Original PDF Principles of Information Security 6th by Michael e Whitman PDF

(Original PDF) Principles of Information
Security 6th by Michael E. Whitman

Visit to download the full and correct content document:
https://ebooksecure.com/download/original-pdf-principles-of-information-security-6th-
by-michael-e-whitman/
Table of Contents vii
CHAPTER 6
Security Technology: Access Controls, Firewalls, and VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
Protecting Remote Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Selected Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
Review Questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Case Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Endnotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383
CHAPTER 7
Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools . . . . . 385
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Intrusion Detection and Prevention Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Honeypots, Honeynets, and Padded Cell Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
Scanning and Analysis Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428
Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445
Case Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445
Endnotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
CHAPTER 8
Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450
Foundations of Cryptology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451
Cipher Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
Cryptographic Algorithms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
Cryptographic Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Protocols for Secure Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483
Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
Case Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497
Endnotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
CHAPTER 9
Physical Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503
Physical Access Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504
Fire Security and Safety . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514
Failure of Supporting Utilities and Structural Collapse. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519
Interception of Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526
Securing Mobile and Portable Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527
Special Considerations for Physical Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531
viii Table of Contents

Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
Case Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535
Endnotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535
CHAPTER 10
Implementing Information Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539
Information Security Project Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539
Technical Aspects of Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550
Nontechnical Aspects of Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 557
Information Systems Security Certification and Accreditation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559
Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 573
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576
Case Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576
Endnotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577
CHAPTER 11
Security and Personnel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 580
Positioning and Staffing the Security Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581
Credentials for Information Security Professionals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594
Employment Policies and Practices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608
Security Considerations for Temporary Employees, Consultants, and Other Workers. . . . . . . . . . . . . . . . . . . 614
Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 622
Case Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 622
Endnotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623
CHAPTER 12
Information Security Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628
Security Management Maintenance Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629
Digital Forensics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 677
Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 687
Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 689
Case Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 689
Endnotes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691
GLOSSARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 693
INDEX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 711
Preface
As global networks expand, the interconnection of the world’s information systems

and devices of every description becomes vital, as does the smooth operation of communica-
tion, computing, and automation solutions. However, ever-evolving threats such as malware
and phishing attacks and the success of criminal attackers illustrate the weaknesses in cur-
rent information technologies and the need to provide heightened security for these systems.
When attempting to secure current and planned systems and networks, organizations must
draw on the current pool of information security practitioners. However, to develop more
secure computing environments in the future, these same organizations are counting on the
next generation of professionals to have the correct mix of skills and experience to antici-
pate and manage the complex information security issues that will arise. Thus, improved
texts with supporting materials, along with the efforts of college and university faculty, are
needed to prepare students of technology to recognize the threats and vulnerabilities in exist-
ing systems and to learn to design and develop the secure systems needed.
The purpose of Principles of Information Security, Sixth Edition, is to continue to meet the
need for a current, high-quality academic textbook that surveys the breadth of the informa-
tion security discipline. Even today, there remains a lack of textbooks that provide students
with a balanced introduction to the managerial and technical aspects of information secu-
rity. By creating a book specifically focused on the information security common body of
knowledge, we hope to close this gap. Further, there is a clear need to include principles
from criminal justice, political science, computer science, information systems, and other
related disciplines to gain a clear understanding of information security principles and
ix
x Preface
formulate interdisciplinary solutions for systems vulnerabilities. The essential tenet of

this textbook is that information security in the modern organization is a problem for
management to solve, and not one that technology alone can address. In other words, an
organization’s information security has important economic consequences for which man-
agement will be held accountable.
Approach
Principles of Information Security, Sixth Edition, provides a broad review of the entire field of
information security, background on many related elements, and enough detail to facilitate an
understanding of the topic as a whole. The book covers the terminology of the field, the his-
tory of the discipline, and strategies for managing an information security program.
Structure and Chapter Descriptions

Principles of Information Security, Sixth Edition, is structured to follow an approach that
moves from the strategic aspects of information security to the operational—beginning with
the external impetus for information security, moving through the organization’s governance,
risk management, and regulatory compliance strategic approaches, and continuing with the
technical and operational implementation of security in the organization. This textbook’s use
of this approach is intended to provide a supportive but not overly dominant foundation that
will guide instructors and students through the information domains of information security.
To serve this end, the book is organized into 12 chapters.
Chapter 1—Introduction to Information Security

The opening chapter establishes the foundation for understanding the broader field of infor-
mation security. This is accomplished by defining key terms, explaining essential concepts,
and reviewing the origins of the field and its impact on the understanding of information
security.
Chapter 2—The Need for Security

Chapter 2 examines the business drivers behind the design process of information security
analysis. It examines current organizational and technological security needs while emphasiz-
ing and building on the concepts presented in Chapter 1. One principal concept presented in
this chapter is that information security is primarily a management issue rather than a tech-
nological one. To put it another way, the best practices within the field of information secu-
rity involve applying technology only after considering the business needs.
The chapter also examines the various threats facing organizations and presents methods for
ranking and prioritizing these threats as organizations begin their security planning process.
The chapter continues with a detailed examination of the types of attacks that could result
from these threats, and how these attacks could affect the organization’s information systems.
Chapter 2 also provides further discussion of the key principles of information security, some
of which were introduced in Chapter 1: confidentiality, integrity, availability, authentication
and identification, authorization, accountability, and privacy.
Preface xi
Chapter 3—Legal, Ethical, and Professional Issues in

Information Security
A critical aspect of the field is the inclusion of a careful examination of current legislation,
regulation, and common ethical expectations of both national and international entities that
provides important insights into the regulatory constraints that govern business. This chapter
examines several key laws that shape the field of information security and examines the com-
puter ethics to which those who implement security must adhere. This chapter also presents
several common legal and ethical issues found in today’s organizations, as well as formal
and professional organizations that promote ethics and legal responsibility.
Chapter 4—Planning for Security

This chapter presents a number of widely accepted security models and frameworks. It exam-
ines best business practices and standards of due care and due diligence, and offers an over-
view of the development of security policy. This chapter details the major components, scope,
and target audience for each level of security policy. This chapter also explains data classifi-
cation schemes, both military and private, as well as the security education training and
awareness (SETA) program. The chapter examines the planning process that supports busi-
ness continuity, disaster recovery, and incident response; it also describes the organization’s
role during incidents and specifies when the organization should involve outside law enforce-
ment agencies.
Chapter 5—Risk Management

Before the design of a new information security solution can begin, information security ana-
lysts must first understand the current state of the organization and its relationship to infor-
mation security. Does the organization have any formal information security mechanisms in
place? How effective are they? What policies and procedures have been published and dis-
tributed to security managers and end users? This chapter describes how to conduct a funda-
mental information security assessment by describing procedures for identifying and prioritiz-
ing threats and assets as well as procedures for identifying what controls are in place to
protect these assets from threats. The chapter also discusses the various types of control
mechanisms and identifies the steps involved in performing the initial risk assessment. The
chapter continues by defining risk management as the process of identifying, assessing, and
reducing risk to an acceptable level and implementing effective control measures to maintain
that level of risk. Chapter 5 concludes with a discussion of risk analysis and various types of
feasibility analyses.
Chapter 6—Security Technology: Access Controls,

Firewalls, and VPNs
Chapter 6 provides a detailed overview of the configuration and use of technologies designed
to segregate the organization’s systems from the insecure Internet. This chapter examines the
various definitions and categorizations of firewall technologies and the architectures under
which firewalls may be deployed. The chapter discusses the rules and guidelines associated
with the proper configuration and use of firewalls. Chapter 6 also discusses remote dial-up
services and the security precautions necessary to secure access points for organizations still
xii Preface
deploying this older technology. The chapter continues by presenting content filtering capa-
bilities and considerations, and concludes by examining technologies designed to provide
remote access to authorized users through virtual private networks.
Chapter 7—Security Technology: Intrusion Detection and

Prevention Systems, and Other Security Tools
Chapter 7 continues the discussion of security technologies by examining the concept of
intrusion and the technologies necessary to prevent, detect, react, and recover from intru-
sions. Specific types of intrusion detection and prevention systems (IDPSs)—the host IDPS,
network IDPS, and application IDPS—and their respective configurations and uses are pre-
sented and discussed. The chapter examines specialized detection technologies that are
designed to entice attackers into decoy systems (and thus away from critical systems) or sim-
ply to identify the attackers’ entry into these decoy areas. Such systems are known as honey-
pots, honeynets, and padded cell systems. The discussion also examines trace-back systems,
which are designed to track down the true address of attackers who were lured into decoy
systems. The chapter then examines key security tools that information security professionals
can use to examine the current state of their organization’s systems and identify potential vul-
nerabilities or weaknesses in the organization’s overall security posture. Chapter 7 concludes
with a discussion of access control devices commonly deployed by modern operating systems
and new technologies in the area of biometrics that can provide strong authentication to
existing implementations.
Chapter 8—Cryptography
Chapter 8 continues the section on security technologies by describing the underlying founda-
tions of modern cryptosystems as well as their architectures and implementations. The chap-
ter begins by summarizing the history of modern cryptography and discussing the various
types of ciphers that played key roles in that history. The chapter also examines some of the
mathematical techniques that comprise cryptosystems, including hash functions. The chapter
then extends this discussion by comparing traditional symmetric encryption systems with
more modern asymmetric encryption systems and examining the role of asymmetric systems
as the foundation of public-key encryption systems. Also covered are the cryptography-
based protocols used in secure communications, including S-HTTP, S/MIME, SET, and SSH.
The chapter then discusses steganography and its emerging role as an effective means of hid-
ing information. Chapter 8 concludes by revisiting attacks on information security that are
specifically targeted at cryptosystems.
Chapter 9—Physical Security

