration, 227
- dormant VMs, 310
- drag and drop questions, 18
- DREAD technique, 133–134
- drive-by-download, 477
- drug screen, 477
- dry-pipe system, 237
- dual-homed gateways, 286
- due care, 50, 55, 477
- due diligence, 50, 477
- Dummies (website),
- dumpster diving, 478
- dwell time, 478
- dynamic application scanning tool (DAST), 478
- dynamic link library (DLL), 478
- dynamic packet-filtering firewall, 284
- dynamic password, 335, 478
- Dynamic RAM (DRAM), 176
- dynamic routing protocol, 253
E
- earning certifications, 32–38
- eavesdropping, 296, 313, 362, 478
- ECMAScript, 478
- edge computing, 478
- education, 138–141
- egress monitoring, 394
- EIA/TIA-232-F standard, 277
- El Gamal, 215
- electrical anomalies, 232
- electrical hazards, 232–233
- electrical noise, 232
- Electrically Erasable Programmable Read-Only Memory (EEPROM), 177
- electricity, 228, 231–232
- Electromagnetic Interference (EMI), 232, 478
- Electronic Code Book (ECB), 208, 478
- electronic discovery, 478
- electronic health records (EHRs), 78
- electronic protected health information (ePHI), 148, 478
- electronic signatures, 343
- electrostatic discharge (ESD), 232, 478
- Elliptic Curve (EC), 216
- email communication, 296–300
- emanations, 185
- embedded devices, assessing and mitigating vulnerabilities in, 195–196
- Emergency Power Off (EPO) switch, 231, 234
- emergency response, 91
- emergency supplies, 421
- employment agreements and policies, 114, 478
- employment candidate screening, 112–114, 478
- employment termination processes, 115, 478
- Encapsulating Security Payload (ESP), 307, 479
- encapsulation, 479
- enciphering. See encryption
- encryption, 199–205, 449, 479
- endpoint security, 292–294, 479
- end-to-end encryption, 199, 479
- end-user, 47–48
- Enigma Machine, 197
- Enterprise Risk Management - Integrated Framework, 132
- enticement, 382, 479
- entitlement, 397, 479
- entrapment, 382
- equipment, 228, 416
- Erasable Programmable Read-Only Memory (EPROM), 177
- error checking/recovery, 250
- escorts, 318
- Escrowed Encryption Standard (EES), 221, 479
- espionage, 479
- essential practices, 112
- Ethernet, 264, 276, 479
- ethics. See professional ethics
- European Information Technology Security Evaluation Criteria (ITSEC), 166–167, 479
- European Union (EU), 72, 402
- European Union General Data Protection Regulation (GDPR), 57–58, 80
- evacuation plans, 416, 421
- evaluation assurance levels (EALs), 167
- evaluation criteria, for selecting controls, 163–165
- e-vaulting, 93
- event management, 438
- events, speaking at, 26–27
- evidence collection/handling
- about, 379–380
- admissibility of evidence, 382–383
- defined, 479
- rules of evidence, 381–382
- types of evidence, 380–381
- evidence lifecycle, 479
- evidence storage, 229–230
- exams
- after the, 20–21
- fee for, 16
- overview of, 17–20
- planning tips for, 455–459
- practice, 15
- preparing for, 12–16
- question types, 18–19
- registering for, 16–17
- re-scheduling, 16
- tips for test-day, 461–464
- weighting of questions, 19
- Exclusive Or (XOR) function, 209, 479
- Execute (X) access, 352
- executive oversight, 45–46
- exhaustion attack, 221
- exigent circumstances, 385, 480
- expectation of privacy, 149
- expert system, 480
- exploit, 480
- Exposure Factor (EF), 120, 480
- Extended Binary-Coded Decimal Interchange Code (EBCDIC), 248
- Extensible Authentication Protocol (EAP), 304, 325, 480
- Extensible Markup Language (XML), 508
- Exterior Gateway Protocol (EGP), 255
- exterior walls, as a building design consideration, 227
- External Affairs, 95
- external assessment, 127
- external audit, 378
- external communications, 94
- external value, as an asset value element, 118
- extradition, 57
- Extranet, 241, 480
F
- facial recognition systems, 340
- facilities
- applying security principles to design of, 224–229
- controlling access to, 317–318
- designing, 226–229
- implementing security controls for, 229–238
- facsimile communication, 302
- Factor Analysis of Information Risk (FAIR), 131
- Fagan inspection, 368, 480
- fail closed, 480
- fail open, 480
- failover systems, 184, 480
- fail-safe systems, 184, 480
- fail-soft systems, 184, 480
- fallacies, computer use and, 82
- False Accept Rate (FAR), 338, 480
- False Reject Rate (FRR), 338, 480
- fault tolerance, 415, 480
- fault-tolerant systems, 184, 480
- Fed. R. Evid., 56
- Fed. Reg., 56
- Federal Information Processing Standard (FIPS), 207, 216, 481
- federal interest, 64
- federal interest computer, 64
- Federal Risk and Authorization Management Program (FedRAMP), 169, 481
- Federal statutes, 56
- Federal Trade Commission (FTC), 69
- federated identity management (FIM), 346, 481
- fees, 16, 21
- felony, 54
- fences, 318
- Fiber Distributed Data Interface (FDDI), 264, 273, 481
- fiber-optic cable, 276, 277, 481
- Fibre Channel over Ethernet (FCoE), 481
- field permissions, 316
- 50-year flood plain, 415
- file level permissions, 316
- file management, as an operating system function, 179
- file ownership, 351–352
- file transfer protocol (FTP), 246
- final disposition, of evidence, 386
- financial attacks, as a category of computer crime, 61
- Financial Executives International (FEI), 48
- financial readiness, in disaster recovery (DR) plan, 420–421
- finger scan systems, 340
- fingerprint recognition, 340
- fire prevention/detection/suppression, 234–238
- fire protection, 96
- fire suppression, 229
- fire triangle, 234–235
- firewalls, 283–288, 409, 481
- firmware, 481
- first aid, 421, 481
- fixed-temperature detectors, 236
- flame-sensing fire detection, 236
- Flash Memory, 177
- Floating-Point Unit (FPU), 173
- floors, as a building design consideration, 227
- flow control, 250
- forensics, 481
- formal education, 140
- formal training programs, 139–140
- Fraggle attack, 311
- frame injection, 481
- Frame Relay, 269, 481
- frameworks, in risk management, 131–132
- fraud, 481
- The Free Information Fallacy, 82
- frequency, in assessment, 127
- full interruption, of disaster recovery (DR) plan, 426–427
- full-duplex mode, 248, 250
- “fun” attacks, as a category of computer crime, 61
- functionality, 166
- fuzzing, 369, 481
G
- gaming, 449
- gas discharge systems, 237–238
- gates, 318
- gateways, 261, 481
- General Data Protection Regulation (GDPR), 402, 481
- generating reports, 376
- geolocation, 303
- German Enigma Machine, 197
- GI Bill, 17
- Global Information Assurance Certification (GIAC), 36
- global positioning system (GPS), 482
- goals, aligning security function to, 44–45, 482
- governance committees, 45–46, 482
- government data classification, 145
- Graphics Interchange Format (GIF), 248
- gray-box testing, 482
- Gregory, Peter H. (author)
- IT Disaster Recovery Planning For Dummies, 111, 416
- grudge attacks, 61–62
- guard dogs, 230, 318
- guards, 318
- guest operating systems, 180, 310, 482
- guidelines, developing and implementing, 85–87, 482
H
- The Hacker's Fallacy, 82
- Hacking For Dummies (Beaver), 364
