Index
Symbols
* (star) Integrity Property, of Biba model state machine
* (star) security Property, of state machine
2DES (Double DES)
2G
3DES (Triple DES)
3G
5-4-3 rule
10Base2
10Base5
“10 system” of communications
802.1X standard
A
abnormal activity
abstraction
in object-oriented programming
abuse, in voice communication
acceptable use policies
for organization email
acceptance rating of biometrics
accepting risk
access control
administration
centralized and decentralized
compensations
database views for restricting
in layered environment
techniques
types
access control lists, for firewalls
access control matrix
access control triple
access rights and permissions
account lockout
account privileges, limiting
account tracking
accountability
accreditation
in evaluation process
systems for
accuracy, of biometric factors
ACID model for transactions
ACK flagged packet
acronyms
ACS (annual cost of the safeguard)
active content
Active Directory
active response from IDS
ActiveX controls
digital signatures
activity auditing
ad hoc network
address information, spoofing
Address Resolution Protocol (ARP)
spoofing
addressing
Adleman, Leonard
administrative access controls
physical security
administrative law
admissible evidence
Advanced Encryption Standard (AES)
advisory security policy
adware
agents
agents of change, identifying
aggregation
agile model, of systems development life cycle
Agile Unified Process (AUP)
AH (Authentication Header)
alarms
burglar
ALE (annualized loss expectancy)
calculating with safeguard
algorithms for cryptography
secrecy of
ALO (annualized rate of occurrence)
alternate sites
in continuity planning
in recovery strategy
ALU (arithmetic-logical unit)
American Civil Liberties Union (ACLU)
American Civil War, cryptography
American Standard Code for Information Interchange (ASCII)
amplifiers
analog communications
analytic cryptographic attack
AND operation
annual cost of the safeguard (ACS)
annualized loss expectancy (ALE)
calculating with safeguard
annualized rate of occurrence (ALO)
anomaly analysis
anomaly detection
data mining for
antivirus management
antivirus software
and Trojan horses
APIPA (Automatic Private IP Addressing)
AppleTalk
applets
application issues
attacks
distributed environment
agents
applets
Microsoft component models
object request brokers
local/nondistributed environment
logic bombs
Trojan horses
viruses
worms
Application layer
protocols
application-level gateway firewalls
applied cryptography
arc radius
archiving policy, for log files
arithmetic-logical unit (ALU)
ARP (Address Resolution Protocol)
spoofing
ARP cache poisoning
arpspoof
artificial intelligence
ASCII (American Standard Code for Information Interchange)
assembly language
assets
list of
in risk managment
valuation
assigning risk
assurance
in Operations Security domain
assurance procedure
asymmetric cryptography
hash functions
asymmetric key algorithms
asynchronous communications
asynchronous dynamic password
asynchronous transfer mode (ATM)
attack methods
botnets
brute-force attack
crackers, hackers, and attackers
denial of service (DoS) attacks. See also denial of service (DoS) attacks
dictionary attack
email as
land attack
man-in-the-middle
ping-of-death attack
smurf attack
sniffer
spamming attacks
spoofing. See also spoofing
stream attack
SYN flood attack
teardrop attack
attackers
attacks
attenuation
attribute storage
audit trails
auditing
of configuration
inappropriate activities
monitoring as
auditor
AUP (Agile Unified Process)
authentication
of evidence
protocols
for remote access
services (AS)
centralized remote
techniques
Authentication Header (AH)
authentication server
authority level, for process
authorization
automated attack tools
Automatic Private IP Addressing (APIPA)
auxiliary alarm systems
availability
techniques for protecting
AVG() function
awareness, in security training
B
back doors
backups
best practices
maintenance
media formats
of private key
reliable
tape rotation
badges
bandwidth on demand
baseband
baselines
base+offset addressing
Basic Input/Output System (BIOS)
Basic Rate Interface (BRI)
basic service set identifier (BSSID)
bastion host
batch processing
beacon frame
behavior-based IDS
behavior, in object-oriented programming
Bell-LaPadula model
Berkeley Software Distribution (BSD), private and/or dynamic ports
best evidence rule
BGP (Border Gateway Protocol)
biases, of BCP team members
Biba model
binary code
binary math
binary number, converting dotted-decimal notation IP address to
biometric factor
ratings
registration
biometrics
appropriate usage
BIOS (Basic Input/Output System)
birthday attack
bit size
BitLocker
black-box testing
for penetration testing
black boxes of phreakers
BlackBerries, encryption support
blackout, power during
block ciphers
blocking attachments to email
Blowfish
blue boxes of phreakers
Blue Screen of Death (BSOD)
bluebugging
bluejacking
bluesnarfing
Bluetooth
Boehm, Barry
bombings/explosions
book cipher
boot password
boot sector
bootp command
bootstrap information
Bootstrap Protocol
Border Gateway Protocol (BGP)
bot herder
botmaster
botnets
bottlenecks, NAT and
bottom-up approach to security management planning
boundaries, for security
bounds, for process
box technologies of phreakers
breach
Brewer and Nash model
BRI (Basic Rate Interface)
bridge mode infrastructure
bridges
broadband
broadcast
vs. collision
broadcast domain
broadcast technology
brouter
brownout
power during
brute-force attack
time and effort required
BSA (Business Software Alliance)
BSD (Berkeley Software Distribution), private and/or dynamic ports
BSSID (basic service set identifier)
buffer overflow
checking code for
buffer-overflow attack
buffer underflow
buildings, mitigating risks in continuity planning
burglar alarms
bus topology
business attacks
business continuity planning
business impact assessment (BIA)
impact assessment
likelihood assessment
priorities identification
resource prioritization
risk identification
continuity planning
plan approval
plan implementation
provisions and processes
strategy development
training and education
vs. disaster recovery planning
documentation
continuity planning goals
emergency-response guidelines
maintenance
risk acceptance/mitigation
risk assessment
statement of importance
statement of organizational responsibility
statement of priorities
statement of urgency and timing
of testing process
vital records program
explaining benefits
project scope and planning
business organization analysis
legal and regulatory requirements
resource requirements
team selection
senior management and
business impact analysis (BIA)
Business Software Alliance (BSA)
C
C++
cabling
baseband and broadband
characteristics of common
coaxial
conductors
twisted-pair
cache RAM
Caesar cipher
Cain & Abel
CALEA (Communications Assistance for Law Enforcement Act)
callback
caller ID verification
cameras
candidate keys, for database records
capabilities list
Capability Maturity Model
capacitance motion detector
cardinality
Carnegie Mellon University, Capability Maturity Model for Software
Carrier-Sense Multiple Access (CSMA)
Carrier-Sense Multiple Access with Collision Avoidance (CSMA/CA)
Carrier-Sense Multiple Access with Collision Detection (CSMA/CD)
carrier tone, war dialer search for
CAs (certificate authorities)
enrollment with
cascading composition theory
CASE (Computer-Aided Software Engineering)
CCTV
CD/DVD drives
CDDI (Copper Distributed Data Interface)
CDI (constrained data item)
cell phones
conversations
Faraday cage and
monitoring
for wireless communications
cell suppression
central processing unit (CPU). See also processor (computer)
centralized access control
centralized alarm system
centralized remote authentication services
certificate authorities (CAs)
enrollment with
certificate path validation (CPV)
certificate practice statement (CPS)
certificate revocation list (CRL)
certificates
generation and destruction
revocation of
verification
certification
in evaluation process
systems for
CFR (Code of Federal Regulations)
chain of custody
chain of evidence
Challenge Handshake Authentication Protocol (CHAP)
challenge-response authentication protocol
challenge-response tokens
change
and certification
change control
change management control
channel service unit/data service unit (CSU/DSU)
CHAP (Challenge Handshake Authentication Protocol)
chargen
Chauvaud, Pascal
checklist test, for disaster recovery planning
checklists
for emergency-response plans
power of
Checkpoint Software, Firewall-1 package
chief security officer
Children’s Online Privacy Protection Act of 1998
China
Chinese Wall
chipping code
choke points
chosen cipher-text attack
chosen plain-text attack
CIA Triad
availability
confidentiality
integrity
priority
CIDR (Classless Inter-Domain Routing)
Cipher Block Chaining (CBC) mode
Cipher Feedback (CFB) mode
cipher-text message
ciphers
block
codes vs.
