Full download Principles of Information Security 7th Edition Michael E. Whitman file pdf all chapter on 2024

Principles of Information Security 7th
Edition Michael E. Whitman

Visit to download the full and correct content document:
https://ebookmass.com/product/principles-of-information-security-7th-edition-michael-
e-whitman/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...
Management of Information Security 6th Edition Michael

E. Whitman
https://ebookmass.com/product/management-of-information-
security-6th-edition-michael-e-whitman/
Principles of Information Security 6th Edition Whitman
https://ebookmass.com/product/principles-of-information-
security-6th-edition-whitman/
Principles of Incident Response & Disaster Recovery

(MindTap Course List) 3rd Edition Michael E. Whitman &
Herbert J. Mattord
https://ebookmass.com/product/principles-of-incident-response-
disaster-recovery-mindtap-course-list-3rd-edition-michael-e-
whitman-herbert-j-mattord/
Security Analysis : Principles and Techniques (7th

Edition) Benjamin Graham
https://ebookmass.com/product/security-analysis-principles-and-
techniques-7th-edition-benjamin-graham/
Fundamentals of Information Systems Security
https://ebookmass.com/product/fundamentals-of-information-
systems-security/
Management of Information Security 5th Edition, (Ebook

PDF)
https://ebookmass.com/product/management-of-information-
security-5th-edition-ebook-pdf/
eTextbook 978-0134444284 Cryptography and Network

Security: Principles and Practice (7th Edition)
https://ebookmass.com/product/etextbook-978-0134444284-
cryptography-and-network-security-principles-and-practice-7th-
edition/
Principles of information systems 13th Edition Ralph

Stair
https://ebookmass.com/product/principles-of-information-
systems-13th-edition-ralph-stair/
Principles of Computer Security: CompTIA Security+ and

Beyond 2nd edition Edition Conklin
https://ebookmass.com/product/principles-of-computer-security-
comptia-security-and-beyond-2nd-edition-edition-conklin/
Seventh Edition
Principles of
Information
Security
Michael E. Whitman, Ph.D., CISM, CISSP
Herbert J. Mattord, Ph.D., CISM, CISSP
Information
Security
Australia • Brazil • Canada • Mexico • Singapore • United Kingdom • United States
Copyright 2022 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
This is an electronic version of the print textbook. Due to electronic rights restrictions,
some third party content may be suppressed. Editorial review has deemed that any suppressed
content does not materially affect the overall learning experience. The publisher reserves the right
to remove content from this title at any time if subsequent rights restrictions require it. For
valuable information on pricing, previous editions, changes to current editions, and alternate
formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for
materials in your areas of interest.
Important Notice: Media content referenced within the product description or the product
text may not be available in the eBook version.
Principles of Information Security, © 2022 Cengage Learning, Inc.
7th Edition
WCN: 02-300
Michael E. Whitman and Herbert J. Mattord
Unless otherwise noted, all content is © Cengage.
SVP, Higher Education Product Management:
ALL RIGHTS RESERVED. No part of this work covered by the copyright herein
Erin Joyner
may be reproduced or distributed in any form or by any means, except as
VP, Product Management: Thais Alencar permitted by U.S. copyright law, without the prior written permission of the
copyright owner.
Product Director: Mark Santee
Associate Product Manager: Danielle Klahr

For product information and technology assistance, contact us at Cengage
Product Assistant: Tom Benedetto Customer & Sales Support, 1-800-354-9706
or support.cengage.com.
Executive Director, Learning: Natalie Skadra
Learning Designer: Mary Clyne For permission to use material from this text or product, submit all requests
online at www.cengage.com/permissions.
Vice President, Product Marketing: Jason Sakos
Portfolio Marketing Manager: Mackenzie Paine Library of Congress Control Number: 2021909680
Senior Director, Content Creation: Rebecca von

Gillern ISBN: 978-0-357-50643-1
Content Manager: Christina Nyren Cengage

200 Pier 4 Boulevard
Director, Digital Production Services: Krista
Boston, MA 02210
Kellman
USA
Senior Digital Delivery Lead: Jim Vaughey
Cengage is a leading provider of customized learning solutions with employees
Developmental Editor: Dan Seiter
residing in nearly 40 different countries and sales in more than 125 countries
Production Service/Composition: SPi Global around the world. Find your local representative at www.cengage.com.
Design Director: Jack Pendleton

To learn more about Cengage platforms and services, register or access your
Designer: Erin Griffin online learning solution, or purchase materials for your course, visit
www.cengage.com.
Text Designer: Erin Griffin
Cover Designer: Erin Griffin Notice to the Reader
Cover image(s): Vandathai/Shutterstock.com Publisher does not warrant or guarantee any of the products described
herein or perform any independent analysis in connection with any of the
product information contained herein. Publisher does not assume, and
expressly disclaims, any obligation to obtain and include information other
than that provided to it by the manufacturer. The reader is expressly warned
to consider and adopt all safety precautions that might be indicated by the
activities described herein and to avoid all potential hazards. By following
the instructions contained herein, the reader willingly assumes all risks in
connection with such instructions. The publisher makes no representations or
warranties of any kind, including but not limited to, the warranties of fitness
for particular purpose or merchantability, nor are any such representations
implied with respect to the material set forth herein, and the publisher takes
no responsibility with respect to such material. The publisher shall not be
liable for any special, consequential, or exemplary damages resulting, in whole
or part, from the readers’ use of, or reliance upon, this material.
Printed in the United States of America

Print Number: 01 Print Year: 2021
iii
To Rhonda, Rachel, Alex, and Meghan, thank you for your loving support.
—MEW
To my grandchildren, Julie and Ellie; it is a wonderful life.

—HJM
Brief Contents
Prefacexi Module 8
Security Technology: Access Controls,
Module 1 Firewalls, and VPNs 295
Introduction to Information Security 1
Module 9
Module 2 Security Technology: Intrusion Detection and
The Need for Information Security 27 Prevention Systems and Other Security Tools 337
Module 3 Module 10
Information Security Management 81 Cryptography 383
Module 4 Module 11
Risk Management 121 Implementing Information
Security 417
Module 5
Module 12
Incident Response and Contingency Planning 175
Information Security Maintenance 447
Module 6 GLOSSARY 505
Legal, Ethical, and Professional Issues in
Information Security 223 Index 527
Module 7
Security and Personnel 261
Table of Contents
Preface xi Information Security Threats And
Attacks30
Module 1 4.8 Billion Potential Hackers 30
Other Studies of Threats 31
Introduction to Information Common Attack Pattern Enumeration
Security1 and Classification (CAPEC) 33
The 12 Categories Of Threats 34
Introduction To Information Security 2 Compromises to Intellectual Property 34
The 1960s 3 Deviations in Quality of Service 37
The 1970s and ’80s 4 Espionage or Trespass 39
The 1990s 7 Forces of Nature 47
2000 to Present 7 Human Error or Failure 49
What Is Security? 8 Information Extortion 54
Key Information Security Concepts 9 Sabotage or Vandalism 56
Critical Characteristics of Information 11 Software Attacks 58
CNSS Security Model 14 Technical Hardware Failures or Errors 66
Technical Software Failures or Errors 67
Components Of An Information System 15
Technological Obsolescence 72
Software 15
Theft 73
Hardware 15
Data 16 Module Summary 74
People 16 Review Questions 75
Procedures 16
Exercises 76
Networks 17
Security And The Organization 17 References 76
Balancing Information Security and Access 17
Approaches to Information Security Module 3
Implementation 18
Security Professionals 19
Information Security Management 81
Data Responsibilities 20
Communities of Interest 20 Introduction to the Management
Information Security: Is It An Art Or of Information Security 82
A Science? 21 Planning 82
Security as Art 21 Policy 83
Security as Science 21 Programs 83
Security as a Social Science 22 Protection 83
People 83
Module Summary 23
Projects 83
Review Questions 23 Information Security Planning
Exercises 24 And Governance 84
References 24 Information Security Leadership 84
Information Security Governance Outcomes 86
Planning Levels 87
Module 2 Planning and the CISO 87
The Need for Information Information Security Policy, Standards,
And Practices 88
Security27
Policy as the Foundation for Planning 88
Introduction To The Need For Enterprise Information Security Policy 91
Information Security 28 Issue-Specific Security Policy 91
Business Needs First 29 Systems-Specific Security Policy (SysSP) 95
Table of Contents vii
Developing and Implementing Effective Managing Risk 157

