textbook

Information Security Professional
(CISSP Preparation)

MPICT Summer Conference
Mon, June 13 - Fri, June 17, 2011, CCSF
Sam Bowne

Schedule · Lecture Notes · Projects · Links · Home Page

 

Class Description

Covers information security thoroughly, including access control, application security, business continuity, cryptography, risk management, legal issues, physical security, and telecommunications and network security. This class helps to prepare students for the Certified Information Systems Security Professional (CISSP) credential, which is essential for high-level information security professionals. Students are strongly encouraged to practice with the Transcender prep tests before taking the exam, and access to those tests will be included in the class.

Prerequsites: Students should have Network+ and Security+ level understanding of networking and security. Previous experience of hacking is helpful but not required.

Upon successful completion of this course, the student will be able to:

  1. Explain security and risk management.
  2. Define and implement access controls.
  3. Assess application security.
  4. Plan for business continuity and disaster recovery.
  5. Apply cryptography correctly to protect information.
  6. Explain legal regulations and ensure compliance.
  7. Perform investigations, preserve evidence, and cooperate with law enforcement authorities.
  8. Explain codes of conduct and ethical issues.
  9. Maintain security of operations.
  10. Assess physical and environmental security.
  11. Design security architecture.
  12. Explain telecommunications and network security.

Textbook

CISSP All-in-One Exam Guide, Fifth Edition, by Shon Harris ISBN-10: 0071602178 Buy from Amazon

Optional Supplementary Textbook (source of lectures)
CISSP Guide to Security Essentials, 1st Edition, by Peter Gregory ISBN-10: 1435428196 Buy from Amazon



Schedule

Date Topic
Mon, June 13
9:30 - 12:30 &
1:30 - 4:30 		  Ch 3: Information Security and Risk Management
Ch 4: Access controls
 
Tue, June 14
9:30 - 12:30 &
1:30 - 4:30		  Ch 5: Security Architecture and Design
Ch 6: Physical and Environmental Security
Wardriving
 
Wed, June 15
9:30 - 12:30 &
1:30 - 4:30		  Ch 7: Telecommunications and Network Security
Ch 8: Cryptography
Social Event 5 - 7
 
Thu, June 16
9:30 - 12:30 &
1:30 - 4:30		  Ch 9: Business Continuity and Disaster Recovery Planning
Ch 10: Legal, Regulations, Compliance and Investigations
Ch 11: Application Security
OWASP's Top Ten Web Application Risks
 
Fri, June 17
9:30 - 12:30 		  Ch 12: Operations Security




Lectures

Introduction to CNIT 125
Encrypted email setup guide
 
3: Information Security and Risk Management    Word doc
4: Access controls    Word doc
5: Security Architecture and Design    Word doc
6: Physical and Environmental Security    Word doc
7: Telecommunications and Network Security    Word doc
8: Cryptography    Word doc
9: Business Continuity and Disaster Recovery Planning    Word doc
10: Legal, Regulations, Compliance and Investigations    Word doc
11: Application Security    Word doc
   OWASP's Top Ten Web Application Risks
12: Operations Security    Word doc
The lectures are in Word and PowerPoint formats.
If you do not have Word or PowerPoint you will need to install the
Free Word Viewer 2003 and/or the Free PowerPoint Viewer 2003.


Back to Top

Projects


Professional Networking

Twitter (10 pts.)

Application Security

HTTP Headers
Tamper Data
WebGoat Setup
WebGoat Introduction
WebGoat: Access Control
HackThisSite

Network Security

Using Metasploit 3 to Take Over a Windows XP Computer
Stealing Passwords with a Packet Sniffer
Port Scans and Firewalls
Analyzing Types of Port Scans
Building a Web Server
DoS Attack with the Low Orbit Ion Cannon
      LOIC (7-zip, password sam)
Attacking Apache
Protecting a Web Server with a Load Balancer
      haproxy-1.4.11.tar.gz
Protecting Apache with mod_security
Attacking Apache with the OWASP Slow Http Tool
Attacking IIS with the OWASP Slow Http Tool
Introduction to scapy
TCP Handshake with scapy
Port Knocking on BackTrack Linux
Attacking nginx
Attacking nginx with the OWASP Slow Http Tool
Benchmarking Web Server Performance
Protecting Apache with iptables
Slow Loris Attack with scapy
yesman--Scanner Honeypot with scapy
ARP Spoofing with scapy
Detecting Promiscuous NICs with scapy
Social Engineering Toolkit Java Exploit