one-time pads
running-key
stream
substitution
transposition
CIR (Committed Information Rate)
circuit encryption
circuit-level gateway firewalls
circuit proxies
circuit switching
vs. packet switching
CIRT (computer incident response team)
Cisco, Layer 2 Forwarding (L2F)
civil law
Clark-Wilson model
classes (object groups)
in object-oriented programming
classified data
preventing leakage or transfer
Classless Inter-Domain Routing (CIDR)
clean power
cleaning of malicious code
clearing media
CLI (Common Language Infrastructure)
click-wrap license agreements
clients, applets on
closed systems
clustering
CMWs (compartmented mode workstations)
coaxial cable
CobiT (Control Objectives for Information and Related Technology)
Code of Federal Regulations (CFR)
Code Red worm
code review walk-through, in systems development life cycle
codes, ciphers vs.
coding flaws, attacks based on
cognitive password
cohesiveness, in object-oriented programming
cold rollover
cold sites
reciprocal agreements and
cold-swappable RAID
collision attack
collision domain
collisions, vs. broadcasts
collusion
combination locks
commercial business/private sector classification systems
Committed Information Rate (CIR)
Common Body of Knowledge for CISSP certification exam
Access Control domain
Information Security Governance and Risk Management domain
Operations Security domain
Physical (Environmental) Security domain
Telecommunications and Network Security domain
Common Criteria (CC)
comparing with TCSEC and ITSEC
evaluation assurance levels
recognition
security assurance requirements
structure
on trusted recovery
Common Language Infrastructure (CLI)
common mode noise
Common Object Request Broker Architecture (CORBA)
Common Vulnerabilities and Exposures database
communication path
communications
emergency
external, in disaster recovery process
and network security
cabling
LAN technologies
network topologies
TCP/IP
wireless communications
Communications Assistance for Law Enforcement Act (CALEA)
communications security
compartmentalized MAC environments
compartmented mode workstations (CMWs)
compartmented security mode
compensation access control
compensation measure
compiled languages
compiler
Component Object Model (COM)
composition password
composition theories
compromise of system
Computer Abuse Amendments Act of 1994
Computer-Aided Software Engineering (CASE)
computer architecture
distributed
safeguards
vulnerabilities
firmware
BIOS (Basic Input/Output System)
hardware
input and output devices
memory
processor
storage
input/output structures
progress of technology
and security policies
computer crime
business attacks
evidence of
financial attacks
grudge attacks
insider attacks
laws on
military and intelligence attacks
terrorist attacks
thrill attacks
Computer Ethics Institute, Ten Commandments of Computer Ethics
computer export controls
Computer Fraud and Abuse Act of 1986
computer incident response team (CIRT)
Computer Security Act of 1987
Computer Security Incident Handling Guide (NIST)
computers
failures
system compromise
computing power, growth of
concentrators
concentric circle antivirus strategy
conceptual definition phase, in systems development life cycle
conclusive evidence
concurrency
conductors
confidential information
cryptography for
NDA to protect
social engineering attacks and
techniques for protecting
confidentiality
and integrity
configuration management
control
confinement
confinement property, of state machine
confusion and diffusion
confusion, from cryptographic algorithms
connectionless communications protocol, UDP as
constrained data item (CDI)
containment of intrusion
content filters, for viruses
context-dependent access control
continuity planning. See business continuity planning
contracts, service-level agreements (SLAs) in
contractual license agreements
Control Objectives for Information and Related Technology (CobiT)
control zones
TEMPEST and
controlled access protection
controls gap
Copper Distributed Data Interface (CDDI)
copyright
CORBA (Common Object Request Broker Architecture)
cordless phones
corporate property, vs. personal
corrective access control
cost functions, in quantitative risk analysis
COUNT() function
Counter (CTR) mode
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
countermeasures
indistinct threats and
for malicious code
in risk managment
factors in selecting
selecting in risk avoidance
counterstrikes against intruder
coupling, in object-oriented programming
covert channel attacks
covert channels
CPS (certificate practice statement)
CPTED (crime prevention through environmental design)
CPU (central processing unit). See also processor (computer)
CPV (certificate path validation)
Crack program
crackers
as former employees
cracking
cracking password
Creating Defensible Space (Newman)
creeping privileges
crime prevention through environmental design (CPTED)
criminal law
crisis management
critical path analysis
criticality prioritization
CRL (certificate revocation list)
cross-site scripting (XSS)
cross-training
crossover error rate (CER)
cryptanalysis
cryptographic attacks
cryptographic keys
length of
cryptography. See also symmetric cryptography
applied
for e-commerce
for email
for networks
for portable devices
for web
ciphers
block ciphers
codes vs.
one-time pads
running-key ciphers
stream ciphers
substitution ciphers
transposition ciphers
goals
historical milestones
mathematics
binary math
confusion and diffusion
logical operations
modulo function
nonce
one-way functions
split knowledge
work function
zero-knowledge proof
modern systems
asymmetric key algorithms
cryptographic keys
hashing algorithms
symmetric key algorithms
terminology
cryptology
cryptosystems
cryptovariables
CSMA/CA (Carrier-Sense Multiple Access with Collision Avoidance)
CSMA (Carrier-Sense Multiple Access)
CSMA/CD (Carrier-Sense Multiple Access with Collision Detection)
CSU/DSU (channel service unit/data service unit)
custodians
custom-developed software, escrow arrangements
D
DAA (Designated Approving Authority)
DACK line
DACs (discretionary access controls)
damage from fire
Dan Kaminski vulnerability
DARPA model
data at rest
data classification
handling media and
implementing scheme
data contamination, avoiding
data custodian role
Data Definition Language (DDL)
data dictionary
data diddling
Data Encryption Standard (DES)
data hiding
data in motion
Data Link layer
Data Manipulation Language (DML)
data mart
data mining
tools
data names, in OSI model layers
data owner role
data remanence
data storage
devices
threats
data stream
data terminal equipment/data circuit-terminating equipment (DTE/DCE)
data validation
data warehouses
database management system (DBMS) architecture
database shadowing
databases
aggregation
concurrency
contamination
multilevel
recovery strategy
transactions
for web content on-demand
datagram
DCOM (Distributed Component Object Model)
DDL (Data Definition Language)
decentralized access control
decision-making, disaster recovery planning and
decision support systems (DSS)
declassification
decoy techniques
decryption, private key for
dedicated line, for WAN
dedicated security mode
deencapsulation
defense-in-depth deployment
Defense Information Technology Security Certification an Accreditation Process (DITSCAP)
degree, in database tables
delay feature in mantrap
delegation, in object-oriented programming
Delphi technique
Delta rule
deluge system for fire suppression
denial of service (DoS) attacks
distributed
DNS amplification attack
DNS poisoning
on Gibson Research
land attack
ping of death
smurf attack
SYN flood attack
modified handshaking process
teardrop attack
Department of Defense Password Management Guidelines
DES (Data Encryption Standard)
design flaws, attacks based on
design review, in systems development life cycle
Designated Approving Authority (DAA)
desktop computers
change
risk of sensitive information exposure
safeguards
detection of incident
detective access control
deterrent access control
DHCP (Dynamic Host Configuration Protocol)
DIACAP (DoD Information Assurance Certification and Accreditation Process)
dial-up connectivity
dial-up protocols
encapsulation
DIAMETER
dictionary attack
differential backups
Diffie-Hellman algorithm
diffusion, from cryptographic algorithms
digital certificates. See also certificates
digital communications, vs. analog
digital evidence
Digital Millenium Copyright Act
Digital Signature Algorithm (DSA)
Digital Signature Standard (DSS)
digital signatures
asymmetric key algorithm support for
for log files
private key for
digital subscriber line (DSL)
direct addressing
direct evidence
Direct Inward System Access (DISA)
Direct Memory Access (DMA)
Direct Sequence Spread Spectrum (DSSS)
directive access control
directory service
DISA (Direct Inward System Access)
disaster recovery
vs. restoration
disaster recovery planning (DRP)
vs. business continuity planning
external communications
maintenance
testing and maintenance
training and documentation
disasters. See also fires; recovery strategy
man-made
bombings/explosions
fires
hardware/software failures
power outages
strikes/picketing
terrorist acts
theft/vandalism
utility and infrastructure failures
natural disasters
earthquakes
fires
floods
regional events
storms
discretionary access controls (DACs)
discretionary protection systems
Discretionary Security Property, of state machine
distance vector routing protocols
distributed access control
distributed architecture
Distributed Component Object Model (DCOM)
distributed data model
distributed denial of service (DDoS) attack
distributed environment
agents
applets
Microsoft component models
object request brokers
distributed reflective denial of service (DRDoS) attacks
DITSCAP (Defense Information Technology Security Certification an Accreditation Process)
DMA (Direct Memory Access)
DML (Data Manipulation Language)
DMQ line
DMZ
DNS amplification attack
DNS poisoning
DNS spoofing
Dobbertin, Hans
documentary evidence
documentation
for business continuity planning
continuity planning goals
emergency-response guidelines
maintenance
risk acceptance/mitigation
risk assessment
statement of importance
statement of organizational responsibility
statement of priorities
statement of urgency and timing
of testing process
vital records program
for disaster recovery
for security
shredding
DoD Information Assurance Certification and Accreditation Process (DIACAP)
DOD model
dogs, for physical access control
domain controller
domain name resolution
Domain Name System (DNS) protocol, vulnerabilities
domain of relation
domains
in decentralized access control systems
dotted-decimal notation IP address, converting to binary equivalent
Double DES (2DES)
downloads, hashes to verify
drifting of work tasks
dry pipe system for fire suppression
DSA (Digital Signature Algorithm)
DSDM (Dynamic Systems Development Model)
DSL (digital subscriber line)
DSS (decision support systems)
DSS (Digital Signature Standard)
DSSS (Direct Sequence Spread Spectrum)
DTE/DCE (data terminal equipment/data circuit-terminating equipment)
dual-homed firewalls
due care
standards
due diligence
in contingency planning
standards
dumpster diving
duties, separating from responsibilities
DVDs, and backups
dwell time in keystroke patterns
dynamic content, from web site
Dynamic Host Configuration Protocol (DHCP)
dynamic NAT
dynamic packet filtering firewalls
dynamic passwords
dynamic RAM
vs. static
Dynamic Systems Development Model (DSDM)
dynamic web applications
E
EAP (Extensible Authentication Protocol)
earthquakes
U.S. hazard map
eavesdropping
work area design to avoid
EBCDIC (Extended Binary-Coded Decimal Interchange Mode)
ECDSA (Elliptic Curve DSA)
echo User Datagram Protocol (UDP) services
Echoplex
e-commerce
Economic and Protection of Proprietary Information Act of 1996
Economic Espionage Act of 1996
EDI (Electronic Data Interchange)
eDirectory
education of users
in continuity planning
on passwords
in security awareness
EEPROM (electronically erasable programmable read-only memory)
EES (Escrowed Encryption Standard)
EF (exposure factor)
effectiveness of access controls
EFS (Encrypting File System)
egress filtering
EIA/TIA-232
EIA/TIA-449
eigenfaces
eigenfeatures
El Gamal, T.
