Muutke küpsiste eelistusi

IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments [Pehme köide]

4.00/5 (3 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 750 pages, kõrgus x laius: 235x191 mm, kaal: 1260 g
  • Ilmumisaeg: 25-Jul-2008
  • Kirjastus: Syngress Media,U.S.
  • ISBN-10: 1597492663
  • ISBN-13: 9781597492669
Teised raamatud teemal:
IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and AssessmentsSuurem pilt
  • Formaat: Paperback / softback, 750 pages, kõrgus x laius: 235x191 mm, kaal: 1260 g
  • Ilmumisaeg: 25-Jul-2008
  • Kirjastus: Syngress Media,U.S.
  • ISBN-10: 1597492663
  • ISBN-13: 9781597492669
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781597492669.html
Märksõnad:
This book provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs.


Key Features:

* The ulitmate guide to making an effective security policy and controls that enable monitoring and testing against them
* The most comprehensive IT compliance template available, giving detailed information on testing all your IT security, policy and governance requirements
* A guide to meeting the minimum standard, whether you are planning to meet ISO 27001, PCI-DSS, HIPPA, FISCAM, COBIT or any other IT compliance requirement
* Both technical staff responsible for securing and auditing information systems and auditors who desire to demonstrate their technical expertise will gain the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems from this book
* This technically based, practical guide to information systems audit and assessment will show how the process can be used to meet myriad compliance issues

Muu info

All the professional IT audit skills that lead to compliance
Introduction to IT Compliance
1(24)
Introduction
2(1)
Does Security Belong within IT?
3(2)
Management Support
3(1)
Job Roles and Responsibilities
3(2)
What Are Audits, Assessments, and Reviews?
5(18)
Audit
5(1)
Inspection and Reviews
6(1)
Penetration Tests and Red Teaming
6(1)
Ethical Attacks
7(1)
Vulnerability Assessment
8(1)
GAP Analysis
8(1)
Black and White Box Testing
8(1)
Tools-Based Scanning
9(1)
Agreed Procedures Review
9(1)
Acceptance Testing
9(1)
Data Conversion
9(1)
The Taxonomy
10(1)
Vulnerability
11(1)
Threat-Source
11(1)
Threat
11(1)
Risk
11(1)
Risk Management
11(1)
The Decision Test of The Process
11(2)
Controls
13(1)
Defintion of Internal Control
13(1)
Key Concepts
13(1)
Key Controls
14(1)
Operational Controls
14(1)
General Controls
14(1)
Application Controls
15(1)
IT Goverance
15(1)
OTher Terms
16(1)
Objectivity
16(1)
Ethics
16(1)
Ethics, ``The 10 Commandments of Computer Ethics''
17(1)
Planning
17(1)
Examining and Evaluating Information
18(1)
A Preliminary Survey
18(1)
The Program---Criteria for Defining Procedures
18(1)
The Program
19(1)
Introduction and Background
19(1)
Purpose and Scope of the Report
19(1)
Objectives of the Project
20(1)
Definition of Terms
20(1)
Procedures
20(1)
ISACA
20(1)
CISA
20(1)
COBIT
21(1)
GSNA (SANS/GIAC)
21(1)
IIA (The Institute of Internal Auditors)
21(1)
CIA
21(1)
FISCAM
21(2)
Summary
23(2)
Evolution of Information Systems
25(18)
Introduction
26(1)
Terminology Used in This Book
27(1)
The Primary Objective of Auditing
27(1)
The Threat Scene
27(2)
Threats
28(1)
Attack Levels
29(11)
Critical
29(1)
High
29(1)
Medium
29(1)
Low
29(1)
Suspicious
30(1)
Modifiers
30(1)
A High Volume of Attacks
30(1)
Skilled and/or Unexpected Attacks
30(1)
Definition Matrix
30(2)
Threat Matrix
32(1)
Targeted Attacks
32(1)
``Hacktivism''
33(1)
Cyber Terrorism
33(1)
Common Criminals
33(1)
Insider Attacks
34(1)
Miscellaneous Attackers
34(1)
Methods of Attack
34(1)
Information Collection
35(1)
Unobtrusive Public Research
35(1)
Social Engineering
36(1)
Scanning
36(1)
System Break-Ins
36(1)
Follow-up and Continuing Attacks
37(1)
Attack Chaining
37(1)
Vandalism
37(1)
Denial-of-Service (DoS) Attacks
37(1)
Single-Message DoS Attacks
38(1)
Flooding Denial-of-Service (DDoS) Attacks or Distributed DoS Attacks
38(1)
Smurf Attacks
38(1)
Land Attacks
38(1)
Flooding Attacks
38(1)
Hostile Code
39(1)
What Is Hostile Code?
39(1)
Viruses
39(1)
Bombs
39(1)
Trojans
39(1)
Worms
40(1)
Policy > Procedure > Audit
40(1)
Summary
41(2)
The Information Systems Audit Program
43(16)
Introduction
44(1)
Audit Checklists
44(2)
Baselines
45(1)
Baselines and Automation
45(1)
Assurance
46(1)
Testing Your Organization's Security
46(6)
Objectivity
46(1)
Standards and Ethics
46(1)
Protection Testing, Internet Security Assessments, and Ethical Attacks
47(1)
Protection Testing or Internet Assessments
47(1)
Why People Do Protection Testing
48(1)
Penetration Testing or Ethical Attacks Vs Protection Testing
48(1)
Miscellaneous Tests
48(1)
Server Operating System Security Analysis
48(1)
Phone Line Scanning
49(1)
Phone/War dialing Audit Project Tasks
49(1)
Social Engineering
49(1)
BCP/DR Testing: Disaster Readiness Assessment
50(1)
What Is Covered in a BCP/DR Review?
51(1)
What Does BCP cover?
