Page 851 - StudyBook.pdf
P. 851
Index 835
Initialization vector, 112 wireless network attacks detected by, summary of, 595
Instant messaging 113 Key pairs
features of, 282 Intrusion prevention system, 460–461 destruction of, 592, 596–597
file transfer capability with, 282 Inventories dual, 593
growth of, 281 creation of, 725–726 multiple, 593
packet sniffers, 283 description of, 726–727, 751 Key recovery
security issues for, 282–283 Investigation. See Forensics investigation description of, 589
software for monitoring, 283 Investigator, 638–639, 661–662 M of N control, 590, 596
tools used for, 281–282 IP addresses Key recovery agent, 589
Insurance policies, 655 description of, 447–448 Key recovery information, 589–590
Integrity network address translation, 447–448 Key ring, 140
data private, 450 Key update, 591
Message Digest 5 for, 540 public, 450 Keyloggers, 79
reasonable efforts to maintain, 686 IP spoofing, 68–71 Keypads, 615
web server, 263 IPSec Keystream, 534
Intermediate certificate authority, 564 authentication, 132–133 Knowledge bases, 721
International data encryption algorithm, definition of, 130, 133 Known plaintext attacks, 176, 188
531–532 description of, 384
Internet, 473–474 implementation of, 130–131, 201 L
Internet Assigned Numbers Authority, layer 2 tunneling protocol with,
362 127–128 Layer 2 tunneling protocol, 127–128,
Internet control messaging protocol network layer implementation of, 130 161, 384, 676
in amplification attacks, 60 security protocols used with, 132 Leaf certificate authority, 564
description of, 37, 493 summary of, 156–157 Least privilege rule, 483, 485
Internet Exploder, 310 in transport mode, 130–131 Lightweight directory access protocol
Internet Explorer in tunnel mode, 131 anonymous connections, 344
ActiveX default setting, 292 virtual private network, 116 authentication, 344
securing of, 316–322 IPX. See Internetwork packet exchange data interchange format, 343
Internet group management protocol, 37, IPX/SPX. See Internetwork packet definition of, 339
493 exchange/sequenced packet description of, 254, 510–511
Internet information services, 263, 275 exchange directories
Internet key exchange, 132 ISAKMP. See Internet security association attributes, 342–343
Internet message access protocol, 503 and key management protocol description of, 340–341
Internet relay chat, 361 ISP-Planet, 464 domain name system, 341
Internet security association and key objects in, 342
management protocol, 133 J organizational units of, 341–342
Internet server application programming schema, 342–343
interface script, 261 Java security risks, 341
Internetwork packet exchange, 493 ActiveX vs., 290–292 over secure sockets layer, 344
Internetwork packet exchange/sequenced description of, 286–289 packet sniffing, 344
packet exchange, 37 preventing problems with, 303–306 scripts used with, 344–345
Intranet sandboxing, 292 securing of, 343–345
definition of, 440–441, 471 Java virtual machine, 286–287, 397 summary of, 348
example of, 441 JavaScript Web servers, 345
extranet vs., 473–474 description of, 301–302 Line printer daemon, 64
Internet vs., 473–474 preventing problems with, 303–306 Link virus, 83
security issues, 441–443 Local denial of service attack, 58
Intrusion detection systems K Log(s)
anomaly-based, 455–456 KDC. See Key distribution center access, 610
application-based, 454–455 Kerberos, 18-21 audit, 28
attack signatures, 389–390 Key(s) backup, 727
attacker goals, 460 definition of, 527, 558 evidence, 641
characteristics of, 454–458 pre-shared, 132 purpose of, 726–727, 751
commercial types of, 461–464 private. See Private key Log files
definition of, 262, 452–453 public, 536, 559, 566 audit, 28
in demilitarized zone, 436 session, 129, 536 reading of, 34
description of, 389, 426 usage of, 593 Logging, 35-36
false positives and negatives, 468–469 wired equivalent privacy protocol, Logic bombs, 89, 260–261
firewalls with, 430 206–210 Logical ports, 363
host-based, 454–455 Key distribution center, 16, 18 Logoff auditing, 713
information resources, 458 Key escrow, 583–585 Logon auditing, 713
ISP-Planet, 464 Key exchange Loopback URL, 264
mechanism of operation, 452–453 Diffie–Hellman Lucifer algorithm, 529
network, 390–392, 454 description of, 25 Lunchtime attacks, 581–582
operating states for, 455 man-in-the-middle attack
selection of, 474 vulnerabilities, 545 M
signature-based, 455–456, 459–461 mechanism of operation, 536 M of N control, 590, 596
software-based, 453 Key management MAC
sources for, 461–464 centralized, 579–580, 594 authentication, 113–114
summary of, 415, 470, 472–473 decentralized, 579–580, 594 description of, 6–7, 714, 750, 754
system, 390 RADIUS for, 245 MAC address
techniques used with, 458
