Index

4

419 Nigerian Scam, 142

A

Access control, 251

Access control lists (ACLs), 251

Access Management, 212

Access Registry, 212

Active Directory, 223

Anomaly-based IDS, 260

Asset characterization, 114

Asset criticality, 116

Asset life cycle, 119

Asset sensitivity, 114

Assets

deferrable, 117

essential, 117

general, 105

idiosyncratic, 105

ownership, 127

required, 117

restricted, 115

tracking attributes, 111

types, 109

Authentication, 213

B

Bash, 53

Block encryption, 187

C

Caesar cipher, 179

CarderPlanet, 144

Central Authentication Service (CAS), 227

Certificates, 195

CIA triad, 11

Cipher block chaining, 189

Cliff Stoll, 237

Competencies, 4

Cryptography, 177, 317, 408

Cuckoo's egg, 239

Cultural cognition, 403

CVE, 85

D

Disasters, 327

E

Edward Snowden, 147

Electronic code book, 189

Encryption, 177

general algorithm properties, 180

keys, 180

Encryption in use, 194

End-point protection, 264

Event criticality, 337

F

Federation, 228

Firewalls, 252

G

Gang of 414, 5

H

Hash functions, 185

Heartland Payment Systems, 8, 37

HIPAA, 6, 16, 325, 368, 369, 375, 377, 379, 385

History, 5

I

ILOVEYOU, 7, 21, 87, 259

Identity discovery, 208

Identity enrichment, 210

Identity management, 207

Identity reconciliation, 208

Incident communication, 312

Incident detection and analysis, 317

Incident handling, 307

Incident response policy, 308

Incident response Team, 309

Information security

compliance, 374

guideline, 363

policy, 361

standard, 362

Intrusion detection/prevention, 256

J

Jobs, 1

K

Kerberos, 223

L

Linux system installation, 40

Live incident response, 347

Log analysis, 333

Log configuration and maintenance, 345

M

Mission Statement, 106

Model, 82

information security, 82

Morris worm, 5

N

NIST, 86, 124, 135, 182, 187, 214, 248, 249, 259, 261, 262, 306, 307, 316, 317, 362, 383, 384, 385, 387, 389, 390, 391, 399, 400, 401

NVD, 86

O

OAuth, 234

Octal notation, 62

OpenID, 232

Operation Aurora, 9

P

Password limitations, 250

Password management, 247

Password management recommendations, 249

Password synchronization, 222

Password threats, 249

Patch management, 261

PCAOB, 395, 396

Person Registry, 209, 210, 212, 213, 239, 240, 241, 407, 409, 411

Philippines, 143

PKI, 196

Policy

cycle, 366

impact assessment and vetting, 371

writing, 367

Powershell, 52

Protocol-state-based IDS, 260

Public key cryptography, 182

Modular arithmetic, 191

Prime number theorem, 193

R

Reputation-based end-point protection, 265

Risk assessment, 387

Model, 387

Risk management, 383

Framework, 384

Role based access control (RBAC), 252, 212

RSA, 94, 96, 98, 176, 185, 187, 191, 192, 193, 198, 201, 203, 204, 205, 215, 216

S

Sarbanes-Oxley, 7, 16, 115, 376, 391, 392, 393, 394, 395, 396, 397, 398, 401

Secret key cryptography, 181

Security Assertion Markup Language (SAML), 229

Shell, 51

Shell scripting, 277

Shibboleth, 231

Signature-based IDS, 259

Single sign-on, 221

SSL/TLS and VPN. See Encryption in use

Standard occupational classification, 1

Syslog, 338

System profiling, 124

T

T.J. Maxx, 8, 21, 37, 39, 40, 97, 302

Threat action, 150

Threat agent, 137

Threat model, 136

Threats

advanced persistent threat (APT), 98

denial of service (DOS), 94

malware, 94

packet-sniffing, 97

password guessing, 97, 249, 411

phishing, 94

rootkits, 95

social engineering, 97

viruses/ worms, 94

zero-day exploits, 95

zombies, 96

Token-based authentication, 225

U

UNIX commands

∼, 56

cd, 55

chmod, 63

cp, 58

file name expansion (Wildcards), 57

find, 60

less, 59

ls, 55

mkdir, 57

pwd, 54

rm, 58

rmdir, 57

shell expansions, 56

tail, 59

useradd, 75

userdel, 75

usermod, 75

yum, 68

US Cyber Command, 9, 16

V

Vi, 66

Vimtutor, 67

VirtualBox, 41

Vision Statement, 106

Vulnerabilities

buffer overflow, 92

cross-site scripting, 91

lack of input validation, 90

missing authorization, 92

password procedures, 92

training procedures, 93

unencrypted data, 92

unrestricted uploads, 91

W

Web single sign-on, 225

Wikileaks, 14

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.188.242.160