A vital part of any information security process, physical security includes the management
of physical facilities, the implementation of physical access control, and the oversight of envi-
ronmental controls. Physical security involves a wide range of special considerations that
encompass designing a secure data center, assessing the relative value of guards and watch-
dogs, and resolving technical issues in fire suppression and power conditioning. Chapter 9
examines these considerations by factoring in the physical security threats that modern orga-
nizations face.
Preface xiii
Chapter 10—Implementing Information Security

The preceding chapters provide guidelines for how an organization might design its informa-
tion security program. Chapter 10 examines the elements critical to implementing this design.
Key areas in this chapter include the bull’s-eye model for implementing information security
and a discussion of whether an organization should outsource components of its information
security program. The chapter also discusses change management, program improvement,
and additional planning for business continuity efforts.
Chapter 11—Security and Personnel

The next area in the implementation stage addresses personnel issues. Chapter 11 examines
both sides of the personnel coin: security personnel and security of personnel. It examines
staffing issues, professional security credentials, and the implementation of employment poli-
cies and practices. The chapter also discusses how information security policy affects and is
affected by consultants, temporary workers, and outside business partners.
Chapter 12—Information Security Maintenance

Last and most important is the discussion of maintenance and change. Chapter 12 describes
the ongoing technical and administrative evaluation of the information security program that
an organization must perform to maintain the security of its information systems. This chap-
ter explores the controlled administration of changes to modern information systems to pre-
vent the introduction of new security vulnerabilities. Special considerations needed for the
varieties of vulnerability analysis in modern organizations are explored, from Internet pene-
tration testing to wireless network risk assessment. The chapter and the book conclude by
covering the subject of digital forensics.
Features
Here are some features of the book’s approach to information security:
Information Security Professionals’ Common Bodies of Knowledge—Because the authors hold
both the Certified Information Security Manager (CISM) and Certified Information Systems
Security Professional (CISSP) credentials, those knowledge domains have had an influence in
the design of the text. Although care was taken to avoid producing a certification study
guide, the authors’ backgrounds ensure that the book’s treatment of information security inte-
grates the CISM and CISSP Common Bodies of Knowledge (CBKs).
Chapter Scenarios—Each chapter opens and closes with a short story that features the same
fictional company as it encounters information security issues commonly found in real-life
organizations. At the end of each chapter, a set of discussion questions provides students and
instructors with opportunities to discuss the issues suggested by the story as well as offering
an opportunity to explore the ethical dimensions of those issues.
Clearly Defined Key Terms Boxes—At the start of every major section, the key terms for that
section are listed and defined. While the terms are referenced in the body of the text, the isola-
tion of the definitions from the discussion allows a smoother presentation of the key terms
and supports their standardization throughout all Whitman and Mattord books.
xiv Preface
Offline and Technical Details Boxes—Interspersed throughout the textbook, these sections
highlight interesting topics and detailed technical issues, giving students the option of delving
into information security topics more deeply.
Hands-On Learning—At the end of each chapter, students will find a chapter summary and
review questions as well as exercises. In the exercises, students are asked to research, analyze,
and write responses to reinforce learning objectives, deepen their understanding of the text,
and examine the information security arena outside the classroom.
New to This Edition

● Coverage of the newest laws and industry trends
● Increased visibility for terminology used in the industry through Key Terms text boxes
and integration of this terminology across the Whitman and Mattord textbook series
● Updated and additional “For More Information” callouts that provide Web locations
where students can find more information about the subject covered
Instructor Resources
MindTap
MindTap® activities for Whitman and Mattord’s Principles of Information Security, Sixth
Edition, are designed to help students master the skills they need in today’s workforce.
Research shows employers need critical thinkers, troubleshooters, and creative problem-
solvers to stay relevant in our fast-paced, technology-driven world. MindTap helps you
achieve this with assignments and activities that provide hands-on practice, real-life relevance,
and mastery of difficult concepts. Students are guided through assignments that progress
from basic knowledge and understanding to more challenging problems.
All MindTap activities and assignments are tied to learning objectives. The hands-on exer-
cises provide real-life application and practice. Readings and “Whiteboard Shorts” support
the lecture, while “In the News” assignments encourage students to stay current. Pre- and
post-course assessments allow you to measure how much students have learned using analyt-
ics and reporting that makes it easy to see where the class stands in terms of progress,
engagement, and completion rates. Use the content and learning path as is, or pick and
choose how our material will wrap around yours. You control what the students see and
when they see it. Learn more at www.cengage.com/mindtap/.
Instructor Companion Site

Free to all instructors who adopt Principles of Information Security, Sixth Edition, for their
courses is a complete package of instructor resources. These resources are available from the
Cengage Web site, www.cengagebrain.com. Go to the product page for this book in the
online catalog and choose “Instructor Downloads.”
Preface xv
Resources include:
● Instructor’s Manual: This manual includes course objectives and additional informa-
tion to help your instruction.
● Cengage Testing Powered by Cognero: A flexible, online system that allows you to
import, edit, and manipulate content from the text’s test bank or elsewhere, including
your own favorite test questions; create multiple test versions in an instant; and deliver
tests from your LMS, your classroom, or wherever you want.
● PowerPoint Presentations: A set of Microsoft PowerPoint slides is included for each
chapter. These slides are meant to be used as a teaching aid for classroom presenta-
tions, to be made available to students for chapter review, or to be printed for class-
room distribution. Some tables and figures are included in the PowerPoint slides; how-
ever, all are available in the online instructor resources. Instructors are also at liberty
to add their own slides.
● Lab Manual: Cengage has produced a lab manual (Hands-On Information Security
Lab Manual, Fourth Edition) written by the authors that can be used to provide tech-
nical experiential exercises in conjunction with this book. Contact your Cengage
learning consultant for more information.
● Readings and Cases: Cengage also produced two texts—Readings and Cases in the
Management of Information Security (ISBN-13: 9780619216276) and Readings &
Cases in Information Security: Law & Ethics (ISBN-13: 9781435441576)—by the
authors, which make excellent companion texts. Contact your Cengage learning con-
sultant for more information.
● Curriculum Model for Programs of Study in Information Security: In addition to the
texts authored by this team, a curriculum model for programs of study in Information
Security and Assurance is available from the Kennesaw State University Center for
Information Security Education (http://infosec.kennesaw.edu). This document provides
details on designing and implementing security coursework and curricula in academic
institutions, as well as guidance and lessons learned from the authors’ perspective.
Author Team
Michael Whitman and Herbert Mattord have jointly developed this text to merge knowledge
from the world of academic study with practical experience from the business world.
Michael E. Whitman, Ph.D., CISM, CISSP is a Professor of Information Security and Assur-
ance in the Information Systems Department, Michael J. Coles College of Business at Kennesaw
State University, Kennesaw, Georgia, where he is also the Executive Director of the KSU Center
for Information Security Education (infosec.kennesaw.edu). Dr. Whitman is an active researcher
in Information Security, Fair and Responsible Use Policies, Ethical Computing, and Curriculum
Development Methodologies. He currently teaches graduate and undergraduate courses in Infor-
mation Security Management. He has published articles in the top journals in his field, including
Information Systems Research, Communications of the ACM, Information and Management,
Journal of International Business Studies, and Journal of Computer Information Systems. Dr.
Whitman is also the Co-Editor-in-Chief of the Journal of Cybersecurity Education, Research
and Practice. He is a member of the Information Systems Security Association, the Association
xvi Preface
for Computing Machinery, and the Association for Information Systems. Dr. Whitman is also
the co-author of Management of Information Security, Principles of Incident Response and
Disaster Recovery, Readings and Cases in the Management of Information Security, The Guide
to Firewalls and VPNs, The Guide to Network Security, and The Hands-On Information Secu-
rity Lab Manual, among others, all published by Cengage. Prior to his career in academia, Dr.
Whitman was an Armored Cavalry Officer in the United States Army, which included duties as
Automated Data Processing Systems Security Officer (ADPSSO).
Herbert J. Mattord, Ph.D., CISM, CISSP completed 24 years of IT industry experience as an
application developer, database administrator, project manager, and information security
practitioner before joining the faculty of Kennesaw State University in 2002. Dr. Mattord is
the Assistant Chair of the Information Systems Department and the Associate Director of the
KSU Center for Information Security Education and Awareness (infosec.kennesaw.edu).
Dr. Mattord is also the Co-Editor-in-Chief of the Journal of Cybersecurity Education,
Research and Practice. During his career as an IT practitioner, he has been an adjunct profes-
sor at Kennesaw State University, Southern Polytechnic State University in Marietta, Georgia,
Austin Community College in Austin, Texas, and Texas State University: San Marcos. He cur-
rently teaches undergraduate courses in Information Security. He was formerly the Manager
of Corporate Information Technology Security at Georgia-Pacific Corporation, where much
of the practical knowledge found in this textbook was acquired. Dr. Mattord is also the co-
author of Management of Information Security, Principles of Incident Response and Disaster
Recovery, Readings and Cases in the Management of Information Security, The Guide to
Firewalls and VPNs, The Guide to Network Security, and The Hands-On Information Secu-
rity Lab Manual, among others, all published by Cengage.
Acknowledgments
The authors would like to thank their families for their support and understanding for the many
hours dedicated to this project—hours taken away, in many cases, from family activities.
Contributors
Several people and organizations also provided materials for this textbook, and we thank
them for their contributions:
● The National Institute of Standards and Technology (NIST) is the source of many
references, tables, figures, and other content used in many places in the textbook.
Reviewers
● We are indebted to Paul Witman, California Lutheran University, for his perceptive
feedback during the chapter-by-chapter reviews of the text.
Special Thanks
The authors wish to thank the editorial and production teams at Cengage. Their diligent and
professional efforts greatly enhanced the final product:
● Natalie Pashoukos, Senior Content Developer
● Dan Seiter, Development Editor
Preface xvii
● Kristin McNary, Product Team Manager

