Information Security and IT Risk Management 1st Edition Agrawal Test Bank
$26.99$50.00 (-46%)
Information Security and IT Risk Management 1st Edition Agrawal Test Bank.
You may also like
Information Security and IT Risk Management 1st Edition Agrawal Test Bank
Product details:
- ISBN-10 : 1118335899
- ISBN-13 : 978-1118335895
- Author: Manish Agrawal
This new text provides students the knowledge and skills they will need to compete for and succeed in the information security roles they will encounter straight out of college. This is accomplished by providing a hands-on immersion in essential system administration, service and application installation and configuration, security tool use, TIG implementation and reporting.
It is designed for an introductory course on IS Security offered usually as an elective in IS departments in 2 and 4 year schools. It is not designed for security certification courses.
Table contents:
Chapter 1: Introduction
Overview
Professional utility of information security knowledge
Brief history
Definition of information security
Summary
Example case – wikileaks, cablegate, and free reign over classified networks
Chapter review questions
Example case questions
Hands-on activity – software inspector, steganography
Critical thinking exercise: identifying CIA area(s) affected by sample real-life hacking incidents
Design case
Chapter 2: System Administration (Part 1)
Overview
Introduction
What is system administration?
System administration and information security
Common system administration tasks
System administration utilities
Summary
Example case – T J Maxx
Chapter review questions
Example case questions
Hands-on Activity – linux system installation
Critical thinking exercise – Google executives sentenced to
Prison over video
Design case
Chapter 3: System Administration (Part 2)
Overview
Operating system structure
The command-line interface
Files and Directories
Moving around the filesystem – pwd, cd
Listing files and directories
Shell Expansions
File Management
Viewing Files
Searching for fi les
Access control and user management
Access control lists
File ownership
Editing fi les
Software installation and updates
Account management
Command-line user administration
Example case – Northwest Florida State College
Summary
Chapter review questions
Example case questions
Hands-on activity–basic linux system administration
Critical thinking exercise – offensive cyber effects operations (OCEO)
Design Case
Chapter 4: The basic Information security model
Overview
Introduction
Components of the basic information security model
Common vulnerabilities, threats and controls
Example case – ILOVEYOU virus
Summary
Chapter review questions
Example case questions
Hands-on activity–web server security
Critical thinking exercise–the internet, “american values” and security
Design Case
Chapter 5: Asset Identification and Characterization
Overview
Assets overview
Determining assets that are important to the organization
Asset Types
Asset Characterization
IT asset lifecycle and asset identification
System profiling
Asset ownership and operational responsibilities
Example case–Stuxnet
Summary
Chapter review questions
Example case questions
Hands–on activity–course asset identification
Critical thinking exercise – uses of a hacked PC
Design case
Chapter 6: Threats and Vulnerabilities
Overview
Introduction
Threat models
Threat Agent
Threat Action
Vulnerabilities
Example case–Gozi
Summary
Chapter Review Questions
Example case questions
Hands-on activity–Vulnerability scanning
Critical thinking exercise–Iraq cyber war plans in 2003
Design case
Chapter 7: Encryption Controls
Overview
Introduction
Encryption basics
Encryption types overview
Encryption types details
Encryption in use
Example case – Nation technologies
Summary
Chapter review questions
Example case questions
Hands-on activity–encryption
Critical thinking exercise–encryption keys embed business models
Design case
Chapter 8: Identity and Access Management
Overview
Identity management
Access Management
Authentication
Single sign-on
Federation
Example case – markus hess
Summary
Chapter review questions
Example case questions
Hands-on activity – identity match and merge
Critical thinking exercise – feudalism the security solution for the internet?
Design case
Chapter 9: Hardware and Software Controls
Overview
Password management
Access control
Firewalls
Intrusion detection/prevention systems
Patch management for operating systems and applications
End point protection
Example case – AirTight Networks
Chapter review questions
Example case questions
Hands-on activity – host-based IDS (OSSEC)
Critical thinking exercise – extra-human security controls
Design case
Chapter 10: Shell Scripting
Overview
Introduction
Output redirection
Text manipulation
Variables
Conditionals
User input
Loops
Putting it all together
Example case–Max Butler
Summary
Chapter review questions
Example case questions
Hands-on Activity – basic scripting
Critical thinking exercise–script security
Design case
Chapter 11: Incident Handling
Introduction
Incidents overview
Incident handling
The disaster
Example case – on-campus piracy
Summary
Chapter review questions
Example case questions
Hands-on activity – incident timeline using OSSEC
Critical thinking exercise – destruction at the EDA
Design case
Chapter 12: Incident Analysis
Introduction
Log analysis
Event criticality
General log configuration and maintenance
Live Incident response
Timelines
Other forensics topics
Example case – backup server compromise
Chapter review questions
Example case questions
Hands-on activity – server log analysis
Critical thinking exercise – destruction at the EDA (contd.)
Design case
Chapter 13: Policies, Standards, and Guidelines
Introduction
Guiding principles
Writing a policy
Impact assessment and vetting
Policy review
Compliance
Key Policy Issues
Example case – H B Gary
Summary
Reference
Chapter review questions
Example case questions
Hands-on activity – create an AUP
Critical thinking exercise – aaron swartz
Design Case
Chapter 14: IT risk analysis and risk management
Overview
Introduction
Risk management as a component of organizational
management
Risk management framework
The NIST 800-39 framework
Risk assessment
Other risk management frameworks
IT general controls for sarbanes-oxley compliance
Compliance versus risk management
Selling security
Example case – online marketplace purchases
Summary
Chapter review questions
Hands-on activity – risk assessment using lsof
Critical thinking exercise – risk estimation biases
Design Case
Appendix A: Password List for the Linux Virtual Machine
Glossary
Index
People also search:
information security and it risk management pdf
information security and it risk management
it security management and risk assessment
business information management 1
