Securing Windows 2000 Server

  • Article
Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Chapter 2: Defining the Security Landscape

Published: November 17, 2004 | Updated : May 31, 2006

Note: Welcome to the TechNet Archive. We've created this Archive area so that we can continue to make available older content that is still of interest to some of our users. This allows us to streamline the content offerings on the site and keep it focused on the newest, most relevant content.

This chapter focuses on defining security components that need to be understood to perform a security analysis of your organization. General guidance on how to perform a preliminary asset analysis for your organization is offered. The relationship between threats, exposures, vulnerabilities, and countermeasures is also explained.

On This Page

Security Risk Management Components
Summary

Security Risk Management Components

The Need for a Strategic Security Program

Security is a balance between maintaining the ease of use of resources in your organization and controlling access to those resources. Putting together a security program that restricts both users and attacks can be time consuming and costly. A security program that pushes the balance too far toward control may disgruntle users with policies that limit them from effectively doing their work.

Conversely, a security program that is too lax may create a complacent attitude among users toward security in the workplace and may give attackers more opportunities. Communication on the importance of security in the organization is essential to avoiding other potential political issues. If security charters, policies, and plans are implemented "half-way" there may be issues in the future. When quality is a key attribute for information technology (IT) projects in which a "zero-defect" mindset is a fundamental principle, this same principle should be applied to ensure a high level of security in your organization.

A critical success factor for the establishment of a secure infrastructure involves developing an effective security risk management process. Through effective risk identification, assessment, management, mitigation, and execution, as well as contingency plans, you can help reduce the probability that a given risk will surface, and you can minimize the impact or consequence should the security risk be realized.

Performing a security-specific risk analysis activity will flush out critical security issues that require attention and a course of action. A security risk is realized when a threat takes advantage of a vulnerability that in turn causes some harm to an asset in your organization. The creation of mitigation and contingency plans allows you to create security policies and procedures to provide a proactive and reactive approach to security risk management.

Implementing, executing, and continually optimizing your organization's security plans is becoming more critical as technology evolves and new methods to exploit the technology are found. Security programs must change over time because they require constant attention to monitor their effectiveness and determine when new policies and procedures must be put in place. Security programs should also account for potential legal ramifications through incident response plans tailored to the organization's environment, as the prospect of getting sued over a security failure could present a serious problem.

Determining the costs involved is more easily accomplished by performing a proper and well-defined asset valuation. The investment cost of mitigation also must be weighed against the potential impact of what may happen to the asset if it is harmed or compromised. Reaching this goal is defined in Chapter 3, "Understanding the Security Risk Management Discipline," in which this discipline is used to help your organization strike the appropriate balance between cost and risk.

If the loss of sensitive company data from your organization will seriously affect productivity or revenue, then the investment required to ensure its protection may be significant. If the loss of that data will not be detrimental to the organization, then such data needs minimal protection, and the investment to protect it will be less.

The eight basic considerations that need to be addressed in the security risk assessment process are:

  • Security requirements for assets. Define all the components of your organization’s infrastructure that require any level of protection, including computers, networks, applications, and business data. Asset valuation needs to be assessed in both a quantitative and a qualitative fashion to properly plan for countermeasures or safeguards.

  • Threat analysis. Create a list of known exploits and determine the likelihood of a potential threat arising from each one. An exploit is a means that may be utilized by a threat to make use of a vulnerability in your environment. A compiled list of the top threat agents in your environment is required to perform a proper threat analysis. A threat is any potential danger to information or the computer systems in your environment. A threat agent is the person or process attacking the network through a vulnerable port on the firewall, or a process used to access data in a way that violates your security policy.

  • Exposures identification. Analyze the percentage of asset loss caused by each identified threat. Identifying and defining the potential value loss of each exposure is a crucial component in security risk analysis.

  • Vulnerability assessment. Develop a comprehensive list of all known vulnerabilities that can be used against those assets that require some level of protection. A vulnerability is any weakness in an information system or its components (for example, system security procedures, hardware design, software design, and internal controls) that could be exploited.

  • Countermeasure development. Develop an appropriate security risk countermeasure that makes good business sense, meaning that it is cost-effective for guarding the assets in your organization.

  • Penetration testing. Use penetration testing to help identify ways that an unauthorized individual could gain access to the organization. Common penetration testing methods include:

    • External resource scanning to identify potential targets to compromise.

