主題325:暗号化
325.1 X.509 証明書と公開鍵の基礎
OpenSSL: Open Secure Sockets Layer
PEM: Privacy Enhanced Mail
DER: Distinguished Encoding Rules
PKCS: Public-Key Cryptography Standards
CSR: Certificate Signing Request
CRL: Certificate Revocation List
OCSP: Online Certificate Status Protocol
325.2 暗号化、署名および認証のX.509 証明書
SSL: Secure Sockets Layer
TLS: Transport Layer Security
SNI: Server Name Indication
HSTS: HTTP Strict Transport Security
HTTPD: Hyper Text Transfer Protocol Daemon
HTTPS: Hyper Text Transfer Protocol Secure
325.3 暗号化ファイルシステム
LUKS: Linux Unified Key Setup
eCryptfs: Encrypted File System
EncFS: Encrypted File System
325.4 DNS と暗号化
DNS: Domain Name System
DNSSEC: DNS Security Extensions
DANE: DNS-based Authentication of Named Entities
EDNS: Extension mechanisms for DNS
BIND: Berkeley Internet Name Domain
DS: Delegation Signer
RRSIG: Resource Record Digital Signature
NSEC: Next Secure
TLSA: TLS Association
DO-Bit: DNSSEC OK
AD-Bit: Authenticated Data
TSIG: Transaction Signature
rndc: remote name daemon control
dig: domain information groper
delv: Domain Entity Lookup & Validation
openssl: Open Secure Sockets Layer
主題326:ホストセキュリティ
326.1 ホストの堅牢化
326.2 ホストの侵入検知
AIDE: Advanced Intrusion Detection Environment
OpenSCAP: Open Security Content Automation Protocol
auditd: audit daemon
auditctl: audit control
chkrootkit: check rootkit
rkhunter: rootkit hunter
maldet: malware detect
326.3 ユーザの管理と認証
NSS: Network Security Services
PAM: Pluggable Authentication Modules
SSSD: System Security Services Daemon
326.4 FreeIPA のインストレーションとSambaの統合
FreeIPA: Free Identity, Policy, and Audit
SSH: Secure Shell
SUID: Set User ID
SGID: Set Group ID
getfacl [setfacl]: get [set] file ACL
getfattr [setfattr]: get [set] file attribute
主題327:アクセス制御
327.1 任意アクセス制御
ACL: Access Control List
327.2 強制アクセス制御
TE: Type Enforcement
RBAC: Role-based Access Control
MAC: Mandatory Access Control
DAC: Discretionary Access Control
SELinux: Security-Enhanced Linux
AppArmor: Application Armor
Smack: Simplified Mandatory Access Control Kernel
getsebool: get SELinux booleans
togglesebool: toggle SELinux booleans
runcon: run command
apol: analyze policy
327.3 ネットワークファイルシステム
NFS: Network File System
CIFS: Common Internet File System
NTLM: NT LAN Manager
nfs4acl: NFSv4 ACL
getcifsacl: get CIFS ACL
setcifsacl: set CIFS ACL
主題328:ネットワークセキュリティ
328.1 ネットワークの堅牢化
RADIUS: Remote Authentication Dial In User Service
NDP: Neighbor Discovery Protocol
radiusd: RADIUS daemon
radmin: RADIUS administration
ndpmon: NDP monitor
328.2 ネットワークの侵入検知
OpenVAS: Open Vulnerability Assessment System
NVT: Network Vulnerability Tests
ntop: network table of processes
openvassd: OpenVAS Security Scanner
openvas-mkcert: make certification
328.3 パケットフィルタ
conntrackd: connection tracking daemon
nft: Network File Transfer
ebtables: Ethernet bridge frame table
328.4 仮想プライベートネットワーク (VPN)
OpenVPN: Open Virtual Private Network
IPsec: Security Architecture for Internet Protocol