- Hacking Wireless Networks For Dummies (Beaver and Davis), 282
- hacktivism, as a category of computer crime, 62, 482
- half-duplex mode, 248
- half-open connections, 312
- halon, 238
- hand geometry systems, 341
- handling, 154, 406
- hands-on experience, 13–14
- hard drive forensics, 389
- hardening standard, 87, 482
- hardware, 137, 173–176, 280, 482
- hardware address, 263
- hardware asset management, 407
- hardware segmentation, 482
- hash function, 482
- Hashed Message Authentication Code (HMAC), 219
- HealthCare Information Security and Privacy Practitioner (HCISSP), 33
- hearsay evidence, 381–382, 482
- heating, ventilation, and air conditioning (HVAC), 233–234
- heat-sensing fire detection system, 236
- heterogeneous environment, 171, 482
- heuristics-based endpoint protection, 293
- hidden code, 482
- High Technology Crime Investigation Association (HTCIA) (website), 30
- High-level Data Link Control (HDLC), 270–271
- High-rate Digital Subscriber Line (HDSL), 267
- High-Speed Serial Interface (HSSI), 278, 482
- holddown timers, 254
- home, 257
- homogeneous environment, 482
- honeynets, 411, 483
- honeypots, 411, 483
- hop count, 254
- host-based intrusion detection (HIDS), 289, 391, 483
- hosted hypervisors, 309
- hot site, 97, 413, 483
- hotspot questions, 18–19
- hub, 278, 483
- humidity, 232, 233–234
- hybrid cloud computing, 191, 483
- hybrid risk analysis, 122
- HyperText Markup Language (HTML), 300–302
- HyperText Transfer Protocol (HTTP), 246, 300–302, 483
- HyperText Transfer Protocol Secure (HTTPS), 246, 301, 483
- HyperText Transport Protocol Secure (HTTPS), 301
- hypervisors, 180, 309–310, 483
I
- ICMP flood attack, 311
- icons, explained,
- identification and authentication (I&A), 164, 328, 483
- identity and access management (IAM)
- about, 315–316, 319
- cloud-based access controls, 327–328
- controlling physical and logical access to assets, 316–318
- decentralized access controls, 328
- defined, 483
- implementing and managing authorization mechanisms, 348–353
- integrating identity-as-a-service, 347–348
- integrating third-party identity services, 348
- managing identification and authentication, 319–347
- managing identity, 355–356
- managing identity and access provisioning lifecycle, 355–356
- preventing and mitigating access control attacks, 353–355
- single sign-on (SSO), 319–327
- identity fraud, in voice communication, 296
- Identity-as-a-Service, 347–348, 483
- ideological attacks, as a category of computer crime, 62
- IETF, 258–259
- illegal search and seizure, 382
- implementation attack, 222
- import/export controls, 74–75
- inactivity timeouts, 344, 483
- incident management, conducting, 407–409
- indexed addressing, 178
- indicators of compromise (IOCs), 483
- indirect addressing, 178
- indoctrination, to raise security awareness, 139
- industrial control system (ICS), assessing and mitigating vulnerabilities in, 189–190, 317, 483
- industrial espionage, as a category of computer crime, 60–61
- inference, 484
- inference channel, 484
- inference engine, 484
- information, 143–146, 316, 402
- Information Assurance Support Environment (website), 170
- information custodian, 484
- Information Flow model, 162, 484
- Information Lifecycle Management (ILM), 151–152
- information owner, 484
- Information Security Journal, 27
- information security management system (ISMS), 484
- Information Security Scholarship Program, 27
- Information Systems Audit and Control Association (ISACA), 48, 437
- Information Systems Security Architecture Professional (ISSAP), 33
- Information Systems Security Engineering Professional (ISSEP), 34
- Information Systems Security Management Professional (ISSMP), 34
- Information Technology Act (2000) (India), 70
- Information Technology Infrastructure Library (ITIL), 49–50, 407, 485
- informative policies, 86
- InfraGard (website), 30
- Infrastructure as a Service (IaaS), 191, 483
- inherent vulnerability, 201
- initial cost, as an asset value element, 118
- initialization vector (IV), 209
- injection attacks, 449, 484
- injuries, in disaster recovery (DR) plan, 418
- input control, as a data integrity measure, 159
- inquiry, as a control assessment technique, 127
- inrush, 484
- INSIGHTS (online magazine), 27
- inspection, as a control assessment technique, 128
- instant messaging (IM), 303
- Institute of Electrical Engineers (IEEE), 484
- Institute of Internal Auditors (IIA), 48
- Institute of Management Accountants (IIMA), 48
- insurance, 420
- integrated product team, 439–440
- Integrated Services Digital Network (ISDN), 268, 484
- integrity, 52, 158–159, 196, 484
- *-integrity property (star integrity property), 161
- integrity verification procedures (IVP), 162
- intellectual property, 72–74, 484
- interface testing, 370–371
- interfaces, types of, 277–278
- interior walls, as a building design consideration, 227
- Intermediate System to Intermediate System (IS-IS), 255
- internal audit, 378
- internal value, as an asset value element, 118
- International Association of Privacy Professionals (IAPP) (website), 30, 35
- International Council of E-Commerce Consultants (EC-Council) (website), 36
- International Data Encryption Algorithm (IDEA) Cipher, 212
- International Electrotechnical Commission (IEC), 10, 484
- International Information System Security Certification Consortium (ISC)2, –10
- International law, 55–57
- International Organization for Standardization (ISO), 10, 484
- International Organization for Standardization/International Electrotechnical Commission (ISO/IEC 27002), 49
- International Systems Security Association (ISSA) (website), 29
- International Telecommunications Union (ITU), 484
- Internet, 485
- Internet Architecture Board (IAB), 84, 241
- Internet Assigned Numbers Authority (IANA), 255
- Internet Control Message Protocol (ICMP), 261, 485
- Internet Engineering Task Force (IETF), 485
- Internet Key Exchange (IKE), 307
- Internet Layer (TCP/IP Model), 279, 485
- Internet Message Access Protocol (IMAP), 246
- Internet of Things (IoT), 52, 192, 295, 485
- Internet Protocol (IP), 255, 485
- Internet Protocol Security (IPsec), 306–307, 485
- Internet Relay Chat (IRC), 485
- Internet Security Association and Key Management Protocol (ISAKMP), 307
- Internet Small Computer Systems Interface (iSCSI), 485
- Internetwork Packet Exchange (IPX), 255, 485
- internetworks, 252
- Intranet, 241, 485
- intrusion detection and prevention systems (IDPSs), 288–290, 391–392, 409
- intrusion detection systems (IDS), 288–290, 485
- intrusion prevention systems (IPSs), 288–290, 485
- investigations, 379–391
- I/O device management, as an operating system function, 179
- ionization devices, 236
- IP reputation services, 410
- IP spoofing, 312
- iris pattern, 341
- ISC2
- attending events, 25
- being an active member of, 25–26
- focus groups, 28
- helping at conferences, 27
- joining a chapter, 26
- online store (website), 31
- volunteer opportunities, 26–29
- voting in elections, 25
- website, 457
- ISC2 Congress, 25, 27
