|
|
I&A (Identification and Authentication), 512
IAB (Internet Architecture Board), 512, 514
IANA (Internet Assigned Numbers Authority), 65, 512
ICMP (Internet Control Message Protocol)
defined, 21, 63, 514
ICMP attacks, 73, 512
ICMP tunneling, 74
vulnerabilities of, 140
IDEA (International Data Encryption Algorithm), 322, 513
Identification and Authentication (I&A), 512
IDS (Intrusion Detection Systems), 174–185
about, 118–119, 119
active responses, 181–184
deception, 183, 184
network configuration changes, 182, 183
terminating connections or sessions, 181, 182
AD-IDS, 178, 178, 501
components used for network monitoring, 177
defined, 514
host-based, 184–185, 185
MD-IDS, 176, 177
N-IDS, 178–180, 178, 179
passive responses, 180–181
logging, 180
notification, 181
shunning, 181
securing network with firewall and, 119
terms used in, 175–176
IEEE (Institute of Electrical and Electronics Engineers)
802.1x wireless protocols, 112, 124, 193–194, 500, 512
about, 363, 513
IETF (Internet Engineering Task Force), 361, 512, 514
IGMP (Internet Group Management Protocol), 63, 140–141, 512
illicit servers, 512
IMAP (Internet Message Access Protocol), 130, 512
implementing secure networks, 213–253
application hardening, 236–246
data repositories, 241–242, 506
databases, 244–246
DHCP services, 241, 508
directory services, 242–243, 242
DNS servers, 238–239
e-mail servers, 237, 237
file and print servers and services, 240
FTP servers, 237–238
NNTP servers, 239
web servers, 236
developing security baselines, 216–218
exam essentials, 248–249
exam objectives, 213
key terms, 249
network hardening, 233–236
Access Control Lists, 235
configuring network devices, 234–235
enabling and disabling services and protocols, 235
network device updates, 233–234
OS/NOS hardening, 218–233
Apple Macintosh, 228
file systems, 228–231, 230
IBM, 228
Microsoft Windows 9x systems, 221
Microsoft Windows 2000, 223–224, 224
Microsoft Windows .NET Server 2003, 225
Microsoft Windows NT 4 systems, 222–223
Microsoft Windows XP, 224–225
network protocol configuration, 218–221
Novell NetWare, 227
operating system updates, 231–233
UNIX/Linux, 226–227
overview, 246–247
review question answers, 255–256
review questions, 250–254
threats to, 214–216
in the clear, 317
incidents
defined, 187, 188, 512
incident identification, 188–189
incident response, 187–191
adjusting procedures, 191
defined, 187–188, 187, 512
documenting, 191
incident identification, 188–189
incident response cycle, 187
Incident Response Plan, 187, 513
Incident Response Team, 512
policies for, 431–432
repairing damage, 190
reported CERT, 215
incremental backups, 413, 513
industry standards for encryption, 360–363
ABA, 361
CCITT, 362
development process for, 360, 361
IEEE, 363
IETF, 361, 512, 514
ISOC, 361, 514
ITU, 362, 362
Public Domain Cryptography, 363
PGP, 363, 370, 370
RSA, 363
W3C, 361–362, 534
Info World, 481
information access controls, 292–297
Bell La-Padula model, 292–293, 293, 502–503
Biba model, 294, 294, 503
Clark-Wilson model, 294–295, 295, 504
Information Flow model, 295–296, 296, 513
Noninterference model, 296, 296, 519
overview, 292
information classification, 285–297
defined, 285–286, 286, 513
government and military classifications, 289–291
information access controls, 292–297
Bell La-Padula model, 292–293, 293, 502–503
Biba model, 294, 294, 503
Clark-Wilson model, 294–295, 295, 504
Information Flow model, 295–296, 296, 513
Noninterference model, 296, 296, 519
overview, 292
information retention, 461, 513
policies
defined, 460–461, 513
on information destruction, 461–462, 513
private information, 288–289
internal information, 289
restricted information, 289, 524
public information, 286–288
full distribution, 288
limited distribution, 287–288, 516
roles in security process, 291–292
information destruction policies, 461–462, 513
Information Flow model, 295–296, 296, 513
information policies
defined, 8, 513
privacy and, 426
information retention, 461, 513
information security, 2–9, 4
defined, 2–4, 513
management and policies, 6–9
operational security, 4, 5–6, 6
physical security, 4–5, 4
prevention, detection, and response goals, 9–10
