- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
SANS InfoSec Reading Room - Getting Started/InfoSec
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.
Featuring 11 papers as of Nov 8, 2009
Innovative Technologies and Guidelines Securing 21Century Telecommunications- By: Joseph Cronin (posted on August 18, 2006)
- This paper defines the fundamentals of 802.1x authentication, explains how the authentication process works in 802.1x, and provides the detailed steps to implement 802.1x in a switched LAN environment using Cisco's Implementation of 802.1x.
- Secure Perimeter Network Design for GIAC Enterprises
- By: Ted Franger (posted on May 17, 2005)
- This paper puts forth a secure perimeter network design for the fictional company GIAC Enterprises, which is in the business of brokering fortune cookie sayings. The paper consists of three assignments and is completed in fulfillment of the requirements of a practical exam for the GIAC Certified Firewall Analysis Certification.
- Possible Points of Failure in the Information Security Environment
- By: Marion Qualls (posted on July 25, 2004)
- The task of designing a secure infrastructure for IIS 5.0 web servers within a DMZ is difficult enough. Securing an existing DMZ becomes exponentially more difficult due to the added requirement of retrofitting those currently working servers with more appropriate security settings, policies and operational procedures while not adversely affecting website or application availability and keep costs to a minimum throughout the process.
- Improving Defense in Depth for NASA's Mission Network
- By: Mary Foote (posted on October 31, 2003)
- This paper discusses the defense building blocks used by NASA which include increasing network capabilities, continued examination of network capabilities, assessment of new technologies and tools, increased security awareness for NASA non-security professionals, and training of the Mission Network security team members.
- Security Education for Users: A Starting Place for Network Administrators
- By: Blou Baker (posted on October 31, 2003)
- This paper provides a simple outline of conducting basic computer security training within organizations.
- Ways To Become An Effective Information Security Professional - From A GIAC Wannabe Perspectives
- By: Asmuni bin Yusof (posted on October 31, 2003)
- This paper will examine the requirements necessary to become an effective Information Security Officer (ISO).
- Pockets of Chaos: Management Theory for the Process of Computer Security
- By: Jason S. Collins (posted on October 31, 2003)
- This paper discusses Computer Security as an ongoing journey, not simply a destination and outlines a flexible security framework that manages "pockets of chaos" to better help organizations achieve their security goals.
- Anti-Virus Strategy in a Public K-12 Educational Environment
- By: Shawn Wyman (posted on October 31, 2003)
- This paper discusses virus protection within a K-12 educational environment
- A Primer on OpenVMS (VMS) Security
- By: Steven Bourdon (posted on October 31, 2003)
- This paper provides an overview of the VMS operating system, security concepts and features, and several recent vulnerabilities affecting VMS.
- Digital Signature and Multiple Signature: Different Cases for Different Purposes
- By: Chafic Maroun Rouhana Moussa (posted on October 31, 2003)
- This paper will discuss digital signatures, how the security properties of integrity, authentication, and non-repudiation are respected and present the purposes of multiple signature schemes.
- Information Security: Managing Risk with Defense in Depth
- By: Kenneth Straub (posted on October 31, 2003)
- This paper provides a detailed overview of risk/risk management & data classification and why we need the Defense in Depth strategy.
Check Them Out!
This was an excellent class that lead us from manual disk operations all the way through some of the newest memory forensics.
-Douglas Couch, Purdue University
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy