Index: References To Figures Are in Italics

All-in-1 / CISSP All-in-One Exam Guide, Fourth Edition / Harris / 787-0
INDEX
References to figures are in italics. Diameter, 227–229

RADIUS, 223–224, 227
*-integrity axiom, 337 TACAS, 224–227
*-property rule (star property rule), watchdog timers, 227
334, 336 access control models, 210
10Base2, 514 discretionary access control, 211
10Base5, 514 identity-based, 212
10Base-T, 514 mandatory access control, 212–214
3DES, 703 role-based access control, 214–217
802.11a, 624 sensitivity labels, 213–214
802.11b, 624 access controls, 670
802.11e, 625 access control lists (ACLs),
802.11f, 625 220–221
802.11g, 625 access control matrix, 219–220
802.11h, 625 access criteria, 195–196
802.11i, 625–626 accountability, 159, 243–246
802.11j, 633 administrative controls, 232–233
802.11n, 633 auditing, 237
802.15, 634 authentication, 158, 160–161
802.16, 633 authorization, 158, 195
802.1X, 627–629 cabling, 234
capability tables, 220
A computer controls, 234
absolute addresses, 303 constrained user interfaces,
abstraction, 296, 962 218–219
access, defined, 155 content-dependent access
access control administration, 222 control, 221
centralized, 223 context-dependent access control,
decentralized, 230 221–222
1113
Index.indd 1113 10/9/2007 1:56:02 PM

CISSP All-in-One Exam Guide
1114
control zone, 234, 250 testing, 233

default to no access, 196–197 thin clients, 209–210
directory services, 209 threats, 263–269
emanation security, 248–250 types of, 237–242
encryption, 237 unauthorized disclosure of
facilities, 447–454 information, 247–248
groups, 196 white noise, 249
identification, 158, 160–161, 162 work area separation, 234
intrusion detection systems (IDSs), See also identity management
250–260 access points (APs), 621
intrusion prevention systems (IPSs), access triple, 339
260–263 accessing password files, 185
Kerberos, 200–205 account management, 174
layers, 231–232 accountability, 159, 243–244
logical access controls, 160 keystroke monitoring,
natural access control, 410–412 245–246
need-to-know principle, operations security, 1032–1033
197–198 protecting audit data and log
network access, 236–237 information, 246
network architecture, 235–236 review of audit information, 245
network segregation, 233 accreditation, 371–372
object reuse, 248 ACLs, 220–221
overview, 155–156 active attacks, 753
perimeter security, 233 ActiveX, 995
personnel, 454–455 ActiveX Data Objects (ADO), 921
personnel controls, 232 activity support, 415
physical controls, 233 Address Resolution Protocol (ARP),
practices, 246–250 529–530
preventive, 239–240 administrative controls, 232–233
protocols, 237 administrative interfaces, 984–985
race condition, 159 Advanced Encryption Standard
roles, 195 (AES), 697, 703–704
rule-based, 217–218 advisory policies, 112
security domains, 206–208 adware, 645
security-awareness training, 232 aggregation, 927
SESAME, 205–206 AIC triad, 59–61
single sign-on, 198–200 ALE. See annualized loss expectancy (ALE)
supervisory structure, 232 algebraic attacks, 756
system access, 235 algorithms, 666, 670
technical controls, 234–237 analog transmission signals,
Tempest, 249 505–506, 525
Index.indd 1114 10/9/2007 1:56:13 PM

Index
1115
analytic attacks, 756 two-tier, 40

annualized loss expectancy (ALE), 95–97 virtual machines, 315
annualized rate of occurrence (ARO), 96 Zachman Architecture Framework,
anti-malware programs, 1005–1006 376–378
See also malware See also memory
antivirus software, 1001–1004 arithmetic logic units (ALUs), 282
See also viruses ARO. See annualized rate of
appliances, 559 occurrence (ARO)
application layer, 487, 494–495 ARP table poisoning, 530
application owners, responsibilities, 132 artificial neural networks (ANNs),
application security. See software security 977–979
application-level proxies, 554, 555–557 assembly code, 957
Arabo, Jason Salah, 25 asset identification and management,
architecture, 281 1036–1037
and access control, 235–236 Associate CISSP, 10
additional storage devices, 317 assurance, 355–356
architectural view of network assurance levels, 1034
environments, 45–47 asymmetric algorithms, 679
central processing unit (CPU), types of, 706–713
281–286 asymmetric mode, 286–287
CPU modes and protection rings, Asymmetrical DSL (ADSL), 607
308–310 asynchronous attacks, 383
domains, 312 asynchronous communication,
enterprise architecture, 373–381 507, 525
firewalls, 560–563 asynchronous token device, 189–190
input/output device management, Asynchronous Transfer Mode. See ATM
317–320 ATM, 594–596
layered operating system architecture, attacks
311, 312–314 cramming, 1087
multiprocessing, 286–287 data diddling, 885
open network architecture, 484 denial-of-service attacks,
operating systems, 287–294, 1010, 1086
310–311 distributed denial-of-service,
process management, 287–292 1013–1014
security architecture, 322 dumpster diving, 886–887
Sherwood Applied Business Security emanations capturing, 887
Architecture (SABSA), 378 evolution of, 842–844
software, 966–967 excessive privileges, 885
system architecture, 321–330 fake login screens, 1086
terminology, 314–315 file descriptor attacks, 1096
three-tier, 40–42 fraggle, 1011
Index.indd 1115 10/9/2007 1:56:14 PM

1116
IP spoofing, 886 B
mail bombing, 1086
backdoors, 1085–1087
man-in-the-middle
background checks, 137–138
attacks, 1086
backups, 1066–1067
password sniffing, 885–886
choosing a software backup
ping of death, 1086
facility, 806
salami attacks, 884
data backup alternatives,
slamming, 1087
801–803
smurf, 1010–1011
differential process, 802
SYN floods, 1011–1012
electronic backup solutions,
teardrop, 1012–1013, 1087
803–806
traffic analysis, 1087
full backup, 802
wardialing, 1086
hardware, 796
wiretapping, 887–888
incremental process, 802
See also hacking
software, 796–797
attenuation, 512, 522–523
bandwidth, 506, 519
audit committee, responsibilities, 130
Bank of America, 27
auditing, 237
base registers, 297, 298
physical access, 468–469
baseband, 507–508, 525
protecting audit data and log
Basel II Accord, 858
information, 246
baselines, 113–114
review of audit information, 245
See also security policies
auditors
Basic Security Theorem, 335
compliance auditors, 90
bastion hosts, 560
responsibilities, 134
BCP. See business continuity plan (BCP)
authentication, 158, 160–161, 669
BEDO DRAM, 300
open system authentication
Bell-LaPadula model, 333–336
(OSA), 623
vs. Biba model, 338
protocols, 614–616
Biba model, 336–338
shared key authentication
vs. Bell-LaPadula model, 338
(SKA), 623
biometrics, 179–182, 183–184
Authentication Header (AH), 750
crossover error rate (CER),
authoritative sources, 175
179–180
authorization, 158, 195, 669
facial scans, 183
access criteria, 195–196
fingerprints, 182
creep, 197
hand geometry, 182
availability, 59–60
hand topography, 183
and access control, 157
iris scans, 182
Available Bit Rate (ABR), 595
keyboard dynamics, 183
awareness, security-awareness training,
palm scans, 182
139–142
Index.indd 1116 10/9/2007 1:56:14 PM

Index
1117
processing speed, 181 business continuity plan (BCP), 770

retina scans, 182 business impact analysis (BIA),
signature dynamics, 182–183 778–783
Type I and Type II errors, business process recovery,
179, 180 788–789
voice prints, 183 checklist test, 818
blackout, 434 choosing a software backup
block ciphers, 685–687 facility, 806
blocked state, 290 continuity planning policy
Blowfish, 704–705 statement, 777
Bluejacking, 634 damage assessments, 810
blueprints, 78–79 data backup alternatives, 801–803
Bluetooth, 634 data recovery solutions, 807–808
board of directors, responsibilities, development products, 813
123–124, 125–126 disk shadowing, 804
Boeing, 36 documentation, 798–799
bollards, 458 electronic backup solutions,
Boot Protocol (BOOTP), 531 803–806
boot sector viruses, 996 electronic vaulting, 804–805
Border Gateway Protocol (BGP), emergency response, 820–821
534–535 end-user environment, 800–801
botnets, 839, 999 facility recovery, 789–795
Brewer and Nash model, full-interruption test, 819
348–349 goals, 814–815
bridges, 536–538 hardware backups, 796
vs. routers, 540 human resources, 799–800
British Standard 7799 (BS7799), 71 implementing strategies,
broadband, 507–508, 525 815–816
broadcast storms, 537 insurance, 808–809
broadcast transmission, 524–525 interdependencies, 783–785
brownout, 434 life cycles, 824
browsing, 1082–1083 maintaining the plan, 821–823
brute force attacks, 185, 264–265 maximum tolerable downtime
buffer overflows, 384–388, 1096 (MTD), 781–782
burst EDO DRAM (BEDO parallel test, 819
DRAM), 300 as part of the security policy and
bus topology, 510 program, 774–775
business continuity, 770–771 preventive measures, 786, 787
planning, 771 project initiation, 776–777
steps, 772–774 recovery and restoration, 809–813
business continuity coordinator, 776 recovery strategies, 786–788
Index.indd 1117 10/9/2007 1:56:14 PM