● Amy Savino, Associate Product Manager
● Brooke Baker, Senior Content Project Manager
In addition, several professional organizations, commercial organizations, and individuals
aided the development of the textbook by providing information and inspiration. The
authors wish to acknowledge their contributions:
● Dave Lineman
● Donn Parker
● Our colleagues in the Department of Information Systems and the Coles College of
Business at Kennesaw State University
Our Commitment
The authors are committed to serving the needs of adopters and readers of this book. We
would be pleased and honored to receive feedback on the textbook and its supporting mate-
rials. You can contact us at infosec@kennesaw.edu.
Foreword
Information security is an art more than a science, and the mastery of protecting information
requires multidisciplinary knowledge of a huge quantity of information plus experience and
skill. You will find much of what you need here in this book as the authors take you through
the security systems development life cycle using real-life scenarios to introduce each topic.
The authors provide their perspective from many years of real-life experience, combined with
their academic approach for a rich learning experience expertly presented in this book. You
have chosen the authors and the book well.
Since you are reading this book, you are most likely working toward a career in information
security or at least have serious interest in information security. You must anticipate that just
about everybody hates the constraints that security puts on their work. This includes both the
good guys and the bad guys—except for malicious hackers who love the security we install as
a challenge to be beaten. We concentrate on stopping the intentional wrongdoers because it
applies to stopping the accidental ones as well. Security to protect against accidental wrong-
doers is not good enough against those with intent.
I have spent 40 years of my life in a field that I found to be exciting and rewarding, working
with computers and pitting my wits against malicious people, and you will too. Security con-
trols and practices include logging on and off, using passwords, encrypting and backing up
vital information, locking doors and drawers, motivating stakeholders to support security,
and installing antivirus software. These means of protection have no benefit except rarely,
when adversities occur. Good security is in effect when nothing bad happens, and when noth-
ing bad happens, who needs security? Nowadays, in addition to loss experience, we need it
because the law, regulations, and auditors say so—especially if we deal with the personal
information of others, electronic money, intellectual property, and keeping ahead of the
competition.
xviii Preface
There is great satisfaction in knowing that your employer’s information and systems are rea-
sonably secure and that you are paid a good salary, are the center of attention in emergencies,
and are applying your wits against the bad guys. This makes up for the downside of your
security work. It is no job for perfectionists because you will almost never be fully successful,
and there will always be vulnerabilities that you aren’t aware of or that the bad guys discover
first. Our enemies have a great advantage over us. They have to find only one vulnerability
and one target to attack in a known place, electronically or physically at a time of their choos-
ing, while we must defend from potentially millions of attacks against assets and vulnerabil-
ities that are no longer in one computer room but are spread all over the world. It’s like play-
ing a game in which you don’t know your opponents and where they are, what they are
doing, or why they are doing it, and they are secretly changing the rules as they play. You
must be highly ethical, defensive, secretive, and cautious. Bragging about the great security
you are employing might tip off the enemy. Enjoy the few successes that you experience, for
you will not even know about some of them.
There is a story that describes the kind of war you are entering into. A small country inducted
a young man into its ill-equipped army. The army had no guns, so it issued a broom to the
new recruit for training purposes. In basic training, the young man asked, “What do I do
with this broom?”
The instructor took him to the rifle range and told him to pretend the broom is a gun, aim it
at the target, and say, “Bang, bang, bang.” He did that. Then the instructor took him to bay-
onet practice, and the recruit said, “What do I do with this broom?”
The instructor said, “Pretend it is a gun with a bayonet and say, ‘Stab, stab, stab.’”
The recruit did that as well. Then the war started and the army still didn’t have guns; the young
man found himself on the front line with enemy soldiers running toward him across a field. All he
had was his trusty broom, so he could only do what he was trained to do. He aimed the broom at
the enemy soldiers and said, “Bang, bang, bang.” Some of the enemy soldiers fell down, but many
kept coming. Some got so close that he had to say “Stab, stab, stab,” and more enemy soldiers fell
down. However, there was one stubborn enemy soldier (there always is in these stories) running
toward him. The recruit said, “Bang, bang, bang,” but to no effect. The enemy continued to get
closer and the recruit said, “Stab, stab, stab,” but it still had no effect. In fact, the enemy soldier
ran right over the recruit, broke his broom in half, and left him lying in the dirt. As the enemy sol-
dier ran by, the recruit heard him muttering under his breath, “Tank, tank, tank.”
I tell this story at the end of my many lectures on computer crime and security to impress on
my audience that if you are going to win against crime, you must know the rules, and it is the
criminals who are making up their own secret rules as they go along. This makes winning
very difficult.
When I was lecturing in Rio de Janeiro, a young woman performed simultaneous translation
into Portuguese for my audience of several hundred people, all with earphones clapped over
their ears. In such situations, I have no idea what my audience is hearing, and after telling
my joke nobody laughed. They just sat there with puzzled looks on their faces. After the lec-
ture, I asked the translator what had happened. She had translated “tank, tank, tank” into
“water tank, water tank, water tank.” I and the recruit were both deceived that time.
Three weeks later, I was lecturing to an audience of French bankers at the George V Hotel in
Paris. I had a bilingual friend listen to the translation of my talk. The same thing happened as
Preface xix
in Rio. Nobody laughed. Afterwards, I asked my friend what had happened. He said, “You
will never believe this, but the translator translated ‘tank, tank, tank’ into ‘merci, merci, merci’
(thanks).” Even in telling the joke, like the recruit, I didn’t know the rules to the game.
Remember that when working in security, you are in a virtual army defending your employer
and stakeholders from their enemies. From your point of view, the enemies will probably
think and act irrationally, but from their perspective they are perfectly rational, with serious
personal problems to solve and gains to be made by violating your security. You are no lon-
ger just a techie with the challenging job of installing technological controls in systems and
networks. Most of your work should be in assisting potential victims to protect themselves
from information adversities and dealing with your smart but often irrational enemies, even
though you rarely see or even identify them. I spent a major part of my security career hunt-
ing down computer criminals and interviewing them and their victims, trying to obtain
insights to do a better job of defending from their attacks. Likewise, you should use every
opportunity to seek them out and get to know them. This experience gives you great cachet
as a real and unique expert, even with minimal exposure to only a few enemies.
Comprehensiveness is an important part of the game you play for real stakes because the
enemy will likely seek the easiest way to attack vulnerabilities and assets that you haven’t
fully protected yet or even know exist. For example, a threat that is rarely found on threat
lists is endangerment of assets—putting information assets in harm’s way. Endangerment is
also one of the most common violations by security professionals when they reveal too much
about their security and loss experience.
You must be thorough and meticulous and document everything pertinent, in case your com-
petence is questioned and to meet the requirements of the Sarbanes-Oxley Law. Keep your
documents safely locked away. Documentation is important so that when an adversity hits
and you lose the game, you will have proof of being diligent in spite of the loss. Otherwise,
your career could be damaged, or at least your effectiveness will be diminished. For example,
if the loss occurred because management failed to give you an adequate budget and support
for security you knew you required, you need to have documented that failure before the inci-
dent occurred. Don’t brag about how great your security is, because it can always be beaten.
Keep and expand checklists for everything: threats, vulnerabilities, assets, key potential vic-
tims, suspects of wrongdoing, security supporters and nonsupporters, attacks, enemies, crimi-
nal justice resources, auditors, regulators, and legal counsel. To assist your stakeholders, who
are the front-line defenders of their information and systems, identify what they must protect
and know the real extent of their security. Make sure that upper management and other peo-
ple to whom you report understand the nature of your job and its limitations.
Use the best possible security practices yourself to set a good example. You will have a huge
collection of sensitive passwords to do your job. Write them down, and keep the list safely in
your wallet next to your credit card. Know as much as possible about the systems and net-
works in your organization and have access to experts who know the rest. Make good friends
of local and national criminal justice officials, your organization’s lawyers, insurance risk
managers, human resources people, facilities managers, and auditors. Audits are one of the
most powerful controls your organization has. Remember that people hate security and must
be properly motivated by penalties and rewards to make it work. Seek ways to make security
invisible or transparent to stakeholders while keeping it effective. Don’t recommend or install
controls or practices that stakeholders won’t support, because they will beat you every time by
xx Preface
making it look like the controls are effective when they are not—a situation worse than no
security at all.
One of the most exciting parts of the job is the insight you gain about the inner workings and
secrets of your organization, its business, and its culture. As an information security consul-
tant, I was privileged to learn about the culture and secrets of more than 250 of the largest
corporations throughout the world. I had the opportunity to interview and advise the most
powerful business executives, if only for a few minutes of their valuable time. You should
always be ready with a “silver bullet” to use in your short time with top management for the
greatest benefit of enterprise security. Carefully learn the limits of management’s security
appetites. Know the nature of the business, whether it is a government department or a hotly
competitive business. I once found myself in a meeting with a board of directors intensely dis-
cussing the protection of their greatest trade secret, the manufacturing process of their new
disposable diapers.
Finally, we come to the last important bit of advice. Be trustworthy and develop mutual trust
among your peers. Your most important objectives are not just risk reduction and increased
security. They also include diligence to avoid negligence and endangerment, compliance with
all of the laws and standards, and enablement when security becomes a competitive or budget
issue. To achieve these objectives, you must develop a trusting exchange of the most sensitive
security intelligence among your peers so you’ll know where your organization stands relative
to other enterprises. But be discreet and careful about it. You need to know the generally
accepted and current security solutions. If the information you exchange is exposed, it could
ruin your career and others, and could create a disaster for your organization. Your personal
and ethical performance must be spotless, and you must protect your reputation at all costs.
Pay particular attention to the ethics section of this book. I recommend that you join the
Information Systems Security Association, become active in it, and become professionally
certified as soon as you are qualified. My favorite certification is the Certified Information
Systems Security Professional (CISSP) from the International Information Systems Security
Certification Consortium.
Donn B. Parker, CISSP Retired

Los Altos, California
chapter 1
Introduction to Information Security
Do not figure on opponents not attacking; worry about your own lack
of preparation.
BOOK OF THE FIVE RINGS
For Amy, the day began like any other at the Sequential Label and Supply Company
(SLS) help desk. Taking calls and helping office workers with computer problems was not
glamorous, but she enjoyed the work; it was challenging and paid well enough. Some of her
friends in the industry worked at bigger companies, some at cutting-edge tech companies, but
they all agreed that jobs in information technology were a good way to pay the bills.
The phone rang, as it did about four times an hour. The first call of the day, from a worried
user hoping Amy could help him out of a jam, seemed typical. The call display on her monitor
showed some of the facts: the user’s name, his phone number and department, where his
office was on the company campus, and a list of his past calls to the help desk.
“Hi, Bob,” she said. “Did you get that document formatting problem squared away?”
“Sure did, Amy. Hope we can figure out what’s going on this time.”
“We’ll try, Bob. Tell me about it.”
“Well, my PC is acting weird,” Bob said. “When I go to the screen that has my e-mail pro-
gram running, it doesn’t respond to the mouse or the keyboard.”
1
2 Chapter 1
“Did you try a reboot yet?”

