|
|
 |
| Авторизация |
|
|
|
| Поиск по указателям |
|
|
|
|
|
|
|
 |
|
|
|
| Gregg M., Kim D. — Inside Network Security Assessment: Guarding your IT Infrastructure |
|
|
|
| Предметный указатель |
software vulnerability standards, defined
SolarWinds IP Network Browser
source code scanners
SOWs (statements of work) 2nd
SOX [See Sarbanes-Oxley Act]
SP 800 documents
SP 800 documents, urls for 2nd 3rd
spyware
spyware, defined 2nd
spyware, threat from
SQL Slammer
SQL Slammer, infection statistics
SSH (Secure Shell)
SSL (Secure Sockets Layer)
staff
staff, responsibilities [See responsibility assignments]
staffing [See assessment teams]
statement of work report sections 2nd
statement of work sections of final reports 2nd 3rd
statements of work (SOWs) 2nd
SuperScan 2nd
swarning banners
swarning banners, purpose of
SYN flood attacks 2nd
SYN scans
synchronous password tokens
system application test plans
system application test plans, defined
system assurance
system assurance, accreditation
system assurance, certification
system assurance, Common Criteria
system assurance, documentation review for 2nd
system assurance, ISO 17799
system assurance, ITSEC
system assurance, Rainbow Series
system demonstrations
system demonstrations, level I assessments 2nd
system demonstrations, purpose of
system design validation step
system design validation step, defined
System development life cycle 2nd 3rd
system hackers
system integrity
system integrity, attacks against
system requirements definition
system requirements definition, defined
system timeouts
system timeouts, purpose of
system-level scanners 2nd
systems criticality matrices 2nd
systems criticality matrix (SCM)
systems/applications areas 2nd 3rd
TCH-Amap
TCP
TCP, ACK scans
TCP, defined
TCP, FIN scans
TCP, handshakes 2nd
TCP, ICMP
TCP, NULL scans
TCP, SYN scans
TCP, XMAS scans
TCSEC (Trusted Computer Security Evaluation Criteria)
TCSEC (Trusted Computer System Evaluation Criteria) 2nd
team builders
teams, assessment [See assessment teams]
technical controls
technical controls, account management 2nd
technical controls, communication security
technical controls, defined
technical controls, identification and authentication category 2nd
technical controls, maintenance
technical controls, malicious code protection category
technical controls, networking connectivity
technical controls, security auditing
technical controls, session controls 2nd
technical controls, system assurance 2nd
technical controls, table of
technical documentation categories
technical information for scope definition
technical policies
technical policies, defined
technical standards documents
technical standards documents, defined
telecommunication systems
telecommunication systems, asset nature of
telecommunications hackers [See phreakers]
termination of employees
termination of employees, threat from 2nd 3rd
THC-Amap
theft [See data collection stage of attacks]
third greatest threat 2nd 3rd
threats
threats, acts of God
threats, catastrophic damage
threats, confidential information disclosure 2nd
threats, cyber terrorism
threats, data modification
threats, defined 2nd 3rd
threats, denial of service [See DoS attacks] [See DoS]
threats, destruction
threats, employees as
threats, greatest threat
threats, hacker attacks
threats, insecure computing habits 2nd
threats, list of types 2nd
threats, malware
threats, second greatest threat 2nd
threats, stolen and lost data
threats, terminated employees 2nd 3rd
threats, third greatest threat 2nd 3rd
threats, unauthorized access 2nd
threats, viruses
Tiger Teams [See SIRTs]
timeline construction 2nd 3rd
timeline construction for assessments 2nd
timeliness
timeliness, defined
TLS (Transport Layer Security)
Tokens
tokens, asynchronous
tokens, defined
tokens, synchronous
Tools [See assessment tools]
tools, hacker [See hacking tools]
tools, web sites for 2nd 3rd
top secret information
top secret information, defined
top-down approach to risk assessment 2nd
total risk score
training staff
training staff, assessment methodology 2nd
training staff, goals for 2nd
training staff, importance of
training staff, strategy development
| transferring risk
transferring risk, defined
Transport Layer Security (TLS)
trojans
trojans, defined
