Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Root exposed wget http fbi gov 0 docs zip

10/12/2021 Client: muhammad11 Deadline: 2 Day

Information Security and IT Risk Management Manish Agrawal, Ph.D. Associate Professor Information Systems and Decision Sciences University of South Florida

Alex Campoe, CISSP Director, Information Security University of South Florida

Eric Pierce Associate Director, Information Security University of South Florida

Vice President and Executive Publisher Don Fowley Executive Editor Beth Lang Golub Editorial Assistant Jayne Ziemba Photo Editor Ericka Millbrand Associate Production Manager Joyce Poh Cover Designer Kenji Ngieng

This book was set by MPS Limited.

Founded in 1807, John Wiley & Sons, Inc. has been a valued source of knowledge and understanding for more than 200 years, helping people around the world meet their needs and fulfi ll their aspirations. Our company is built on a foundation of principles that include responsibility to the communities we serve and where we live and work. In 2008, we launched a Corporate Citizenship Initiative, a global effort to address the environmental, social, economic, and ethical challenges we face in our business. Among the issues we are addressing are carbon impact, paper specifi cations and procurement, ethical conduct within our business and among our vendors, and community and charitable support. For more information, please visit our website: www.wiley.com/go/citizenship.

Copyright © 2014 John Wiley & Sons, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc. 222 Rosewood Drive, Danvers, MA 01923, website www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, (201)748-6011, fax (201)748-6008, website http://www.wiley.com/go/permissions.

Evaluation copies are provided to qualifi ed academics and professionals for review purposes only, for use in their courses during the next academic year. These copies are licensed and may not be sold or transferred to a third party. Upon completion of the review period, please return the evaluation copy to Wiley. Return instructions and a free of charge return mailing label are available at www.wiley.com/ go/returnlabel. If you have chosen to adopt this textbook for use in your course, please accept this book as your complimentary desk copy. Outside of the United States, please contact your local sales representative.

ISBN 978-1-118-33589-5 (paperback)

Printed in the United States of America 10 9 8 7 6 5 4 3 2 1

http://www.wiley.com/go/citizenship
http://www.copyright.com
http://www.wiley.com/go/permissions
http://www.wiley.com/go/returnlabel
http://www.wiley.com/go/returnlabel
iii

Table of Contents

List of Figures xi Preface xvii

Chapter 1 — Introduction 1

Overview ................................................................................................................ 1

Professional utility of information security knowledge ......................................... 1

Brief history ............................................................................................................ 5

Defi nition of information security ........................................................................ 11

Summary .............................................................................................................. 14

Example case – Wikileaks, Cablegate, and free reign over classifi ed networks ........................................................................................... 14

Chapter review questions...................................................................................... 15

Example case questions ........................................................................................ 16

Hands-on activity – Software Inspector, Steganography...................................... 16

Critical thinking exercise: identifying CIA area(s) affected by sample real-life hacking incidents.................................................................... 21

Design case ........................................................................................................... 21

Chapter 2 — System Administration (Part 1) 26

Overview .............................................................................................................. 26

Introduction .......................................................................................................... 26

What is system administration? ............................................................................ 27

System administration and information security .................................................. 28

Common system administration tasks .................................................................. 29

System administration utilities ............................................................................. 33

Summary .............................................................................................................. 37

Example case – T. J. Maxx ................................................................................... 37

Chapter review questions...................................................................................... 39

iv Table of Contents

Example case questions ........................................................................................ 40

Hands-on Activity – Linux system installation .................................................... 40

Critical thinking exercise – Google executives sentenced to prison over video ............................................................................................. 48

Design case ........................................................................................................... 49

Chapter 3 — System Administration (Part 2) 51

Overview .............................................................................................................. 51

Operating system structure ................................................................................... 51

The command-line interface ................................................................................. 53

Files and directories .............................................................................................. 53

Moving around the fi lesystem – pwd, cd ............................................................. 54

Listing fi les and directories .................................................................................. 55

Shell expansions ................................................................................................... 56

File management .................................................................................................. 57

Viewing fi les ......................................................................................................... 59

Searching for fi les ................................................................................................. 60

Access control and user management .................................................................. 61

Access control lists ............................................................................................... 64

File ownership ...................................................................................................... 65

Editing fi les ........................................................................................................... 66

Software installation and updates ......................................................................... 67

Account management ........................................................................................... 72

Command-line user administration ...................................................................... 75

Example case – Northwest Florida State College ................................................ 77

Summary .............................................................................................................. 78

Chapter review questions...................................................................................... 78

Example case questions ........................................................................................ 79

Hands-on activity – basic Linux system administration ....................................... 79

Critical thinking exercise – offensive cyber effects operations (OCEO) .......................................................................................... 80

Design Case .......................................................................................................... 80

Table of Contents v

Chapter 4 — The Basic Information Security Model 82

Overview .............................................................................................................. 82

Introduction .......................................................................................................... 82

Components of the basic information security model .......................................... 82

Common vulnerabilities, threats, and controls ..................................................... 90

Example case – ILOVEYOU virus ....................................................................... 99

Summary ............................................................................................................ 100

