R
Race conditions, 464–465
Radio-Frequency Identification, See RFID
RAD (Rapid Application Development), 442
RAID 0, 379–380
RAID 1+0, 381
RAID 1, 379–380
RAID 2, 379–380
RAID 3, 380
RAID 4, 380
RAID 5, 380–381
RAID 6, 381
RAID 10, 381
Parity, 379–381
Random number generation, 126
Rapid Application Development, See RAD
RA (risk analysis), 58–68
ALE, 60–64
ARO, 62
assets, 58
asset value, 61–64
BIA, 400
budgeting, 64–65
choices, 65–66
communications, 394
EF, 62
impact, 60
metrics, 64–65
nine step process, 67–68
quantitative and qualitative, 67
risk formulas, 59–60
ROI, 63–64
SLE, 62
TCO, 62–63
threats and vulnerabilities, 58–60
RATs (Remote Access Trojans), 72
RC4, 261
RC5, 168
RC6, 168
RDP (Remote Desktop Protocol), 285
Readiness checklists, 4
Reading down, 104–105
Read Only Memory, See ROM
Read-through, Disaster Recovery Plans, 418
Real evidence, concept, 25
Real memory, 87
Realms, KERBEROS, 315–318
Real neural networks, 470–471
Real-time Transport Protocol, See RTP
Reasonable searches, legality, 27–30
Reciprocal agreements, continuity of operations, 406–407
Reconstitution, disaster recovery, 393
Recovery controls, concepts, 56
Recovery metrics, 401–403
Recovery phase, incident response management, 362
Recovery Point Objective, See RPO
Recovery strategies, BCP/DRP development, 403–407
Recovery Time Objective, See RTO
the Red Book, 114
Reduced Instruction Set Computers, See RISC
Reduction analysis, 66
Redundant Array of Inexpensive Disks, See RAID
Redundant network architecture, 267–268
Redundant sites, 405
Referential integrity, 452
Reformatting disks and remanence, 91
Refreshing RAM, 88
Register direct/indirect addressing, 123
Registered copyright, 33–34
Registered trademarks, 31–32
Register files, 87
Registry, meterpreter dumps, 354–355
Regression testing, software, 337
Regulatory issues
compliance, 20
important laws and regulations, 39–43
security, 20–43, See also Legal issues
Regulatory law, See Administrative law
Relational databases, 451–453
Reliability of utilities, 197
Religious law, 21
Remediation phase, incident response management, 362
Remote access
Content Distribution Networks, 287
desktop console access, 284
instant messaging, 285
remote meeting technology, 286
screen scraping, 285
secure communications, 282–287
virtualization, 284–285
WAP, 286–287
Remote Access Trojans, See RATs
Remote Authentication Dial In User Service, See RADIUS
Remote Desktop Protocol, See RDP
Remote File Inclusion, See RFI
Remote journaling, 415
Remote meeting technology, 286
Remote Procedure Calls, See RPCs
Remote wipe capabilities, mobile devices, 286
Repeaters, 263
Replacements for Halon, 209
Replication, databases, 455–456
Reporting phase, incident response management, 361–362
Representational State Transfer, See REST
Requirements Traceability Matrix, See RTM
Reserved ports, TCP, 237–238
Response phase
disaster recovery, 392
incident responses, 361
Responsible disclosure, software vulnerabilities, 466
REST (Representational State Transfer), 142
Restricted areas, escorts, 196
Restrictions, imports/exports, 38–39
Retaking the exam, 9
Retention
data, 357
logs, 335
sensitive information, 84–85
Retests, examination, 9
Retina scans, implementation, 306–307
Return on Investment, See ROI
Reviews
access entitlements, 311–312
Disaster Recovery Plans, 417–418
logs, access control security, 333–335
RFC 1087, 48–49
RFC 1918 addressing, 233–234
RFI (Remote File Inclusion), 463
Rights
cloud service providers, 133–134
security audits, 44–45
