Date of Issue: 10-01-2023 Rate this Study Guide

Introduction to IT Security

by Rodgers Moore

  How to Use the Security Series
  Objective of this Paper
Security Policy is your Security
  Categorizing Threats: Interior and Exterior vs. Structured and Unstructured
    Just Because
    What's a Hacker? -- One Definition
    Profit -- Monetary
    Profit -- Non-monetary
    Untrained staff
  HR Policy enforcement
    Social Engineering
    Acceptable Use
    URL blocking
    Content Filtering
Network Technical Security Mechanisms
  Encryption Principles
    Encryption and the Law
  Encryption and Keys
    Symmetrical Cryptography and Key Distribution
    Asymmetrical Cryptography and Certificate Authorities
  Authentication, Authorization, and Accounting
    PPP, IPCP, CHAP, and PAP
  Three-factor authentication
    What's a Firewall?
    Stateful Inspection Logic
    Application Proxy Logic
  Intrusion Detection
  Remote Access Security
    VPN remote access
  Steganography and Covert Channels
Host Technical Security Mechanisms
  Virus Protection
Physical Security & Safety
Security Products
  Intrusion Detection Systems
  URL Blocking
  Malicious URL Blocking
  Content Filters
  Reporting Tools and Utilities
  Audit or Vulnerability Scanning Utilities
  Remote Access & VPN
  Virus Protection
  Authentication, Authorization, and Accounting
  Three-Factor Authentication
Security Procedures
A Plan for Action
  Define your Policy
    Identify Points of Entry (What? and Where?)
    Identify Threats (How? What? Who?, and Why?)
    Identify Procedures (How? Where? and When?)
    Identify Violation Response (How? and When?)
    Identify Products (What? and How?)
    Section Review
  Implement the Policy
    Legal Approval
    Management Approval
    Publish the policy to your organization
    Implement Procedures
    Implement Products
    Test, test, and test once more
    Periodic policy auditing
    Review -- The care and feeding of your policy
References and Resources
  Books -- Generally Nonmathematical
  Books -- Mathematical to Varying Degrees
  Professional Organizations
  Professional Certifications
    Third party
  Internet Resources
Terms & Definitions

Copyright © 2001 Genium Publishing Corporation