IPv6 Security

IPv6 Tunnel
IPv6 Router Advertisements
Using thc-ipv6 to Scan an IPv6 Network
IPv6 with scapy
Win 7 DoS with Router Advertisements
Router Advertisements with scapy
Router Advertisement attack with npg on Windows
      ra-attack.txt
Duplicate Address Detection
DoS with Secure Neighbor Discovery (SeND)
Introduction to gdb

Operating System Security

Preparing a Trusted Windows XP Virtual Machine
Installing Ubuntu Linux
Using a Software Keylogger
     Download SC Keylog Pro Demo
Rootkitting Windows
     hxdef100r (open with 7-zip, password sam)
Using the Ultimate Boot CD to Create Administrator Accounts
Rootkitting Ubuntu Linux      fk.tgz      fix-fu
Using a Hardware Keylogger
PDF Exploit with Metasploit

Cryptography

Cracking Windows XP Passwords with Ophcrack
Cracking Windows Passwords with Cain
MD5 Collisions
Hijacking HTTPS Sessions with SSLstrip
    sslstrip-0.4.tar.gz
Getting into Ubuntu Linux Without a Password
TrueCrypt
Encrypted Email
Password Guessing Games

Basic Programming

Programming in C on Ubuntu Linux
Programming in Perl on Ubuntu Linux
Programming with Python on Windows

Wireless

Cracking Wired Equivalent Privacy (WEP) with an EEE PC 
Cracking WPA


New for Summer 2010

Encrypted email with Gnu & Thuinderbird

From Spring 2010

Encrypted Email Setup
Backing up a Private Key
NDA from Spring 2010
Back to Top

Links

Introduction to CISSP and CNIT 125
CISSP 1: CISSP Education & Certification
CISSP 2: (ISC)2 | Certified Information Security Education
CISSP 3: CISSP was the third highest salaried certification in 2009
CISSP 4: DOD 8570 requires CISSP, Sec+, and other certs for all gov\'t Information Assurance employees
CISSP 5: CISSP exam prices
CISSP 6: (ISC)2 Code of Ethics
CISSP 7: Associate of (ISC)˛ Certification
CISSP 8: SSCP Education & Certification
CISSP 9: Exam Prices (pdf)
CISSP 10: Test Prep: 10 Tips For Preparing and Passing the CISSP Exam
CISSP 11: How to get continuing education credit for CISSP certification holders

7 Types of Hard CISSP Exam Questions and How To Approach Them
How I Prepared for the CISSP Exam--Sam Bowne
A CISSP Study Plan Memoir
CISSP Practice Test

Links for Chapter Lectures
Ch 0a: How Dan Kaminsky broke and fixed DNS
Ch 0b: The Most Dangerous Man in Cyberspace
Ch 0c: JadedSecurity » What the CISSP won*quot*t teach you
Ch 0d: Modern Day Witch Hunting by CISSP Members Minus The Ergot
Ch 0e: My Canons on (ISC)˛ Ethics - Such as They Are
Ch 0f: Dan Kaminsky & Kevin Mitnick Hacked
Ch 0g: How Byron Sonne\'s obsession with the G20 security apparatus cost him everything
Ch0h: Anonymous hacker quits, calls group\'s members hypocrites and its efforts fruitless
Byron Sonne, G20 \"Bomber\", Was a CISSP--Certification Suspended (2010-06-25)

Ch 1a: CCSF Catalog Mission Statement
Ch 1b: Mission statement - Wikipedia, the free encyclopedia
Ch 1c: Objective(Goal) - Wikipedia
Ch 1d: Objective Definition | Definition of Objective at Dictionary.com
Ch 1e: NIST 800-30:Risk Management Guide for Information Technology Systems
Ch 1f: ISO27k infosec management standards
Ch 1g: ISO/IEC 27001 - Wikipedia
Ch 1h: Assessing risk of IE 0day vulnerability
Ch 1i: Information Security Governance (pdf)
Ch 1j: SANS: Information Security Policy Templates
Ch 1k: Sarbanes-Oxley Act - Wikipedia
Ch 1l: The Sarbanes-Oxley Act 2002
Ch 1m: Operation Aurora - Wikipedia

Ch 2a: Active Directory\'s LDAP Compliance

Ch 3a: OWASP
Ch 3b: Vulnerability scanners miss 49% of the vulns they are looking for (see figure near bottom of article)
Ch 3c: Memory Parsing Vulnerability being used to steal credit card numbers (pdf)
Ch 3d: OWASP Top Ten Web Application Vulnerabilities
Ch 3e: Object Oriented Database Management Systems