- ISC2 publications
- contributing to, 27
- reading, 27
- (ISC)2 Blog, 27
- (ISC)2 Code of Professional Ethics, 83
- (ISC)2 community, 28
- ISO/IEC 17024 standard, 10
- ISO/IEC 27002, Information Technology - Security Techniques - Code of Practice for Information Security Management, 86
- ISO/IEC 27005, 132
- IT Disaster Recovery Planning For Dummies (Gregory), 111, 416
- IT Governance Institute (ITGI), 48
J
- Japanese Government Information Security Professional (JGISP), 33
- Japanese Purple Machine, 197
- JavaScript, 485
- jitter, 251
- job description, 485
- job rotation, 400–402, 485
- joining local security chapters, 29–30
- Joint Photographic Experts Group (JPEG), 248
- joint tenants, as a consideration for choosing locations, 226
- JScript, 485
- judgmental sampling, 128
- juvenile laws, 59
K
- Kerberos, 320–324, 486
- kernel, 179
- key card access systems, 317
- key change, 221
- key clustering, 202, 471
- key control, 221
- key disposal, 221
- key distribution, 220
- key encryption key (KEK), 486
- key escrow, 221
- key generation, 220
- key installation, 220
- key logging, 486
- key management functions, 220–221
- key perfomance indicators (KPIs), 373–374, 486
- key recovery, 221
- key risk indicators (KRIs), 373–374, 486
- key storage, 220
- key transport, 214–215
- keyed invoices, 104, 201
- keystroke dynamics, 342
- knowledge-based IDS, 289–290
- Known Plaintext Attack (KPA), 223, 486
- KryptoKnight, 327, 486
L
- labels, 163
- large-scale parallel data systems, assessing and mitigating vulnerabilities in, 187–188
- latency, 201
- Latin America and Caribbean Network Information Centre (LACNIC), 257
- lattice model, 351, 486
- The Law-Abiding Citizen Fallacy, 82
- Layer 2 Forwarding Protocol (L2F), 266, 306, 486
- Layer 2 Tunneling Protocol (L2TP), 266, 306–307, 486
- Layton, Mark (author)
- Agile Project Management For Dummies, 436
- Scrum For Dummies, 436
- leading by example, 47
- learning style, knowing your, 455
- least privilege concept, 396–397, 486
- legal and regulatory issues
- about, 58
- computer crimes, 58–72
- data breaches, 80–81
- import/export controls, 74–75
- licensing and intellectual property, 72–74
- privacy, 75–80
- trans-border data flow, 75
- legal liability, risk management and, 124
- legislative and regulatory compliance, 53–57
- letters of agreement, 420
- Lewis, Barry (author)
- Wireless Networks For Dummies, 266
- liability, under civil law, 55
- licensing, 72–74
- life safety, controlling access to, 318
- lifecycle, cryptographic, 198
- lighting, as a building design consideration, 227
- lightning strikes, 228
- Lightweight Directory Access Protocol (LDAP), 324, 486
- limited access security mode, 183
- line of credit, 420
- link encryption, 200–201, 486
- Link (Network Access) Layer (TCP/IP Model), 279, 486
- link states, 254
- link-state protocol, 254
- live forensics, 390, 486
- local area networks (LANs), 240–241, 264–265
- local security chapters, joining, 29–30
- locations, choosing, 226
- log reviews, 365–366, 486
- logging, 391–394, 444–445
- logical access control, 337
- Logical Link Control (LLC), 262
- logistics, in disaster recovery, 95–96
- loopback network, 257
- loss of life, in disaster recovery (DR) plan, 418
- Lowe, Doug (author)
- Networking All-In-One For Dummies, 239
M
- machine learning (ML), 486
- magnetic fields, 228
- magnetic tape, 93
- main memory, 176–178
- main storage, 176–178
- maintenance and support
- detective and preventive measures, 409–411
- in engineering process, 157
- firewalls, 409
- intrusion detection and prevention systems (IDPSs), 409
- ownership, 146–147
- of software, 438–439
- third-party security services, 410
- maintenance cost, as an asset value element, 118
- maintenance fees, 21
- maintenance hooks, 172, 487
- Maintenance stage, of ILM, 151–152
- malicious input, 171
- malware, 487
- Man in the Browser (MITB), 301, 487
- Man in the Middle (MITM), 301, 311–312
- managed change, hardware operation and, 280
- managed security services (MSS), 410, 497
- management review, 372–373, 487
- mandatory access control (MAC), 163, 350–351
- mandatory vacations, 401
- Manifesto for Agile Software Development (website), 434
- Man-in-the-Middle Attack, 223, 301, 311–312, 354, 487
- man-made threats, 119
- mantraps, 318, 487
- manual controls, 126, 487
- marking, 154, 406
- maturity models, 437–438, 487
- Maximum Tolerable Downtime (MTD), 101–102, 103, 487
- Maximum Tolerable Outage (MTO), 102, 103, 487
- Maximum Tolerable Period of Disruption (MTPD), 101–102, 487
- Media Access Control (MAC), 262
- media management, 406–407
- media storage, 92–94
- media storage facilities, 229–230
- medical devices, 317
- Meet-in-the-Middle Attack, 223, 487
- memory addressing, 177, 487
- memory leaks, 449, 487
- memory management, as an operating system function, 179
- Memory Management Unit (MMU), 173
- memory space, 177, 178, 488
- mentors, 38
- mergers, integrating security risk considerations into, 136–138
- Merkle-Hellman (Trapdoor) Knapsack, 215–216
- mesh mode, 273
- Mesh topology, 274
- message authentication, 216–219
- Message Digest (MD), 218–219, 488
- message digests, 217–219
- metadata, 488
- metamorphism, 488
- metropolitan area network (MAN), 243, 488
- Microsoft certifications, 11
- military intelligence attacks, as a category of computer crime, 62
- MIME Object Security Services (MOSS), 300, 488, 489
- minimum security requirements, 137
- mischief, in disaster recovery (DR) plan, 416
- misdemeanor, 54
- mission, aligning security function to, 44–45
- mission statement, 44–45, 488
- misuse case testing, 368–369
- mixed law systems, 57
- mobile app, 488
- mobile device, 488
- mobile device management (MDMI), 488
- mobile systems, assessing and mitigating vulnerabilities in, 194
- modes of operation, 181–182, 208
- monoalphabetic substitution, 197, 488
- monoalphabetic substitution cipher, 204
- Moore's Law, 222
- Motion Picture Experts Group (MPEG), 248
- Motive, Opportunity, and Means (MOM), 389
- movement, 228
- multicast, 265, 485
- multi-factor authentication, 304, 335–343, 485
- multi-factor key card entry, 230
- multilevel security mode, 183
- multilevel system, 350, 485
- multimedia collaboration, 302–303
- multipayer protocols, 260
- multiple data centers, 97
- multiple processing sites, 413
- multiple-choice questions, 18
- multiplexing, 250
- multiprocessing functionality, of systems, 175, 485
- multiprogramming functionality, of systems, 175, 488
- Multi-Protocol Label Switching (MPLS), 269, 489
- multistate systems, 175
- multitasking functionality, of systems, 175, 489
- multiuser systems, 175
N
- Napoleonic code, 57
- National Computer Security Center (NCSC), 163, 489
- National Information Assurance Certification and Accreditation Process (NIA-CAP), 169, 489
- National Institute for Standards and Technology (NIST), 48, 65, 207, 216, 489
- National Security Agency (NSA), 12, 65, 207
- native hypervisors, 309
- natural access control, as a strategy of CPTED, 224–225