Ring model, system architecture, 117–118
Ring topology, LANs, 252
RIP (Routing Information Protocol), 270–271
RISC (Reduced Instruction Set Computers), 122–123
Risk acceptance, 65
Risk analysis, See RA
Risk assessment, See RA (risk analysis)
Risk avoidance, 66
Risk formulas, 59–60
Risk management, 11–80
acceptance of risk, 65
analysis, 58–68
attacker types, 68–74
avoidance, 66
choices, 65–66
exam objectives, 74
legal issues, 20–43
mitigation, 66
outsourcing and offshoring, 54–55
process, 67–68
quantitative and qualitative analysis, 67
regulatory issues, 20–43
security cornerstones, 12–19
transfers, 66
Risk mitigation, 66
Risk reduction, 66
Risks, definition, 11
Risk transfer, 66
Robust Security Networks, See RSN
ROI (Return on Investment), 63–64
Role-Based Access Controls, See RBAC
Rollback, databases, 455
Rollback plans, change management, 374
Root cause analysis, 363
Rootkits, concepts, 138
Rot-13 cipher, 151
Rotation
duties, 350–351
logs, 335
tapes, 415
Rotation ciphers, 150–151
Rotor machines, cryptography, 156–158
Routing Information Protocol, See RIP
Routing protocols, 267–271
RPCs (Remote Procedure Calls), 224
RPO (Recovery Point Objective), 401–402
RST flags, 238–239
RTM (Requirements Traceability Matrix), software testing, 336
RTP (Real-time Transport Protocol), VoIP, 258
Rule-based access control, 323
Running-key ciphers, 154
S
SaaS (Software as a Service), 132–133
Sabotage, 389
Safeguards
concepts, 12
definition, 11
OECD privacy guidelines, 37
Return on Investment, 63–64
Safe Harbor Agreement, 38
Safety wardens, 204
Salts, password security, 300
SAML (Security Association Markup Language), 312
SAM (Security Account Management) files, 296
Sanctions, accountability enforcement, 17
Sanitization, data destruction, 90–92
SAN (Storage Area Networks), 256–257
Sarbanes–Oxley Act of 2002, See SOX
SAS 70 reviews, 44
SA (Security Association), 180
Savepoints, databases, 455
SB 1386 (California Senate Bill 1386), 40
SBU (Sensitive but Unclassified) object labeling, 82
Scenario questions, 5
Schemas, databases, 453
SCI (Sensitive Compartmented Information), 82–83
Scoping
data security controls, 96
standards, 81
Screened host architecture, 275–276
Screened subnet architecture, 276
Screen scraping, remote access, 285
Script kiddies, 69–70
Scrum method, 440–441
Scytales, 150
SDLC (Synchronous Data Link Control), 255–256
SDN (software-defined networking), 258–259
SDSL (Symmetric Digital Subscriber Line), 283
Search warrants, 27–29
Secondary evidence, 26
Secondary memory, 87
Secret object labeling, 82
Sector by sector overwrites, SSDs, 90
Secure communications, See Communications
Secure European System for Applications in a Multi-vendor Environment, See SESAME
Secure hardware architecture, 119–127
ASLR, 126–127
CPUs, 120–123
DEP, 126–127
memory protection, 123–126
motherboards, 119–120
TPM, 126
WORM storage, 126
Secure Hash Algorithms, See SHA
Secure Multipurpose Internet Mail Extensions, See S/MIME
Secure Real-time Transport Protocol, See SRTP
Secure Shell, See SSH
Secure Sockets Layer, See SSL
Security, 11–80
abstraction, design concepts, 117
access control matrices, 110–112
acquisitions, 45–46
administrative, 348–352
APIs, 449
attackers, 68–74
baselines documentation, 51–52
clearance, 82–83
code repositories, 448
communications, 277–287
compartments, 82–83
confidentiality, integrity and availability, 12–15
cornerstone concepts, 12–19
data controls, 92–98
design concepts, 116–119
disclosure, alteration and destruction, 13–14