52(1)
Developing and Audit Manual
52(3)
Preliminary Survey
52(1)
Criteria for Defining Procedures
52(1)
The Program
53(1)
When to Prepare the Program
53(1)
The Final Report
53(1)
Report Standards
54(1)
The Cover Page
54(1)
Table of Contents
54(1)
Summary of Changes
54(1)
Introduction
54(1)
Executive Summary
54(1)
The Body of the Report
55(1)
Summary of Recommendations
55(1)
Appendices
55(1)
Security Management Model
55(3)
Summary
58(1)
Planning
59(14)
Introduction
60(1)
Performance of Audit Work
60(5)
Planning the Audit
60(1)
The Importance of Planning
61(1)
Examining and Evaluating Information
61(1)
Communicating Results
61(1)
Security Review Methodology
62(1)
Information Asset Identification
62(1)
Information Sensitivity and Criticality Assessment
62(1)
Access Policy Review
63(1)
Security Supporting Functions Review
63(1)
Security Enforcing Functions Review
64(1)
Final Report
65(1)
Scope
65(2)
The ``Who''
66(1)
Statement of Purpose/Scope
66(1)
Audit Objective
67(1)
Audit Planning
67(5)
Research
68(1)
Planning Scope
68(2)
Audit Strategy
70(1)
Defining the ``How''
70(1)
Scope Also Covers Time
70(2)
Summary
72(1)
Information Gathering
73(42)
Obtaining Information and Issuing Requests
74(3)
Objectivity
74(1)
Security Reviews of IT Systems
74(1)
Security Review Steps
74(1)
Information Asset Identification
74(1)
Information Sensitivity and Criticality Assessment
75(1)
Access Policy Review
75(1)
Security Supporting Functions Review
75(1)
A Review of an Organization's Security Enforcement Functions
75(1)
Policy Compliance Reviews
76(1)
Third-party and Government Reviews
76(1)
System Audit Considerations
76(1)
Internal and External Standards
76(1)
Internal Standards
77(1)
External Standards
77(1)
How to Characterize Your Organization
77(2)
Steps in Characterization
78(1)
Administrative Steps
78(1)
Technical Steps
79(1)
Stages of Characterization
79(1)
What Happens if Documentation Is Incomplete or Unavailable?
79(5)
Profile Matrix
80(1)
Risk Factoring
81(2)
Ease of Resolution: The Ease of Removing a Vulnerability
83(1)
Trivial
83(1)
Simple
83(1)
Moderate
83(1)
Difficult
83(1)
Infeasible
84(1)
What Information is Required?
84(9)
Information Asset Inventory
84(1)
General Support Systems
84(1)
Critical/Major Applications
84(1)
Risk Assessment
85(1)
Uptime Requirements
85(1)
System Design Documentation
85(1)
System Logical/Infrastructure Diagram
85(1)
Concept of Operations Brief
85(1)
List of Mandatory Requirements (if Any)
86(1)
Risk-Based Requirements
86(1)
List of Critical Configuration
86(1)
Detailed Configuration Documentation
86(1)
Detailed Network Diagrams
87(1)
Policy Documents
87(1)
System Security Policy and Administrative Security
87(1)
Personnel Security
88(1)
Physical Security
88(1)
Communications and Key Management Security
88(1)
Equipment Maintenance and Disposal
88(1)
System Output Disposal
88(1)
Normal and Privileged Access to Systems
88(1)
Media Security
88(1)
Configuration and Change Control
89(1)
User Responsibilities and Awareness
89(1)
Service Provider Responsibilities (external service provider only)
89(1)
Access Policy
89(1)
Procedures Documents
89(1)
Operational Support Procedures
89(1)
Change Implementation Procedures
90(1)
Intrusion Detection Procedures
90(1)
System Integrity Testing Procedures
90(1)
System Backup Procedures
90(1)
Plans
91(1)
Contingency Plans
91(1)
Incident Detection and Response Policy
92(1)
Attempts to Gain Technical Information on the System
92(1)
Unsuccessful Attempts to Subvert the System
92(1)
Successful Attempts to Subvert the System
92(1)
Major Successful Attempts to Subvert The System
93(1)
Policy Considerations
93(1)
General Background Information
93(7)
Identity LAN products used
94(1)
Review Administrative Documentation
95(1)
Identity Level of vendor support
95(1)
Gather information on vendor access to the network for diagnostic purposes
95(1)
Review duties and responsibilities of administrators for proper network security
95(1)
Network Maintenance
96(1)
Review system documentation
96(1)
Understand Network Operations
97(1)
Internal Controls Review
97(1)
Review Audit Trails
98(1)
Review Remote Communications Controls
99(1)
All that Information
99(1)
Side Issues with Gathering Passwords
100(7)
User Name Harvesting
100(1)
More on Planning
101(1)
Research
102(1)
Planning Scope
102(1)
Audit Strategy
102(1)
Scope Also Covers Time
103(1)
Audits Are Projects
103(1)
Password Management
103(2)
Pass Phrases
105(1)
Password Cracking and Guessing
105(1)
Password Guessing
106(1)
Password Cracking
107(1)
Access control Techniques and Types
107(5)
Discretionary Access Control
109(1)
Mandatory Access Control
109(1)
Lattice-Based Access Control
109(1)
Role-Based Access Control
110(1)
Rule-Based Authorization Checking
110(1)
Bell LaPadula
110(1)
Restrictions with the Bell-LaPadula Model
111(1)
Biba and Clark Wilson
111(1)
Terms and Definitions
112(2)
Summary
114(1)
Notes
114(1)
Security Policy Overview
115(34)
Introduction
116(1)
The Role of Policy and Procedures in Information Systems Defense
116(4)
SMART
116(1)
Specific
117(1)
Measurable
118(1)
Achievable
118(1)
Realistic
118(1)
Time-Based
118(1)
The Policy Life Cycle Process
119(1)
What's What?
