List of Figures
| Figure 1.1: | Classification of information security analysts |
| Figure 1.2: | Time-consuming activities for information security professionals |
| Figure 1.3: | Training needs identified by information security professionals |
| Figure 1.4: | ILOVEYOU virus |
| Figure 1.5: | T.J. Maxx |
| Figure 1.6: | Defaced Georgian foreign ministry website |
| Figure 1.7: | Google-China offices |
| Figure 1.8: | Online Software Inspector |
| Figure 1.9: | PC audit report |
| Figure 1.10: | Contents of Downloads folder for Steganography exercise |
| Figure 1.11: | Commands to hide text files at the end of image files |
| Figure 1.12: | Manipulated images among original images |
| Figure 1.13: | Opening image files in Notepad |
| Figure 1.14: | Secret message hidden at the end of the image file |
| Figure 1.15: | Sunshine State University funding sources |
| Figure 1.16: | Extract from the organization structure of Sunshine State University |
| Figure 2.1: | Paul Ceglia |
| Figure 2.2: | Windows desktop usage—April 2013 |
| Figure 2.3: | System Center Operation Manager |
| Figure 2.4: | Unix family tree |
| Figure 2.5: | Albert Gonzalez, at the time of his indictment in August 2009 |
| Figure 2.6: | T J Maxx sales (2005–2010) |
| Figure 2.7: | Virtual machine structure |
| Figure 2.8: | VirtualBox download page |
| Figure 2.9: | VirtualBox installer welcome screen |
| Figure 2.10: | Default install Location |
| Figure 2.11: | VirtualBox install confirmation |
| Figure 2.12: | VirtualBox manager |
| Figure 2.13: | Default setting for OS import |
| Figure 2.14: | Virtual machine in Virtual machine manager |
| Figure 2.15: | CPU error |
| Figure 2.16: | Enabling PAE |
| Figure 2.17: | Attach the VM to NAT |
| Figure 2.18: | CentOS VM login screen |
| Figure 2.19: | CentOS Linux desktop |
| Figure 2.20: | Sunshine State University email infrastructure |
| Figure 3.1: | Operating system structure |
| Figure 3.2: | Reaching the command prompt window |
| Figure 3.3: | Unix file hierarchy |
| Figure 3.4: | vimtutor interface |
| Figure 3.5: | Reaching users and groups manager |
| Figure 3.6: | Adding users |
| Figure 3.7: | Group manager |
| Figure 4.1: | The basic information security model |
| Figure 4.2: | Example CVE listing at the time of reporting |
| Figure 4.3: | NVD entry for the CVE listing |
| Figure 4.4: | ATLAS web interface |
| Figure 4.5: | Phishing example |
| Figure 4.6: | Adobe Flash zero-day exploit launched on February 28, 2011 |
| Figure 4.7: | Exploit usage |
| Figure 4.8: | Using a browser on the VM |
| Figure 5.1: | J-20 fighter |
| Figure 5.2: | The elements of asset characterization |
| Figure 5.3: | Generic IT asset life cycle |
| Figure 5.4: | Student Information System |
| Figure 5.5: | Uses of a hacked PC |
| Figure 6.1: | Threat model |
| Figure 6.2: | Threat agents over time by percent of breaches |
| Figure 6.3: | External agents |
| Figure 6.4A: | Chinese J-20 jet |
| Figure 6.4B: | Lockheed F-22 jet |
| Figure 6.5: | Internal agents |
| Figure 6.6: | Partners |
| Figure 6.7: | Edward Snowden |
| Figure 6.8: | Datagram ISP goes down with Hurricane Sandy |
| Figure 6.9: | Melissa error message |
| Figure 6.10: | High level XSS attack |
| Figure 6.11: | Bonzi buddy |
| Figure 6.12: | Top vendor vulnerability breakdown |
| Figure 6.13: | Firefox certificate exception |
| Figure 6.14: | GSA main screen |
| Figure 6.15: | New Task configuration |
| Figure 6.16: | Starting a new scan |
| Figure 6.17: | Viewing scan details |
| Figure 6.18: | Report page |
| Figure 7.1: | Encryption and decryption in context |
| Figure 7.2: | Reference to Caesar cipher |
