Page 855 - StudyBook.pdf
P. 855
Index 839
SecurID tokens, 693 Session keys, 129, 536 wardriving, 195–196
Security. See Physical security; Remote SFTP. See Simple file transfer protocol web server, 255
access security; specific discussion S/FTP, 331 Software key storage, 580–583, 597
Security levels for employees, 699 Shared-key authentication, 187–188, 199, Software patches, 135, 314–316
Security patches, 135, 314–316 240 Source routing, 69
Security policies Shared-secret encryption, 528 Spam
objective of, 675 Shielding, 627–629 definition of, 150
personal equipment, 678–679 Short message service, 284–285 as denial of service attack, 60, 151
physical, 680–681 Shredding of documents, 697 origins of, 150–151
restricted access, 676–677 S-HTTP, 280–281 prevention methods for, 151
workstations, 677–680 Side-channel attacks, 531 SMTP relay, 146
Security procedures, 682 Signature summary of, 159
Security topologies attack, 389–390, 456 word origin of, 150
demilitarized zone. See Demilitarized definition of, 459 Spam filters, 151, 159
zone digital, 132, 543–544, 548 Spoofed packets, 372–373
description of, 427–428 e-mail, 717 Spoofing
summary of, 471–472 Signature algorithms, 534 address resolution protocol, 70–71,
Security zones Signature files, 150 223, 225, 375–376
data storage zone, 438 Simple certificate revocation list, 575, 587 authentication, 222, 226
definition of, 436 Simple file transfer protocol, 331 blind, 69
description of, 297–300, 429–432 Simple mail transfer protocol, 138–139 definition of, 68, 221, 272
financial processing segment, 438 Simple mail transfer protocol relay, description of, 19
needs and, 436–439 143–146, 158 e-mail, 71–73, 146–147
placement of, 439 Simple network management protocol, hyperlink, 272–273
Self-signed certificate, 559–560, 564 239 identity, 134–135
Sendmail, 144–145 Single certificate authority model, informed, 69
Separation of duties, 689–690, 749 562–563, 596 IP, 68–71
Sequenced packet exchange, 493 Single loss expectancy, 652, 661 MAC address, 113, 222, 243
Serial line Internet protocol, 19 Single sign-ons, 708–709, 750 prevention of, 69
Servers Site surveys, 229, 244, 246 reasons for, 222
attack focus on, 398 Site-to-site extranet-based virtual private summary of, 92
authentication, 110 network, 385 Web, 272–275
centralizing of, 608, 709–710, 750 Site-to-site intranet-based virtual private web site, 73
data encryption on, 399 network, 385 wireless networks, 198, 221–223
database, 512 64-bit key, 206, 245 Spread spectrum
decentralization of, 710 SkipJack, 585 definition of, 171
definition of, 397 SLIP. See Serial line Internet protocol direct sequence, 173, 238, 242
domain name system, 147 Smart Cards, 24, 412–413, 417, 582 frequency hopping, 172–173, 241
dynamic host control protocol, S/MIME, 138–139, 158, 162 Spreading ratio, 173
508–509, 517 SMS. See Short message service SPX. See Sequenced packet exchange
e-mail, 136–137, 503–504 SMTF. See Simple mail transfer protocol Spyware, 89–90, 94
environment considerations for, 624 Smurf attack, 60 SQL server, 513
file, 506–508 Sniffing SQL Slammer worm, 60, 84
firewall protection for, 398 definition of, 217 SSH. See Secure shell protocol
FTP, 334, 435, 504–505 description of, 79, 122, 374, 393 Sshmitm, 134
key recovery, 589 of wireless networks, 217–221 SSID. See Service set identifier
location for, 608, 626–627 packet SSL. See Secure sockets layer
NNTP, 506 cleartext passwords, 13–16 Standards, 722–723. See also specific
physical security considerations for, description of, 122 standard
607–608 FTP transmissions, 335–338 Star topology, 405, 406f
print, 506–508 lightweight directory access Stateful inspection firewalls, 369, 414
proxy, 443 protocol, 344 Static electricity, 624–625
purpose of, 397–398 protection against, 221 Static network address translation, 447
remote access. See Remote access Snort, 462 Static routes, 373
servers Social engineering Status checking
restricted access policies, 677 definition of, 620 for certificate revocation, 587–588
SQL, 513 description of, 75–77, 92, 95 for certificate suspension, 588
storage considerations for, 624 methods used in, 621 Steganography, 541
summary of, 415 phishing, 73–74, 622 Storage
threat identification for, 655 protections against, 621 of backups, 735, 754
vulnerabilities of, 398 Socket creep, 624 of data, 729–730
web. See Web server Software of evidence, 640–641
workstations vs., 397 anti-virus of private keys, 580–583, 597
Server-side scripting, 302, 324 real-time scans by, 149 of software, 617–618
Server-side scripts, 306–308 updates, 657–658 offsite, of backups, 735, 754
Service advertising protocol, 493 exploitation of, for attacks, 65–66 policies regarding, 729–730
Service level agreements, 694–695, 749 intrusion detection systems, 453 Storage area network, 509–510
Service packs, 488, 501, 658, 663 pirated, 688 Store-and-forward, 439
Service set identifier, 182, 236, 239, 246 privacy policy-authorized audit of, 688 STP cable. See UTP/STP cable
Session hijacking, 67–68 secure storage of, 617–618 Stream ciphers
