Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Get Free Quotes Post Your Requirements

Root exposed wget http fbi gov 0 docs zip

10/12/2021 Client: muhammad11 Deadline: 2 Day

Information Security and IT Risk Management Manish Agrawal, Ph.D. Associate Professor Information Systems and Decision Sciences University of South Florida

Alex Campoe, CISSP Director, Information Security University of South Florida

Eric Pierce Associate Director, Information Security University of South Florida

Vice President and Executive Publisher Don Fowley Executive Editor Beth Lang Golub Editorial Assistant Jayne Ziemba Photo Editor Ericka Millbrand Associate Production Manager Joyce Poh Cover Designer Kenji Ngieng

This book was set by MPS Limited.

Founded in 1807, John Wiley & Sons, Inc. has been a valued source of knowledge and understanding for more than 200 years, helping people around the world meet their needs and fulfi ll their aspirations. Our company is built on a foundation of principles that include responsibility to the communities we serve and where we live and work. In 2008, we launched a Corporate Citizenship Initiative, a global effort to address the environmental, social, economic, and ethical challenges we face in our business. Among the issues we are addressing are carbon impact, paper specifi cations and procurement, ethical conduct within our business and among our vendors, and community and charitable support. For more information, please visit our website: www.wiley.com/go/citizenship.

Copyright © 2014 John Wiley & Sons, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc. 222 Rosewood Drive, Danvers, MA 01923, website www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, (201)748-6011, fax (201)748-6008, website http://www.wiley.com/go/permissions.

Evaluation copies are provided to qualifi ed academics and professionals for review purposes only, for use in their courses during the next academic year. These copies are licensed and may not be sold or transferred to a third party. Upon completion of the review period, please return the evaluation copy to Wiley. Return instructions and a free of charge return mailing label are available at www.wiley.com/ go/returnlabel. If you have chosen to adopt this textbook for use in your course, please accept this book as your complimentary desk copy. Outside of the United States, please contact your local sales representative.

ISBN 978-1-118-33589-5 (paperback)

Printed in the United States of America 10 9 8 7 6 5 4 3 2 1

http://www.wiley.com/go/citizenship
http://www.copyright.com
http://www.wiley.com/go/permissions
http://www.wiley.com/go/returnlabel
http://www.wiley.com/go/returnlabel
iii

Table of Contents

List of Figures xi Preface xvii

Chapter 1 — Introduction 1

Overview ................................................................................................................ 1

Professional utility of information security knowledge ......................................... 1

Brief history ............................................................................................................ 5

Defi nition of information security ........................................................................ 11

Summary .............................................................................................................. 14

Example case – Wikileaks, Cablegate, and free reign over classifi ed networks ........................................................................................... 14

Chapter review questions...................................................................................... 15

Example case questions ........................................................................................ 16

Hands-on activity – Software Inspector, Steganography...................................... 16

Critical thinking exercise: identifying CIA area(s) affected by sample real-life hacking incidents.................................................................... 21

Design case ........................................................................................................... 21

Chapter 2 — System Administration (Part 1) 26

Overview .............................................................................................................. 26

Introduction .......................................................................................................... 26

What is system administration? ............................................................................ 27

System administration and information security .................................................. 28

Common system administration tasks .................................................................. 29

System administration utilities ............................................................................. 33

Summary .............................................................................................................. 37

Example case – T. J. Maxx ................................................................................... 37

Chapter review questions...................................................................................... 39

iv Table of Contents

Example case questions ........................................................................................ 40

Hands-on Activity – Linux system installation .................................................... 40

Critical thinking exercise – Google executives sentenced to prison over video ............................................................................................. 48

Design case ........................................................................................................... 49

Chapter 3 — System Administration (Part 2) 51

Overview .............................................................................................................. 51

Operating system structure ................................................................................... 51

The command-line interface ................................................................................. 53

Files and directories .............................................................................................. 53

