Free PDF Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord
The soft file implies that you have to go to the web link for downloading and afterwards conserve Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord You have actually owned the book to read, you have positioned this Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord It is easy as going to guide shops, is it? After getting this short explanation, hopefully you can download and install one and start to review Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord This book is very simple to review every time you have the free time.
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord
Free PDF Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord
Spend your time even for simply few mins to review a book Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord Checking out a book will certainly never ever decrease as well as waste your time to be worthless. Checking out, for some individuals end up being a requirement that is to do each day such as hanging out for consuming. Now, just what about you? Do you prefer to review an e-book? Now, we will certainly reveal you a brand-new publication entitled Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord that could be a brand-new means to check out the knowledge. When reading this publication, you can obtain something to always bear in mind in every reading time, even detailed.
Well, book Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord will certainly make you closer to just what you want. This Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord will be always great pal any kind of time. You could not forcedly to consistently finish over checking out an e-book basically time. It will certainly be only when you have downtime and investing couple of time to make you really feel pleasure with just what you check out. So, you can obtain the definition of the message from each sentence in the book.
Do you recognize why you need to read this site as well as just what the relationship to checking out e-book Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord In this contemporary era, there are numerous means to get guide and also they will certainly be a lot simpler to do. Among them is by obtaining guide Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord by on-line as what we tell in the web link download. The publication Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord can be an option considering that it is so correct to your necessity now. To obtain the e-book online is really simple by simply downloading them. With this chance, you can check out the publication anywhere as well as whenever you are. When taking a train, awaiting listing, as well as hesitating for an individual or other, you can read this on the internet e-book Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord as an excellent pal again.
Yeah, reading a book Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord can add your buddies listings. This is among the formulas for you to be successful. As understood, success does not indicate that you have fantastic things. Understanding and recognizing more compared to other will certainly give each success. Next to, the notification as well as perception of this Hands-On Information Security Lab Manual, By Michael E. Whitman, Herbert J. Mattord could be taken as well as selected to act.
The Hands-On Information Security Lab Manual allows users to apply the basics of their introductory security knowledge in a hands-on environment with detailed exercises using Windows 2000, XP and Linux. This non-certification based lab manual includes coverage of scanning, OS vulnerability analysis and resolution firewalls, security maintenance, forensics, and more. A full version of the software needed to complete these projects is included on a CD with every text, so instructors can effortlessly set up and run labs to correspond with their classes. The Hands-On Information Security Lab Manual is a suitable resource for introductory, technical and managerial courses, and is a perfect supplement to the Principles of Information Security and Management of Information Security texts.
- Sales Rank: #611915 in Books
- Published on: 2010-12-17
- Original language: English
- Number of items: 1
- Dimensions: .90" h x 8.40" w x 10.70" l, 2.60 pounds
- Binding: Paperback
- 576 pages
Review