divestitures, 46
documentation, 49–52
domains, 117
endpoints, 368–370
ethics, 46–49
EU–US Safe Harbor Agreement, 38
exam objectives, 74
firewalls, 271–277
formal access approval, 83
governance, 49–55
import/export restrictions, 38–39
intellectual property, 31–36
the (ISC)2® Code of Ethics, 46–48
layering, design concepts, 116–118
legal issues, 20–43
models, 104–113
network design, 219–277
network devices and protocols, 263–277
network taps, 266–267
outsourcing and offshoring, 54–55
ownership, 85–87
port isolation, 265–266
privacy, 36–38
regulatory issues, 20–43
remote access, 280–287
ring model, 117–118
risk analysis, 58–68
routers, 267–271
service providers, 44–45
switches, 264–266
tensions in provision, 14
trade secrets, 34–35
training, 52
vendor governance, 45
VPN, 280–282
wireless networks, 261–262, Access control, Asset security, Security engineering, Security operations
Security Account Management files, See SAM files
Security assessment and testing, 329–345
access control, 329–335
exam objectives summary, 340
Security Association, See SA
Security Association Markup Language, See SAML
Security audits, 332
Security awareness, 52
Security engineering, 103–218
accreditation, certification and evaluation, 113–116
cloud computing, 132–134
countermeasures, 145–146
cryptography, 146–183
asymmetric encryption, 168–170
cornerstone concepts, 146–150
hash functions, 170–171
historical ciphers, 150–159
implementation, 176–183
laws, 159–160
symmetric encryption, 160–168
databases, 142–145
design concepts, 116–119
environmental controls, 200–211
exam objectives summary, 211–212
fire suppression, 205–211
grid computing, 134
International Common Criteria, 115–116
ITSEC, 114–115
mobile device attacks, 145–146
models, 104–113
modes of operation, 112–113
Orange Book, 113–115
P2P networks, 134–135
perimeter defenses, 183–196
Red Book/TNI, 114
secure hardware architecture, 119–127
secure operating system and software architecture, 127–131
site configuration, 197–199
site design, 183–211
site selection, 196–197
system defenses, 199–200
system vulnerabilities and threats, 136–146
thin clients, 135
virtualization, 131–132
wireless networks, 146
Security Information and Event Management, See SIEM
Security operations, 347–428
administrative security, 348–352
asset management, 371–375
baselining, 371–372
Business Continuity Planning, 383–424
Business Impact Analysis, 399–403
continued maintenance, 420–421
Crisis Management Plans, 409–411
development of approach, 394–412
Executive Succession Planning, 411–412
failure and recovery metrics, 401–403
frameworks, 421–423
principles, 383–384
project initiation, 395–398
recovery strategy development, 403–407
related plans, 407–412
change management, 373–375
configuration management, 371–373
continuity of operations, 375–424
BCP/DRP, 383–424
failure and recovery metrics, 401–403
fault tolerance, 376–382
continuous monitoring, 367
Data Loss Prevention, 367–368
Disaster Recovery Planning, 383–424
Business Impact Analysis, 399–403
continued maintenance, 420–421
Crisis Management Plans, 409–411
development of approach, 394–412
Executive Succession Planning, 411–412
failure and recovery metrics, 401–403
frameworks, 421–423
principles, 384
project initiation, 395–398
related plans, 407–412
strategy development, 403–407
testing, 417–419
training and awareness, 419–420
eDISCOVERY, 357
embedded device forensics, 356–357
endpoint security, 368–370
exam objectives summary, 423–424
forensics, 352–357