- natural disasters, as a consideration for choosing locations, 226
- natural surveillance, as a strategy of CPTED, 225
- natural threats, 119
- near-field communications (NFC), 489
- need-to-know concept, 146, 396–397, 489
- NetBIOS, 249
- network access control (NAC) devices
- about, 282
- cloud access security broker (CASB) systems, 291–292
- data loss prevention (DLP), 291
- firewalls, 283–288
- intrusion detection and prevention systems (IDSs/IPSs/IDPSs), 288–290
- Web content filters, 290–291
- Network Access (Link) Layer (TCP/IP Model), 279, 489
- Network Address Translation (NAT), 257, 489
- network administrator, 11
- network attacks, 310–313
- network components
- about, 280
- content distribution networks, 294
- endpoint security, 292–294
- hardware, 280
- network access control (NAC) devices, 282–292
- physical devices, 294–295
- transmission media, 280–282
- Network File System (NFS), 249
- network interface cards (NICs), 278, 489
- Network Layer (Layer 3) (OSI Reference Model), 252–261, 489
- network penetration test, 361–363, 489
- network sprawl, 261, 489
- network virtualization, 309
- network visibility, 310
- network-based IDS (NIDS), 289
- network-based intrusion detection (NIDS), 289, 391, 489
- Networking All-In-One For Dummies (Lowe), 239
- networking certification, 456
- networks, 24–25, 273–274, 309
- neural network, 489
- next-generation firewalls (NGFWs), 288, 490
- NIST Cyber Security Framework (CSF), 153
- NIST SP800-37, 132
- NIST SP800-53, 153
- NIST SP800-171 Revision 1, 153
- no write down (NWD), 160
- nonce, 327
- non-compete agreement, 490
- non-disclosure agreement (NDA), 490
- non-interference model, 162, 490
- non-(ISC)2 certifications, 34–37
- non-repudiation, 343, 490
- non-technical/non-vendor certifications, 34–36
O
- Oakley Key Exchange Protocol, 307
- object, 180, 490
- Object Linking and Embedding (OLE), 490
- object reuse, 149, 163, 490
- objectives, aligning security function to, 44–45, 490
- observation, as a control assessment technique, 127
- octets, 255–256
- odd-parity bit, 208
- omni-directional antennas, 272
- one-time pad, 203, 490
- one-time passwords, 335, 490
- one-way function, 214, 218, 490
- one-way hash function, 217
- one-way hashing algorithm, 218
- online business networking, 24
- online orders, RPOs and, 104
- online practice (website), , 12, 13
- on-premises, 490
- on-the-job training, 140
- open message format, 490
- open networkers, 24
- open relay, 490
- Open Shortest Path First (OSPF), 254
- open source software, 447, 490
- Open Study Group (website), 458
- Open System authentication, 282
- open systems, 182, 490
- Open Systems Interconnection (OSI) Reference Model, 241–278, 491
- Open Web Application Security Project (OWASP), 30, 369, 452, 491
- OpenFAIR, 131
- operating states, for CPUs, 174
- operating system (OS), 179, 448, 491
- operation, of software, 438–439
- operational assurance requirements, 164
- operational impact, risk management and, 124
- operational requirements,, for investigations, 391
- Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE), 131
- Orange Book, 163–165, 491
- organization, for exam, 457
- organizational awareness, promoting, 110
- organizational processes, 45–46
- organizational value, as an asset value element, 118
- orientation, to raise security awareness, 139
- output control, as a data integrity measure, 159
- Output Feedback (OFB) mode, 209, 491
- outsourcing, 491
- over-the-top (OTT) services, 296
- ownership, determining and maintaining, 146–147, 491
P
- packet sniffing, 354, 363, 491
- packet-filtering firewall, 283–284, 491
- packet-switched networks, 268–270, 491
- pair programming, 368
- pandemics, 418
- parabolic antennas, 272
- parallel test, of disaster recovery (DR) plan, 425–426
- parity bit, 208
- passive hubs, 278
- passive IDS, 289
- passphrases, 330–335, 491
- Password Authentication Protocol (PAP), 304, 325, 491
- password sniffing, 354
- passwords, 330–335, 491
- patches, managing, 411–412, 491
- Patent Cooperation Treaty (PCT), 73
- patents, 73, 492
- path-vector protocol, 255
- Payment Card Industry Data Security Standard (PCI DSS), 70–72, 75, 150, 492
- Payment Card Industry Internal Security Assessor (PCI-ISA), 35
- Payment Card Industry Qualified Security Assessor (PCI-QSA), 35
- Payment Card Industry Security Standards Council (website), 35
- payroll, during disasters, 101
- P-boxes, 205
- Pearson VUE (website), 16, 456
- peer programming, 368
- peer review, 368
- pen register, 67
- penalties, 53–54
- penetration testing, 361–365, 492
- pen/trap device, 67
- performance management, 438
- periodic reviews, for content relevancy, 141
- Permanent Virtual Circuits (PVCs), 269
- permutation ciphers, 204–205
- personal area network (PAN), 242
- personal health information (PHI), 51–52, 494
- personal identification numbers (PINs), 335, 492
- Personal Information Protection and Electronic Documents Act (PIPEDA), 492
- personally identifiable information (PII), 51–52, 148, 492
- personnel, in disaster recovery (DR) plan, 229, 416, 421
- personnel notification, 92
- personnel safety, 92
- personnel security policies. See administrative management and control
- pharming, 298, 365, 492
- phishing, 298, 364–365, 492
- phone taps, 382
- photoelectric devices, 236
- physical access control, 281, 337
- physical address, 263
- physical assets, 395
- physical controls, 492
- physical devices, 294–295
- physical evidence, 380, 492
- Physical Layer (Layer 1) (OSI Reference Model), 273–278, 493
- physical memory, 176–177
- physical penetration test, 363–364
- physical security, 427
- Physical Security Professional (PSP), 35
- pipes, 228
- Plain Old Telephone Systems (POTS), 295–296
- plaintext, 199, 493
- Platform as a Service (PaaS), 191, 491
- plenum, 228
- Pluralistic law systems, 57
- point-to-point links, 266–267
- Point-to-Point Protocol (PPP), 266, 492
- Point-to-Point Tunneling Protocol (PPTP), 266, 306, 492
- policies, 492
- Policy Decision Point (PDP), 353
- Policy Enforcement Point (PEP), 353
- political intelligence attacks, as a category of computer crime, 62
- polling, 263
- polyalphabetic substitution cipher, 204
- polyinstantiation, 492
- polymorphism, 493
- port hopping, 493
- port level access control, 316
- port scan, 359, 493
- Post Office Protocol Version 3 (POP3), 246
- PowerShell, 493
- practice exams, 15, 458
- preaction system, 237
- Pre-Fetch Unit, 173
- prepared statement, 493
- pre-purchased assets, 420
- Presentation Layer (Layer 6) (OSI Reference Model), 247–248, 493
- presentations, 139, 386
- preservation of evidence, 386
- Pretty Good Privacy (PGP), 300, 493
- preventive controls, 125, 493
- printed materials, to raise security awareness, 139
- privacy, 75–76. See also specific privacy acts
- Privacy and Electronic Communications Regulations of 2003 (U.K.), 70
- Privacy Enhanced Mail (PEM), 246, 300, 493
- privacy requirements compliance, 57–58
- Private Branch Exchange (PBX), 295–296
- private cloud computing, 191, 493