electricity. See power supply
electromagnetic interference (EMI)
electromagnetic radiation
electronic access control (EAC) lock
Electronic Codebook (ECB) mode
Electronic Communications Privacy Act of 1986
Electronic Data Interchange (EDI)
electronic mail. See email
electronic serial numbers (ESNs)
electronic vaulting
electronically erasable programmable read-only memory (EEPROM)
elliptic curve cryptography theory
Elliptic Curve DSA (ECDSA)
elliptic curve group
encryption
managing security
third-party spam screening
virus exchange by
emanation security
emergency communications
emergency response
guidelines
personnel proximity and site selection
EMI (electromagnetic interference)
employees
agreement for consent to search and seizure
grudge attacks by
hiring
screening and background checks
mitigating risks in continuity planning
privacy in workplace
sabotage by
termination
employment agreements
employment policies
Encapsulating Security Payload (ESP)
encapsulation
encrypted viruses
Encrypting File System (EFS)
encryption
choosing system
of email
export controls
of fax
of password files
public key for
randomness in
RSA (Rivest, Shamir, and Adelman)
and VPN
encryption keys, escrow of
end-to-end encryption
end-to-end security
end user role
endpoints, for network ccommunication link
Enigma, vs. Ultra
enrollment
with certificate authorities
enterprise extended mode, for wireless network
entertainment, as inappropriate content
enticement
entities
entrapment
enveloped message from S/MIME
environment, for computer system
EPROM (erasable programmable read-only memory)
equipment failure
erasable programmable read-only memory (EPROM)
erased data, recovery
error correction, in transmission
errors and omissions
Escrowed Encryption Standard (EES)
ESNs (electronic serial numbers)
ESP (Encapsulating Security Payload)
in IPSec
espionage
ESSID (Extended Service Set Identifier)
ESSID (extended station set identifier)
/etc/passwd file
/etc/shadow file
Ethernet
subtechnologies
Etherpeek
ethical hacking
ethics
(ISC)2 Code of Ethics
Internet Advisory Board
Ettercap
European Union, privacy law
evacuation routes
event
evidence, collection
excessive privileges
Exchange server
exclusive OR (XOR) operation
executable files
virus infection
executing program, and security level elevation
exit interview
expectation maximization (EM) clustering
experienced exposure
expert opinion
expert systems
and security
exploitation of collision
explosions
export regulations, for hardware and software
exposure factor (EF)
exposure, in risk managment
Extended Binary-Coded Decimal Interchange Mode (EBCDIC)
extended LAN
Extended Service Set Identifier (ESSID)
extended station set identifier (ESSID)
extended TACACS (XTACACS)
Extensible Authentication Protocol (EAP)
external storage drives
extranet
Extreme Programming (XP)
F
face scans
facilities, mitigating risks in continuity planning
facility requirements
accessibility and perimeter security
design
physical security controls
secure facility plan
server rooms
site selection
work areas
fail-open system
fail-safe system
fail-secure system
fail-soft system
failover solutions
failure
avoiding single points
preparation
recognition and response
failure states, initialization and
false acceptance rate (FAR)
false alarms
from behavior-based IDS
reducing
false assumptions
false rejection rate (FRR)
false value, in binary math
Family Educational Rights and Privacy Act (FERPA)
Faraday cage
Fast Ethernet
fault
fault tolerance
for leased lines
fax security
FDDI (Fiber Distributed Data Interface)
Federal Emergency Management Agency (FEMA)
National Flood Insurance Program
Federal Information Processing Standard (FIPS)
Federal Information Processing Standard (FIPS)
Federal Information Processing Standard (FIPS)
Federal Sentencing Guidelines (1991)
feedback composition theory
feedback loop, of waterfall model
FEMA (Federal Emergency Management Agency)
fences
FHSS (Frequency Hopping Spread Spectrum)
Fiber Distributed Data Interface (FDDI)
fiber-optic cable
fields, in database tables
file infector viruses
File Transfer Protocol (FTP)
files, checking hash value of
FileVault
filters, for firewalls
FIN flagged packets
financial attacks
Finger vulnerability, in Unix
fingerprints
finite state machine (FSM)
fire extinguishers
fire triangle
fires
checklist for response
damage from
detection and suppression
stages
firewall
deployment architectures
log of rejected traffic
firing employees
firmware
BIOS (Basic Input/Output System)
first-generation firewalls
first normal form (1NF)
fixed-temperature fire detection system
flame-actuated fire detection system
flash floods
flash memory chips
“flashing the BIOS”
Flask
flaw hypothesis methodology of penetration testing
flight time in keystroke patterns
flip-flop
flood maps
floods
floppy drives
foreign keys, for database records
form input, embedding in link
FORTRAN
fortress mentality, vs. layered environment
fraggle attacks
fragmentation attacks
Frame Relay connections
frames
fraud
in voice communication
FreeBSD, private and/or dynamic ports
Freedom of Information Act
frequency analysis
Frequency Hopping Spread Spectrum (FHSS)
frequency of radio waves
FSM (finite state machine)
FTP (File Transfer Protocol)
full backups
full-duplex communication
full-interruption test, of disaster recovery plan
full-knowledge team, for penetration testing
fundamental requirements determination, in systems development life cycle
FunLove virus
fuzzy logic
G
Gantt charts
garbage, as information source
gas discharge systems for fire suppression
GASSP (Generally Accepted Systems Security Principles)
Gates, Bill
gates
gateway firewalls
gateways
Generally Accepted Systems Security Principles (GASSP)
generational languages
Gibson, Steve
Gibson Research, denial of service (DoS) attacks on
Gigabit Ethernet
GnuPG
goals, of continuity planning
Good Times virus warning
Government Information Security Reform Act (GISRA) of 2000
government/military classification
Gramm-Leach-Bliley Act of 1999
Grandfather-Father-Son (GFS) strategy, for backups
graphical user interface, copyright and
gray-box testing
greatest lower bound of access
Green Book
ground
GroupWise
grudge attacks
Guide to Integrating Forensic Techniques into Incident Response (NIST)
guidelines, for security
H
hackers
ethical
prison terms for
hailstorms
half-duplex communication
halon, for fire suppression
hand geometry
handling media, data classification and
handshake process
hardening provisions
hardware
failures
firmware in
import/export regulations
input and output devices
memory
processor
replacement options after disaster
segmentation
storage
hardware address
hardware-based RAID
hash total
hash values, database of
Hashed Message Authentication Code (HMAC) algorithm
hashing algorithms
memorization chart for
HDLC (High-Level Data Link Control)
header for TCP
Health Insurance Portability and Accountability Act of 1996
hearsay evidence
heart/pulse patterns
heartbeat sensor
heat-based motion detector
heuristics-based detection
hierarchical data model
hierarchical MAC environments
hierarchical storage management (HSM) system
High-Level Data Link Control (HDLC)
high-level languages
High-Speed Serial Interface (HSSI)
hijack attack
hiring staff
screening and background checks
HMAC (Hashed Message Authentication Code) algorithm
hoaxes, virus
honeypots
hookup composition theory
host-based IDS
hostile applet
hot rollover
hot sites
reciprocal agreements and
hot-swappable RAID
HSSI (High-Speed Serial Interface)
HTTP (Hypertext Transfer Protocol)
HTTPS (Hypertext Transfer Protocol over Secure Sockets Layer)
hubs
human compatibility, of server rooms
humidity, for computer system
hurricanes
hybrid attack
hybrid cryptography
hybrid MAC environments
hybrid response from IDS
hyperlink spoofing
hyperlinks, embedding form input in
Hypertext Transfer Protocol (HTTP)
Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)
I
I Love You virus
IAB (Internet Advisory Board), and ethics
IANA (International Assigned Numbers Authority)
ICMP (Internet Control Message Protocol)
largest permissible packet
ping utility vulnerability
IDEA (International Data Encryption Algorithm)
IDEAL model, of systems development life cycle
identification
of incident
techniques
identification cards
Identity Theft and Assumption Deterrence Act
IDL (Interface Definition Language)
IEEE 802.1x standard
IEEE 802.11 standard
wireless networking amendments
IEEE 802.11i standard
IEEE 802.15 personal area networks
IETF (Internet Engineering Task Force)
IGMP (Internet Group Management Protocol)
ignoring risk
illegal activities
illegal software monitoring
images, secret messages in