Security Policy 97 Feasibility and Cost-Benefit Analysis 159
Policy Management 103
Alternative Risk Management
Security Education, Training, Methodologies 164
And Awareness Program 104 The OCTAVE Methods 164
Security Education 105 FAIR 165
Security Training 106 ISO Standards for InfoSec Risk
Security Awareness 106 Management 166
Information Security Blueprint, NIST Risk Management Framework (RMF) 166
Models, And Frameworks 107 Selecting the Best Risk Management
The ISO 27000 Series 107 Model 169
NIST Security Models 109 Module Summary 171
Other Sources of Security Frameworks 113
Review Questions 172
Design of the Security Architecture 113
Exercises172
Module Summary 118
References 174
Exercises 119
Module 5
References 119
Incident Response and
Module 4 Contingency Planning 175
Risk Management 121 Introduction To Incident Response
And Contingency Planning 176
Introduction To Risk Management 122
Fundamentals Of Contingency
Sun Tzu and the Art of Risk Management 122
Planning177
The Risk Management Framework 123
Components of Contingency Planning 179
The Roles of the Communities of Interest 124 Business Impact Analysis 180
The RM Policy 125 Contingency Planning Policies 185
Framework Design 126
Defining the Organization’s Risk Tolerance
Incident Response 186
and Risk Appetite 126 Getting Started 186
Framework Implementation 127 Incident Response Policy 187
Framework Monitoring and Review 127 Incident Response Planning 188
Detecting Incidents 191
The Risk Management Process 128
Reacting to Incidents 193
RM Process Preparation—Establishing Recovering from Incidents 195
the Context 129
Risk Assessment: Risk Identification 129
Digital Forensics 200
Risk Assessment: Risk Analysis 142 The Digital Forensics Team 201
Risk Evaluation 149 Affidavits and Search Warrants 201
Digital Forensics Methodology 201
Risk Treatment/Risk Response 152
Evidentiary Procedures 206
Risk Mitigation 152
Risk Transference 153
Disaster Recovery 206
Risk Acceptance 154 The Disaster Recovery Process 207
Risk Termination 155 Disaster Recovery Policy 208
Process Communications, Monitoring, Disaster Classification 209
and Review 155 Planning to Recover 209
Mitigation and Risk 155 Responding to the Disaster 211
viii Principles of Information Security
Business Continuity 212 Codes Of Ethics Of Professional

Business Continuity Policy 213 Organizations 247
Business Resumption 213 Major IT and InfoSec Professional
Continuity Strategies 214 Organizations 247
Timing and Sequence of CP Elements 215 Key U.S. Federal Agencies 249
Crisis Management 217 Department of Homeland Security 249
Testing Contingency Plans 217 U.S. Secret Service 252
Final Thoughts on CP 218 Federal Bureau of Investigation (FBI) 253
National Security Agency (NSA) 255
Module Summary 219
Module Summary 256
Exercises221
References221 Exercises 257
References 258
Module 6
Legal, Ethical, and Professional Module 7
Issues in Information Security 223 Security and Personnel 261
Introduction To Law And Ethics In Introduction To Security And
Information Security 224 Personnel262
Organizational Liability and the Need for
Positioning The Security Function 263
Counsel 224
Policy Versus Law 225 Staffing The Information Security
Types of Law 225 Function264
Relevant U.S. Laws 226 Qualifications and Requirements 266
General Computer Crime Laws 226 Entry into the Information Security
Privacy 227 Profession 267
Identity Theft 234 Information Security Positions 267
Export and Espionage Laws 236 Credentials For Information Security
U.S. Copyright Law 237 Professionals 273
Financial Reporting 237 (ISC) Certifications
2
273
Freedom of Information Act of 1966 238 ISACA Certifications 276
Payment Card Industry Data Security SANS Certifications 277
Standards (PCI DSS) 238 EC-Council Certifications 279
State and Local Regulations 239 CompTIA Certifications 280
International Laws And Legal Bodies 240 Cloud Security Certifications 281
U.K. Computer Security Laws 240 Certification Costs 281
Australian Computer Security Laws 240 Advice for Information Security
Council of Europe Convention on Professionals 282
Cybercrime 240 Employment Policies And Practices 283
World Trade Organization and the Job Descriptions 284
Agreement on Trade-Related Aspects of Interviews 284
Intellectual Property Rights 241 Background Checks 284
Digital Millennium Copyright Act 241 Employment Contracts 285
Ethics And Information Security 242 New Hire Orientation 285
Ethical Differences Across Cultures 243 On-the-Job Security Training 285
Ethics and Education 244 Evaluating Performance 286
Deterring Unethical and Illegal Behavior 246 Termination 286
Table of Contents ix
Personnel Control Strategies 287 Why Use an IDPS? 340

Privacy and the Security of Personnel Data 289 Types of IDPSs 342
Security Considerations for Temporary IDPS Detection Methods 350
Employees, Consultants, and Other Log File Monitors 351
Workers 289 Security Information and Event Management
(SIEM) 351
Module Summary 291 IDPS Response Behavior 354
Review Questions 292 Selecting IDPS Approaches and Products 356
Strengths and Limitations of IDPSs 360
Exercises 293
Deployment and Implementation of an
References 293 IDPS 361
Measuring the Effectiveness of IDPSs 365
Module 8 Honeypots, Honeynets, And Padded
Cell Systems 367
Security Technology: Access Controls, Trap-and-Trace Systems 368
Active Intrusion Prevention 369
Firewalls, and VPNs 295
Scanning And Analysis Tools 370
Introduction To Access Controls 296 Port Scanners 372
Access Control Mechanisms 298 Firewall Analysis Tools 373
Biometrics 301 Operating System Detection Tools 373
Access Control Architecture Models 304 Vulnerability Scanners 374
Firewall Technologies 308 Packet Sniffers 377
Firewall Processing Modes 309 Wireless Security Tools 378
Firewall Architectures 313 Module Summary 380
Selecting the Right Firewall 317
Configuring and Managing Firewalls 318
Content Filters 324 Exercises 381
Protecting Remote Connections 325 References 381
Remote Access 325
Virtual Private Networks (VPNs) 329
Final Thoughts On Remote Access And Module 10
Access Controls 331
Cryptography383
Deperimeterization 331
Remote Access in the Age of COVID-19 332 Introduction To Cryptography 384
Module Summary 333 The History of Cryptology 384
Key Cryptology Terms 385
Encryption Methods 386
Exercises 334
Substitution Cipher 387
References 334 Transposition Cipher 390
Exclusive OR 391
Module 9 Vernam Cipher 392
Book-Based Ciphers 393
Security Technology: Intrusion Hash Functions 394
Detection and Prevention Systems Cryptographic Algorithms 396

Symmetric Encryption 396
and Other Security Tools 337 Asymmetric Encryption 397
Introduction To Intrusion Detection And Encryption Key Size 398
Prevention Systems 338 Cryptographic Tools 400
IDPS Terminology 339 Public Key Infrastructure (PKI) 400
x Principles of Information Security
Digital Signatures 401 Module Summary 444

Digital Certificates 402 Review Questions 445
Hybrid Cryptography Systems 403
Steganography 404 Exercises 446
Protocols For Secure Communications 405 References 446
Securing Internet Communication with
HTTPS and SSL 405 Module 12
Securing E-Mail with S/MIME, PEM, and PGP 406
Securing Web Transactions with SET, SSL, and Information Security
HTTPS 407
Maintenance447
Securing Wireless Networks with WPA
and RSN 408 Introduction To Information Security
Securing TCP/IP with IPSec and PGP 410 Maintenance448
Module Summary 413 Security Management Maintenance
Review Questions 414 Models449
Exercises 415 NIST SP 800-100, “Information Security
Handbook: A Guide for Managers” 449
References 415
The Security Maintenance Model 470
Monitoring the External Environment 470
Module 11 Monitoring the Internal Environment 474
Planning and Risk Assessment 476
Implementing Information Vulnerability Assessment and Remediation 481
Security417 Readiness and Review 489
Introduction To Information Security Physical Security 490

Implementation 418 Physical Access Controls 491
Physical Security Controls 491
The Systems Development Life Cycle 419 Fire Security and Safety 494
Traditional Development Methods 419 Failure of Supporting Utilities and Structural
Software Assurance 421 Collapse 494
The NIST Approach to Securing the SDLC 423 Heating, Ventilation, and Air Conditioning 494
Information Security Project Power Management and Conditioning 495
Management428 Interception of Data 496
Developing the Project Plan 429 Securing Mobile and Portable Systems 496
Project Planning Considerations 432 Special Considerations for Physical Security 498
The Need for Project Management 434 Module Summary 500
Security Project Management Certifications 436 Review Questions 501
Technical Aspects Of Implementation 437
Exercises 502
Conversion Strategies 437
The Bull’s-Eye Model 438 References 502
To Outsource or Not 439
Technology Governance and Change Control 440
Glossary 505
The Center for Internet Security’s Critical
Security Controls 440 Index 527
Nontechnical Aspects Of
Implementation441
The Culture of Change Management 442
Considerations for Organizational Change 442
Preface
The world continues to become ever more interconnected. As global information networks continue
to expand, the interconnection of devices of every description becomes vital, as does the smooth
operation of communication, computing, and automation solutions. However, ever-evolving threats
such as malware and phishing attacks and the success of criminal and hostile government attack-
ers illustrate weaknesses in the current technical landscape and the need to provide heightened
security for information systems.
When attempting to secure current and planned systems and networks, organizations must
draw on the current pool of information security and cybersecurity practitioners. However, to
develop more secure computing environments in the future, these same organizations are counting
on the next generation of professionals to have the correct mix of skills and experience to anticipate
and manage the complex information security issues that will arise. Thus, improved texts with sup-
porting materials, along with the efforts of college and university faculty, are needed to prepare
students of technology to recognize the threats and vulnerabilities in existing systems and to learn
to design and develop the secure systems needed.
The purpose of Principles of Information Security, Seventh Edition, is to continue to meet the
need for a current, high-quality academic resource that surveys the full breadth of the information
security and cybersecurity disciplines. Even today, there remains a lack of resources that provide
students with a balanced introduction to the managerial and technical aspects of these fields. By
specifically focusing our writing on the common body of knowledge, we hope to close this gap.
Further, there is a clear need to include principles from criminal justice, political science, computer
science, information systems, and other related disciplines to gain a clear understanding of infor-
mation security and cybersecurity principles and formulate interdisciplinary solutions for system
vulnerabilities. The essential tenet of this text is that information security and cybersecurity in the
modern organization is a problem for management to solve, and not one that technology alone can
address. In other words, an organization’s information security has important economic conse-
quences for which management will be held accountable.
Approach
Principles of Information Security, Seventh Edition, provides a broad review of the entire field of
information security, background on many related elements, and enough detail to facilitate an
understanding of the topic as a whole. The narrative covers the terminology of the field, the history
of the discipline, and elementary strategies for managing an information security program.
Structure and Module Descriptions

Principles of Information Security, Seventh Edition, is structured to follow an approach that moves
from the strategic aspects of information security to the operational—beginning with the exter-
nal impetus for information security, moving through the organization’s strategic approaches to
governance, risk management, and regulatory compliance, and continuing with the technical and
xii Principles of Information Security
operational implementation of security in the organization. Our use of this approach is intended to provide a support-
ive but not overly dominant foundation that will guide instructors and students through the information domains of
information security. To serve this end, the content is organized into 12 modules.
Module 1—Introduction to Information Security

The opening module establishes the foundation for understanding the broader field of information security. This is
accomplished by defining key terms, explaining essential concepts, and reviewing the origins of the field and its impact
on the understanding of information security.
Module 2—The Need for Information Security

Module 2 examines the business drivers behind the design process of information security analysis. It examines current
organizational and technological security needs while emphasizing and building on the concepts presented in Module 1.
One principal concept presented in this module is that information security is primarily a management issue rather
than a technological one. To put it another way, the best practices within the field of information security involve
applying technology only after considering the business needs.
The module also examines the various threats facing organizations and presents methods for ranking and prioritiz-
ing these threats as organizations begin their security planning process. The module continues with a detailed examina-
tion of the types of attacks that could result from these threats, and how these attacks could affect the organization’s
information systems. Module 2 also provides further discussion of the key principles of information security, some of
which were introduced in Module 1: confidentiality, integrity, availability, authentication, identification, authorization,
accountability, and privacy.
Module 3—Information Security Management

This module presents the different management functions within the field of information security and defines informa-
tion security governance. It continues with management’s role in the development, maintenance, and enforcement of
information security policy, standards, practices, procedures, and guidelines. The module also explains data classifi-
cation schemes, both military and private, as well as the security education, training, and awareness (SETA) program.
The module concludes with discussions on information security blueprints.
Module 4—Risk Management

Before the design of a new information security solution can begin, information security analysts must first understand
the current state of the organization and its relationship to information security. Does the organization have any formal
information security mechanisms in place? How effective are they? What policies and procedures have been published
and distributed to security managers and end users? This module explains how to conduct a fundamental information
security assessment by describing procedures for identifying and prioritizing threats and assets as well as procedures
for identifying what controls are in place to protect these assets from threats. The module also discusses the various
types of control mechanisms and identifies the steps involved in performing the initial risk assessment. The module
continues by defining risk management as the process of identifying, assessing, and reducing risk to an acceptable
level and implementing effective control measures to maintain that level of risk. Module 4 concludes with a discussion
of risk analysis and various types of feasibility analyses.
Module 5—Incident Response and Contingency Planning

This module examines the planning process that supports business continuity, disaster recovery, and incident
response; it also describes the organization’s role during incidents and specifies when the organization should involve
outside law enforcement agencies. The module includes coverage of the subject of digital forensics.
Preface xiii
Module 6—Legal, Ethical, and Professional Issues

in Information Security
A critical aspect of the field is a careful examination of current legislation, regulation, and common ethical expecta-
tions of both national and international entities that provides important insights into the regulatory constraints that
govern business. This module examines several key laws that shape the field of information security and examines
the computer ethics to which those who implement security must adhere. This module also presents several common
legal and ethical issues found in today’s organizations, as well as formal and professional organizations that promote
ethics and legal responsibility.
Module 7—Security and Personnel

The next area in the implementation stage addresses personnel issues. Module 7 examines both sides of the personnel
coin: security personnel and security of personnel. It examines staffing issues, professional security credentials, and
the implementation of employment policies and practices. The module also discusses how information security policy
affects and is affected by consultants, temporary workers, and outside business partners.
Module 8—Security Technology: Access Controls, Firewalls,

and VPNs
Module 8 provides a detailed overview of the configuration and use of technologies designed to segregate the orga-
nization’s systems from the insecure Internet. This module examines the various definitions and categorizations of
firewall technologies and the architectures under which firewalls may be deployed. The module discusses the rules
and guidelines associated with the proper configuration and use of firewalls. Module 8 also discusses remote dial-up
services and the security precautions necessary to secure access points for organizations still deploying this older
technology. The module continues by presenting content filtering capabilities and considerations, and concludes by
examining technologies designed to provide remote access to authorized users through virtual private networks.
Module 9—Security Technology: Intrusion Detection

and Prevention Systems and Other Security Tools
Module 9 continues the discussion of security technologies by examining the concept of intrusion and the technologies
necessary to prevent, detect, react, and recover from intrusions. Specific types of intrusion detection and prevention
systems (IDPSs)—the host IDPS, network IDPS, and application IDPS—and their respective configurations and uses
are presented and discussed. The module examines specialized detection technologies that are designed to entice
attackers into decoy systems (and thus away from critical systems) or simply to identify the attacker’s entry into these
decoy areas. Such systems are known as honeypots, honeynets, and padded cell systems. The discussion also exam-
ines trace-back systems, which are designed to track down the true address of attackers who were lured into decoy
systems. The module then examines key security tools that information security professionals can use to monitor the
current state of their organization’s systems and identify potential vulnerabilities or weaknesses in the organization’s
overall security posture. Module 9 concludes with a discussion of access control devices commonly deployed by
modern operating systems and new technologies in the area of biometrics that can provide strong authentication to
existing implementations.
Module 10—Cryptography
Module 10 continues the study of security technologies by describing the underlying foundations of modern cryptosys-
tems as well as their architectures and implementations. The module begins by summarizing the history of cryptogra-
phy and discussing the various types of ciphers that played key roles in that history. The module also examines some
xiv Principles of Information Security
of the mathematical techniques that comprise cryptosystems, including hash functions. The module then extends this
discussion by comparing traditional symmetric encryption systems with more modern asymmetric encryption systems
and examining the role of asymmetric systems as the foundation of public-key encryption systems. Also covered are
the cryptography-based protocols used in secure communications, including HTTPS, S/MIME, and SET. The module
then discusses steganography and its emerging role as an effective means of hiding information. The module concludes
by revisiting attacks on information security that are specifically targeted at cryptosystems.
Module 11—Implementing Information Security

The preceding modules provide guidelines for how an organization might design its information security program.
Module 11 examines the elements critical to implementing this design. Key areas in this module include the bull’s-eye
model for implementing information security and a discussion of whether an organization should outsource compo-
nents of its information security program. The module also discusses change management, program improvement,
and additional planning for business continuity efforts.
Module 12—Information Security Maintenance

Last and most important is the discussion of maintenance and change. Module 12 describes the ongoing technical and
administrative evaluation of the information security program that an organization must perform to maintain the secu-
rity of its information systems. This module explores the controlled administration of changes to modern information
systems to prevent the introduction of new security vulnerabilities. Special considerations needed for vulnerability
analysis are explored, from Internet penetration testing to wireless network risk assessment. The module concludes
with extensive coverage of physical security considerations.
Features
The following features exemplify our approach to teaching information security:
• Information Security Professionals’ Common Bodies of Knowledge—Because the authors hold both the Certi-
fied Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP)
credentials, those knowledge domains have had an influence in the design of this resource. Although care was
taken to avoid producing a certification study guide, the authors’ backgrounds ensure that their treatment of
information security integrates the CISM and CISSP Common Bodies of Knowledge (CBKs).
• Opening and Closing Scenarios—Each module opens and closes with a short story that features the same
fictional company as it encounters information security issues commonly found in real-life organizations. At
the end of each module, a set of discussion questions provides students and instructors with opportunities
to discuss the issues suggested by the story as well as offering an opportunity to explore the ethical dimen-
sions of those issues.
• Clearly Defined Key Terms—Each key term is defined in a marginal note close to the term’s first use. While
the terms are referenced in the body of the text, the isolation of the definitions from the discussion allows
a smoother presentation of the key terms and supports their standardization throughout all Whitman and
Mattord works.
• In-Depth Features—Interspersed throughout the modules, these features highlight interesting topics and
detailed technical issues, giving students the option of delving into information security topics more deeply.
• Hands-On Learning—At the end of each module, students will find a module summary and review questions as
well as exercises. In the exercises, students are asked to research, analyze, and write responses to reinforce
learning objectives, deepen their understanding of the reading, and examine the information security arena
outside the classroom.
Preface xv
New to This Edition

• All graphics and tables are now in color.
• The newest relevant laws and industry trends are covered.
• The content on contingency planning and incident response has been significantly enhanced and moved into
a module of its own to give additional emphasis to this critical topic.
• The risk management module has been updated to reflect recent industry changes in risk management
methodology.
• The module that encompasses cryptography has been enhanced to include expanded coverage of blockchain
and payment system security.
• Increased visibility for terminology used in the industry is provided by the prominent display of key terms
throughout this resource and across the Whitman and Mattord series.
• Updated and additional “For More Information” boxes provide Web locations where students can find more
information about the subjects being covered in the reading.
MindTap for Principles of Information Security,