| Figure 7.3: | Secret key cryptography overview |
| Figure 7.4: | Public-key cryptography overview for data transmission |
| Figure 7.5: | Using public-key encryption for digital signatures |
| Figure 7.6: | Checksums example |
| Figure 7.7: | Generic form of block encryption |
| Figure 7.8: | Electronic code book |
| Figure 7.9: | Cipher block chaining |
| Figure 7.10: | Hash functions |
| Figure 7.11: | Public-key certification process |
| Figure 7.12: | CAs in browser |
| Figure 7.13: | Untrusted certificate |
| Figure 7.14: | GPG passphrase dialog |
| Figure 8.1: | Identity and access management |
| Figure 8.2: | Match/Merge flowchart |
| Figure 8.3: | Smart card in a USB card reader |
| Figure 8.4: | Hardware token |
| Figure 8.5: | Fingerprint with minutia highlighted |
| Figure 8.6: | Iris scanning in the Dubai Airport |
| Figure 8.7: | Kerberos ticket exchange |
| Figure 8.8: | Token-based authentication |
| Figure 8.9: | Central authentication service |
| Figure 8.10: | Discovery service for the InCommon federation |
| Figure 8.11: | SSO with a SAML federation |
| Figure 8.12: | OpenID |
| Figure 8.13: | OpenID 2.0 provider selection screen |
| Figure 8.14: | http://trendsmap.com |
| Figure 8.15: | OAuth token passing |
| Figure 8.16: | Application UserId and ProviderUserId |
| Figure 8.17: | Intruder's attack path to military establishments |
| Figure 8.18: | Configuration QR code |
| Figure 8.19: | Google Authenticator (iOS) |
| Figure 9.1: | Access matrix example |
| Figure 9.2: | Typical firewall |
| Figure 9.3: | Perimeter firewalls and demilitarized zones |
| Figure 9.4: | Windows firewall blocking http |
| Figure 9.5: | Windows firewall allowing http |
| Figure 9.6: | Typical competitor console, circa 2003 |
| Figure 9.7: | AirTight console, circa 2005 |
| Figure 9.8: | /var/ossec/etc/ossec.conf (after change) |
| Figure 9.9: | OSSEC-WebUI |
| Figure 9.10: | Superb Fairy-Wrens, 40% success rate with security controls |
| Figure 11.1: | IRT interactions |
| Figure 11.2: | IRT communications |
| Figure 11.3: | DollSays |
| Figure 11.4: | Website defacement example |
| Figure 11.5: | PII search |
| Figure 11.6: | OSSEC, a popular file integrity tool |
| Figure 11.7: | Typical logs consolidated |
| Figure 11.8: | Log analysis |
| Figure 11.9: | End point protection example |
| Figure 11.10: | Containment, eradication, and recovery timeline |
| Figure 12.1: | Event Viewer Screen on Windows 8 |
| Figure 12.2: | Summary of Administrative Events pane |
| Figure 12.3: | Recently viewed nodes |
| Figure 12.4: | Log Summary pane |
| Figure 12.5: | - Informational event screenshot |
| Figure 12.6: | Windows Administrative Events view |
| Figure 12.7: | syslog file evidence |
| Figure 12.8: | auth.log file |
| Figure 12.9: | Sample run of last |
| Figure 12.10: | Output of w command |
| Figure 12.11: | Security Log snapshot |
| Figure 12.12: | Log consolidation |
| Figure 12.13: | Output of system info program |
| Figure 12.14: | The sfc command |
| Figure 12.15: | Windows MAC timestamps |
| Figure 12.16: | File Explorer with timestamps |
| Figure 12.17: | Sample timeline |
| Figure 12.18: | Information Security and IT Risk Management is not affiliated with or otherwise sponsored by Dropbox, Inc. |
| Figure 13.1: | Policy, standard, and guideline |
| Figure 13.2: | Compliance |
| Figure 14.1: | NIST 800-39 risk-management framework |
| Figure 14.2: | Threat model |
| Figure 14.3: | Risk assessment model |
| Figure 14.4: | Sarbanes–Oxley auditing guidelines workflow for impact on IT |
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.