120(5)
Mission, Vision, and Values Statements
121(1)
The Mission Statements
121(1)
The Vision Statements
122(1)
A Statement of Values
122(1)
Framework
122(1)
Policy
122(1)
Policy Levels
123(1)
High Level Policy
123(1)
Issue-Specific and System-Specific Policy
123(1)
Standard
123(1)
Guideline
124(1)
Process or Procedure
124(1)
Interpreting Policy as an Auditor
125(6)
Simple Steps to Assess the Security Posture
126(1)
System Audit Considerations
126(1)
Security Documentation Evaluation
127(1)
Various Levels of Policy and Their Functions
127(2)
The Framework for Issue-and System-Specific Policy
129(1)
Purpose
129(1)
Background
129(1)
Overview or Executive Summary
129(1)
Related documents
130(1)
Cancellation
130(1)
Scope
130(1)
Policy Statement
130(1)
Action
130(1)
Responsibility
130(1)
Compliance or Enforcement
130(1)
Identifying Preventive, Detective and Corrective Controls
131(1)
Preventive Controls
131(1)
Detective Controls
131(1)
Corrective Controls
131(1)
Developing a Security Policy
131(2)
Begin by Talking About the Issue
132(1)
The Use of the English Language in Policy Should Be Simple
132(1)
Policy Should be Evaluated on Clarity and Conciseness
133(1)
Policy Areas to be considered
133(1)
Identification and Authentication
133(1)
Access Control
133(1)
Software Security
133(1)
Physical Access Control
134(1)
Monitoring and Review
134(1)
Incident Management
134(1)
Policy Frameworks
134(5)
An ISO 17799 Summary
134(1)
Information Security Policy
134(1)
Security organization
135(1)
Information security Infrastructure
135(1)
Security of Third-Party Access
135(1)
Assets Classification and control
135(1)
Accountability for Assets
135(1)
Information Classification
135(1)
Personnel security
135(1)
Security in Job Definition and Resourcing
135(1)
User Training
135(1)
Responding to Incidents
136(1)
Physical and Environmental Security
136(1)
Secure Areas
136(1)
Equipment Security
136(1)
Communications and Operations Management
136(1)
Operational Procedures and Responsibilities
136(1)
System Planning and Acceptance
136(1)
Protection from Malicious Software
136(1)
Housekeeping
137(1)
Network Management
137(1)
Media Handling and Security
137(1)
Data and Software Exchange
137(1)
System Access Control
137(1)
Business Requirement for System Access
137(1)
User Access Management
137(1)
User Responsibilities
137(1)
Network Access control
137(1)
Computer Access Control
137(1)
Applications Access Control
138(1)
Monitoring System Access and use
138(1)
Systems Development and Maintenance
138(1)
Security Requirements
138(1)
Security in Applications
138(1)
Security of Operational Files
138(1)
Security in Development and Support Environments
138(1)
Business Continuity Planning
138(1)
Aspects of Business Continuity Planning
139(1)
Compliance
139(1)
Compliance with Legal Requirements
139(1)
The SANS Security Policy Project
139(1)
Need an Example Policy or Template?
139(1)
SANS SCORE
139(1)
Example Policy: SANS InfoSec Acceptable use Policy
140(5)
Overview
140(1)
Purpose
141(1)
Scope
141(1)
Policy
141(1)
General Use and Ownership
141(1)
Security and Proprietary Information
142(1)
Unacceptable Use
142(1)
System and Network Activities
142(2)
E-mail and Communications Activities
144(1)
Blogging
144(1)
Enforcement
144(1)
Definitions
145(1)
Revision History
145(1)
More Information
145(2)
Summary
147(2)
Policy Issues and Fundamentals
149(12)
Introduction
150(1)
The Auditor's Role in Relation to Policy Creation and Compliance
150(9)
SMART
150(1)
Specific
150(1)
Measurable
151(1)
Attainable
151(1)
Realistic
151(1)
Timely
151(1)
Policy Responsibilities
152(1)
Employees
152(1)
Management
153(1)
Policy Creation
153(1)
Policy Conformance
154(1)
Incident Handling
154(1)
SCORE
155(1)
Security Incident Forms
155(1)
Intellectual Property Incident Handling Forms
155(1)
Standards and Compliance
155(1)
Compliance with Legal Requirements
156(1)
Policy Compliance
156(1)
Third-Party and government Reviews
156(1)
System Audit Considerations
157(1)
Internal and External Standards
157(1)
Internal Standards
157(1)
External Standards
157(1)
Human Resource (HR) Issues
157(1)
Draft a Policy
158(1)
Summary
159(2)
Assessing Security Awareness and Knowledge of Policy
161(34)
Introduction
162(1)
Security Awareness and Training
162(11)
Awareness Programs Need to Be Implemented
164(1)
Scope, Goals, and Objectives
165(1)
Resources
165(1)
The ISMS Committees
166(1)
Target Audiences
166(1)
Motivation
166(1)
Development and Implementation of the Program
167(1)
Regular Maintenance
168(1)
Periodic Evaluations
168(1)
Awareness
169(1)
Training
169(1)
Education and Professional Development
169(1)
Objectives of an Awareness Program
170(1)
What is Information Security Awareness Training?
170(1)
Training Description and Scope
170(1)
Method
171(1)
Modify the Awareness Program if Required
171(1)
Time Scales
171(1)
Security Awareness Resource Requirements
171(1)
Detailed Trainer Guide for Conducting The Workshops
171(1)
Introduction
171(1)
Definition of Workshop
171(1)
The workshop Outline
172(1)
Guidelines for Use of Tools
172(1)
Example Slide Content
173(6)
Introduction: Slide 1
173(1)
Background
173(1)
What Are The Issues: Slide 2
174(1)
What are The Issues?
174(1)
Dependence on Information Systems for Business Continuity
174(1)
Information Processing is No longer Centralized
174(1)
Greater Exposure to Accidents
174(1)
There is Also The Human Element
174(1)
Legal Requirements
175(1)
What is Information? slide 3
175(1)
What is Information Security - Slides 4-6
175(1)
What is Information Security
175(1)
Threats: Slide 7
176(1)
Threats: Slide 7-9
177(1)
Internal Threats
177(1)
Errors and Ommissions
177(1)
Disgruntled Employees
177(1)
Threats: Slides 10-14
178(1)
External Threats
178(1)
Threats: Slide 15
178(1)
Environmental/Natural
178(1)
Threats: Slide 16
179(10)
Natural
179(1)
Motives: slide 17
179(1)
Motives
179(1)
Personal Prestige
179(1)
Targets: Slide 18-19
179(1)
Information Security Documentation: Slide 20
180(1)
Information Security Procedures
180(1)
Information Security Procedures
180(1)
Frequently Asked Questions
181(1)
Your Role in Information Security: Slides 21-30
182(1)
Why You Should Be Concerned About Informations Security
182(1)
Why Do We Need Controls?
182(1)
People Are Important Too
182(1)
Password and USERID Controls
183(1)
Password Selection Techniques
183(1)
Remote Access
183(1)
Secure Disposal of Information
183(1)
Security Breaches
183(1)
Responsibility
184(1)
Notification
184(1)
Investigation
184(1)
Details to be Reported
184(1)
Accidental Breaches
184(1)
Secure Handling of Information
185(1)
There Are Legal Reasons Why You Should protect Organizational Information
185(1)
Operate A Clean Desk Policy
185(1)
Use Caution When Handling Visitors
186(1)
Software Use
186(1)
Proprietary Software
186(1)
``Borrowing'' Software
186(1)
If in Doubt Do Not Copy
187(1)
Using The Organization's Computers at Home
187(1)
Bringing Your Own Home Computer To The Office
187(1)
Reporting Problems
188(1)
The 10 Commandments of IT Security: Slides 31-32
188(1)
The Future of Security: Slide 33
188(1)
Identification Techniques
188(1)
Summary: Slide 34
189(1)
Where to Get More Information: No slide at Present
189(1)
System Improvement Monitoring and Checks
189(5)
System Maintenance
190(1)
Testing Knowledge and Security Awareness
191(1)
Sample Managerial Assessment Interview Questionnaire
192(2)
Summary
194(1)
Notes
194(1)
An Introduction to Network Audit
195(34)
Introduction
196(1)
What is a Vulnerabililty Assessment?
