SAMInside utility, 149
SANS (SysAdmin Audit Network Security), 29
Sarbanes-Oxley Act of 2002, 308, 328-338
considerations for companies with multiple locations, 332
core points of, 329-331
ensuring effective policies exist for compliance with, 71-72
financial impact of Sarbanes Oxley compliance on companies, 337-338
impact of third-party services on compliance, 332-333
impact on IT departments, 331-332
impact on public corporations, 329
overview, 328-329
specific IT controls required for compliance, 333-337
asset management, 337
change control, 334-335
IT operations, 336
IT security, 334
network operations, 336-337
overview, 333-334
website with guidelines for, 79
sc tool, 139, 144
scheduled tasks, Windows Server, 143-146
schedules for projects, 290
scheduling audits, 12
schtasks tool, 139, 146
SCM (software change management), 259
script extensions, 213
secpol.msc tool, 139
secure protocols, 194
security guards, 92
security monitoring and other controls
policies, 67
security monitoring software, 270, 276
security through obscurity, 88
Unix and Linux, 199-201, 205
Windows Server, 150-151
segregation of duties, 63
self-assessments, 17
self-study activities, 29
sensitive areas, security of, 92
server management policy, 145
server side certificates, 213
service packs, 158-159
service-level agreements (SLAs), 65
services, Windows Server, 143-146
session management, 215-216
Shadow File, Unix, 170-171
shares on host, 152-153
Shell/Awk/etc, 202
signage of data centers, 88
Simple Network Management Protocol (SNMP), 120
skills, processes for ensuring employees have, 70
SLAs (service-level agreements), 65
smoke sensors, 97
SNMP (Simple Network Management Protocol), 120
software
change controls, 35, 259-260
development standards, 66-67
licenses, 74-75
minimum required, 158-159
standards, 67
software change management (SCM), 259
solution development, 46-50
guidance on, 49-50
management-response approach, 47-48
overview, 46
recommendation approach, 46-47
solution approach, 48
Spanning-Tree Protocol attack mitigation, 127
specialization, 29
SPI (stateful packet inspection) firewalls, 117
spoofing identity, 248
SQL (Structured Query Language) statements, 229-230
stages of audit, 41-57
field work and documentation, 44-45
issue discovery and validation, 45-46
issue tracking, 55-57
overview, 41
planning, 42-44
report drafting and issuance, 50-55
distributing audit report, 55
essential elements of audit report, 51-54
overview, 50-51
solution development, 46-50
guidance on solution development, 49-50
management-response approach, 47-48
overview, 46
recommendation approach, 46-47
solution approach, 48
stakeholder buy-in, 68
standard wording, 302
standards. See frameworks and standards startup information, 143
stateful packet inspection (SPI) firewalls, 117
statement of audit scope, 51
stations, 264
storage mechanisms, 219
storage of media, 77-78, 105-106
stored procedures, dynamic SQL executed in, 233
strategic planning process, IT, 64-65
STRIDE, 248-250
denial of service, 249
elevation of privilege, 250
information disclosure, 249
overview, 248
repudiation, 249
spoofing identity, 248
tampering with data, 249
Structured Query Language (SQL) statements, 229-230
su command, 196-197
sudo tool, 178, 196-197
SUID files, 183
sulog, 198
superuser (root-level) access, 178
supplicants, 264
surveillance systems, 100-101
switches, 114-116, 126-128, 133
Sybase, Inc., 226
synchronization, 255
SysAdmin Audit Network Security (SANS), 29
SysInternals tools, 138, 161
syslog, 197-198
system and site resiliency, 85-86
heating, ventilation, and air conditioning, 86
network connectivity, 86
overview, 85
power, 85
system configurations, 67, 76-77
system resiliency. See disaster recovery auditing Systeminfo tool, 139