honeypots & honeynets, 370–371
incident response management, 357–363
information and event management, 366–367
Intrusion Detection/Prevention systems, 363–366
media forensics, 353–355
network forensics, 356
patch deployment, 372
personnel controls, 348–352
preventive and detective controls, 363–371
privilege monitoring, 352
root cause analysis, 363
software forensics, 356
vulnerability management, 372–376
Security Parameter Index, See SPI
* Security property, 106
Security safeguards principles, OECD privacy guidelines, 37
Security training, 52
Seizure of evidence, 27–30
Selection of site, 196–197
Semantic integrity, 452
Semi-passive RFID tags, 262–263
Sensitive but Unclassified, See SBU
Sensitive Compartmented Information, See SCI
Sensitive information/data
Cosmic, 83
exfiltration prevention, 193
labels, 82
offshoring, 54–55
retention and storage, 84–85
Sensitive media, 84–85
Sequential memory, properties, 87
Serial Line Internet Protocol, See SLIP
Server-side attacks, 139–140
Service, See also Availability
Service Level Agreements, See SLA
Servicemarks, 31–32
Service Orientated Architecture, See SOA
Service providers
contractual security, 44–45
Service Set Identifiers, See SSID
SESAME (Secure European System for Applications in a Multi-vendor Environment), 318
Session Initiation Protocol, See SIP
Session management
KERBEROS, 315–317
Single Sign-On, 311
Setuid (set user ID) programs, 130–131
Shared demarc areas, 198
Shared tenancies, 197–198
Shareware, 435
Sharia law, 21
Shell code, 431
Shielded twisted pair, See STP
Shielding, Faraday Cages, 263
ShiftRows, AES, 166
Shortages, personnel, 390–391
Shoulder surfing, 190
Shredding
data, 91
hard copy, 92
Side-channel attacks, 175
SIGABA cipher machine, 157–158
Simple Integrity Axiom, 107
Simple Mail Transfer Protocol, See SMTP
Simple Network Management Protocol, See SNMP
Simple Object Access Protocol, See SOAP
Simplex communication, 220
Simulation tests, Disaster Recovery Plans, 418
Single DES, 163–164
Single-interlock sprinkler systems, 211
Single Loss Expectancy, See SLE
Single Sign-On, See SSO
SIP (Session Initiation Protocol), VoIP, 258
Site design
alarms, 193
bollards, 184–185
CCTV, 185–187
configuration issues, 197–199
doors and windows, 194
environmental controls, 200–211
evacuations, 204–205
fences, 183
fire suppression, 205–211
gates, 184
heat, smoke and flame detectors, 203–204
lights, 185
locks, 187–190
magnetic stripe cards, 190–192
mantraps and turnstiles, 192
motion detectors, 193
perimeter defenses, 183–196
restricted areas and escorts, 196
topography, 196–197
walls, floors and ceilings, 194–195
Site marking, 197
Site selection, 196–197
Skeleton keys, 188
Slack space, forensics, 354
SLE (Single Loss Expectancy), risk analysis, 62
SLIP (Serial Line Internet Protocol), VPN, 280–281
Smart phones, 286
S/MIME (secure Multipurpose Internet Mail Extensions), 181
Smoke detectors, 203
SMP (symmetric multiprocessing), 122
SNMP (Simple Network Management Protocol), 244–245
SOAP (Simple Object Access Protocol), 142
SOA (Service Orientated Architecture), 142
Social engineering
cryptographic attacks, 172
penetration testing, 330
phishing, 73–74
phreaking, 90–91
Socket pairs, 238
Sockets, definition, 238
SOCKS firewalls, 274
Soda acid, fire suppression, 208
Software
acquired, security impact assessment, 468–469
antivirus, 368–369
artificial neural networks, 470–471
Bayesian filtering, 471–472
change management, 449–450
code repository security, 448
combinatorial testing, 338
