threats – USC (United States Code) 483
training, 25
security awareness training, 5
transaction logging, 438
transferring risk, 327
transformer failure, 385
transitive trusts, 390
Transport layer, 221, 353
transport mode, 260
Trojan horses, 406, 408
trust path, 439
trusted channels, 248
trusted paths, 427
trusted recovery process, 303
truth tables, 57
two-person control, 285, 384
two-tier firewall, 83, 96, 98, 355
Type 2 authentication, 242
Type 3 authenticators, 123U
UAT (user acceptance testing), 397
UDP, OSI model and, 92
UDP 137-139, 128
UDP ports, 275
UEFI, 198
UIs (user interfaces), 374, 421
unit testing, 400
United States, privacy shield agreements, 3
updates, 383
UPS (uninterruptible power source), 73, 172,
245, 345, 391, 424
URL encoding, 188, 399
U.S. Food and Drug Administration, 37
U.S. government
authentication, 120
CAC , 120
classifications, 29–31, 33, 35, 41, 62,
120, 243, 269, 329, 334, 436, 452
security clearance, 62
US Trusted Foundry program, 408
USC (United States Code), 453tools, 20
VAST, 24
threats, 325
risk and, 453
three-tier firewall, 83, 96, 98, 354
three-way handshake, 206, 235, 432
thresholding, 406
thumb drives, encryption, 46
ticket-based authentication protocols, 116
time stamps, 378
time-based controls, 367
TKIP (Temporal Key Integrity Protocol),
415, 437
TLS (Transport Layer Security), 28, 331,
335, 345, 379, 398
encryption keys, 72
OSI model and, 92
TOC/TOU (Time of Check/Time of Use)
attacks, 186, 241, 343, 398, 401, 439
TOGAF (The Open Group Architecture
Framework), 385
Token Ring networks, 349
token-based authentication, 121
tokenization, 429
token-passing networks, 92
tokens, 212, 415, 423
tools, 148, 202
authorization, 6
penetration testing, 136–137
topologies, 82, 88, 91, 229
bus, 357
Ethernet, 101
mesh topology, 100, 357
ring, 92, 349
star, 240, 417
Tower of Hanoi scheme, 384
TPM (Trusted Platform Module), 339
trace coverage, 416
trade secret information, 30, 319, 416
trademarks, 8, 320, 321
traffic
filtering, 167
simulated, monitoring testing and, 134