    • War pinging to identify unsecured IP addresses. War pinging is a tool used by a hacker to find a range of IP addresses and find out what addresses are in use or what addresses answer within the set time. These results can be saved as .csv files and imported into databases.

    • Social engineering to locate individuals who may be tricked into revealing their passwords or some form of security information that would accidentally provide classified information.

    • Building penetration to determine whether physical access to the facility can be easily obtained.

      These tests are useful for increasing the attention that an organization places on security policies. One of the biggest considerations in performing a penetration test is identifying a reputable external agent to perform the tests.

  • Incident response. A good incident response plan will outline specific procedures to follow as you learn more about an attack on your organization. Generally, the nature of the attack symptoms will determine the order in which to follow the procedures defined in your security program. Because time is critical, less time-consuming procedures should generally be undertaken before more lengthy ones.

  • Scope of work effort to secure assets. Define the total amount of work, including time, effort, and money required to provide “good enough” security and to keep the overall infrastructure usable from the support and end-user perspectives of your organization. Cost-benefit analysis for a given safeguard should be derived from a proper security risk analysis in conjunction with the asset to the total cost of ownership (TCO) or return on investment (ROI) of the organization.

Assets

An asset is anything in your organization’s environment that may require some level of protection. Assets could include items on the balance sheet such as software applications or hardware and other less tangible items such as data or even people. The purpose of security is to prevent assets from being compromised and protecting the confidentiality, integrity, and availability of the data. All organizations are concerned with the integrity of their data and the risk of unauthorized data modification.

A key aspect of IT security risk management is determining the value of each primary asset in your organization, the value of the information that each asset contains, and how each asset relates to others in your environment. For example, if critical business data is compromised from a company's Web server, the company's worth may decrease in value, or a router that is compromised may connect all branch locations throughout the company to your primary data center.

The overall associated value of each asset will determine the time, effort, and cost of securing them based on the level of security that is required to provide each asset with adequate protection. Remember that assets may have an associated level of dependency. Consider how these resources are authenticated, or how users are authorized to gain access to each asset and the data that it exposes. For example, a weak password on a CIO's portable computer may pose a significant financial risk if it is compromised.

Assets themselves must also be classified according to the protective measures that each requires. These measures include:

  • Prevention. Measures that prevent assets from being damaged, altered, or stolen. Preventive measures can range from locking a server room door to setting up high-level security policies.

  • Detection. Measures that allow for detection when assets have been damaged, altered, stolen, or otherwise compromised. Detection measures also include mechanisms for determining how an asset had been compromised, and specifically who caused the damage. Various tools are available to help detect intrusions, damage or alterations, and viruses.

  • Reaction. Measures that allow for the recovery of the assets, even if an asset is lost or damaged.

These protective measure classifications should be integrated with different types of countermeasures. Countermeasures, or safeguards, help mitigate the potential risk of an asset being compromised. A countermeasure is designed to eliminate a vulnerability or reduce the risk of a threat exploiting a vulnerability in a computer environment.

To form countermeasures to protect your organization’s assets, you must first understand how your organization’s assets may be compromised by defining threats and risks that are relevant to them. The following list includes five principles to consider when developing a security program to protect your company assets. You must assess each of these principles according to your company's needs.

  • Confidentiality. Confidentiality is a condition maintained by ensuring that information is accessible only to those authorized to have access to it. Confidentiality ensures that the necessary level of secrecy is enforced at each junction of data processing to prevent unauthorized disclosure. An example of poor security measures would be allowing anonymous user access to sensitive information such as a human resources department file share.

  • Integrity. Integrity means safeguarding the accurate and completeness of information and processing methods. Integrity is upheld when the accuracy and reliability of information is maintained within the environment and when unauthorized modification of data is prevented. Storing incorrect data can be as bad as losing data.

  • Availability. Availability is the prevention of unauthorized withholding of information or resources. Availability ensures the reliability and timely access to data and resources to authorized individuals.

  • Authentication. Authentication is the process of verifying that users are who they claim to be when logging onto a computer or network. Generally, user names and passwords accomplish this authentication. More sophisticated authentication methods include the use of smart cards or biometrics, including fingerprint or retinal scanning.

    The process of authentication does not assign the user access rights to resources. Access rights are assigned through the authorization process. The loss of authentication means that there is no means of determining who is accessing the asset.

  • Authorization. Authorization is the right assigned to an individual or process to use the computer or network and the data that is stored on it. Authorization is typically set up by a system administrator and verified by a computer in your environment based on some form of user identification, such as a personal identification number (PIN), code number, or password.