196(1)
The Importance of Vulnerability Assessments
196(1)
A Survey of Vulnerability Assessment Tools
196(1)
Nessus: The Leading Open Source Volnerability Assessment Tool
196(1)
NMAP: The King of Network Port Scanners
196(1)
THC-Amap: An Application Fingerprinting Scanner
197(1)
Paketto Keiretsu: Extreme TCP/IP
197(1)
ncops (newer cops)
197(1)
NBTScan: GaThers NetBIOS Info from Windows Networks
197(1)
LSOF: LiSt Open Files
197(1)
Network Mapping
197(5)
Premapping Tasks
198(3)
What The Hackers Want to Know
201(1)
Auditing Perimeter Defenses
201(1)
Network Mapping from Outside Your firewall
202(1)
Network Mapping from Inside Your Firewall
202(1)
Auditing Routers, Switches, and OTher Network Infrastructure
202(7)
The Methodology
203(1)
Gain an Understanding of Your System
203(1)
What a Cracker Does
203(1)
System Design, Configuration and Support Vulnerabililty Assessment
204(1)
Assessment Planning
205(1)
The Attack
205(1)
Report Preparation
206(1)
Why this Approach is Different
206(1)
Protection Testing?
206(1)
Penetration Testing or Ethical Attacks Vs Protection Testing
207(1)
Miscellaneous Tests
207(1)
Server Operating System Security Analysis
207(1)
Phone Line Scanning
207(1)
Phone/War dialing Audit Project tasks
208(1)
Social engineering
208(1)
Network and Vulnerability Scanning
209(18)
Nessus
209(1)
Detached Scans
210(1)
Installation
210(1)
Using this Feature to scan your network in background
210(1)
Using The Nessus Client
211(8)
Using The feature to test your network automatically every ``X'' Hours
219(1)
Using The feature to keep one's KB up-to-date
220(2)
Constant Scanning
222(1)
Initial Setup
222(1)
Before You Start Nessusd, Ensure That Sendmail is in Your $Path!
222(1)
Keeping your plugins Up-to-date
223(1)
Differential Scanning
223(1)
How to Use it
223(1)
More Reading
224(1)
Essential Net Tools (EST)
225(1)
Cerberus Internet Scanner
226(1)
Summary
227(2)
Auditing cisco Routers and Switches
229(46)
Introduction
230(1)
Functions of a Router, Its Arthitectures, and Components
230(1)
Modes of Operation
230(1)
Configuration Files and States
231(1)
How a Router Can Play a Role in Your Security Infrastructure
231(1)
Router Technology: A TCP/IP Perspective
232(1)
Understanding The Auditing Issues with Routers
232(5)
Password Management
233(1)
Sevice Password Encryption
233(1)
Console Ports
233(1)
Interactive Access
234(1)
TTYs
234(1)
Controlling VVTYs and Ensuring VTY Availability
234(1)
Warning Banners
235(1)
Common Management Services
235(1)
SNMP
236(1)
HTTP
236(1)
Logging
236(1)
Sample Router Architectures in Corporate WANs
237(5)
Router Audit Tool (RAT) and Nipper
242(24)
RAT
243(1)
How RAT Works
243(1)
How to Install RAT
244(5)
How to Run RAT
249(6)
Command SYNTAX
255(1)
RAT Configuration Options
255(1)
Options for Downloading Device Configurations
256(1)
Options Affecting Rule Selection and Reporting
256(1)
Options for Selecting RAT Configuration files
257(1)
Nipper
258(1)
Getting Started
259(1)
Using Nipper
259(3)
Customizing The Parameter Settings in Nipper
262(1)
Using The command Line
262(1)
Modifying The nipper.ini File
263(2)
Other Options
265(1)
Cisco Output Interpreter
265(1)
Cisco Security and Device Manager
266(1)
Security Access Controls Performed by a Router
266(1)
Security of The Router Itself and Auditing for Router Integrity
267(2)
Identifying Security Vulnerabilities
269(1)
Router Audit Steps
269(1)
Sample Commands
270(2)
Cisco Router Check Lists
272(1)
Summary
273(2)
Testing The Firewall
275(24)
Introduction
276(1)
OS Configuration
277(1)
Firewall Configuration
277(2)
Working with Firewall Builder
279(6)
Building or Only testing
280(4)
Conflicting Rules
284(1)
System Administration
285(1)
Testing The Firewall Rulebase
285(1)
Identifying Misconfigurations
286(1)
Identifying Vulnerabilities
286(2)
Packet Flow from all Networks
288(4)
Scanning The Network
288(1)
Using nmap
288(3)
Using hping2
291(1)
Change Control
292(1)
Validated Firewalls
292(5)
Manual Validation
294(1)
Automated Rulebase Validation
294(1)
Creating Your Checklist
294(1)
CIS (Center for Internet Security)
295(1)
SANS
296(1)
NSA, NIST and DISA
296(1)
Summary
297(2)
Auditing and Security with Wireless Technologies
299(28)
Introduction
300(1)
Bluetooth
300(1)
WLAN and Wi-Fi
300(1)
War Driving
301(1)
Capturing wireless Traffic
301(3)
Analyzing 802.11 traffic
301(2)
WLAN Discovery
303(1)
Investigating rogue WLANs
303(1)
Conducting Wireless Site Surveys
304(3)
Using Maps to Document Wireless Signal Leakage
305(1)
Interference in Wireless Networks
305(1)
Sources of R F Interference
306(1)
Avoiding R F Interference
306(1)
Common Misconceptions with Wireless Security
307(1)
Passive WLAN Traffic Sniffing-from TCPDump to Kismet
308(1)
Techniques for Identifying and Locating Rogue AP's
309(102)
Wired-Side Analysis using AP Fingerprinting
309(1)
AP Fingerprinting using Nessus
309(1)
Wired-Side Scanning
310(1)
Wireless- Side Scanning
310(1)
Automating Centralized Wired-side Scanning for Rogue AP's
310(1)
Triangulation Techniques for Locating Transmitters
310(1)
Wireless ``Hacker'' Tools to Evaluate Your Network
311(2)
NetStumbler
311(1)
Ap4ff
311(1)
PrismStumbler
311(1)
WEP Crack
312(1)
Airsnort
312(1)
WifiScanner
312(1)
Wellenreiter
312(1)
WepLab
312(1)
BTScanner
312(1)
FakeAP
313(1)
Kismet
313(1)
Mognet
313(1)
Designing and Deploying WLAN Intrusion Detection Services
313(12)
Detection
313(1)
Notification
314(1)
Response
314(1)
Pros and Cons
314(1)
Wireless-Side Analysis - Wireless LAN IDS
314(1)
Continuous Rogue Detection
315(1)
Open-Source and Commercial Tools for WLAN Monitoring
315(1)
KISMET
316(1)
Installation
316(1)
Running Kismet
316(3)
Cleaning Up
319(1)
Kismet Wlan ids support
319(1)
Distributed Stationary Analysis with Lightweight Hardware (drone)
320(1)
Expert 802.11 analysis
320(1)
NetStumbler
320(4)
The Backtrack Network Security Suite Linux Distribution
324(1)
Summary
325(2)
Analyzing The Results
327(20)
Introduction
328(1)
Organizing The Mapping Results
328(2)
Creating Network Maps
328(1)
PBNJ
329(1)
ScanPBNJ default scan options
329(1)
OutputPBNJ
330(1)
Understanding The Map
330(1)
NDIFF
330(1)
Identifying Vulnerabilities
331(1)
Follow-on Activities
332(14)
Using Nmap
332(1)
Example nmap scans
333(1)
Identify live hosts
333(1)
Identify important ports
333(1)
Full scan
333(1)
Prioritizing Vulnerability Fixes
333(1)
Network sniffing
334(1)
NAC (Network Access Control)
334(1)
ARPMON
335(1)
Validating Fixes
335(1)
Benefits of Periodic Network Mapping
335(3)
Looking for Compromised Hosts
338(1)
configuration Auditing of Key Network Services (DNS, SMTP, etc.)
338(2)
Mail Relays
340(2)
DNS
342(1)
Recursive
342(1)
Zone Transfers
343(1)
Split DNS
343(1)
Split-Split DNS
343(3)
Summary
346(1)
Note
346(1)
An Introduction to Systems Auditing
347(24)
Introduction
348(1)
Automating The Audit Process
349(1)
Running a Network Scanner at Scheduled Times
349(1)
Run an Integrity Checker
349(1)
There Are Few Limits
349(1)
Progressive Construction of a Comprehensive Audit Program
350(1)
Monitoring
350(1)
Big BroTher (www.bb4.org/)
350(1)
Host Hardening
350(6)
Turning Off Unnecessary Services
350(1)
Unnecessary Services
351(1)
Turning Off Services in Windows
351(1)
Turning Off Services in UNIX
351(1)
Host-Based IDS
351(1)
Configuring AutoScan
351(1)
Installation
352(1)
Configuring Swatch
352(1)
Install and Configure ``Bruce''
352(1)
Process change Detection System
352(1)
Tripwire
352(1)
Known Vulnerabilities and Exploits
353(1)
Failures to Patch
353(2)
Example Information Systems Security Patch Release Procedures
355(1)
Purpose
355(1)
Details
355(1)
Physical, Electronic and Environmental Security
356(13)
Secured Zones and Appropriate Levels of Security
356(1)
Physical Security Barriers
357(1)
Location of Critical Services
357(1)
Electronic Intruder Detection Systems
357(1)
Security of organization Property Off-Premises
357(1)
Secure Disposal
358(1)
Computer and Network Management
358(1)
Operational Procedures and Responsibilities
358(1)
Documented Operating Procedures
358(1)
Operations Log
358(1)
Segregation of Duties
359(1)
Segregation of Development and Production
359(1)
Outsourcing Management
359(1)
System Management Controls
360(1)
Capacity Planning
360(1)
system Acceptance
360(1)
Configuration Management
360(1)
IT Change Control
360(1)
Security/Integrity Maintenance
361(1)
Malware Protection
361(1)
Housekeeping
362(1)
Backup and Recovery
362(1)
Operations Backup Logs
362(1)
Fault Logging
363(1)
Network Security Controls
363(1)
Media Handling and Security
363(1)
Management of Removable Media
363(1)
Security of System Documentation
363(1)
Banking and Payment Security
364(1)
Security of Office Automation Systems
364(1)
Logical Access Controls
364(1)
Business Driven Access Restrictions
364(1)
Staff Responsibilities
364(1)
Education & Training
364(1)
User Registration
365(1)
Privilege Management
365(1)
Default and System Passwords
365(1)
Timeouts
366(1)
Login Banners
366(1)
Compliance
366(1)
Legal and Contractual
366(1)
Software Copywright
366(1)
Safeguarding of The organization Records
367(1)
Privacy of Individuals' Information
367(1)
Training
367(1)
Audit Logging and Reporting
367(1)
Protection of Audit/Account Elements
368(1)
Security Reports
368(1)
IT Compliance with Security Policy
368(1)
Misuse of IT Facilities
368(1)
Reporting of Security Weaknesses and Incidents
368(1)
Password-Cracking Tools
369(1)
Summary
370(1)
Database Auditing
371(24)
Introduction
372(1)
Database Security
372(10)
Principles for Developing a Database Audit Strategy
373(1)
Check Triggers
373(1)
System Triggers
373(1)
Update, Delete, and Insert Triggers
373(1)
Fine-Grained Audit
374(1)
System Logs
374(1)
Audit Database Access
374(1)
Auditing Changes to The Database Structure
374(1)
Audit any Use of System Privileges
375(1)
Audit Data changes to Objects
375(1)
Failed Log-on Attempts
375(1)
Attempts to Access The Database with Nonexistent Users
375(1)
Attempts to Access The Database at Unusual Hours
375(1)
Check for users Sharing Database Accounts
375(1)
Multiple Access Attempts for Different Users from The Same Terminal
376(1)
Views
376(1)
Interity Rules
377(1)
Authorizatin Rules
377(1)
User-Defined Procedures
378(1)
Encryption
378(1)
Client Service Security and Databases
378(1)
Automated Database Audit Solutions
379(2)
Data Access Auditing
381(1)
SQL Injection
382(1)
Tools
382(5)
Specialized Audit software
382(1)
CASE (Computer-Aided Software Engineering) Tools
383(4)
Vulnerability Assessment Tools
387(1)
Introduction to SQL
387(2)
Union All Select
388(1)
INSERT INTO
388(1)
JOIN
388(1)
UNION
388(1)
Key Database terms
388(1)
Database
388(1)
Data Type
389(1)
Field
389(1)
Instance
389(1)
Joins
389(1)
Primary Key
389(1)
Record
389(1)
Stored Procedures
389(1)
Table
389(1)
View
389(1)
Remote Testing
389(2)
Local Security
391(2)
Creating Your Checklist
391(1)
CIS (The Center for Internet Security)
391(1)
SANS
391(1)
NSA, NIST and DISA
392(1)
Considerations in SQL Auditing
392(1)
Microsoft SQL checks
392(1)
Summary
393(2)
Microsoft Windows Security and Audits
395(70)
Introduction
396(1)
Basic System Information
396(13)
Windows System Information(WSI)
396(1)
Somarsoft DumpSec
397(3)
Somarsoft Hyena
400(7)
Software and Licensing in Hyena
407(1)
Belarc Advisor
407(2)
Patch levels
409(8)
Microsoft Baseline Security Analyzer (MBSA)
409(3)
How to Scan for Patch Levels Using MBSA
412(1)
How to Interpret the MBSA Scan Reports
413(1)
For the Security Update Checks
413(1)
For the administrative vulnerability checks
414(1)
Qfecheck and Hotfix Reports
414(1)
Downloading and Installing Qfecheck
415(1)
Using Qfecheck
416(1)
Network-Based Services
417(7)
Using System Information
417(1)
Using the MMC
418(1)
Using the Command Line
419(2)
TCPView
421(1)
Using TCPView
422(1)
Using Tcpvcon
423(1)
Local Services
424(3)
PsTools Suite
424(1)
Using PsTools
425(1)
Running PsTools in the local host
426(1)
Running PsTools in a remote host
427(1)
Installed Software
427(1)
Using Add or Remove Programs
427(1)
Software Asset Manager (SAM)
428(1)
Security Configuration
428(14)
Microsoft Management Console (MMC)
429(2)
Customizing the Display of Snap-ins in the Console: New Windows
431(4)
Using the Security configuration and Analysis (SCA)
435(1)
How to Run SCA
435(1)
Creating and using template databases with SCA
436(2)
Scanning System Security
438(3)
Correcting System Security
441(1)
Using Local Security Policy (LSP)
441(1)
Using Center for Internet Security (CIS) Benchmarks
442(1)
Group Policy Management
442(10)
GpResult
443(1)
Parameters
443(1)
How to use Active Directory
443(2)
Using Group Policy
445(4)
Using Resultant Set of Policy (RSoP)
449(3)
Service Packs, Patches and Backups
452(2)
Patch Installation
452(1)
Hotfixes, Fixes, Patches, Updates and Work-Around's
453(1)
Patch Management Systems
453(1)
Windows Software Update Services (WSUS)
453(1)
SMS
454(1)
Auditing and Automation
454(1)
Log Aggregation, management and analysis
454(6)
DAD
454(2)
Windows Log Files
456(2)
Windows Scripting Tools
458(1)
WMIC
459(1)
Maintaining a Secure Enterprise
460(1)
Scheduling Automated Tasks
460(1)
Creating Your Checklist
460(3)
CIS (The Center for Internet Security)
461(1)
SANS
461(1)
NSA, NIST and DISA
461(1)
Considerations in Windows Auditing
461(2)
Summary
463(2)
Auditing UNIX and Linux
465(50)
Introduction
466(1)
Patching and Software Installation
467(7)
The Need for Patches
467(1)
Obtaining and Installing System Patches
468(1)
Validating the Patch Process
469(2)
Failures to Patch
471(1)
Example Information Systems Security Patch Release procedures
472(1)
Purpose
473(1)
Details
473(1)
Vendor Contacts/Patch Sources
473(1)
Minimizing System Services
474(6)
Guidance for Network Services
474(1)
Unnecessary Services
475(1)
Turning Off Services in UNIX
475(1)
RPC and Portmapper
475(1)
Controlling Services at Boot Time
476(1)
inetd and xinetd
477(1)
Authentication and Validation
477(3)
Logging
480(6)
Syslog and Other Standard Logs
480(2)
System Accounting and Process Accounting
482(1)
Connect Session Statics
482(1)
Disk Space Utilization
483(1)
Printer Usage
484(1)
Automatic Accounting Commands
484(1)
System Accounting Commands that can be Run Automatically or Manually
485(1)
Manually Executed Commands
485(1)
File System Access Control
486(5)
User-Level Access
488(1)
Special Permissions that are set for a file or Directory on the Whole, Not by a Class
489(1)
The Set user, ID, setuid, or SUID permission
489(1)
The set group ID, setgid, or SGID permission
489(1)
The sticky permission
489(1)
UNIX command is for file permissions
489(1)
Chmod
489(1)
Is or the List command
489(1)
``cat'' or Concatenate
490(1)
``man'' the UNIX online Manual
490(1)
Usernames, UIDS, the Superuser
490(1)
Blocking Accounts, Expiration, etc
490(1)
Restricting Superuser Access
491(1)
Disabling rhosts
491(1)
Additional Security Configuration
491(8)
Network Access Control
492(1)
Use tcpd to limit access to your machine
492(1)
Use ssh instead of telnet, rlogin, rsh and rcp
493(1)
Network Profiling
493(1)
Netstat
493(1)
Lsof
493(1)
Ps
494(1)
Top
495(1)
Kernel Tuning for Security
495(1)
Solaris Kernel Tools
495(1)
Solaris Kernel Parameters
495(1)
ARP
496(1)
IP Parameters
496(1)
TCP Parameters
497(1)
Security for the cron System
498(1)
Backups and Archives
499(2)
tar, dump, and dd
499(1)
tar
499(1)
Compressing and Uncompressing tar images
499(1)
dump
500(1)
dd
500(1)
Tricks and Techniques
500(1)
Auditing to Create a Secure Configuration
501(8)
Local Area Security
501(1)
WarLinux
501(1)
Auditor/Back Track
501(1)
Elive
501(1)
Arudius
501(1)
Building Your Own Auditing Toolkit
502(1)
About Idd
503(1)
Using the Distribution
503(1)
File Integrity Assessment
504(1)
Hardware Integrity
504(1)
Operating Sytem Integrity
505(1)
Data Integrity
505(1)
Finer Points of Find
505(2)
Logical Operations
507(1)
Output Options
507(1)
A Summary of the Find Command
508(1)
Auditing to Maintain a Secure Configuration
509(1)
Operating system version
509(1)
File systems in use
509(1)
Reading Logfiles
509(1)
What Tools to Use
509(1)
Password Assessment Tools
510(1)
Creating your Check List
510(2)
CIS (The Center for Internet Security)
510(1)
SANS
510(1)
NSA, NIST and DISA
511(1)
Considerations in UNIX Auditing
512(3)
Physical Security
512(1)
Network Security
512(1)
Account Security
513(1)
File System Security
514(1)
Security Testing
514(1)
Notes
514(1)
Auditing Web-Based Applications
515(46)
Introduction
516(10)
Sample Code
516(2)
An Introduction to HTML
518(1)
An Introduction to HTTP
518(1)
Limitations with the Web Browser
519(1)
Hidden Form Elements
520(1)
Authentication in HTTP
520(1)
HTTP Basic Authentication
520(1)
HTTP Digest Authentication
520(2)
HTTP Forms-Based Authentication
522(1)
HTTP Certificate Based Authentication
522(1)
HTTP Entity Authentication (Cookies)
522(1)
Get vs. Post
522(1)
Cookies
523(1)
Persistent Cookie (File Based and Stored on Hard Drive)
523(1)
Session Cookie (Memory Based)
523(1)
Cookie Flow
524(1)
Cookie Headers
524(1)
Cookies and the Law
525(1)
Tracking Cookies
525(1)
Cookies and the Auditor
525(1)
What is a Web Bug?