- private key cryptography. See symmetric key cryptography
- private network address, 493
- privilege creep, 397, 493
- privileged account management, 398–399
- Privileged Attribute Certificates (PACs), 326–327
- Privileged Attribute Server (PAS), 326–327
- privileges, escalation of, 449, 493
- problem state, 174
- procedures, 85–87, 280, 493
- Process for Attack Simulation & Threat Assessment (PASTA), 136
- process isolation, 493
- process management, as an operating system function, 179
- process table, 494
- product backlog, 435
- professional ethics, 82, 83–85, 479
- Programmable Read-Only Memory (PROM), 177
- Project Management Institute (website), 35
- Project Management Professional (PMP), 35
- project plan. developing and documenting, 90–98
- project scope, developing and documenting, 90–98
- project teams, membership in, 90
- promiscuous mode, 363, 494
- proofing of identity, 344–346
- *-property (star property), 160
- protected computer, 64
- Protected Extensible Authentication Protocol (PEAP), 494
- protection domain, 177, 406, 494
- protection of privacy, 345
- protection rings, 183, 494
- Protection Test Unit (PTU), 174
- Protocol Data Unit (PDU), 251, 494
- provisioning resources, 394–395
- proximate causation, 494
- proxy server, 284, 494
- prudent man rule, 494
- pseudo flaw, 494
- public cloud computing, 191, 494
- Public Company Accounting Oversight Board (PCAOB), 68
- Public Company Accounting Reform and Investor Protection Act, 371
- public key cryptography, 467, 494. See also asymmetric key cryptography
- Public Key Infrastructure (PKI), 219–220, 494
- Public Switched Telephone Network (PSTN), 266
- public value, as an asset value element, 118
- punishment, under criminal law, 53
- punitive damages, under civil law, 54, 494
- Purple Machine, 197
- pursuit of excellence, 38–39
Q
- qualification program, 140
- qualitative asset value, 117
- qualitative impact, of disasters, 98
- qualitative risk analysis, 120–121, 494
- quality of service, 415
- Quality of Service (QoS), 494
- quantitative asset value, 117
- quantitative impact, of disasters, 98
- quantitative risk analysis, 121–122, 495
- quarantine, 495
- question types, 18–19
- quizzes, to measure effectiveness of security training, 141
R
- race conditions, 184–185, 449, 495
- radiation monitoring, 362
- radio frequency (RF) emanations, 362, 495
- Rainbow table, 222, 353, 495
- Random Access Memory (RAM), 176
- ransomware, 495
- rate-of-rise detectors, 236
- Read (R) access, 352
- Read-Only Memory (ROM), 176
- read-through, of disaster recovery (DR) plan, 424
- real evidence, 380, 495
- real-time blackhole lists (RBLs), 297
- reciprocal site, 97
- records, in disaster recovery (DR) plan, 416
- recovery, in disaster recovery (DR) plan, 420
- recovery controls, 495
- Recovery Point Objective (RPO), 104–105, 495
- recovery procedures, 184
- recovery sites, strategies for, 413
- recovery strategies, implementing, 412–415
- recovery targets, establishing, 102–105
- Recovery Time Objective (RTO), 103–105, 495
- Reduced-Instruction-Set Computing (RISC), 175, 495
- reduction analysis, 135, 495
- redundant array of independent disks (RAID), 495
- redundant components, 172, 495
- reference monitor, 180, 182, 495
- referential integrity, 495
- registers, 174
- registration, for test, 456
- Registration Authority (RA), 220, 495
- registration processes, 344–346
- regulatory policies, 86
- regulatory requirements
- as a criteria for commercial data classification, 144
- for investigations, 391
- reliability, 339
- Religious law systems, 57
- remediating threats, 135
- Remember icon,
- remote access, 303–308
- Remote Access Service (RAS), 304, 325, 495
- remote access trojan (RAT), 496
- Remote Authentication Dial-In User Service (RADIUS), 304–305, 324–325, 496
- remote backup, 496
- remote console login, 317
- remote desktop protocol (RDP), 496
- Remote Procedure Call (RPC), 249
- renewing CISSP certification, 20–21
- repeater, 278, 496
- repeater mode, 273
- reperformance, as a control assessment technique, 128
- Replay Attack, 224
- replication, 93, 496
- reports, generating, 376
- Repository, 220, 496
- repudiation, 196
- reputation-based IDS, 392
- requirements, 10–12, 156
- re-scheduling exams, 16
- Réseaux IP Européens Network Coordination Centre (RIPE NCC), 257
- resilient systems, 184
- resource management, as an operating system function, 179
- resource protection, applying techniques for, 405–407
- Resource Requirements portion (BIA), 106
- resources, provisioning, 394–395
- response, to disasters, 419–421
- restoration, in disaster recovery (DR) plan, 423
- restricted address, 303
- restricted algorithm, 201
- restricted area security, 230
- retention, 150, 406
- retina patterns, 341
- return on investment (ROI), 89
- Reverse Address Resolution Protocol (RARP), 265, 496
- RG8, 275, 277
- RG11, 275, 277
- RG58, 275, 277
- Rijmen, Vincent (Dr), 211
- Rijndael Block Cipher, 211, 496
- Ring topology, 274, 496
- risk acceptance, 123, 496
- risk analysis, 119–122, 445–446, 496
- Risk and Insurance Management Society (RIMS) (website), 30
- risk assessment/analysis (treatment), 117–119, 131, 154, 496
- risk assignment, 123, 496
- risk avoidance, 123, 496
- risk framework, 132
- risk identification, 117
- risk management, 116–136, 138–141, 496
- Risk Management Framework (RMF), 132
- risk mitigation, 122–123, 445–446, 496
- risk reduction, 497
- risk tolerance, 497
- risk transference, 123, 496, 497
- risk treatment, 116, 122–123, 497
- risk-based authentication, 496
- Rivest, Ron (Dr), 211, 214, 497
- Rivest Ciphers, 211–212
- RJ-type connectors, 276
- role-based access control (RBAC), 349–350, 497
- roles and responsibilities, 46–48, 147, 397–398
- root mode, 273
- rootkits, 184, 497
- rotation of duties, 400–402, 497
- round, 208
- route poisoning, 254
- routed protocols, 252, 255–260
- routers, 261, 497
- Routing Information Protocol (RIP), 253–254
- routing loops, 253
- routing protocols, 252, 253–255, 497
- row permissions, 316
- RSA algorithm, 214–215
- “rubber hose” attack, 224
- rule-based access control, 350, 497
- run state, 174
S
- sabotage, 228
- sacrificial lamb, 286
- Safe and Secure Online program, 27
- Safe Harbor (1998), 69
- safeguard, 497
- sag, 497
- sally ports, 318, 497
- salvage, in disaster recovery (DR) plan, 419–420
- sampling, 378
- sampling techniques, 128
- sandboxing, 410, 497
- SANS GIAC certifications, 11
- SB-1386 (California Security Breach Information Act), 81
- S-boxes, 204
- scan, 497
- scareware, 497
- scope creep, 91
- scoping, 152–153
- screen savers, 344, 498
- screened-host gateways, 287
- screened-subnet, 287–288
- screening router, 283–284, 285–286, 498
- script injection, 301, 369, 498
- script kiddie, 498
- Scrum For Dummies (Layton), 436
- Scrum methodology, 436, 498
- sealing, as a function of TPM, 181
- search and seizure, 382
- search warrant, 385
- Searching and Seizing Computers and Obtaining Evidence in Criminal Investigations (3rd edition, 2009) publication, 384