    An authorization process uses the appropriate security authority to determine whether a user should have access to resources. The loss of authorization means that there is no means of determining who should be allowed to access the asset.

Relationship Between Threats, Exposures, Vulnerabilities, and Countermeasures

If a threat agent gives rise to a threat and exploits a vulnerability, the attack leads to a potential security compromise. The attack can then damage the asset by degrading its confidentiality, integrity, or availability. Therefore, the attack causes an exposure to potential company losses. However, these exposures can be minimized by the use of countermeasures.

For example, if a company has antivirus software only on its servers, and the virus signatures are not kept up to date, a vulnerability exists. The company becomes vulnerable to virus attacks and the threat of a virus showing up in the environment and disrupting productivity.

The risk is the likelihood of a virus showing up in the environment and causing damage. Because there is a possibility of losing or corrupting data from a virus attack, the company now has an exposure. The countermeasures for this situation are to ensure that antivirus software is installed on all computers in the environment and that the signatures on all the computers are up to date.

Security management terms can sometimes be difficult to understand. The following table provides a consolidated view of the key security components of security management.

Table 2.1  Key Security Components

Component

Definition

Threat

Any potential danger to information or computer systems.

Threat agent

The person or process attacking the network through a vulnerable port on the firewall, or a process used to access data in a way that violates your security policy.

Vulnerability

A software, hardware, or procedural weakness that may provide an attacker or threat agent with an opportunity to enter a computer or network and gain unauthorized access to resources within the environment.

Risk

The likelihood of a threat agent taking advantage of a vulnerability. It is the potential for loss or the probability that a threat will exploit a vulnerability.

Exposure

An exposure occurs when a threat agent exposes a company asset to potential loss. A vulnerability can cause an organization to be exposed to possible damages.

Countermeasure

A countermeasure, or safeguard, mitigates a risk. Countermeasures include software configurations, hardware, and procedures that eliminate a vulnerability or reduce the risk of a threat agent from being able to exploit a vulnerability.

The relationship between threats, vulnerabilities, and risk can initially be a tough concept to grasp. Each threat and vulnerability identified within your organization should be qualified and ranked according to a standard, such as low, medium, or high. The ranking will vary among organizations and sometimes even within an organization. For example, the threat of an earthquake is significantly higher for offices near a major fault line than elsewhere. Similarly, the vulnerability of physical damage to equipment would be very high for an organization producing highly sensitive and fragile electronics, but the same vulnerability level for a construction company may be lower.

The Risk Management Matrix can help you evaluate threats and their impact on your organization. The level of risk in your organization increases with the level of threat and vulnerability, as the following figure indicates.

Cc751212.SGFG0201(en-us,TechNet.10).gif

Figure 2.1  Risk management matrix

The risk management matrix may be used as a tool in the following way. For example, your company might have two different types of Web sites: a volunteer not-for-profit informational site and a financial services transactional site that provides end to end sales transactions for your customers.

Each Web site will have different risk levels. For instance, informational Web sites may have a low threat level because they contain information that is not crucial for business operations to function if stolen or damaged. Such informational Web sites may also have a low vulnerability level if current services packs and hotfixes are deployed on these servers. Low threat levels place the informational Web site in the Low Risk quadrant.

On the other hand, the financial services Web site might be in the Medium or High Risk quadrant. Attackers may benefit greatly if the financial data is compromised or stolen, which makes the level of threat high. However, if the Web servers have the appropriate service packs and hotfixes, then this Web site would be somewhat less vulnerable and may fall in the Medium Risk quadrant. If the Web servers are not current with service packs and hotfixes, then the Web site would be very vulnerable and would fall in the High Risk quadrant.

The following figure provides a theoretical model that can be used to determine the various threats, motives and goals, methods, exploits, and vulnerabilities that could be used against your organization in an attack.

Cc751212.SGFG0202(en-us,TechNet.10).gif

Figure 2.2  The path to compromise an asset

This figure depicts a simple yet logical path showing how threat agents may compromise assets. The three types of threat classification are shown on the far left side of the figure. Threat classification identifies who the attacker is or what threat agents are initiating the attack. The classifications include nonmalicious threats, malicious threats, and catastrophic incidents.

