P

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

packet filtering
packet filters for routers [See access lists, router]
parameter g (Diffie-Hellman)
parameter p (Diffie-Hellman)
passive response to attacks, network IDS
passive scanning for wireless stations or access points
Password Authentication Protocol (PAP)
passwords
     capture by Trojan horses
     combined with digital signatures
     configuring secure passwords for routers
    encryption
         service password-encryption command
     file protection with
     reusable
         policy for (example)
    router
         assigned to the console, VTY, AUX lines, and enable
         configuration for Telnet
         enable and user-level passwords
     router, recovery procedure for
PAT (Port Address Translation)
     disadvantages of
patching
     vulnerabilities
pattern-matching IDS signatures
PC card-based solutions (security) 2nd
     hardware keys
     PC encryption cards
     security cards
PC encryption cards
PCI (Peripheral Component Interconnect
PCMCIA (wireless NIC)
PDIOO (planning, design, implementation, operation, and optimization)
peer authentication methods on VPNs
peer-to-peer WLANs 2nd
performance
     monitoring with SAA
Peripheral Component Interconnect [See PCI]
permissions
     changing in DACs
     router access list, example of
     web content directory, changing for Internet Explorer
     Windows file systems, hardening security settings 2nd
         Windows Explorer, using
permit entry
persistent cookies
Personal Computer Memory Card International Association [See PCMCIA]
personal digital ID or certificate
personal firewalls
personnel awareness of security policy
personnel training in physical security
PGP (Pretty Good Privacy)
PHY (physical) layer, WLANs
physical security 2nd
     disaster recovery plans
     internal
         access to devices
     outside and external security
physical security issues, network design 2nd
     governmental specifications for physical security
     internal security
     intrusion into secured facility by tailgating
     personnel training
     securing the perimeter
     survivability and recovery
ping
     requests, treatment by ASA algorithm
     traffic to IP broadcast addresses, in Smurf attacks
Ping of Death attack
PIX Firewall 2nd 3rd
     commands for managing and troubleshooting
     configuration as cut-through proxy
     data flow for
     features and functions not convered in detail
     full working configuration (case study)
     IDS
     NAT (network address translation) 2nd
     placement of 2nd
PKCS (Public Key Cryptography Standard)
PKI (Public Key Infrastructure) 2nd 3rd
     creating your own CA 2nd
     enrolling in a CA
     enrollment procedure
     public key distribution
     revocation of certificates
     topologies of trust
     trusted third party
         key exchange
         public key signing
Plan2111
planning stage (network life cycle)
plug-ins
     browser
point-to-multipoint bridge (WLANs)
point-to-point bridge (WLANs)
point-to-point WLANs
policy
policy section (example security policy for a VPN)
policy, definition of
policy-based IDS
     attacks prevented by
political constraints on network IDS
political constraints, network design
pool of global addresses
Port Address Translation (PAT)
port numbers
     source and destination, TCP/IP connections
     used by TCP to passinformation to upper layers
ports
     colors for
     risks of open wireless ports
power blackouts, countering
power blackouts, countering with UPSs
preshared keys (peer authentication method) 2nd
Pretty Good Privacy [See PGP]
Pretty Good Privacy (PGP)
prime numbers
     parameter p, Diffie-Hellman algorithm
     RSA algorithm
privacy policies, financial institutions
private data traversing public networks
Private Internet Exchange. SeePIX Firewall
private key (digital IDs)
Private Ports
privilege levels
processor speed
protocol decode-based IDS signatures
protocol stacks (802.11 standard)
protocols
     adaptive, checking in network traffic simulation
     CBAC inspection of
     CBAC intelligent filtering for
     Internet Key Exchange (IKE)
     IPSec
         establishing use of in IPSec policy
         identification of in transform sets
         tunnel or transport mode
     tunneling, selecting for VPN
proxies
     network use of proxy services
proxy servers
     configuring PIX Firewall as cut-through proxy
proxy servers, limiting attacks with
PSH (Push function), TCP field
public key (digital IDs)
public key cryptography
Public Key Infrastructure [See PKI]
public networks
     sending private data over
Public Service Segment (PSS) 2nd [See also DMZs]
purpose of a security policy
     example for a VPN
PuTTY (SSH client)