- secondary evidence, 380, 498
- secondary memory, 177–178
- secondary storage, 177–178
- Secret government data classification, 146
- secret key cryptography. See symmetric key cryptography
- sectorized antennas, 272
- secure and signed message format, 213, 498
- secure design principles, implementing and managing engineering processes using, 155–157
- Secure Electronic Transaction (SET), 498
- Secure European System and Applications in a Multi-vendor Environment (SESAME), 326–327, 498
- Secure Hash Algorithm (SHA), 219
- Secure Hypertext Transfer Protocol (S-HTTP), 246, 498
- Secure Key Exchange Mechanism (SKEME), 307
- secure message format, 498
- secure modes of operation, 181–182
- Secure Multipurpose Internet Mail Extensions (S/MIME), 247, 300, 498
- secure offsite storage, 413
- Secure Remote Procedure Call (S-RPC), 249
- Secure Shell (SSH/SSH-2), 249, 498
- Secure Sockets Layer (SSL), 308, 498
- Secure Sockets Layer/Transport Layer Security (SSL/TLS), 252
- security analyst, 11
- Security and Risk Management domain
- about, 43
- applying concepts of confidentiality, integrity, and availability, 51–52
- applying risk management concepts, 116–132
- applying security governance principles, 44–50
- applying threat modeling, 132–136
- business continuity requirements, 87–111
- compliance, 53–58
- global legal and regulatory issues, 58–81
- integrating security risk considerations, 136–138
- managing information security education, training, and awareness, 138–141
- personnel security policies, 111–116
- policies, standards, procedures, and guidelines, 85–87
- professional ethics, 82–85
- security architect, 11
- Security Architecture and Engineering domain
- applying cryptography, 196–224
- applying security principles to site and facility design, 224–229
- fundamental concepts of security models, 157–162
- implementing site and facility security controls, 229–238
- secure design principles, 155–157
- security capabilities of information systems, 173–185
- selecting controls, 162–172
- vulnerabilities in embedded devices, 195–196
- vulnerabilities in mobile systems, 194
- vulnerabilities in Web-based systems, 193–194
- vulnerabilities of security architecture, designs, and solution elements, 185–192
- security architectures, 185–192
- Security Assertion Markup Language (SAML), 320, 499
- security assessment and testing
- about, 357
- analyzing test output, 376
- collecting security process data, 371–376
- conducting security audits, 376–378
- conducting security control testing, 359–371
- designing and validating strategies for, 357–358
- generating reports, 376
- security association (SA), 307
- security auditor, 11
- security audits, conducting, 376–378
- security awareness, 499
- security capabilities, of information systems, 173–185
- security consultant, 11
- security control assessment (SCA), 499
- security controls, 169–172, 359–371
- security countermeasures, 169–172
- security engineer, 11, 499
- security executive oversight, 45–46
- Security Features User's Guide (SFUG), 165
- security gates, 230
- security governance principles, 44–50
- security guards, 230
- security incident management. See incident management
- security information and event management (SIEM) systems, 366, 393, 410, 499
- security kernel, 181, 182, 499
- security lighting, 230
- security manager, 11
- security models, 157–162
- security modes, 183, 499
- security operation center (SOC), 499
- Security Operations domain
- about, 46, 379
- addressing personnel safety and security concerns, 428
- applying foundational security operations concepts, 396–405
- applying resource protection techniques, 405–407
- conducting incident management, 407–409
- conducting logging and monitoring activities, 391–394
- implementing disaster recovery (DR) processes, 415–423
- implementing patch and vulnerability management, 411–412
- implementing physical security, 427
- implementing recovery strategies, 412–415
- maintaining detective and preventive measures, 409–411
- participating in Business Continuity (BC) planning, 427
- participating in change management processes, 412
- provisioning resources, 394–395
- requirements for investigation types, 390–391
- supporting investigations, 379–390
- testing disaster recovery plans, 423–427
- Security Parameter Index (SPI), 307
- security perimeter, 180, 499
- security policies
- about, 46
- as a basic control requirement, 163
- developing and implementing, 85–87
- security posture, 46, 499
- security process data, 371–376
- security program metrics, to measure effectiveness of security training, 141
- Security Protocol ID, 307
- security scanners, 445
- security testing, 164
- security walls/fences, 230
- Security|5, 37
- segregation of duties and responsibilities, 397–398, 499
- self assessment, 127
- self-paced training, 140
- self-study, 12–13
- senior management, 89–90, 110
- senior management policies, 86
- Sensitive but Unclassified (SBU) government data classification, 145, 499
- sensitivity labels, 350–351, 499
- separation of duties and responsibilities, 397–398, 499
- Sequenced Packet Exchange (SPX), 252
- Serial Line IP (SLIP), 267, 499
- server rooms, 229–230
- server-based systems, assessing and mitigating vulnerabilities in, 186–187
- Service Set Identifier (SSID), 281, 499
- service-level agreements (SLAs), 137–138, 402–404, 499
- services, 137
- session hijacking, 312, 354, 500
- Session Initiation Protocol (SIP), 249
- session key, 323
- Session Layer (Layer 5) (OSI Reference Model), 248–249, 500
- session management, 344, 449
- session token interception, 312
- severe weather, 228
- Shamir, Adi (Dr), 211, 214
- Shared Key authentication, 282
- The Shatterproof Fallacy, 82
- shielded twisted-pair cable (STP), 275, 277
- shoulder surfing, 363, 500
- side-channel attacks, 211
- signature dynamics, 342
- signature-based IDS, 289–290, 392
- signature-based software, 292–293
- simple integrity property, 161, 500
- Simple Key Management for Internet Protocols (SKIP), 261, 500
- Simple Mail Transfer Protocol (SMTP), 247, 297, 500
- Simple Network Management Protocol (SNMP), 247
- simple security property (ss property), 160, 500
- simplex mode, 248
- simulation, of disaster recovery (DR) plan, 424–425
- single factor authentication, 330–335, 500
- single key cryptography. See symmetric key cryptography
- Single Loss Expectancy (SLE), 120, 500
- single sign-on (SSO), 319–327, 500
- Single-line Digital Subscriber Line (SDSL), 267
- single/multi-factor authentication, 328–343
- site accreditation, 169
- site design, applying security principles to, 224–229
- site security controls, implementing, 229–238
- The Site Security Handbook, 86
- 60-day study plan, 456–457
- S/Key protocol, 335
- smartphone passwords, 336, 500
- smishing, 365
- smoke-sensing fire detection, 236
- SMS passwords, 336
- SMTP over TLS, 299–300
- Smurf attack, 311, 500
- sniffing, 500
- social engineering, 354, 364–365, 500
- Society for Information Management (SIM) (website), 30