Chapter review questions.................................................................................... 100

Example case questions ...................................................................................... 101

Hands-on activity – web server security ............................................................ 101

Critical thinking exercise – the internet, “American values,” and security ........ 102

Design case ......................................................................................................... 103

Chapter 5 — Asset Identifi cation and Characterization 104

Overview ............................................................................................................ 104

Assets overview .................................................................................................. 104

Determining assets that are important to the organization ................................. 105

Asset types .......................................................................................................... 109

Asset characterization ......................................................................................... 114

IT asset life cycle and asset identifi cation .......................................................... 119

System profi ling ................................................................................................. 124

Asset ownership and operational responsibilities ............................................... 127

Example case – Stuxnet ...................................................................................... 130

Summary ............................................................................................................ 130

Chapter review questions.................................................................................... 131

Example case questions ...................................................................................... 131

Hands-on activity – course asset identifi cation .................................................. 132

Critical thinking exercise – uses of a hacked PC ............................................... 132

Design case ......................................................................................................... 133

Chapter 6 — Threats and Vulnerabilities 135

Overview ............................................................................................................ 135

Introduction ........................................................................................................ 135

vi Table of Contents

Threat models ..................................................................................................... 136

Threat agent ........................................................................................................ 137

Threat action ....................................................................................................... 149

Vulnerabilities..................................................................................................... 162

Example case – Gozi .......................................................................................... 167

Summary ............................................................................................................ 168

Chapter review questions.................................................................................... 168

Example case questions ...................................................................................... 168

Hands-on activity – Vulnerability scanning ....................................................... 169

Critical thinking exercise – Iraq cyberwar plans in 2003 ................................... 174

Design case ......................................................................................................... 174

Chapter 7 — Encryption Controls 176

Overview ............................................................................................................ 176

Introduction ........................................................................................................ 176

Encryption basics ............................................................................................... 177

Encryption types overview ................................................................................. 181

Encryption types details ..................................................................................... 187

Encryption in use ................................................................................................ 194

Example case – Nation technologies .................................................................. 197

Summary ............................................................................................................ 198

Chapter review questions.................................................................................... 198

Example case questions ...................................................................................... 199

Hands-on activity – encryption .......................................................................... 199

Critical thinking exercise – encryption keys embed business models ............................................................................................. 205

Design case ......................................................................................................... 206

Chapter 8 — Identity and Access Management 207

Overview ............................................................................................................ 207

Identity management .......................................................................................... 207

Access management ........................................................................................... 212

Authentication .................................................................................................... 213

Table of Contents vii

Single sign-on ..................................................................................................... 221

Federation ........................................................................................................... 228

Example case – Markus Hess ............................................................................. 237

Summary ............................................................................................................ 239

Chapter review questions.................................................................................... 239

Example case questions ...................................................................................... 240

Hands-on activity – identity match and merge ................................................... 240

Critical thinking exercise – feudalism the security solution for the internet? ............................................................................................. 244

Design case ......................................................................................................... 245

Chapter 9 — Hardware and Software Controls 247

Overview ............................................................................................................ 247

Password management ....................................................................................... 247

Access control .................................................................................................... 251

Firewalls ............................................................................................................. 252

Intrusion detection/prevention systems .............................................................. 256

Patch management for operating systems and applications ............................... 261

End-point protection ........................................................................................... 264

Example case – AirTight networks ..................................................................... 266

Chapter review questions.................................................................................... 270

Example case questions ...................................................................................... 270

Hands-on activity – host-based IDS (OSSEC) ................................................... 271

Critical thinking exercise – extra-human security controls ................................ 275

Design case ......................................................................................................... 275

Chapter 10 — Shell Scripting 277

Overview ............................................................................................................ 277

Introduction ........................................................................................................ 277

Output redirection ............................................................................................... 279

Text manipulation ............................................................................................... 280

Variables ............................................................................................................. 283

Conditionals ........................................................................................................ 287

viii Table of Contents

User input ........................................................................................................... 290

Loops .................................................................................................................. 292

Putting it all together .......................................................................................... 299

Example case – Max Butler ................................................................................ 301

Summary ............................................................................................................ 302

Chapter review questions.................................................................................... 303

Example case questions ...................................................................................... 303

Hands-on activity – basic scripting .................................................................... 303

Critical thinking exercise – script security ......................................................... 304

Design case ......................................................................................................... 305

Chapter 11 — Incident Handling 306

Introduction ........................................................................................................ 306

Incidents overview .............................................................................................. 306

Incident handling ................................................................................................ 307

The disaster ......................................................................................................... 327

Example case – on-campus piracy ..................................................................... 328

Summary ............................................................................................................ 330

Chapter review questions.................................................................................... 330

Example case questions ...................................................................................... 331

Hands-on activity – incident timeline using OSSEC ......................................... 331

Critical thinking exercise – destruction at the EDA ........................................... 331

Design case ......................................................................................................... 332

Chapter 12 — Incident Analysis 333

Introduction ........................................................................................................ 333

Log analysis ........................................................................................................ 333

Event criticality .................................................................................................. 337

General log confi guration and maintenance ....................................................... 345

Live incident response ........................................................................................ 347

Timelines ............................................................................................................ 350

Other forensics topics ......................................................................................... 352

Example case – backup server compromise ....................................................... 353

Table of Contents ix

Chapter review questions.................................................................................... 355

Example case questions ...................................................................................... 356

Hands-on activity – server log analysis .............................................................. 356

Critical thinking exercise – destruction at the EDA ........................................... 358

Design case ......................................................................................................... 358

Chapter 13 — Policies, Standards, and Guidelines 360

Introduction ........................................................................................................ 360

Guiding principles .............................................................................................. 360

Writing a policy .........................................................................................