IMAP (Internet Message Access Protocol)
immediate addressing
impact assessment, in business continuity planning
impersonation
implementation cryptographic attack
import/export regulations, for hardware and software
importance, statement of
incident handling
and data integrity and retention
detection and identification
incident types
postmortem review
recovery and remediation
reports
response and reporting
response teams
incident report
incremental attacks
incremental backups
indirect addressing
industrial espionage
industry implementation guidelines
inference attacks
inference engine, in expert system
information flow model
information gathering
information hiding
information leakage
Information Security Governance and Risk Management domain
information security officer role
Information Systems Audit and Control Association (ISACA)
information systems, security capabilities
Information Technology Infrastructure Library (ITIL)
Information Technology Security Evaluation and Criteria (ITSEC)
comparing with TCSEC and CC
vs. TCSEC
informative security policy
InfraGard program (FBI)
infrared motion detector
infrastructure
failures
loss of support
mitigating risks in continuity planning
infrastructure mode, for wireless network
inheritance, in object-oriented programming
initial program load (IPL), vulnerabilities
initialization, and failure states
initialization vector (IV)
input
checking
validation
input and output devices (computer)
input/output structures
inrush
insider attacks
instances, in object-oriented programming
insurance
for flood damage
Insurance Information Institute
Integrated Services Digital Network (ISDN)
integrity
Biba model and
cryptography and
techniques for protecting
verifying for transmission
integrity checking software
integrity checks
integrity verification procedure (IVP)
intellectual property, laws
intelligence attacks
intent to use application
Interface Definition Language (IDL)
interference, between channels
International Assigned Numbers Authority (IANA)
International CPTED Association
International Data Encryption Algorithm (IDEA)
International Information Systems Security Certification Consortium (ISC)2
International Organization for Standardization (ISO)
Evaluation Criteria for Information Technology Security (15408)
Standard Common Criteria for Computer Security (ISO 15408)
International Organization on Computer Evidence (IOCE)
international security implementation guidelines
International Telecommunications Union
Internet
Internet Advisory Board (IAB), and ethics
Internet Control Message Protocol (ICMP)
ping utility vulnerability
Internet Engineering Task Force (IETF)
Internet Group Management Protocol (IGMP)
Internet Message Access Protocol (IMAP)
Internet Protocol (IP)
classes
v4 vs. v6
Internet Protocol Security (IPSec)
characteristics
over NAT
Internet Security Association and Key Management Protocol (ISAKMP)
Internet service providers
limiting liability
PATRIOT Act and
Internet Worm
Internetwork Packet Exchange (IPX)
interpreted languages
interrogation
interrupt conflict
interrupt (IRQ)
interviews, in incident investigation
intranet
intruders, preventing
intrusion alarms
intrusion detection system
real world scenario
related tools
honeypots
padded cells
vulnerability scanners
intrusion prevention system (IPS)
investigations
conducting
evidence
process
IOCE (International Organization on Computer Evidence)
IP addresses
private
IP-checking websites
IP (Internet Protocol)
classes
v4 vs. v6
IP probes
IP spoofing
iPhones, encryption support
IPL (initial program load), vulnerabilities
IPSec (Internet Protocol Security)
characteristics
over NAT
IPX (Internetwork Packet Exchange)
iris scans
ISACA (Information Systems Audit and Control Association)
ISAKMP (Internet Security Association and Key Management Protocol)
(ISC)2 Code of Ethics
ISDN (Integrated Services Digital Network)
ISO/IEC 27002
ISO (International Organization for Standardization)
Evaluation Criteria for Information Technology Security (15408)
Standard Common Criteria for Computer Security (ISO 15408)
isolation
of compromised system
of process
ISSTMM (Open Source Security Testing Methodology Manual)
issue-specific security policy
IT Governance Institute (ITGI)
IT security
ITGI (IT Governance Institute)
ITIL (Information Technology Infrastructure Library)
ITSEC (Information Technology Security Evaluation and Criteria)
classes and required assurance and functionality
comparing with TCSEC and CC
vs. TCSEC
IVP (integrity verification procedure)
J
jamming
Japanese Purple Machine
Java
Java applets
Java Virtual Machine (JVM)
JavaScript
job description
job rotation
John the Ripper
journaling, remote
JPEG (Joint Photographic Experts Group)
JVM (Java Virtual Machine)
K
Kaminsky, Dan
Katrina (hurricane)
KDD (Knowledge Discovery in Databases)
Kerberos
Kerchoff principle
kernel
kernel mode
key distribution
key distribution center (KDC)
key escrow
key escrow database
key space
keyboards, as security risk
keylogger
keys
for database records
keystroke dynamics
keystroke monitoring
keystroke patterns
knowledge-based IDS
knowledge-based systems
decision support systems
expert systems
neural networks
Knowledge Discovery in Databases (KDD)
knowledge redundancy, for job rotation
known plain-text attack
Koblitz, Neil
KryptoKnight
L
L0phtcrack
L2F (Layer 2 Forwarding)
characteristics
L2TP (Layer 2 Tunneling Protocol)
characteristics
and IPSec
labeled security system
labeling media
LAN extender
land attack
laptop computers, risk of sensitive information exposure
lattice-based access controls
law enforcement
calling in
relationship with
laws
categories
on computer crime
on intellectual property
Layer 2 Forwarding (L2F)
characteristics
Layer 2 Tunneling Protocol (L2TP)
characteristics
and IPSec
layered environment, access control in
layering
layers in OSI model
Application layer
Data Link layer
Network layer
Physical layer
Presentation layer
remembering order
Session layer
Transport layer
LDAP (Lightweight Directory Access Protocol)
learning rule
leased line, for WAN
least upper bound of access
legal advice, need for
legal requirements
legally defensible security
lessons learned, in incident response process
level 2 cache
levels for security
licensing
life cycle assurance
lighting
lightning
Lightweight Directory Access Protocol (LDAP)
likelihood assessment, in business continuity planning
limit checks
Line Print Daemon (LPD)
linear bus topology
link encryption
link state routing protocols
Linux
Linux kernels, private and/or dynamic ports
LLC (Logical Link Control) sublayer
local alarm system
local area networks (LANs)
technologies
vs. WANs
local/nondistributed environment
logic bombs
Trojan horses
viruses
worms
lock feature for concurrency
logic bombs
logical access controls
Logical Link Control (LLC) sublayer
logical location
logical operations
logical security
logical topology
logistics, in disaster recovery plan
logon ID
logon process, Kerberos
logon scripts
logs
on chain of custody
as evidence
time sensitivity
from firewalls
of transmissions
LOMAC (Low Water-Mark Mandatory Access Control)
loopback address
loss potential
Low Water-Mark Mandatory Access Control (LOMAC)
LPD (Line Print Daemon)
M
MAAs (mutual assistance agreements)
MAC (mandatory access controls)
MAC (Media Access Control) address
MAC sublayer
machine language
Macintosh computers
FileVault
virus risk
macro viruses
macroscopic patterns of fingerprints
magnetic fields, and storage media
mail-bombing
main memory
maintenance
in disaster recovery planning
documentation
in systems development life cycle
maintenance hooks
malicious attackers
malicious code
active content
countermeasures
logic bombs
sources
spyware and adware
Trojan horses. See also Trojan horses
viruses
antivirus software
file infector
hoaxes
macro
master boot record
platforms
propagation techniques
technologies
worms
malware
man-in-the-middle attacks
man-made disasters
bombings/explosions
fires
hardware/software failures
power outages
strikes/picketing
terrorist acts
theft/vandalism
utility and infrastructure failures
MAN (metropolitan area network)
mandatory access controls (MAC)
mandatory protection systems
mantrap
many-to-many data model
marking media
Marzia virus
masking passwords
masquerading
massively parallel processing (MPP)
master boot record virus (MBR virus)
MasterCard
MAU (multistation access unit)
MAX() function
maximum tolerable downtime (MTD)
MBR virus (master boot record virus)
McAfee VirusScan
MD2 (Message Digest 2)
MD4 algorithm
MD5 algorithm
md5sum
mean time to failure (MTTF)
for media
mean time to repair (MTTR)
media
for backups
formats
life span
managing
storage