Moving around the fi lesystem – pwd, cd ............................................................. 54

Listing fi les and directories .................................................................................. 55

Shell expansions ................................................................................................... 56

File management .................................................................................................. 57

Viewing fi les ......................................................................................................... 59

Searching for fi les ................................................................................................. 60

Access control and user management .................................................................. 61

Access control lists ............................................................................................... 64

File ownership ...................................................................................................... 65

Editing fi les ........................................................................................................... 66

Software installation and updates ......................................................................... 67

Account management ........................................................................................... 72

Command-line user administration ...................................................................... 75

Example case – Northwest Florida State College ................................................ 77

Summary .............................................................................................................. 78

Chapter review questions...................................................................................... 78

Example case questions ........................................................................................ 79

Hands-on activity – basic Linux system administration ....................................... 79

Critical thinking exercise – offensive cyber effects operations (OCEO) .......................................................................................... 80

Design Case .......................................................................................................... 80

Table of Contents v

Chapter 4 — The Basic Information Security Model 82

Overview .............................................................................................................. 82

Introduction .......................................................................................................... 82

Components of the basic information security model .......................................... 82

Common vulnerabilities, threats, and controls ..................................................... 90

Example case – ILOVEYOU virus ....................................................................... 99

Summary ............................................................................................................ 100

Chapter review questions.................................................................................... 100

Example case questions ...................................................................................... 101

Hands-on activity – web server security ............................................................ 101

Critical thinking exercise – the internet, “American values,” and security ........ 102

Design case ......................................................................................................... 103

Chapter 5 — Asset Identifi cation and Characterization 104

Overview ............................................................................................................ 104

Assets overview .................................................................................................. 104

Determining assets that are important to the organization ................................. 105

Asset types .......................................................................................................... 109

Asset characterization ......................................................................................... 114

IT asset life cycle and asset identifi cation .......................................................... 119

System profi ling ................................................................................................. 124

Asset ownership and operational responsibilities ............................................... 127

Example case – Stuxnet ...................................................................................... 130

Summary ............................................................................................................ 130

Chapter review questions.................................................................................... 131

Example case questions ...................................................................................... 131

Hands-on activity – course asset identifi cation .................................................. 132

Critical thinking exercise – uses of a hacked PC ............................................... 132

Design case ......................................................................................................... 133

Chapter 6 — Threats and Vulnerabilities 135

Overview ............................................................................................................ 135

Introduction ........................................................................................................ 135

vi Table of Contents

Threat models ..................................................................................................... 136

Threat agent ........................................................................................................ 137

Threat action ....................................................................................................... 149

Vulnerabilities..................................................................................................... 162

Example case – Gozi .......................................................................................... 167

Summary ............................................................................................................ 168

Chapter review questions.................................................................................... 168

Example case questions ...................................................................................... 168

Hands-on activity – Vulnerability scanning ....................................................... 169

Critical thinking exercise – Iraq cyberwar plans in 2003 ................................... 174

Design case ......................................................................................................... 174

Chapter 7 — Encryption Controls 176

Overview ............................................................................................................ 176

Introduction ........................................................................................................ 176

Encryption basics ............................................................................................... 177

Encryption types overview ................................................................................. 181

Encryption types details ..................................................................................... 187

Encryption in use ................................................................................................ 194

Example case – Nation technologies .................................................................. 197

Summary ............................................................................................................ 198

Chapter review questions.................................................................................... 198

Example case questions ...................................................................................... 199

Hands-on activity – encryption .......................................................................... 199

Critical thinking exercise – encryption keys embed business models ............................................................................................. 205

Design case ......................................................................................................... 206

Chapter 8 — Identity and Access Management 207

Overview ............................................................................................................ 207

Identity management .......................................................................................... 207

Access management ........................................................................................... 212

Authentication .................................................................................................... 213

Table of Contents vii

Single sign-on ..................................................................................................... 221

Federation ........................................................................................................... 228

