Episode IV: Risk and vulnerability assessment and threat detection

In the last episode, a policy was decreed and signed by the King. Armed with this important document, our noble administrators set off on the task of assessing the landscape to prioritize their efforts.

They took inventory and classified the kingdom's assets. They identified gaps in the infrastructure, threats and potential targets of the malfeasants. The policy of the King and the edicts of the highest of high were consulted. Valuations were placed on the assets; the costs of safeguards were estimated.

It was clear: The noble administrators would need weapons, but they would also need to be trained in the art of defense. For, as sophisticated and knowledgeable as they were in their own right, this new realm required they be masters at defending terabytes as sure as the Knights of the Royal Guard were masters in defending terra firma.

It came to pass that they were trained, purchased advanced tools and were invited to the castle on the eve of the attack of the evil enumerators. The noblepersons knelt before the King and by virtue of His Majesty's imperial resound, were conferred Knights of the Order of Countermeasures.

Dame Day (they called her "D-Day") was responsible for all firewall configurations and remote-access technologies including PPP, VPN and OU812. D-Day was dedicated to stopping the dastardly defilers "right here, right now."

D-Day worked closely with Sir Sniffalot, who took the lead on intrusion detection, prevention and audit log analyses.

    Requires Free Membership to View

Armed with a steady supply of Sudafed, Sir Sniffalot was always on his toes.

Sir Pokeahole was the chief penetration tester and chair of the incident-response committee. Sir Jack was to institute the user education and awareness program and Dame Domaine administered ACLs, configuration and patch management and hunted rogue wireless access points on the weekends.

Whilst acting on the personal request of the King to improve upon his daughter's memory, Dame Domaine discovered an insidious uninvited alteration of Princess Bloomie's registry. It was apparent that the nefarious ne'er-do-wells negotiated not with the slightest deference to royalty, and that they would stop at nothing.

About the author
Bill Kirkendale, CISSP, has been an IT professional for fourteen years and is a former United States Marine.

Last episode: His Majesty issues a new decree (and gets a new robe)
Next episode: To be enumerated or fumigated: That is the question

This was first published in April 2004

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.