Media Access Control (MAC) address
mediated-access model
Melissa virus
memorization chart
for hash algorithms
symmetric cryptography
memory
addressing
random access memory (RAM)
read-only memory (ROM)
registers
secondary
security issues
segmentation in protection ring scheme
memory cards
vs. smart card
memory (computer)
memory-mapped I/O
Merkle-Hellman Knapsack algorithm
mesh topology
Message Digest 2 (MD2)
message digests
message, in object-oriented programming
metadata
metamodel
methods, in object-oriented programming
metropolitan area network (MAN)
mice, as security risk
Michelangelo virus
microcode
Microcom Networking Protocol (MNP)
Microsoft
ActiveX controls
Office suite, and macro viruses
private and/or dynamic ports
Windows, and viruses
Xbox gaming system, and Trojan horses
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
Microsoft component models
Middle CASE
MIDI (Musical Instrument Digital Interface)
military and intelligence attacks
military security labels
Miller, Victor
MIME Object Security Services (MOSS)
MIN() function
MINs (mobile identification numbers)
minutia matching
MIPS (million instructions per second)
mirrored port
mirrored server
Mitnick, Kevin
MNP (Microcom Networking Protocol)
Mobile Broadband (802.20)
mobile identification numbers (MINs)
mobile phones, Faraday cage and
mobile sites
modems
as security risk
war dialing with
modification attacks
modulo function
MONDEX payment system
monitoring. See also auditing
as auditing
real world scenario
tools and techniques
monitors (computer), as security risk
Montreal Protocol
Moore’s law
Morris, Robert
MOSS (MIME Object Security Services)
motion detectors
mount command
MPEG (Moving Picture Experts Group)
MPP (massively parallel processing)
MS-CHAP (Microsoft Challenge Handshake Authentication Protocol)
MTD (maximum tolerable downtime)
MTTF (mean time to failure)
for media
MTTR (mean time to repair)
Mueller, Frederic
multicast technology
Multics operating system
multifactor authentication
multihomed firewalls
multilevel databases
multilevel security mode
multimedia collaboration
multipartite viruses
multiple-factor authentication
multiple sites, to reduce disaster impact
multiprocessing
multiprogramming
multistate processing systems
multistation access unit (MAU)
multitasking
vs. multiprogramming
multithreading
Musical Instrument Digital Interface (MIDI)
mutual assistance agreements (MAAs)
Myer, Albert
N
NAT (Network Address Translation)
determining use
stateful
static and dynamic
NAT-Traversal (RFC 3947)
National Computer Crime Squad
National Information Assurance Certification and Accreditation Process (NIACAP)
National Information Infrastructure Protection Act of 1996
National Institute of Standards and Technology (NIST)
Computer Security Incident Handling Guide
Guide to Integrating Forensic Techniques into Incident Response
Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
Minimum Security Requirements for Federal Information and Information Systems (FIPS 200)
standard for perimeter protection using lighting
National Security Agency (NSA)
National Weather Service, Tropical Prediction Center
natural disasters
earthquakes
fires
floods
potential, and site selection
regional events
storms
NCA (noncompete agreement)
NDA (nondisclosure agreement)
need to know
negligence, burdens of proof for
Nessus vulnerability scanners
.NET Framework
NetWare Directory Services (NDS)
network access server
Network Address Translation (NAT)
determining use
stateful
static and dynamic
network-based IDS
Network File System (NFS)
network interface cards (NICs), in promiscuous mode
Network layer
protocols
Network News Transport Protocol (NNTP)
network topologies
network traffic analysis
networks
attacks
cabling
cryptography for
devices
slowness, botnets and
wireless
neural networks
and security
new accounts, access rights and permissions
new employees, HR request for user account
New York City, blackout
Newman, Oscar, Creating Defensible Space
Next-Generation Intrusion Detection Expert System (NIDES)
next-generation multiprocessing
nfs command
NFS (Network File System)
NIACAP (National Information Assurance Certification and Accreditation Process)
NICs (network interface cards)
discovery of manufacturer
and MAC addresses
NIDES (Next-Generation Intrusion Detection Expert System)
Nimda worm
NIST (National Institute of Standards and Technology)
Computer Security Incident Handling Guide
Guide to Integrating Forensic Techniques into Incident Response
Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
standard for perimeter protection using lighting
Nmap
NNTP (Network News Transport Protocol)
noise
noise generators
noise in DBMS
nonce
noncompete agreement (NCA)
nondedicated line
nondisclosure agreement (NDA)
nondiscretionary access control
noninterference model
nonrepudiation
cryptography and
symmetric key cryptography and
nonvolatile storage
normal forms
normalization of database
Norton AntiVirus
NOT operation
notification of security problem
NSA (National Security Agency)
Nybergrueppel’s signature algorithm
O
object evidence
object linking and embedding (OLE) model
Object Management Group (OMG)
object-oriented programming
and databases
object request brokers
objects
occupant emergency plans (OEPs)
OCSP (Online Certificate Status Protocol)
ODBC (Open Database Connectivity)
OFDM (Orthogonal Frequency-Division Multiplexing)
offline distribution of key
offsite storage
OMG (Object Management Group)
one-time pads
one-time password generators
one-time passwords
“one-to-many” data model
one-upped-constructed password
one-way functions
online auctions, and agents
Online Certificate Status Protocol (OCSP)
onsite electric generators
Open Database Connectivity (ODBC)
open relay agent, and spamming
Open Shortest Path First (OSPF)
Open Source Security Testing Methodology Manual (ISSTMM)
open-source system
open system authentication (OSA)
open systems
operating states
operating system
memory space separation for processes
security mechanisms within
technical mechanisms
and virus risk
operating system bug, attacker exploitation of
operational assurance
operational plan, for security management
operations security
antivirus management
assurance
backup maintenance
change management control
due care and due diligence standards
illegal activities
legal requirements
need to know and principle of least privilege
privacy and protection
privileged operations functions
record retention
sensitive information and media
trusted recovery
workstation changes
operations security triple
operator role
OR operation
Orange Book (TCSEC)
organizational responsibility, statement of
organizational security policy
Organizational Unique Identifier (OUI)
organizations, rules and restrictions
Orthogonal Frequency-Division Multiplexing (OFDM)
OSA (open system authentication)
OSI model
data names
encapsulation/deencapsulation
functionality
history
layers
Application layer
Data Link layer
Network layer
Physical layer
Presentation layer
remembering order
Session layer
Transport layer
vs. TCP/IP model
OSI protocol
OSPF (Open Shortest Path First)
OUI (Organizational Unique Identifier)
output devices
Output Feedback (OFB) mode
overt channel
owners
P
package
packet-filtering firewalls
packet sniffing
packet switching
packets
fragments
padded cells
pagefile
paging
pairing
palm geography
palm topography
PANs (personal area networks)
PAP (Password Authentication Protocol)
Paperwork Reduction Act of 1995
parallel computing, CTR mode for
parallel run, in change management
parallel test, of disaster recovery plan
parallelism, of security controls
parameters, checking
parol evidence rule
partial-knowledge team, for penetration testing
partitioning of database
passive audio motion detector
passive response from IDS
passphrase
password attack
countermeasures
dictionary attack
guessing
social engineering
as Unix vulnerability
Password Authentication Protocol (PAP)
password file
encryption of
in Unix
password policy
passwords
length
most common
one-time generators
security
selection
weaknesses
PAT (Port Address Translation)
patches, managing
patents
pattern-matching detection
Payment Card Industry-Data Security Standard (PCI – DSS)
PBX (private branch exchange)
countermeasures to fraud
peer-to-peer network
PEM (Privacy Enhanced Mail)
penetration testing
planning
teams
perimeter security, and site selection
period analysis
peripheral computer equipment, cache RAM
permanent virtual circuits (PVCs)
permissions. See access rights and permissions
personal area networks (PANs)
personal identification number (PIN)
personal information, European companies requirements for processing
personal property, vs. corporate