“Sure did. But the window wouldn’t close, and I had to turn my PC off. After it restarted, I
opened the e-mail program, and it’s just like it was before—no response at all. The other
stuff is working OK, but really, really slowly. Even my Internet browser is sluggish.”
“OK, Bob. We’ve tried the usual stuff we can do over the phone. Let me open a case, and I’ll
dispatch a tech over as soon as possible.”
Amy looked up at the help desk ticket status monitor on the wall at the end of the room. She
saw that only two technicians were dispatched to user support at the moment, and since it
was the day shift, four technicians were available. “Shouldn’t be long at all, Bob.”
She hung up and typed her notes into the company’s trouble ticket tracking system. She
assigned the newly generated case to the user dispatch queue, which would page the roving
user support technician with the details in a few minutes.
A moment later, Amy looked up to see Charlie Moody, the senior manager of the server
administration team, walking briskly down the hall. He was being trailed by three of his
senior technicians as he made a beeline from his office to the room where the company servers
were kept in a carefully controlled environment. They all looked worried.
Just then, Amy’s screen beeped to alert her of a new e-mail. She glanced down. The screen
beeped again—and again. It started beeping constantly. She clicked the envelope icon and,
after a short delay, the mail window opened. She had 47 new e-mails in her inbox. She opened
one from Davey Martinez in the Accounting Department. The subject line said, “Wait till you
see this.” The message body read, “Funniest joke you’ll see today.” Davey often sent her inter-
esting and funny e-mails, and she clicked the file attachment icon to open the latest joke.
After that click, her PC showed the hourglass pointer icon for a second and then the normal
pointer reappeared. Nothing happened. She clicked the next e-mail message in the queue.
Nothing happened. Her phone rang again. She clicked the icon on her computer desktop to
activate the call management software and activated her headset. “Hello, Help Desk, how
can I help you?” She couldn’t greet the caller by name because her computer had not
responded.
“Hello, this is Erin Williams in Receiving.”
Amy glanced down at her screen. Still no tracking system. She glanced up to the tally board
and was surprised to see the inbound-call counter tallying up waiting calls like digits on a
stopwatch. Amy had never seen so many calls come in at one time.
“Hi, Erin,” Amy said. “What’s up?”
“Nothing,” Erin answered. “That’s the problem.” The rest of the call was a replay of Bob’s,
except that Amy had to jot notes down on a legal pad. She couldn’t dispatch the user support
team either. She looked at the ticket status monitor again. It had gone dark. No numbers at all.
Then she saw Charlie running down the hall from the server room. His expression had chan-
ged from worried to frantic.
Amy picked up the phone again. She wanted to check with her supervisor about what to do
now. There was no dial tone.
The History of Information Security 3
LEARNING OBJECTIVES
1
Upon completion of this material, you should be able to:
• Define information security
• Recount the history of computer security, and explain how it evolved into information
security
• Define key terms and critical concepts of information security
• Explain the role of security in the systems development life cycle
• Describe the information security roles of professionals within an organization
Introduction
Martin Fisher, IT Security Manager at Northside Hospital in Atlanta, believes that enterprise
information security is a “critical business capability that needs to be aligned with corporate
expectations and culture that provides the leadership and insight to identify risks and imple-
ment effective controls.” He is not alone in his perspective. Many information security practi-
tioners recognize that aligning information security needs with business objectives must be the
top priority.
This chapter’s opening scenario illustrates that information risks and controls may not be in
balance at SLS. Though Amy works in a technical support role to help users with their pro-
blems, she did not recall her training about malicious e-mail attachments, such as worms or
viruses, and fell victim to this form of attack herself. Understanding how malware might be
the cause of a company’s problems is an important skill for information technology (IT) sup-
port staff as well as users. SLS’s management also shows signs of confusion and seems to have
no idea how to contain this kind of incident. If you were in Amy’s place and were faced with
a similar situation, what would you do? How would you react? Would it occur to you that
something far more insidious than a technical malfunction was happening at your company?
As you explore the chapters of this book and learn more about information security, you will
become more capable of answering these questions. But, before you can begin studying details
about the discipline of information security, you must first know its history and evolution.
The History of Information Security

Key Term
computer security In the early days of computers, this term specified the need to secure the
physical location of computer technology from outside threats. This term later came to represent
all actions taken to preserve computer systems from losses. It has evolved into the current
concept of information security as the scope of protecting information in an organization has
expanded.
The history of information security begins with the concept of computer security. The need for
computer security arose during World War II when the first mainframe computers were devel-
oped and used to aid computations for communication code breaking messages from enemy
4 Chapter 1
Earlier versions of the German code machine Enigma

were first broken by the Poles in the 1930s. The British
and Americans managed to break later, more complex
versions during World War II. The increasingly complex
versions of the Enigma, especially the submarine or
Unterseeboot version of the Enigma, caused considerable
anguish to Allied forces before finally being cracked. The
information gained from decrypted transmissions was
used to anticipate the actions of German armed forces.
”Some ask why, if we were reading the Enigma, we did
not win the war earlier. One might ask, instead, when, if
ever, we would have won the war if we hadn’t read it.”1
Figure 1-1 The Enigma

Source: Bletchley Park Trust. Used with permission.2
cryptographic devices like the Enigma, shown in Figure 1-1. Multiple levels of security were
implemented to protect these devices and the missions they served. This required new pro-
cesses as well as tried-and-true methods needed to maintain data confidentiality. Access to sen-
sitive military locations, for example, was controlled by means of badges, keys, and the facial
recognition of authorized personnel by security guards. The growing need to maintain
national security eventually led to more complex and technologically sophisticated computer
security safeguards.
During these early years, information security was a straightforward process composed pre-
dominantly of physical security and simple document classification schemes. The primary
threats to security were physical theft of equipment, espionage against products of the systems,
and sabotage. One of the first documented security problems that fell outside these categories
occurred in the early 1960s, when a systems administrator was working on a MOTD (mes-
sage of the day) file while another administrator was editing the password file. A software
glitch mixed the two files, and the entire password file was printed on every output file.3
The 1960s
During the Cold War, many more mainframe computers were brought online to accomplish
more complex and sophisticated tasks. These mainframes required a less cumbersome process
of communication than mailing magnetic tapes between computer centers. In response to this
need, the Department of Defense’s Advanced Research Projects Agency (ARPA) began exam-
ining the feasibility of a redundant, networked communications system to support the mili-
tary’s exchange of information. In 1968, Dr. Larry Roberts developed the ARPANET
Another random document with
no related content on Scribd:
eighteen months—he had received no remuneration; neither had he
been paid for the articles he had purchased for the men; at the same
time, the salary due to him, of ten pounds a year as chirurgeon of the
castle, was now more than two years in arrear. It was the greater
hardship, as those who had furnished the drugs and other articles
were pressing him for the debt, ‘for which he is like to be pursued.’
Moreover, he protested, as something necessary to support a claim of
debt against the state, that ‘he has been always for advancing of his
majesty’s interest, and well affected to their majesties’ government.’
The Council, in this case too, could only recommend the accounts
to the lords of the treasury.[57]
Sinclair of Mey, and a friend of his named 1691. Mar. 8.
James Sinclair, writer in Edinburgh, were
lodging in the house of John Brown, vintner, in the Kirkgate of Leith,
when, at a late hour, the Master of Tarbat and Ensign Andrew Mowat
came to join the party. The Master, who was eldest son of the
Viscount Tarbat, a statesman of no mean note, was nearly related to
Sinclair of Mey. There was no harm meant by any one that night in
the hostelry of John Brown; but before midnight, the floor was
reddened with slaughter.
The Master and his friend Mowat, who are described on the
occasion as excited by liquor, but not beyond self-control, were
sitting in the hall drinking a little ale, while beds were getting ready
for them. A girl named Jean Thomson, who had brought the ale, was
asked by the Master to sit down beside him, but escaped to her own
room, and bolted herself in. He, running in pursuit of her,
blunderingly went into a room occupied by a Frenchman named
George Poiret, who was quietly sleeping there. An altercation took
place between Poiret and the Master, and Mowat, hearing the noise,
came to see what was the matter. The Frenchman had drawn his
sword, which the two gentlemen wrenched out of his hand. A servant
of the house, named Christian Erskine, had now also arrived at the
scene of strife, besides a gentleman who was not afterwards
identified. At the woman’s urgent request, Mowat took away the
Master and the other gentleman, the latter carrying the Frenchman’s
sword. There might have now been an end to this little brawl, if the
Master had not deemed it his duty to go back to the Frenchman’s
room to beg his pardon. The Frenchman, finding a new disturbance
at his door, which he had bolted, seems to have lost patience. He
knocked on the ceiling of his room with the fire-tongs, to awaken two
brothers, Elias Poiret, styled Le Sieur de la Roche, and Isaac Poiret,
who were sleeping there, and to bring them to his assistance.
These two gentlemen presently came down armed with swords and
pistols, and spoke to their defenceless and excited brother at his
door. Presently there was a hostile collision 1691.
between them and the Master and Mowat in
the hall. Jean Thomson roused her master to come and interfere for
the preservation of the peace; but he came too late. The Master and
Mowat were not seen making any assault; but a shot was heard, and,
in a few minutes, it was found that the Sieur de la Roche lay dead
with a swordwound through his body, while Isaac had one of his
fingers nearly cut off. A servant now brought the guard, by whom
Mowat was soon after discovered hiding under an outer stair, with a
bent sword in his hand, bloody from point to hilt, his hand wounded,
and the sleeves of his coat also stained with blood. On being brought
where the dead man lay, he viewed the body without apparent
emotion, merely remarking he wondered who had done it.
The Master, Mowat, and James Sinclair, writer, were tried for the
murder of Elias Poiret; but the jury found none of the imputed
crimes proven. The whole affair can, indeed, only be regarded as an
unfortunate scuffle arising from intemperance, and in which sudden
anger caused weapons to be used where a few gentle and reasonable
words might have quickly re-established peace and good-fellowship.
[59]
The three Frenchmen concerned in this affair were Protestant