1. Information Security Technical Functions. This chapter provides an overview of the technical functions typically performed by an Information Security professional, and relates those functions to the text's laboratory exercises through the use of flows. These flows illustrate the combination of individual laboratory exercise components as phased tasked in the accomplishment of the function. 2. Information Security Technical Exercise Theory. In this section the theory and overview of each laboratory exercise is presented. Where possible, additional details that facilitate understanding how the laboratory exercise works and is used is included. Footprinting. Scanning And Enumeration. OS Processes And Services. Vulnerability Identification And Research. Vulnerability Validation. System Remediation And Hardening,. Web Browser Security. File Systems Overview And Familiarization. Data Management. Data Backup And Recovery. Access Controls. Host Intrusion Detection Systems. Log Security Issues. Anti-Forensics. Software Firewalls. Hardware Firewalls and WAPs. Network Intrusion Detection Systems. Network Traffic Analysis. Virtual Private Networks And Remote Access. Digital Certificates. Password Circumvention and Management. Malware: Anti-Virus and BOT Defense. Digital Forensics u Data Acquisition. Digital Forensics - Data Analysis. 3. Windows - Based Information Security Exercises. Chapter 3 contains the detailed exercises associated with Windows-based computers. Specifically this chapter contains exercises focused on Microsoft Windows XP and Vista. Some exercises are also focused on Server OSs like Microsoft Server 2003 where applicable. Footprinting. Scanning And Enumeration. OS Processes And Services. Vulnerability Identification And Research. Vulnerability Validation. System Remediation And Hardening,. Web Browser Security. File Systems Overview And Familiarization. New. Data Management. Data Backup And Recovery. Access Controls. Host Intrusion Detection Systems. Log Security Issues. Anti-Forensics. Software Firewalls. Hardware Firewalls and WAPs. Network Intrusion Detection Systems. Network Traffic Analysis. Virtual Private Networks And Remote Access. Digital Certificates. Password Circumvention and Management. Malware: Anti-Virus and BOT Defense. Digital Forensics u Data Acquisition. Digital Forensics - Data Analysis. Chapter 4 LINUX - Based Information Security Exercises. Chapter 4 contains the detailed exercises associated with LINUX-based computers. Specifically this chapter contains exercises focused on SUSE 9.0 Workstation. Some exercises are also focused on SUSE 9.0 Server where applicable. Footprinting. Scanning And Enumeration. OS Processes And Services. Vulnerability Identification And Research. Vulnerability Validation. System Remediation And Hardening,. Web Browser Security. File Systems Overview And Familiarization. New. Data Management. Data Backup And Recovery. Access Controls. Host Intrusion Detection Systems. Log Security Issues. Anti-Forensics. Software Firewalls. Hardware Firewalls and WAPs. Network Intrusion Detection Systems. Network Traffic Analysis. Virtual Private Networks And Remote Access. Digital Certificates. Password Circumvention and Management. Malware: Anti-Virus and BOT Defense. Digital Forensics u Data Acquisition. Digital Forensics - Data Analysis. 5. Domain 3: Business Continuity and Disaster Recovery Planning. The differences between BDP and DRP and how they work together. Scoping a BCP/DRP project. Business Impact Assessment (BIA). Risk analysis. Maximum Tolerable Downtime (MTD). Recovery Point Objective (RPO). Recovery Time Objective (RTO). Ranking critical business processes. Developing the business continuity and disaster recovery plan. Emergency response. Damage assessment and salvage. Notification. Personnel safety. Communications. Public utilities and infrastructure. Logistics and supplies. Fire and water protection. Business resumption planning. Restoration and recovery. Training. Plan maintenance. DRP and BCP testing Study questions, exercises, project(s). 6. Domain 4: Cryptography. Applications and uses of cryptography. Methods of encryption. Substitution. Permutation. One time pads. Types of encryption. Block ciphers. Stream ciphers. Types of encryption keys. Shared secrets. Public key cryptography. Initialization vectors (IVs). Cryptographic systems. Key management. Message digests and hashing. Digital signatures. Non-repudiation. Cryptanalysis (attacks on cryptographic algorithms). Applications of cryptography. Network security (SSL, VPN, SET, and so on). E-mail security (S/MIME, PGP, and so on). Public key infrastructure (PKI). Alternatives (watermarking, steganography). Study questions, exercises, project(s). 