Introduction xvii business commu We talk about the five major steps of operations security:identifying critical information,analyzing threats,analyzing vulnerabilities,determining risks, and planning countermeasures.We also go over the Laws of OPSEC,as penned by Kurt Haas.In addition to discussing the use of operations security in the worlds of business and government,we also address how it is used in our per sonal lives,although perhaps in a less formal manner. Chapter 7:Physical Security his hapr虹d。Weaddres the categories of physuss how they might be put in place to mitigate physical securit rent detective,and preventive measures We talk about the foremost concern in physical security,ensuring the sa ety of our people and talk about how data and equipment can generally be replaced,when proper precautions are taken,though people can be very difficult to replace.We also cover the protection of data,secondary only to protecting our people,and how this is a highly critical activity in our world of technology-based business.Lastly we discuss protecting our equipment,both outside of and within our facilities. Chapter 8:Network Security In this chapter ect our networks from a variety work design and egmentation prop erly,ensuring that we have the proper choke points to enable control of traffic, and that we are redundant where such is needed.We look into the implemen- tation of security devices such as firewalls and intrusion detection systems, the protection of our network traffic with virtual private networks(VPNs)and security measures specific to wireless networks when we need to use them ind make use of sec ure protocols.We also consider a variety of security tools, such as Kismet,Wireshark,nmap,honeypots,and other simil ar utilitie Chapter 9:Operating System Security the additional security-related software that we might use to secure our sys- tems including anti-malware tools,software firewalls,and host-based intrusion detection systems in order to protect us from a variety of attacks.Lastly,we touch on some of the security tools that we can use from an operating perspec- tive,including port scanners such as nmap,vulnerability analysis tools such as Nessus,and oloit frameworks such as Metasploit. Chapter 10:Application Security In this chapter we consider the various ways s in which we might secure our applications.We go over the vulnerabilities common to the software Introduction xvii in the sixth century BC to the words of George Washington, writings from the business community, and formal methodologies from the U.S. government. We talk about the five major steps of operations security: identifying critical information, analyzing threats, analyzing vulnerabilities, determining risks, and planning countermeasures. We also go over the Laws of OPSEC, as penned by Kurt Haas. In addition to discussing the use of operations security in the worlds of business and government, we also address how it is used in our per￾sonal lives, although perhaps in a less formal manner. Chapter 7: Physical Security In this chapter, we discuss physical security. We address the main categories of physical security controls, to include deterrent, detective, and preventive measures, and discuss how they might be put in place to mitigate physical security issues. We talk about the foremost concern in physical security, ensuring the safety of our people and talk about how data and equipment can generally be replaced, when proper precautions are taken, though people can be very difficult to replace. We also cover the protection of data, secondary only to protecting our people, and how this is a highly critical activity in our world of technology-based business. Lastly, we discuss protecting our equipment, both outside of and within our facilities. Chapter 8: Network Security In this chapter, we examine how we might protect our networks from a variety of different angles. We go over secure network design and segmentation prop￾erly, ensuring that we have the proper choke points to enable control of traffic, and that we are redundant where such is needed. We look into the implemen￾tation of security devices such as firewalls and intrusion detection systems, the protection of our network traffic with virtual private networks (VPNs) and security measures specific to wireless networks when we need to use them, and make use of secure protocols. We also consider a variety of security tools, such as Kismet, Wireshark, nmap, honeypots, and other similar utilities. Chapter 9: Operating System Security In this chapter, we explore hardening as one of the primary tools for secur￾ing the operating system and the steps that we take to do so. We also review the additional security-related software that we might use to secure our sys￾tems including anti-malware tools, software firewalls, and host-based intrusion detection systems in order to protect us from a variety of attacks. Lastly, we touch on some of the security tools that we can use from an operating perspec￾tive, including port scanners such as nmap, vulnerability analysis tools such as Nessus, and exploit frameworks such as Metasploit. Chapter 10: Application Security In this chapter, we consider the various ways in which we might secure our applications. We go over the vulnerabilities common to the software