refugees, serving in the king’s Scottish guards. The Master of Tarbat
in due time succeeded his father as Earl of Cromarty, and survived
the slaughter of Poiret forty years. He was the father of the third and
last Earl of Cromarty, so nearly brought to Tower-hill in 1746, for his
concern in the rebellion of the preceding year, and who on that
account lost the family titles and estates.
Down to this time, it was still customary Apr.

for gentlemen to go armed with walking-
swords. On the borders of the Highlands, dirks and pistols seem to
have not unfrequently been added. Accordingly, when a quarrel
happened, bloodshed was very likely to take place. At this time we
have the particulars of such a quarrel, serving to mark strongly the
improvements effected by modern civilisation.
Some time in August 1690, a young man named William
Edmondstone, described as apprentice to Charles Row, writer to the
Signet, having occasion to travel to Alloa, called on his master’s
brother, William Row of Inverallan in passing, and had an interview
with him at a public-house in the hamlet of 1691.
Bridge of Allan. According to a statement
from him, not proved, but which it is almost necessary to believe in
order to account for subsequent events, Inverallan treated him
kindly to his face, but broke out upon him afterwards to a friend,
using the words rascal and knave, and other offensive expressions.
The same unproved statement goes on to relate how Edmondstone
and two friends of his, named Stewart and Mitchell, went afterwards
to inquire into Inverallan’s reasons for such conduct, and were
violently attacked by him with a sword, and two of them wounded.
The proved counter-statement of Inverallan is to the effect that
Edmondstone, Stewart, and Mitchell tried, on the 21st of April 1691,
to waylay him, with murderous intent, as he was passing between
Dumblane and his lands near Stirling. Having by chance evaded
them, he was in a public-house at the Bridge of Allan, when his three
enemies unexpectedly came in, armed as they were with swords,
dirks, and pistols, and began to use despiteful expressions towards
him. ‘He being all alone, and having no arms but his ordinary
walking-sword, did rise up in a peaceable manner, of design to have
retired and gone home to his own house.’ As he was going out at the
door, William Edmondstone insolently called to him to come and
fight him, a challenge which he disregarded. They then followed him
out, and commenced an assault upon him with their swords,
Mitchell, moreover, snapping a pistol at him, and afterwards beating
him over the head with the but-end. He was barely able to protect his
life with his sword, till some women came, and drew away the
assailants.
A few days after, the same persons came with seven or eight other
‘godless and graceless persons’ to the lands of Inverallan,
proclaiming their design to burn and destroy the tenants’ houses and
take the laird’s life, and to all appearance would have effected their
purpose, but for the protection of a military party from Stirling.
For these violences, Edmondstone and Mitchell were fined in five
hundred merks, and obliged to give large caution for their keeping
the peace.[60]
Upon petition, Sir James Don of Newton, June 25.

knight-baronet, with his lady and her niece,
and a groom and footman, were permitted 1691.
‘to travel with their horses and arms from
Scotland to Scairsburgh Wells in England, and to return again,
without trouble or molestation, they always behaving themselves as
becometh.’[61]
This is but a single example of the difficulties attending personal
movements in Scotland for some time after the Revolution. Owing to
the fears for conspiracy, the government allowed no persons of
eminence to travel to any considerable distance without formal
permission.
An act, passed this day in the Convention July 8.

of Royal Burghs for a commission to visit
the burghs as to their trade, exempted Kirkwall, Wick, Inverary, and
Rothesay, on account of the difficulty of access to these places!
The records of this ancient court present many curious details. A
tax-roll of July 1692, adjusting the proportions of the burghs in
making up each £100 Scots of their annual expenditure on public
objects, reveals to us the comparative populousness and wealth of
the principal Scottish towns at that time. For Edinburgh, it is nearly
a third of the whole, £32, 6s. 8d.; for Glasgow, less than a half of
Edinburgh, £15; Perth, £3; Dundee, £4, 13s. 4d.; Aberdeen, £6;
Stirling, £1, 8s.; Linlithgow, £1, 6s.; Kirkcaldy, £2, 8s.; Montrose, £2;
Dumfries, £1, 18s. 4d.; Inverness, £1, 10s.; Ayr, £1, 1s. 4d.;
Haddington, £1, 12s.
All the rest pay something less than one pound. In 1694, Inverary
is found petitioning for ‘ease’ from the four shillings Scots imposed
upon them in the tax-roll, as ‘they are not in a condition by their
poverty and want of trade to pay any pairt thereof.’ The annual
outlay of the Convention was at this time about £6000 Scots. Hence
the total impost on Inverary would be £240, or twenty pounds
sterling. For the ‘ease’ of this primitive little Highland burgh, its
proportion was reduced to a fourth.
The burghs used to have very curious arrangements amongst
themselves: thus, the statute Ell was kept in Edinburgh; Linlithgow
had charge of the standard Firlot; Lanark of the Stoneweight; while
the regulation Pint-stoup was confided to Stirling. A special measure
for coal, for service in the customs, was the Chalder of Culross. The
burgh of Peebles had, from old time, the privilege of seizing ‘all light
weights, short ellwands, and other 1691.
insufficient goods, in all the fairs and
mercats within the shire of Teviotdale.’ They complained, in 1696, of
the Earl of Traquair having interfered with their rights, and a
committee was appointed to deal with his lordship on the subject.[62]
To these notices it may be added that the northern burgh of
Dingwall, which is now a handsome thriving town, was reduced to so
great poverty in 1704 as not to be able to send a commissioner to the
Convention. ‘There was two shillings Scots of the ten pounds then
divided amongst the burghs, added to the shilling we used formerly
to be in the taxt roll [that is, in addition to the one shilling Scots we
formerly used to pay on every hundred pounds Scots raised for
general purposes, we had to pay two shillings Scots of the new
taxation of ten pounds then assessed upon the burghs], the stenting
whereof was so heavy upon the inhabitants, that a great many of
them have deserted the town, which is almost turned desolate, as is
weel known to all our neighbours; and there is hardly anything to be
seen but the ruins of old houses, and the few inhabitants that are left,
having now no manner of trade, live only by labouring the
neighbouring lands, and our inhabitants are still daily deserting us.’
Such was the account the town gave of itself in a petition to the
Convention of Burghs in 1724.[63]
Though Dingwall is only twenty-one and a half miles to the
northward of Inverness, so little travelling was there in those days,
that scarcely anything was known by the one place regarding the
other. It is at this day a subject of jocose allusion at Inverness, that
they at one time sent a deputation to see Dingwall, and inquire about
it, as a person in comfortable circumstances might send to ask after a
poor person in a neighbouring alley. Such a proceeding actually took
place in 1733, and the report brought back was to the effect, that
Dingwall had no trade, though ‘there were one or two inclined to
carry on trade if they had a harbour;’ that the place had no prison;
and for want of a bridge across an adjacent lake, the people were
kept from both kirk and market.[64]
Licence was granted by the Privy Council July 23.

