Hands-On Information Security Lab Manual provides instructors with detailed, hands-on exercises in information security management and practice. This lab text addresses the need for a quality, general-purpose, laboratory-exercises manual in information security. This text allows the students to see firsthand the challenges of securing and managing information networks. The manual has both simple introductory exercises, to technical, information-security specific exercises. Technical exercises are designed with great consideration to the fine line between information security professional and hacker. The manual also includes several minicase and full-case exercises, providing students with sample analysis outlines and criteria for evaluation. The minicases are vignettes outlining issues (like the use of ant virus software in their lab); are short-term projects by design, for individual or group use; and provide feedback for in-class discussion. The full-scale cases are suitable for a semester-long analysis of a presented organization, of varying scope and size by student teams. The text also addresses other security and network issues information-security professionals encounter.
Michael Whitman, Ph.D., CISM, CISSP, is a professor of information systems and security in the CSIS department at Kennesaw State University, where he also serves as director of the KSU Center for Information Security Education and coordinator for the Bachelor of Science in Information Security and Assurance program. Dr. Whitman is an active researcher in information security, fair and responsible use policies, ethical computing, and information systems research methods. He currently teaches graduate and undergraduate courses in information security and data communications and is an active member of the Computer Security Institute, the Information Systems Security Association, the Georgia Electronic Commerce Association's Information Security Working Group, the Association for Computing Machinery, and the Association for Information Systems. Dr. Whitman has published articles in the industry's top journals and co-authored a number of books in the field published by Course Technology.
Dave M. Shackleford has been involved in Information Technology, particularly the arenas of networking and security, for more than 8 years. He is currently the owner of B3 Enterprises, an IT consulting firm based in Atlanta, Georgia, that specializes in networking and information security for small and medium-sized businesses. He is also employed by TRW Systems as a consultant to a large Federal agency, and has previously worked for several small firms as well as a Fortune 100 company with one of the most advanced Information Security divisions in the world. Dave currently holds degrees in both Psychology and Information Systems, and is working to complete an MBA.
1. Footprinting 2. Scanning & Enumeration 3. OS Vulnerability Analysis & Resolution 4. Firewalls and Intrusion Detection Systems 5. Security Maintenance 6. Minicase Studies 7. Case Studies Appendix A: Common Utilities Setup and Use Appendix B: Student Answer Sheets Appendix C: Contents of the CD