- Society of Information Risk Auditors (IIA) (website), 30
- socket, 251, 501
- soda acid, 237
- soft tokens, 336
- software
- about, 137, 179
- acquired, 447–448
- assessing effectiveness of security of, 444–447
- containerization, 180
- defined, 501
- environments for, 440–442
- operating systems, 179
- virtualization, 180
- Software as a Service (SaaS), 190, 501
- software asset management, 407
- Software Assuarnce Maturity Model (SAMM), 437, 501
- software developer, 11
- software development
- about, 429
- applying secure coding guidelines and standards, 448–452
- applying security controls in development environments, 440–444
- assessing effectiveness of software security, 444–447
- assessing security impact of acquired software, 447–448
- software development lifecycle (SDLC), 429–440
- software development lifecycle (SDLC)
- about, 429–430
- change management, 439
- defined, 501
- development methodologies, 430–436
- integrated product team, 439–440
- maturity models, 437–438
- operation and maintenance, 438–439
- software development methodology (SDMI). See software development lifecycle (SDLC)
- software escrow agreements, 94, 501
- software libraries, 448
- software-defined networks (SDNs), 260–261, 501
- solution elements, vulnerabilities of, 185–192
- source code review, 355, 501
- source code scanning tools, 446
- source-code, 448–450, 501
- speaking, at events, 26–27
- spear phishing, 298, 365, 501
- Special Publication 800-53: Security and Privacy Controls for Federal Information Systems and Organizations, 48
- speed, 338–339
- spike, 501
- SPIM, 501
- SPIT, 501
- split horizon, 254
- spoofing, 312, 501
- sprint planning, 435, 501
- sprint retrospective, 436
- sprint review, 436
- spyware, 502
- SQL injection, 502
- ss property (simple security property), 160
- SSL hiding, 502
- stack overflow, 353–354
- stack overflow attack, 469
- staging environments, 375
- stand-alone power system (SPS), 95, 502
- standard operating environments, 87
- Standard Operating Procedures (SOPs), 87
- Standard Practice for Computer Forensics, 391
- standards, 85–87, 153, 280, 448–452, 502
- standby assets, 421
- star integrity property (*-integrity property), 161, 502
- star property (*- property), 160, 502
- Star topology, 273, 502
- stare decisis, 53
- state attacks, 185, 502
- state machine, 161, 502
- stateful inspection firewall, 284, 502
- static application scanning tool (SAST), 502
- static password, 335, 502
- Static RAM (SRAM), 176
- static routing protocol, 253
- statistical attack, 222
- statistical sampling, 128
- statutory damages, under civil law, 54, 502
- steganography, 205, 502
- storage, 154, 386, 406
- storage area network (SAN), 242
- storage virtualization, 309
- stored procedure, 502
- stream ciphers, 203, 503
- Stream Control Transmission Protocol (SCTP), 252
- STRIDE technique, 133–134, 446
- strong authentication, 503
- Structured Query Language (SQL), 503
- structured walkthough, of disaster recovery (DR) plan, 424
- study groups, 13, 28, 458
- subject, 503
- subpoena, 385
- substitution ciphers, 203–204, 503
- Sun Network File System (NFS), 320
- Supervisory Control and Data Acquisition (SCADA), 503
- supervisory state, 175, 503
- supplies, in disaster recovery, 95–96
- supply chain management, integrating security risk considerations into, 136–138
- surge protectors, 233, 503
- surge suppressors, 233
- switch, 503
- Switched Multimegabit Data Service (SMDS), 269, 503
- Switched Virtual Circuits (SVCs), 269
- symmetric algorithm. See symmetric key cryptography
- symmetric key cryptography
- about, 206–207
- Advanced Encryption Standard (AES), 211
- Blowfish Algorithm, 211
- Data Encryption Standard (DES), 207–209
- defined, 503
- International Data Encryption Algorithm (IDEA) Cipher, 212
- Rivest Ciphers, 211–212
- Triple DES (3DES), 209–211
- Twofish Algorithm, 211
- SYN Defender, 312
- SYN flood attack, 312, 503
- synchronous communication, 271
- Synchronous Data Link Control (SDLC), 271
- Synchronous Digital Hierarchy (SDH), 269
- Synchronous Optical Network (SONET), 269, 503
- synthetic transactions, 367–368
- system access controls, 316, 503
- system accreditation, 169
- system architecture, 164
- system certification, 167–169
- system hardening, 170–171, 443
- system high mode, 182, 503
- system high security mode, 183
- system integrity, 164
- system isolation, 443
- system messages, 333–334
- system resilience, 171–172, 414
- system test, 503
- systems administrator, 11, 316–317
- systems development lifecycle. See software development lifecycle (SDLC)
- Systems Security Certified Professional (SSCP), 33
T
- tabletop walkthrough, of disaster recovery (DR) plan, 424
- tactics, techniques, and procedures (TTPs), 504
- tailgating, 365
- tailoring, 152–153
- Take-Grant systems, 161, 504
- TCP Intercept, 312
- teaching, about data security, 28–29
- Teardrop attack, 312, 504
- technical factors, risk management and, 124
- Technical Stuff icon,
- technical support,
- technical training, 140
- technical/vendor certifications, 36–37
- techniques, for control assessment, 127–128
- telephone calls, 365
- Telnet, 247, 504
- temperature, 233–234
- TEMPEST project, 172, 276
- Temporal Key Integrity Protocol (TKIP), 282
- temporary credentials, 345
- Terminal Access Controller Access Control System (TACACS), 305, 325–326, 504
- termination of employment, 401
- territorial reinforcement, as a strategy of CPTED, 225
- terrorism, 62, 228, 416, 417
- test coverage analysis, 370
- test documentation, 165
- testing
- analyzing output, 376
- Business Continuity Plan (BCP), 110–111
- disaster recovery (DR) plans, 423–427
- in engineering process, 156
- text messaging, 422
- theft, 228
- thicknet, 275, 277
- thinnet, 275, 277
- third-party, 504
- third-party assessment/monitoring, 137
- third-party audit, 378
- third-party identity services, 348
- third-party security services, 410
- Threat Agent Risk Assessment (TARA), 131
- threat analysis, 118–119
- threat modeling, 133–135, 354, 446, 504
- threats, identifying, 116–117, 133–134, 504
- 3DES (Triple DES), 465
- three-way handshake, 250, 504
- throughput, 338–339
- Tip icon,
- Token Ring, 264, 504
- token-passing networks, 263
- tokens, 336, 504
- toll fraud, 296
- tools, 179
- Top Secret government data classification, 146
- topologies, network, 273–274
- tort law, 471
- total cost of ownership (TCO), 123–124
- trade secrets, 74, 504
- Trademark Law Treaty Implementation Act, 73
- trademarks, 73, 504
- Trade-Related Aspects of Intellectual Property Rights (TRIPs), 72
- traffic analysis, 504
- training, 138–141, 280, 375, 423
- Training Seminar, 458
- transaction latency, 368
- trans-border data flow, 75, 505
- transformation procedures (TP), 162
- transitive trust, 397, 505
- Transmission Control Protocol (TCP), 250–251, 505
- Transmission Control Protocol/Internet Protocol (TCP/IP) Model, 278–279, 504
- transmission media, 280–282
- Transport Layer (Layer 4) (OSI Reference Model), 249–252, 505