Seventh Edition
The complete text and supporting activities for Principles of Information Security are available on Cengage’s MindTap
platform. It gives you complete control of your course so you can provide engaging content, challenge every learner,
and build student confidence. Customize interactive syllabi to emphasize high-priority topics, then add your own
material or notes to the eBook as desired. This outcome-driven application gives you the tools needed to empower
students and boost both understanding and performance.
Access Everything You Need in One Place

Cut down on prep with the preloaded and organized MindTap course materials. Teach more efficiently with interactive
multimedia, assignments, and quizzes. Give your students the power to read, listen, and study on their phones so they
can learn on their terms.
Empower Students to Reach Their Potential

Twelve distinct metrics give you actionable insights into student engagement. Identify topics that are troubling your
class and instantly communicate with students who are struggling. Students can track their scores to stay motivated
toward their goals. Together, you can be unstoppable.
Control Your Course—and Your Content

Get the flexibility to reorder textbook chapters, add your own notes, and embed a variety of content, including Open
Educational Resources (OER). Personalize course content to your students’ needs. They can even read your notes,
add their own, and highlight key text to aid their learning.
Get a Dedicated Team, Whenever You Need Them

MindTap isn’t just a tool; it’s backed by a personalized team eager to support you. We can help set up your course and
tailor it to your specific objectives, so you’ll be ready to make an impact from day one. Know we’ll be standing by to
help you and your students until the final day of the term.
xvi Principles of Information Security
MindTap activities for Whitman and Mattord’s Principles of Information Security are designed to help students mas-
ter the skills they need in today’s workforce. Research shows employers need critical thinkers, troubleshooters, and
creative problem solvers to stay relevant in our fast-paced, technology-driven world. MindTap helps you achieve this
with assignments and activities that provide hands-on practice, real-life relevance, and mastery of difficult concepts.
Students are guided through assignments that progress from basic knowledge and understanding to more challenging
problems.
All MindTap activities and assignments are tied to learning objectives. The hands-on exercises provide real-life
application and practice. Readings and “Whiteboard Shorts” support the lecture, while “Security for Life” assignments
encourage students to stay current and start practicing lifelong learning. Pre- and post-course assessments allow you
to measure how much students have learned using analytics and reporting that make it easy to see where the class
stands in terms of progress, engagement, and completion rates. Learn more at www.cengage.com/mindtap/.
Instructor Resources
Free to all instructors who adopt Principles of Information Security for their courses is a complete package of instructor
resources accessible via single sign-on (SSO). Instructors can request an SSO account at Cengage.com.
Resources include the following:
• Instructor’s Manual—This manual includes course objectives, key terms, teaching outlines and tips, quick quiz-
zes, and additional information to help you plan and facilitate your instruction.
• Solutions Manual—This resource contains answers and explanations for all end-of-module review questions
and exercises.
• Cengage Testing Powered by Cognero—A flexible, online system allows you to import, edit, and manipulate
content from the text’s test bank or elsewhere, including your own favorite test questions; create multiple test
versions in an instant; and deliver tests from your LMS, your classroom, or wherever you want.
• PowerPoint Presentations—A set of Microsoft PowerPoint slides is included for each module. These slides are
meant to be used as a teaching aid for classroom presentations, to be made available to students for module
review, or to be printed for classroom distribution. Some tables and figures are included in the PowerPoint
slides; however, all are available in the online instructor resources. Instructors are also at liberty to add their
own slides.
• Lab Exercises Available in the MindTap Edition and in the Instructor’s Resource Kit (IRK)—These exercises, writ-
ten by the authors, can be used to provide technical experience in conjunction with the text. Contact your
Cengage learning consultant for more information.
• Readings and Cases—Cengage also produced two texts by the authors—Readings and Cases in the Management
of Information Security (ISBN-13: 9780619216276) and Readings & Cases in Information Security: Law & Ethics
(ISBN-13: 9781435441576)—which make excellent companion texts. Contact your Cengage learning consultant
for more information.
• Curriculum Model for Programs of Study in Information Security/Cybersecurity—In addition to the texts authored
by this team, a curriculum model for programs of study in information security and cybersecurity is avail-
able from the Kennesaw State University (KSU) Institute for Cybersecurity Workforce Development (https://
cyberinstitute.kennesaw.edu/docs/ModelCurriculum-2021.pdf). This document provides details on the authors’
experiences in designing and implementing security coursework and curricula, as well as guidance and les-
sons learned.
Preface xvii
Author Team
Michael Whitman and Herbert Mattord have jointly developed this text to merge knowledge from academic research
with practical experience from the business world.
Michael E. Whitman, Ph.D., CISM, CISSP, is a Professor of Information Security and Assurance and the Executive
Director of the KSU Institute for Cybersecurity Workforce Development (cyberinstitute.kennesaw.edu). Dr. Whitman
is an active researcher in information security, fair and responsible use policies, ethical computing, and curriculum
development methodologies. He currently teaches graduate and undergraduate courses in information security and
cybersecurity management. He has published articles in the top journals in his field, including Information Systems
Research, Communications of the ACM, Information and Management, Journal of International Business Studies, and Jour-
nal of Computer Information Systems. Dr. Whitman is also the Co-Editor-in-Chief of the Journal of Cybersecurity Educa-
tion, Research and Practice. Dr. Whitman is also the co-author of Management of Information Security and Principles of
Incident Response and Disaster Recovery, among other works, all published by Cengage. Prior to his career in academia,
Dr. Whitman was an officer in the United States Army, which included duties as Automated Data Processing Systems
Security Officer (ADPSSO).
Herbert J. Mattord, Ph.D., CISM, CISSP, completed 24 years of IT industry experience as an application developer,
database administrator, project manager, and information security practitioner before joining the faculty of Kennesaw
State University in 2002. Dr. Mattord is the Director of Education and Outreach for the KSU Institute for Cybersecurity
Workforce Development (cyberinstitute.kennesaw.edu). Dr. Mattord is also the Co-Editor-in-Chief of the Journal of Cyber-
security Education, Research and Practice. During his career as an IT practitioner, he has been an adjunct professor at
Kennesaw State University, Southern Polytechnic State University in Marietta, Georgia, Austin Community College in
Austin, Texas, and Texas State University: San Marcos. He currently teaches graduate and undergraduate courses in
information security and cybersecurity. He was formerly the Manager of Corporate Information Technology Security at
Georgia-Pacific Corporation, where much of the practical knowledge found in this resource was acquired. Dr. Mattord
is also the co-author of Management of Information Security, Principles of Incident Response and Disaster Recovery, and
other works, all published by Cengage.
Acknowledgments
The authors would like to thank their families for their support and understanding for the many hours dedicated to
this project—hours taken away, in many cases, from family activities.
Contributors
Several people and organizations also provided materials for this resource, and we thank them for their contributions:
• The National Institute of Standards and Technology (NIST) is the source of many references, tables, figures,
and other content used in many places in the text.
Reviewers
We are indebted to the following reviewers for their perceptive feedback during the module-by-module reviews of the
text:
• Paul Witman, California Lutheran University

• Mia Plachkinova, Kennesaw State University
xviii Principles of Information Security
Special Thanks
The authors thank the editorial and production teams at Cengage. Their diligent and professional efforts greatly
enhanced the final product:
• Dan Seiter, Developmental Editor