1118
remote journaling, 805 CAP, 11

requirements, 778 Capability Maturity Model (CMM),
restoration team, 810 955–956
salvage team, 810 capability tables, 220
simulation test, 819 care-of addresses, 228
software backups, 796–797 carrier sense multiple access with collision
storing the BCP, 798 avoidance. See CSMA/CA
structured walk-through test, carrier sense multiple access with collision
818–819 detection. See CSMA/CD
supply and technology recovery, cascading errors, 87
795–800 CBC-MAC, 717, 718
tape vaulting, 805–806 CBK security domains, 5, 6–7
testing and revising the plan, ISO 17799 domains, 71–72
816–821 See also security domains
training, 820 CCTA Risk Analysis and Management
types of, 817 Method (CRAMM), 89
business enablement, 380 CCTV, 461–464, 465
business impact analysis (BIA), CD-ROM, accompanying this book, 1109
778–783 Final mode, 1111
installing test software, 1111
C navigation, 1111
Practice mode, 1111
CA. See certificate authorities
running the QuickTime cryptography
cable modems, 606–608
video sample, 1110
cabling, 234, 519
system requirements, 1112
attenuation, 522–523
technical support, 1112
bandwidth, 519
troubleshooting, 1111
coaxial, 520
cell phone cloning, 637
crosstalk, 523
cell suppression, 929
data throughput rate, 519
central processing units, 281–286
fiber-optic, 522
See also processors
fire rating, 523–524
CER. See crossover error rate (CER)
noise, 522
certificate authorities, 726–729
twisted-pair, 520–521
certificates, 729, 730
cache memory, 302
certification, 370–371
Caesar ciphers, 677
other certification exams, 11
caller ID, 617
reasons for getting, 1–2
Canadian Information Processing Society.
recertification requirements, 9–10
See CIPS
requirements, 2–4, 9
Canadian Trusted Computer Product
Certification and Accreditation
Evaluation Criteria (CTCPEC), 49
Professional. See CAP
Index.indd 1118 10/9/2007 1:56:15 PM

Index
1119
Certified Information Systems Security CISSP

Professional. See CISSP certification requirements,
Challenge Handshake Authentication 2–4, 9
Protocol (CHAP), 615, 616 history of, 8
change control analysts, responsibilities, reasons for getting certification, 1–2
132–133 recertification requirements, 9–10
change control documentation, See also Associate CISSP
1047–1048 CISSP exam, 4–7
change control process, 1045–1047 other certification exams, 11
Channel Service Unit/Data Service Unit. registering for, 8–9
See CSU/DSU tips for taking, 10–12
Chief Executive Officer (CEO), Clark-Wilson model, 338–342
responsibilities, 124–125 classification, 117
Chief Financial Officer (CFO), controls, 120–122
responsibilities, 125 private business vs. military
Chief Information Officer (CIO), classifications, 117–120
responsibilities, 126–127 procedures, 121
Chief Information Security classless interdomain routing
Officer (CISO), responsibilities, 129 (CIDR), 504
Chief Privacy Officer (CPO), clean power, 433
responsibilities, 127 cleanroom, 952
Chief Security Officer (CSO), client/server model, 908
responsibilities, 128–129 clipping levels, 1033
Chinese Wall model, 348–349 clock speed, 288
Choicepoint, 26–27 closed environments, 19–20
chosen-ciphertext attacks, 754 closed systems, 372–373
CIA triad. See AIC triad See also open systems
cipher locks, 451–452 closed-circuit TV, 461–464, 465
cipher-only attacks, 753 clustering, 1064–1065
ciphers, 670 coaxial cable, 520
block, 685–687 CobiT, 69–72
confusion and diffusion, cognitive passwords, 160, 187
685–686 cohesion, 967–968
initialization vectors, 688 collision domains, 527–528
stream, 687–688, 689 collusion, 136
types of, 676–679 COM, 971
ciphertext, 665 commits, 926
CIPS, 8 committed information rate
circuit switching, 590–591 (CIR), 592
circuit-level proxies, 554, 556 Common Criteria, 49, 366–369
CISO. See security officer components of, 370
Index.indd 1119 10/9/2007 1:56:15 PM

1120
compartmented security mode, corporate security, 29–31

352–353 management, 35–37
compliance auditors, 90 Corporate Security Officer (CSO). See
compression viruses, 996 security officer
Computer Ethics Institute, 889 COSO framework, 69–70
Computer Fraud and Abuse Act, cost/benefit analysis, 102–103
856–857 cost/benefit comparisons, 84
Computer Security Act of 1987, 859 countermeasures, 46–47
Computer Security Institute. See CSI to brute force attacks, 265
computer-aided software engineering to buffer overflow attacks, 388
(CASE), 952 to covert channels, 344
concealment ciphers, 674 defined, 62
concentrators, 536 to dictionary attacks, 264
confidentiality, 60–61, 669 to distributed denial-of-service
and access control, 157–158 attacks, 1014
configuration management, 954, to fraggle attacks, 1011
986–987, 1045–1048 functionality and effectiveness of,
Constant Bit Rate (CBR), 595 104–105
constrained data items (CDIs), 338 to maintenance hooks, 382–383
constrained user interfaces, 218–219 selection, 102–103
construction, 418–421 to smurf attacks, 1010–1011
contact smart cards, 191–192 to SYN floods, 1012
contactless smart cards, 192 to teardrop attacks, 1013
content-dependent access control, to time-of-check/time-of-use attacks,
221, 928 383–384
context-dependent access control, counter-synchronization, 188–189
221–222, 928 coupling, 968–969
contingency planning, 1070 covert channels, 343–344
Control Objectives for Information and covert timing channel, 344
related Technology. See CobiT CPTED, 409–414
control units, 283 activity support, 415
control zone, 234, 250 CPUs, 281–286
controlling unauthorized downgrading of modes and protection rings,
information, 335 308–310
cookies, 747–748 See also processors
cooperative multitasking, 289 CRAMM, 89
copyright, 850 cramming, 1087
CORBA, 969–970 crime
corporate ethics programs, 891 common Internet crime
Corporate Information Security Officer schemes, 843
(CISO). See security officer complexities, 839–841
Index.indd 1120 10/9/2007 1:56:16 PM

Index
1121
computer-assisted crime, 836–838 CSI, 8

computer-targeted crime, 836–838 CSMA, 526–527
defining and protecting electronic CSMA/CA, 527
assets, 842 CSMA/CD, 526–527
evolution of attacks, 842–844 CSO. See security officer
investigations, 866–872 CSU/DSU, 589
other jurisdictions, 844–846 Cyber Czar, 33, 49
See also laws cybercrime. See crime
Crime Prevention Through Environmental cyberlaw. See laws
Design (CPTED), 409–414 cyberterrorism, 28–29
activity support, 415
crossover error rate (CER), 179–180 D
crosstalk, 523
DAC, 211, 217
cryptanalysis, 664, 670
data analysts, responsibilities, 133
differential cryptanalysis, 755
data buses, 285–286
linear cryptanalysis, 755
data centers, 424–428
cryptographic keys, 190
Data Circuit-Terminating Equipment
cryptography, 659–660, 670
(DCE), 592
asymmetric, 681–684
data custodians, responsibilities, 131
attacks, 753–757
data definition language (DDL), 921
concealment ciphers, 674
data dictionary, 922
digital envelopes, 693
data diddling, 885
government involvement,
Data Encryption Algorithm (DEA), 696
675–676
Data Encryption Standard (DES),
hardware vs. software systems, 737
696–698
history of, 660–665
Cipher Block Chaining (CBC) mode,
notation, 705
699–700
out-of-band method, 680
Cipher Feedback mode, 700–701
quantum cryptography,
Counter Mode (CTR), 702
741–742
Electronic Code Book (ECB) mode,
running key ciphers, 673–674
698–699
security through obscurity, 64
Output Feedback mode, 701–702
substitution ciphers, 660
See also Triple-DES (3DES)
symmetric, 679–681
data hiding, 295, 312
terminology, 665–667
data inspection, 560
See also ciphers; encryption;
data leakage, 1054–1055
steganography
data link layer, 492–494, 496
cryptology, 670
data manipulation language (DML), 922
cryptosystems, 665, 666, 670
data mining, 933–935
services, 669–670
data modeling, 966
strength, 668–669
data origin authentication, 670, 717
work factor, 668
Index.indd 1121 10/9/2007 1:56:16 PM

1122
data owners, 57 DES. See Data Encryption Standard (DES)

responsibilities, 130, 131 device locks, 452
Data Processing Management Association. dialog management, 489
See DPMA Diameter, 227–229
data remanence, 1050 dictionary attacks, 185, 263–264
data structures, 503, 967 differential cryptanalysis, 755
Data Terminal Equipment (DTE), 592 differential power analysis, 193
data throughput rate, 519 Diffie-Hellman algorithm, 706–708
data warehousing, 932–933 digital envelopes, 693
data width, 288 Digital Forensics Science (DFS), 873
database management, 912–913 See also forensics
ActiveX Data Objects (ADO), 921 digital identities, 177
data mining, 933–935 digital signals, 506, 525
data warehousing, 932–933 Digital Signature Standard (DSS), 725
Extensible Markup Language digital signatures, 722–725
(XML), 921 Digital Subscriber Line. See DSL
integrity, 924–927 Direct Access Storage Devices,
Java Database Connectivity 1060–1061
(JDBC), 921 direct memory access (DMA), I/O
models, 914–919 using, 320
Object Linking and Embedding Direct Sequence Spread Spectrum (DSSS),
Database (OLE DB), 920–921 620–621
Open Database Connectivity directories, 165–167
(ODBC), 920 object organization, 166
programming interfaces, 919–921 role in identity management,
relational database components, 167–168
921–924 directory services, 165, 209, 575–576
security issues, 927–932 disaster recovery, 770–771
software, 913–914 disaster recovery plan, life cycles, 824
terminology, 918 discretionary access control (DAC),
database views, 929–930 211, 217
databases, roles, 42–44 ORBs, 970–971
datagrams, 503 Discretionary Security Property (ds-
DCOM, 47, 972 property), 336
DDR SDRAM, 300 disk shadowing, 804
decipher, 670 distance-vector routing protocols, 533
dedicated security mode, 352 Distributed Component Object Model.
degaussing, 1049 See DCOM
delayed loss, 88 distributed computing, 969
Delphi technique, 100 COM, 971
demilitarized zones (DMZs), 549 CORBA, 969–970
denial-of-service attacks, 1010, 1086 DCOM, 972
Index.indd 1122 10/9/2007 1:56:16 PM

