(Ebook) Auditing and Security: AS/400, NT, UNIX, Networks, and Disaster Recovery Plans by Yusufali F. Musaji ISBN 9780471383710, 0471383716

(Ebook) Auditing and Security: AS/400, NT, UNIX, Networks, and Disaster Recovery Plans by Yusufali F. Musaji ISBN 9780471383710, 0471383716

As an experienced Technology Auditor, I picked up this book to brush up on some of the considerations involved in auditing UNIX systems. After reading through most of the section on UNIX, I couldnt help but think that this book was written without considering the intended audience. Generally speaking, an IT Auditor has to be a jack-of-all-trades when it comes to systems, because it is extremely difficult to find a company that uses ONLY Unix, or ONLY Windows, or ONLY Linux. As a result, the IT Auditor has to know enough about each system to navigate through, but is not necessarily an expert in any of them. This book seems to be written for a security administrator, assuming that the reader knows the details of every command the system has to offer and offering little or no explanation as to what the command does. Convincing a system administrator to run a command that you, as the auditor, do not understand is potentially disasterous. Beyond that, typos and spelling errors within the commands (ex: using "is -1" instead of "ls -l" or "chcl" instead of "chacl"), are simply inexcusable for what they are charging for this book.