Page 849 - StudyBook.pdf
P. 849
Index 833
definition of, 136 symmetric algorithms vs., 534–535 Evidence log, 641
digital certificate for securing of, 572 definition of, 527 Expiration of certificate, 574, 579, 585,
encryption of, 12, 138, 158 RC4 586f, 595
format of, 136–137 description of, 111, 185 Extended access lists, 371
MIME format, 138–139, 158 vulnerability of, 202–203 Extended TACACS. See XTACACS
mobility issues, 147–148 symmetric Extended-certificate syntax standard, 577
packets, 138 abundance of, 528 Extensible authentication protocol
PGP encryption of, 140–142, 158, 162 advanced encryption standard, description of, 381
phishing attacks, 73–74, 152–155, 622 531–532 over LAN, 189–190
“preview” pane for, 149 asymmetric algorithms vs., 534–535 over wireless, 189–190
principles of, 137–138 authentication issues, 546 per-packet authentication supported
privacy policies regarding, 688, 753 brute-force attack susceptibility of, by, 192
security of, 136–138 528, 550–551 Extensible authentication protocol-
signatures on, 717 data encryption standard, 529–530, transport layer security, 109, 111
simple mail transfer protocol, 138–139 551 Extensible authentication protocol-
S/MIME format, 138–139, 158, 162 definition of, 528 tunneled transport layer security,
SMTP relay vulnerabilities, 143–146, international data encryption 109
158 algorithm, 531–532 Extranet
spam. See Spam Rijndael algorithm, 531–532 description of, 443–445, 471
spoofing of, 71–73, 146–147 summary of, 548 Internet vs., 473–474
summary of, 158 triple data encryption standard, 530, intranet vs., 473–474
unsolicited bulk, 150 551
viruses and, 148–150, 158–159 uses of, 534 F
vulnerabilities of, 143–155 Endpoint-based network access control,
E-mail hoaxes, 152, 159 512 Facility site, alternate, 738–740
E-mail relaying, 435 Entrapment, 465–466 False positives and negatives, from
E-mail servers, 136–137, 148, 503–504 Environment intrusion detection systems,
EMI. See Electromagnetic interference air quality, 624–625, 662 468–469
Employee(s) definition of, 623 Fault tolerance, 744–746
acceptable use policies for, 682–685, description of, 622–623 Fax servers, 378
699, 749 electrostatic discharge, 624–625 Feedback forms, 326
as assets, 649, 651 fire suppression considerations, Feistel cycles, 529
communication with, 716–718 629–630 Fiber-optic cabling, 407, 416, 419, 629
education of geographic location considerations, 626 File servers, 506–508
about physical security, 619–620 location considerations, 626–627 File systems, 410, 485–487
about social engineering threats, 621 restricted access policies, 677 File transfer protocol. See FTP
human resources policies, 697–699, temperature concerns, 623–624 File traversal, 503
749 Equipment. See also specific equipment Financial processing segment, 438
injury to, disaster recovery plan in destruction of. See Destruction Fingerprints
event of, 740–741 devaluation of, 607 biometric identification using, 26, 618
privacy policies for, 687–689, 753 disposal of. See Disposal digital, 539
security level for, 699 due care policies for use of, 685–687 Fire suppression, 629–630
separation of duties policies, 689–690 location for Firewalls
Encapsulated security protocol, 116, 132 centralized, 608, 615 access control lists as, 498
Encapsulating, 114 geographical considerations, applet filtering using, 305
Encapsulating protocol, 114 626–627 application layer gateways, 360,
Encase, 646 raised, 626 367–368, 414, 418
Encrypted passwords, 539 maintenance of, 686 auditing uses of, 711
Encryption personal, 678–679 circuit level, 360
cryptography vs., 541 photographing of, 646–647 Cisco PIX, 433
data replacement costs for, 650 configuration of, 276
magnetic tape, 409 temperature concerns for, 623–624 “deep packet inspection,” 360
in mobile devices, 400, 625 Escrow, key, 583–585 definition of, 359, 428
on flashcards, 412 ESD. See Electrostatic discharge demilitarized zone, 433–434
on servers, 399 Ettercap, 13–16 denial of service attack susceptibility
wireless network, 175–176, 625–626 Evidence of, 363
definition of, 526–527, 541 at-scene management of, 640–641 installation of, 430
e-mail, 138, 158 chain of custody for, 639–641 intranet, 442
hard drive, 410 collection of, 639, 645–647 intrusion detection systems with, 430
on servers, 399 copying of data, 643 limitation of, 452
PGP, 140–142, 158, 162 disk imaging, 642 NAT, 449
public key, 537 gathering of, 632 packet-filtering
tunneling and, 451 log of, 641 advantages and disadvantages of, 366
Encryption algorithms photographing of, 646 “allow by default,” 361
asymmetric preservation of, 637–638, 641–645 “deny by default,” 361
authentication issues, 546–547 procedures for, 643–644 description of, 360
description of, 533–535 sealing of, 639 summary of, 414
Diffie–Hellman algorithm, 535–536 storage of, 640–641 port. See Port
El Gamal algorithm, 537 tagging of, 641 purpose of, 359, 430
Rivest, Shamir, & Adleman transportation of, 639–640, 663 script filtering using, 305
algorithm, 537 volatile data. See Volatile data server protection using, 398
summary of, 548 Evidence file, 642 spoofing prevention using, 69