Index
1123
Distributed Computing Environment education, 51–52

(DCE), 974–975 security-awareness training,
Enterprise JavaBeans (EJB), 139–142
972–973 EEPROM, 301
object linking and embedding EF. See exposure factor (EF)
(OLE), 973 El Gamal algorithm, 711
distributed denial-of-service attacks, electric power, 430–436
1013–1014 electrically erasable programmable
DNS, 569–570 ROM, 301
Internet DNS and domains, electromagnetic analysis, 193–194
570–571 electromagnetic interference (EMI),
poisoning, 572 432, 433
dogs, 468 electronic access control (EAC)
Domain Name Service. See DNS tokens, 455
domains, 312 electronic monitoring, 185
doors, 421–423 Electronic Registry Systems, 36–37
double data rate SDRAM (DDR electronic vaulting, 804–805
SDRAM), 300 elliptic curve cryptosystems, 712
DPMA, 8 e-mail, 1072–1073
DRAM, 299 how it works, 1074
drills, 469–470 Message Security Protocol
DSL, 606 (MSP), 739
DSW Shoe Warehouse, 27 Multipurpose Internet Mail Extension
dual control, 138 (MIME), 738
dual-homed firewalls, 560 Pretty Good Privacy (PGP),
due care, 57–58, 116, 861, 1028 739–740
due diligence, 116, 861, 1028 Privacy-Enhanced Mail (PEM),
dumpster diving, 886–887 738–739
dynamic analysis, 1002 quantum cryptography,
Dynamic Host Configuration Protocol 741–742
(DHCP), 530–531 relaying, 1075–1076
dynamic keys, 629–631 standards, 737–742
dynamic link libraries (DLLs), 297 emanation security, 248–250
dynamic mapping, 578 emanations capturing, 887
dynamic packet filtering, 557–558 emergency system restart, 1038
dynamic RAM (DRAM), 299 Emory University, 36
dynamic routing protocol, 533 employee controls, 138
Encapsulating Security Payload
E (ESP), 750
encapsulation, 295,
EAP, 616
484–485, 503
Economic Espionage Act of 1996, 859
encipher, 670
EDO DRAM, 300
Index.indd 1123 10/9/2007 1:56:17 PM

1124
encryption, 237 Information Technology Security

asymmetric and symmetric Evaluation Criteria (ITSEC),
algorithms used together, 364–366
689–695 reasons for evaluation,
defined, 665 356–357
at different layers, 735 See also Orange Book
Enigma machine, 663–664 Evaluation Assurance Levels (EALs), 367
link vs. end-to-end, 735–736 exam. See CISSP exam
one-time pads, 671–673, 689 excessive privileges, 885
ROT13, 662 execution domain switching, 325
session keys, 692–695 execution domains, 324
symmetric vs. asymmetric algorithms, executive succession planning, 799
679–684 expert systems, 975–977
See also cryptography exposure, defined, 62
end-to-end encryption, vs. link encryption, exposure factor (EF), 96
735–736 extended data out DRAM (EDO
end-user environment, 800–801 DRAM), 300
Enigma machine, 663–664 Extensible Authentication Protocol.
enterprise architecture, 373–381 See EAP
Enterprise JavaBeans (EJB), 972–973 Extensible Markup Language. See XML
enticement, 262, 883 extranets, 579–580
entity authentication, 670
entity integrity, 925 F
entrapment, 262, 883
facial scans, 183
entry points, 421–423
See also biometrics
environmental issues, 436–438
Facilitated Risk Analysis Process (FRAP),
EPROM, 301
88–89
erasable and programmable
facilities, 416–417
ROM, 301
access controls, 447–454
Ethernet, 513–515
cold sites, 790–791
ethics, 888–889
hot sites, 790–791
Computer Ethics Institute, 889
multiple processing centers, 794
corporate ethics programs, 891
offsite locations, 793
Internet Architecture Board (IAB),
reciprocal agreements, 793–794
890–891
recovery, 789–795
European Union Principles on Privacy,
redundant sites, 794–795
845–846
rolling hot sites, 794
evaluation
tertiary sites, 792
accreditation, 371–372
warm sites, 790–791
certification, 370–371
Failure Modes and Effect Analysis (FMEA),
Common Criteria,
89–92
366–369, 370
Index.indd 1124 10/9/2007 1:56:17 PM

Index
1125
failure states, 912 forensics, 872–873

fake login screens, 1086 best evidence, 881
Faraday cage, 249 circumstantial evidence, 881
Fast Ethernet, 514–515 conclusive evidence, 881
fault generation, 193 corroborative evidence, 881
fault tree analysis, 91–92 direct evidence, 881
fax security, 1076–1078 enticement, 883
FDDI, 517–518 entrapment, 883
Federal Communications Commission evidence admissible in court,
(FCC), 482 880–882
Federal Privacy Act, 853, 857–858 exigent circumstances, 883
Federal Sentencing Guidelines for field kits, 878
Organizations, 891 forensics investigation process,
federated identities, 178 876–879
fencing, 456–458 hearsay evidence, 882
Fiber Distributed Data Interface. incident investigators, 875
See FDDI International Organization on
fiber-optic cable, 522 Computer Evidence (IOCE),
file access protection, 45 873–874
file descriptor attacks, 1096 interviewing and
financial fraud, 980 interrogating, 884
fingerprints, 182, 716 means, 874
See also biometrics motive, 874
fire opinion evidence, 882
detection, 438, 439–442 opportunity, 874
prevention, 438 search and seizure,
suppression, 439, 442–446 883–884
testing and drills, 469–470 secondary evidence, 881
fire resistant ratings, 439 surveillance, 883
firewalls, 548–550, 563–566 forking, 289
architecture, 560–563 forwarding tables, 537–538
best practices, 559 fraggle, 1011
packet-filtering, 550–551 frame relay, 592–593
proxy, 552–557 frameworks, 69–73
stateful, 551–552 FRAP, 88–89
web application, 982 frequency analysis, 678
flash memory, 301 Frequency Hopping Spread Spectrum
Flury, Kenneth J., 25 (FHSS), 619–620, 621
FMEA, 89–92 frequency-division multiplexing, 588
footprint, 640 full-duplex, 490
foreign key, vs. primary key, fully mapped I/O, 320
922–924 functional requirements evaluation, 61
Index.indd 1125 10/9/2007 1:56:18 PM

1126
G hardware backups, 796

Harrison-Ruzzo-Ulman model, 349
gap in the WAP, 636
hashes, 718
gateways, 545–546
hashing algorithms, 716,
H323 gateways, 600–601
718–720
general registers, 283
hashing values, 716
Generic Security Services Application
HAVAL, 720
Programming Interface (GSS-API), 205
HDLC, 597
governance, 73–75
Health Insurance Portability and
Graham-Denning model, 349
Accountability Act (HIPAA), 856
Gramm-Leach-Bliley Act (GLBA),
heat-activated fire detectors, 441
124, 856
heuristic detection, 1001–1002
grid computing, 1065–1066
heuristic IDSs, 254
ground, 433
hierarchical data model, 915–916
ground connectors, 419
Hierarchical Storage Management (HSM),
groups, 196
1067–1069
GSS-API, 205
High-bit-rate DSL (HDSL), 607
guards, 353, 467–468
High-level Data Link Control. See HDLC
guidelines, 114
High-Speed Serial Interface. See HSSI
hiring practices, 136–138
See also personnel
H HMAC, 715–717, 718
H323 gateways, 600–601 honeypots, 262, 566
hacker intrusion, liability for, hops, 736
865–866 host-based IDSs (HIDSs), 251
hacking, 1078–1082 HSSI, 597
backdoors, 1085–1087 HTTP, 743–744
browsing, 1082–1083 HTTP Secure (HTTPS), 744–745
and companies, 29–31 hubs, 536
evolution of, 23–27, 34–35
Loki attacks, 1084–1085 I
and military actions, 27–28
Idaho State University, 8
password cracking, 1085
identification, 158, 160–161
session hijacking, 1084
component requirements, 162
sniffers, 1083–1084
identifying threats, 87–88
See also attacks; cyberterrorism
identity management
half-duplex, 490
account management, 174
halon, 443–444
assisted password reset,
hand geometry, 182
172–173
See also biometrics
biometrics, 179–184
hand topography
cryptographic keys, 190
See also biometrics
Index.indd 1126 10/9/2007 1:56:18 PM

