Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

CISSP Study Guide

Index

Number and Symbol

2TDES EDE, 165

3TDES EDE, 165

4GL (fourth-generation programming languages), 433

802, 1X, 146, 278–280

802, 11, 260–261

802, 11A, 260

802, 11Ac, 260

802, 11B, 260

802, 11G, 260

802, 11I, 259, 262

802, 11N, 260

802, 11-1997, 260

9 Step process, risk analysis, 67–68

ABM (Asynchronous Balanced Mode), HDLC, 256

Abstraction, secure design concepts, 117

Academy Award watermarks, 183

Acceptance of risk, 65

Acceptance testing, software, 337, 467–468

Accepted practices, customary law, 21

Access aggregation, 311–312

Access audits, 311–312

Access control, 55–58, 293–327

account lockouts, 296

administrative security, 348–352

architecture, 128–131

authentication methods, 294–309

Bell-LaPadula model, 106

Biba model, 107–108

biometrics, 304–308

centralized, 309

Chinese Wall model, 109

Clark–Wilson, 108–109

clipping levels, 295–296

contactless cards, 191, 262–263

content-/context-dependent, 323

credential management systems, 313

Data Loss Prevention, 367–368

decentralized, 309–310

defensive categories and types, 55–58

Diameter, 279–280, 319

discretionary, 321

endpoint security

exam objective summary, 323–324

Federated Identity Management, 312

Graham–Denning model, 111–112

Harrison–Ruzzo–Ullman model, 112

honeypots & honeynets, 370–371

Identity as a Service, 312–313

IDS and IPS, 364–366

information flow model, 109

integrity models, 106–109

KERBEROS, 314–318

lattice-based, 106–107

LDAP, 314

location-based, 309

log reviews, 333–335

mandatory, 128, 293, 321, 349

Microsoft Active Directory Domains, 320

models, 104–113, 321–323

modes of operation, 112–113

non-discretionary, 321–323

noninterference model, 109–110

PAP & CHAP, 278, 320

passwords and keys, 294–301

penetration testing, 44–45, 330–333

perimeter defenses, 183–196

preventative controls, 55–56

privilege, 104–105, 129–131, 321–323, 349

protocols and frameworks, 318–320

provisioning lifecycles, 311–312

RADIUS, 318–319

reading up and writing down, 104–105

role-based, 293, 321–323

rule-based, 323

salts, 300

security assessments and audits, 332–333

self test, 324–326, 499–504

SESAME, 318

Single Sign-On, 309, 310–311

TACACS & TACACS+, 319

Take-Grant Protection Model, 110

technologies, 309–320

tokens, 301–303

Zachman Framework, 111

Access Control Lists, See ACL

Access control matrices, 110–112

Access reviews, 311–312

Accountability

centralized access control, 309

cornerstone concepts, 16–17

OECD privacy guidelines, 37

RADIUS, 318–319

TACACS & TACACS+, 319

Account lockouts, 296

Accreditation, 92–93, 113–115

ACK flags, 238–239

ACL (Access Control Lists), 275

Acquired software, security impact assessment, 468–469

Acquisitions, security issues, 45–46

Activation of disaster recovery teams, 393

Active-active clusters, 382, 416

Active Directory Domains, 320

Active entities, subjects and objects, 18

Active-passive clusters, 382, 416

Active RFID tags, 262–263

ActiveX controls, 141, 460

Adaptive chosen ciphertext attacks, 173–174

Adaptive chosen plaintext attacks, 173

Addressing

ARP and RARP, 227, 235–236

directed broadcasts, 236

IPv4, 228–229, 233–234

IPv6, 227, 229–232

MAC, 223, 225, 227, 230–231, 261

Network Interface Cards, 227

RFC 1918, 233–234

translation, 234–235

Address Resolution Protocol, See ARP

Address space layout randomization, See ASLR

AddRoundKey, AES, 167

Ad hoc mode, 802, 11, 261

Adjacent buildings, 197–198

Administrative controls, 348–352

Administrative law, concepts, 23

ADSL (Asymmetric Digital Subscriber Line), properties, 283

Advanced Encryption Standard, See AES

AES (Advanced Encryption Standard), 165–168, 181, 262

Agents of law enforcement, reasonable searches, 28–29

Aggregation, databases, 143–144

Agile Software Development, 439–441

AH (Authentication Headers), IPSEC, 179–181

Airborne contaminants, 203

Air conditioning, See HVAC

ALE (Annualized Loss Expectancy), risk analysis, 60–64

Algorithms, genetic, 472

Allocated space, forensics, 353

All pair testing, 338

Alteration, cornerstone concepts, 13–14

ALU (arithmetic logic unit), 120

AMD-V (AMD Virtualization), 118

AMP (asymmetric multiprocessing), 122

Analog communications, 221

Analysis

Bayesian filtering, 471–472

forensics, 352–357

software tests, 339–340

Analytics, database security issues, 144

ANN (Artificial Neural Networks), 470–471

Annualized Loss Expectancy, See ALE

Annual Rate of Occurrence, See ARO

Anomaly Detection Intrusion Detection Systems, 366

Antivirus software, 139, 368–369

Apache licenses, 435–436

APIs (Application Programming Interfaces), security, 449

Applets, vulnerabilities, 141

Application Layer

Layer 7 of OSI model, 224, 274

TCP/IP model, 226, 241–245

Application-layer proxy firewalls, 274

Application Programming Interfaces, See APIs

Applications, See Software

Application virtualization, remote access, 284–285

Architecture

CPUs, 120–123

Data Execution Prevention, 126–127

instruction sets, 122–123

internet, vulnerabilities, 140–142

IPsec, 281–282

memory addressing, 123

memory protection, 123–126

motherboards, 119–120

networks, 220–263

secure operating systems and software, 127–131

secure system hardware, 119–127, 182

trusted platform modules, 126

Archive bits, backup storage, 378

ARCNET (Attached Resource Computer Network), 249

Arithmetic logic unit, See ALU

ARM (Asynchronous Response Mode), HDLC, 256

ARO (Annual Rate of Occurrence), risk analysis, 62

ARP (Address Resolution Protocol), 227, 235–236

ARPAnet, 222

Artificial Intelligence, 469–472

Artificial Neural Networks, See ANN