525(1)
Information-Gathering Attacks
526(2)
User Sign-on Process
528(1)
User Name Harvesting/Password Harvesting
528(1)
Resource Exhaustion
528(1)
User Sign-off Process
529(1)
Os and Web Server Weakness
529(2)
Presentation
530(1)
Application
530(1)
Persistent or Database
530(1)
Too Few Layers
530(1)
Buffer Overflows
531(1)
Session Tracking and Management
532(2)
Session Tokens
533(1)
Cryptographic Algorithms for Session Tokens
533(1)
Appropriate Key Space
533(1)
Session Time-Out
533(1)
Regeneration of Session Tokens
533(1)
Session Forging/Brute-Forcing Detection and/or Lockout
533(1)
Session Re-Authentication
533(1)
Session token Transmission
534(1)
Session Tokens on Logout
534(1)
Page Tokens
534(1)
Web Forms
534(1)
Unexpected User Input
534(1)
Input validation
535(1)
Sanitization
535(1)
Error Checking
535(1)
Web Browser Security
535(1)
Open Web Application Security Project
535(6)
OWASP 2007 Top 10
535(1)
Cross Site Scripting (XSS)
536(1)
Injection Flaws
536(1)
Malicious File Execution
536(1)
Insecure Direct Object Reference
536(1)
Cross Site Request Forgery (CSRF)
536(1)
Information Leakage and Improper Error Handling
536(1)
Broken Authentication and Session Management
536(1)
Insecure Cryptographic Storage
536(1)
Insecure Communications
536(1)
Failure to Restrict URL Access
537(1)
Development Guides
537(1)
Best Practice Resources
537(1)
Web Vulnerability Database
538(1)
WebScarab Web Auditing Tool
538(2)
WebGoat Learning Tool
540(1)
Fuzzing
540(1)
SQL Injection
541(1)
Cross-Site Scripting
541(4)
Cookie Theft Javascript Examples
541(1)
ASCII
541(1)
HEX
542(1)
Cookie Stealing Code Snippet
543(1)
Nonpersistent Attack
543(1)
Is a Web Server Vulnerable?
543(1)
XSS Protection
543(1)
XSS References
543(1)
XSS (Cross Site Scripting) Cheat Sheet
544(1)
DNS Rebinding Attacks
545(11)
What is the Same-Origin Policy?
546(1)
What is DNS Pinning?
547(2)
Anti-DNS Pinning (Re-Binding)
549(2)
Anti Anti DNS Pinning
551(1)
Anti Anti Anti DNS Pinning
551(1)
The First Question Is Why?
552(1)
Varieties of DNS Rebinding attacks
552(1)
Traditional Rebinding
553(1)
Spatial Rebinding
553(1)
Browser wants an internal IP external but it gets internal address
553(1)
Flash/Java wants an internal address but receives an external one
553(1)
Ridiculous or Farfetched?
553(1)
CNiping (Pronounced ``Sniping'')
553(1)
What are Open Network Proxies?
554(1)
Slirpie (Proxy)
554(1)
JSON
554(1)
Distributed Malware
555(1)
Defending Against DNS Rebinding
555(1)
Powf (Passing Fingerprinting of Web Content Frameworks)
556(1)
Splogging
556(5)
RSS abuse
557(1)
Defenses
557(1)
Creating Your Checklist
558(1)
CIS (The Center for Internet Security)
558(1)
SANS
558(1)
NSA, NIST and DISA
558(1)
Considerations in Web Auditing
559(1)
IIS Specific Information for the Checklist
559(1)
Apache Specific Information for the Checklist
560(1)
Scanning
560(1)
Other Systems
561(16)
Introduction
562(1)
Mainframes and Legacy Systems
562(6)
What is a Mainframe?
563(1)
Legacy Systems
564(1)
Reviewing Legacy and Mainframe Systems
565(2)
FTP
567(1)
LPAR (Logical Partition)
567(1)
UML
568(3)
Unified
568(1)
Model
568(1)
Language
569(1)
UML and Processes
569(1)
FurTher information about UML
570(1)
Code Reviews and Testing third-Party Software
571(3)
Black Box testing
571(1)
White box Testing
571(1)
Testing in Combination
572(1)
The Various Levels of Testing
572(1)
Unit testing
572(1)
Integration testing
573(1)
Acceptance Testing
573(1)
Regression testing
573(1)
Test Cycles
573(1)
Requirements Analysis
573(1)
Test Planning
573(1)
Test Development
573(1)
Test Execution
574(1)
Test Reporting
574(1)
Retesting The Defects
574(1)
Encryption
574(2)
Summary
576(1)
Risk Management, Security Compliance, and Audit Controols
577(32)
Introduction
578(1)
What is a Process?