to Dr Andrew Brown to print, and have sole
right of printing, a treatise he had written, entitled A Vindicatorie
Schedule about the New Cure of Fevers.[65]
This Dr Andrew Brown, commonly called 1691.
Dolphington, from his estate in
Lanarkshire, was an Edinburgh physician, eminent in practice, and
additionally notable for the effort he made in the above-mentioned
work to introduce Sydenham’s treatment of fevers—that is, to use
antimonial emetics in the first stage of the disorder. ‘This book and
its author’s energetic advocacy of its principles by his other writings
and by his practice, gave rise to a fierce controversy, and in the
library of the Edinburgh College of Physicians there is a stout shabby
little volume of pamphlets on both sides—“Replies” and “Short
Answers,” and “Refutations,” and “Surveys,” and “Looking-glasses,”
“Defences,” “Letters,” “Epilogues,” &c., lively and furious once, but
now resting as quietly together as their authors are in the Old
Greyfriars’ Churchyard, having long ceased from troubling. There is
much curious, rude, hard-headed, bad-Englished stuff in them, with
their wretched paper and print, and general ugliness; much also to
make us thankful that we are in our own now, not their then. Such
tearing away, with strenuous logic and good learning, at mere clouds
and shadows, with occasional lucid intervals of sense, observation,
and wit!’[66]
Dolphington states in his book that he visited Dr Sydenham in
London, to study his system under him, in 1687, and presently after
returning to Edinburgh, introduced the practice concerning fevers,
with such success, that of many cases none but one had remained
uncured.
Some idea of an amateur unlicensed medical practice at this time
may be obtained from a small book which had a great circulation in
Scotland in the early part of the eighteenth century. It used to be
commonly called Tippermallochs Receipts, being the production of
‘the Famous John Moncrieff of Tippermalloch’ in Strathearn, ‘a
worthy and ingenious gentleman,’ as the preface describes him,
whose ‘extraordinary skill in physic and successful and beneficial
practice therein’ were so well known, ‘that few readers, in this
country at least, can be supposed ignorant thereof.’[67]
When a modern man glances over the pages of this dusky ill-
printed little volume, he is at a loss to 1691.
believe that it ever could have been the
medical vade-mecum of respectable families, as we are assured it
was. It has a classification of diseases under the parts of the human
system, the head, the breast, the stomach, &c., presenting under each
a mere list of cures, with scarcely ever a remark on special
conditions, or even a tolerable indication of the quantity of any
medicine to be used. The therapeutics of Tippermalloch include
simples which are now never heard of in medicine, and may be
divided into things capable of affecting the human system, and
things of purely imaginary efficacy, a large portion of both kinds
being articles of such a disgusting character as could not but have
doubled the pain and hardship of all ailments in which they were
exhibited. For cold distemper of the brain, for instance, we have
snails, bruised in their shells, to be applied to the forehead; and for
pestilential fever, a cataplasm of the same stuff to be laid on the soles
of the feet. Paralysis calls for the parts being anointed with
‘convenient ointments’ of (among other things) earthworms. For
decay of the hair, mortals are enjoined to ‘make a lee of the burnt
ashes of dove’s dung, and wash the head;’ but ‘ashes of little frogs’
will do as well. Yellow hair, formerly a desired peculiarity, was to be
secured by a wash composed of the ashes of the ivy-tree, and a fair
complexion by ‘the distilled water of snails.’ To make the whole face
well coloured, you are coolly recommended to apply to it ‘the liver of
a sheep fresh and hot.’ ‘Burn the whole skin of a hare with the ears
and nails: the powder thereof, being given hot, cureth the lethargy
perfectly.’ ‘Powder of a man’s bones burnt, chiefly of the skull that is
found in the earth, cureth the epilepsy: the bones of a man cure a
man; the bones of a woman cure a woman.’ The excreta of various
animals figure largely in Tippermalloch’s pharmacopœia, even to a
bath of a certain kind for iliac passion: ‘this,’ says he, ‘marvellously
expelleth wind.’ It is impossible, however, to give any adequate idea
of the horrible things adverted to by the sage Moncrieff, either in
respect of diseases or their cures. All I will say further on this matter
is, that if there be any one who thinks modern delicacy a bad
exchange for the plain-spokenness of our forefathers, let him glance
at the pages of John Moncrieff of Tippermalloch, and a change of
opinion is certain.
In the department of purely illusive recipes, we have for
wakefulness or coma, ‘living creatures applied to the head to dissolve
the humour;’ for mania, amulets to be worn about the neck; and a
girdle of wolf’s skin certified as a complete preventive of epilepsy. We
are told that ‘ants’ eggs mixed with the juice 1691.
of an onion, dropped into the ear, do cure
the oldest deafness,’ and that ‘the blood of a wild goat given to ten
drops of carduus-water doth powerfully discuss the pleurisy.’ It is
indicated under measles, that ‘many keep an ewe or wedder in their
chamber or on the bed, because these creatures are easily infected,
and draw the venom to themselves, by which means some ease may
happen to the sick person.’ In like manner, for colic a live duck, frog,
or sucking-dog applied to the part, ‘draweth all the evil to itself, and
dieth.’ The twenty-first article recommended for bleeding at the nose
is hare’s hair and vinegar stuffed in; ‘I myself know this to be the best
of anything known.’ He is equally sure that the flowing blood of a
wound may be repelled by the blood of a cow put into the wound, or
by carrying a jasper in the hand; while for a depraved appetite
nothing is required but the stone ætites bound to the arm. Sed jam
satis.
In Analecta Scotica is to be found a dream about battles and
ambassadors by Sir J. Moncrieff of Tippermalloch, who at his death
in 1714, when eighty-six years of age, believed it was just about to be
fulfilled. The writer, who signs himself William Moncrieff, and dates
from Perth, says of Tippermalloch: ‘The gentleman was, by all who
knew him, esteemed to be eminently pious. He spent much of his
time in reading the Scripture—his delight was in the law of the Lord.
The character of the blessed man did belong to him, for in that he did
meditate day and night, and his conversation was suitable thereto—
his leaf did not wither—he was fat and flourishing in his old age.’[68]
Dame Mary Norvill, widow of Sir David Aug. 11.

Falconer, president of the Court of Session,
and now wife of John Home of Ninewells, was obliged to petition the
Privy Council for maintenance to her children by her first husband,
their uncle, the Laird of Glenfarquhar, having failed to make any
right arrangement in their behalf. From what the lords ordained, we
get an idea of the sums then considered as proper allowances for the
support and education of a set of children of good fortune. David, the
eldest son, ten years of age, heir to his father’s estate of 12,565 merks
(about £698 sterling) per annum, over and above the widow’s
jointure, was to be allowed ‘for bed and board, clothing, and other
necessaries, and for educating him at schools and colleges as
becomes his quality, with a pedagogue and 1691.
a boy to attend him, the sum of a thousand
merks yearly (£55, 11s. 1⅓d. sterling).’ To Mistress Margaret, twelve
and a half years old, whose portion is twelve thousand merks, they
assigned an aliment for ‘bed and board, clothing, and other
necessaries, and for her education at schools and otherwise as
becomes her quality,’ five hundred merks per annum (£27, 15s. 6½d.
sterling). Mistress Mary, the second daughter, eleven years of age,
with a portion of ten thousand merks, was allowed for ‘aliment and
education’ four hundred and fifty merks. For Alexander, the second
son, nine years of age, with a provision of fifteen thousand merks,
there was allowed, annually, six hundred merks. Mistress Katherine,
the third daughter, eight years of age, and Mistress Elizabeth, seven
years of age, with portions of eight thousand merks each, were
ordained each an annual allowance of three hundred and sixty
merks. George, the third son, six years old, with a provision of ten
thousand merks, was to have four hundred merks per annum. These
payments to be made to John Home and his lady, while the children
should dwell with them.[69]
‘Mistress Katherine’ became the wife of Mr Home’s son Joseph,
and in 1711 gave birth to the celebrated philosopher, David Hume.
Her brother succeeded a collateral relative as Lord Falconer of
Halkerton, and was the lineal ancestor of the present Earl of Kintore.
It is rather remarkable that the great philosopher’s connection with
nobility has been in a manner overlooked by his biographers.
That the sums paid for the young Falconers, mean as they now
appear, were in accordance with the ideas of the age, appears from
other examples. Of these, two may be adduced:
The Laird of Langton, ‘who had gotten himself served tutor-of-law’
to two young persons named Cockburn, fell about this time into ‘ill
circumstances.’ There then survived but one of his wards—a girl
named Ann Cockburn—and it appeared proper to her uncle, Lord
Crossrig, that she should not be allowed to stay with a broken man.
He accordingly, though with some difficulty, and at some expense,
got the tutory transferred to himself. ‘When Ann Cockburn,’ he says,
‘came to my house, I did within a short time put her to Mrs Shiens,
mistress of manners, where she was, as I remember, about two years,
at £5 sterling in the quarter, besides presents. Thereafter she stayed
with me some years, and then she was 1691.
boarded with the Lady Harvieston, then
after with Wallyford, where she still is, at £3 sterling per quarter.’[70]
In 1700, the Laird of Kilravock, in Nairnshire, paid an account to
Elizabeth Straiton, Edinburgh, for a quarter’s education to his
daughter Margaret Rose; including, for board, £60; dancing, £14,
10s.; ‘singing and playing and virginalls,’ £11, 12s.; writing, £6; ‘satin
seame,’ £6; a set of wax-fruits, £6; and a ‘looking-glass that she
broke,’ £4, 16s.; all Scots money.[71]
It thus appears that both Mrs Shiens and Mrs Straiton charged
only £5 sterling per quarter for a young lady’s board.
The subject is further illustrated by the provision made by the
Privy Council, in March 1695, for the widowed Viscountess of
Arbuthnot (Anne, daughter of the Earl of Sutherland), who had been
left with seven children all under age, and whose husband’s
testament had been ‘reduced.’ In her petition, the viscountess
represented that the estate was twenty-four thousand merks per
annum (£1333 sterling). ‘My lord, being now eight years of age, has a
governor and a servant; her two eldest daughters, the one being
eleven, and the other ten years of age, and capable of all manner of
schooling, they must have at least one servant; as for the youngest
son and three youngest daughters, they are yet within the years of
seven, so each of them must have a woman to wait upon them.’ Lady
Arbuthnot was provided with a jointure of twenty-five chalders of
victual; and as her jointure-house was ruinous, she desired leave to
occupy the family mansion of Arbuthnot House, which her son was
not himself of an age to possess.
The Lords, having inquired into and considered the relative
circumstances, ordained that two thousand pounds Scots (£166, 13s.
4d. sterling) should be paid to Lady Arbuthnot out of the estate for
the maintenance of her children, including the young lord.
The lady soon after dying, the earl her father came in her place as
keeper of the children at the same allowance.[72]
The Quakers residing at Glasgow gave in Dec.