compilers, interpreters & bytecode, 431
copyright, 34
development, 429–477
acceptance testing, 467–468
Agile methods, 439–441
APIs, 449
Artificial Intelligence, 469–472
computer-aided, 434
databases, 450–456
DevOps, 450
disclosure of vulnerabilities, 466
exam objectives summary, 473
fourth-generation languages, 433
Genetic Algorithms, 472
integrated product teams, 447
methods, 436–450
Object-Orientated Analysis and Design, 461–462
privilege escalation, 465
programming concepts, 430–436
prototyping, 442–443
Rapid Application Development, 442
Sashimi Model, 438–440
Scrum, 440–441
security effectiveness, 462–469
top-down vs. bottom-up, 434
vulnerabilities, 462–466
expert systems, 469–470
forensic analysis, 356
fuzzing, 337–338
interface testing, 339
misuse case testing, 338–339
Objects, 429
patch management, 372
piracy, 35–36
privileged programs, 129–131
programming concepts, 430–436
public release formats, 434–436
secure architectures, 127–131
security assessment and testing, 335–340
source code and assemblers, 430–431
test coverage analysis, 339
testing levels, 337
tests analysis, 339–340
thin client applications, 135
vulnerabilities, 462–466
whitelisting, 369
Software-defined networking, See SDN
Software as a Service, See SaaS
Software standards, policies, 51
Solid State Drives, See SSDs
Something you are (type 3 Authentication), 304–308
Something you have (type 2 Authentication), 301–303
Something you know (type 1 Authentication), 294–301
SONET (Synchronous Optical Networking), 254
Southbridge/ICH, 120
SOX (Sarbanes–Oxley Act of 2002), 40
SPAN (Switched Port Analyzer) ports, 266
Spartan Scytales, 150
Spear phishing, 73–74
Speed
Ethernet, 248
fiber optic networks, 248
UTP cabling, 246
SPI (Security Parameter Index), 180
Split horizon, RIP, 270
Spring-bolt locks, 188–189
Sprinkler systems, 210–211
SRTP (Secure Real-time Transport Protocol), 258
SSH (Secure Shell), 243
Federated Identity Management, 312
KERBEROS, 314–318
SESAME, 318
Standards
data security controls, 93–96
tailoring and scoping, 81
Star Integrity Axiom (* Integrity Axiom), 107–108
Star Security Property (* security Property), 106
Star topology, LANs, 252–253
State, AES data, 166
Stateless autoconfiguration, IPv6, 231
State machine model, 105
Static build-up, environmental controls, 203
Static NAT, 234–235
Static passwords, 295
Static Random Access Memory, See SRAM
Static routes, LANs, 267
Static testing of software, 335–336
Statutory financial damages, 23
Stealth viruses, 138
Steganography, 182–183
Storage
information protection, 84–85
sensitive information, 84
vital records, 411
Storage Area Networks, See SAN
Storage channels, 136
STP (shielded twisted pair) cabling, 201–202
Stream ciphers, 160
Strength of cryptography, 147
Strike plates, 188
Strikes, 391
Strong cryptography, 147
Strong passwords, 51
Strong tranquility property, 106
Structured Query Language, See SQL
Structured walkthroughs, Disaster Recovery Plans, 418
SubBytes, AES, 167
Subjects
access control
Bell-LaPadula, 106
Biba Model, 107–108
Clark–Wilson, 108–109
Graham–Denning model, 111–112
Harrison–Ruzzo–Ullman model, 112
lattice-based access controls, 106–107
matrices, 110–112
modes of system operation, 112–113
noninterference model, 109–110
state machine models, 105
Take-Grant Protection Model, 110
Zachman Framework, 111
bounds, 106–107
file permissions, 128–131
security domains, 117
Subscription services, continuity of operations, 407
Supplicants, EAP, 279
Supply chain management, 403–404