• Danielle Klahr, Associate Product Manager
• Christina Nyren, Content Manager
In addition, several professional organizations, commercial organizations, and individuals aided the development
of the text by providing information and inspiration. The authors wish to acknowledge their contributions:
• Donn Parker
• Our colleagues in the Department of Information Systems and the Coles College of Business at Kennesaw State
University
Our Commitment
The authors are committed to serving the needs of adopters and users of this resource. We would be pleased and
honored to receive feedback on the text and supporting materials. You can contact us at infosec@kennesaw.edu.
Foreword
Information security is an art more than a science, and the mastery of protecting information requires multidisciplinary
knowledge of a huge quantity of information plus experience and skill. You will find much of what you need here in
this resource as the authors take you through the security systems development life cycle using real-life scenarios to
introduce each topic. The authors provide their perspective from many years of real-life experience, combined with
their academic approach for a rich learning experience expertly presented in this text. You have chosen the authors
and this resource well.
Because you are reading this, you are most likely working toward a career in information security or at least have
serious interest in information security. You must anticipate that just about everybody hates the constraints that secu-
rity puts on their work. This includes both the good guys and the bad guys—except for malicious hackers who love
the security we install as a challenge to be beaten. We concentrate on stopping the intentional wrongdoers because it
applies to stopping the accidental ones as well. Security to protect against accidental wrongdoers is not good enough
against those with intent.
I have spent 40 years of my life in a field that I found to be exciting and rewarding, working with computers and
pitting my wits against malicious people, and you will too. Security controls and practices include logging on and off,
using passwords, encrypting and backing up vital information, locking doors and drawers, motivating stakeholders to
support security, and installing antivirus software.
These means of protection have no benefit except rarely, when adversities occur. Good security is in effect when
nothing bad happens, and when nothing bad happens, who needs security? Nowadays, one reason we need security
is because the law, regulations, and auditors say so—especially if we deal with the personal information of others,
electronic money, intellectual property, and keeping ahead of the competition.
There is great satisfaction in knowing that your employer’s information and systems are reasonably secure and
that you are paid a good salary, are the center of attention in emergencies, and are applying your wits against the bad
guys. This makes up for the downside of your security work. It is no job for perfectionists because you will almost
never be fully successful, and there will always be vulnerabilities that you aren’t aware of or that the bad guys discover
first. Our enemies have a great advantage over us. They have to find only one vulnerability and one target to attack in
a known place, electronically or physically at a time of their choosing, while we must defend from potentially millions
of attacks against assets and vulnerabilities that are no longer in one computer room but are spread all over the world.
It’s like playing a game in which you don’t know your opponents and where they are, what they are doing, or why they
Another random document with
no related content on Scribd:
thrown away on the Capudan Pacha, who appears to have been a
liberal and enlightened man. He heard the explanation with interest,
extolled Bainbridge’s frankness, promised him his entire protection,
and pardoned the governor; sending to the latter a minute statement
of the whole affair. It was after this conversation that the high
functionary in question delivered to Bainbridge his own especial
letter of protection.
At length the Algerine ambassador was ready to return. On the
30th of December, 1800, the ship sailed for Algiers. The messenger
of the Dey took back with him a menace of punishment, unless his
master declared war against France, and sent more tribute to the
Porte; granting to the Algerine government but sixty days to let its
course be known. On repassing the Dardanelles, Bainbridge was
compelled to anchor. Here he received presents of fruit and
provisions, with hospitalities on shore, as an evidence of the
governor’s gratitude for his generous conduct in exposing his own
life, in order to save that of an innocent man. It is shown by a
passage in Dr. Clarke’s work, that Bainbridge was honorably
received in the best circles in Pera, during his stay at
Constantinople, while the neatness and order of his ship were the
subject of general conversation. An entertainment that was given on
board the frigate was much talked of also; the guests and all the
viands coming from the four quarters of the earth. Thus there was
water, bread, meats, etc., etc., each from Europe, Asia, Africa and
America, as well as persons to consume them; certainly a thing of
rare occurrence at any one feast.
The George Washington arrived at Algiers on the 20th January,
1801, and anchored off the town, beyond the reach of shot. The Dey
expressed his apprehensions that the position of the ship would
prove inconvenient to her officers, and desired that she might be
brought within the mole, or to the place where she had lain during
her first visit. This offer was respectfully declined. A day or two later
the object of this hospitality became apparent. Bainbridge was asked
to return to Constantinople with the Algerine ambassador; a request
with which he positively refused to comply. This was the
commencement of a new series of cajoleries, arguments and
menaces. But, having his ship where nothing but the barbarian’s
corsairs could assail her, Bainbridge continued firm. He begged the
consul to send him off some old iron for ballast, in order that he
might return certain guns he had borrowed for that purpose,
previously to sailing for Constantinople, the whole having been
rendered necessary in consequence of his ship’s having been
lightened of the tribute sent in her from America. The Dey
commanded the lightermen not to take employment, and, at the
same time, he threatened war if his guns were not returned. After a
good deal of discussion, Bainbridge exacted a pledge that no further
service would be asked of the ship; then he agreed to run into the
mole and deliver the cannon, as the only mode that remained of
returning property which had been lent to him.
As soon as the frigate was secured in her new berth, Capt.
Bainbridge and the consul were admitted to an audience with the
Dey. The reception was any thing but friendly, and the despot, a man
of furious passions, soon broke out into expressions of anger, that
bade fair to lead to personal violence. The attendants were ready,
and it was known that a nod or a word might, at a moment’s notice,
cost the Americans their lives. At this fearful instant, Bainbridge, who
was determined at every hazard to resist the Dey’s new demand,
fortunately bethought him of the Capudan Pacha’s letter of
protection, which he carried about him. The letter was produced, and
its effect was magical. Bainbridge often spoke of it as even ludicrous,
and of being so sudden and marked as to produce glances of
surprise among the common soldiers. From a furious tyrant, the
sovereign of Algiers was immediately converted into an obedient
vassal; his tongue all honey, his face all smiles. He was aware that a
disregard of the recommendation of the Capudan Pacha would be
punished, as he would visit a similar disregard of one of his own
orders; and that there was no choice between respect and
deposition. No more was said about the return of the frigate to
Constantinople, and every offer of service and every profession of
amity were heaped upon the subject of our memoir, who owed his
timely deliverance altogether to the friendship of the Turkish
dignitary; a friendship obtained through his own frank and generous
deportment.
The reader will readily understand that dread of the Grand
Seignior’s power had produced this sudden change in the
deportment of the Dey. The same feeling induced him to order the
flag-staff of the French consulate to be cut down the next day; a
declaration of war against the country to which the functionary
belonged. Exasperated at these humiliations, which were embittered
by heavy pecuniary exactions on the part of the Porte, the Dey
turned upon the few unfortunate French who happened to be in his
power. These, fifty-six in number, consisting of men, women and
children, he ordered to be seized and to be deemed slaves. Capt.
Bainbridge felt himself sufficiently strong, by means of the Capudan
Pacha’s letter, to mediate; and he actually succeeded, after a long
discussion, in obtaining a decree by which all the French who could
get out of the regency, within the next eight-and-forty hours, might
depart. For those who could not remained the doom of slavery, or of
ransom at a thousand dollars a head. It was thought that this
concession was made under the impression that no means of
quitting Algiers could be found by the unfortunate French. No one
believed that the George Washington would be devoted to their
service, France and America being then at war; a circumstance
which probably increased Bainbridge’s influence at Constantinople,
as well as at Algiers.
But our officer was not disposed to do things by halves. Finding
that no other means remained for extricating the unfortunate French,
he determined to carry them off in the George Washington. The ship
had not yet discharged the guns of the Dey, but every body working
with good will, this property was delivered to its right owner, sand
ballast was obtained from the country and hoisted in, other
necessary preparations were made, and the ship hauled out of the
mole and got to sea just in time to escape the barbarian’s fangs, with
every Frenchman in Algiers on board. It is said that in another hour
the time of grace would have expired. The ship landed her
passengers at Alicant, a neutral country, and then made the best of
her way to America, where she arrived in due season.
This act of Bainbridge’s was quite in conformity with the generous
tendencies of his nature. He was a man of quick and impetuous
feelings, and easily roused to anger; but left to the voluntary
guidance of his own heart, no one was more ready to serve his
fellow creatures. It seemed to make little difference with him,
whether he assisted an Englishman or a Frenchman; his national
antipathies, though decided and strong, never interfering with his
humanity. Napoleon had just before attained the First Consulate, and
he offered the American officer his personal thanks for this piece of
humane and disinterested service to his countrymen. At a later day,
when misfortune came upon Bainbridge, he is said to have
remembered this act, and to have interested himself in favor of the
captive.
On reaching home, Bainbridge had the gratification of finding his
conduct, in every particular, approved by the government. It was so
much a matter of course, in that day, for the nations of Christendom
to submit to exactions from those of Barbary, that little was thought
of the voyage to Constantinople, and less said about it. A general
feeling must have prevailed that censure, if it fell any where, ought to
light on the short-sighted policy of trade, and the misguided opinions
of the age. It is more probable, however, that the whole transaction
was looked upon as a legitimate consequence of the system of
tribute, which then so extensively prevailed.
Bainbridge must have enjoyed another and still more unequivocal
evidence that the misfortunes which certainly accompanied his short
naval career, had left no injurious impressions on the government, as
touching his own conduct. The reduction law, which erected a
species of naval peace establishment, was passed during his late