AS (Authentication servers), 279–280, 310–311

ASLR (Address Space Layout Randomization), 126–127

Assemblers, 430–431

Assessments

access control security, 332–334

disaster recovery, 393

Asset security, 81–102

business continuity planning, 398–399, 400

classifications, 82–85

compartments, 82–83

configuration, 371–373

data destruction, 90–92

data in motion and at rest, 96–98, 149, 277–287

data security controls, 92–98

exam objectives, 98

memory and remanence, 81, 87–91

ownership, 85–87

risk analysis, 58

security operations, 371–375

self test, 98–100, 484–489

sensitive information media, 84–85

Asset tracking, 199

Asset Value, See AV

Assignment of privileges, 17–18, 55–56

Asymmetric Digital Subscriber Line, See ADSL

Asymmetric encryption, 103, 168–170, 179

Asymmetric multiprocessing, See AMP

Asynchronous Balanced Mode, See ABM

Asynchronous dynamic tokens, 303

Asynchronous Response Mode, See ARM

Asynchronous Transfer Mode, See ATM

ATA Data Set Management Command, TRIM, 89–90

ATA Secure Erase, SSDs, 90

ATM (Asynchronous Transfer Mode), 255

Attached Resource Computer Network, See ARCNET

Attestation, service provider security, 44

Attributes, relational databases, 451

Attribute Value Pairs, See AVPs

Attribution, computer crimes, 31

Audits, security and access entitlements, 44–45, 311–312, 332

Authentication

802, 1X and EAP, 278–280

access control

methods, 294–309

technologies, 309–320

account lockouts, 296

biometrics, 304–308

brute-force attacks, 299–300

callback, 283

centralized access control, 309–311

clipping levels, 295–296

cryptography, 146–147

dictionary attacks, 297–299

hybrid attacks, 300

identities, 15–16

KERBEROS, 314–318

LDAP, 314

location-based access control, 309

management of passwords, 300–301

non-repudiation, 17, 146–147

PAP and CHAP, 278, 320

passwords and keys, 294–301

protocols and frameworks, 278–280

RADIUS, 318–319

salts, 300

SESAME, 318

TACACS & TACACS+, 319

tokens, 301–303

Authentication Headers, See AH

Authentication servers, See AS

Authenticators, EAP, 279

Authorization

centralized access control, 309

cornerstone concepts, 16–18

least privilege, 17–18, 349

Linux files, 16–17

need to know, 17–18, 84, 349

RADIUS, 318–319

TACACS & TACACS+, 319

Authorization creep, 311–312

Autoconfiguration, IPv6, 227, 229–232

Automated call trees, 410–411, 420

Autorun, disabling, 369–370

Availability

backups, 412–417

breaches, 84–85

cornerstone concepts, 11, 12–15

fault tolerance, 376–382

hardcopy records, 413–414

Highly Available clusters, 253–254, 382, 416

memory protection, 123–126

personnel, 391

software escrow, 416–417

WLANs, 259

AV (Asset Value), 61–64

Avoidance, risks, 66

AVPs (Attribute Value Pairs), RADIUS, 319

Awareness, training of personnel, 52, 419–420

Backdoors, 137, 463, 465–466

Background checks, 52–53, 352

Backup power, 388–389

emergency training, 419

generators, 197, 201, 419

redundant supplies, 382

UPSs, 197, 201, 388–389

Backup storage

archive bits, 378

availability, 412–417

databases, 456

fault tolerance, 376–381

hardcopy records, 413–414

offsite, 97–98

RAID, 378–381

sensitive information, 84–85

storage and transportation, 84, 97–98

tape rotation, 415

types of policies, 377–378, 414–415

Backward chaining, 469–470

“Bad” blocks/clusters/sectors, forensics, 354

Bands of the electromagnetic spectrum, 259

Bandwidth, packet-switched networks, 222

Baseband networks, concepts, 220

Baselining, 44, 51–52, 371–372

Basic Input Output System, See BIOS

Basic Rate Interface, See BRI

Bastion hosts, 274

Bayesian filtering, 471–472

BCI (Business Continuity Institute), Good Practice Guide, 423

BCP (Business Continuity Planning), 347, 348, 383–424

Business Impact Analysis, 399–403

call trees, 409–411, 420

change management, 420

continued maintenance, 420–421

Crisis Management Plans, 409–411

critical state assessment, 398–399

development of approach, 394–412

disasters or disruptive events, 385–392

Executive Succession Planning, 411–412

failure and recovery metrics, 401–403

frameworks, 421–423

mistakes, 421

plan approval, 412

principles, 383–384

project initiation, 395–398

project managers, 397

reciprocal agreements, 406–407

recovery strategy development, 403–407

related plans, 407–412

relationship with DRP, 384–385

scoping, 398

secondary sites, 405–407

subscription services, 407

team building, 397–398

version control, 421

vital records storage, 411

Becoming a CISSP, 4

Bell-LaPadula model of access control, 106

Berkeley Software Distribution, See BSD

Best evidence rule, 26

Best practice, 21, 24

BGP (Border Gateway Protocol), 271

BIA (Business Impact Analysis), 399–403

Biba model of access control, 107–108

Big Bang testing, 337

Binary images, 353

Biometrics, 304–308

BIOS (Basic Input Output System), 88–89, 125–126, 128

Birthday attacks, 175–176

Biting codes, keys, 188–189

Black box tests, 330, 336

Black hats, 69, 331

Block ciphers, 160

Block level striping, 380–381

Blowfish, 168

Bluetooth, WLANs, 262

Bollards, 184–185

Book ciphers, 154

Boot integrity, TPM, 126

BOOTP (Bootstrap Protocol), 135, 245

Boot sector viruses, 138

Border Gateway Protocol, See BGP

Botnets, 72

Bots, 72

Bottom-Up programming, 434

Bounds checking, 463–464

Breaches

availability, 84–85

confidentiality, 84

HIPAA, 54–55

integrity, 84–85

US notification laws, 43

Brewer–Nash, See Chinese Wall model

BRI (Basic Rate Interface), ISDN, 282

Bridges, networks, 263–264

Broadband networks, 220

Broadcast traffic, 236–237

BRP (Business Recovery Plans), 408, 412–417, See also BCP (Business Continuity Planning), DRP (Disaster Recovery Planning)

Brute-force attacks, 171–172, 190, 299–300

BS-25999 standards, 422–423

BSD (Berkeley Software Distribution), 435–436

Budgeting, risk analysis, 64–65

Buffer overflows, software development, 463–464

Buildings

adjacent and shared, 197–198

environmental controls, 200–211

evacuations, 204–205

fire suppression, 205–211

heat, smoke and flame detectors, 203–204

HVAC, 202–203

perimeter defenses, 183–196

site configuration and design, 197–199

site selection, 196–197

Burden of proof, 22–23

Buses, LANs, 250–251

Business Continuity Institute, See BCI

Business Continuity Planning, See BCP

Business Impact Analysis, See BIA

Business interruption testing, Disaster Recovery Plans, 419

Business Owners, information security, 85

Business Recovery Plans, See BRP

Business travel, 205

Bytecode, 431

Cable modems, 283

Cabling

EMI, 201–202

networks, 223, 245–248

thicknet/thinnet, 247, 248

UTP, 201–202, 220, 246–247

wiring closets, 198

Cache memory, 87–88

Caesar Cipher, 150–151

Calculation

ALE, 60–62

risks, 59–60

TCO, 62–63

California Senate Bill 1386, See SB 1386

Callback, authentication, 283

Caller ID services, 283–284

Call trees, 409–411, 420

Candidate Information Bulletin, See CIB

Candidate keys, relational databases, 451

Canons, the (ISC)^2® Code of Ethics, 47–48

Capability Maturity Model, See CMM

Capacitors, RAM, 88

Carbon dioxide, See CO₂

Carrier Sense Multiple Access, See CSMA

Carrier Sense Multiple Access with Collision Detection, See CSMA/CD

CAs (Certification Authorities), PKI, 178

CASE (Computer-Aided Software Engineering), 434

Categories of cabling, 246

CBC (Cipher Block Chaining), DES, 163

CBC-MAC (Cipher Block Chaining Message Authentication Codes), 177

CBK (Common Body of Knowledge), 2

CBT (Computer Based Testing), 5

CCB (Configuration Control Boards), 450

CCD (Charged Couple Discharge) Cameras, 185–186

CCMP (Counter Mode CBC MAC Protocol), 262

CCTV (Closed Circuit Television), 185–187

CDI (constrained data items), Clark–Wilson, 108

CDN (Content Distribution Networks), 287

CD-Rs (Compact Discs - Recordable), 92

Ceilings, design, 194–195

Centralized access control, 309–311

Centralized logging, reviews, 334–335

Central Processing Unit, See CPU

CEO (Chief Executive Officers), BCP/DRP development, 395–397

CER (Crossover Error Rate), biometrics, 293, 305–306

Certificate Revocation Lists, See CRL

Certification

Clark–Wilson, 108–109

data security, 92–93

system security, 113–115

Certification Authorities, See CAs

CFB (Cipher Feedback), DES, 163

CFO (Chief Financial Officers), BCP/DRP development, 395–397

Chain of custody, 27, 29, 297

Chaining, symmetric encryption, 161

Challenge-Handshake Authentication Protocol, See CHAP

Challenge-response tokens, 303

Change management, 373–375, 420, 449–450

Channels

broadband networks, 220

covert, 109–110

Channel Service Unit/Data Service Unit, See CSU/DSU

CHAP (Challenge-Handshake Authentication Protocol), 278, 320

Charged Couple Discharge cameras, See CCD cameras

Checklists

Disaster Recovery Plans, 418

exam readiness, 4

Chief Executive Officers, See CEO

Chief Financial Officers, See CFO

Chief Information Officers, See CIO

Chief Operating Officers, See COO

Chinese Wall model of access control, 109

Chosen ciphertext attacks, 173–174

Chosen plaintext attacks, 173

CIA triad (confidentiality, integrity and availability), 12–15

CIB (Candidate Information Bulletin), 2

CIDR (Classless Inter-Domain Routing), 231, 232–233

CIO (Chief Information Officers), BCP/DRP development, 395–397

Cipher Block Chaining, See CBC

Cipher Block Chaining Message Authentication Codes, See CBC-MAC

Cipher disks, 151–153

Cipher Feedback, See CFB

Ciphers

AES, 165–168, 181, 262

Bluetooth, 262

definition, 146

DES, 161–165, 181

hash functions, 103, 170–171, 176–178, 181, 296–300

historical, 150–159

IDEA, 165

monoalphabetic, 148, 150–151

polyalphabetic, 148, 151–153

WEP, 261

Ciphertext

attacks, 173–174

definition, 146

Circuit-level proxy firewalls, 274

Circuit-switched networks, 221

Circumstantial evidence, 25

CIRT (Computer Incident Response Teams), 19, 358

CISC (Complex Instruction Set Computers), 122–123

CIS security benchmarks, 64–65

Civil law, 20, 22–23

Clark–Wilson integrity model, 108–109

Classes of fires and suppression agents, 205–207

Classes of gates, 184

Classful networks/addresses, 232

Class I/II/III/IV gates, 184

Classifications, data security, 82–85

Classless Inter-Domain Routing, See CIDR

Clearance, 83

C-level management, 395–397, 411–412

Client-side attacks, 140

Clipper Chips, 182

Clipping levels, passwords, 295–296

Closed Circuit Television, See CCTV

Closed source software, 435

Closed systems, design concepts, 119

Cloud services, 132–134, 312–313

CMM (Capability Maturity Model), 430, 462, 466–467

CMP (Crisis Management Plans), 409–411

CM Plans (Configuration Management Plans), 450

CMS (Content Management Systems), 449–450

Coaxial cable, 202, 247

COBIT (Control Objectives for Information and Related Technology) framework, 95

CO₂ (Carbon Dioxide), fire suppression, 208

CoCom (The Coordinating Committee for Multilateral Export Controls), 39, 160

Codebooks, 154–155

Cohesion, Object-Orientated Programming, 458–459

Cold boot attacks, 88

Cold sites, 406

Collection limitation principle, 37

Collisions

Ethernet, 248–249

hash functions, 170–171

Collusion, 347

Color of law enforcement, 28–29

Combination locks, 190

Combinatorial testing of software, 338

COM (Component Object Model), 460

Commandments of Computer Ethics, 48

Commercial Off-the-Shelf software, See COTS

Commit, databases, 455

Common Body of Knowledge, See CBK

the Common Criteria, See International Common Criteria

Common law, 21

Common Object Request Broker Architecture, See CORBA

Communications, 277–287

analog, 221

authentication protocols and frameworks, 278–280

Content Distribution Networks, 287

continuity of operations, 404–405

covert channels, 109–110

Crisis Management Plans, 409–411

digital fundamentals, 220–221

disaster recovery, 393

exam objectives summary, 287–288

failures, 391–392

IRC, 285

multiplexing, 260

remote access, 282–287

remote meeting technology, 286

remote wipe, 286

risk assessment, 394

security, 277–288

self-tests, 288–290, 494–499

telecommunications management, 404–405

telecommuting, 282–287

unlicensed bands, 259

VPN, 280–282

Compact Discs - Recordable, See CD-Rs

Compartmentalization

information security, 82–83

security domains, 113, 117

United States, 82–83

Compensating controls, concepts, 57

Compensatory financial damages, 23

Compilers, 431

Complete business interruption testing, 419

Complex Instruction Set Computers, See CISC

Complexity

abstraction, 117

passwords and passphrases, 295

Compliance, 20–23

Component Object Model, See COM

Components, program policies, 49–50

Computer-Aided Software Engineering, See CASE

Computer based testing, See CBT

Computer bus, design, 119–120

Computer crime, See Cybercrimes; Individual forms of attacks...

Computer Ethics Institute, 48

Computer Fraud and Abuse Act - Title 18 Section 1030, 40, 41–42

Computer Incident Response Teams, See CIRT

Computer Security Incident Response Teams, See CSIRT

Computer viruses, 137–138

Conficker worm, 58–59, 139

Confidentiality

breaches, 84

code repository history, 448

cornerstone concepts, 12–15

cryptography, 146–147

databases, 451

definition, 11

HIPAA, 14, 40, 42–43, 54–55, 97

memory protection, 123–126

penetration testing, 331–332

privacy laws, 36–38

trusted platform modules, 126

Confidential object labeling, 82

Configuration Control Boards, See CCB

Configuration issues

change management, 449–450

security operations, 371–373

site design, 197–199

Configuration Management Plans, See CM Plans

Conflicts of interest, Chinese Wall model, 109

Confusion, cryptography, 147

Congestion Window Reduced flags, See CWR

Connections, maintenance, OSI model, 224

Consistency testing, 418

Constrained data items, See CDI

Constrained user interfaces, databases, 453

Consultants, security issues, 53–54

Contactless cards, access control, 191, 262–263

Containment phase, incident responses, 361

Contaminants, airborne, 203

Content-dependent access control, 323

Content Distribution Networks, See CDN

Content Management Systems, See CMS

Context-dependent access control, 323

Continuity of operations

backup storage, 84–86, 97–98, 376–381, 412–417, 456

BS-25999 standards, 422–423

Business Continuity Planning, 383–424

Business Impact Analysis, 399–403

call trees, 409–411, 420

change management, 420

continued maintenance, 420–421

COOP, 407–408

critical resources, 385

critical state assessment, 398–399

Disaster Recovery Planning, 383–424

disasters or disruptive events, 385–392

Executive Succession Planning, 411–412

failure and recovery metrics, 401–403

fault tolerance, 376–382

frameworks, 421–423

Good Practice Guide, 423

Highly Available clusters, 382, 416

incident response management, 357–363

ISO 22301 guidelines, 422–423

ISO/IEC-27031 guidelines, 422–423

mobile sites, 407

NIST SP, 800-34, 422

plan approval, 412

principles, 383–384

project initiation, 395–398

reciprocal agreements, 406–407

recovery strategy development, 403–407

secondary sites, 405–407

security operations, 375–424

Service Level Agreements, 44, 375–376

subscription services, 407

supply chain management, 403–404

system redundancy, 382, 405–406

telecommunications management, 404–405

utilities management, 405

version control, 421

vital records storage, 411

Continuity of Operations Plans, See COOP

Continuity Planning Project Teams, See CPPT

Continuity of Support Plans, 408

Continuous monitoring, security operations, 367

Contraband checks, 193

Contractors, security issues, 53–54

Contractual security, service providers, 44–45

Control of access, 293–327, See also Access control

Control frameworks

databases, 144

data security, 93–96

Control Objectives for Information and Related Technology framework, See COBIT framework

Control technologies, access management, 309–320

Control unit, See CU

Convention on Cybercrime, 38

Converged protocols, networks, 256–258

Convergence, routing, 268

COO (Chief Operating Officers), BCP/DRP development, 395–397

COOP (Continuity of Operations Plans), 347, 384–385, 407–408

The Coordinating Committee for Multilateral Export Controls, See CoCom

CORBA (Common Object Request Broker Architecture), 460–461

Core keys, 188–190

Cornerstone concepts

confidentiality, integrity and availability, 12–15

cryptography, 146–150

disclosure, alteration and destruction, 13–14

identity and authentication, authorization and accountability, 15–18

Object-Orientated Programming, 457–458

security, 12–19

Corrective controls, 56

Corroborative evidence, 25–26

Corrosion, environmental control, 203

Cosmic compartmented information, NATO, 83

Cost approach to asset valuation, 61

COTS (Commercial Off-the-Shelf) software, security impacts, 468–469

Council of Europe Convention on Cybercrime, 38

Count-down timers, gas fire suppression systems, 209

Counter-based synchronous dynamic tokens, 303

Countermeasures

mobile device attacks, 145–146

security engineering, 145–146

Counter Mode, See CTR

Counter Mode CBC MAC Protocol, See CCMP

Coupling, Object-Orientated Programming, 458–459

Covert channels, 109–110, 136–137

CPPT (Continuity Planning Project Teams), 397–398

CPUs (Central Processing Units)

architecture, 120–123

cache, 87–88

FDX process, 121

instruction sets, 122–123

interrupts, 121

machine code, 430–431

memory addressing, 123

multitasking and multiprocessing, 122

pipelining, 121

processes and threads, 121–122

rings, 117–118

watchdog timers, 122

Crackers, 69

Cracking passwords, 296–300

Crashes, watchdog timers, 122

Credential management systems, 313

Credentials, KERBEROS, 315–318

Crime, site selection, 197

Criminal law, 22

Crippleware, 435

Crisis Communications Plans, 409

Crisis Management Plans, See CMP

Critical assets

BCP/DRP development, 398–399, 400

Business Impact Analysis, 400

vital records storage, 411

Critical processes, watchdog timers, 122

Critical resources

Business Continuity Planning, 385

disaster recovery, 393

Critical state assessment, BCP/DRP development, 398–399, 400

CRL (Certificate Revocation Lists), PKI, 178

Crossover, Genetic Algorithms, 472

Crossover Error Rate, See CER

Cross-Site Request Forgery, See CSRF, XSRF

Cross-Site Scripting, See XSS

Crosstalk, 201–202

Cryptanalysis, 146, 171–176, 299–300

Cryptographic strength, 148

Cryptographic technologies

data in motion, 96–97, 149, 277–282

import/export restrictions, 39

trusted platform modules, 126

Cryptography

AES, 165–168, 181, 262

asymmetric encryption, 168–170

attacks, 171–176

confidentiality, integrity, authentication and non-repudiation, 146–147

confusion, diffusion, substitution and permutation, 147

cornerstone concepts, 146–150

data at rest and in motion, 96–97, 149, 277–282

DES, 161–165, 181

digital signatures, 176–177

Digital Watermarks, 183

escrowed encryption, 181–182

hash functions, 103, 170–171, 176–178, 181, 296–300

historical ciphers, 150–159

history, 150–160

IDEA, 165

implementation, 176–183

IPSEC, 179–181

key terms, 146

laws, 159–160

MAC, 177–178

modular maths, 148

monoalphabetic ciphers, 148, 150–151

PGP, 181

PKI, 178–179, 181

polyalphabetic ciphers, 148, 151–153

prime number factoring, 168–169

protocol governance, 149–150

security engineering, 146–183

SSL and TLS, 179, 280, 282, 286

steganography, 182–183

strength, 147

symmetric encryption, 160–168

types, 160–171

WEP, 261

XOR, 149, See also Cryptanalysis

Cryptology

definition, 146, See also Cryptanalysis, Cryptography

CSIRT (Computer Security Incident Response Teams), 358

CSMA (Carrier Sense Multiple Access), 219, 248–249

CSMA/CD (Carrier Sense Multiple Access with Collision Detection), 249

CSRF (Cross-Site Request Forgery), 465

CSU/DSU (Channel Service Unit/Data Service Unit), 277

CTR (Counter Mode), DES, 163

CU (control unit), CPUs, 120

Custodians, information security, 86

Customary law, 21, 24

Custom-developed third party products, security impacts, 469

CWR (Congestion Window Reduced) flags, 238

Cybercrimes

attribution, 31, 38

evidence integrity, 27, 29, 297

financially motivated attackers, 390

honeypots & honeynets, 370–371

international cooperation, 38, See also Hackers; Individual forms of attacks..., Vulnerabilities

Cyber Incident Response Plans, 409

Cybersquatting, 35–36

DAC (Discretionary Access Control), 293, 321, 349

DAD triad (disclosure, alteration and destruction), 13–14

DARPA (Defense Advanced Research Projects Agency), 221–222

Data

analytics, 144–145

breach notification laws, 43

destruction, 90–92

differential backups, 377–378, 414–415

exfiltration prevention, 193

fault tolerance, 376–382

full backups, 377, 414

Full-Disk Encryption, 96–97, 126, 149, 370

hardcopy records, 413–414

incremental backups, 377, 414

labels, 82

overwriting, 91

ownership, 85–87

privacy, 36–38

remanence, 81, 87–89, 91

remote wipe, 286

retention, 357

security classifications, 82–85

SSD writing method, 90

subjects and objects, 18

trans-border flows, 38, 39, See also Integrity, Objects

Database Administrators, See DBAs

Database Management System, See DBMS

Databases

backups, 456

confidentiality, 451

constrained user interfaces, 453

development, 450–456

hierarchical, 451, 454–455

inference and aggregation, 143–144, 451

integrity, 455

journals, 455

meta-data, 453

mining, 144, 456

normalization, 453

object-orientated, 451, 455

polyinstantiation, 143

query languages, 451, 453–454

relational, 451–453

remote journaling, 415

replication and shadowing, 415, 455–456

security engineering, 142–145

types, 451–455

views, 453

warehousing, 456

Database schemas, 453

Data centers, environmental and power issues, 388–389

Data Circuit-Terminating Equipment, See DCE

Data collection limitations, 86–87

Data controllers, 86

Data Define Language, See DDL

Data dictionaries, 453

Data Encryption Algorithm, See DEA

Data Encryption Standard, See DES

Data Execution Prevention, See DEP

Data hiding, See Encapsulation

Data integrity, See Integrity

Data Link Layer (Layer 2), 223, 236–237, 263–266

Data Loss Prevention, See DLP

Data Manipulation Language, See DML

Data mining, 144, 456

Data in motion, 96, 277–287

authentication protocols and frameworks, 278–280

protection, 98, 149, 277–283

remote access, 282–287

VPN, 280–282

Data Owners, 85–86

Data points, fingerprint scans, 305

Data Processors, 86

Data Quality principles, 37

Data remanence, See Remanence

Data at rest, 96–97, 149

Data security controls, 92–98

accreditation and certification, 92–93

in motion and at rest, 96–98, 149, 277–287

scoping and tailoring, 96

standards and frameworks, 93–96

Data Service Unit, See DSU

Data Terminal Equipment, See DTE

Data Terminal Equipment/Data Circuit-Terminating Equipment, See DTE/DCE

Data warehousing, 456

DBAs (Database Administrators), 451

DBMS (Database Management System), 450–451, 455–456

DC (Domain Controllers), 296

DCE (Data Circuit-Terminating Equipment), 277

DCOM (Distributed Component Object Model), 460

DDL (Data Define Language), 453–454

DDoS (Distributed Denial of Service) attacks, 72

De-acquisitions, security issues, 46

DEA (Data Encryption Algorithm)

