Introduction to the IEM; Before You Start Evaluating; Setting Expectations; Scoping the Evaluation; Legal Planning Chapter; The Technical Evaluation Plan (TEP); Starting your On-Site Efforts; Enumeration Activities; Collecting the majority of vulnerabilities; Fine Tuning the Evaluation; On-Site Closing Meeting; Evaluation Analysis; Creating Measurements and Trending Results; Trending Metrics Chapter; Final Reporting Chapter; IEM Summary; Appendix A: Table of example tools for each of the 10 baseline activities; Appendix B: Sample TEP layout
Russ Rogers (CISSP, CISM, IAM, IEM, Hon. Sc.D.), author of the popular "Hacking a Terror Network: The Silent Threat of Covert Channels" (Syngress, ISBN: 978-1-928994-98-5), co-author of multiple books, including the best-selling "Stealing the Network: How to Own a Continent" (Syngress, ISBN: 978-1-931836-05-0) and "Network Security Evaluation Using the NSA IEM" (Syngress, ISBN: 978-1-59749-035-1), and former editor-in-chief of The Security Journal, is currently a penetration tester for a federal agency and the co-founder and chief executive officer of Peak Security, Inc., a veteran-owned small business based in Colorado Springs, CO. Russ has been involved in information technology since 1980 and has spent the past 20 years working as both an IT and InfoSec consultant. Russ has worked with the U.S. Air Force (USAF), National Security Agency (NSA), Defense Information Systems Agency (DISA), and other federal agencies. He is a globally renowned security expert, speaker, and author who has presented at conferences around the world in Amsterdam, Tokyo, Singapore, Sao Paulo, Abu Dhabi, and cities all over the United States. Russ has an honorary doctorate of science in information technology from the University of Advancing Technology, a master's degree in computer systems management from the University of Maryland, a bachelor of science degree in computer information systems from the University of Maryland, and an associate's degree in applied communications technology from the Community College of the Air Force. He is a member of ISSA and (ISC)2(r) (CISSP). Russ also teaches at and fills the role of professor of network security for the University of Advancing Technology (www.uat.edu). Greg Miles,(Ph.D., CISSP#24431, CISM#0300338, IAM, IEM)is the President, and Chief Financial Officer of Security Horizon, Inc. Security Horizon is a Global, Veteran-Owned Small Business headquartered in Colorado Springs, Colorado.