Bảo mật hệ thống mạng part 31 doc
... the e-commerce server. This part of the system includes the customer’s computer and browser software and the communications link to the server (see Figure 11-1). Within this part of the system, we ... information that is saved to the customer’s system ▲ The protection of the fact that a particular customer made a particular order Communications Security Communications security for e-comme...
Ngày tải lên: 02/07/2014, 18:20
... and so on). Some employees may be sensitive to signing such documents. This activity should be coordinated with the Human Resources Department and with the organization’s gen- eral counsel. Downstream ... responsibility for creating and enforcing the standards for the protection of health information under the Department of Health and Human Services. The act calls for the standardization of p...
Ngày tải lên: 02/07/2014, 18:20
... the creation of the policy. You can show the department man- agers that someone from their part of the organization was involved and voiced that department’s concerns. It also helps if management ... easy part. In order to create it, you only had to get a small number of people involved. To effectively deploy the policy, you need to work with the whole organization. Gaining Buy-In Every de...
Ngày tải lên: 02/07/2014, 18:20
Bảo mật hệ thống mạng part 23 docx
... from those that are only accessed by employees. DMZs can also be used when dealing with business partners and other out - side entities. Defining the DMZ The DMZ is created by providing a semi-protected
Ngày tải lên: 02/07/2014, 18:20
Bảo mật hệ thống mạng part 28 docx
... must be loaded on user computers. If the computers are owned by the organization, this becomes part of the standard software load for the computer. If the organization allows employees to use ... internal network routers. These routes, along with the management of the addresses scheme should be documented so that routes are not inadvertently deleted during router maintenance. Chapter 10: Vi...
Ngày tải lên: 02/07/2014, 18:20
Bảo mật hệ thống mạng part 33 doc
... primary types of encryption: private key and public key. Private key en - cryption requires all parties who are authorized to read the information to have the same key. This then reduces the overall
Ngày tải lên: 02/07/2014, 18:20
Bảo mật hệ thống mạng part 36 docx
... may work if the remote sites are short distances apart. But what if the remote sites are continents away? The problem gets much harder. There is a partial solution to this problem, however. It may ... computers at UC Berkeley. The Swiss Federal Institute of Technology brute-forced a 48-bit RC5 key in 312 hours using 3,500 computers. Good recommendations at this time are to use at least 80-bi...
Ngày tải lên: 02/07/2014, 18:20
Bảo mật hệ thống mạng part 37 doc
... the legitimate owners. Malicious attacks tend to be focused on particular targets. The hacker is actively looking for ways to hurt a particular site or organization. The hacker’s underlying reason ... be modified by the customer and then to not check the in - formation on the back end. While this particular vulnerability does not allow a hacker to gain access to the system, it does provide a...
Ngày tải lên: 02/07/2014, 18:20
Bảo mật hệ thống mạng part 40 docx
... e-mail that executes and installs itself when the attachment is opened. Programs like this are particu - larly effective if the employee uses a Windows system. Physical Attack Methods The easiest ... mainframe may then become a primary target for a hacker seeking to cause the target serious harm. Part of the business model for any organization will be the location of employees and how they...
Ngày tải lên: 02/07/2014, 18:20
Bảo mật hệ thống mạng part 41 docx
... are two primary types of IDS: host-based (H-IDS) and network-based (N-IDS). An H-IDS resides on a particular host and looks for indications of attacks on that host. An N-IDS resides on a separate ... extended to include the home computers of employees who are allowed to telecommute or a business partner that is allowed to connect to the network. A burglar alarm is designed to detect any attem...
Ngày tải lên: 02/07/2014, 18:20