Threat agents typically have motives and goals to achieve when attempting to compromise assets, such as financial gain. The threat agents use specific tools, techniques, and methods to exploit certain vulnerabilities in the security of the assets. The arrows in the figure depict the path that an attacker may take during an attempt to compromise an asset and the vulnerabilities that may be exploited.

Threat Classifications

A threat is a person, place, or thing that has the potential to access resources and cause harm. Threats can originate from two primary sources: humans and catastrophic events. Human threats subsequently can be broken down into two categories: malicious and nonmalicious. Nonmalicious “attacks” usually come from users and employees who are not properly trained on computers and who are not aware of various computer security threats. Malicious attacks usually come from external people or disgruntled current or ex-employees who have a specific goal or objective to achieve.

Table 2.2  Threat Types

Threat

Examples

Catastrophic incident

Fire, water, wind, earthquake, power failure, terrorist attack

Nonmalicious person

Uninformed employee, uninformed user

Malicious person

Attacker, industrial spy, government, bribery, social engineering
Catastrophic Incidents

Any event relating to extreme weather, naturally occurring phenomena, or a catastrophic incident may cause severe damage to your organization's infrastructure. Information can be lost, hardware can be damaged, and a loss of productivity can occur along with the disruption of other essential services.

Unfortunately few preventative measures can be implemented to mitigate the potential for catastrophic incidents. The best approach for these types of threats is to have disaster recovery and contingency plans in place to help minimize the effects of a loss. Having these plans in place and ready to go will help your organization restore itself to its “previous state” to resume normal business operations as quickly as possible. In addition to natural catastrophic events, terrorist attacks are included because it may be difficult to form effective contingency plans to protect against informational asset loss in the event of such an attack.

Mechanical Failures

Mechanical threats are often overlooked. These threats can include power outages, hardware failures, and network outages. Prevention of vulnerabilities that may arise from these threats can often be implemented through proper planning.

Hardware clustering, redundant power trunks for data centers, and robust network designs can help eliminate single points of failure in your organization that may cause mechanical failures. However, implementing these countermeasures can be extremely expensive and should be evaluated carefully to ensure that the value of the asset warrants using such methods.

Mitigating mechanical threats may uncover additional security risks, because mitigation steps may increase the attack surface. The attack surface is the view of the asset with regard to the number of potential entry points. Often, by adding features or functionality to a computing asset, other security vulnerabilities may be exposed. However, mechanical threats themselves are not traditionally a large concern for a security project and therefore should also be considered outside the scope of this guide.

Human Threats

Human threats can appear in two different varieties: malicious and nonmalicious. Nonmalicious threats can cause major issues with data integrity through normal user error. Software bugs, data entry errors, and administrative mistakes all fall into this category.

Malicious Attacks

Malicious threats consist of attacks by disgruntled or malicious current and former employees or people from outside the organization. Insiders are likely to have specific goals and objectives and usually have some level of legitimate access to computers in the environment. Employees are the group most familiar with your organization's computers and applications, including having knowledge of what exploits and vulnerabilities may cause the most damage to your organization. This type of attack can be extremely difficult to detect or protect against.

Malicious insiders are likely to have specific goals and objectives and usually have legitimate access to the network. A malicious insider attack can affect all components of your computer security or applications. Other types of security crimes instigated by malicious insiders may involve bribery or social engineering.

Social engineering is the process of tricking people into revealing their passwords or some form of security information. Often these actions go undetected because audit trails are inadequate, or they fail to be reviewed.

A malicious attacker can also use social engineering to deceive employees and gain entry to your environment. For example, an attacker could masquerade as an administrator and ask for passwords and user names. Employees who are not well trained and are not security conscious can fall for this deception.

Disgruntled employees can create at best inconvenience or at worst sabotage within an organization. Current employees can actually cause more damage than former employees.

Nonmalicious Attacks

Attackers are not the only ones who can harm an organization. The primary threat to data integrity comes from authorized users who are not aware of the actions that they are performing. Errors and omissions can cause your organization to lose, damage, or alter valuable data.

Errors and omissions are important threats to data integrity. Errors are caused not only by data entry clerks processing hundreds of transactions per day, but also by all users who create and edit data. Many programs, especially those designed by users for personal computers, are lacking in appropriate quality-control measures. However, even the most sophisticated programs cannot protect against all types of input errors or omissions.

Programming and development errors, often called “bugs," range in severity from irritating to catastrophic. Improved software quality has reduced but not eliminated this threat. Installation and maintenance errors can also cause security problems.

