70 likes | 268 Views
Unit Outline Information Security Risks, Part II. Module 1: Password Security Module 2: Wireless Security Module 3: Unintentional Threats Module 4: Insider Threats Module 5: Miscellaneous Threats Module 6: Summary. Module 6 Summary.
E N D
Unit OutlineInformation Security Risks, Part II Module 1: Password Security Module 2: Wireless Security Module 3: Unintentional Threats Module 4: Insider Threats Module 5: Miscellaneous Threats Module 6: Summary
SummaryInformation Security Risks, Part II • Password security needs to be managed by new technology. • Wireless is not secure period! • Accidental and environmental threats need to be accounted in the risk analysis. • Insider threats are perhaps more important than existing hacking. • Social factors are used by malicious hackers to gain inside access.
Suggested ReadingInformation Security Risks, Part II • Flickenger, R. (2003). Wireless Hacks 100 Industrial-Strength Tips & Tools. Cambridge, England: O’Reilly Media, Inc. • Hurley, C. (2004). War Driving Drive, Detect, Defend: A Guide to Wireless Security. Rockland, MA: Syngress Publishing, Inc. • Office of Information and Communications Technology. (2003). Part 2: Examples of Threats and Vulnerabilities. Information Security Guideline for NSW Government. http://www.oit.nsw.gov.au/pdf/4.4.17.IS2.pdf • Parker, T. (2004). Cyber Adversary Characterization: Auditing the Hacker Mind. Syngress Publishing: Rockland, MA. • Vladimirov, A.A., Gavrilenko, K.V., Mikhailovsky, A.A. (2004). Wi-Foo: The Secrets of Wireless Hacking. Addison-Wesley Professional.
AcknowledgementsGrants and Personnel • Support for this work has been provided through grants from the following agencies • National Science Foundation (NSF 0210379) • Department of Education (FIPSE) • Damira Pon, from the Center of Information Forensics and Assurance contributed extensively by reviewing and editing the material • Robert Bangert-Drowns from the School of Education reviewed the material from a pedagogical view. • Melissa Dark & Ting Zhuang from Purdue University provided a critique of the material and facilitated creation of a distance delivery version of the course.