Ch 5a: Substitution cipher - Wikipedia
Ch 5b: Transposition cipher - Wikipedia
Ch 5c: Running key cipher - Wikipedia
Ch 5d: NIST Recommendation for Block Cipher Modes of Operation (pdf)
Ch 5e: NIST Cryptographic Algorithms and Key Sizes (1024-bit RSA no longer recommended)
Ch 5f: US-CERT Vulnerability Note VU#836068--MD5 vulnerable to collision attacks
Ch 5g1: NIST.gov - Federal agencies should stop using SHA-1

Ch 6a: Differences between Civil and Criminal Law in the USA
Ch 6b: NET Act - Wikipedia
Ch 6c: The technique of computer matching
Ch 6d: Privacy Act Overview, 2010 Edition: Computer Matching

Ch 7a: Security Control Types and Operational Security

Ch 8a: Man Trap
Ch 8b: Crash gates
Ch 8c: How to Calculate HVAC Tonnage

Ch 9a: Bell-La Padula model - Wikipedia
Ch 9b: Biba Model - Wikipedia
Ch 9c: Clark-Wilson model - Wikipedia
Ch 9d: Non-interference (security) - Wikipedia
Ch 9e: Common Criteria - Wikipedia
Ch 9f: Bus (computing) - Wikipedia
Ch 9g: Ring (computer security) - Wikipedia
Ch 9h: Windows Architecture--only rings 0 and 3 are used
Ch 9i: Lock My PC backdoor password

Ch 10a: Multiprotocol Label Switching - Good explanation of why MPLS will replace ATM
Ch 10b: Verizon Wireless -and CDMA
Ch 10c: CLEAR 4G Wireless Broadband Internet Service--WIMAX
Ch 10d: How to reach maximum 802.11n speed and throughput
Ch 10e: Near Field Communication - Wikipedia
Ch 10f: Address Resolution Protocol - Could be regarded as an OSI model layer 2 or 3 protocol
Ch 10g: TCP/IP model - Wikipedia
Ch 10h: Anycast - Wikipedia
Ch 10i: Is RIP layer 3 protocol or layer 7 protocol? : layer, rip, protocol

SSL-1: Security Certificate Warnings Don\\\'t Work
SSL-2: Boffins bust web authentication with game consoles
SSL-3: VeriSign remedies massive SSL blunder (kinda, sorta)
SSL-4: MD5 Hack Interesting, But Not Threatening
SSL-5: National Software Reference Library--Md5 not recognized
SSL-6: FIPS 140-2 (2001) can be downloaded here
SSL-7: 14% of SSL certificates on the Internet potentially unsafe
SSL-8: China Internet Network Information Center accepted as a Mozilla root CA
SSL-9: Bug 549701 %u2013 Remove inactive RSA Security 1024 V3 root
SSL-10: Vulnerabilities Allow Attacker to Impersonate Any Website
SSLstrip & Slowloris & Scary SSL Attacks (ppt)
Safe--countermeasure for sslstrip attack


Miscellaneous Links
The 7 Psychological Principles of Scams: Protect Yourself by Learning the Techniques
Exposing Network Vulnerabilities -- Campus Technology
The Apache Cassandra Project--highly scalable distributed database
CISSP 12: GIAC Research in the Common Body of Knowledge -- Good white papers for the ten CISSP domains
Web Security Tools˛: skipfish and iScanner--excellent introduction to these tools
Information Security Careers Cheatsheet
Luhn Check - MOD 10 Algorithm
LOQMail--encrypted email solution, free 30-day trial
Data Encryption | First Data--End-to-end encryption to completely escape PCI Compliance requirements
Project: www.rcfl.org - /downloads/ -- directory traversal vulnerability
How To Get Your Very Own Free SSL Certificate
Tech//404 -- Calculates expected financial loss for lost records
Rainbow Series - Wikipedia, the free encyclopedia
Orange Book--Reference Monitor and Security Kernel
Security modes - The four MAC modes: Dedicated, System high security, Compartmented, Multilevel
Acosta v Byrum--very important precedent for HIPPA-based lawsuits
An Illustrated Guide to IPsec
LOMAC -- Linux method for protecting integrity of system files
Fix to save restore points in a dual-boot
DOD offers tiny, secure linux distribution -- 125 Project
Google's Web Application Security Training Resource - Jarlsberg.appspot.com -- Better than WebGoat?
Integrating Nessus with BackTrack 5's Tools -- CNIT 125 Project
The Ultimate Web App Security Scanner Comparison Published - AppScan Standard Leads the Pack <--Project ideas
Pingdom stores & transmits passwords in cleartext -- possible project
John The Ripper Hash Formats --useful for projects
More SQL injections; apparently hotels in TN -- COLD CALLS DATA
Yale Gets Google Dorked -- project idea