Example case – Markus Hess ............................................................................. 237

Summary ............................................................................................................ 239

Chapter review questions.................................................................................... 239

Example case questions ...................................................................................... 240

Hands-on activity – identity match and merge ................................................... 240

Critical thinking exercise – feudalism the security solution for the internet? ............................................................................................. 244

Design case ......................................................................................................... 245

Chapter 9 — Hardware and Software Controls 247

Overview ............................................................................................................ 247

Password management ....................................................................................... 247

Access control .................................................................................................... 251

Firewalls ............................................................................................................. 252

Intrusion detection/prevention systems .............................................................. 256

Patch management for operating systems and applications ............................... 261

End-point protection ........................................................................................... 264

Example case – AirTight networks ..................................................................... 266

Chapter review questions.................................................................................... 270

Example case questions ...................................................................................... 270

Hands-on activity – host-based IDS (OSSEC) ................................................... 271

Critical thinking exercise – extra-human security controls ................................ 275

Design case ......................................................................................................... 275

Chapter 10 — Shell Scripting 277

Overview ............................................................................................................ 277

Introduction ........................................................................................................ 277

Output redirection ............................................................................................... 279

Text manipulation ............................................................................................... 280

Variables ............................................................................................................. 283

Conditionals ........................................................................................................ 287

viii Table of Contents

User input ........................................................................................................... 290

Loops .................................................................................................................. 292

Putting it all together .......................................................................................... 299

Example case – Max Butler ................................................................................ 301

Summary ............................................................................................................ 302

Chapter review questions.................................................................................... 303

Example case questions ...................................................................................... 303

Hands-on activity – basic scripting .................................................................... 303

Critical thinking exercise – script security ......................................................... 304

Design case ......................................................................................................... 305

Chapter 11 — Incident Handling 306

Introduction ........................................................................................................ 306

Incidents overview .............................................................................................. 306

Incident handling ................................................................................................ 307

The disaster ......................................................................................................... 327

Example case – on-campus piracy ..................................................................... 328

Summary ............................................................................................................ 330

Chapter review questions.................................................................................... 330

Example case questions ...................................................................................... 331

Hands-on activity – incident timeline using OSSEC ......................................... 331

Critical thinking exercise – destruction at the EDA ........................................... 331

Design case ......................................................................................................... 332

Chapter 12 — Incident Analysis 333

Introduction ........................................................................................................ 333

Log analysis ........................................................................................................ 333

Event criticality .................................................................................................. 337

General log confi guration and maintenance ....................................................... 345

Live incident response ........................................................................................ 347

Timelines ............................................................................................................ 350

Other forensics topics ......................................................................................... 352

Example case – backup server compromise ....................................................... 353

Table of Contents ix

Chapter review questions.................................................................................... 355

Example case questions ...................................................................................... 356

Hands-on activity – server log analysis .............................................................. 356

Critical thinking exercise – destruction at the EDA ........................................... 358

Design case ......................................................................................................... 358

Chapter 13 — Policies, Standards, and Guidelines 360

Introduction ........................................................................................................ 360

Guiding principles .............................................................................................. 360

Writing a policy .........................................................................................

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!
Answer.docx Turnitin Report.pdf Contact Writer For Solution Contact Writer For Solution

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed
Order Now

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed
Order Now

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed
Order Now

6 writers have sent their proposals to do this homework:

Assignment Guru
Top Academic Guru
Assignments Hut
Assignment Helper
Calculation Master
Top Rated Expert
Writer Writer Name Offer Chat
Assignment Guru

ONLINE

Assignment Guru

I am an experienced researcher here with master education. After reading your posting, I feel, you need an expert research writer to complete your project.Thank You

 $56 Chat With Writer
Top Academic Guru

ONLINE

Top Academic Guru

I will provide you with the well organized and well research papers from different primary and secondary sources will write the content that will support your points.

