Bảo mật hệ thống mạng part 8 ppt

... 48 Network Security: A Beginner’s Guide State Specific Computer Crimes Notes Mississippi Computer ... crime is an area of continued research and develop - ment. If you have specific questions about a particular statute, consult your organiza - tion’s general counsel or local law enforcement. Chapter

Ngày tải lên: 02/07/2014, 18:20

... attacker wishes to know something that Chapter 6: Managing Risk 81 Figure 6-1. The relationship between vulnerability and threat 84 Network Security: A Beginner’s Guide motivation to do harm to ... attacker to gain access to information that was not considered particularly sensitive would be considered a low-value vulnerability. 80 Network Security: A Beginner’s Guide TEAMFLY...

Ngày tải lên: 02/07/2014, 18:20

... only those documents that are complete. Documents in draft form should also be examined. The last part of information gathering is a physical inspection of the organization’s fa - cility. If possible,

Ngày tải lên: 02/07/2014, 18:20

... orga - nization, between departments, between sites, within departments, and to other organi - zations. Attempt to identify how each link in the chain treats information and how each part of the organization ... the organization. Another part of the attitude equation is how management communicates their commitment to employees. The communication of a security commitment has two parts: man...

Ngày tải lên: 02/07/2014, 18:20

... department should choose a small document with a small number of interested parties to begin with. This is most likely to create the opportunity for a quick success and for the security department ... policy, and so on. In this case, the security department becomes a moderator and facilitator in the construction of the documents. The security department should come to the first meeting with ....

Ngày tải lên: 02/07/2014, 18:20

... triangle or else extend the time or reduce the scope. Chapter 8: Information Security Best Practices 117 Vulnerability Assessment Security departments should perform vulnerability assessments (or scans) ... be scheduled for the offending de - partment or facility. Training Awareness training plans should be created in conjunction with the human resources de- partment. These plans should incl...

Ngày tải lên: 02/07/2014, 18:20

... configured to go off before the sprinkler system. Chapter 8: Information Security Best Practices 129 Vulnerability Assessment Security departments should perform vulnerability assessments (or scans) ... be scheduled for the offending de - partment or facility. Training Awareness training plans should be created in conjunction with the human resources de- partment. These plans should include...

Ngày tải lên: 02/07/2014, 18:20

... entirely by using an outside partner to process the credit card transactions. If this option is chosen, the information on the purchase must be handed off to the partner. Care must be taken here ... Needs 201 In some cases, the database server is so sensitive that it is placed in a separate part of the network. This part of the network is protected by an internal firewall and traffic thro...

Ngày tải lên: 02/07/2014, 18:20

... and approved by NSA. The standard was reaffirmed in 1 983 , 1 988 , 1993, and 1999. DES uses a 56-bit key. The key uses seven bits of eight 8- bit bytes (the eighth bit of each byte is used for parity). ... 1 28- bit key and is also used in Pretty Good Privacy (PGP). ■ RC5 RC5 was developed by Ron Rivest at MIT. It allows for variable length keys. 2 18 Network Security: A Beginner’s Guide F...

Ngày tải lên: 02/07/2014, 18:20

... an 80 -bit key, which may be marginal in the near future. ■ Blowfish Blowfish allows for variable length keys up to 4 48 bits and was optimized for execution on 32-bit processors. ■ CAST-1 28 CAST-1 28 ... and end up with: Ciphertext = (9) 7 mod 143 = 48 When the encrypted information is received, it is put through the decryption algorithm: Plaintext = ( 48) 103 mod 143 = 9 Other Public...

Ngày tải lên: 02/07/2014, 18:20