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Assignment Guru
Top Academic Guru
Assignments Hut
Assignment Helper
Calculation Master
Top Rated Expert
Writer Writer Name Offer Chat
Assignment Guru

ONLINE

Assignment Guru

I am an experienced researcher here with master education. After reading your posting, I feel, you need an expert research writer to complete your project.Thank You

$56 Chat With Writer
Top Academic Guru

ONLINE

Top Academic Guru

I will provide you with the well organized and well research papers from different primary and secondary sources will write the content that will support your points.

$67 Chat With Writer
Assignments Hut

ONLINE

Assignments Hut

I have done dissertations, thesis, reports related to these topics, and I cover all the CHAPTERS accordingly and provide proper updates on the project.

$55 Chat With Writer
Assignment Helper

ONLINE

Assignment Helper

I have assisted scholars, business persons, startups, entrepreneurs, marketers, managers etc in their, pitches, presentations, market research, business plans etc.

$76 Chat With Writer
Calculation Master

ONLINE

Calculation Master

I find your project quite stimulating and related to my profession. I can surely contribute you with your project.

$71 Chat With Writer
Top Rated Expert

ONLINE

Top Rated Expert

I find your project quite stimulating and related to my profession. I can surely contribute you with your project.

$58 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

WEEK 6 DISCUSSION - Kepco inc flushing ny - Navigate to https eprescribe allscripts com activate default aspx - Charismatic leadership steve jobs - Cultural web analysis of samsung - Precipitation reaction lab conclusion - Struggles with society - Meth eth prop but - Commonwealth bank youthsaver keycard - English literature course syllabus - Tracy chevalier girl with a pearl earring pdf - The beginning of the song that diverts the heart poem - Co2 co 8 18 electron rule - MIS WK 9. - Why is ge so successful - Week 6 Final Paper and Folio - Accelerate learning inc answer key science - City of sydney da checklist - How to write a psychobiography - Physics exam - Benchmark literacy lesson plan template - Information Sheet - Confederate Monuments Essay - Psychology - Jean watson's theory in practice - Garth owns two all terrain vehicles - Dennis gartman says goodbye with one last stock market warning - Dog training waiver form - Example of social aggregate in sociology - Queen margaret university prospectus - What type of narrator is nick carraway - Collected cases of injustice rectified - Exponent key on casio calculator - Communication log template for special education - Emotional Intelligence - How to restart eftpos machine - Consider the following relation for published books - Full time load unsw - Firewall - Find a piece of online writing that uses information unethically - The density of wood - Marketing - Food chain food web and ecological pyramids ppt - Monetary unit sampling excel template - Excel module 4 sam exam - Media and society nicholas carah - Badoit sparkling water sainsburys - Cortex m4 generic user guide - Indiana university how to recognize plagiarism - Megt trade support loan application form - Sensory room mental health - West coast university admissions office excel formulas - Visual basic chapter 3 review answers - What is a characteristic of a hot swappable esata drive - Mw petroleum case solution - How to calculate internal resistance of a cell - Warwick on eden dog training class - Impact of paper and pencil online testing is compared - One study found that english speaking adults could relearn - ¿quién es la primera persona que está en el baño? felipe marissa - Stocks vs mutual funds venn diagram chapter 8 answer key - Ras error 720 sonicwall windows 10 - Introduction to Sociology - Gantt chart for mobile app development - Is insertion sort stable - State machine diagram ppt - How to write an incident action plan - Physc on criminal minds wek2 - Grinnell grooved fittings catalog - Pita pit franchise cost - Assignment - Rationale for impaired physical mobility - Like the modernists postmodern writers focused on - Administration and Supervision in Criminal Justice - Chapter 7 - Saved by grace fanny crosby chords - Corporate strategy for a diversified or multibusiness enterprise - Lloyd's titan mech kmart - Miles converted into kilometers - Brothers penny and sparrow chords - How to calculate stress from strain gauge - Crosby's quality vaccine three ingredients - The journey of gilgamesh - Cham cham baje re payaliya shor machaye re - A specimen of aluminum having a rectangular cross section - Aviation - Human Service Organizations Essay - Long term care week 7 - Discussion 11 - Encounter bay scuba diver death - Qnt 561 week 4 - Is it Right to be a Relativist? - Medicare levy surcharge reportable fringe benefits - SOCW6510 - Canterbury downs spring craft show - Discussion - Citing and reference exercise - Anatomy and Physiology II lab assignment - Akbar and mumtaz restaurant st albans - Wall street journal redesign - Cmit 320