absence, and, on his arrival, he found its details nearly completed in
practice. Previously to this law’s going into effect, there were twenty-
eight captains in the navy, of which number be stood himself as low
as the twenty-seventh in rank. There was, indeed, but one other
officer of that grade below him, and, under such circumstances, the
chances of being retained would have been very small, for any man
who had not the complete confidence of his superiors. He was
retained, however, and that, too, in a manner in defiance of the law,
for, by its provisions, only nine captains were to be continued in the
service in a time of peace; whereas, his was the eleventh name on
the new list, until Dale and Truxtun resigned; events which did not
occur until the succeeding year. The cautious and reluctant manner
in which these reductions were made by Mr. Jefferson, under a law
that had passed during the administration of his predecessor, is
another proof that the former statesman did not deserve all the
reproaches of hostility to this branch of the public service that were
heaped upon him.[1]
Not satisfied with retaining Capt. Bainbridge in the service, after
the late occurrences at Algiers, the Department also gave him
immediate employment. For the first time this gallant officer was
given a good serviceable ship, that had been regularly constructed
for a man-of-war. He was attached to the Essex 32, a fine twelve-
pounder frigate, that had just returned from a first cruise to the East
Indies, under Preble; an officer who subsequently became so justly
celebrated. The orders to this vessel were issued in May, 1801, and
the ship was directed to form part of a squadron then about to sail for
the Mediterranean.
Capt. Bainbridge joined the Essex at New York. He had Stephen
Decatur for his first lieutenant, and was otherwise well officered and
manned. The squadron, consisting of the President 44, Philadelphia
38, Essex 32, and Enterprise 12, sailed in company; the President
being commanded by Capt. James Barron, the Philadelphia by Capt.
Samuel Barron, and the Enterprise by Lieut. Com. Sterrett. The
broad pennant of Com. Dale was flying on the President. This force
went abroad under very limited instructions. Although the Bashaw of
Tripoli was seizing American vessels, and was carrying on an
effective war, Mr. Jefferson appeared to think legal enactments at
home necessary to authorize the marine to retaliate. As respected
ourselves, statutes may have been wanting to prescribe the forms
under which condemnations could be had, and the other national
rights carried out in full practice; but, as respected the enemy, there
can be no question his own acts authorized the cruisers of this
country to capture their assailants wherever they could be found,
even though they rotted in our harbors for the want of a prescribed
manner of bringing them under the hammer. The mode of
condemnation is solely dependent on municipal regulations, but the
right to capture is dependent on public law alone. It was in this
singular state of things that the Enterprise, after a bloody action, took
a Tripolitan, and was then obliged to let her go!
The American squadron reached Gibraltar the 1st day of July,
where it found and blockaded two of the largest Tripolitan cruisers,
under the orders of a Scotch renegade, who bore the rank of an
admiral. The Philadelphia watched these vessels, while the Essex
was sent along the north shore to give convoy. The great object, in
that day, appears to have been to carry the trade safely through the
Straits, and to prevent the enemy’s rovers from getting out into the
Atlantic; measures that the peculiar formation of the coasts rendered
highly important. It was while employed on this duty, that Capt.
Bainbridge had an unpleasant collision with some of the Spanish
authorities at Barcelona, in consequence of repeated insults offered
to his ship’s officers and boats; his own barge having been fired into
twice, while he was in it in person. In this affair he showed his usual
decision and spirit, and the matter was pushed so far and so
vigorously, as to induce an order from the Prince of Peace, “to treat
all officers of the United States with courtesy and respect, and more
particularly those attached to the United States frigate Essex.” The
high and native courtesy of the Spanish character renders it
probable that some misunderstandings increased and complicated
these difficulties, though there is little doubt that jealousy of the
superior order and beauty of the Essex, among certain subordinates
of the Spanish marine, produced the original aggression. In the
discussions and collisions that followed, the sudden and somewhat
brusque spirit of the American usages was not likely to be cordially
met by the precise and almost oriental school of manners that
regulates the intercourse of Spanish society. Bainbridge, however, is
admitted to have conducted his part of the dispute with dignity and
propriety; though he was not wanting in the promptitude and
directness of a man-of-war’s man.
On the arrival of the Essex below, with a convoy, it was found that
the enemy had laid up his ships, and had sent the crews across to
Africa in the night; the admiral making the best of his way home in a
neutral. Com. Morris had relieved Com. Dale, and the Essex,
wanting material repairs, was sent home in the summer of 1802,
after an absence of rather more than a year. During her short cruise,
the Essex had been deemed a model ship, as to efficiency and
discipline, and extorted admiration wherever she appeared. On her
arrival at New York, the frigate was unexpectedly ordered to
Washington to be laid up, a measure that excited great discontent in
her crew. One of those quasi mutinies which, under similar
circumstances, were not uncommon in that day, followed; the men
insisting that their times were up, and that they ought to be paid off in
a sea-port, and “not on a tobacco plantation, up in Virginia;” but
Bainbridge and Decatur were men unwilling to be controlled in this
way. The disaffection was put down with spirit, and the ship obeyed
her orders.
Bainbridge was now employed in superintending the construction
of the Siren and Vixen; two of the small vessels that had been
recently ordered by law. As soon as these vessels were launched,
he was again directed to prepare for service in the Mediterranean,
for which station the celebrated squadron of Preble was now fitting.
This force consisted of the Constitution 44, Philadelphia 38, Siren
16, Argus 16, Nautilus 14, Vixen 14, and Enterprise 12; the latter
vessel being then on the station, under Lieut. Com. Hull. Of these
ships, Bainbridge had the Philadelphia 38, a fine eighteen-pounder
frigate that was often, by mistake, called a forty-four, though by no
means as large a vessel as some others of her proper class. It was
much the practice of that day to attach officers to the ships which
were fitting near their places of residence, and thus it followed that a
vessel frequently had a sort of local character. Such, in a degree,
was the case with the Philadelphia, most of whose sea-officers were
Delaware sailors, in one sense; though all the juniors had now been
bred in the navy. As these gentlemen are entitled to have their
sufferings recorded, we give their names, with the states of which
they were natives, viz:
Captain.—William Bainbridge, of New Jersey.
Lieutenants.—John T. R. Cox; Jacob Jones, Delaware; Theodore
Hunt, New Jersey; Benjamin Smith, Rhode Island.
Lieutenant of Marines.—Wm. S. Osborne.
Surgeon.—John Ridgely, Maryland.
Purser.—Rich. Spence, New Hampshire.
Sailing-Master.—Wm. Knight, Pennsylvania.
Surgeon’s Mates.—Jonathan Cowdery, N. York; Nicholas
Harwood, Va.
Midshipmen.—Bernard Henry, Pa.; James Gibbon, Va.; James
Biddle, Pa.; Richard B. Jones, Pa.; D. T. Patterson, N. Y.; Wm.
Cutbush, Pa.; B. F. Reed, Pa.; Thomas M’Donough, Del.; Wallace
Wormley, Va.; Robert Gamble, Va.; Simon Smith, Pa.; James
Renshaw, Pa.
The Philadelphia had a crew a little exceeding three hundred
souls on board, including her officers. One or two changes occurred
among the latter, however, when the ship reached Gibraltar, which
will be mentioned in their proper places.
The vessels of Com. Preble did not sail in squadron, but left
home as each ship got ready. Bainbridge, being equipped, was
ordered to sail in July, and he entered the Straits on the 24th of
August, after a passage down the Delaware and across the Atlantic
of some length. Understanding at Gibraltar that certain cruisers of
the enemy were in the neighborhood of Cape de Gatte, he
proceeded off that well-known headland the very next day; and, in
the night of the 26th, it blowing fresh, he fell in with a ship under
nothing but a foresail, with a brig in company, under very short
canvass also. These suspicious circumstances induced him to run
alongside of the ship, and to demand her character. After a good
deal of hailing, and some evasion on the part of the stranger, it was
ascertained that he was a cruiser from Morocco, called the
Meshboha 22, commanded by Ibrahim Lubarez, and having a crew
of one hundred and twenty men. The Philadelphia had concealed
her own nation, and a boat coming from the Meshboha, the fact was
extracted from its crew that the brig in company was an American,
bound into Spain, and that they had boarded but had not detained
her. Bainbridge’s suspicions were aroused by all the circumstances;
particularly by the little sail the brig carried; so unlike an American,
who is ever in a hurry. He accordingly directed Mr. Cox, his first
lieutenant, to board the Meshboha, and to ascertain if any Americans
were in her, as prisoners. In attempting to execute this order, Mr. Cox
was resisted, and it was necessary to send an armed boat. The
master and crew of the brig, the Celia of Boston, were actually found
in the Meshboha, which ship had captured them, nine days before, in
the vicinity of Malaga, the port to which they were bound.
Bainbridge took possession of the Moorish ship. The next day he
recovered the brig, which was standing in for the bay of Almeria, to
the westward of Cape de Gatte. On inquiry he discovered that
Ibraham Lubarez was cruising for Americans under an order issued
by the governor of Mogadore. Although Morocco was ostensibly at
peace with the United States, Bainbridge did not hesitate, now, about
taking his prize to Gibraltar. Here he left the Meshboha in charge of
Mr. M’Donough, under the superintendence of the consul, and then
went off Cape St. Vincent in pursuit of a Moorish frigate, which was
understood to be in that neighborhood. Failing in his search, he
returned within the Straits, and went aloft, in obedience to his original
orders. At Gibraltar, the Philadelphia met the homeward bound
vessels, under Com. Rodgers, which were waiting the arrival of
Preble, in the Constitution. As this force was sufficient to watch the
Moors, it left the Philadelphia the greater liberty to proceed on her
cruise. While together, however, Lieut. Porter, the first of the New
York 36, exchanged with Lieut. Cox, the latter gentleman wishing to
return home, where he soon after resigned; while the former
preferred active service.
The Philadelphia found nothing but the Vixen before Tripoli. A
Neapolitan had given information that a corsair had just sailed on a
cruise, and this induced Capt. Bainbridge to despatch Lieut. Com.
Smith in chase. In consequence of this unfortunate, but perfectly
justifiable, decision the frigate was left alone off the town. A vigorous
blockade having been determined on, the ship maintained her
station as close in as her draught of water would allow until near the
close of October, when, it coming on to blow fresh from the
westward, she was driven some distance to leeward, as often
occurred to vessels on that station. As soon as it moderated, sail
was made to recover the lost ground, and, by the morning of the
31st, the wind had become fair, from the eastward. At 8, A. M., a sail
was made ahead, standing like themselves to the westward. This
vessel proved to be a small cruiser of the Bashaw’s, and was
probably the very vessel of which the Vixen had gone in pursuit. The