personally identifiable information (PII)
personnel
evacuation routes
notification of recovery plan
resource consumption in BCP process
safety of
strikes/picketing
personnel management
PERT (Program Evaluation Review Technique)
PGP (Pretty Good Privacy)
phishing
phone phreaking
photoelectric motion detector
phreakers
phreaking
Van Eck
physical access controls
abuse
badges
deploying
fences, gates, turnstiles and mantraps
intrusion alarms
keys and combination locks
lighting
motion detectors
secondary verification mechanisms
security guards and dogs
physical access security, to prevent eavesdropping
physical environment, security perimeter in
Physical layer
physical security
facility requirements
accessibility and perimeter security
design
physical security controls
secure facility plan
server rooms
site selection
work areas
visitors
physical support, loss of
picketing
piggybacking
PII (personally identifiable information)
ping-of-death attack
ping sweeps
ping utility
PKCS (Public Key Cryptography Standard) encryption
plain-text message
planning
penetration testing
security management
playback attack
plenum cable
PnP-compatible devices
point-to-point link, for WAN
Point-to-Point Protocol (PPP)
Point-to-Point Tunneling Protocol (PPTP)
characteristics
police officers, “10 system” of communications
political data, as inappropriate content
polling
polyinstantiation
polymorphic viruses
polymorphism, in object-oriented programming
POP3 (Post Office Protocol version 3)
pornography
Porras, Philip
Port Address Translation (PAT)
port scans
portable devices, cryptography for
portable installation media
ports
Post Office Protocol version 3 (POP3)
POST (power-on self-test)
postmortem review of incident
postwhitening
power-on self-test (POST)
power outages
power supply
PPP (Point-to-Point Protocol)
PPTP (Point-to-Point Tunneling Protocol)
characteristics
preaction system for fire suppression
Presentation layer
preset locks
pretexting
Pretty Good Privacy (PGP)
preventive access control
prewhitening
PRI (Primary Rate Interface)
primary keys, for database records
primary memory
Primary Rate Interface (PRI)
primary storage
principle of least privilege
printers
firmware in
as security risk
priorities
identification in business continuity planning
in protection ring scheme
in recovery strategy
statement of
privacy
laws
and telephone notification checklist for emergencies
in workplace
Privacy Act of 1974
Privacy Enhanced Mail (PEM)
private branch exchange (PBX)
private communication, email as
private information
private IP addresses
private key
backups of
protecting
private-key cryptography
privilege, in protection ring scheme
privileged mode
privileged operations functions
probability determination
probable cause, for warrants
problem management
problem state
process integration, and technologies
process isolation
process scheduler
process states
processor (computer)
execution types
operating modes
protection mechanisms
types
Program Evaluation Review Technique (PERT)
program executive
programmable locks
programmable read-only memory (PROM)
programming, flaws
programming languages
object-oriented
PROM (programmable read-only memory)
promiscuous mode, NICs in
propagation function, of viruses
property, corporate vs. personal
proprietary alarm system
proprietary information
protected mode
protection mechanisms
protection profiles (PPs)
protection rings
protection specifications development, in systems development life cycle
protocol
protocol analyzer system
protocol translators
proxies
proximity readers
proxy firewall
prudent man rule
pseudoflaws
public information
public key algorithms
public key cryptography. See also asymmetric cryptography
selecting key for
Public Key Cryptography Standard (PKCS) encryption
public key encryption
public key infrastructure (PKI)
key management
public switched telephone network (PSTN)
modems
purging
PVCs (permanent virtual circuits)
Pwdump
Q
qualitative decision making
qualitative risk analysis
Delphi technique
scenarios in
quantitative decision making
quantitative risk analysis
cost functions
formulas
threat/risk calculations
R
race conditions
racial harassment
radiation monitoring
radio frequency interference (RFI)
RADIUS (Remote Authentication Dial-In User Service)
RAID (Redundant Array of Independent Disks)
Rainbow series
rainbow tables
RainbowCrack
RAM disk
random access memory (RAM)
dynamic vs. static
random access storage
random number generator
random ports
randomness, in encryption process
RARP (Reverse Address Resolution Protocol)
RAs (registration authorities)
rate-of-rise fire detection system
RDBMSs (relational database management systems)
read-only memory (ROM)
Ready state for process
real evidence
real memory
“reasonable expectation of privacy”
reasonableness check
reboot
received fax, security of
reciprocal agreements
reconnaissance attacks
record retention
record sequence checking
recovery access control
recovery plan development
backups and offsite storage
emergency response
external communications
personnel notification
software escrow arrangements
recovery strategy
alternate processing sites
business unit and functional priorities
crisis management
emergency communications
work group recovery
recovery time objective (RTO)
Red Book
red boxes of phreakers
Redundant Array of Independent Disks (RAID)
redundant servers
reference monitor
reference profile
reference template
referential integrity
reflected input
reflective attack
regional events
registered software ports
registered trademark
registers
addressing
registration authorities (RAs)
regulatory security policy
rejection of risk
relational database management systems (RDBMSs)
relational databases
transactions
relay agent, and spamming
release control
reliable backup
remote access
security management
techniques
Remote Authentication Dial-In User Service (RADIUS)
remote authentication services, centralized
remote control remote access
remote control tools
remote journaling
remote mirroring
remote node operation
Remote Procedure Call (RPC)
removable media devices
and backups
labeling
removal of malicious code
repeaters
repeaters/concentrators, rule for setting number in network
replay attack
reports, on security incidents
request control process
Request for Comments
1421 on secure email
1848 on MIME Object Security Services
residual risk
resources. See also access control
in business continuity planning
prioritizing
requirements
waste of
response to incident
responsibilities, separating from duties
restoration
vs. disaster recovery
process after incident
restricted interface model
retina scans
Reverse Address Resolution Protocol (RARP)
reverse Domain Name System (DNS) lookups
reverse hash matching
revocation, of certificates
RFC (Request for Comments)
1087, on Ethics and the Internet
1112, on IGMP multicasting
1492, on TACACS
1918, on private IP addresses
2138, on RADIUS
2828, “Internet Security Glossary”
2865, on RADIUS
3947, on NAT-Traversal
RFI (radio frequency interference)
Rijnddael block cipher
ring-oriented protection scheme
ring protection scheme
ring topology
RIP (Routing Information Protocol)
risk
elements of
handling
identification in business continuity planning
possible responses to
risk acceptance/mitigation, documentation
risk analysis
risk assessment
documentation
methodologies
risk management
and BCP
terminology
risk management consultants
risk mitigation
risk tolerance
Rivest, Ronald
Rivest Cipher 5 (RC5)
Rivest, Shamir, and Adelman (RSA) encryption
public key
Rogier, Nathalie
role-based access controls (RBAC)
roles, security
ROLLBACK command
rollover
ROM (read-only memory)
root accounts
rootkits
Rosenberger, Rob
ROT3 cipher
rotation of duties
round of encryption, in DES
routers
Routing Information Protocol (RIP)
routing protocols
Royce, Winston
RPC (Remote Procedure Call)
RSA (Rivest, Shamir, and Adelman) encryption
public key
RSA Security
RTO (recovery time objective)
rule-based access controls
running-key ciphers
Running state for process
S
S/MIME (Secure Multipurpose Internet Mail Extensions)
S-RPC (Secure Remote Procedure Call)
sabotage
safeguards
annual cost of
calculating annualized loss expectancy with
calculating cost/benefit
calculating costs
in risk managment
sag
Saint vulnerability scanners
salami attack
salting
salts
salvage team
SAML (Security Association Markup Language)
“sandbox” concept
sanitizing
scanning attacks
scavenging
scenarios, in qualitative risk analysis
Schneier, Bruce
Secrets & Lies
Schnorr’s signature algorithm
scope of security
screened host
screened subnet
screening routers
script kiddie
<SCRIPT> tag (HTML)
scripted access
scripting
cross-site (XSS)