Trusted Computer Security Evaluation Criteria (TCSEC)
Trusted Computer System Evaluation Criteria (TCSEC) 2nd
two-factor authentication
types of network vulnerability assessments 2nd 3rd
U.S. Code 1029
U.S. Code 1029, defined
uber hackers
UDP (User Datagram Protocol)
UDP (User Datagram Protocol), defined
Unauthorized access
unauthorized access threats
unauthorized access threats, defined
unauthorized access, defined
unauthorized access, disgruntled employees with
unauthorized software use
unclassified information
unclassified information, defined
unstructured attacks 2nd
URLs (Uniform Resource Locators)
URLs (Uniform Resource Locators), defined
US-CERT (Computer Emergency Response Team)
US-CERT (Computer Emergency Response Team), vulnerability documentation list
USE42
user areas 2nd
users
users, defined
vendors, procuring [See procurement]
Viruses
viruses, defined 2nd
VLAD
Void11
vulnerability
vulnerability assessment tools [See assessment tools]
vulnerability assessments [See network vulnerability assessments]
vulnerability exploitation
vulnerability exploitation, management, communicating with
vulnerability exploitation, purpose of 2nd
vulnerability exploitation, scheduling
vulnerability management
vulnerability management, automating patch management
vulnerability management, defined
vulnerability management, post-assessment overview
vulnerability management, prioritization
vulnerability management, processes in 2nd
vulnerability management, steps for patch management 2nd
vulnerability management, window guidelines
vulnerability scanning tools
vulnerability scanning tools, application-level scanners
vulnerability scanning tools, automated exploit tools 2nd
vulnerability scanning tools, in-depth assessment requirements
vulnerability scanning tools, ISS Internet Scanner
vulnerability scanning tools, LANguard
vulnerability scanning tools, N-Stealth
vulnerability scanning tools, Nessus
vulnerability scanning tools, NetRecon
vulnerability scanning tools, purpose of
vulnerability scanning tools, Retina
vulnerability scanning tools, SAINT
vulnerability scanning tools, SARA
vulnerability scanning tools, source code scanners
vulnerability scanning tools, system-level scanners 2nd
vulnerability scanning tools, urls for
vulnerability scanning tools, VLAD
vulnerability scans
vulnerability scans, level II assessments, role in 2nd
vulnerability scans, problems with
vulnerability testing [See network vulnerability assessments]
vulnerability time
vulnerability time, defined
vulnerability window
vulnerability window, defined
vulnerability, CERT, statistics compiled by 2nd
vulnerability, CVE list of 2nd
vulnerability, defined 2nd
vulnerability, fundamental problem of software
vulnerability, policy design based on
vulnerability, software patches
vulnerability, stages of 2nd
vulnerability, time to patch problem 2nd
vulnerability, types of
vulnerabilties
vulnerabilties, defined
WAN areas 2nd 3rd
wardriving
wardriving, defined
Wayback Machine
Web site assessment tools
Web sites
Web sites, archived content
Web sites, banner information 2nd
Web sites, employee-created leaks
WEP (Wired Equivalent Privacy)
WEP (Wired Equivalent Privacy), assessment tools for
WEP (Wired Equivalent Privacy), defined 2nd
WEP (wired equivalent protection)
WEP (wired equivalent protection), 802.1x
Wget tool
whackers
white hat hackers
whois
WHOIS, defined
Wi-Fi Protected Access [See WPA]
Wi-Fi Protected Access 2 (WPA2)
Windows
Windows, null sessions
Wired Equivalent Privacy [See WEP]
wireless assessment tools
wireless assessment tools, Aircrack
wireless assessment tools, Aireplay
wireless assessment tools, Airodump
wireless assessment tools, antennas for
wireless assessment tools, importance of
wireless assessment tools, Kismet
wireless assessment tools, LinkFerret
wireless assessment tools, NetStumbler
wireless assessment tools, urls for
wireless assessment tools, Void11
wireless assessment tools, WEP 2nd
wireless assessment tools, WPA
workstation areas 2nd
workstations
workstations, asset nature of
worms
worms, defined
worms, Sasser 2nd
WPA (Wi-Fi Protected Access)
WPA (Wi-Fi Protected Access), defined
WPA (Wi-Fi Protected Access), tools for assessing
WPA2 (Wi-Fi Protected Access 2)
XMAS scans
Xprobe 2
|
|
|
| Реклама |
|
|
|
|
|
О проекте