AES, 165–168, 181, 262

DES, 161–165

IDEA, 165

Deadbolts, 188–189

Decentralized access control, 309–310

Declaration on Transborder Data Flows, 39

Decode instructions, CPUs, 121

Decryption

definition, 146, See also Cryptanalysis, Cryptography

Dedicated mode of operation, 112

Default routes, LANs, 267

Defense Advanced Research Projects Agency, See DARPA

Defense-in-Depth, 19, 145

asset tracking, 199

contraband checks, 193

dogs, 195–196

EAP, 279–280

guards, 195

honeypots & honeynets, 370–371

media destruction, 92

networks, 220, 271–277

perimeter defenses, 183–196

port controls, 199–200

restricted areas and escorts, 196

server-side attacks, 139–140

system defenses, 199–200

Defensive categories, access control, 55–58

Defined, CMM Phase, 3, 467

Degaussing, 89, 91

Deletion of files, remanence, 91

Deluge sprinkler systems, 211

Demarc, 277

De-mergers, security issues, 46

Demilitarized Zone, See DMZ

De-multiplexing, TCP/IP model, 226

Denial of Service attacks, See DoS

Density, data centers, 388–389

DEP (Data Execution Prevention), 126–127

Deployment of patches, 372

Depth of field, CCTV, 185–186

DES (Data Encryption Standard), 161–165, 181

Design concepts

abstraction, 117

cloud computing, 132–134

countermeasures, 145–146

CPUs, 120–123

databases, 142–145

Data Execution Prevention, 126–127

large-scale parallel data systems, 134

layering, 116–118

memory protection, 123–126

motherboards, 119–120

networks, 220–263

open and closed systems, 119

P2P networks, 134–135

ring model, 117–118

secure hardware architecture, 119–127

secure operating system and software architecture, 127–131

secure systems, 116–119

thin clients, 135

trusted platform modules, 126

virtualization, 131–132

WORM storage, 126

Desktop virtualization, 284–285

Destruction

cornerstone concepts, 13–14

data, 90–92

Detection phase, incident responses, 360

Detective controls, 56, 57, 363–371

Anomaly Detection IDS, 366

HIDS, 365

NIDS, 364–365

Pattern Matching IDS, 366

Protocol Behavior IDS, 366

Deterrent controls, concepts, 56–57, 58

Development

software, 429–477

acceptance testing, 467–468

Agile methods, 439–441

APIs, 449

Artificial Intelligence, 469–472

Capability Maturity Model, 430, 462, 466–467

code repositories, 448

databases, 450–456

exam objectives summary, 473

Extreme Programming, 429, 441

Genetic Algorithms, 472

methods, 436–450

Object-Orientated Analysis and Design, 461–462

Object-Orientated Programming, 456–461

programming concepts, 430–436

prototyping, 442–443

Rapid Application Development, 442

Sashimi Model, 438–440

Scrum, 440–441

security effectiveness, 462–469

self test, 473–475, 515–520

Spiral Model, 429, 441–442

Systems Development Life Cycle, 429, 443–447

vulnerabilities, 462–466

Waterfall Model, 429, 436–439

Device drivers, ring model, 118

DevOps, 450

DF (do not fragment) flags, IPv4, 229

DHCP (Dynamic Host Configuration Protocol), 135, 231, 245

Diameter, 279–280, 319

Dictionary attacks, 297–299

Differential backups, 377–378, 414–415

Differential cryptanalysis, 174–175

Diffie–Hellman Key Agreement Protocol, 169

Diffusion, cryptography, 147

Digital communications, fundamental concepts, 221

Digital forensics, security operations, 352–357

Digital signatures, cryptography, 176–177

Digital Subscriber Line, See DSL

Digital Video Recorders, See DVR

Digital Watermarks, implementation, 183

Diligence

concepts, 19, See also Due diligence

Dilution of trademarks, 35

Directed broadcast addresses, 236

Direct evidence, concept, 25

Direct mode, memory addressing, 123

Directory Path Traversal, 463

Direct Sequence Spread Spectrum, See DSSS

Disabling

autorun, 369–370

IPv6 services, 232–233

Disassemblers, 431

Disaster, definition, 347

Disaster Recovery Planning, See DRP

Disasters

Business Impact Analysis, 399–403

environmental, 386–387, 388–389

human, 386–387

natural, 386–388

Disciplinary processes, 17, 53

Disclosure

cornerstone concepts, 13–14

software vulnerabilities, 466

Disclosure, Alteration and Destruction, See DAD triad

Discrete logarithms, asymmetric encryption, 169

Discretionary Access Control, See DAC

Disease, personnel shortages, 390–391

Diskless workstations, principles, 135

Disks

ciphers, 151–153

degaussing, 91

encryption, 96–97

forensic analysis, 353–355

Full-Disk Encryption, 96–97, 126, 149, 370

hashing for authenticity validation, 297

RAID, 378–381

reformatting, 91

remanence, 81, 87–89, 91

SSDs, 81, 89–90, See also Media

Disruptive events

Business Impact Analysis, 399–403

communications failures, 391–392

disaster classifications, 386–387

electrical/power problems, 388–389

environmental failures, 388–389

errors and omissions, 387

financially motivated attackers, 390

natural disasters, 386–388

personnel shortages, 390–391

types, 385–392

warfare, terrorism and sabotage, 389

Distance Vector Routing Protocols, 269–271

Distributed access control, See Decentralized access control

Distributed Component Object Model, See DCOM

Distributed Denial of Service attacks, See DDoS

Distributed Network Protocol, See DNP3

Divestitures, security, 46

DLP (Data Loss Prevention), 367–368

DML (Data Manipulation Language), 453–454

DMZ (Demilitarized Zone), 276

DNP3 (Distributed Network Protocol), 256

DNS (Domain Name System), 244

DNSSEC (Domain Name Server Security Extensions), 244

Documentation, security policies, 49–52

DoD (U.S. Department of Defense), 221

Dogs as a defense, 195–196

Domain, 1, 11–80, See also Risk management, Security

Domain, 2, 81–102, See also Asset Security

Domain, 3, 103–217, See also Security engineering

Domain, 4, 219–293, See also Communications, Networks

Domain, 5, 293–327, See also IAM (Identity and Access Management)