and viruses
Scrum
SDLC (Synchronous Data Link Control)
search warrants
second normal form (2NF)
secondary evidence
secondary memory
secondary storage
security
secondary verification mechanisms
Secret classification
secret key cryptography
secure communication protocols
Secure Electronic Transaction (SET)
Secure European System for Applications in a Multivendor Environment (SESAME)
Secure Hash Algorithm (SHA)
Secure Hash Standard (SHS)
Secure HTTP (S-HTTP)
Secure Multipurpose Internet Mail Extensions (S/MIME)
Secure Remote Procedure Call (S-RPC)
Secure Shell (SSH)
Secure Sockets Layer (SSL)
secure state machine
security
evaluating computer system level of
humans as weakest link
legally defensible
offsite challenges to
for passwords
separation of duties and responsibilities
and wireless communications
security administrators, decoy techniques
Security Association Markup Language (SAML)
security association (SA), for IPSec
security awareness training
security clearances, for job candidate
security control
architecture
abstraction
common flaws
process isolation
protection rings
security modes
characteristics
for hot sites
transmission mechanisms
security domains
security guards
security IDs
security kernel
security label
security level of user account
security management
change control/management
planning
security models
access control matrix
Bell-LaPadula model
Biba model
Brewer and Nash model
Clark-Wilson model
information flow model
noninterference model
state machine model
Take-Grant model
trusted computing base (TCB)
security modes
comparing
security perimeter
security policies
and computer architecture
mechanisms
possible violations list and detection process in
on reporting incidents
security procedures
notification of problem
security professional role
security rating
security roles
security targets (STs)
segment
segment terminators
semantic integrity
Sendmail
debug mode, as Unix vulnerability
senior management
business continuity planning and
personal liability for lack of due diligence
responsibility for monetary damages
security plan approval by
senior manager role
sensitive information
managing
separation of duties and responsibilities
separation of privilege
sequence checks
Sequenced Packet Exchange (SPX)
sequential storage
Serial Line Internet Protocol (SLIP)
series configuration, of security controls
server mirroring
server rooms
servers, redundant
service bureaus
service-level agreements (SLAs)
in contracts
service-oriented architecture (SOA), weaknesses
service packs, managing
service ports
service set identifier (SSID)
service-specific remote access
session hijacking attacks
Session layer
session rules
SET (Secure Electronic Transaction)
setgid utility
setuid utility
sexual harassment
SHA (Secure Hash Algorithm)
sha1sum
shadow file
shadow password
Shamir, Adi
shared key authentication (SKA)
shielded twisted-pair (STP)
shiffit
shimming
Shiva Password Authentication Protocol (SPAP)
shoulder surfing, work area design to avoid
shredders
shrink-wrap license agreements
SHS (Secure Hash Standard)
“sign-off” letter, for risk acceptance
signature-based detection
signature dynamics
signed message from S/MIME
silent alarm
Simple Integrity Property, of Biba model state machine
Simple Key Management for Internet Protocols (SKIP)
Simple Mail Transfer Protocol (SMTP)
Simple Network Management Protocol (SNMP)
Simple Security Property, of state machine
simplex communication
simulation test, of disaster recovery plan
single loss expectancy (SLE)
single points of failure
avoiding
single sign-on (SSO)
examples of
Kerberos
single state processing systems
site selection
accessibility and perimeter security
potential natural disasters and
Six Cartridge Weekly Backup strategy, for backups
SKA (shared key authentication)
skin scans
SKIP (Simple Key Management for Internet Protocols)
Skipjack
SLAs (service-level agreements)
in contracts
slaves
SLE (single loss expectancy)
sliding windows
SLIP (Serial Line Internet Protocol)
smart card
vs. memory card
smart tokens. See also tokens
SMDS (Switched Multimegabit Data Service)
smoke-actuated fire detection system
SMP (symmetric multiprocessing)
SMTP (Simple Mail Transfer Protocol)
smurf attack
sniffer
sniffing
sniping
SNMP (Simple Network Management Protocol)
snmp command
snmp-trap command
Snmpsniff
snooping attack
SOA (service-oriented architecture), weaknesses
social engineering
social-engineering attack
social networking accounts, of job candidates
software
copyright
custom-developed, escrow arrangements
digital signature technology for
escrow arrangements
failures
import/export regulations
testing
software capability maturity model, of systems development life cycle
software development, ability to bypass access restrictions
Software Engineering Institute
Capability Maturity Model
IDEAL model
SoftWare IP Encryption (SWIPE)
something you do factor
somewhere you are factor
SONET (Synchronous Optical Network)
Soviet cryptosystem
spamming
SPAP (Shiva Password Authentication Protocol)
spearphishing
speech recognition
spike
spiral model, of systems development life cycle
split knowledge
spoofing
ARP (Address Resolution Protocol)
source address of email
spread spectrum
SPX (Sequenced Packet Exchange)
spyware
SQL injection attacks
protecting against
SQL (Structured Query Language)
SRI International
SSH (Secure Shell)
SSID (service set identifier)
SSL (Secure Sockets Layer)
stand-alone mode, for wireless network
standards
star (*) Integrity Property, of Biba model state machine
star (*) security Property, of state machine
star topology
state
state attacks
state machine model
state transition
stateful inspection firewalls
stateful NAT
stateful packet analysis
static (electromagnetic), and computer system environment
static NAT
static packet-filtering firewalls
static passwords
static RAM
vs. dynamic
static tokens
statistical cryptographic attack
statistical intrusion detection
stealth viruses
steganography
Stoned.Angelina virus
STOP error
stop orders, as user agents
Stopped state for process
storage
of backup media
of media
storage channel, covert
storage (computer)
store-and-forward device
storms
STP (shielded twisted-pair)
strategic plan, for security management
stream attack
stream ciphers
streaming audio
streaming video
strikes/picketing
Structured Query Language (SQL)
structured walk-through, in disaster recovery plan testing
subclasses, in OOP model
subjects
subnet
subpoena for evidence
substitution ciphers
SUM() function
Sun Microsystems
sunrpc command
super-increasing sets
superusers
Supervisory state for process
supplicant
supplies, in disaster recovery plan
surge
surge protectors
suspicious activity
SVCs (switched virtual circuits)
SWIPE (SoftWare IP Encryption)
Switched Multimegabit Data Service (SMDS)
switched network
switched virtual circuits (SVCs)
switches
switchover times, for hot sites
Symantec
symmetric cryptography
Avanced Encryption Standard
Blowfish
Data Encryption Standard (DES)
International Data Encryption Algorithm (IDEA)
key distribution
key escrow
memorization chart
Skipjack
Triple DES (3DES)
symmetric key algorithms
vs. asymmetric
symmetric multiprocessing (SMP)
SYN flood attack
modified handshaking process
synchronous communications
Synchronous Data Link Control (SDLC)
synchronous dynamic password
Synchronous Optical Network (SONET)
systat command
system call
system crashes
avoiding
and security controls
and trusted recovery
system high mode
system monitoring
system security evaluation. See also Common Criteria (CC)
certification and accreditation
industry and international security implementation guidelines
ITSEC (Information Technology Security Evaluation and Criteria)
Rainbow series
system-specific security policy
system test review, in systems development life cycle
systems development controls
software development
assurance procedure
programming languages
system failure avoidance
systems development life cycle
code review walk-through
conceptual definition phase
design review
fundamental requirements determination
maintenance
models
agile model
IDEAL model
software capability maturity model
spiral model
waterfall model
protection specifications development
system test review
T
tables in relational databases
TACACS (Terminal Access Controller Access Control System)
TACACS+
tactical plan, for security management
Tagged Image File Format (TIFF)
Take-Grant model
tape rotation for backups
target of evaluation (TOE)
task-based access control (TBAC)
TCB (trusted computing base)
TCP (Transmission Control Protocol)
TCP/IP
Application layer protocols
domain name resolution
Network layer protocols
three-way handshaking process
