419 Nigerian Scam, 142
A
Access control, 251
Access control lists (ACLs), 251
Access Management, 212
Access Registry, 212
Active Directory, 223
Anomaly-based IDS, 260
Asset characterization, 114
Asset criticality, 116
Asset life cycle, 119
Asset sensitivity, 114
Assets
deferrable, 117
essential, 117
general, 105
idiosyncratic, 105
ownership, 127
required, 117
restricted, 115
tracking attributes, 111
types, 109
Authentication, 213
B
Bash, 53
Block encryption, 187
C
Caesar cipher, 179
CarderPlanet, 144
Central Authentication Service (CAS), 227
Certificates, 195
CIA triad, 11
Cipher block chaining, 189
Cliff Stoll, 237
Competencies, 4
Cuckoo's egg, 239
Cultural cognition, 403
CVE, 85
D
Disasters, 327
E
Edward Snowden, 147
Electronic code book, 189
Encryption, 177
general algorithm properties, 180
keys, 180
Encryption in use, 194
End-point protection, 264
Event criticality, 337
F
Federation, 228
Firewalls, 252
G
H
Hash functions, 185
Heartland Payment Systems, 8, 37
HIPAA, 6, 16, 325, 368, 369, 375, 377, 379, 385
History, 5
I
Identity discovery, 208
Identity enrichment, 210
Identity management, 207
Identity reconciliation, 208
Incident communication, 312
Incident detection and analysis, 317
Incident handling, 307
Incident response policy, 308
Incident response Team, 309
Information security
compliance, 374
guideline, 363
policy, 361
standard, 362
Intrusion detection/prevention, 256
J
Jobs, 1
K
Kerberos, 223
L
Linux system installation, 40
Live incident response, 347
Log analysis, 333
Log configuration and maintenance, 345
M
Mission Statement, 106
Model, 82
information security, 82
Morris worm, 5
N
NIST, 86, 124, 135, 182, 187, 214, 248, 249, 259, 261, 262, 306, 307, 316, 317, 362, 383, 384, 385, 387, 389, 390, 391, 399, 400, 401
NVD, 86
O
OAuth, 234
Octal notation, 62
OpenID, 232
Operation Aurora, 9
Password limitations, 250
Password management, 247
Password management recommendations, 249
Password synchronization, 222
Password threats, 249
Patch management, 261
Person Registry, 209, 210, 212, 213, 239, 240, 241, 407, 409, 411
Philippines, 143
PKI, 196
Policy
cycle, 366
impact assessment and vetting, 371
writing, 367
Powershell, 52
Protocol-state-based IDS, 260
Public key cryptography, 182
Modular arithmetic, 191
Prime number theorem, 193
R
Reputation-based end-point protection, 265
Risk assessment, 387
Model, 387
Risk management, 383
Framework, 384
Role based access control (RBAC), 252, 212
RSA, 94, 96, 98, 176, 185, 187, 191, 192, 193, 198, 201, 203, 204, 205, 215, 216
S
Sarbanes-Oxley, 7, 16, 115, 376, 391, 392, 393, 394, 395, 396, 397, 398, 401
Secret key cryptography, 181
Security Assertion Markup Language (SAML), 229
Shell, 51
Shell scripting, 277
Shibboleth, 231
Signature-based IDS, 259
Single sign-on, 221
SSL/TLS and VPN. See Encryption in use
Standard occupational classification, 1
Syslog, 338
System profiling, 124
T
T.J. Maxx, 8, 21, 37, 39, 40, 97, 302
Threat action, 150
Threat agent, 137
Threat model, 136
Threats
advanced persistent threat (APT), 98
denial of service (DOS), 94
malware, 94
packet-sniffing, 97
password guessing, 97, 249, 411
phishing, 94
rootkits, 95
social engineering, 97
viruses/ worms, 94
zero-day exploits, 95
zombies, 96
Token-based authentication, 225
U
UNIX commands
∼, 56
cd, 55
chmod, 63
cp, 58
file name expansion (Wildcards), 57
find, 60
less, 59
ls, 55
mkdir, 57
pwd, 54
rm, 58
rmdir, 57
shell expansions, 56
tail, 59
useradd, 75
userdel, 75
usermod, 75
yum, 68
V
Vi, 66
Vimtutor, 67
VirtualBox, 41
Vision Statement, 106
Vulnerabilities
buffer overflow, 92
cross-site scripting, 91
lack of input validation, 90
missing authorization, 92
password procedures, 92
training procedures, 93
unencrypted data, 92
unrestricted uploads, 91
W
Web single sign-on, 225
Wikileaks, 14
18.216.245.99