to the Privy Council a representation of the
treatment they received at the hands of their neighbours. It was set
forth, that the severe dealings with the 1691.
consciences of men under the late
government had brought about a revolution, and some very tragical
doings. Now, when at last the people had wrestled out from beneath
their grievances, ‘it was matter of surprise that those who had
complained most thereupon should now be found acting the parts of
their own persecutors against the petitioners [the Quakers].’ It were
too tedious to detail ‘what they have suffered since the change of the
government, through all parts of the nation, by beating, stoning, and
other abuses,’ In Glasgow, however, ‘their usage had been liker
French dragoons’ usage, and furious rabbling, than anything that
dare own the title of Christianity.’ Even there they would have
endured in silence ‘the beating, stoning, dragging, and the like which
they received from the rabble,’ were it not that magistrates connived
at and homologated these persecutions, and their continued silence
might seem to justify such doings. They then proceeded to narrate
that, on the 12th of November, ‘being met together in their hired
house for no other end under heaven than to wait upon and worship
their God,’ a company of Presbyterian church elders, ‘attended with
the rude rabble of the town, haled them to James Sloss, bailie, who,
for no other cause than their said meeting, dragged them to prison,
where some of them were kept the space of eight days.’ During that
time, undoubted bail was offered for them, but refused, ‘unless they
should give it under their hand [that] they should never meet again
there.’ At the same time, their meeting-house had been plundered,
and even yet the restoration of their seats was refused. ‘This using of
men that are free lieges would, in the case of others, be thought a
very great riot,’ &c.
The feeling of the supreme administrative body in Scotland on this
set of occurrences, is chiefly marked by what they did not do. They
recommended to the Glasgow magistrates that, if any forms had
been taken away from the Quakers, they should be given back![73]
There were no bounds to the horror with which sincere
Presbyterians regarded Quakerism in those days. Even in their
limited capacity as disowners of all church-politics, they were
thought to be most unchristian. Patrick Walker gravely relates an
anecdote of the seer-preacher, Peden, which powerfully proves this
feeling. This person, being in Ireland, was indebted one night to a
Quaker for lodging. Accompanying his host to the meeting, Peden
observed a raven come down from the 1691.
ceiling, and perch itself, to appearance, on a
particular person’s head, who presently began to speak with great
vehemence. From one man’s head, the appearance passed to
another’s, and thence to a third. Peden told the man: ‘I always
thought there was devilry amongst you, but I never thought he
appeared visibly to you; but now I see it.’ The incident led to the
conversion of the Quaker unto orthodox Christianity.[74]
On the 5th of April 1694, there was a petition to the Privy Council
from a man named James Macrae, professing to be a Quaker, setting
forth that he had been pressed as a soldier, but could not fight, as it
was contrary to his principles and conscience; wherefore, if carried to
the wars, he could only be miserable in himself, while useless to
others. He was ordered to be liberated, provided he should leave a
substitute in his place.[75]
It would have been interesting to see a contemporary Glasgow
opinion on this case.
Irregularities of the affections were not 1692.

now punished with the furious severity
which, in the reign of Charles I., ordained beheading to a tailor in
Currie for wedding his first wife’s half-brother’s daughter.[76] But
they were still visited with penalties much beyond what would now
be thought fitting. For example, a woman of evil repute, named
Margaret Paterson, having drawn aside from virtue two very young
men, James and David Kennedy, sons of a late minister of the Trinity
College Church, was adjudged to stand an hour in the jougs at the
Tron, and then to be scourged from the Castle Hill to the Netherbow,
after which a life of exile in the plantations was her portion. The two
young men, having been bailed by their uncle, under assurance for
five thousand merks, the entire amount of their patrimony, broke
their bail rather than stand trial with their associate in guilt. There
was afterwards a petition from the uncle setting forth the hardship of
the case, and this was replied to with a recommendation from the
lords of Justiciary to the lords of the treasury for a modification of
the penalty, ‘if their lordships shall think fit.’ In the case of Alison
Beaton, where the co-relative offender was a man who had married
her mother’s sister, the poor woman was condemned to be scourged
in like manner with Paterson, and then 1692.
transported to the plantations. It was a
superstitious feeling which dictated such penalties for this class of
offences. The true aim of jurisprudence, to repress disorders which
directly affect the interests of others, and these alone, was yet far
from being understood.
In January 1694, there came before the notice of the Court of
Justiciary in Edinburgh, a case of curiously complicated wickedness.
Daniel Nicolson, writer, and a widow named Mrs Pringle, had long
carried on an infamous connection, with little effort at concealment.
Out of a bad spirit towards the unoffending Jean Lands, his wife,
Nicolson and Pringle, or one or other of them, caused to be forged a
receipt as from her to Mr John Elliot, doctor of medicine, for some
poison, designing to raise a charge against her and a sister of hers, of
an attempt upon her husband’s life. The alleged facts were proved to
the satisfaction of a jury, and the court, deeming the adultery
aggravated by the forgery, adjudged the guilty pair to suffer in the
Grassmarket—Nicolson by hanging, and Pringle by ‘having her head
severed from her body.’
There were, however, curious discriminations in the judgments of
the Justiciary Court. A Captain Douglas, of Sir William Douglas’s
regiment, assisted by another officer and a corporal of the corps, was
found guilty of a shocking assault upon a serving-maid in Glasgow, in
1697. A meaner man, or an equally important man opposed to the
new government, would have, beyond a doubt, suffered the last
penalty for this offence; Captain Douglas, being a gentleman, and
one engaged in the king’s service, escaped with a fine of three
hundred merks.[77]
King William felt impatient at the Feb. 13.

unsubmissiveness of the Jacobite clans,
chiefly Macdonalds of Glengarry, Keppoch, and Glencoe, the Grants
of Glenmoriston, and the Camerons of Locheil, because it caused
troops to be kept in Scotland, which he much wanted for his army in
Flanders. His Scottish ministers, and particularly Sir John
Dalrymple, Master of Stair, the Secretary of State, carried towards
those clans feelings of constantly growing irritation, as latterly the
principal obstacle to a settlement of the country under the new
system of things. At length, in August 1691, the king issued an
indemnity, promising pardon to all that had been in arms against
him before the 1st of June last, provided 1692.
they should come in any time before the 1st
of January next year, and swear and sign the oath of allegiance.
The letters of Sir John Dalrymple from the court at London during
the remainder of the year, shew that he grudged these terms to the
Highland Jacobites, and would have been happy to find that a refusal
of them justified harsher measures. It never occurred to him that
there was anything but obstinacy, or a hope of immediate assistance
from France to enable them to set up King James again, in their
hesitation to swear that they sincerely in their hearts accepted King
William and Queen Mary as the sovereigns of the land equally by
right and in fact. He really hoped that at least the popish clan of the
Macdonalds of Glencoe would hold out beyond the proper day, so as
to enable the government to make an example of them. It was all the
better that the time of grace expired in the depth of winter, for ‘that,’
said he (letter to Colonel Hamilton, December 3, 1691), ‘is the proper
season to maul them, in the cold long nights.’ On the 9th of January,
under misinformation about their having submitted, he says: ‘I am
sorry that Keppoch and M‘Ian of Glencoe[78] are safe.’ It was the sigh
of a savage at the escape of a long-watched foe. Still he understood
Glengarry, Clanranald, and Glenmoriston to be holding out, and he
gave orders for the troops proceeding against them, granting them at
the utmost the terms of prisoners of war. In the midst of a letter on
the subject, dated the 11th January,[79] he says: ‘Just now my Lord
Argyle tells me that Glencoe hath not taken the oaths; at which I
rejoice—it’s a great work of charity to be exact in rooting out that
damnable sect, the worst in all the Highlands.’ Delighted with the
intelligence—‘it is very good news here,’ he elsewhere says—he
obtained that very day a letter from the king anent the Highland
rebels, commanding the troops to cut them off ‘by all manner of
hostility,’ and for this end to proclaim high penalties to all who
should give them assistance or protection. Particular instructions
subscribed by the king followed on the 16th, permitting terms to be
offered to Glengarry, whose house was strong enough to give trouble,
but adding: ‘If M‘Ian of Glencoe and that tribe can be well separated
from the rest, it will be a proper vindication of the public justice to
extirpate that sect of thieves.’ On the same day, Dalrymple himself
wrote to Colonel Hill, governor of 1692.
Inverlochy, ‘I shall entreat you that, for a
just vengeance and public example, the thieving tribe of Glencoe be
rooted out to purpose. The Earls of Argyle and Breadalbane have
promised they shall have no retreat in their bounds.’ He felt,
however, that it must be ‘quietly done;’ otherwise they would make
shift both for their cattle and themselves. There can be no doubt
what he meant; merely to harry the people, would make them worse
thieves than before—they must be, he elsewhere says, ‘rooted out
and cut off.’
In reality, the old chief of the Glencoe Macdonalds had sped to
Inverlochy or Fort William before the end of the year, and offered his
oath to the governor there, but, to his dismay, found he had come to
the wrong officer. It was necessary he should go to Inverary, many
miles distant, and there give in his submission to the sheriff. In great
anxiety, the old man toiled his way through the wintry wild to
Inverary. He had to pass within a mile of his own house, yet stopped
not to enter it. After all his exertions, the sheriff being absent for two
days after his arrival, it was not till the 6th of January that his oath
was taken and registered. The register duly went thereafter to the
Privy Council at Edinburgh; but the name of Macdonald of Glencoe
was not found in it: it was afterwards discovered to have been by
special pains obliterated, though still traceable.
Here, then, was that ‘sect of thieves’ formally liable to the
vengeance which the secretary of state meditated against them. The
commander, Livingstone, on the 23d January, wrote to Colonel
Hamilton of Inverlochy garrison to proceed with his work against the
Glencoe men. A detachment of the Earl of Argyle’s regiment—
Campbells, hereditary enemies of the Macdonalds of Glencoe—under
the command of Campbell of Glenlyon, proceeded to the valley,
affecting nothing but friendly intentions, and were hospitably
received. Glenlyon himself, as uncle to the wife of one of the chief’s
sons, was hailed as a friend. Each morning, he called at the humble
dwelling of the chief, and took his morning-draught of usquebaugh.
On the evening of the 12th of February, he played at cards with the
chief’s family. The final orders for the onslaught, written on the 12th
at Ballachulish by Major Robert Duncanson (a Campbell also), were
now in Glenlyon’s hands. They bore—‘You are to put all to the sword
under seventy. You are to have a special care that the old fox and his
son do on no account escape your hands. You’re to secure all
avenues, that none escape; this you are to put in execution at five
o’clock precisely, and by that time, or very 1692.
shortly after it, I’ll strive to be at you with a
stronger party. If I do not come to you at five, you are not to tarry for
me, but to fall on.’
Glenlyon was but too faithful to his instructions. His soldiers had
their orders the night before. John Macdonald, the chief’s eldest son,
observing an unusual bustle among the soldiers, took an alarm, and
inquired what was meant. Glenlyon soothed his fears with a story
about a movement against Glengarry, and the lad went to bed.
Meanwhile, efforts were making to plant guards at all the outlets of
that alpine glen; but the deep snow on the ground prevented the duty
from being fully accomplished. At five, Lieutenant Lindsay came with
his men to the house of the chief, who, hearing of his arrival, got out
of bed to receive him. He was shot dead as he was dressing himself.
Two of his people in the house shared his fate, and his wife,
shamefully treated by the soldiers, died next day. At another hamlet
called Auchnaion, the tacksman and his family received a volley of
shot as they were sitting by their fireside, and all but one were laid
dead or dying on the floor. The survivor entreated to be killed in the
open air, and there succeeded in making his escape. There were
similar scenes at all the other inhabited places in the glen, and before
daylight, thirty-eight persons had been murdered. The rest of the
people, including the chief’s eldest son, fled to the mountains, where
many of them are believed to have perished. When Colonel Hamilton
came at breakfast-time, he found one old man alive mourning over
the bodies of the dead; and this person, though he might have been
even formally exempted as above seventy, was slain on the spot. The
only remaining duty of the soldiers was to burn the houses and harry
the country. This was relentlessly done, two hundred horses, nine
hundred cattle, and many sheep and goats being driven away.
A letter of Dalrymple, dated from London the 5th March, makes us
aware that the Massacre of Glencoe was already making a sensation
there. It was said that the people had been murdered in their beds,
after the chief had made the required submission. The secretary
professed to have known nothing of the last fact, but he was far from
regretting the bloodshed. ‘All I regret is that any of the sect got away.’
When the particulars became fully known—when it was ascertained
that the Campbells had gone into the glen as friends, and fallen upon
the people when they were in a defenceless state and when all
suspicion was lulled asleep—the transaction assumed the character
which it has ever since borne in the public 1692.
estimation, as one of the foulest in modern
history.
The Jacobites trumpeted it as an offset against the imputed
severities of the late reigns. Its whole details were given in the
French gazettes, as an example of the paternal government now
planted in Britain. The government was compelled, in self-defence,
to order an inquiry into the affair, and the report presented in 1695
fully brought out the facts as here detailed, leaving the principal
odium to rest with Dalrymple. The king himself, whose signature
follows close below the savage sentence, ‘If M‘Ian of Glencoe,’ &c.,
did not escape reproach. True it is, that so far from punishing his
secretary, he soon after this report gave him a full remission, and
conferred on him the teinds of the parish in which lay his principal
estates.[80]
The Privy Council had before them a Feb. 16.