- Transport Layer (TCP/IP Model), 279, 505
- Transport Layer Security (TLS), 505
- transport mode, 307
- transport via secure courier, 413
- transportation, 317, 386, 416, 418
- transposition ciphers, 204–205, 505
- trap and trace device, 67
- trap door, 505
- Trapdoor (Merkle-Hellman) Knapsack, 215–216
- traverse-mode noise, 232
- Triple Data Encryption Standard (3DES), 209
- Trivial File Transfer Protocol (TFTP), 247
- Trojan horse, 505
- trust model, 300
- trusted computer system, 505
- Trusted Computer System Evaluation Criteria (TCSEC), 163–165, 505
- Trusted Computing Base (TCB), 180–181, 505
- trusted distribution, 164
- trusted facility management, 164
- Trusted Facility Manual (TFM), 165
- Trusted Network Interpretation (TNI), 166, 505
- trusted path, 164, 505
- Trusted Platform Module (TPM), 181, 505
- trusted recovery, 164, 505
- trusted subject, 160
- tunnel mode, 307
- twinaxial cable, 275, 506
- twisted-pair cable, 275–276, 506
- two-factor authentication, 506
- Twofish Algorithm, 211
- Type 1 error, 338
- type accreditation, 169
- Type II error, 338
- typing dynamics, 342
U
- UDP flood attack, 313
- UDP small servers, 311
- U.K. Data Protection Act (DPA), 78–79
- unauthenticated scans, 360, 506
- Unclassified government data classification, 145
- unconstrained data item (UDI), 162
- unicast, 265, 506
- Unified Communications as a Service (UCaaS), 296
- unified threat management devices (UTMs), 288, 506
- Uninterruptible Power Supply (UPS), 95, 231–232, 506
- unit test, 506
- United Nations Commission on International Trade Law (UNCITRAL), 72
- unsecured protected health information (PHI), 78
- unshielded twisted-pair cable (UTP), 275, 277
- U.S. CAN-SPAM Act (2003), 69
- U.S. Child Pornography Prevention Act (CPPA) (1996), 66
- U.S. Computer Fraud and Abuse Act (1986), 63–65, 68
- U.S. Computer Security Act (1987), 65
- U.S. Defense Information Security Agency, 170
- U.S. Department of Defense (DoD), 145, 160–161, 163
- U.S. Economic Espionage Act (EEA) (1996), 64, 66
- U.S. Electronic Communications Privacy Act (ECPA) (1986), 65, 68
- U.S. Federal Emergency Management Agency (FEMA), 89
- U.S. Federal Information Systems Management Act (FISMA) (2002), 69
- U.S. Federal Privacy Act (1974), 75, 76
- U.S. Federal Sentencing Guidelines (1991), 55, 66
- U.S. Gramm-Leach-Bliley Financial Services Modernization Act (GLBA) (1999), 75, 77
- U.S. Health Information Technology for Economic and Clinical Health Act (HITECH) (2009), 75, 78
- U.S. Health Insurance Portability and Accountability Act (HIPAA) (1996), 52, 75–77, 482
- U.S. Homeland Security Act (2002), 68
- U.S. Identity Theft and Assumption Deterrence Act (2003), 69
- U.S. Intelligence Reform and Terrorism Prevention Act (2004), 69
- U.S. Patent and Trademark Office (PTO), 73
- U.S. Sarbanes-Oxley Act (SOX) (2002), 48, 68, 371, 378, 497
- USA PATRIOT Act (2001), 64, 66–68, 506
- use case testing, 368–369
- Use stage, of ILM, 151
- useful life, as a criteria for commercial data classification, 144
- user, 506
- user acceptance testing (UAT), 446–447, 506
- user and entity behavior analytics (UEBA), 506
- User Datagram Protocol (UDP), 251, 506
- user entitlement, 506
- user identity, 345
- user mode, 506
- user stories, 435
- users, as a security role and responsibility, 47–48
- utilities, 95, 226, 228, 231–233, 416, 417
V
- v. (versus), 56
- V.24 ITU-T standard, 277
- V.35 ITU-T standard, 277
- validating strategies for assessment and testing, 357–358
- value, as a criteria for commercial data classification, 144
- value-added network (VAN), 243
- vandalism, 228
- vendor controls, 115
- vendor training, 140
- Vernam cipher, 506
- version control, 375
- Very high Data-rate Digital Subscriber Line (VDSL), 267
- veterans, 17
- vibration, 228
- video surveillance, 229
- view, 506
- view permissions, 316
- violation analysis, 506
- virtual addressing, 178
- virtual assets, 395
- virtual circuit management, 250
- virtual desktop infrastructure (VDI), 507
- virtual local area network (VLAN), 242, 507
- virtual machine, 507
- virtual memory, 177, 178, 507
- Virtual Private Network (VPN), 305, 507
- virtual reality (VR), 507
- Virtual Tape Library (VTL), 93, 507
- virtualization, 180, 309–310, 414, 507
- virtualized networks, 309
- virus, 507
- visibility, as a consideration for choosing locations, 226
- visitor logs, 230, 318
- Visual Basic Script (VBScript), 507
- VM sprawl, 310, 507
- voice communication, 295–296
- Voice over Internet Protocol (VoIP), 295–296, 507
- Voice over Long-Term Evolution (VoLTE), 296
- Voice over Wi-Fi (VoWiFi), 296
- voice recognition, 342
- voluntary surrender, of evidence, 385
- volunteer opportunities, 26–29
- volunteering, reasons for, 29
- VOMIT, 507
- voting, in ISC2 elections, 25
- vulnerabilities, 116–117, 184–196, 355, 359–360, 411–412, 507
- Vulnerability Assessment, 99–100, 119, 507
- vulnerability management services, 410, 438, 507
- vulnerability scan, 359–360, 507
- vulnerability scanning tool, 507
W
- wait state, 175
- waivers, 11
- walkthrough, of disaster recovery (DR) plan, 424
- walls, 318
- war, 416
- war dialing, 361, 508
- war driving, 362, 508
- warm site, 97, 228, 413, 508
- Warning icon,
- water issues, 234
- water protection, 96
- water sprinkler systems, 236–237
- waterfall model, 430–434, 508
- watering hole attacks, 301, 508
- wearables, 317
- web application firewall (WAF), 285, 508
- web communication, 300–302
- web content filters, 290–291, 508
- Web filtering, 410
- web site security tools, 445
- Web-based systems, assessing and mitigating vulnerabilities in, 193–194
- websites. See specific websites
- weighting, of questions in exam, 19
- well-formed transaction, 162
- wet-pipe system, 236
- whaling, 298, 365
- white-box testing, 508
- whitelisting, 410, 508
- wide area networks (WANs), 240–241, 266–271
- Wi-Fi, 508
- Wi-Fi Calling, 296
- Wi-Fi networks, protecting, 281–282
- Wi-Fi Protected Access (WPA/WPA2), 282, 508
- Wired Equivalent Privacy (WEP), 281–282, 508
- wired networks, protecting, 281
- Wireless Access Points (APs), 272–273
- wireless campus area network (WCAN), 243
- wireless intrusion detection (WIDS), 392
- wireless local area network (WLAN), 243, 265–266
- wireless metropolitan area network (WMAN), 243
- wireless network interface cards, 272
- Wireless Networks For Dummies (Lewis and Davis), 266
- wireless personal area network (WPAN), 242
- Wireless Transport Layer Security (WTLS), 508
- wireless wide area network (WWAN), 243
- wiretaps, 382
- wiring, as a building design consideration, 227
- wiring closets, 229–230
- work area security, 230
- work factor, 222, 508
- World Customs Organization (WCO), 72
- World Intellectual Property Organization (WIPO), 72
- World Trade Organization (WTO), 72
- worm, 508
- Write (W) access, 352
- writing certification exam questions, 26
X
- X (Execute) access, 352
- X.21bis. ITU-T standard, 278
- X25, 270, 508
Y
- Yagi antennas, 272
Z
- Zigbee, 508
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.