Philadelphia now crowded every thing that would draw, and was
soon so near the chase as to induce the latter to hug the land. There
is an extensive reef to the eastward of Tripoli, called Kaliusa, that
was not laid down in the charts of the ship, and which runs nearly
parallel to the coast for some miles. There is abundance of water
inside of it, as was doubtless known to those on board the chase,
and there is a wide opening through it, by which six and seven
fathoms can be carried out to sea; but all these facts were then
profound mysteries to the officers of the Philadelphia. Agreeably to
the chart of Capt. Smyth, of the British navy, the latest and best in
existence, the eastern division of this reef lies about a mile and a half
from the coast, and its western about a mile. According to the same
chart, one of authority and made from accurate surveys, the latter
portion of the reef is distant from the town of Tripoli about two and a
half miles, and the former something like a mile and a half more.
There is an interval of quite half a mile in length between these two
main divisions of the reef, through which it is possible to carry six
and seven fathoms, provided three or four detached fragments of
reef, of no great extent, be avoided. The channels among these
rocks afforded great facilities to the Turks in getting in and out of
their port during the blockade, since a vessel of moderate draught,
that knew the land-marks, might run through them with great
confidence by daylight. It is probable the chase, in this instance, led
in among these reefs as much to induce the frigate to follow as to
cover her own escape, either of which motives showed a knowledge
of the coast, and a familiarity with his duties in her commander.
In coming down from the eastward, and bringing with her a plenty
of water, the Philadelphia must have passed two or three hundred
yards to the southward of the northeastern extremity of the most
easterly of the two great divisions of the reef in question. This
position agrees with the soundings found at the time, and with those
laid down in the chart. She had the chase some distance inshore of
her; so much so, indeed, as to have been firing into her from the two
forward divisions of the larboard guns, in the hope of cutting
something away. Coming from the eastward, the ship brought into
this pass, between the reef and the shore, from fourteen to ten
fathoms of water, which gradually shoaled to eight, when Capt.
Bainbridge, seeing no prospect of overhauling the chase, then
beginning to open the harbor of Tripoli, from which the frigate herself
was distant but some three or four miles, ordered the helm a-port,
and the yards braced forward, in the natural expectation of hauling
directly off the land into deep water. The leads were going at the
time, and, to the surprise of all on board, the water shoaled, as the
frigate run off, instead of deepening. The yards were immediately
ordered to be braced sharp up, and the ship brought close on a
wind, in the hope of beating out of this seeming cul de sac, by the
way in which she had entered. The command was hardly given,
however, before the ship struck forward, and, having eight knots way
on her, she shot up on the rocks until she had only fourteen and a
half feet of water under her fore-chains. Under the bowsprit there
were but twelve. Aft she floated, having, it is said, come directly out
of six or seven fathoms of water into twelve and fifteen feet; all of
which strictly corresponds with the soundings of the modern charts.[2]
There was much of the hard fortune which attended a good deal
of Bainbridge’s professional career, in the circumstances of this
accident. Had the prospects of the chase induced him to continue it,
the frigate might have passed ahead, and the chances were that she
would have hauled off, directly before the mouth of the harbor of
Tripoli, and gone clear; carrying through nowhere less than five
fathoms of water. Had she stood directly on, after first hauling up,
she might have passed through the opening between the two
portions of the reef, carrying with her six, seven, nine and ten
fathoms, out to sea. But, in pursuing the very course which prudence
and a sound discretion dictated to one who was ignorant of the
existence of this reef, he ran his ship upon the very danger he was
endeavoring to avoid. It is by making provision for war, in a time of
peace, and, in expending its money freely, to further the objects of
general science, in the way of surveys and other similar precautions,
that a great maritime state, in particular, economizes, by means of a
present expenditure, for the moments of necessity and danger that
may await it, an age ahead.
Bainbridge’s first recourse, was the natural expedient of
attempting to force the ship over the obstacle, in the expectation that
the deep water lay to seaward. As soon, however, as the boats were
lowered, and soundings taken, the true nature of the disaster was
comprehended, and every effort was made to back the Philadelphia
off, by the stern. A ship of the size of a frigate, that goes seven or
eight knots, unavoidably piles a mass of water under her bows, and
this, aided by the shelving of the reef, and possibly by a ground
swell, had carried the ship up too far, to be got off by any ordinary
efforts. The desperate nature of her situation was soon seen by the
circumstance of her falling over so much, as to render it impossible
to use any of her starboard guns.
The firing of the chase had set several gun-boats in motion in the
harbor, and a division of nine was turning to-windward, in order to
assist the xebec the Philadelphia had been pursuing, even before
the last struck. Of course the nature of the accident was understood,
and these enemies soon began to come within reach of shot, though
at a respectful distance on the larboard quarter. Their fire did some
injury aloft, but neither the hull nor the crew of the frigate were hit.
Every expedient which could be resorted to, in order to get the
Philadelphia off, was put in practice. The anchors were cut from the
bows; water was pumped out, and other heavy articles were thrown
overboard, including all the guns, but those aft. Finally the foremast
was cut away. It would seem that the frigate had no boat strong
enough to carry out an anchor, a great oversight in the equipment of
a vessel of any sort. After exerting himself, with great coolness and
discretion, until sunset, Bainbridge consulted his officers, and the
hard necessity of hauling down the colors was admitted. By this time,
the gun-boats had ventured to cross the frigate’s stern, and had got
upon her weather quarter, where, as she had fallen over several feet
to leeward, it was utterly impossible to do them any harm. Other
boats, too, were coming out of the harbor to the assistance of the
division which had first appeared.
The Tripolitans got on board the Philadelphia, just as night was
setting in, on the last day of October. They came tumbling in at the
ports, in a crowd, and then followed a scene of indiscriminate
plunder and confusion. Swords, epaulettes, watches, jewels, money,
and no small portion of the clothing of the officers even,
disappeared, the person of Bainbridge himself being respected little
more than those of the common men. He submitted to be robbed,
until they undertook to force from him a miniature of his young and
beautiful wife, when he successfully resisted. The manly
determination he showed in withstanding this last violence, had the
effect to check the aggression, so far as he was concerned, and
about ten at night, the prisoners reached the shore, near the castle
of the Bashaw.
Jussuf Caramelli received his prisoners, late as was the hour, in
full divan; feeling a curiosity, no doubt, to ascertain what sort of
beings the chances of war had thrown into his power. There was a
barbarous courtesy in his deportment, nor was the reception one of
which the Americans had any right to complain. After a short
interview, he dismissed the officers to an excellent supper which had
been prepared for them in the castle itself, and to this hour, the
gentlemen who sat down to that feast with the appetites of
midshipmen, speak of its merits with an affection which proves that it
was got up in the spirit of true hospitality. When all had supped, they
were carried back to the divan, where the Pacha and his ministers
had patiently awaited their return; when the former put them in
charge of Sidi Mohammed D’Ghies, one of the highest functionaries
of the regency, who conducted the officers, with the necessary
attendants, to the building that had lately been the American
consular residence.
This was the commencement of a long and irksome captivity,
which terminated only with the war. The feelings of Bainbridge were
most painful, as we know from his letters, his private admissions,
and the peculiar nature of his case. He had been unfortunate
throughout most of his public service. The Retaliation was the only
American cruiser taken in the war of 1798, and down to that
moment, she was the only vessel of the new marine that had been
taken at all. Here, then, was the second ship that had fallen into the
enemy’s hands, also under his orders. Then the affair of the George
Washington was one likely to wound the feelings of a high spirited
and sensitive mind, to which explanations, however satisfactory, are
of themselves painful and humiliating. These were circumstances
that might have destroyed the buoyancy of some men; and there is
no question, that Bainbridge felt them acutely, and with a lively
desire to be justified before his country. At this moment, his officers
stepped in to relieve him, by sending a generous letter, signed by
every man in the ship whose testimony could at all influence the
opinion of a court of inquiry. Care was taken to say, in this letter, that
the charts and soundings justified the ship in approaching the shore,
as near as she had, which was the material point, as connected with
his conduct as a commander; his personal deportment after the
accident being beyond censure. Bainbridge was greatly relieved by
the receipt of this letter, the writing of which was generously and
kindly conceived, though doubts may exist as to its propriety, in a
military point of view. The commander of a ship, to a certain extent,
is properly responsible for its loss, and his subordinates are the
witnesses by whose testimony the court, which is finally to
exonerate, or to condemn, is guided; to anticipate their evidence, by
a joint letter, is opening the door to management and influence which
may sometimes shield a real delinquent. So tender are military
tribunals, strictly courts of honor, that one witness is not allowed to
hear the testimony of another, and the utmost caution should ever be
shown about the expression of opinions even, until the moment
arrives to give them in the presence of the judges, and under the
solemnities of oaths. This is said without direct reference to the case
before us, however; for, if ever an instance occurred in which a
departure from severe principles is justifiable, it was this; and no one
can regret that Bainbridge, in the long captivity which followed, had
the consolation of possessing such a letter. It may be well, here, to
mention that all the officers whose names are given already in this
biography, shared his prison, with the exception of Messrs. Cox and
M’Donough; the former of whom had exchanged with lieutenant
Porter, now a captain, while the latter had been left at Gibraltar, in
charge of the Meshboha, to come aloft with Decatur, and to share in
all the gallant deeds of that distinguished officer, before Tripoli.
Much exaggeration has prevailed on the subject of the treatment
the American prisoners received from the Turks. It was not regulated
by the rules of a more civilized warfare, certainly, and the common
men were compelled to labor under the restrictions of African
slavery; but the officers, on the whole, were kindly treated, and the
young men were even indulged in many of the wild expressions of
their humors. There were moments of irritation, and perhaps of
policy, it is true, in which changes of treatment occurred, but
