X hits on this document

PDF document

SRA111: Introduction to Security and Risk Analysis - page 13 / 15





13 / 15

Kevin D. Mitnick, “Are You the Weak Link?” Harvard Business Review, April 2003, pp. 18-20. (M2-1) I n f o r m a t i o n A s s u r a n c e T e c h n i c a l F r a m e w o r k , N S A . ( M 2 - 2 ) h t t p : / / w w w . i a t f . n e t / f r a m e w o r k _ d o c s / v e r s i o n - 3 _ 1 / i n d e x . c f The Orange Book, DoD (M2-3). http://www.fas.org/irp/nsa/rainbow/std001.htm m C o m m o n C r i t e r i a D o c u m e n t a t i o n . ( M 2 - 4 ) . h t t p : / / n i a p . b a h i a l a b . c o m / c c - s c h e m e / c c _ d o c s / i n d e x . c f m

Module 3: Social and Legal Issues

  • Bill Arbaugh, “Security: Technical, Social, and Legal Challenges,” Computers, February 2002, pp. 109-111. (M3-1)

  • Michael Clarkson, Beating the Superbug: Recent Developments in Worms and virus, SANS Institute, 2002. (M3-2).


  • A&T, A Social Engineering Example (M3-3). http://www.searchlores.org/social_1.htm

  • LabMice.net, Social Engineering. (M3-4) http://labmice.techtarget.com/security/socialengineering.htm

Module 4: Analysis Methods

  • SANS Top 20 Internet Vulnerabilities. (M4-1) http://www.sans.org/top20/#w1

  • SANS Institute, A Model for Peer Vulnerability Assessment, 2001. (M4-2). www.sans.org/rr/whitepapers/testing/263.php.

  • Ashcroft, J., Daniels, D. J. and Hart, S. V., Method to Assess the Vulnerability of US Chemical Facilities, Special report, NCJ 195171, The National Institute of Justice, Nov., 2002. (M4-3). http://www.ncjrs.gov/pdffiles1/nij/195171.pdf.

  • Cathleen Brackin, Vulnerability Management: Tools, Challenges and Best Practices, SANS Institute, December 13, 2003. (M4-4). http://www.sans.org/rr/whitepapers/threats/1267.php

  • Jeffrey King, 10 Vulnerabilities a Scanner Might Not Find, SANS Institute, May 12, 2003. (M4-5). http://www.sans.org/rr/whitepapers/threats/1030.php

  • Robert Rowlingson, A Ten Step Process for Forensics Readiness, International Journal of Digital Evidence, Winter 2004. (M4-6). http://www.dfrws.org/2001/dfrws-rm-final.pdf

  • Warren Harrison et al, A Lessons Learned Repository for Computer Forensics, International Journal of Digital Evidence, Fall

    • 2002.



  • Michael Potaczala, Computer Forensics, Term Paper, 2001. (M4-8). http://chantry.acs.ucf.edu/~mikep/cf/CHS5937- TermPaper.pdf

  • Timothy J. Shimeall, Casey J. Dunlevy, and Phil Williams, Intelligence Analysis for Internet Security: Ideas, Barriers and Possibilities, CERT Analysis Center, Software Engineering Institute, Carnegie Mellon University. (M4-9). http://www.cert.org/archive/html/spie.html

  • Preparing for the 21st Century: An Appraisal of US Intelligence, INT-Report, March 1, 1996. (M4-10). http://www.fas.org/irp/offdocs/report.html


Document info
Document views82
Page views83
Page last viewedFri Jan 20 22:28:56 UTC 2017