absolute mode, permissions,
287–288
centralized vs. decentralized,
20
DAC (discretionary access control),
18–19
MAC (mandatory access control),
19
RBAC (role-based access control),
19–20
accreditation
in certification, evaluation, and accreditation process,
81–82
ACK packets, in three-way handshake,
185–187
ACLs (access control lists)
final test questions,
472
listing files with an ACL,
294
UNIX file permissions compared with,
293,
438
air conditioning, physical security and,
72
algorithms. See also by individual type
message digest algorithms,
75
public or secret key,
438
symmetric and asymmetric,
306
allocate device-name command,
161,
432
AMD64 architecture, Solaris
10,
73–74
American Registry for Internet Numbers (ARIN),
52
APNIC (Asia Pacific Network Information Center),
52
applications
network application servers,
396–398
privileged applications,
257,
260
approval, non-repudiation of,
11
architecture, information security,
20–25
information security process,
24
information systems governance,
20–22
ARIN (American Registry for Internet Numbers),
52
ASET (Automated Security Enhancement Tool)
blocking user access,
101
ensuring correctness of path variables,
224
file protection with,
307
monitoring system files,
439
Asia Pacific Network Information Center (APNIC),
52
assurance vs. functionality, in information security,
9–10,
37
final test questions,
460
final test questions,
474
reconnaissance or information gathering,
51–54
auditconfig command
final test questions,
458
updating auditing service,
135
viewing policy options,
125
audit_control file
adding ua class to flags argument,
437
flags and naflags argument,
130,
430
auditing
enabling/disabling auditing service,
134–135
final test questions,
473
list of important events,
122
updating auditing service,
135
audit_user file
final test questions,
471
specifying users for auditing,
507
authentication
final test questions,
454,
457
public and secrets keys and,
334
authorization
applications that check,
436
final test questions,
470,
471
in identify-authenticate-authorize sequence,
8
RBAC (role-based access control),
257–258
Authorizations tab, Solaris Management Console,
264
availability
DoS (denial of service) attacks,
180
in wired and wireless networks,
74