 $67 Chat With Writer
Assignments Hut

ONLINE

Assignments Hut

I have done dissertations, thesis, reports related to these topics, and I cover all the CHAPTERS accordingly and provide proper updates on the project.

 $55 Chat With Writer
Assignment Helper

ONLINE

Assignment Helper

I have assisted scholars, business persons, startups, entrepreneurs, marketers, managers etc in their, pitches, presentations, market research, business plans etc.

 $76 Chat With Writer
Calculation Master

ONLINE

Calculation Master

I find your project quite stimulating and related to my profession. I can surely contribute you with your project.

 $71 Chat With Writer
Top Rated Expert

ONLINE

Top Rated Expert

I find your project quite stimulating and related to my profession. I can surely contribute you with your project.

 $58 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Post your homework

Similar Homework Questions

Non Profit journal - Chemistry Lab - Current issues and enduring questions 9th edition ebook - As our lives change we remember lyrics - Tennis steps to success - Example of a character sketch bible study - Relationship conflicts are almost always functional - Classical conditioning in everyday life - Week 2 ORG400 - Pedestrian bridge design example - Lab 2 separation of a mixture answers - Supply chain network design decisions - Signals and systems haykin - Discussion question - dot coms business plans - Assignment -Phenomen of Interest approval - National poetry day scotland - Presentation on postpartum depression - Allis tissue forceps ppt - Bent nose pliers uses - Last word on tennis - Is college for everyone argumentative essay - Sexual harrassement - Cisco unity connection wiki - Nab eftpos terminal fees - Spanish role play examples - Getifydeals scam - Aviary plans free download - Learning approach - Sensus handheld meter reader - Training needs analysis template australia - Firm behavior and the organization of industry - Est quickstart qs1 data sheet - How to find lcm using euclidean algorithm - Knauf ceiling details dwg - Dr justice orthoindy - Why is ge so successful - Ethical issues surrounding corporate governance from a global position - Points to consider when choosing a seam - Marriott chain of command - Fixed odds god roll masterwork - Experiential Interventions - Essential Leadership Competencies - The norton introduction to literature 12th edition citation - Bang on brows applecross - Print group certificate myob previous year - Is business bluffing ethical pdf - Work method statement for fire protection system - History of California-4 - How are the roles of men and women portrayed in the short story “The Story of an Hour” by Kate Chopin?? Are they distinctly different? Do they have equal rights? What gender expectations do they follow or fight against? whats Chopin comment - Leadership 7 - Why did the peach need to hire an attorney - Tobago keys peruvian gold grilling sauce publix - Psycho 6 - Health-Focused Portfolio - Paragraph - The pardoner's tale summary - Chinese accounting standards for business enterprises asbes - Engineering assignment - Geography 3 4 study design - What are the abcd's of nutritional assessment - Gold coast council phone number - What are the challenges intuit faces in the near future - 300 360 widesign book - Conventions of a film review - Ingrid jonker poems - Harvard global supply chain management simulation v2 answers - Max workouts pdf torrent - Aviation research topics for students - The school of ethical universalism holds that - Canine megaesophagus support group - Rokeach m 1973 the nature of human values - Law 2 - So what's so bad about being so so summary - Story of the rabbit and the turtle - Leadership - Disney pixar case study - The surf shack separation creek - Swot analysis table in apa format - Spss reliability and validity test - Billy paul branham family - Calvinist undercurrent - Why are pennate muscles stronger than fusiform - Relax company statement of financial position - How to find the half life of strontium 90 - Write an equation for a rational function with - Assignment 5 - What does el toro loco mean in english - Farewell to manzanar short summary - Drink more water persuasive speech - A 1000 kg car moving at 20m s slams - The curious researcher chapter 1 - Csp bonded school leaver entry - Pipework energy losses lab report - For researcher_d - Https www youtube com watch v kudhiats36a - Task sequence error 0x80070241 - Presentation paper - Mds market data systems - Transference and countertransference in therapy - Mucor and pneumonia