7. Domain 5: Information Security and Risk Management. Goals, mission, and objectives of an organization, and how security supports them. Risk management. Security strategies. Security concepts. The CIA Triad: Confidentiality, Integrity, and Availability. Defense in depth. Single points of failure. Privacy. Security management. Security governance. Security policy. Guidelines. Standards. Procedures. Security roles and responsibilities. Security education, training, and awareness. Reporting security issues to management. Service level agreements. Secure outsourcing. Identity management. Data classification and protection. Certification and accreditation. Security operations. Security assessments. Personnel security. Professional ethics. Study questions, exercises, project(s). 8. Domain 6: Legal, Regulations, Compliance and Investigations. Computer crime laws and regulations. U.S. laws. European laws. Investigations. Determining whether a crime has been committed. Forensic techniques and procedures. Gathering evidence. Preserving evidence. Chain of evidence. Ethical issues. Codes of conduct. RFC 1087 and investigations. Applying the (ISC) code of ethics. Study questions, exercises, project(s). 9. Domain 7: Operations Security. Security operations concepts. Need to know. Least privilege. Separation of duties. Monitoring of special privileges. Job rotation. Record retention. Backups. Anti-virus and anti-malware. Remote access. Employing resource protection. Incident management. Violations and breaches. Malware attacks (viruses, worms, spyware, phishing, and so on). Reporting to law enforcement. High availability architectures. Fault tolerance. Clusters. Failover. Denial of service. Vulnerability management. Patch management. Administrative management and control. Change management. Configuration management. Study questions, exercises, project(s). 10. Domain 8: Physical (Environmental) Security. Site physical security. Site access controls. Key cards, Biometrics, Mantraps, Guards. Dogs, Fences, Surveillance. Zones of security. Loading and unloading areas. Access logs. Visible notices. Exterior lighting. Secure siting. Nearby threats. Flooding. Chemicals. Social unrest. Building marking. Protection of equipment. Theft protection. Damage protection. Earthquake bracing, and so on. Check in / check out. Cabling security. Environment security. Heating and air conditioning. Humidity. Electric power. Line conditioning. Uninterruptible power supplies. Electric generators. Study questions, exercises, project(s). 11. Domain 9: Security Architecture and Design. Security Models. Biba. Bell LaPadula. Access Matrix. Take-Grant. Clark-Wilson. Multi-level security. Mandatory access control (MAC). Discretionary access control (DAC). Security threats. Covert channels. State attacks (TOCTTOU). Emanations. Maintenance hooks, back doors, privileged programs. Countermeasures. Assurance, trust, and confidence. Trusted Computing Base (TCB). Reference monitor. Kernel. Information systems evaluation models. Common Criteria. TCSEC. ITSEC. Computer architecture. Central processor. Single and multi processor designs. Bus. Memory. Secondary storage. Study questions, exercises, project(s). 12. Domain 10: Telecommunications and Network Security. Telecommunications technologies. X.25, Frame Relay, ATM, T-1/E-1, SONET, and so on. Wireless. EVDO, 1XRTT, CDMA, GSM/GPRS, Wimax, and so on. Network technologies. Ethernet, Token ring, Bisync, RS-232, RS-449. Wireless. WiFi, Bluetooth. Network protocols. TCP/IP, IPX/SPX, ATM, and so on. Routing protocols (RIP, IGRP, OSPF, and so on). Remote access / tunneling protocols. VPN, SSL, IPSec, L2TP, PPTP, PPP, SLIP, and so on. Network authentication protocols. RADIUS, DIAMETER, CHAP, EAP, and so on. Network based threats and vulnerabilities. Attacks (DoS, DDoS, Teardrop, Smurf, PoD, worms, spam, many more). Vulnerabilities (open services, unpatched system, poor configurations, and so on). Network countermeasures. Intrusion detection systems (IDS). Intrusion prevention systems (IPS). Firewalls. Private addressing / NAT. Gateways. Access control lists. Study questions, exercises, project(s). 13. Preparing for the Exam. Understanding certification requirements. Assessing your work experience. Finding an exam near you. Registering for the exam. Starting an exam study program. Preparing for exam day. Book travel and lodging. Confirming transportation. Know the route. Parking. What to bring. 14. After Earning the Certification. Annual maintenance fees. Earning CPEs. Conferences and seminars. Training. Teaching. Writing. Volunteer opportunities. Speaking, proctoring, articles, writing exam questions. Networking with other CISSPs. Mailing lists. Forums. Web sites. 15. Glossary. Index.