Information Security Magazine, 481
Information Weekly, 480
infrared (IR) connections, 148
infrastructures, 103, 513. See also Public Key Infrastructure
cabling, 141–148
coax, 141–144, 142, 144
fiber optic, 147–148, 147, 148
unshielded and shielded twisted pair cables, 145–146, 145, 146
communications
infrared, 148
microwave, 149–151, 150
radio frequency, 112, 148–149, 149, 523
defined, 103, 513
exam essentials, 156–157
exam objectives for, 101–102
infrastructure security, 103–106
hardware components in, 104–105, 104
software components, 105–106
Internet connections, 127–139
e-mail, 129–131
FTP, 137–139
overview, 127–128
ports and sockets, 128–129, 128
web, 131–137
key terms, 157–159
network components, 106–122
firewalls, 106–110, 107
mobile network components, 121–122, 122
modems, 114
network monitoring and diagnostics, 118–119
overview, 106
Remote Access Services, 114–115, 115
routers, 110–111, 110, 111, 525
servers, 121
switches, 112, 112
telecom/PBX systems, 115–116, 116
VPNs, 117, 117
wireless access points, 112–113, 113, 534
workstations, 120
overview, 103, 154–155
remote access technologies, 123–127
802.1X wireless protocols, 112, 124, 193–194
PPP, 123–124
RADIUS, 125, 125
SLIP, 123
TACACS/+, 125, 531
tunneling protocols, 126–127
VPNs, 124
removable media vulnerabilities, 151–154
CD-R, 152
diskettes, 153
flash cards, 154
hard drives, 152–153
overview, 151
smart cards, 17, 18, 154, 383–384
tape, 151–152
review question answers, 165–166
review questions, 160–164
SNMP and other TCP/IP protocols, 139–141
inline fiber splitter, 148
instant messaging, 196–199
8.3 file naming, 197–198
defined, 513
overview, 196–197, 196
packet sniffing of, 198–199
privacy and, 199
vulnerabilities of, 197
Institute of Electrical and Electronics Engineers. See IEEE
Integrated Services Digital Network (ISDN), 513
integrity
of cryptographic systems, 326–327, 326, 327
of data in security topologies, 22–23, 506
defined, 326
intercepting transmissions, 344
interception, 52, 513
internal information, 289, 513
internal threats, 33–34, 513
International Data Encryption Algorithm (IDEA), 322, 513
International Organization for Standardization (ISO), 513–514
international privacy and security laws, 485–486
International Telecommunications Union (ITU), 362, 362, 514
Internet
connections, 127–139
e-mail, 129–130, 129–131
FTP, 137–139
overview, 127–128
ports and sockets, 128–129, 128
web, 131–137
defined, 514
Internet security zone, 24–25, 25
Internet Architecture Board (IAB), 512, 514
Internet Assigned Numbers Authority (IANA), 65, 512
Internet Control Message Protocol. See ICMP
Internet Engineering Task Force (IETF), 361, 512, 514
Internet Group Management Protocol (IGMP), 63, 140–141, 512
Internet layer, 62–63, 514
Internet Message Access Protocol (IMAP), 130, 512
Internet Protocol. See IP
Internet Protocol Security. See IPSec
Internet Research Task Force (IRTF), 514
Internet Security Association and Key Management Protocol (ISAKMP), 366–367, 367
Internet Service Providers (ISPs), 514
Internet Society (ISOC), 361, 514
Internetwork Packet Exchange (IPX), 170, 515
intranet, 25, 25, 514
Intrusion Detection Systems. See IDS
intrusion detector, 514
intrusions
active responses to, 181–184
defined, 174, 514
passive responses to, 180–181
terms used about, 175–176
intrusions. See also IDS
inventories of computer equipment, 464, 516
IP (Internet Protocol)
defined, 62, 514
rouge servers with strange IP addresses, 241
IP proxy, 514–515
IP spoofing, 515
IPSec (Internet Protocol Security)
cryptography standards and, 371
defined, 515
as tunneling protocol, 127
IPX/SPX (Internetwork Packet Exchange/Sequenced Packet Exchange), 170, 221
IR (infrared) connections, 148
IRTF (Internet Research Task Force), 514
ISAKMP (Internet Security Association and Key Management Protocol), 366–367, 367
ISDN (Integrated Services Digital Network), 513
ISO (International Organization for Standardization) defined, 513–514
ISO 17799 standards, 283–285, 372–373, 515
ISOC (Internet Society), 361, 514
ISPs (Internet Service Providers), 514
ITU (International Telecommunications Union), 362, 362, 514
|
|