Transport Layer protocols
vulnerabilities
TCP/IP model
vs. OSI model
TCP wrapper
TCSEC (Trusted Computer System Evaluation Criteria)
classes and required functionality
comparing with ITSEC and CC
vs. ITSEC
team
for incident response
selection for business continuity planning
teardrop attack
technical access controls
technical physical security controls
proximity readers
smart card
technical security
technologies, and process integration
technology crime investigator
Telecommunications and Network Security domain
telecommuting
telephone tree, for emergency notification checklists
Telnet
temperature
for computer system
for media storage
TEMPEST program
Temporal Key Integrity Protocol (TKIP)
Ten Commandments of Computer Ethics
Terminal Access Controller Access Control System (TACACS)
termination, of employees
terrorist attacks
on computers
testimonial evidence
testing
backups
in disaster recovery planning
documentation of process
for security issues
software
tftp command
TFTP (Trivial File Transfer Protocol)
theft
of secondary storage devices
thicknet
thin clients
thinnet
third normal form (3NF)
thread
threats
identifying and examining
indistinct, and countermeasures
collusion
errors and omissions
espionage
fraud and theft
initial program load (IPL)
loss of physical and infrastructure support
malicious attackers
malicious code
sabotage
traffic and trend analysis
in risk managment
thrill attacks
throughput rate
tickets
for Kerberos
Tier 3 countries
Tier 4 countries
TIFF (Tagged Image File Format)
time-of-check-to-time-of-use (TOCTTOU)
time of check (TOC)
time of use (TOU)
time slice
timing channel, covert
TKIP (Temporal Key Integrity Protocol)
TLS (Transport Layer Security)
™ symbol
TOC (time of check)
TOCTTOU (time-of-check-to-time-of-use)
TOE (target of evaluation)
Token Ring
tokens
passing
in ring topology
top-down approach to security management planning
Top secret classification
tornadoes
total risk
TOU (time of use)
Tower of Hanoi strategy, for backups
TPM (Trusted Platform Module)
TPs (transformation procedures)
trade secrets
trademarks
traffic analysis
training
in continuity planning
in crisis management
for disaster recovery
security awareness
transactions
transferring risk
transformation procedures (TPs)
transient
transition
Transmission Control Protocol (TCP)
transmission window
transparency of security control
Transport layer
protocols
Transport Layer Security (TLS)
transport mode, for IPSec
transposition ciphers
trap doors
trash, sensitive information from
traverse mode noise
tree topology
trend analysis
Tribal Flood Network (TFN)
Trinoo
triple
Triple DES (3DES)
Tripwire
Trivial File Transfer Protocol (TFTP)
Trojan horses
applets and
email delivery of
true value, in binary math
TrueCrypt
trust
in decentralized access control systems
trust relationships, in Unix
Trusted Computer System Evaluation Criteria (TCSEC)
classes and required functionality
comparing with ITSEC and CC
vs. ITSEC
trusted computing base (TCB)
Trusted Network Interpretation
trusted paths
Trusted Platform Module (TPM)
trusted recovery
trusted subject, in Bell-LaPaula model
trusted system
truth table
tsunamis
tunnel mode, for IPSec
tunneling
tuple
turnstiles
twisted-pair cabling
two-factor authentication
two-person control
Twofish algorithm
Type 1 authentication factor
Type 1 error
Type 2 authentication factor
Type 2 error
Type 3 authentication factor
U
UCITA (Uniform Computer Information Transactions Act)
UDI (unconstrained data item)
UDP (User Datagram Protocol)
Ultra, vs. Enigma
unclassified data
unconstrained data item (UDI)
unicast technology
Uniform Computer Information Transactions Act (UCITA)
uninterruptible power supplies (UPS)
United States Code (USC)
United States, seismic hazard level
U.S. Computer Emergency Readiness Team
U.S. Constitution
Bill of Rights
Fourth amendment
U.S. Copyright Office
U.S. Department of Commerce, Bureau of Industry and Security
U.S. Department of Defense
8510.1-M DoD Information Technology Security Certification and Acceditation Process (DITSCAP) Manual
Bell-LaPadula model
CC-STD-003-85
Orange Book (TCSEC)
Trusted Computer System Evaluation Criteria, operational reference monitor, requirements
U.S. Department of Treasury
U.S. Federal Bureau of Investigation
InfraGard program
National Computer Crime Squad
U.S. Federal Sentencing Guidelines of 1991
U.S. Geological Survey (USGS)
U.S. Patent and Trademark Office (USPTO)
U.S. Supreme Court
Unix
security holes in 1988
virus risk
unshielded twisted-pair (UTP)
updates, managing
urgency and timing, statement of
USA PATRIOT Act of 2001
USB-based flash devices
user account
creating
disabling after failed logon
human accountable for actions linked to
maintenance
management
user awareness training
User Datagram Protocol (UDP)
user-friendliness, vs. security
user mode
user role
username
users. See also subjects
change in physical location
and email management policies
periodic reviews of account management
preventing bad behavior
restricting software installs
USGS (U.S. Geological Survey)
utilities
in disaster recovery plan
failures
UTP (unshielded twisted-pair)
V
V.24
V.35
vacations, mandatory
validation
Van Eck phreaking
Van Eck radiation
vandalism
variables, for user input, and buffer overflow
VBScript
vendors, for electronic vaulting
VENONA project
verification
of certificates
verified protection systems
Vernam ciphers
version of software, controlling in organization
versioning
views in database, access restriction with
Vigenere cipher
virtual circuit
virtual machine (VM)
virtual memory
virtual private networks (VPNs)
how it works
implementing
tunneling
virtual storage
virtual subsystem machine
virtualization technology
viruses
email delivery of
encryption routine
Visa
visitors
security design process and
Visual Basic
Visual Studio .NET
vital records program
VM (virtual machine)
voice communications
voice over IP (VoIP)
voice pattern recognition
volatile storage
volcanic eruptions
volent content, as inappropriate content
voluntary surrender of evidence
vulnerabilities
in risk managment
scans for
vulnerability scanners
W
Waiting state for process
WANs (wide area networks)
connection technologies
vs. LANs
WAP (Wireless Access Point)
WAP (Wireless Application Protocol)
war dialing
wardriving
warm sites
warm-swappable RAID
warning banners
water, damage from
water suppression systems for fires
waterfall model, of systems development life cycle
wave pattern motion detector
web applications
dynamic
security
cross-site scripting (XSS)
web bots
web resources
on BCP and disaster recovery
benchmarking and penetration testing tools
on Common Criteria documentation
on copyrights
on CORBA
on cryptography
on database normalization
on denial of service (DoS) attacks
elliptic curve cryptosystems tutorial
flood maps
Generally Accepted Systems Security Principles (GASSP)
on GnuPG
on incident handling
International Organization for Standardization (ISO)
for IP checking
on (ISC)2 Code of Ethics
on ITSEC
National Interagency Fire Center
NIST Special Publications
on PCI-DSS
Professional Practices library
on system memory
on virus hoaxes
Web, security
web server
webcasting, copyright law and
websites
defacement
privacy notice
well-known ports
WEP (Wired Equvalent Privacy)
wet pipe system for fire suppression
whaling
white-box testing
for penetration testing
white boxes of phreakers
white noise
wide area networks (WANs)
connection technologies
vs. LANs
WiFi Protected Access (WPA)
WiMax (802.16)
Windows, private and/or dynamic ports
Windows Vista Premium, boot sector virus
WinDump
Wired Equvalent Privacy (WEP)
wired extension mode, for wireless network
Wireless Access Point (WAP)
Wireless Application Protocol (WAP)
wireless channels, real world scenario
wireless communications
attacks
cell phones for
general concepts
and security
wireless networking
Wireless Transport Layer Security (WTLS)
Wireshark
wiretapping
PATRIOT Act and
witness, testimony of
work areas, general access vs. restricted
work function
work group recovery
workplace, privacy in
works for hire
workstations. See desktop computers
World Intellectual Property Organization (WIPO) treaties
World Wars, cryptography
worms
email delivery of
WPA (WiFi Protected Access)
WPA-2
writeable CDs, and backups
WTLS (Wireless Transport Layer Security)
X
X Window
X.21
X.25 WAN connections
X.400 standard
X.509 standard, for certificates
XML exploitation
XOR (exclusive OR) operation
XP (Extreme Programming)
XSS (cross-site scripting)
XTACACS (extended TACACS)
Z
Zephyr chart
“zero day” vulnerabilities
zero-knowledge proof
zero-knowledge team, for penetration testing
Zimmerman, Phil
Zip disks
zombies