Index

S

SAMInside utility, 149

SANS (SysAdmin Audit Network Security), 29

Sarbanes-Oxley Act of 2002, 308, 328-338

considerations for companies with multiple locations, 332

core points of, 329-331

ensuring effective policies exist for compliance with, 71-72

financial impact of Sarbanes Oxley compliance on companies, 337-338

impact of third-party services on compliance, 332-333

impact on IT departments, 331-332

impact on public corporations, 329

overview, 328-329

specific IT controls required for compliance, 333-337

asset management, 337

change control, 334-335

IT operations, 336

IT security, 334

network operations, 336-337

overview, 333-334

website with guidelines for, 79

sc tool, 139, 144

scheduled tasks , Windows Server, 143-146

schedules for projects, 290

scheduling audits , 12

schtasks tool, 139, 146

SCM (software change management), 259

script extensions, 213

secpol.msc tool, 139

secure protocols, 194

security guards , 92

security monitoring and other controls

policies, 67

security monitoring software, 270, 276

security through obscurity, 88

Unix and Linux, 199-201, 205

Windows Server, 150-151

segregation of duties , 63

self-assessments, 17

self-study activities, 29

sensitive areas, security of, 92

server management policy, 145

server side certificates, 213

service packs , 158-159

service-level agreements (SLAs), 65

services, Windows Server, 143-146

session management, 215-216

Shadow File, Unix, 170-171

shares on host, 152-153

Shell/Awk/etc, 202

signage of data centers, 88

Simple Network Management Protocol (SNMP), 120

skills, processes for ensuring employees have, 70

SLAs (service-level agreements), 65

smoke sensors, 97

SNMP (Simple Network Management Protocol), 120

software

change controls, 35, 259-260

development standards, 66-67

licenses, 74-75

minimum required, 158-159

standards, 67

software change management (SCM), 259

solution development, 46-50

guidance on, 49-50

management-response approach, 47-48

overview, 46

recommendation approach, 46-47

solution approach, 48

Spanning-Tree Protocol attack mitigation, 127

specialization, 29

SPI (stateful packet inspection) firewalls, 117

spoofing identity, 248

SQL (Structured Query Language) statements, 229-230

stages of audit, 41-57

field work and documentation, 44-45

issue discovery and validation, 45-46

issue tracking, 55-57

overview, 41

planning, 42-44

report drafting and issuance, 50-55

distributing audit report, 55

essential elements of audit report, 51-54

overview, 50-51

solution development, 46-50

guidance on solution development, 49-50

management-response approach, 47-48

overview, 46

recommendation approach, 46-47

solution approach, 48

stakeholder buy-in, 68

standard wording, 302

standards. See frameworks and standards startup information, 143

stateful packet inspection (SPI) firewalls, 117

statement of audit scope, 51

stations , 264

storage mechanisms, 219

storage of media, 77-78, 105-106

stored procedures, dynamic SQL executed in, 233

strategic planning process, IT, 64-65

STRIDE, 248-250

denial of service, 249

elevation of privilege, 250

information disclosure, 249

overview, 248

repudiation , 249

spoofing identity, 248

tampering with data, 249

Structured Query Language (SQL) statements, 229-230

su command, 196-197

sudo tool, 178, 196-197

SUID files, 183

sulog, 198

superuser (root-level) access, 178

supplicants, 264

surveillance systems, 100-101

switches, 114-116, 126-128, 133

Sybase, Inc., 226

synchronization, 255

SysAdmin Audit Network Security (SANS), 29

SysInternals tools, 138, 161

syslog, 197-198

system and site resiliency, 85-86

heating, ventilation , and air conditioning, 86

network connectivity, 86

overview, 85

power, 85

system configurations, 67, 76-77

system resiliency. See disaster recovery auditing Systeminfo tool, 139