Index
1127
digital identities, 177 Information Systems Audit and Control

directories, 165–168 Association (ISACA), 69
federation, 178 Information Systems Security Association.
legacy single sign-on, 173 See ISSA
memory cards, 191 Information Technology Security
overview, 162–165 Evaluation Criteria (ITSEC), 49,
passphrases, 190–191 364–366
password management, 171 information warfare, 23
password synchronization, informative policies, 112
171–172 initialization vectors, 629–631, 688
passwords, 184–190 input validation, 987–989
profile update, 176–177 input/output device management,
provisioning, 175–176 317–320
self-service password reset, 172 in-rush current, 433–434
smart cards, 191–194 instant messaging (IM), 645–646
web access management (WAM), insurance, 107, 808–809
168–171 Integrated Services Digital Network.
what companies need identity See ISDN
management, 178 integrity, 60, 669
identity repository, 175 and access control, 157
identity theft, 268–269 integrity models, goals of, 341–342
Identity Theft Resource Center, 27 integrity verification procedures
illogical processing, 87 (IVPs), 339
IMAP, 1075 intellectual property laws, 849
immunizers, 1002 copyright, 850
i-Mode, 636–637 internal protection of intellectual
incident response, 866–869 property, 851
incident investigators, 875 patent, 851
procedures, 869–872 software piracy, 852–853
inference, 927 trade secrets, 849–850
inference attacks, 345 trademark, 850–851
information classification. Interior Gateway Routing Protocol
See classification (IGRP), 534
information flow model, 342–344 internal compartments, 423
information gathering, 983–984 International Data Encryption Algorithm
information owners, 57 (IDEA), 704
information risk management (IRM), International Electrotechnical Commission
80–81 (IEC), 73
policy, 82 International Information Systems Security
team, 82–83 Certification Consortium. See (ISC)2
Information Sharing and Analysis Centers. International Organization on Computer
See ISACs Evidence (IOCE), 873–874
Index.indd 1127 10/9/2007 1:56:18 PM

1128
International Standards Organization. sensors, 46, 258–259, 260

See ISO state-based IDSs, 252–253
International Telecommunication Union statistical anomaly–based IDSs,
(ITU), 482 253–254
Internet, 37–40 traffic anomaly–based IDSs, 255
architecture, 40–42 types of, 257
database roles, 42–44 intrusion prevention systems (IPSs),
Internet Architecture Board (IAB), 890–891 260–261, 982
Internet Assigned Numbers Authority honeypots, 262
(IANA), 569 network sniffers, 262–263
Internet Control Message Protocol (ICMP), invocation property, 337, 338
531–532 I/O device management, 317–320
Internet Haganah, 29 IP, 498
Internet security, 743 IP addressing, 504
cookies, 747–748 IP spoofing, 886
HTTP, 743–744 IP telephony. See Voice over IP (VoIP)
HTTP Secure, 744–745 IPSec, 46, 610, 749–753
Internet Security Protocol (IPSec), IPv6, 505
749–753 iris scans, 182
Secure Electronic Transaction (SET), See also biometrics
745–747 Irish Republican Army, 28
Secure HTTP, 745 IRM. See information risk
Secure Shell (SSH), 748–749 management (IRM)
Internet Security Association and Key ISACs, 32
Management Protocol (ISAKMP), 752 (ISC)2, 8, 888
internetwork, 538 process for earning credential,
interrupt-driven I/O, 319 4–5
interrupts, 290–292, 318–319 scenario-based exam questions, 4
intranets, 579–580 ISDN, 604–606
intrusion detection systems (IDSs), 250, ISDN DSL (IDSL), 607
464–467 ISO, 482, 483
characteristics, 467 ISO 17799, 71–73
host-based IDSs (HIDSs), 251 ISO/IEC 14443, 194
knowledge- or signature-based IDSs, isolation, 567
251–252 ISSA, 8
network traffic, 259 issue-specific policies, 111–112
network-based IDSs (NIDSs), IT Governance Institute (ITGI), 69
250–251 iterated tunneling, 610
protocol anomaly–based IDSs, ITSEC. See Information Technology
254–255 Security Evaluation Criteria (ITSEC)
rule-based IDSs, 255–257 IVs. See initialization vectors
Index.indd 1128 10/9/2007 1:56:19 PM

Index
1129
J broadcast transmission, 524–525

cabling, 519–524
Java, 993–994
collision domains, 527–528
Java Database Connectivity (JDBC), 921
CSMA, 526–527
Java Virtual Machine (JVM), 316
Ethernet, 513–515
Joint Analysis Development (JAD), 952
FDDI, 517–518
media access technologies,
K 512–519, 525–529
Kerberos, 200–201 multicast transmission,
Key Distribution Center (KDC), 201 524–525
and password-guessing attacks, 205 polling, 529
principals, 201 protocols, 529–532
process, 201–204 token passing, 526
tickets, 201 Token Ring, 516
weaknesses, 204 topologies, 509–512
Kerckhoffs’ Principle, 64, 668 unicast transmission,
kernel flaws, 1095 524–525
kernel mode, 285 LANs, 46
kernel proxy firewalls, 558 protocols, 583
key clustering, 671 See also Virtual LANs (VLANs)
key management, 732–733 laptop theft, 428–429
principles of, 733–734 last mile, 506
rules, 734 lattice model, 346–347
keyboard dynamics, 183 laws
See also biometrics administrative/regulatory laws,
keys, 666, 667, 670 848–849
asymmetric, 681 Basel II Accord, 858
session keys, 692–695 civil law, 846, 848
keyspaces, 666, 667, 671 common law, 846–847
keystroke monitoring, 245–246 computer crime laws, 836–838
KGB, 28 Computer Fraud and Abuse Act,
knapsack algorithms, 713 856–857
knowledge discovery in database (KDD). Computer Security Act of
See data mining 1987, 859
knowledge-based IDSs, 251–252 criminal law, 848
knowledge-based systems, 975–977 customary law, 847
Kosovo Air Campaign (1999), 28 Economic Espionage Act of
1996, 859
L Federal Privacy Act, 853, 857–858
L2TP, 613–614 Gramm-Leach-Bliley Act (GLBA), 856
LAN networking, 508 Health Insurance Portability and
Accountability Act (HIPAA), 856
Index.indd 1129 10/9/2007 1:56:19 PM

1130
intellectual property laws, logon

849–853 limiting logon attempts, 187
mixed law systems, 847–848 spoofing at logon, 265
overview, 836 Loki attacks, 532, 1084–1085
Payment Card Industry Data Security loss
Standards (PCI DSS), 858–859 annualized loss expectancy (ALE),
and politics, 49–51 95–97
privacy, 853–861 delayed, 88
religious law systems, 847 exposure factor (EF), 96
Sarbanes-Oxley Act of 2002 (SOX), single loss expectancy (SLE),
855–856 95–97
See also crime loss potential, 88
layered approach to security, 44–45 LUC algorithm, 713
an architectural view, 45–47 Lucifer, 644, 696
bringing layers together, 48–49
a missed layer, 48
layering, 312–314
M
LDAP. See Lightweight Directory Access MAC, 212–214, 217
Protocol (LDAP) machine language, 957
least privilege, 329–330 macro languages, 997
LexisNexis, 27 MAID, 1063
liability, 861–864 mail bombing, 1086
hacker intrusion, 865–866 mainframes, 21, 22, 1070–1072
personal information, 864–865 maintenance hooks, 382–383
licensing, 1043 malware, 995–996
lighting, 459–460 anti-malware programs, 1005–1006
Lightweight Directory Access Protocol components, 998
(LDAP), 576–577 mandatory access control (MAC),
limit registers, 297, 298 212–214, 217
line conditioners, 434 mandatory vacation policy, 138
linear cryptanalysis, 755 man-in-the-middle attacks, 1086
link encryption, 735–736 maskable interrupts, 291–292
link-state routing protocols, 533 masquerading, 530, 563
load, 418 massive array of inactive disks. See MAID
local area networks. See LANs maximum tolerable downtime (MTD),
local bridges, 537 781–782
local loop, 506 MD2, 719
locks, 448–454 MD4, 719
log scrubbers, 644 MD5, 719–720
logic bombs, 1000 mean time between failures (MTBF), 1057
logical addresses, 303 mean time to repair (MTTR), 1058
logical location restrictions, 196 mechanical locks, 449–452
Index.indd 1130 10/9/2007 1:56:20 PM

Index
1131
media controls, 1048–1053 methods, 960

meme viruses, 997 metropolitan area networks (MANs),
memory 581–582
burst EDO DRAM (BEDO microkernel, 311
DRAM), 300 microns, 288
cache, 302 MIME, 738
double data rate SDRAM (DDR MIPS, 288
SDRAM), 300 misuse-detection systems, 254
dynamic RAM (DRAM), 299 mobile code, 992
electrically erasable programmable ActiveX, 995
ROM, 301 botnets, 999
erasable and programmable Java, 993–994
ROM, 301 logic bombs, 1000
extended data out DRAM (EDO malware, 995–996
DRAM), 300 Trojan horses, 1000–1001
flash, 301 viruses, 996–997
leaks, 305–306 worms, 999–1000
management, 296–298 Mobile IP, 228
mapping, 302–305 mobile phone security, 637–638
programmable ROM, 301 mobile technology generations, 643
protection issues, 298 modems, 606–608
random access memory (RAM), modes. See security modes of operation
299–300 modification detection code (MDC), 716
read-only memory (ROM), monolithic kernel, 314
300–301 Moore’s Law, 320
static RAM (SRAM), 299 multicast transmission, 524–525
synchronous DRAM multihomed firewalls, 553,
(SDRAM), 300 560–561
virtual, 306–307 multilayered switches, 542
memory cards, 191 multilevel security mode, 353
mesh topology, 510–511 multilevel security policies, 329
message authentication code (MAC), multipart viruses, 997
714–715 multiplexing, 583
message digest, 716 frequency-division multiplexing, 588
message integrity, 713–714 statistical time-division multiplexing
CBC-MAC, 717, 718 (STDM), 588
HMAC, 715–717, 718 multiprocessing, 286–287, 293
one-way hash, 714–715 multiprogramming, 288–289, 293
message integrity code (MIC), 716 Multiprotocol Label Switching
Message Security Protocol (MSP), 739 (MPLS), 542
messages, 503 Multipurpose Internet Mail Extension
meta-directories, 167, 168, 575 (MIME), 738
Index.indd 1131 10/9/2007 1:56:20 PM

1132
multiservice access technologies, 597–600 nondiscretionary access control.

