Page 850 - StudyBook.pdf

P. 850

834 Index

stateful inspection, 369, 414 G Hashed password, 80
summary of, 414 Hashing, 539–540
virtual private network, 116, 430 Gateways, 322 Hashing algorithms, 534, 538–540
web site monitoring using, 688–689 Global key, 191 Health Insurance Portability and
worm protection using, 95 Gramm–Leach–Bliley Act, 687 Accountability Act, 105, 687
Firmware updates, 490 Grandfather-Father-Son rotation scheme Heptafluoropropane, 630
First responder, to incident, 637–638 for backups, 733–734, 752 Hermes chipset, 196
Fixed media, 75. See also specific media Graphical user interface, 115 High availability, 744–746, 753
Flashcards, 411–412, 417 “Gray-hat” hackers, 119 Hijacking
Flooding Groups network, 223–225
definition of, 59 privilege management using, 704–705 session, 67–68
protecting against, 227–228 users added to, 706–708 TCP/IP, 67–68
SYN floods, 60–61 Groups concept, 7 HINFO records, 505
wireless network, 225–228 Guest account, 704 Hoaxes, e-mail, 152, 159
Floppy disks. See Diskettes Guest books, 326 Honeynets
Fluhrer, Mantin, and Shamir attack, 112, Guidelines, 722–723 characteristics of, 466
202 definition of, 390, 464, 467
Forensically sterile media, 643–644 H information resources about, 467
Forensics. See also Incident(s) Honeypots
components of, 634 H SCP, 254 benefits of, 473
definition of, 631 Halon, 629–630 characteristics of, 466
description of, 630–631, 634 Handshake definition of, 390, 464, 467
documentation involved in, 635 definition of, 129 indications for, 467
employee awareness of, 632–634 secret, 11 information resources about, 467
procedures for, 631, 643–644 secure sockets layer, 278 installation of, 468
summary of, 659–661 Hard drives schematic diagram of, 465
Forensics investigation description of, 410–411, 416 Hostile work environment, 683
chain of command at, 639 destruction of, 696 Hot site, 738
crime scene technician, 639–640 Hardening Hot swapping, 746, 754
evidence used in. See Evidence application Hotfixes, 488, 500
first responder, 637–638 description of, 482, 499–500 HTML, 136, 503
investigator, 638–639, 661–662 hotfixes, 500 HTTP/S, 279–280
persons involved in, 636–640 patches, 501 Human resources policies, 697–699, 749
Fork bomb, 58 service packs, 501 Hunt, 67
Fortezza algorithms, 278 summary of, 516 Hyperlink spoofing, 272–273
Forward confirmed reverse domain name updates, 500–501
system, 147 databases, 512–514 I
Frequency hopping spread spectrum, description of, 314
172–173, 241 directory services, 510–511 ICMP. See Internet control messaging
Fresnel zone, 170 DNS servers, 505–506 protocol
FTP dynamic host control protocol servers, Identification card, 609
active, 330, 347 508–509 Identity spoofing, 134–135
anonymous connections, 332–333 e-mail server, 503–504 IDS. See Intrusion detection systems
blind, 332–333 file servers, 506–508 IEEE
definition of, 330 FTP server, 504–505 description of, 108, 722–723
demilitarized zone, 435, 504 network 802.3 standard, 174, 176
description of, 8, 11, 254 concepts of, 483–485 802.11 standard. See 802.11
modes of, 364 configuration, 490–492 IETF, 130, 722–723
packet sniffing, 335–338 description of, 482, 489–490 IGMP. See Internet group management
passive, 330–331, 347 enabling and disabling of services protocol
ports for, 333, 363–364 and protocols, 492–498 Incident(s). See also Forensics
proxy, 334 firmware updates, 490 awareness of, 632–634
security concerns, 350 summary of, 515–516 business reputation effects, 648–649
S/FTP, 331 tasks involved in, 483–485 contingency plan for, 633–634
summary of, 347–348 vulnerability scanning, 494–498 definition of, 700
trivial, 366 network access control, 511–512 employee understanding of, 634–636
FTP servers NNTP servers, 506 investigation after occurrence of. See
description of, 334, 435 print servers, 506–508 Forensics investigation
hardening of, 504–505 system Incident response
FTP sharing, 333–334 concepts of, 483–485 description of, 469
Full backup, 732, 734–737, 752 description of, 482 first responder, 637–638
Function calls, 312 file system, 485–487 persons involved in, 636–640
summary of, 515 policies for, 632, 699–704, 750
tasks involved in, 483–485 Incident response team
updates, 487–489 investigator, 638–639, 661–662
web server, 501–503 IT staff assigned to, 636
Hardware key storage, 580–583, 597 notification of, 632–633
Hardware storage modules, 582 Incremental backup, 732, 737, 752
Hardware-based network access control, Inergen, 630
512 Informed spoofing, 69
Hash function, 538 Infrastructure-based network access
Hash value, 538 control, 511

845 846 847 848 849 850 851 852 853 854 855