Suppression of fires, 205–211
Surge protectors, 200
Swapping, virtual memory, 124–125
Switched Port Analyzer ports, See SPAN ports
Symmetric Digital Subscriber Line, See SDSL
Symmetric encryption, 160–168
Blowfish and Twofish, 168
chaining/feedback, 161
Clipper Chip, 182
definition, 104
DES, 161–165
IDEA, 165
initialization vectors, 160–161
RC5 and RC6, 168
SSL and TLS, 179
stream and block ciphers, 160
tradeoffs with asymmetric methods, 169–170
Symmetric multiprocessing, See SMP
Synchronous Data Link Control, See SDLC
Synchronous dynamic tokens, 302–303
Synchronous Optical Networking, See SONET
SYN flags, 238–239
Synthetic transactions, software testing, 336–337
System calls, ring model, 118
System defenses, 199–200
System hardening, IPv6 services, 232–233
System high mode of operation, 112
System integrity
cornerstone concepts, 14
penetration testing, 331–332
System memory, cache, 87–88
System Owners, information security, 85–86
Systems
access control models, 104–113
access control testing, 330–335
address space layout randomization, 126–127
backdoors, 137
baselining, 371–372
binary images, 353
change management, 373–375
communications failures, 391–392
compartmented mode, 113
Content Management Systems, 449–450
continuous monitoring, 367
countermeasures, 145–146
covert channels, 136–137
CPUs, 120–123
cryptography, 146–183
databases, security, 142–145
Data Execution Prevention, 126–127
Data Loss Prevention, 367–368
dedicated mode, 112
emanations, 136
evaluation, 113–116
fault tolerance, 376–382
grid computing, 134
hardware segmentation, 124
honeypots & honeynets, 370–371
interface testing, 339
malware vulnerabilities, 137–139
memory protection, 123–126
modes of operation, 112–113
motherboards, 119–120
multilevel mode, 113
open and closed, 119
patch deployment, 372
penetration testing, 330–332
port controls, 199–200
process isolation, 124
RAID, 378–381
reference monitor, 128
secure design concepts, 116–119
secure hardware architecture, 119–127
secure operating system and software architecture, 127–131
server-side attacks, 139–140
software escrow, 416–417
software testing, 335–340
system high mode, 112
thin clients, 135
TPM, 126
user and file permissions, 128–131
virtualization, 131–132
virtual memory, 124–125
vulnerabilities and threats, 136–146
vulnerability management, 372–376
watchdog timers, 122
web architecture vulnerabilities, 140–142
WORM storage, 126
Systems Development Life Cycle, See SDLC
System units, architecture, 119
T
T1/T3 circuits, 254
Tables, relational databases, 451–452
Tabletop exercises, Disaster Recovery Plans, 418
TACACS/TACACS+ (Terminal Access Controller Access Control System), 319
Tagged Image File Format, See TIFF
Tailoring data security controls, 96
Tailoring standards, 81
Take-Grant Protection Model, 110
Taking the exam, 4–9
Tangible assets, 61
Taps, networks, 266–267
TAP (Test Access Ports), 236
Targeted attacks, 390
Task-based access control, 323
Tasks, CPUs, 121–122
DNS, 244
encapsulation and de-multiplexing, 226
SANs, 257
SMTP, POP and IMAP, 243
SNMP, 244–245
SSH, 243
TCP, 237–239
UDP, 239
unicast, multicast & broadcast traffic, 236–237
TD (Top-Down) programming, 434
Team activation, disaster recovery, 393
Team building, BCP/DRP development, 397–398
Technical controls
802, 1X, 146
removable media, 145
Telecommunications management, 404–405
Telecommuting, 282–287
Telnet, 242
Temperature failures, 388–389
TEMPEST, 136
Templates for biometrics, 304
Temporal Key Integrity Protocol, See TKIP