Multistation Access Units (MAUs), 516 See role-based access control (RBAC)
multitasking, 289, 293 noninterference model, 345
multithreaded applications, 293 nonkeyed message digests, 716
multithreading, 293 non-maskable interrupts, 292
MyDoom virus, 25–26 nonplenum cables, 523
nonrepudiation, 669
N
namespaces, 165 O
naming distinctions, 295 Object Linking and Embedding Database
NAT. See network address translation (NAT) (OLE DB), 920–921
National Institute of Standards and object linking and embedding (OLE), 973
Technology (NIST), 772 object organization in directories, 166
natural access control, 410–412 object reuse, 248
natural surveillance, 413 object-oriented analysis (OOA), 966
network access, 236–237 object-oriented database model,
network address translation (NAT), 917–918
46, 577–579 object-oriented design (OOD), 966
network database model, 916 object-oriented programming (OOP),
Network Information System (NIS), 958–964
573–575 object-relational database model,
network layer, 491–492, 495 918–919
network operating systems (NOS), objects, defined, 155
567–568 obscurity, security through, 63–64
network segregation, 233, 567 OCTAVE, 89
network sniffers, 262–263, 1083–1084 Office of Homeland Security. See ISACs
network-based IDSs (NIDSs), 250–251 one-time pads, 671–673
and switched environments, 258 vs. stream ciphers, 689
Next-Generation Secure Computing Base one-time passwords, 187–190
(NGSCB), 324 one-way functions, 710–711
nexus, 324 one-way hash, 714–715
NIS. See Network Information attacks against, 721–722
System (NIS) Online Certificate Status Protocol
NIS+. See Network Information (OCSP), 729
System (NIS) online encryption. See link encryption
NIST SP 800-30 and 800-66, 88 online transaction processing (OLTP),
noise, 433, 434–435, 522 931–932
noise and perturbation, 929 OOP. See object-oriented
nondisclosure agreements, 136 programming (OOP)
Index.indd 1132 10/9/2007 1:56:21 PM

Index
1133
Open Database Connectivity (ODBC), 920 mean time to repair (MTTR), 1058
open network architecture, 484 media controls, 1048–1053
Open Shortest Path First (OSPF), 534 network and resource availability,
open system authentication (OSA), 623 1056–1070
open systems, 372 RAID, 1061–1062
See also closed systems RAIT, 1063
Open Systems Interconnection reference remote access security, 1044
model. See OSI model security and network personnel,
operating system fingerprinting, 1080 1031–1032
operating systems, architecture, single points of failure,
287–294, 310–311 1058–1060
Operation French Fry, 26 Storage Area Networks (SANs),
operational goals, 66 1063–1064
operations security, 1027–1028 system controls, 1037–1038
accountability, 1032–1033 system hardening, 1042–1044
administrative management, trusted recovery, 1038–1040
1028–1031 unexplained or unusual
asset identification and management, occurrences, 1035
1036–1037 unscheduled initial program loads
assurance levels, 1034 (rebooting), 1036
clipping levels, 1033 See also backups
clustering, 1064–1065 Orange Book, 49, 355–356,
configuration management, 357–358
1045–1048 Division A, 361
contingency planning, 1070 Division B, 360–361
data leakage, 1054–1055 Division C, 359
deviations from standards, Division D, 359
1035–1036 and the Rainbow Series, 361–362
Direct Access Storage Devices, Red Book, 362–364
1060–1061 ORBs, 970–971
environmental controls, 1070 order of concepts, 63
grid computing, 1065–1066 Organisation for Economic Co-operation
Hierarchical Storage Management and Development (OECD), 50–51
(HSM), 1067–1069 guidelines and transborder
input and output controls, information flow rules,
1040–1041 128, 845
licensing, 1043 organizational security model, 65–67
MAID, 1063 CobiT, 69–72
mainframes, 1070–1072 COSO framework, 69–70
mean time between failures frameworks, 69–73
(MTBF), 1057 operational planning, 66
Index.indd 1133 10/9/2007 1:56:21 PM

1134
private industry requirements vs. accessing password files, 185

military requirements, 80 aging, 187
security governance, 73–75 assisted password reset,
security program components, 172–173
67–69 cognitive, 160, 187
security program development, cracking, 1085
76–79 hashing and encryption,
strategic planning, 66 186–187
tactical planning, 66 limiting logon attempts, 187
organizational security policy, 110–112 management, 171, 184–185
Orthogonal Frequency-Division one-time, 187–190
Multiplexing (OFDM), 621, 624 password checkers, 186
OSI model, 483 password-guessing attacks, 205
application layer, 487, 494–495 self-service password reset, 172
data link layer, 492–494, 496 synchronization, 171–172
functions and protocols, 494–496 patch management, 1006–1007
network layer, 491–492, 495 best practices, 1009
physical layer, 494, 496 limitations to patching,
presentation layer, 487–489, 495 1008–1009
protocol, 483–486 steps, 1007–1008
session layer, 489–490, 495 patent, 851
transport layer, 490–491, 495 patrol force, 467–468
tying the layers together, 496 Payment Card Industry Data Security
where devices and protocols appear Standards (PCI DSS), 858–859
within, 47 PBXs, 547–548
penetration testing, 1090–1094
P perimeter security, 233, 446–447
dogs, 468
packet switching, 590–591
external boundary protection
packet-filtering firewalls, 550–551
mechanisms, 455–464
page frames, 306
facility access control, 447–454
paging, 306
locks, 448–454
palm scans, 182
patrol force and guards,
See also biometrics
467–468
PAP, 614–615, 616
personnel access controls,
parameter validation, 989–992
454–455
partitioning, 929
See also intrusion detection
passive attacks, 753
systems (IDSs)
passphrases, 190–191
permanent virtual circuits (PVCs), 593
Password Authentication Protocol. See PAP
permissions, 1097
password sniffing, 885–886
Persian Gulf War, 28
passwords, 184
Index.indd 1134 10/9/2007 1:56:21 PM

Index
1135
personnel testing and drills, 469–470

access controls, 454–455 ventilation, 438
employee controls, 138 See also perimeter security
hiring practices, 136–138 piggybacking, 455
privacy issues, 859–861 ping of death, 1086
responsibilities, 135 piracy, 852–853
termination, 138–139 PKI. See public key infrastructure
See also responsibility plaintext, 665, 671
pharming, 267–268 chosen-plaintext attacks, 754
phisher scams, 27 known-plaintext attacks,
phishing, 265–267 753–754
phreakers, 548 planning horizon, 67
physical layer, 494, 496 plenum areas, 442
physical location restrictions, 196 plenum space, 523
physical security, 401–404 point of presence (PoP), 611
activity support, 415 Point-to-Point Protocol. See PPP
auditing physical access, politics and laws, 49–51
468–469 polling, 529
computer and equipment rooms, polyinstantiation, 930–931
424–428 polymorphic viruses, 997
construction, 418–421 polymorphism, 964–965
Crime Prevention Through POP, 1075
Environmental Design (CPTED), port address translation (PAT), 578
409–414 port scanning, 1081–1082
designing a physical security ports, well-known, 501, 557
program, 414–428 positive drains, 436
doors and windows, 421–423, 424 postmortem review, 1097
electric power, 430–436 PPP, 610–611
environmental issues, 436–438 PPTP, 612–613
facilities, 416–417 preemptive multitasking, 289
fire prevention, detection and premapped I/O, 320
suppression, 438–446 presentation layer, 487–489, 495
internal compartments, 423 President’s Commission on Critical
natural access control, 410–412 Infrastructure Protection (PCCIP),
natural surveillance, 413 32, 406
planning, 404–408 Pretty Good Privacy (PGP),
protecting assets, 428–429 739–740
safes, 429 primary key, vs. foreign key,
security zones, 411–412 922–924
territorial reinforcement, privacy, 853–854
413–414 Basel II Accord, 858
Index.indd 1135 10/9/2007 1:56:22 PM

1136
Computer Fraud and Abuse Act, project sizing, 84

856–857 PROM, 301
Computer Security Act of 1987, 859 protection profiles, 367–368
Economic Espionage Act of protection rings, 308–310
1996, 859 protocol anomaly–based IDSs, 254–255
employee issues, 859–861 protocols, 237, 483–486
Federal Privacy Act, 853, 857–858 authentication, 614–616
Gramm-Leach-Bliley Act (GLBA), 856 LAN networking, 529–532
Health Insurance Portability and routing, 532–536
Accountability Act (HIPAA), 856 tunneling, 609–614
laws, directives and regulations, prototyping, 953
854–855 provisioning, 175–176
Payment Card Industry Data Security proxy firewalls, 552–557
Standards (PCI DSS), 858–859 public algorithms, vs. secret
Sarbanes-Oxley Act of 2002 (SOX), algorithms, 754
855–856 public key cryptography, 683, 689, 709
Privacy-Enhanced Mail (PEM), 738–739 public key infrastructure, 709, 725–726
Private Branch Exchange. See PBXs certificate authorities, 726–729
private keys, 190, 681 certificates, 729, 730
Privileged Attribute Certificates Registration Authority (RA), 729
(PACs), 205 steps, 730–732
privileged mode, 285 public keys, 190, 681
problem state, 285 public-switched telephone network
procedures, 114–115 (PSTN), 598
for classification, 121 purging, 1049
process activation, 324–325 Q
process activity, 294–296
qualitative risk analysis, 98–101
process enhancement, 380
vs. quantitative risk analysis,
process isolation, 294–295
100–101
process management, 287–292
Quality of Service (QoS), 595–596
process owners, responsibilities, 133
quantitative risk analysis, 92–93
process scheduling, 293–294
vs. qualitative risk analysis, 100–101
processors, 288
quantum cryptography, 741–742
product line managers,
query language (QL), 922
profile update, 176–177
profile-based systems, 254 R
program counter registers, 283 race condition, 159, 383, 1096–1097
program status word (PSW), 285 radio frequency interference (RFI),
programmable I/O, 319 432, 433
programmable ROM, 301 RADIUS, 223–224, 227
Index.indd 1136 10/9/2007 1:56:22 PM

