Linux Security, Audit and Control Guidance Featured In New Book from Information Systems Audit and Control Association

Rolling Meadows, IL, USA (21 July 2005)—More than 10 years after its debut, Linux has matured from a student hobby to a highly respected platform used by major organizations worldwide. Because of this growing popularity and increased legislation requiring tight controls over IT, the Information Systems Audit and Control Association (ISACA) has issued a new publication with detailed guidance on security, audit and control of Linux.

Linux Security, Audit and Control Features offers practical tools and techniques for addressing Linux vulnerabilities, audit planning, business continuity, disaster recovery and other security and control issues. Security issues related to popular Linux applications, such as Sendmail, Apache, BIND and LDAP, are covered. Also included are sample reports for a Linux security audit and a detailed questionnaire covering physical, operating system, network, user and group, file system and application security.

The publication also describes how to benchmark security of Linux installations against the well-known international standards Control Objectives for Information and related Technology (COBIT) and ISO 17799.

“To help security professionals put this material to use immediately at their companies, we have based many of the recommendations on our own practical experience working with many large and medium enterprises,” said the book’s author, K. K. Mookhey, founder-CTO, Network Intelligence India Pvt Ltd. “Readers are introduced to several types of Linux deployments at a hypothetical organization, XYZ Inc., including gateways, firewalls, web servers, databases and file servers.”

Linux Security, Audit and Control Features is available at the ISACA Bookstore (www.isaca.org/bookstore) for US $50 or as a download for US $30.

About ISACA
With more than 47,000 members who live and work in more than 140 countries, the Information Systems Audit and Control Association® (ISACA®) (www.isaca.org) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal®, develops international information systems auditing and control standards, and administers the globally respected Certified Information Systems Auditorâ„? (CISA®) designation, earned by more than 40,000 professionals since inception, and the Certified Information Security Manager® (CISM®) designation, a groundbreaking credential earned by 5,200 professionals in its first three years.