Tenancies, shared, 197–198
Ten Commandments of Computer Ethics, 48
Tensions, security management, 14
Terminal Access Controller Access Control System, See TACACS/TACACS+
Terminals, 277
Termination of employees, 53
Terms of copyright, 33
Terrorism, 389
Test coverage analysis, software, 339
Testing
backup power, 388–389
disaster recovery plans, 417–419
HVAC, 388–389
software, 335–340
TFTP (Trivial File Transfer Protocol), 243
TGS (Ticket Granting Service), KERBEROS, 315–318
TGT (Ticket Granting Ticket), KERBEROS, 315–318
Thin clients, 135
Third parties
access control assessments, 333
audits, 44–45
security, 43–46
software security impact assessment, 468–469
vendor governance, 45
Threads, processing, 121–122
Threats
definition, 11
risk analysis, 58–60
Three pass method, examinations, 9
Throughput, biometrics, 305
Ticket Granting Service, See TGS
Ticket Granting Ticket, See TGT
TIFF (Tagged Image File Format), 224
Time-based synchronous dynamic tokens, 302–303
Time of Check/Time of Use attacks, See TOCTOU
Time Exceed messages, 241
Time multiplexing, 124
Time to Live, See TTL
Timing channels, 137
TKIP (Temporal Key Integrity Protocol), 262
TNI (Trusted Network Interpretation), 114
TOCTOU (Time of Check/Time of Use) attacks, 464–465
Token bus, FDDI, 250
Token Ring, 249
Tokens, access control, 301–303
Top-Down, See TD
Topography and site selection, 196–197
Topologies of LANs, 250–253
Top Secret object labeling, 82
Total Cost of Ownership, See TCO
TPM (trusted platform modules), 126
TP (transformation procedure), Clark–Wilson, 108
Traceability matrix, 336
Traceroute, 241
Trade secrets, 34–35
Transferring risk, 66
Transformation procedure, See TP
Transmission Control Protocol, See TCP
Transmission Control Protocol/Internet Protocol, See TCP/IP
Transparent virtualization, 131
Transportation of media, 97–98
Transport Layer
Transport Layer Security, See TLS
Transposition, cryptography, 147
Travel safety, 205
Tree architecture, LANs, 251
TRIM command, SSDs, 89–90
Triple DES, 164–165
Tripwire, 365
Trivial File Transfer Protocol, See TFTP
True negative/positive events, intrusion detection, 363–364
Trusted Computer System Evaluation Criteria, See TCSEC
Trusted Network Interpretation, See TNI
Trusted platform modules, See TPM
Trustworthiness and clearance, 83
Truth tables, 149
TRW-SPS (TRW Software Productivity System), 442
TTL (Time to Live) fields, traceroute, 241
Tunneling
dual stack systems, 231
Tuples, relational databases, 451
Turnstiles, 192
Twofish, 168
Two pass method, examinations, 8–9
Type 1 Authentication (something you know), 294–301
Type 2 Authentication (something you have), 301–303
Type 3 Authentication (something you are), 304–308
Type I errors, biometrics, 305
Type II errors, biometrics, 305
Typosquatting, concepts, 35–36
U
UDI (unconstrained data items), 108
Ultrasonic motion detectors, 193
Unallocated space, forensics, 353
Unconstrained data items, See UDI
Unicast traffic, 236
Uninterruptible Power Supplies, See UPSs
United States, See US
Unit testing, software, 337
Universal Serial Bus, See USB
UNIX
file authorizations, 16–17
password hashes, 296
permissions, 128–129
privileged programs, 129–131
salts, 300
virtual memory, 125
Unlicensed bands, wireless communications, 259
Unmodified Waterfall Model, 436–438
Unregistered trademarks, 31–32
Unshielded twisted pair cabling, See UTP
URG flags, 238
USB (Universal Serial Bus) port controls, 199–200
U.S. Department of Defense, See DoD
Use limitation principles, OECD privacy guidelines, 37