Index
1137
RAID, 1061–1062 Remote Authentication Dial-In User

rainbow tables, 185 Service (RADIUS), 223–224, 227
RAIT, 1063 remote bridges, 537
RAM, 299–300 remote journaling, 805
random access memory (RAM), repeaters, 536
299–300 replay attacks, 185, 756
Rapid Application Development residual risk, 106
(RAD), 952 responsibility, 122–123, 134–135
RBAC, 214–215, 217 application owners, 132
core, 215 audit committee, 130
hierarchical, 215–216 auditors, 134
RC4, 705 board of directors, 123–124,
RC5, 705 125–126
RC6, 705 change control analysts, 132–133
read-only memory (ROM), Chief Executive Officer (CEO),
300–301 124–125
ready state, 290 Chief Financial Officer (CFO), 125
rebooting, 1038 Chief Information Officer (CIO),
receipt, 671 126–127
recertification, requirements, 9–10 Chief Information Security Officer
Red Book, 362–364 (CISO), 129
redundant array of independent tapes. Chief Privacy Officer (CPO), 127
See RAIT Chief Security Officer (CSO),
reference monitor, 327–328 128–129
references, checking as part of hiring data analysts, 133
practices, 136–137 data custodians, 131
referential integrity, 925 data owners, 130, 131
Registration Authority (RA), 729 international requirements, 128
regulatory policies, 112 personnel, 135
relational data model, 915 process owners, 133
relative addresses, 303 product line managers, 134
remote access, 603 security administrators,
administration, 1044 131–132
cable modems, 606–608 security analysts, 132
DSL, 606 security steering committee, 129
guidelines, 616–617 solution providers, 133
ISDN, 604–606 structure, 135–136
Remote Access Service (RAS), supervisors, 132
603–604 system owners, 131
security, 1044 users, 134
xDSL, 607 retina scans, 182
Remote Access Trojans (RATs), 1001 See also biometrics
Index.indd 1137 10/9/2007 1:56:23 PM

1138
Reverse Address Resolution Protocol value of information and assets,

(RARP), 531 85–86
ring topology, 509 See also risk assessment
RISC chips, 281 risk assessment
risk CRAMM, 89
accepting, 96, 107–108 FRAP, 88–89
defined, 62 NIST SP 800-30 and 800-66, 88
handling, 107–108 OCTAVE, 89
See also information risk Spanning Tree Analysis, 89
management (IRM) See also risk analysis
risk analysis, 83–84, 938–940 risk avoidance, 107
annualized loss expectancy (ALE), risk mitigation, 107
95–97 risk ownership, 85
annualized rate of occurrence Roaming Operations (ROAMOPS), 228
(ARO), 96 role-based access control (RBAC),
automated methods, 93–94 214–215, 217
costs that make up the value of core, 215
information and assets, 86–87 hierarchical, 215–216
countermeasure selection, roles, 195
102–103 rollback, 925–926
Delphi technique, 100 ROM, 300–301
exposure factor (EF), 96 rootkits, 643–644
Failure Modes and Effect Analysis ROT13, 662
(FMEA), 89–92 rotation of duties, 138
fault tree analysis, 91–92 route flapping, 533
functionality and effectiveness of routers, 539–540
countermeasures, 104–105 Routing Information Protocol (RIP), 534
handling risk, 107–108 routing protocols, 532–536
identifying threats, 87–88 RSA, 708–711
methodologies, 88–89 rule-based access control, 217–218
ownership of risk, 85 rule-based IDSs, 255–257
protection mechanisms, 102–105 rule-based programming, 976
qualitative risk analysis, 98–101 running key ciphers, 673–674
quantitative risk analysis, 92–93, running state, 290
100–101
results, 97 S
single loss expectancy (SLE), 95–97
SABSA, 378
steps of, 94–97, 105–106
safe harbor requirements, 128, 845
team, 84–85
safeguards
total vs. residual risk, 106
defined, 62
uncertainty, 98
See also countermeasures
Index.indd 1138 10/9/2007 1:56:23 PM

Index
1139
safes, 429 relationships among security

salami attacks, 884 components, 63
salts, 186 terminology, 61–62
SAM databases, 186–187 through obscurity, 63–64
sandboxes, 316, 993 and the U.S. government, 31–33
Sarbanes-Oxley Act of 2002 (SOX), 51, See also corporate security; physical
124, 855–856 security; software security
satellites, 640–641 Security Accounts Management (SAM)
savepoints, 926 databases, 186–187
screened hosts, 561 security administration, 56–59
screened subnets, 561–563, 564 security administrators, responsibilities,
script kiddies, 842 131–132
script viruses, 998 security analysts, responsibilities, 132
scrubbing, 246 security architecture, 322
SDLC, 596–597 security domains, 206–208
SDRAM, 300 See also CBK security domains
secondary storage, 306 security effectiveness, 380
secret algorithms, vs. public security evaluation. See evaluation
algorithms, 754 security governance, 73–75
Secure Electronic Transaction (SET), security kernel, 327–328
745–747 security management, 53–54
Secure European System for Applications administrative controls, 57
in a Multi-vendor Environment. See example, 58
SESAME physical controls, 57
Secure HTTP, 745 responsibilities, 54–55
secure message format, 682 technical controls, 57
Secure MIME (S/MIME), 738 top-down approach to building a
Secure Shell (SSH), 748–749 security program, 55–56
Secure Socket Layer. See SSL See also organizational security model
SecureID, 188 security model, 279–280, 330–331
security Bell-LaPadula model,
areas of, 22–23 333–336, 338
availability, 59–60 Biba model, 336–338
and companies, 29–31 Brewer and Nash model, 348–349
confidentiality, 60–61 Chinese Wall model, 348–349
education, 51–52 Clark-Wilson model, 338–342
history of, 19–22 formal models, 331
integrity, 60 Graham-Denning model, 349
layered approach to, 44–45 Harrison-Ruzzo-Ulman model, 349
politics and laws, 49–51 information flow model,
principles of, 59–61, 156–158 342–344
Index.indd 1139 10/9/2007 1:56:23 PM

1140
lattice model, 346–347 static separation of duty (SSD)

noninterference model, 345 relations through RBAC, 216
and security policies, 330 system development, 945
state machine models, 331–333 Service Set ID (SSID), 622, 623
See also organizational security model SESAME, 205–206
security modes of operation, 351 session hijacking, 1084
compartmented security mode, session keys, 692–695
352–353 session layer, 489–490, 495
dedicated security mode, 352 session management, 992
multilevel security mode, 353 SET, 745–747
system high-security mode, 352 SHA, 720
security officer, 56, 67–68 shared key authentication (SKA), 623
security parameter index (SPI), 751 Sherwood Applied Business Security
security perimeter, 326–327 Architecture (SABSA), 378
security policies, 110–112, 279–280, shielded twisted pair (STP) cabling,
328–329 46, 520
baselines, 113–114 shoulder surfing, 61
due care and due diligence, 116 S-HTTP, 745
guidelines, 114 side-channel attacks, 193–194,
implementation, 115–116 755–756
procedures, 114–115 SIG-CS, 8
and security models, 330 signature dynamics, 182–183
standards, 112–113 See also biometrics
security program development, 76–79 signature-based detection, 1001
security standards, 112–113 signature-based IDSs, 251–252
See also security policies simple integrity axiom, 337
security zones, 381, 411–412 simple security rule, 334, 336
security-awareness training, simplex, 490
139–140, 232 single loss expectancy (SLE), 95–97
evaluating programs, 141–142 single sign-on technologies, 198–200
specialized security training, 142 legacy single sign-on, 173
types of, 140–141 Six Sigma, 92
segments, 503 slamming, 1087
self-garbling viruses, 997 SLE. See single loss expectancy (SLE)
semantic integrity, 925 smart cards, 191–193
sensitivity labels, 213–214 attacks, 193–194
separation of duties, 135–136 interoperability, 194
and the Clark-Wilson model, SMDS, 596
340–341 smoke-activated fire detectors,
dynamic separation of duties (DSD) 440–441
relations through RBAC, 216 SMTP, 1074
Index.indd 1140 10/9/2007 1:56:24 PM