petition from Lieutenant Brisbane of Sir
Robert Douglas’s regiment, regarding one Archibald Baird, an Irish
refugee, imprisoned at Paisley for housebreaking. The sheriff
thought the probation ‘scrimp’ (scanty), and besides, was convinced
that ‘extreme poverty had been a great temptation to him to commit
the said crime.’ Seeing he was, moreover, ‘a proper young man fit for
service,’ and ‘willing and forward to go over to Flanders to fight
against the French,’ the sheriff had hitherto delayed to pronounce
sentence upon him. Without any ceremony, the Council ordered that
Baird be delivered to Brisbane, that he might be transported to
Flanders as a soldier.
The reader will probably be amused by the sheriff’s process of
ideas—first, that the crime was not proved; and, second, that it had
been committed under extenuating circumstances. The leniency of
the Privy Council towards such a culprit, in ordering him out of the
country as a soldier, is scarcely less characteristic. The truth is, the
exigencies of the government for additional military force were now
greater than ever, so that scruples about methods of recruiting had
come to be scarcely recognisable. Poor people confined in jail on
suspicion of disaffection, were in many instances brought to a
purchase of liberty by taking on as soldiers; criminals, who had pined
there for months or years, half-starved, were glad to take soldiering
as their punishment. Sturdy vagrants were 1692.
first gathered into the jails for the offence of
begging, and then made to know that, only by taking their majesties’
pay, could they regain their freedom. But freedom was not to be
instantly gained even in this way. The recruits were kept in jail, as
well as the criminals and the disaffected—little distinction, we may
well believe, observed between them. Not till ready to go on board for
Flanders, were these gallant Britons permitted to breathe the fresh
air.
An appearance of regard for the liberty of the subject was indeed
kept up, and on the 23d February 1692, a committee of the Privy
Council was appointed to go to the prisons of Edinburgh and
Canongate, and inspect the recruits kept there, so as to ascertain if
there were any who were unjustly detained against their will. But this
was really little more than an appearance for decency’s sake, the
instances of disregard for individual rights being too numerous even
in their own proceedings to allow any different conclusion being
arrived at.[81]
Two ministers at Dumfries, who had been Feb.

‘preachers before prelacy was abolished,’
gave displeasure to the populace by using the Book of Common
Prayer. On a Sunday, early in this month, a party of about sixteen
‘mean country persons living about four or five miles from Dumfries,
who disowned both Presbyterian and Episcopal ministers, and
acknowledged none but Mr Houston,’ came and dragged these two
clergymen out of the town, took from each his prayer-book, and gave
them a good beating, after which they were liberated, and allowed to
return home. At an early hour next morning, the same party came
into the town and burned one of the books at the Cross, on which
they affixed a placard, containing, we may presume, a declaration of
their sentiments. The Privy Council indignantly called the provost of
Dumfries before them, and while censuring him for allowing such a
riot to take place, enjoined him to take care ‘that there be no
occasions given for the like disorders in time coming.’ That is to say,
the Privy Council did not desire the Dumfries magistrates to take any
measures for preventing the attacks of ‘mean country persons’ upon
unoffending clergymen using the forms of prayer sanctioned in
another and connected kingdom not thirty miles distant, but to see
that such clergymen were not allowed to give provocations of that
kind to ‘mean country persons.’
Dumfries had at this time another trouble 1699. Mar.
on its hands. Marion Dickson in Blackshaw,
Isobel Dickson in Locherwood, Agnes Dickson (daughter of Isobel),
and Marion Herbertson in Mousewaldbank, had for a long time been
‘suspected of the abominable and horrid crime of witchcraft,’ and
were believed to have ‘committed many grievous malefices upon
several persons their neighbours and others.’ It was declared to be
damnifying ‘to all good men and women living in the country
thereabouts, who cannot assure themselves of safety of their lives by
such frequent malefices as they commit.’
Under these circumstances, James Fraid, John Martin, William
Nicolson, and Thomas Jaffrey in Blackshaw, John Dickson in Slop of
Locherwoods, John Dickson in Locherwoods, and John Dickson in
Overton of Locherwoods, took it upon them to apprehend the
women, and carried them to be imprisoned at Dumfries by the
sheriff, which, however, the sheriff did not consent to till after the six
men had granted a bond engaging to prosecute. Fortified with a
certificate from the presbytery of Dumfries, who were ‘fully
convinced of the guilt [of the women] and of the many malefices
committed by them,’ the men applied to the Privy Council for a
commission to try the delinquents.
The Lords ordered the women to be transported to Edinburgh for
trial.[82]
The government beginning to relax a little Mar. 29.

the severity it had hitherto exercised

Original PDF Principles of Information Security 6th by Michael e Whitman PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Original PDF Principles of Information Security 6th by Michael e Whitman PDF

Uploaded by

Copyright:

Available Formats

(Original PDF) Principles of Information

Security 6th by Michael E. Whitman

Selected Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531

As global networks expand, the interconnection of the world’s information systems

formulate interdisciplinary solutions for systems vulnerabilities. The essential tenet of

Structure and Chapter Descriptions

 Chapter 1—Introduction to Information Security

 Chapter 2—The Need for Security

 Chapter 3—Legal, Ethical, and Professional Issues in

 Chapter 4—Planning for Security

 Chapter 5—Risk Management

 Chapter 6—Security Technology: Access Controls,

 Chapter 7—Security Technology: Intrusion Detection and

 Chapter 9—Physical Security

 Chapter 10—Implementing Information Security

 Chapter 11—Security and Personnel

 Chapter 12—Information Security Maintenance

New to This Edition

 Instructor Companion Site

● Kristin McNary, Product Team Manager

Donn B. Parker, CISSP Retired

Introduction to Information Security

“Did you try a reboot yet?”

The History of Information Security

Earlier versions of the German code machine Enigma

Figure 1-1 The Enigma

The three Frenchmen concerned in this affair were Protestant

Down to this time, it was still customary Apr.

Upon petition, Sir James Don of Newton, June 25.

An act, passed this day in the Convention July 8.

Licence was granted by the Privy Council July 23.

Dame Mary Norvill, widow of Sir David Aug. 11.

The Quakers residing at Glasgow gave in Dec.

Irregularities of the affections were not 1692.

King William felt impatient at the Feb. 13.

The Privy Council had before them a Feb. 16.

Two ministers at Dumfries, who had been Feb.

The government beginning to relax a little Mar. 29.

You might also like

Chapter 1—Introduction to Information Security

Chapter 2—The Need for Security

Chapter 3—Legal, Ethical, and Professional Issues in

Chapter 4—Planning for Security

Chapter 5—Risk Management

Chapter 6—Security Technology: Access Controls,

Chapter 7—Security Technology: Intrusion Detection and

Chapter 9—Physical Security

Chapter 10—Implementing Information Security

Chapter 11—Security and Personnel

Chapter 12—Information Security Maintenance

Instructor Companion Site