User Datagram Program, See UDP
Usernames, 15–16
Users
domain separation, 117
entitlements, 311–312
information security, 86
ring model, 117–118
secure architecture, 128–131
US (United States)
breach notification laws, 43
EU–US Safe Harbor Agreement, 38
the Orange Book, 113–115
privacy laws, 37–38
the Red Book/TNI, 114
security laws and regulations, 39–43
Sensitive Compartmented Information, 82–83
V
Vacations, forced, 351
Vanderpool, See Intel VT
Variable bounds checking, 463–464
VDSL (Very High Rate Digital Subscriber Line), 283
Vehicle gates, 184
Velcro, 32
Vendors
governance, 45
security issues, 53–54
VENONA, 156
Ventilation, See HVAC
Vernam Ciphers, 156
Version control, BCP/DRP policies, 421
Vertical escalation, 465
Very High Rate Digital Subscriber Line, See VDSL
Views, databases, 453
Vigenère Ciphers, 151–152
Virtual guests, hypervisor mode, 118
Virtualization escape, See VMEscape
Virtual LANs, See VLANs
Virtual memory, 124–125
Virtual Network Computing, See VNC
Virtual Private Networks, See VPN
Virtual SANs (virtual Storage Area Networks), 257
Vishing, 74
Vital records storage, 411
VLANs (Virtual LANs), 264–266
VMEscape (virtualization escape), 132
VNC (Virtual Network Computing), 285
Voice over IP, See VoIP
Voiceprints, 308
Volatile memory, 87–88
Vulnerabilities
applets, 141
backdoors, 137
client-side attacks, 140
covert channels, 136–137
databases, 142–145
definition, 11
disclosure, 466
DNS, 244
emanations, 136
KERBEROS, 317–318
malware, 137–139
management, 372–373
mobile device attacks, 145–146
risk analysis, 58–60
server-side attacks, 139–140
Single Sign-On, 310
site design and configuration, 197–199
software, 462–466
systems engineering, 136–146
VoIP, 258
web architecture, 140–142
W
Waiting times, retaking the exam, 9
Walkthrough, Disaster Recovery Plans, 418
Walkthrough drills, Disaster Recovery Plans, 418
Walls, design, 194–195
WAP (Wireless Application Protocol), 286–287
Warded locks, 188
War dialing, 330
Warfare, 389
Warm sites, 406
Watchdog timers, CPUs, 122
WDM (Wavelength Division Multiplexing), 248
Weaknesses, See Vulnerabilities
Weak tranquility property, 106
Web architecture, attacks, 140–142
Web Services Description Language, See WSDL
Web of trust model, PGP, 181
Well-Formed Transactions, 108
WEP (Wired Equivalency Protocol), 261
Wet chemicals, fire suppression, 208
Wet pipe sprinkler systems, 210
Wheel Cyphers, 153–154
White box software testing, 336
White hats, 69
Whitelisting applications, 369
Wide Area Networks, See WANs
Wi-Fi Protected Access 2, See WPA2
Windows
Active Directory Domains, 320
management of passwords, 300–301
NTFS permissions, 129–130
Object Request Brokers, 460
password hashes, 296
ring model, 118
security, 194
Wiping data, 91
Wired Equivalency Protocol, See WEP
Wireless Application Protocol, See WAP
Wireless Local Area Networks, See WLANs
Wireless Markup Language, See WML
Wireless Transport Layer Security, See WTLS
Wiring closet security, 198
WML (Wireless Markup Language), 287
Work factors, 147
Work Recovery Time, See WRT
WPA2 (Wi-Fi Protected Access 2), 262
Write Once Read Many, See WORM
Writing up, 104–105
WSDL (Web Services Description Language), 142
WTLS (Wireless Transport Layer Security), 286
X
XML (Extensible Markup Language), 142
XOR (Exclusive Or), 149
XSRF (Cross-Site Request Forgery), 465
XSS (Cross-Site Scripting), 465
Z
Zachman Framework, 111
Zero-knowledge tests, penetration testing, 330
Zombies, See RATs
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.