Index
1141
smurf attacks, 1010–1011 Special Interest Group for Computer

sniffers, 262–263, 1083–1084 Security. See SIG-CS
social engineering, 61, 185 special registers, 283
SOCKS, 555–556 Spectrum, Information Technologies and
software, importance of, 905–906 Telecommunications (SITT), 482
software architecture, 966–967 spiral development method, 952
software attacks, 194 split knowledge, 138
software backups, 796–797 spoofing, 563
software development, 944–946 spoofing at logon, 265
Capability Maturity Model (CMM), spread spectrum, 619
955–956 Direct Sequence Spread Spectrum
change control, 953–955 (DSSS), 620–621
computer-aided software engineering Frequency Hopping Spread Spectrum
(CASE), 952 (FHSS), 619–620, 621
configuration management, 954 Orthogonal Frequency-Division
methodologies, 957–969 Multiplexing (OFDM), 621
methods, 950–952 spyware, 645
prototyping, 953 SRAM, 299
software escrow, 957 SSL, 47
software piracy, 852–853 SSO. See single sign-on technologies
Software Protection Association (SPA), 852 stacks, 284, 386
software security, 906–907 standards, 112–113
complexity of functionality, 909 See also security policies
data types, format and length, 910 star topology, 510
in different environments, 908 state machine models, 331–333
environment vs. application, state-based IDSs, 252–253
908–909 stateful firewalls, 551–552
failure states, 912 static analysis, 1002
implementation and default issues, static electricity, preventing, 437
910–912 static mapping, 578
See also database management; patch static RAM (SRAM), 299
management static routing protocol, 533
solution providers, responsibilities, 133 statistical anomaly–based IDSs,
SONET, 581–582, 585 253–254
source routing, 538, 565 statistical attacks, 757
SOX. See Sarbanes-Oxley Act of statistical time-division multiplexing
2002 (SOX) (STDM), 588
spam detection, 1004–1005 stealth viruses, 997
Spanning Tree Algorithm (STA), 538 steering committee, responsibilities, 129
Spanning Tree Analysis, 89 steganography, 674–675
SPARC processors, 281 Storage Area Networks (SANs), 1063–1064
Index.indd 1141 10/9/2007 1:56:24 PM

1142
storage devices, 317 Synchronous Optical Networks. See SONET

star integrity axiom (*-integrity synchronous token device, 188–189
axiom), 337 system architecture, 321–330
star property rule (*-property rule), system authentication, 717
334, 336 system development, 935–936
strategic alignment, 379 design specifications, 942–944
strategic goals, 66 disposal, 947
stream ciphers, 687–688 functional design analysis and
vs. one-time pads, 689 planning, 940–942
strong authentication, 161 garbage collection, 949
strong star property rule, 334, 336 installation/implementation, 946
subjects, defined, 155 life-cycle phases, 936–950
substitution ciphers, 660, 676, 677 managing development, 936
subsystems, 311 operation and maintenance, 947
supercomputers, 1072 postmortem review, 949
See also mainframes project initiation, 937–938
supervisor mode, 285 risk analysis, 938–940
supervisors, responsibilities, 132 risk management, 938
surge, 434 separation of duties, 945
surveillance devices, 460 software development, 944–946
swap space, 306 testing types, 947–949
switched environments, 258 verification vs. validation, 945
Switched Multimegabit Data Service. system hardening, 1042–1044
See SMDS system high-security mode, 352
switched virtual circuits (SVCs), 593 system owners, responsibilities, 131
switches, 541–542 system-specific policies, 112
Layer 3 and 4 switches,
542–543 T
switching, 590–591
TACAS, 224–227
symbolic links, 1096
TACAS+. See TACAS
symmetric algorithms, 679
tactical goals, 66
types of, 695–705
tape vaulting, 805–806
symmetric mode, 286–287
T-carriers, 586–587
Symmetrical DSL (SDSL), 607
TCP, 498–502
SYN floods, 1011–1012
TCP handshake, 502
SYN proxies, 982
TCP/IP, 497–498
synchronous communication,
teardrop attacks, 1012–1013, 1087
507, 525
telecommunications
Synchronous Data Link Control.
defined, 482
See SDLC
evolution of, 583–586
synchronous DRAM (SDRAM), 300
Tempest, 249
Index.indd 1142 10/9/2007 1:56:24 PM

Index
1143
temporal isolation (time-of-day trade secrets, 849–850

restrictions), 196 trademark, 850–851
Terminal Access Controller Access Control traffic analysis, 1087
System (TACAS), 224–227 traffic anomaly–based IDSs, 255
termination, 138–139 traffic-flow security, 735
terminology, 61–62, 918 training, security-awareness,
evolution of, 314–315 139–142
territorial reinforcement, 413–414 tranquility principle, 335
terrorism, 28–29 transaction-type restrictions, 196
testing, physical security, 469–470 transformation procedures (TPs), 338
testing schedule, 1098 transient noise, 433
theft, 428–429 translation bridges, 537
thin clients, 209–210 transmission
thrashing, 300 analog and digital, 505–506
thread management, 292–293 asynchronous and synchronous, 507
threat agents, defined, 62 broadband and baseband,
threats 507–508
defined, 61–62 transparent bridging, 537–538
identifying, 87–88 transport adjacency, 610
relationship of threats and transport layer, 490–491, 495
vulnerabilities, 87 transposition ciphers, 676–679
thunking, 316 Triple-DES (3DES), 703
Tiger, 720 Trojan horses, 1000–1001
time multiplexing, 295 trust, 355–356
time-of-day restrictions (temporal Trusted Computer System Evaluation
isolation), 196 Criteria (TCSEC). See Orange Book
time-of-check/time-of-use attacks, trusted computing base (TCB), 322,
383–384 323–326, 327
TKIP, 630–631 Trusted Network Interpretation (TNI).
token device, 187–188 See Red Book
asynchronous, 189–190 trusted path, 323
synchronous, 188–189 trusted recovery, 1038–1040
token passing, 526, 527 trusted shell, 323
Token Ring, 516 tumbler locks, 449–451
topologies tunneling protocols, 609–614
bus topology, 510 tunneling viruses, 998
mesh topology, 510–511 twisted-pair cable, 520–521
ring topology, 509 two-factor authentication, 161
star topology, 510 two-phase commits, 926–927
Total Quality Management (TQM), 92 Type I and Type II errors, 179, 180
total risk, 106
Index.indd 1143 10/9/2007 1:56:24 PM

1144
U viruses, 996–997
antivirus software, 1001–1004
UDP, 498–502
immunizers, 1002
unauthorized disclosure of information,
visual recording devices, 461–464
247–248
Voice over IP (VoIP), 598–599, 600
uncertainty, 98
voice prints, 183
unconstrained data items (UDIs), 339
See also biometrics
unicast transmission, 524–525
voltage regulators, 434
uninterruptible power supplies. See UPSs
VPNs, 608–609
United States v. Jeansonne, 26
vulnerabilities
unshielded twisted pair (UTP) cabling,
buffer overflows, 1096
520, 521
defined, 61
Unspecified Bit Rate (UBR), 595
file and directory permissions, 1097
UPSs
file descriptor attacks, 1096
online UPS systems, 430–431
kernel flaws, 1095
standby, 431
race conditions, 1096–1097
U.S. government, and security, 31–33
relationship of threats and
user errors, 88
vulnerabilities, 87
user managers, responsibilities, 132
symbolic links, 1096
user mode, 285
vulnerability testing, 1087–1090
user provisioning, 175
penetration testing, 1090–1094
users, 338
schedule, 1098
V W
WAM. See web access management (WAM)
value of information and assets, 85–86
WANs, 46, 583
costs that make up the value, 86–87
CSU/DSU, 589
value-added networks (VAN), 580
dedicated links, 586–587
vandalism, 980
protocols, 583
Variable Bit Rate (VBR), 595
T-carriers, 586–587
ventilation, 438
telecommunications evolution,
verification 1:1, 160–161
583–586
video cards, RAM, 318
WAP, 635–636
virtual circuits, 593
gap in the WAP, 636
virtual directories, 167
war driving for WLANs, 639–640
Virtual LANs (VLANs), 543, 544–545
wardialing, 264, 603–604, 1086,
virtual machines, 315
1094–1095
Java Virtual Machine (JVM), 316
watchdog timers, 227, 292
virtual mapping, 295–296
water sprinklers, 445–446
virtual memory, 306–307
waterfall development method, 952
virtual private networks. See VPNs
Index.indd 1144 10/9/2007 1:56:25 PM

Index
1145
The Web, 37, 38 i-Mode, 636–637

vulnerabilities, 43–44 initialization vectors, 629–631
See also Internet spread spectrum, 619
web access management (WAM), 168–171 standards, 623–634
Web security, 979–980 third generation, 641–642
administrative interfaces, 984–985 Wireless Application Protocol (WAP),
authentication and access control, 635–636
985–986 See also mobile phone security;
configuration management, satellites; WLANs
986–987 wireless LANs. See WLANs
denial-of-service attacks, 981 Wireless Transport Layer Security
financial fraud, 980 (WTLS), 635
firewalls, 982 wiretapping, 887–888
information gathering, WLANs
983–984 ad hoc WLANs, 622
input validation, 987–989 components, 621–623
intrusion prevention systems infrastructure WLANs, 622
(IPSs), 982 war driving for, 639–640
parameter validation, 989–992 work area separation, 234
privileged access, 980–981 work factor, 671
quality assurance process, 982 wormhole attacks, 535
session management, 992 worms, 999–1000
SYN proxies, 982
theft of intellectual property, 981 X
theft of transaction information, 981
X.25, 594
vandalism, 980
xDSL, 607
Weisburd, Aaron, 29
XML, 47, 921
well-known ports, 501, 557
Wells Fargo Bank, 36
white noise, 249 Y
wide area networks. See WANs Yahoo, 27
windows, 421–423, 424
Wired Equivalent Privacy (WEP), 623, 695 Z
Wireless Application Protocol. See WAP
Zachman Architecture Framework,
wireless communications, 618
376–378
Bluetooth, 634
zero knowledge proof, 713
current implementations, 626–627
zeroization, 1049
Direct Sequence Spread Spectrum
zombies, 563, 839
(DSSS), 620–621
zone transfers, 570
dynamic keys, 629–631
zones, 569
Frequency Hopping Spread Spectrum
(FHSS), 619–620, 621
Index.indd 1145 10/9/2007 1:56:25 PM

All-in-1 / CISSP All-in-One Exam Guide, Fourth Edition / Harris / 787-0/ blind folio: 1146
Index.indd 1146 10/9/2007 1:56:25 PM