578(1)
Objectives
578(1)
Controls
578(1)
Policies
578(1)
System
578(1)
Risk Anaysis
579(6)
Implementing a Risk Mitigation Strategy
580(1)
Plan do Check Act (PDCA)
580(1)
Plan
580(1)
Do
580(1)
Check
580(1)
Act
580(1)
Risk Management, Security Compliance and Audit Controls
580(1)
Risk Analysis: Techniques and methods
581(1)
Overview of Risk Methods
581(1)
General Risk Analysis
581(1)
Risk Analysis Models
581(1)
Quantitative
581(1)
Placing a Value on Risk Management
582(1)
Internal Value
582(1)
External Value
582(1)
Total Value
582(1)
ALE-Annualized Factor (or likelilhood factor)
583(1)
EF - Exposure Factor (or likelihood factor)
583(1)
SLE - Single Loss Expectancy
583(1)
ARO - Annualized Rate of Occurance
583(1)
Qualitative Risk
583(1)
Threats
584(1)
Vulnerabilities
585(1)
FMECA Anaysis
585(1)
FMECA Summary
586(1)
CCA - Cause Consequence Analysis
586(11)
Two Tree Types
586(1)
Attack Tree
587(1)
Hardware Theft
587(1)
Vandalize Hardware
588(1)
Disrupt Network Traffic
589(2)
Acquire Bogus User Credentials
591(1)
Gain Root Access
591(2)
Vector Anaysis
593(1)
Intercept a Network Connection for a particular user
593(1)
Denial of service against a partiular user or all users
594(1)
Complexity
594(1)
Risk Dynamics
594(1)
Time-Based Analysis (TBA)
595(1)
Monte Carlo Method
595(1)
Some Existing Tools for Risk Analysis
596(1)
Crystal Ball
596(1)
Risk +
597(1)
Cobra
597(1)
Octave
597(1)
Creating an Information Systems Risk Program
597(6)
Risk Assessment
598(1)
The Assessment Process
599(1)
Preparation and Identification
600(1)
Current Business Practices
600(1)
The Future
600(1)
Identification of Information Assets
600(1)
Information Value
600(1)
Threat Assessment
600(1)
Security Architure Analysis
601(1)
Requird Security Architecture
601(1)
Identification of Current Security Architecture
601(1)
Risk Assessment
601(1)
Gap Analysis
601(1)
Risk Assessment
601(1)
Recommendations
601(1)
Known Deficiencies
601(1)
Risk Management Plan
602(1)
Assessment and Conclusion
602(1)
Risk Management
602(1)
Risk Managements is an Issue for Management, no Technology
602(1)
Constraints Analysis
603(1)
Risk Summary
603(2)
Counter Strategy and Counter Measures
604(1)
Business Impact Analysis
605(1)
Defense in Depth
606(1)
Data Classifation
606(1)
Summary
607(2)
Notes
607(2)
Information Systems Legilation
609(64)
Introduction
610(1)
Civil and Criminal Law
610(1)
Legal Requirements
611(10)
Contracts
612(1)
Problems with Electronic Contracting
613(1)
E-mail
614(1)
The Postal Acceptance Rule
615(1)
World Wide Web
616(1)
Invitation to Treat, Offers and Acceptance
617(2)
Electronic Signatures
619(1)
Electronic Agency Issues
620(1)
Acceptance in Unilateral Contracts
621(1)
Other Issues in Contractual Formation that Impact Offer and Acceptance
621(1)
Jurisdiction and Communication of Acceptance
621(1)
Jurisdiction
621(12)
Crime (Cybercrime)
622(1)
Electronic Espionage
623(1)
Employee Monitoring
624(1)
Activity Monitor
624(1)
Spy Tool: SpyBuddy
625(1)
Data Protection
626(1)
Hate Crimes, Defamation and The Things We Say
627(1)
Contempt of Court
627(1)
Inciting Racial Hatred
627(1)
Defamation
628(3)
Harassment
631(1)
E-mail Crimes and Violations
631(1)
Chain Letter
631(1)
Spamming
631(1)
Mail Bombing
631(1)
Mail Storm
632(1)
Identity Fraud
632(1)
Distributing a Virus or OTher Malware
632(1)
Defamation and Injurious Falsehood
633(1)
Harassment and Cyber Stalking
634(1)
Pornogrphy and Obscenity
635(3)
Child Pornography and Obscenity
636(2)
Privacy
638(1)
Searches and The Fourth Amendment
639(2)
Warrants
640(1)
Anton Piller (Civil Search)
640(1)
Authorization
641(1)
License
641(1)
Intellectual Property
641(6)
Copyright
642(2)
Investigating Copyright Status
644(1)
Trademark Infringement
645(1)
Patents and Patent Infringement
646(1)
Evidence Law
647(1)
Interpol and Information Technology Crime
648(6)
Remedy in Tort and Civil Suits
648(1)
Cyber Negligence
649(2)
Vicarious Liability
651(1)
Civil Liability
651(2)
Criminal Liability
653(1)
Reporting an Incident
654(1)
Document Retention
655(5)
Introduction to Document Management Policy
655(1)
Applications to Internal Audit
656(1)
Minimum Document Retention Guidelines
657(1)
U.S. Trends
658(1)
Gramm-Leach-Bliley
658(1)
The Health Insurance Portability Accountability Act
658(1)
The Sarbanes-Oxley Act
658(1)
Destruction of Adverse Documents
659(1)
The Litigation Process of discovery
659(1)
Expectation of Privacy
659(1)
Acceptable Use Policies
659(1)
Due Care and Due Diligence
660(1)
Electronic Discovery
660(1)
Reviewing and Auditing Contracts
660(1)
Issues with Electronic Contracting
661(1)
Prevention is the Key
661(1)
Summary
662(11)
Notes
662(11)
Operations Security
673(22)
Introduction
674(2)
The Concepts of Organizational OPSEC (Operation Security)
674(2)
Administrative Management
676(8)
Fraud
677(1)
The Fraud Triangle
678(1)
Control Categories
679(1)
Deterrent (or Directive) Controls
679(1)
Preventative Controls
679(1)
Detectative Controls
680(1)
Corrective Controls
680(1)
Recovery Controls
680(1)
Application Controls
680(1)
Transaction Controls
680(1)
Input Controls
680(1)
Processing Controls
681(1)
Output Controls
681(1)
Change Control
681(1)
Test Controls
681(1)
Operational Controls
681(1)
Hardware Inventory and Configuration
681(1)
Patch Management
681(1)
Configuration Change Management (CCM)
682(1)
Resource Protection
683(1)
Individual Accountability
684(1)
Group vs. Individual Accountability
684(1)
Privileged Users
684(1)
Nonrepudiation
684(1)
Operational Controls
685(2)
Hardware Controls
686(1)
Hardware Maintenance
686(1)
Maintenance Accounts
686(1)
Diagnostic Port Control
686(1)
Hardware Physical Control
686(1)
Protection of Operational Files
687(1)
Intrusion Detection
687(3)
Incident Handling
688(1)
Keep a Log Book
689(1)
Inform the Appropriate People
689(1)
Follow-up Analysis
689(1)
Auditing to Determine What Went Wrong
690(3)
Audit Trails
690(1)
Evidence of Past Incidents
691(1)
Monitoring and Logging
691(1)
Clipping Level
692(1)
Summary
693(2)
Notes
693(2)
Index 695