List of Tables

Chapter 2: The Audit Process

Table 2-1: Potential Opportunities for Auditing Centralized Activities

Chapter 5: Auditing Switches, Routers, and Firewalls

Table 5-1: Simplified OSI Model Description

Table 5-2: Routers and Switches

Table 5-3: Unnecessary Services

Chapter 6: Auditing Windows Operating Systems

Table 6-1: List of Common Commands Used in This Chapter

Table 6-2: Tools for Viewing Service Information

Table 6-3: Unnecessary Services

Table 6-4: Common Password Crackers

Table 6-5: Account Policies

Table 6-6: Audit Policies

Table 6-7: Tools and Technology-Auditing Windows

Chapter 7: Auditing Unix and Linux Operating Systems

Table 7-1: Common Unix and Linux Directories

Table 7-2: Common Linux and Unix Navigation Commands

Table 7-3: Interaction Between File and Directory Permissions

Table 7-4: Components of a Unix Password File

Table 7-5: Components of a Unix Shadow File

Table 7-6: Components of a Unix Group File

Chapter 8: Auditing Web Servers

Table 8-1: Web Auditing Components

Table 8-2: Minimum Apache Modules

Table 8-3: Common Methods for Bypassing Web Application Authorization

Table 8-4: Guiding Principles of Web Authentication

Chapter 9: Auditing Databases

Table 9-1: SQL Statement Descriptions

Table 9-2: Database Objects

Table 9-3: Default Passwords

Chapter 11: Auditing WLAN and Mobile Devices

Table 11-1: Common 802.11 Technologies

Table 11-2: Common WLAN Authentication Methods

Table 11-3: Mobile Operating Systems and Desktop Executables

Chapter 13: Frameworks and Standards

Table 13-1: Organizational Information Criticality Matrix

Chapter 14: Regulations

Table 14-1: HIPAA Security Rule Requirements

Chapter 15: Risk Management

Table 15-1: Information Criticality Matrix

Table 15-2: Types of Controls