Page 852 - StudyBook.pdf
P. 852
836 Index
description of, 374 Modems, 378–381, 414 Not to be copied documents, 728
spoofing of, 222, 243 Modulus, 539 Notification
wireless network use of, 198–199 MSN Sniffer 2, 283 of certificate revocation, 574–575
MAC layer, of wireless networks, 174 Multi-factor authentication, 26-27 of incident, 632–633, 729
Macro virus, 83 Multi-partite viruses, 83 Novell Directory Services, 709
Magnetic tape, 408–409, 416 Multipath interference, 170–171 NT Directory Services, 339
mailsnarf, 71 Multi-purpose Internet mail extensions. N-tier arrangement, 427
Malware See MIME “Number of nines,” 695, 749
adware, 89–90 Mutual authentication, 27-28, 191–192,
definition of, 81, 198 566 O
logic bombs, 89, 260–261 MyDoom worm, 56
protection against, 81 Object identifier, 573
rootkits, 86, 94 N OCSP. See Online certificate status
spyware, 89–90, 94 protocol
Trojan horse, 6–7, 85–86, 93 NAT. See Network address translation OFDM. See Orthogonal frequency
viruses, 82–83, 93 “Need to know” policies, 485, 690–691, division multiplexing
worms, 84–85 749 128-bit key, 206, 245
Managed security services providers, Nessus, 77 One-time pad, 547–548, 551
461–462 NetBEUI. See NetBIOS extended user One-way hashes, 538
Management only documents, 728 interface Online certificate status protocol, 576,
Mandatory access control. See MAC NetBIOS, 493–494, 507 588
Mandatory callback, 381–382 NetBIOS extended user interface, 37, Online resources for education purposes,
Man-in-the-Middle attacks 493 721
address resolution protocol spoofing, Netstat, 491–492 Open authentication, 186–187, 240
375 NetStumbler, 195–197, 211–215 Open Directory, 339
asymmetric algorithm resistance to, Network. See also specific network Open shortest path first, 373
544 access requests by employees, 691 Open systems, 198
data modification, 134 as asset, 649 Open systems interconnect model,
description of, 66, 542 configuration of, 490–492 173–174, 360
Diffie–Hellman key exchange diagnostic routine for, 392–393 Operating system. See System
susceptibility to, 545 eavesdropping on, 79, 134, 221, Orthogonal frequency division
examples of, 545 245–246 multiplexing, 180
mutual authentication protection hijacking of, 223–225 OSPF. See Open shortest path first
against, 25 monitoring of, 392–393, 415 Overflows, 65, 95, 119, 122, 282, 296,
summary of, 92 multi-zone, 440 312–313
Web spoofing as, 272 ports, testing of, 78
wireless networks, 199–200 redundancy in, 744 P
Mapping drives, 257 sniffing of, 79, 217–221, 393 Packet(s)
Masters, 62–63 wireless. See Wireless network e-mail, 138
Media Network access control, 511–512 spoofed, 372–373
data transmission, 400–408 Network adapter, 170 Packet collision, 374
destruction of, 75 Network address translation, 447–449, Packet filters, 430, 458
forensically sterile, 643–644 470–471 Packet sequencing, 122
removable. See Removable media Network attached storage, 509–510
Melissa virus, 149 Network bandwidth, 59–60 Packet sniffers, 283
Packet sniffing
Message Digest 4, 540 Network hardening cleartext passwords, 13–16
Message Digest 5 concepts of, 483–485 description of, 122
data integrity using, 540 configuration, 490–492 FTP transmissions, 335–338
description of, 12, 80, 540 description of, 482, 489–490
Message integrity, 542, 550 enabling and disabling of services and lightweight directory access protocol,
344
Message integrity code, 233–234 protocols, 492–498 Packet-filtering firewalls
Metasploit attack, 394–396 firmware updates, 490 advantages and disadvantages of, 366
Metric, 651 summary of, 515–516 “allow by default,” 361
Michelangelo virus, 89 tasks involved in, 483–485 “deny by default,” 361
Microsoft challenge handshake vulnerability scanning, 494–498 description of, 360
authentication protocol, 381 Network intrusion detection systems,
summary of, 414
Microsoft Exchange 2003, 144 390–392 PAP. See Password authentication
Microsoft Internet Explorer. See Internet Nikto, 328–329 protocol
Explorer Nimda worm, 84
Microsoft Internet Information Server, Nmap, 77–78, 494–496 Parasitic viruses, 82
Passenger protocol, 114
84, 502 NNTP servers, 506
Microsoft Management Console, 29, 258 Non-disclosure agreement, 691 Passive attacks
description of, 56, 78–79, 93, 134
Microsoft Security Baseline Analyzer, 77 Non-essential protocols on wireless networks, 193–198
Microsoft Windows. See Windows description of, 39 Passive FTP, 330–331, 347
MIME, 138–139, 158, 622 disabling of, 39-43 Password(s)
MITM attacks. See Man-in-the-Middle Non-essential services access control using, 610–611
attacks definition of, 38
Mixed mode authentication, 513 disabling of, 39-43, 44–45 administrator, 694
authentication uses of, 22, 24
Mixed-threat attacks, 57, 92 example of, 38 BIOS, 615
Mobile devices, 399–400, 416, 625 Non-repudiation, 4, 19, 132, 134, 547
