It Auditing: Using Controls to Protect Information Assets [IT AUDITING -OS N/D]
Chapter 2: The Audit Process
- Table 2-1: Potential Opportunities for Auditing Centralized Activities
Chapter 5: Auditing Switches, Routers, and Firewalls
- Table 5-1: Simplified OSI Model Description
- Table 5-2: Routers and Switches
- Table 5-3: Unnecessary Services
Chapter 6: Auditing Windows Operating Systems
- Table 6-1: List of Common Commands Used in This Chapter
- Table 6-2: Tools for Viewing Service Information
- Table 6-3: Unnecessary Services
- Table 6-4: Common Password Crackers
- Table 6-5: Account Policies
- Table 6-6: Audit Policies
- Table 6-7: Tools and Technology-Auditing Windows
Chapter 7: Auditing Unix and Linux Operating Systems
- Table 7-1: Common Unix and Linux Directories
- Table 7-2: Common Linux and Unix Navigation Commands
- Table 7-3: Interaction Between File and Directory Permissions
- Table 7-4: Components of a Unix Password File
- Table 7-5: Components of a Unix Shadow File
- Table 7-6: Components of a Unix Group File
Chapter 8: Auditing Web Servers
- Table 8-1: Web Auditing Components
- Table 8-2: Minimum Apache Modules
- Table 8-3: Common Methods for Bypassing Web Application Authorization
- Table 8-4: Guiding Principles of Web Authentication
Chapter 9: Auditing Databases
- Table 9-1: SQL Statement Descriptions
- Table 9-2: Database Objects
- Table 9-3: Default Passwords
Chapter 11: Auditing WLAN and Mobile Devices
- Table 11-1: Common 802.11 Technologies
- Table 11-2: Common WLAN Authentication Methods
- Table 11-3: Mobile Operating Systems and Desktop Executables
Chapter 13: Frameworks and Standards
- Table 13-1: Organizational Information Criticality Matrix
Chapter 14: Regulations
- Table 14-1: HIPAA Security Rule Requirements
Chapter 15: Risk Management
- Table 15-1: Information Criticality Matrix
- Table 15-2: Types of Controls