Validating identity on wireless network Truly free nude web cams

25 Summary 25 References in This Chapter 26 Chapter 2 Information Security and the Law 27 IT Security Laws 27 Hacking, Cracking, and Fraud Laws 29 Computer Fraud and Abuse Act 29 Access Device Statute 31 Electronic Communications Privacy Act 34 Title I: Wiretap Act 34 Title II: Stored Communications Act 37 Title III: Pen/Trap Statute 38 Intellectual Property Laws 39 Digital Millennium Copyright Act 39 Economic Espionage Act 41 CAN-SPAM Act of 2003 42 State and Local Laws 43 Reporting a Crime 44 Regulatory Compliance Laws 46 SOX 46 HIPAA 48 Privacy Rule 50 Security Rule 51 Transactions and Code Sets Standard Rule 52 Identifiers Rule 52 Enforcement Rule 52 GLBA 54 PCI DSS 55 Summary 59 References in This Chapter 60 Federal Hacking Laws 60 State Laws 60 Chapter 3 Information Security Governance, Frameworks, and Standards 61 Understanding Information Security Governance 61 People: Roles and Responsibilities 64 Information Security Governance Organizational Structure 65 Board of Directors 65 Security Steering Committee 65 CEO or Executive Management 66 CIO/CISO 66 Security Director 66 Security Analyst 66 Security Architect 66 Security Engineer 67 Systems Administrator 67 Database Administrator 67 IS Auditor 67 End User 67 Spotting Weaknesses in the People Aspect of Security 67 Process: Security Governance Frameworks 68 COSO 68 Control Environment 69 Risk Assessment 70 Control Activities 70 Information and Communication 70 Monitoring 70 COBIT 71 ITIL 75 Technology: Standards Procedures and Guidelines 0 Series of Standards 76 NIST 78 Center for Internet Security 80 NSA 80 DISA 81 SANS 82 ISACA 83 Cisco Security Best Practices 84 Summary 85 References in This Chapter 86 Web Resources 86 Chapter 4 Auditing Tools and Techniques 87 Evaluating Security Controls 87 Auditing Security Practices 89 Testing Security Technology 91 Security Testing Frameworks 92 OSSTMM 93 ISSAF 93 NIST 800-115 94 OWASAP 94 Security Auditing Tools 95 Service Mapping Tools 96 Nmap 96 Hping 100 Vulnerability Assessment Tools 101 Nessus 101 Red Seal SRM 105 Packet Capture Tools 111 Tcpdump 111 Wireshark/Tshark 114 Penetration Testing Tools 116 Core Impact 116 Metasploit 120 Back Track 127 Summary 128 References in This Chapter 128 Security Testing Frameworks 128 Security Testing Tools 129 Chapter 5 Auditing Cisco Security Solutions 131 Auditors and Technology 131 Security as a System 132 Cisco Security Auditing Domains 133 Policy, Compliance, and Management 134 Infrastructure Security 135 Perimeter Intrusion Prevention 136 Access Control 136 Secure Remote Access 137 Endpoint Protection 138 Unified Communications 139 Defining the Audit Scope of a Domain 139 Identifying Security Controls to Assess 141 Mapping Security Controls to Cisco Solutions 143 The Audit Checklist 144 Summary 150 Chapter 6 Policy, Compliance, and Management 153 Do You Know Where Your Policy Is?153 Auditing Security Policies 154 Standard Policies 158 Acceptable Use 158 Minimum Access 158 Network Access 158 Remote Access 159 Internet Access 159 User Account Management 159 Data Classification 159 Change Management 160 Server Security 161 Mobile Devices 161 Guest Access 161 Physical Security 161 Password Policy 162 Malware Protection 162 Incident Handling 162 Audit Policy 162 Software Licensing 162 Electronic Monitoring and Privacy 163 Policies for Regulatory and Industry Compliance 163 Cisco Policy Management and Monitoring Tools 165 Cisco MARS 165 Cisco Configuration Professional 167 Cisco Security Manager 169 Cisco Network Compliance Manager 171 Checklist 174 Summary 176 References in This Chapter 176 Chapter 7 Infrastructure Security 177 Infrastructure Threats 177 Unauthorized Access 177 Denial of Service 178 Traffic Capture 178 Layer 2 Threats 179 Network Service Threats 180 Policy Review 180 Infrastructure Operational Review 181 The Network Map and Documentation 182 Logical Diagrams 182 Physical Diagrams 182 Asset Location and Access Requirements 182 Data Flow and Traffic Analysis 183 Administrative Accounts 183 Configuration Management 184 Vulnerability Management 184 Disaster Recovery 184 Wireless Operations 185 Infrastructure Architecture Review 185 Management Plane Auditing 186 Cisco Device Management Access 187 Syslog 193 NTP 194 Netflow 195 Control Plane Auditing 196 IOS Hardening 196 Routing Protocols 198 Protecting the Control Plane 199 Data Plane Auditing 201 Access Control Lists 202 i ACLs 202 Unicast Reverse Path Forwarding 203 Layer 2 Security 204 VTP 204 Port Security 205 DHCP Snooping 205 Dynamic ARP Inspection 206 IP Source Guard 206 Disable Dynamic Trunking 206 Protecting Spanning Tree 207 Switch Access Controls Lists 208 Protect Unused Ports 209 Wireless Security 210 Wireless Network Architecture 210 Cisco Adaptive Wireless Intrusion Prevention System 211 Protecting Wireless Access 212 Wireless Service Availability 213 Rogue Access Point Detection 214 General Network Device Security Best Practices 216 Technical Testing 217 Router Testing 219 Switch Testing 221 Wireless Testing 225 Checklist 230 Summary 235 References in This Chapter 236 Chapter 8 Perimeter Intrusion Prevention 237 Perimeter Threats and Risk 237 Policy Review 238 Perimeter Operations Review 239 Management and Change Control 239 Monitoring and Incident Handling 240 Perimeter Architecture Review 242 What Are You Protecting?

validating identity on wireless network-23validating identity on wireless network-67validating identity on wireless network-65validating identity on wireless network-57

You can use this procedure to add a user, computer, or group to your wireless security group in the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in.

243 Perimeter Design Review 243 Logical Architecture 244 Physical Architecture 245 What Is the Risk?

Note The procedures in this guide do not include instructions for cases in which the User Account Control dialog box opens to request your permission to continue.

Note After you activate the Windows Vista and Later Releases version of the Wireless Network (IEEE 802.11) Policies or the Windows XP version, the version option is automatically removed from the list of options when you right-click Wireless Network (IEEE 802.11) Policies.

This occurs because after you select a policy version, the policy is added in the details pane of the GPME when you select the Wireless Network (IEEE 802.11) Policies node.

79

Leave a Reply