New Unsorted Links
Ch 2b: Crack Password Hashes in Lion -- OS X 10.7 - Hack Mac
Ch 2c: Lockheed Says Hacker Used Stolen SecurID Data - NYTimes.com
2d: Amazon.com: Ghost in the Wires: My Adventures as the World*quot*s Most Wanted Hacker (9780316037709): Kevin Mitnick, Steve Wozniak, William L. Simon: Books
2e: Mitnick fakes way into LA Telco Central Office - YouTube
2011-09-14: EMET - Whitelisting for Windows -- Good CNIT 125 Project
Lilith -- Web Application Security Audit Tool | Darknet - PROJECT IDEA
WAVSEP -- Web Application Vulnerability Scanner Evaluation Project -- PROJECT IDEA
0-Day SCADA Exploits Released, Publicly Exposed Servers At Risk -- COLD CALLS PROJECT DATA
Windows 7 kernel ASLR research. Statistics on number of unique images addresses per 100 OS runs -- POSSIBLE PROJECT
Bypassing Chrome*quot*s Anti-XSS filter --GOOD PROJECT IDEA
Fake Twitter typosquatting page -- DO NOT LOG IN -- PROJECT IDEA -- Find more of these & take them down
Cold Calls Project Instructions
New Attack Breaks Confidentiality Model of SSL, Allows Theft of Encrypted Cookies -- GOOD PROJECT
NetworkMiner 1.1 - Network Forensic Analysis Tool (NFAT) Released ~
NetworkMiner 1.1 - Network Forensic Analysis Tool (NFAT) Released -- PROJECT IDEA
Free Proxy - Surf Anonymously & Hide Your IP Address - Hide My Ass! <--PROJECT IDEA
Certificate Patrol <--PROJECT IDEA
From the man who discovered Stuxnet, dire warnings one year later - CSMonitor.com
2011-09-28: Flawfinder -- source code security scanner <--PROJECT IDEA
2011-09-29: sqli1 - Pastebin.com -- More data for CNIT 125 Projects
Google tracks you. We don*quot*t. An illustrated guide.
Except for nuclear power plants, no regulations govern how to secure systems against cyber-attacks
More SCADA vulns for Cold Calls -- atvise
Interesting SCADA Security Presentation (from 2004)
2011-10-08: Securing Flash Drives within the Enterprise
2011-10-11: Bestcasuals.com Vuln Audit. _St0rm - Pastebin.com -- PROJECT DATA
Ethics Project: (ISC)˛ Ethics Complaint Procedure
Ethics Project: (ISC)2 Code of Ethics
2011-10-14: jjghui - Google Search -- MORE COLD CALLS DATA -- INFECTED WEBSITES
Mass infections from jjghui.com/urchin.js (SQL injection) <--MORE INFO FOR COLD CALLS
2011-10-15: Jadedsecurity emails re: CISSP
My Canons on (ISC)˛ Ethics - Such as They Are -- Jericho from Attrition
(ISC)^2 Code of Ethics PDF
2011-10-19: Over a million web sites affected in mass SQL injection attack -- MORE INFO FOR COLD CALLS
2011-10-28: Government websites with SQLi <--MORE FRESH COLD CALLS DATA
Sample Contact Letter for Government Cold Calls
Preventing SQL Injection in Java - OWASP --COLD CALLS INFORMATION
Huge list of vulnerable Web apps for training -- PROJECT IDEAS

Ch 10j: 3GPP Long Term Evolution - Wikipedia

Ch 10k: Frame Injection at Layer 1: 802.11 Packets in Packets

Computer Security -- Free online class at Stanford

CISSP Reloaded -- study notes
2012-02-06: Hospital appeals $250,000 fine for late breach disclosure - 19 days
2012-02-06: California law requires breach notification within 5 days (for medical data)
2012-02-06: CA Codes (civ:1798.80-1798.84) -- breach notification, see .82 (a) and (c)
2012-02-06: California Amends its Security Breach Notification Law : Workplace Privacy Counsel

CISSP Certification, Information Security and Risk Management

Finding PII with Google--COLD CALLS DATA

          

Back to Top
Last Updated: 6-15-11 8 am