Domain, 6, 329–345, See also Security assessment and testing

Domain, 7, 347–428, See also Security operations

Domain, 8, 429–477, See also Software, development

Domain Controllers, See DC

Domain Name Server Security Extensions, See DNSSEC

Domain Name System, See DNS

Domains, security, 117

Do not fragment flags, See DF

Doors, security, 194

DoS (Denial of Service) attacks, 14, 72, 259

Double-interlock sprinkler systems, 211

Drag & drop questions, 5–7

Drains, HVAC, 202

DRAM (Dynamic Random Access Memory), 88

Drills

Disaster Recovery Plans, 418

evacuations, 204–205

Drives, See Disks, Media

DRP (Disaster Recovery Planning), 348, 383–424

awareness, 420

backup availability, 412–417

Business Impact Analysis, 399–403

call trees, 409–411, 420

change management, 420

continued maintenance, 420–421

Crisis Management Plans, 409–411

critical state assessment, 398–399

development of approach, 394–412

Executive Succession Planning, 411–412

failure and recovery metrics, 401–403

frameworks, 421–423

mistakes, 421

plan approval, 412

principles, 384

process instantiation, 392–393

project initiation, 395–398

reciprocal agreements, 406–407

related plans, 407–412

relationship with BCP, 384–385

reviews, 417–418

scoping, 398

secondary sites, 405–407

strategy development, 403–407

subscription services, 407

team building, 397–398

testing, 417–419

training, 419–420

version control, 421

vital records storage, 411

Dry pipe sprinkler systems, 210–211

Dry powder, fire suppression, 208

DSL (Digital Subscriber Line), properties, 283

DSSS (Direct Sequence Spread Spectrum), WLANs, 259–260

DSU (Data Service Unit), 277

DTE (Data Terminal Equipment), 277

DTE/DCE (Data Terminal Equipment/Data Circuit-Terminating Equipment), 277

Dual-factor authentication, See Strong authentication

Dual-homed hosts, 275

Dual stack systems, TCP/IP, 231

Due care, 19, 24

Due diligence, 19, 24, 45–46

Dumpster diving, 90–91, 92

Duress warning systems, 204–205

Duties

rotation, 350–351

separation, 108–109, 349–350

DVR (Digital Video Recorders), 185

Dynamic Host Configuration Protocol, See DHCP

Dynamic NAT, 234–235

Dynamic passwords, 295

Dynamic Random Access Memory, See DRAM

Dynamic signatures, 308

Dynamic testing of software, 335–336

E1/E3 circuits, 254

EAL (Evaluation Assurance Levels), ICC, 116

EAP (Extensible Authorization Protocol), 278–280

EAP-FAST (EAP-Flexible Authentication via Secure Tunneling), 280

EAP-MD5, 280

EAPOL (EAP Over LAN), 279

EAP-TLS (EAP-Transport Layer Security), 280

EAP-TTLS (EAP-Tunneled Transport Layer Security), 280

Earthquake Disaster Risk Index, 59–60

ECB (Electronic Code Book), DES, 161–162

ECE (Explicit Congestion Notification Echo) flags, 238

Echo Replies, ping, 240

ECPA (Electronic Communications Privacy Act), 40

EDE (Encrypt, Decrypt, Encrypt), Triple DES, 164

eDISCOVERY (Electronic Discovery), 357

EEPROM (Electronically Erasable Programmable Read Only Memory), 88–90

EER (Equal Error Rates), biometrics, 305–306

EES (Escrowed Encryption Standard), 182

EF (Exposure Factors), risk analysis, 62, 63

EGPs (Exterior Gateway Protocols), 268–269

Egyptian Hieroglyphics, 150

Electricity

disruptive events, 388–389

emergency power training, 419

environmental controls, 200–202

faults, 200, 388–389

generators, 197, 201, 419

redundant supplies, 38

UPSs, 197, 201, 388–389

Electromagnetic emanations, See Emanations

Electromagnetic Interference, See EMI

Electromagnetic spectrum, bands, 259

Electronically Erasable Programmable Read Only Memory, See EEPROM

Electronically stored information, See ESI

Electronic backups, See Backup storage

Electronic Code Book, See ECB

Electronic Communications Privacy Act, See ECPA

Electronic Discovery, See eDISCOVERY

Electronic Protected Health Information, See ePHI

Electronic vaulting, 415

Elliptic Curve Cryptography, 169

Emanations, 136

Embedded device forensic analysis, 356–357

Emergency Operations Centers, See EOC

Emergency power

technology, 197, 201, 388–389

training requirements, 419

EMI (Electromagnetic Interference), 201–202, 245–246, 263

Employees

background checks, 52–53

disaster recovery training and awareness, 419–420

disciplinary processes, 17, 53

Encapsulating Security Payload, See ESP

Encapsulation

Object-Orientated Programming, 457

TCP/IP model, 226

Encrypt, Decrypt, Encrypt, See EDE

Encryption

AES, 165–168, 181, 262

asymmetric, 103, 168–170

cold boot attacks, 88

cornerstone concepts, 146–150

definition, 146

DES, 161–165, 181

digital signatures, 176–177

Digital Watermarks, 183

disks, security operations, 370

drives and tapes, 96–97

escrowed, 181–182

hash functions, 103, 170–171, 176–178, 181, 296–300

IDEA, 165

IPSEC, 179–181

Message Authentication Codes, 177–178

PGP, 181

PKI, 178–179

prime number factoring, 168–169

security engineering, 146–183

SSL and TLS, 179, 280, 282, 286

steganography, 182–183

symmetric, 104, 160–168

trusted platform modules, 126

WEP, 261, See also Cryptography

Encryption order, triple DES, 164–165

Endpoint security, 368–370

End-to-end encryption, 98

End-user license agreements, See EULA

Enforcement

accountability, 16–17

Clark–Wilson, 108–109

Engineering, security, See Security engineering

English letters, frequency, 148

Enigma Machines, 157

Enrollment, biometrics, 304

Enterprise Architecture, 111, 126

Enticement, concepts, 30

Entitlements, 311–312, See also Authorization

Entity integrity, relational databases, 452

Entrapment, 30

Environmental controls

electricity, 200–202

heat, smoke and flame detectors, 203–204

HVAC, 202–203, 386–387

personnel safety, training and awareness, 204–205

Environmental disasters, types, 386–387

EOC (Emergency Operations Centers), 411

Ephemeral ports, TCP, 237–238

ePHI (Electronic Protected Health Information), 97

EPROM (Erasable Programmable Read Only Memory), 88–89

Equal Error Rates, See EER

Eradication phase, incident response management, 361

Erasable Programmable Read Only Memory, See EPROM

Errors

human, 387

software development, 462–463

Escorts, restricted areas, 196

Escrow, software, 416–417, 447

Escrowed encryption, implementation, 181–182

Escrowed Encryption Standard, See EES

ESI (electronically stored information), eDISCOVERY, 357

ESP (Encapsulating Security Payload), IPsec, 179–181, 281–282

Ethernet

CSMA, 219, 248–249

FCoE, 256–257

OSI model, 223

types, 248

Ethics, 46–49, 69

EU (European Union)

Convention on Cybercrime, 38

data privacy laws, 36–38

Data Protection Directive, 36–38

EU–US Safe Harbor Agreement, 38

ITSEC, 114–115

EUI-64 (Extended Unique Identifiers), 227

EULA (end-user license agreements), 34, 435

European Union, See EU

Evacuations, 204–205

Evaluation, real-world system security, 113–115

Evaluation Assurance Levels, See EAL

Events

disasters and disruptive, 385–392, See also BCP, DRP

Evidence

burden of proof, 22–23

chain of custody, 27, 29

concepts, 25–27

integrity, 27, 29, 297

preponderance, 23

reasonable searches, 27–30

Examinations

after, 9

computer based testing, 5

drag & drop questions, 5–7

hotspot questions, 6–8

multiple-choice questions, 5

practice tests, 3

preparation, 2–4

retakes, 9

scenario questions, 5

self tests

access control, 324–326, 499–504

asset security, 98–100, 484–489

communications, 288–290, 494–499

Identity and Access Management, 324–326, 499–504

network design, 288–290, 494–499

security assessment and testing, 340–344, 504–510

security engineering, 212–215, 489–494

security operations, 424–426, 510–515

security and risk management, 74–78, 479–484

software development, 473–475, 515–520

taking the test, 4–9

three pass method, 9

two pass method, 8–9

Exclusive Or, See XOR

Execute functions, CPUs, 121

Executive Succession Planning, 411–412

Exfiltration prevention, 193

Exigent circumstances, reasonable searches, 27–30

Expert systems, 469–470

Explicit Congestion Notification Echo flags, See ECE

Exposure Factors, See EF

Extended Unique Identifiers, See EUI-64

Extensible Authorization Protocol, See EAP

Extensible Authorization Protocol-Flexible Authentication via Secure Tunneling, See EAP-FAST

Extensible Authorization Protocol Over LAN, See EAPOLEAP

Extensible Authorization Protocol-Transport Layer Security, See EAP-TLS

Extensible Authorization Protocol-Tunneled Transport Layer Security, See EAP-TTLS