About the Author
Michael Whitman, Ph.D., CISM, CISSP, is Professor of Information Security at Kennesaw State University, Kennesaw, Georgia. He also serves as the Executive Director of the Center for Information Security Education, Coles College of Business. In 2004, 2007, 2012 and 2015, under his direction the Center for Information Security Education spearheaded KSU's successful bid for the prestigious National Center of Academic Excellence recognitions (CAE/IAE and CAE IA/CDE), awarded jointly by the Department of Homeland Security and the National Security Agency. Dr. Whitman is also the Editor-in-Chief of the Journal of Cybersecurity Education, Research and Practice, and is Director of the Southeast Collegiate Cyber Defense Competition. Dr. Whitman is an active researcher and author in Information Security Policy, Threats, Curriculum Development, and Ethical Computing. He currently teaches graduate and undergraduate courses in Information Security. Dr. Whitman has several information security textbooks currently in print, including PRINCIPLES OF INFORMATION SECURITY; MANAGEMENT OF INFORMATION SECURITY; READINGS AND CASES IN THE MANAGEMENT OF INFORMATION SECURITY, VOLUMES I AND II; THE HANDS-ON INFORMATION SECURITY LAB MANUAL; PRINCIPLES OF INCIDENT RESPONSE AND DISASTER RECOVERY; and THE GUIDE TO NETWORK SECURITY AND THE GUIDE TO FIREWALLS AND NETWORK SECURITY. He has published articles in Information Systems Research, the Communications of the ACM, the Journal of International Business Studies, Information and Management, and the Journal of Computer Information Systems. Dr. Whitman is a member of the Association for Computing Machinery, the Information Systems Security Association, ISACA and the Association for Information Systems. Previously, Dr. Whitman served the U.S. Army as an Automated Data Processing System Security Officer (ADPSSO).
Herbert Mattord, Ph.D., CISM, CISSP, completed 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the faculty at Kennesaw State University, where he is Assistant Chair of the Department of Information Systems and Associate Professor of Information Security and Assurance program. Dr. Mattord currently teaches graduate and undergraduate courses in Information Security and Assurance as well as Information Systems. He and Michael Whitman have authored PRINCIPLES OF INFORMATION SECURITY, MANAGEMENT OF INFORMATION SECURITY, READINGS AND CASES IN THE MANAGEMENT OF INFORMATION SECURITY, PRINCIPLES OF INCIDENT RESPONSE AND DISASTER RECOVERY, THE GUIDE TO NETWORK SECURITY, and THE HANDS-ON INFORMATION SECURITY LAB MANUAL, Dr. Mattord is an active researcher, author, and consultant in Information Security Management and related topics. He has published articles in the Information Resources Management Journal, Journal of Information Security Education, the Journal of Executive Education, and the International Journal of Interdisciplinary Telecommunications and Networking. Dr. Mattord is a member of the Information Systems Security Association, ISACA, and the Association for Information Systems. During his career as an IT practitioner, Dr. Mattord was an adjunct professor at Kennesaw State University, Southern Polytechnic State University in Marietta, Georgia, Austin Community College in Austin, Texas, and Texas State University: San Marcos. He was formerly the Manager of Corporate Information Technology Security at Georgia-Pacific Corporation, where he acquired much of the practical knowledge found in this and his other textbooks.
Most helpful customer reviews
0 of 0 people found the following review helpful.
Useless
By A. Lott
I don't know if it is my teacher or this book, but it is outdated and finished. I had to have it for class and half of the things that it was wanting me to do doesn't work. I am blaming the book, but if the class is using the OS and has a teacher willing to teach then maybe this book would be worth something.
0 of 0 people found the following review helpful.
Outdated
By Elliot T.
Was for an older version of linux UI and terminal commands, however, it still is pretty useful and uptodate on a lot of the security and linux uses...
0 of 0 people found the following review helpful.
Good book
By Nick
Pretty good book. The labs are fairly simple to follow with the aid of our Teaching Assistant. One of the few books I don't regret buying for school
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord PDF
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord EPub
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord Doc
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord iBooks
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord rtf
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord Mobipocket
Hands-On Information Security Lab Manual, by Michael E. Whitman, Herbert J. Mattord Kindle
Tidak ada komentar:
Posting Komentar