PrintNumber | ErrorLocation | Error | Correction | DateAdded |
---|---|---|---|---|
1 | pii | First Printing: March 2009 12 11 10 09 4 3 2 1 |
Second PRinting: March 2010 | 5/4/2009 |
1 | p31 | In 1991, nearly 150 women and young girls died when they couldnt exit the Triangle Shirtwaist factory they were working in when it caught fire. | In 1911, nearly 150 women and young girls died when they couldnt exit the Triangle Shirtwaist factory they were working in when it caught fire. | 3/25/2010 |
1 | p37 | Figure 2.1 Bollards. (Source: www.deltascientific.com/bollards2.htm) | Figure 2.1 Bollards. (Source: www.deltascientific.com/hs_bollards.htm) | 3/25/2010 |
1 | p48 | These systems must be controlled to protect organizations and their and occupants from the threat of chemical and biological threats. | These systems must be controlled to protect organizations and their occupants from the threat of chemical and biological threats. | 3/25/2010 |
1 | p64 | Single sign-on allows users the ability to authenticate only once and then access all needed resourced and systems. | Single sign-on allows users the ability to authenticate only once and then access all needed resources and systems. | 3/25/2010 |
1 | p72 | Certificates can reside on a smart card or used by Internet Protocol Security (IPSec) and Secure Sockets Layer (SSL) for web authentication. | Certificates can reside on a smart card or can be used by Internet Protocol Security (IPSec) and Secure Sockets Layer (SSL) for web authentication. | 3/25/2010 |
1 | p86 | For example, Figure 3.8 demonstrates these boundaries. If you were cleared for secret access, you could read the level below, which is confidential. |
For example, Figure 3.8 demonstrates these boundaries. If you were cleared for secret access, you could read the level below, which is secret. |
3/25/2010 |
1 | p86 | Access control models can be divided into two distinct types: centralized and decentralized. | Access control models can be divided into two distinct groups: centralized and decentralized. | 3/25/2010 |
1 | p91 | If so, you should be aware that a growing number of HR departments are searching these sites to get know potential employees. | If so, you should be aware that a growing number of HR departments are searching these sites to get to know potential employees. | 3/25/2010 |
1 | p99 | This acceptable use policy defines the boundaries of the acceptable use of this organizations systems and resources. Access to any company system or resources is a privilege that may be wholly or partially restricted without prior notice and without consent of the user. In cases of suspected violations or during the process of periodic review employees can have activities monitored. Monitoring may involve a complete keystroke log of an entire session or sessions as needed to very compliance to company polices and usage agreements. | This acceptable use policy defines the boundaries of the acceptable use of this organizations systems and resources. Access to any company system or resources is a privilege that may be wholly or partially restricted without prior notice and without consent of the user. In cases of suspected violations or during the process of periodic review employees can have activities monitored. Monitoring may involve a complete keystroke log of an entire session or sessions as needed to verify compliance to company polices and usage agreements. | 3/25/2010 |
1 | p100 | Even if you see it, a hardware keystroke loggers can be overlooked because it resembles a balum or extension. | Even if you see it, a hardware keystroke loggers can be overlooked because it resembles a balun or extension. | 3/25/2010 |
1 | p108 | Just as with Fraggle and Smurf, the networks bandwidth will be reduced or even possible saturated. | Just as with Fraggle and Smurf, the networks bandwidth will be reduced or even possibly saturated. | 3/25/2010 |
1 | p111 | 3. What are the two primary components of a DAC? | 3. What are two primary components of a discretionary access control (DAC)? | 3/25/2010 |
1 | p134 | Figure 4.5 illustrates an example of EBC. | Figure 4.5 illustrates an example of ECB. | 3/25/2010 |
1 | p145 | Table 4.3 Symmetric and Asymmetric Systems Compared Symmetric Asymmetric Confidentiality Integrity, authentication, nonrepudation |
Table 4.3 Symmetric and Asymmetric Systems Compared Symmetric Asymmetric Confidentiality Integrity, authentication, nonrepudiation |
3/25/2010 |
1 | p192 | Biba addresses only the first goal of integrityprotecting the system for access by unauthorized users. | Biba addresses only the first goal of integrityprotecting the system from access by unauthorized users. | 3/26/2010 |
1 | p200 | Common Criterias seven levels of assurance and its two security requirements are required test knowledge. | Common Criterias levels of assurance include levels 0-7 and its two security requirements are required test knowledge. | 3/26/2010 |
1 | p206 | The attacker used this knowledge to open thousand of different online accounts collecting only a few cents from each. | The attacker used this knowledge to open thousands of different online accounts collecting only a few cents from each. | 3/26/2010 |
1 | p236 | When this occurs, a collusion occurs and the devices retransmit its frame after waiting a random period and sensing the wire again. | When this occurs, the devices retransmit its frame after waiting a random period and sensing the wire again. | 3/26/2010 |
1 | p241 | Switches operate by storing the MAC addresses by placing them in a lookup table that is located in random access memory (RAM). | Switches operate by storing the MAC addresses, placing them in a lookup table that is located in random access memory (RAM). | 3/26/2010 |
1 | p263 | Because packets with private IP addresses cannot be routed to external IP addresses, and external traffic cannot be routed into the NATed network. | This is because packets with private IP addresses cannot be routed to external IP addresses, and external traffic cannot be routed into the NATed network. | 3/26/2010 |
1 | p298 | Quarter Inch Tape (QIC) | Quarter Inch Tape Cartridge | 3/26/2010 |
1 | p302 | Figure 7.4 illustrates the RTO can be used to determine acceptable downtime. | Figure 7.4 illustrates how the RTO can be used to determine acceptable downtime. | 3/26/2010 |
1 | p315 | 8. Which of the following will a business impact analysis not provide? | 8. Which of the following will a business impact analysis provide? | 3/26/2010 |
1 | p341 | P.T. Barnum once said, Theres a sucker born every minute, unfortunately, he was right. |
8. Which of the following will a business impact analysis provide? | 3/26/2010 |
1 | p375 | Hard changeoverThis method establishes a data at which users are forced to change over. | Hard changeoverThis method establishes a date at which users are forced to change over. | 3/26/2010 |
1 | p399 | The DDoS attack was in vogue until around the year 2000, when botnets started gaining ground. | The DDoS attack were in vogue until around the year 2000, when botnets started gaining ground. | 3/26/2010 |
1 | p409 | Sarbanes-Oxley (SoX) | Sarbanes-Oxley (SOX) | 3/26/2010 |
1 | p410 | Figure 10.2 7. Audit | 6. Audit | 3/26/2010 |
1 | p412 | Risk management is the act of determining what threats your organization faces, analyzing the vulnerabilities that can expose your assets to that threat, and determining how you will deal with the risk. | Risk management is the act of determining what threats your organization faces, analyzing the vulnerabilities that can expose your assets to those threats, and determining how you will deal with the risk. | 3/26/2010 |
1 | p424 | http://www.iatrp.com/ | http://www.iatrp.org/ | 3/26/2010 |
1 | p424 | NIST provides another resource for qualitative risk assessment methodologies. | NIST 800-53A and FIPS 199 provides another resource for qualitative risk assessment methodologies. | 3/26/2010 |