Extensible Markup Language, See XML

Extensions, copyright terms, 33

Exterior Gateway Protocols, See EGPs

External auditors, access control security, 333

Extranets, fundamental concepts, 221

Extreme Programming, See XP

Facial scans, 308

Factoring prime numbers, encryption, 168–169

Failover clusters, 382

Failure metrics, 401–403

Failures in communications, 391–392

Fairness, biometrics, 304

Fair use limitations, copyright, 34

False Accept Rate, See FAR

False negative/positive events, 363–364

False Reject Rate, See FRR

Faraday Cages, 263

FAR (False Accept Rate), biometrics, 293, 305–306

FAT (File Allocation Table), remanence, 91

Faults, electrical, 200

Fault tolerance, 376–382

archive bits, 378

availability of backups, 412–417

backup storage, 376–381, 412–417

RAID, 378–381

star topology, 253

system redundancy, 382, 405–406

FCIP (Fibre Channel over IP), 257

FCoE (Fibre Channel over Ethernet), 256–257

FDDI (Fiber Distributed Data Interface), 249–250

FDE (Full-Disk Encryption), 96–97, 126, 149, 370

FDX (Fetch, Decode, Execute) instruction, 121

Federated Identity Management, See FIdM

Feedback, symmetric encryption, 161

Fences, 183

Fetch, Decode, Execute instruction, See FDX

Fgdump application, 296

FHSS (Frequency Hopping Spread Spectrum), WLANs, 259–260

Fiber Distributed Data Interface, See FDDI

Fiber optic cable, 202, 248

Fibre Channel over Ethernet, See FCoE

Fibre Channel over IP, See FCIP

FIdM (Federated Identity Management), 312

Field-programmable devices, 89

Field of view, CCTV, 185

FIFO (First In First Out) tape rotation, 415

File Allocation Table, See FAT

File authorizations

least privilege, 17–18, 349

Linux, 16–17

need to know, 17–18, 84, 349

File Transfer Protocol, See FTP

Filtering air, 203

Financial damages, common types, 23

Financially motivated attacks, 390

FIN flags, 238–239

Fingerprint scans, 305, 306–307

Fires

ABCDK types, 205–207

classes, 205–207

detectors, 203–204

portable extinguishers, 211

suppression, 205–211

Firewalls, 271–277

bastion hosts, 274

client-side attacks, 140

dual-homed hosts, 275

fundamental designs, 274–276

packet filters, 219, 271–272

proxy, 272–274

screened host architecture, 275–276

stateful, 219, 272–273

Firmware, remanence, 88–89

First In First Out, See FIFO

First sale doctrine, 34

Fitness functions, Genetic Algorithms, 472

Flags, 229, 238–239

Flame detectors, 204

Flash memory, remanence, 89

Flip-flops, RAM, 88

Floors, design, 194–195

Foot-candles, 185

Forced vacations, 351

Foreign keys, relational databases, 452

Forensics, 352–357

eDISCOVERY, 357

embedded devices, 356–357

media analysis, 353–355

network analysis, 356

software analysis, 356

Formal access approval, 83

For Official Use Only, See FOUO

FOUO (For Official Use Only), 82

Fourth Amendment, 27–30

Fourth-generation programming languages, See 4GL

Fragmentation, IPv4 packets, 228–229

Frame Relay, 254–255

Frameworks

access control, 318–320

data security controls, 93–96

secure communications, 278–280

Free software, 435

Freeware, 435

Frequency of English letters, 148

Frequency Hopping Spread Spectrum, See FHSS

FRR (False Reject Rate), biometrics, 293, 305–306

FTP (File Transfer Protocol), 242–243

Full backups, 377, 414

Full disclosure of software vulnerabilities, 466

Full Disk Encryption, See FDE

Full-duplex communication, 220

Full-knowledge tests, penetration testing, 330

Fuzzing, 337–338

GANs (Global Area Networks), 221

Garbage collection, SSDs, 89

Gas-based systems for fire suppression, 208–209

Gates, 184

Gateway-to-gateway architecture, 281

Generators, 197, 201, 419

Generic Routing Encapsulation, See GRE

Genetic Algorithms/Programming, 472

GFS (Grandfather-Father-Son) tape rotation, 415

GIF (Graphics Interchange Format), 224

GIG (Global Information Grid), 221

GLBA (Gramm–Leach–Bliley Act), 40

GLB (Greatest Lower Bound), 106–107

Global Area Networks, See GANs

Global Information Grid, See GIG

GNU Public License, See GPL

Good Practice Guide, See GPG

Governance

cryptography protocols, 149–150

security, 45, 49–55

vendors, 45

GPG (Good Practice Guide), 423

GPL (GNU Public License), 435–436

GPUs (Graphical Processing Units), 299

Graham–Denning model, 111–112

Gramm–Leach–Bliley Act, See GLBA

Grandfather-Father-Son, See GFS

Graphical Processing Units, See GPUs

Graphical remote access, 285

Graphics Interchange Format, See GIF

Gray hats, 69

Greatest Lower Bound, See GLB

GRE (Generic Routing Encapsulation), PPTP, 281

Grid computing, principles, 134

Gross negligence, concepts, 19

Guards, perimeter defenses, 195

Guidelines

policies, 51, 52

privacy in OECD countries, 37

Hackers/hacking, 68–69, 71–72

APIs, 449

dictionary attacks, 297–299

financially motivated, 390

honeypots & honeynets, 370–371

Metasploit Framework, 69–70, 296, 354–355

phreaking, 90–91

pushbutton locks, 190

rainbow tables, 172–173, 299–300

Hacktivists, 71–72

HA (Highly Available) clusters, 253–254, 382, 416, 455

Half-duplex communication, concept, 220

Halon and substitutes, 209

Hand geometry, implementation, 307

Handheld Device Markup Language, See HDML

Handling

backup storage, 84

sensitive media, 84

Handshakes, TCP, 238–239

Hangs, watchdog timers, 122

Hard-coded credentials, software, 463, 465–466

Hardcopy data, 92, 413–414

Hardware

redundancy, 382, 405–406

secure architecture, 119–127, 182

segmentation, 124

standards policies, 51, See also Networks, Physical Layer (Layer 1), Security Engineering

Harrison–Ruzzo–Ullman model, See HRU

Hashed Message Authentication Codes, See HMAC

Hash functions, 103, 170–171, 176–178, 181, 296–300

Hash of Variable Length, See HAVAL

HAVAL (Hash of Variable Length), cryptography, 171

HDLC (High-Level Data Link Control), 256

HDML (Handheld Device Markup Language), 286–287

HDSL (High-data-rate Digital Subscriber Line), properties, 283

Headers

encapsulation, 226

IPv4 packets, 228

IPv6, 229–230

TCP, 237

UDP, 239

Health Insurance Portability and Accountability Act, See HIPAA

Hearsay evidence, 26

Heat, environmental controls, 202

Heat detectors, 203

Heating, ventilation and air conditioning, See HVAC

Heavy weight processes, See HWP

Hebern Machines, 156–158

HIDS (Host-based Intrusion Detection Systems), 365

Hierarchical databases, 451, 454–455

Hierarchical networks, 251

Hieroglyphics, 150

High-data-rate Digital Subscriber Line, See HDSL

High-Level Data Link Control, See HDLC

Highly Available clusters, See HA clusters

HIPAA (Health Insurance Portability and Accountability Act), 14, 40, 42–43, 54–55, 97

