Site home page
(news and notices)

Get alerts when Linktionary is updated

Book updates and addendums

Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001)

Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free!

Contribute to this site

Electronic licensing info



Security Auditing

Related Entries    Web Links    New/Updated Information

Search Linktionary (powered by FreeFind)

Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.

Security auditing is the practice of evaluating the security of networks and systems. It may be done by professional security consulting and auditing services, or it can be done in-house. Auditing may involve evaluating the security of buildings and equipment locations, running background checks on people, evaluating work processes, monitoring systems, scanning computers for security weaknesses, and running intrusion detection systems that can signal possible break-ins.

This topic continues in "The Encyclopedia of Networking and Telecommunications" with a discussion of the following:

  • Security consulting and auditing services, the third-party perspective
  • The security auditor
  • Security Auditing Tools
  • Scanners
  • IDS (intrusion detection systems)
  • Standards for evaluating security
  • U.S. National Institute of Standards and Technology (NIST)
  • FIPS (Federal Information Processing Standards)
  • Orange Book-- the TCSEC (Trusted Computer System Evaluation Criteria) standard
  • The ISO's Common Criteria, the current standard

The following Web sites provide more information:

Common Criteria official Web site

ISO Common Criteria Information

Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia.
All rights reserved under Pan American and International copyright conventions.