Organizations often assume that the information programs that its computer systems receive are more accurate than they really are. Many organizations address errors and omissions in their computer security, software quality, and data quality programs by implementing security policies.

Categorizing Threats

There are literally hundreds of ways to categorize threats. Microsoft developed the STRIDE method of categorizing the following malicious threat types: Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, and Elevation of privilege. Each component of the method is defined in the following subsections.

Spoofing Identify

Spoofing identity threats include anything done to illegally obtain or access and use another person's authentication information, such as a user name or password.

Tampering with Data

Tampering with data threats involve the malicious modification of data. Examples include unauthorized changes made to persistent data, such as the defacing of a Web site, information held in a database, or the alteration of data as it flows between two computers over an open network.

Repudiation

Repudiation threats are associated with users who deny performing an action, yet other parties having no way to prove otherwise. An example would be when a user performs an illegal operation on a computer that lacks the ability to trace the prohibited operation. Nonrepudiation refers to the ability of a computer or network to counter repudiation threats. For example, a user who purchases an item might have to sign for the item upon receiving it. The vendor can then use the signed receipt as evidence that the user did receive the package.

Information Disclosure

Information disclosure threats involve the exposure of information to individuals who are not supposed to have access to it. Examples include the ability of users to read files to which they were not assigned access and the ability of an intruder to read data in transit between two computers.

Denial of Service

Denial-of-service (DoS) attacks disrupt service to valid users. DoS attack objectives may include making a Web server temporarily unavailable or unusable. Protection against certain types of DoS threats can help improve computer availability and reliability.

Elevation of Privilege

In this type of threat, an unprivileged user gains privileged access that enables them to compromise or possibly destroy an entire computer or network. These threats include situations in which an attacker has effectively penetrated all defenses to exploit and damage the computer or network.

Exploits

An asset may be accessed through a threat that takes advantage of a vulnerability in your organization's environment. The following table provides examples of three key exploit types.

Table 2.3  Exploit Types

Exploit

Example

Technical vulnerability exploit

Brute force attack
Buffer overflow
Misconfiguration
Replay attack
Session hijacking

Information gathering

Address identification
Document grinding
OS identification
Port scanning
Response analysis
Social engineering
Service and application probing
User enumeration
Vulnerability scanning
Wireless leak

Denial of service (DoS)

Physical damage
Removal of resources
Resource modification
Resource saturation
Buffer overflow
Example: Exploits from Malicious Attackers
Deleting and Altering Information

Malicious attackers who delete or alter information typically want to prove a point or take revenge for something that has happened. Malicious insiders typically act out of spite toward the organization because they are disgruntled about something. Outsiders, however, may attack just to prove that doing so is possible, or they may do so simply for the satisfaction of saying that they did it.

Committing Fraud and Information Theft

Information technology is increasingly both the tool and the target for fraud and theft. Properly designed and controlled financial systems can support required legislation or reporting requirements to prevent fraud. Financial system environments are not the only ones subject to this abuse. Other company targets include those with environments that control access to personal information, such as credit or identity agencies, time and attendance systems, inventory systems, school grading systems, or long-distance telephone billing systems.

Because many computers are relatively small and valuable, physical theft is easy. The hardware asset itself may be replaceable, but the data that it contains may be far more valuable if it contains credit card numbers or medical patient histories. You can never make something impossible to steal, but to better protect the investment in equipment, such measures as desk locks can be used to secure computers in your organization. If a computer is stolen, the information that it contains will be at the disposal of the thief who may erase it or be able to read it, but you can ensure that the stolen information is virtually useless by encrypting it and making certain that the thief cannot gain access to the key to decipher it.

Disrupting Normal Business Operations

Attackers may want to disrupt normal business operations. Such attacks may be done as acts of spite—for example, if a disgruntled employee does not want to work because he or she has been turned down for a promotion.

Alternatively, outside attackers might want to disrupt services to gain a competitive edge in a world that thrives on competition. It is also possible that the perpetrators may attack just for the fun of it. In any of these situations, the attacker has a specific goal to achieve and accomplishing it brings some level of satisfaction and reward to the attacker. Attackers can use several methods for performing DoS attacks. The section on "Threat Analysis" in Chapter 3, "Understanding the Security Risk Management Discipline," discusses methods, tools, and techniques to carry out DoS attacks.

Attack Methods

Threat Motive + Exploit Method + Asset Vulnerability = Attack

The method in this formula exploits the organization’s vulnerability to defend against attack as described in Figure 2.2. Malicious attackers can gain access or deny services in numerous ways, which include the following:

  • Viruses, Trojan horses, and worms

  • Password cracking

  • DoS attacks

  • E-mail hacking

  • Malicious code

  • Packet replay

  • Packet modification

  • Eavesdropping

  • Social engineering

  • Intrusion attacks

  • IP spoofing and session hijacking

Vulnerabilities

A vulnerability is a point where an asset is susceptible to a threat. It may also be thought of as a weakness. Vulnerabilities may originate from technology, people, or processes. Most often they are viewed as technological flaws in the implementation of software or hardware, or in how a computer or network is designed or architected. Poorly defined and communicated organizational policies and procedures are also vulnerabilities.

In addition, vulnerabilities are weak points or loopholes in security that a malicious attacker exploits to gain access to the network or to resources on the network. The key point to understand is that the vulnerability is not the attack itself, but rather the weak point that is exploited.

The following is a list of possible vulnerabilities. These vulnerabilities represent just a few of the many that exist and include examples in the areas of physical, data, and network security.

Table 2.4  Types of Vulnerabilities

Vulnerabilities

Examples

Physical

Unlocked doors

Natural

Building built on a fault line

Hardware and software

Out-of-date antivirus software and operating system patches

Media

Electrical interference

Communications

Unencrypted protocols

Human

Poorly defined procedures and poorly written applications

Risks

A risk is the likelihood of a threat agent taking advantage of a vulnerability, and the loss potential, or probability that such a threat will exploit that vulnerability. If a firewall has several ports open, there is a higher risk that an intruder will use one of the ports to access the network by an unauthorized method.

If users in your environment are not trained on processes and procedures, there is a higher risk that an employee will make a mistake and unintentionally destroy data. If an intrusion detection system is not implemented on a network, there is a higher risk that an attack will go unnoticed until it is too late. Reducing vulnerabilities or threat agents reduces risk.

Countermeasures

Countermeasures, or safeguards, mitigate the potential risk. A countermeasure is anything such as a software configuration, hardware, or procedure that when deployed counteracts a threat and vulnerability to reduce risk in a computer environment.

Examples of countermeasures include strong password management, a security guard, access control mechanisms within an operating system, the implementation of BIOS passwords, and security awareness training.

If your company has security hotfixes only on your servers, and the hotfixes are not kept up to date, a vulnerability exists. The threat is a malicious or nonmalicious user showing up in the environment and disrupting productivity. Without current hotfixes, a computer is not protected, and there is a possibility of lost or corrupted data from this exposure. The countermeasures in this situation are to install any service packs that are prerequisites on all computers in your organization, and then to update them with any hotfixes not included in the service packs. The relationship between threats, vulnerabilities, and countermeasures is shown in the following figure.

Cc751212.SGFG0203(en-us,TechNet.10).gif

Figure 2.3  Relationships between security components

The Computer Intrusion Squad survey published by the Computer Security Institute (CSI) and the San Francisco branch of the Federal Bureau of Investigation (FBI) goes into great depth on various types of computer crimes. The CSI and FBI survey results should be taken as raw intelligence. These surveys provide an intelligence resource to keep your thinking current on emerging trends in cyber crime.

Summary

This chapter provided an overview of the most significant components of security analysis and the major processes required to practice it. Understanding the relationships among threats, exposures, vulnerabilities, and countermeasures is vital to achieving effective security measures in your organization.

More Information

For information about computer crimes, see the Computer Security Institute Web site at www.gocsi.com.

For information about threat assessment, see “Threat Assessment of Malicious Code and Human Threats,” by Lawrence E. Bassham and W. Timothy Polk at the National Institute of Standards and Technology Computer Security Division Web site at www.csrc.nist.gov/publications/nistir/threats/.

For information about best practices in information security, see the ISO 17799 Directory at www.iso-17799.com/.

For information about hacking, see the Hacking Exposed Official Companion Web site at www.hackingexposed.com/.

For information about security threats, see the Security Threats page on Microsoft TechNet at www.microsoft.com/technet/security/bestprac/bpent/sec1/secthret.mspx.

For information about asset valuation, see the National Institute of Standards and Technology Computer Security Resource Center at https://csrc.nist.gov/asset/.

Download

Get the Securing Windows 2000 Server

Solution Accelerator Notifications

Sign up to stay informed

Feedback

Send us your comments or suggestions