HIPS (Host-based Intrusion Prevention Systems), 365

Historical ciphers, 150–159

History of cryptography, 150–160

HMAC (Hashed Message Authentication Codes), 177–178

Hold-down timers, Routing Information Protocol, 270–271

Honeynets, 370–371

Honeypots, 370

Horizontal escalation, 465

Host-based Intrusion Detection Systems, See HIDS

Host-based Intrusion Prevention Systems, See HIPS

Hosted solutions, SLA, 44, 375–376

Host-to-gateway architecture, IPsec, 281

Host-to-host architecture, IPsec, 281

Host-to-Host Transport Layer, TCP/IP model, 226, 237–241

Hot sites, continuity of operations, 406

Hotspot questions, 6–8

HRU (Harrison–Ruzzo–Ullman) model of access control, 112

HTML (Hypertext Markup Language), 140, 245, 286–287

HTTP (Hypertext Transfer Protocol), 245

HTTPS (Hypertext Transfer Protocol Secure), 179, 245

Hubs, 263

Human disasters, 386–387

Humidity, 202–203, 388–389

HVAC (heating, ventilation and air conditioning), 202–203, 388–389

HWP (heavy weight processes), 121–122

Hybrid attacks, password cracking, 300

Hybrid risk analysis, 67

Hypertext Markup Language, See HTML

Hypertext Transfer Protocol, See HTTP

Hypertext Transfer Protocol Secure, See HTTPS

Hypervisor mode, 118

Hypervisors, 103, 131–132, 265–266

IaaS (Infrastructure as a Service), 132–133

IAB (Internet Activities Board), ethics, 48–49

IAM (Identity and Access Management), 293–327

account lockouts, 296

authentication methods, 294–309

biometrics, 304–308

brute-force attacks, 299–300

clipping levels, 295–296

content-/context-dependent access control, 323

control technologies, 309–320

credential management systems, 313

Diameter, 279–280, 319

dictionary attacks, 297–299

Discretionary Access Control, 321

exam objective summary, 323–324

Federated Identity Management, 312

hybrid attacks, 300

Identity as a Service, 312–313

KERBEROS, 314–318

LDAP, 314

location-based, 309

management of passwords, 300–301

Mandatory Access Control, 293, 321

Microsoft Active Directory Domains, 320

models, 321–323

non-discretionary access control, 321–323

PAP & CHAP, 278, 320

passwords and keys, 294–301

protocols and frameworks, 318–320

provisioning lifecycles, 311–312

RADIUS, 318–319

Role-Based Access Control, 293, 321–323

rule-based access control, 323

salts, 300

self test, 324–326, 499–504

SESAME, 318

TACACS/TACACS+, 319

task-based access control, 323

third-party system integration, 314

tokens, 301–303

ICC (Integrated Circuit Cards), 190–192

ICH (I/O Controller Hub), 120

ICMP (Internet Control Message Protocol), 225, 228, 240–241, 272–273, 364–365

IDaaS (Identity as a Service), 312–313

IDEA (International Data Encryption Algorithm), 165

Identity

authentication, 15–16

as a service, 312–313, See also IAM (Identity and Access Management)

Identity and Access Management, See IAM

Identity as a Service, See IDaaS

IDL (Interface Definition Language), 460–461

IDS (Intrusion Detection Systems), 363–366, 461–462

IEEE (Institute of Electrical and Electronics Engineers), OUIs and EUIs, 227

IGPs (Interior Gateway Protocols), 268–269

IKE (Internet key Exchange), IPSEC, 180–181

IMAP (Internet Message Access Protocol), 243

Impact, risk analysis, 60

Implementation, cryptography, 176–183

Implementation attacks, cryptanalysis, 175

Implied copyright, 32–33

Import/export restrictions, 38–39

Incident responders, 358

Incident response management, 357–363

Income approach, asset valuation, 61

Incremental backups, 377, 414

Indirect mode, memory addressing, 123

Individual participation principle, OECD privacy guidelines, 37

Industrial, Scientific and Medical bands, See ISM

Inference, database security, 143–144

Inference engines, expert systems, 469–470

Information flow model, access control, 109

Information owners, 85

Information Systems Audit and Control Association, See ISACA

Information Technology Infrastructure Library, See ITIL

Information technology Security Evaluation Criteria, See ITSEC

Infrastructure as a Service, See IaaS

Inheritance, Object-Orientated Programming, 457–458

Initialization vectors, symmetric ciphers, 160–161

Initiation, BCP/DRP development projects, 395–398

Inline Network-based Intrusion Prevention Systems, 365

Insider attacks, 71

Installation testing, 337

Instances, Object-Orientated Programming, 457

Instant messaging, 285

Institute of Electrical and Electronics Engineers, See IEEE

Instruction sets, CPUs, 122–123

Intangible assets, value calculation, 61

Integrated Circuit Cards, See ICC

Integrated Product Teams, See IPT

Integrated Services Digital Network, See ISDN

Integration testing, 314, 337

Integrity

802, 11i, 262

BIOS, 125–126

breaches, 84–85

code repository history, 448

computer crime investigations, 297

cornerstone concepts, 12–15, 17

cryptography, 146–147

databases, 455

Data Loss Prevention, 367–368

definition, 11

evidence, 27, 29, 297

fault tolerance, 376–382

hardcopy records, 413–414

memory protection, 123–126

non-repudiation, 17, 146–147

P2P networks, 135

penetration testing, 331–332

trusted platform modules, 126

WORM storage, 126

*Integrity Axiom, access control, 107–108

Integrity models, access control, 106–109

Integrity, See IVPs

Intellectual property, 31–36, 134–135

Intel VT (Intel Virtualization Technology), 118

Interface Definition Language, See IDL

Interface testing, 339

Interior Gateway Protocols, See IGPs

Internal audits, access control security, 333

Internal traffic, RFC 1918 addressing, 233–234

International Common Criteria, security evaluation, 115–116

International cooperation, cybercrimes, 38

International Data Encryption Algorithm, See IDEA

International Software Testing Qualifications Board, See ISTQB

Internet

architecture attacks, 140–142

DNS, 244

fundamental concepts, 221

IPSEC, 98, 179–181

IPv4, 229–232

IPv6, 227, 229–232

routing protocols, 267–271

WAP, 286–287

Internet Activities Board, See IAB

Internet Control Message Protocol, See ICMP

Internet key Exchange, See IKE

Internet Layer, TCP/IP model, 225–226, 227–241

Internet Message Access Protocol, See IMAP

Internet Protocol Security, See IPSEC

Internet Protocol Suite, See TCP/IP model

Internet Protocol, See IPv4

Internet Protocol, See IPv6

Internet Relay Chat networks, See IRC networks

Internet Security Association and Key Management Protocol, See ISAKMP

Internet Small Computer System Interface, See iSCSI

Interpreted languages, 431

Interpreters, 431

Interrupts, CPUs, 121

Intranets, 221, See also LANs

Intrusion Detection Systems, See IDS

Intrusion Prevention Systems, See IPS

Investigations

chain of custody, 27, 29

computer crimes, 30–31

entrapment and enticement, 30

evidence integrity, 27

exigent circumstances, 27–30

legal aspects, 24–31

reasonable searches, 27–30

types of evidence, 25–26

I/O Controller Hub, See ICH

IP, See IPv4

IP Identification Fields, See IPID

IPID (IP Identification Fields), IPv4 packet fragmentation, 229

IPSEC (Internet Protocol Security), implementation, 98, 179–181

IPS (Intrusion Prevention Systems), 363–366

IPT (Integrated Product Teams), software development, 447

IPv4 (Internet Protocol version 4), 227–229, 232, 233–234

IPv6 (Internet Protocol version 6), 227, 229–233

IRC (Internet Relay Chat) networks, 72, 285

Iris scans, 307

ISACA (Information Systems Audit and Control Association), COBIT framework, 95

ISAKMP (Internet Security Association and Key Management Protocol), IPSEC, 180

the (ISC)^2® Code of Ethics, 46–48

iSCSI (Internet Small Computer System Interface), 256–257

ISDN (Integrated Services Digital Network), 282–283

ISM (Industrial, Scientific and Medical) bands, 259

ISO 17799, asset security, 94–95

ISO 22301 guidelines, 422–423

ISO 27000 series, asset security, 94–95

ISO 27001, service provider security, 44

ISO/IEC-27031 guidelines, 422–423

Isolation of ports, 265–266

ISTQB (International Software Testing Qualifications Board), 467–468

ITIL (Information Technology Infrastructure Library) framework, 95

ITSEC (Information technology Security Evaluation Criteria), 114–115

IVPs (integrity verification procedures), Clark–Wilson, 108

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Index

Create new playlist

Sign In

Sign Up

Index

Table of Contents for
Index