S

SAMInside utility, 149

SANS (SysAdmin Audit Network Security), 29

Sarbanes-Oxley Act of 2002, 308, 328-338

considerations for companies with multiple locations, 332

core points of, 329-331

ensuring effective policies exist for compliance with, 71-72

financial impact of Sarbanes Oxley compliance on companies, 337-338

impact of third-party services on compliance, 332-333

impact on IT departments, 331-332

impact on public corporations, 329

overview, 328-329

specific IT controls required for compliance, 333-337

asset management, 337

change control, 334-335

IT operations, 336

IT security, 334

network operations, 336-337

overview, 333-334

website with guidelines for, 79

sc tool, 139, 144

scheduled tasks, Windows Server, 143-146

schedules for projects, 290

scheduling audits, 12

schtasks tool, 139, 146

SCM (software change management), 259

script extensions, 213

secpol.msc tool, 139

secure protocols, 194

security guards, 92

security monitoring and other controls

policies, 67

security monitoring software, 270, 276

security through obscurity, 88

Unix and Linux, 199-201, 205

Windows Server, 150-151

segregation of duties, 63

self-assessments, 17

self-study activities, 29

sensitive areas, security of, 92

server management policy, 145

server side certificates, 213

service packs, 158-159

service-level agreements (SLAs), 65

services, Windows Server, 143-146

session management, 215-216

Shadow File, Unix, 170-171

shares on host, 152-153

Shell/Awk/etc, 202

signage of data centers, 88

Simple Network Management Protocol (SNMP), 120

skills, processes for ensuring employees have, 70

SLAs (service-level agreements), 65

smoke sensors, 97

SNMP (Simple Network Management Protocol), 120

software

change controls, 35, 259-260

development standards, 66-67

licenses, 74-75

minimum required, 158-159

standards, 67

software change management (SCM), 259

solution development, 46-50

guidance on, 49-50

management-response approach, 47-48

overview, 46

recommendation approach, 46-47

solution approach, 48

Spanning-Tree Protocol attack mitigation, 127

specialization, 29

SPI (stateful packet inspection) firewalls, 117

spoofing identity, 248

SQL (Structured Query Language) statements, 229-230

stages of audit, 41-57

field work and documentation, 44-45

issue discovery and validation, 45-46

issue tracking, 55-57

overview, 41

planning, 42-44

report drafting and issuance, 50-55

distributing audit report, 55

essential elements of audit report, 51-54

overview, 50-51

solution development, 46-50

guidance on solution development, 49-50

management-response approach, 47-48

overview, 46

recommendation approach, 46-47

solution approach, 48

stakeholder buy-in, 68

standard wording, 302

standards. See frameworks and standards startup information, 143

stateful packet inspection (SPI) firewalls, 117

statement of audit scope, 51

stations, 264

storage mechanisms, 219

storage of media, 77-78, 105-106

stored procedures, dynamic SQL executed in, 233

strategic planning process, IT, 64-65

STRIDE, 248-250

denial of service, 249

elevation of privilege, 250

information disclosure, 249

overview, 248

repudiation, 249

spoofing identity, 248

tampering with data, 249

Structured Query Language (SQL) statements, 229-230

su command, 196-197

sudo tool, 178, 196-197

SUID files, 183

sulog, 198

superuser (root-level) access, 178

supplicants, 264

surveillance systems, 100-101

switches, 114-116, 126-128, 133

Sybase, Inc., 226

synchronization, 255

SysAdmin Audit Network Security (SANS), 29

SysInternals tools, 138, 161

syslog, 197-198

system and site resiliency, 85-86

heating, ventilation, and air conditioning, 86

network connectivity, 86

overview, 85

power, 85

system configurations, 67, 76-77

system resiliency. See disaster recovery auditing Systeminfo tool, 139