[ THE BEST ]
in Microsoft Certification Prep
VISIT MHPROFESSIONAL.COM TO READ SAMPLE CHAPTERS AND LEARN MORE.
Index.indd 1147 10/9/2007 1:56:25 PM

LICENSE AGREEMENT
THIS PRODUCT (THE “PRODUCT”) CONTAINS PROPRIETARY SOFTWARE, DATA AND INFORMATION (INCLUDING
DOCUMENTATION) OWNED BY THE McGRAW-HILL COMPANIES, INC. (“McGRAW-HILL”) AND ITS LICENSORS. YOUR
RIGHT TO USE THE PRODUCT IS GOVERNED BY THE TERMS AND CONDITIONS OF THIS AGREEMENT.
LICENSE: Throughout this License Agreement, “you” shall mean either the individual or the entity whose agent opens this package. You
are granted a non-exclusive and non-transferable license to use the Product subject to the following terms:
(i) If you have licensed a single user version of the Product, the Product may only be used on a single computer (i.e., a single CPU). If you
licensed and paid the fee applicable to a local area network or wide area network version of the Product, you are subject to the terms of the
following subparagraph (ii).
(ii) If you have licensed a local area network version, you may use the Product on unlimited workstations located in one single building
selected by you that is served by such local area network. If you have licensed a wide area network version, you may use the Product on
unlimited workstations located in multiple buildings on the same site selected by you that is served by such wide area network; provided,
however, that any building will not be considered located in the same site if it is more than five (5) miles away from any building included in
such site. In addition, you may only use a local area or wide area network version of the Product on one single server. If you wish to use the
Product on more than one server, you must obtain written authorization from McGraw-Hill and pay additional fees.
(iii) You may make one copy of the Product for back-up purposes only and you must maintain an accurate record as to the location of the
back-up at all times.
COPYRIGHT; RESTRICTIONS ON USE AND TRANSFER: All rights (including copyright) in and to the Product are owned by
McGraw-Hill and its licensors. You are the owner of the enclosed disc on which the Product is recorded. You may not use, copy, decompile,
disassemble, reverse engineer, modify, reproduce, create derivative works, transmit, distribute, sublicense, store in a database or retrieval
system of any kind, rent or transfer the Product, or any portion thereof, in any form or by any means (including electronically or otherwise)
except as expressly provided for in this License Agreement. You must reproduce the copyright notices, trademark notices, legends and logos
of McGraw-Hill and its licensors that appear on the Product on the back-up copy of the Product which you are permitted to make hereunder.
All rights in the Product not expressly granted herein are reserved by McGraw-Hill and its licensors.
TERM: This License Agreement is effective until terminated. It will terminate if you fail to comply with any term or condition of this
License Agreement. Upon termination, you are obligated to return to McGraw-Hill the Product together with all copies thereof and to purge
all copies of the Product included in any and all servers and computer facilities.
DISCLAIMER OF WARRANTY: THE PRODUCT AND THE BACK-UP COPY ARE LICENSED “AS IS.” McGRAW-HILL, ITS
LICENSORS AND THE AUTHORS MAKE NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE RESULTS TO BE OBTAINED
BY ANY PERSON OR ENTITY FROM USE OF THE PRODUCT, ANY INFORMATION OR DATA INCLUDED THEREIN AND/OR
ANY TECHNICAL SUPPORT SERVICES PROVIDED HEREUNDER, IF ANY (“TECHNICAL SUPPORT SERVICES”).
McGRAW-HILL, ITS LICENSORS AND THE AUTHORS MAKE NO EXPRESS OR IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE WITH RESPECT TO THE PRODUCT.
McGRAW-HILL, ITS LICENSORS, AND THE AUTHORS MAKE NO GUARANTEE THAT YOU WILL PASS ANY
CERTIFICATION EXAM WHATSOEVER BY USING THIS PRODUCT. NEITHER McGRAW-HILL, ANY OF ITS LICENSORS NOR
THE AUTHORS WARRANT THAT THE FUNCTIONS CONTAINED IN THE PRODUCT WILL MEET YOUR REQUIREMENTS OR
THAT THE OPERATION OF THE PRODUCT WILL BE UNINTERRUPTED OR ERROR FREE. YOU ASSUME THE ENTIRE RISK
WITH RESPECT TO THE QUALITY AND PERFORMANCE OF THE PRODUCT.
LIMITED WARRANTY FOR DISC: To the original licensee only, McGraw-Hill warrants that the enclosed disc on which the Product is
recorded is free from defects in materials and workmanship under normal use and service for a period of ninety (90) days from the date of
purchase. In the event of a defect in the disc covered by the foregoing warranty, McGraw-Hill will replace the disc.
LIMITATION OF LIABILITY: NEITHER McGRAW-HILL, ITS LICENSORS NOR THE AUTHORS SHALL BE LIABLE FOR ANY
INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, SUCH AS BUT NOT LIMITED TO, LOSS OF ANTICIPATED PROFITS
OR BENEFITS, RESULTING FROM THE USE OR INABILITY TO USE THE PRODUCT EVEN IF ANY OF THEM HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL APPLY TO ANY CLAIM OR
CAUSE WHATSOEVER WHETHER SUCH CLAIM OR CAUSE ARISES IN CONTRACT, TORT, OR OTHERWISE. Some states do
not allow the exclusion or limitation of indirect, special or consequential damages, so the above limitation may not apply to you.
U.S. GOVERNMENT RESTRICTED RIGHTS: Any software included in the Product is provided with restricted rights subject to
subparagraphs (c), (1) and (2) of the Commercial Computer Software-Restricted Rights clause at 48 C.F.R. 52.227-19. The terms of this
Agreement applicable to the use of the data in the Product are those under which the data are generally made available to the general public
by McGraw-Hill. Except as provided herein, no reproduction, use, or disclosure rights are granted with respect to the data included in the
Product and no right to modify or create derivative works from any such data is hereby granted.
GENERAL: This License Agreement constitutes the entire agreement between the parties relating to the Product. The terms of any Purchase
Order shall have no effect on the terms of this License Agreement. Failure of McGraw-Hill to insist at any time on strict compliance with
this License Agreement shall not constitute a waiver of any rights under this License Agreement. This License Agreement shall be construed
and governed in accordance with the laws of the State of New York. If any provision of this License Agreement is held to be contrary to law,
that provision will be enforced to the maximum extent permissible and the remaining provisions will remain in full force and effect.
Index.indd 1148 10/9/2007 1:56:27 PM

Index: References To Figures Are in Italics

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Index: References To Figures Are in Italics

Загружено:

Авторское право:

Доступные форматы

All-in-1 / CISSP All-in-One Exam Guide, Fourth Edition / Harris / 787-0

References to figures are in italics. Diameter, 227–229

Index.indd 1113 10/9/2007 1:56:02 PM

CISSP All-in-One Exam Guide

control zone, 234, 250 testing, 233

Index.indd 1114 10/9/2007 1:56:13 PM

analytic attacks, 756 two-tier, 40

Index.indd 1115 10/9/2007 1:56:14 PM

CISSP All-in-One Exam Guide

Index.indd 1116 10/9/2007 1:56:14 PM

processing speed, 181 business continuity plan (BCP), 770

Index.indd 1117 10/9/2007 1:56:14 PM

CISSP All-in-One Exam Guide

remote journaling, 805 CAP, 11

Index.indd 1118 10/9/2007 1:56:15 PM

Certified Information Systems Security CISSP

Index.indd 1119 10/9/2007 1:56:15 PM

CISSP All-in-One Exam Guide

compartmented security mode, corporate security, 29–31

Index.indd 1120 10/9/2007 1:56:16 PM

computer-assisted crime, 836–838 CSI, 8

Index.indd 1121 10/9/2007 1:56:16 PM

CISSP All-in-One Exam Guide

data owners, 57 DES. See Data Encryption Standard (DES)

Index.indd 1122 10/9/2007 1:56:16 PM

Distributed Computing Environment education, 51–52

Index.indd 1123 10/9/2007 1:56:17 PM

CISSP All-in-One Exam Guide

encryption, 237 Information Technology Security

Index.indd 1124 10/9/2007 1:56:17 PM

failure states, 912 forensics, 872–873

Index.indd 1125 10/9/2007 1:56:18 PM

CISSP All-in-One Exam Guide

G hardware backups, 796

Index.indd 1126 10/9/2007 1:56:18 PM

digital identities, 177 Information Systems Audit and Control

Index.indd 1127 10/9/2007 1:56:18 PM

CISSP All-in-One Exam Guide

International Standards Organization. sensors, 46, 258–259, 260

Index.indd 1128 10/9/2007 1:56:19 PM

J broadcast transmission, 524–525

Index.indd 1129 10/9/2007 1:56:19 PM

CISSP All-in-One Exam Guide

intellectual property laws, logon

Index.indd 1130 10/9/2007 1:56:20 PM

media controls, 1048–1053 methods, 960

Index.indd 1131 10/9/2007 1:56:20 PM

CISSP All-in-One Exam Guide

multiservice access technologies, 597–600 nondiscretionary access control.

Index.indd 1132 10/9/2007 1:56:21 PM

Index.indd 1133 10/9/2007 1:56:21 PM

CISSP All-in-One Exam Guide

private industry requirements vs. accessing password files, 185

Index.indd 1134 10/9/2007 1:56:21 PM

personnel testing and drills, 469–470

Index.indd 1135 10/9/2007 1:56:22 PM

CISSP All-in-One Exam Guide

Computer Fraud and Abuse Act, project sizing, 84

Index.indd 1136 10/9/2007 1:56:22 PM

RAID, 1061–1062 Remote Authentication Dial-In User

Index.indd 1137 10/9/2007 1:56:23 PM

CISSP All-in-One Exam Guide

Reverse Address Resolution Protocol value of information and assets,