confinement was the principal grievance. Books were obtained, and
the studies of the midshipmen were not neglected. Sidi Mohammed
D’Ghies proved their friend, though the Danish consul, M. Nissen,
was the individual to whom the gratitude of the prisoners was
principally due. This benevolent man commenced his acts of
kindness the day after the Americans were taken, and he continued
them, with unwearying philanthrophy, down to the hour of their
liberation. By means of this gentleman, Bainbridge was enabled to
communicate with Com. Preble, who received many useful
suggestions from the prisoner, concerning his own operations before
the town.
The Turks were so fortunate as to be favored with good weather,
for several days after the Philadelphia fell into their hands.
Surrounding the ship with their gunboats, and carrying out the
necessary anchors, they soon hove her off the reef into deep water;
where she floated, though it was necessary to use the pumps freely,
and to stop some bad leaks. The guns, anchors, &c., had,
unavoidably, been thrown on the rocks; and they were also
recovered with little difficulty. The prisoners, therefore, in a day or
two, had the mortification to see their late ship anchored between the
reef and the town; and, ere long, she was brought into the harbor
and partially repaired.
It is said, on good authority, that Bainbridge suggested to Preble
the plan for the destruction of the Philadelphia, which was
subsequently adopted. His correspondence was active, and there is
no question that it contained many useful suggestions. A few weeks
after he was captured he received a manly, sensible letter from
Preble, which, no doubt, had a cheering influence on his feelings.
It will be remembered that the Philadelphia went ashore on the
morning of the 31st October, 1803. On the 15th of the succeeding
February, the captives were awakened about midnight by the firing of
guns. A bright light gleamed upon the windows, and they had the
pleasure to see the frigate enveloped in flames. Decatur had just
quitted the ship, and his ketch was then sweeping down the harbor,
towards the Siren, which awaited her in the offing!
This exploit caused a sensible change in the treatment of the
officers, who were then captives in Tripoli. On the first of March, they
were all removed to the castle, where they continued for the
remainder of the time they were prisoners, or more than a
twelvemonth. Several attempts at escape were made, but they all
failed; principally for the want of means. In this manner passed
month after month, until the spring had advanced into the summer.
One day the cheering intelligence spread among the captives that a
numerous force was visible in the offing, but it disappeared in
consequence of a gale of wind. This was about the 1st of August,
1804. A day or two later, this force reappeared, a heavy firing
followed, and the gentlemen clambered up to the windows which
commanded a partial view of the offing. There they saw a flotilla of
gunboats, brigs, and schooners, gathering in towards the rocks,
where lay a strong division of the Turks, the shot from the batteries
and shipping dashing the spray about, and a canopy of smoke
collecting over the sea. In the back-ground was the Constitution—
that glorious frigate!—coming down into the fray, with the men on her
top-gallant-yards gathering in the canvass, as coolly as if she were
about to anchor. This was a sight to warm a sailor’s heart, even
within the walls of a prison! Then they got a glimpse of the desperate
assault led by Decatur—the position of their windows permitting no
more—and they were left to imagine what was going on, amid the
roar of cannon, to leeward. This was the celebrated attack of the 3d
August; or that with which Preble began his own warfare, and little
intermission followed for the next two months. On the night of the 4th
of September, a few guns were fired—a heavy explosion was heard
—and this terminated the din of war. It was the catastrophe in which
Somers perished. A day or two later, Bainbridge was taken to see
some of the dead of that affair, but he found the bodies so much
mutilated as to render recognition impossible.
Bainbridge kept a journal of the leading events that occurred
during his captivity. Its meagreness, however, supplies proof of the
sameness of his life; little occurring to give it interest, except an
occasional difficulty with the Turks, and these attacks. In this journal
he speaks of the explosion of the Intrepid, as an enterprise that
entirely failed; injuring nothing. It was thought in the squadron that a
part of the wall of the castle had fallen, on this occasion, but it was a
mistake. Not a man, house, or vessel of Tripoli, so far as can now be
ascertained, suffered, in the least, by the explosion. Bainbridge also
mentions, what other information corroborates, that the shells
seldom burst. Many fell within the town, but none blew up. Two or
three even struck the house of the worthy Nissen, but the injury was
slight, comparatively, in consequence of this circumstance.
At length the moment of liberation arrived. An American
negotiator appeared in the person of the consul general for Barbary,
and matters drew toward a happy termination. Some obstacles,
however, occurred, and, to get rid of them, Sidi Mohammed D’Ghies,
a judge of human nature, and a man superior to most around him,
proposed to the Bashaw to let Bainbridge go on board the
Constitution, then commanded by Com. Rodgers. The proposal
appeared preposterous to the wily and treacherous Jussuf, who
insisted that his prisoner would never be fool enough to come back,
if once at liberty. The minister understood the notions of military
honor that prevailed amongst Christian nations better, and he finally
succeeded in persuading his master to consent that Bainbridge
might depart; but not until he had placed his own son in the
Bashaw’s hands, as a hostage.[3]
The 1st of June, 1805, was a happy hour for the subject of our
memoir, for then, after a captivity of nineteen months, to a day, was
he permitted again to tread the deck of an American man-of-war.
The entire day was spent in the squadron, and Bainbridge returned
in the night, greatly discouraged as to the success of the negotiation.
Finding Sidi Mohammed D’Ghies, they repaired to the palace
together, where the Bashaw received them with wonder. He had
given up the slight expectation he ever had of seeing his captive
again, and had been sharply rebuking his minister for the weakness
he had manifested by his credulity. Bainbridge stated to the prince
the only terms on which the Americans would treat, and these Jussuf
immediately rejected. The friendly offices of M. Nissen were
employed next day, however, and on the third, a council of state was
convened, at which the treaty, drawn up in form, was laid before the
members for approval or rejection.
At this council, Bainbridge was invited to be present. When he
entered he was told by the Bashaw, himself, that no prisoner in
Barbary had ever before been admitted to a similar honor, and that
the discussions should be carried on in French, in order that he
might understand them. The question of “peace or war” was then
solemnly proposed. There were eight members of the council, and
six were for war. Sidi Mohammed D’Ghies and the commandant of
the marine alone maintained the doctrine of peace. There may have
been preconcert and artifice in all this; if so, it was well acted. The
speeches were grave and dignified, and seemingly sincere, and,
after a time, two of the dissentients were converted to the side of
peace; leaving the cabinet equally divided. “How shall I act?”
demanded the Bashaw. “Which party shall I satisfy—you are four for
peace, and four for war!” Here Sidi Mohammed D’Ghies arose and
said it was for the sovereign to decide—they were but councillors,
whereas he was their prince; though he entreated him, for his own
interests and for those of his people, to make peace. The Bashaw
drew his signet from his bosom, deliberately affixed it to the treaty,
and said, with dignity and emphasis, “It is peace.”
The salutes followed, and the war ceased. The principal officers
of the squadron visited the captives that evening; and the next day
the latter were taken on board ship. A generous trait of the seamen
and marines, on this occasion, merits notice. A Neapolitan slave had
been much employed about them, and had shown them great
kindness. They sent a deputation to Bainbridge, to request he would
authorize the purser to advance them $700, of their joint pay; it was
done, and, with the money, they bought the liberty of the Neapolitan;
carrying him off with them—finally landing him on his own shores.
At Syracuse, a court of inquiry was held, for the loss of the
Philadelphia. This court consisted of Capts. James Barron, Hugh G.
Campbell and Stephen Decatur, jun. Gen. Eaton was the judge
advocate. The result was an honorable aquittal. The finding of this
court was dated June 29, 1805.
The country dealt generously and fairly by Bainbridge and his
officers. The loss of the Philadelphia was viewed as being, precisely
what it was, an unavoidable accident, that was met by men engaged
in the zealous service of their country, in a distant sea, on an
inhospitable shore, and at an inclement season of the year; and an
accident that entailed on the sufferers a long and irksome captivity.
To have been one of the Philadelphia’s crew has ever been rightly
deemed a strong claim on the gratitude of the republic, and, from the
hour at which the ill-fated ship lowered her ensign, down to the
present moment, a syllable of reproach has never been whispered.
Bainbridge, himself, was brought prominently into notice by the affair,
and the sympathy his misfortunes produced in the public mind, made
him a favorite with the nation. The advantage thus obtained, was
supported and perpetuated by that frank and sincere earnestness
which marked his public service, and which was so well adapted to
embellish the manly career of a sailor.
The officers and crew of the Philadelphia reached home in the
autumn of 1805, and were welcomed with the warmth that their
privations entitled them to receive.
Capt. Bainbridge had married, when a young man, and he now
found himself embarrassed in his circumstances, with an increasing
family. But few ships were employed, and there were officers senior
to himself to command them. The half-pay of his rank was then only
$600 a year, and he determined to get leave to make a voyage or
two, in the merchant service, in order to repair his fortunes. He had
been appointed to the navy yard at New York, however, previously to
this determination, but prudence pointed out the course on which he
had decided. A voyage to the Havana, in which he was part owner,
turned out well, and he continued in this pursuit for two years; or
from the summer of 1806, until the spring of 1808. In March of the
latter year, he was ordered to Portland, and, in December following,
he was transferred to the command of the President 44, then
considered the finest ship in the navy. Owing to deaths, resignations,
and promotions, the list of captains had undergone some changes
since the passage of the reduction-law. It now contained thirteen
names, a number determined by an act passed in 1806, among
which that of Bainbridge stood the sixth in rank. The difficulties with
England, which had produced the armament, seemed on the point of
adjustment, and immediate war was no longer expected. Bainbridge
hoisted his first broad pennant in the President, having the command
on the southern division of the coast; Com. Rodgers commanding at
the north. In the summer of 1809 the President sailed on the coast
service, and continued under Bainbridge’s orders, until May, 1810,
when he left her, again to return to a merchant vessel.
On this occasion Bainbridge went into the Baltic. On his way to
St. Petersburg, a Danish cruiser took him, and carried him into
Copenhagen. Here, his first thought was of his old friend Nissen.
Within half an hour, the latter was with him, and it is a coincidence
worthy of being mentioned, that at the very moment the benevolent
ex-consul heard of Bainbridge’s arrival, he was actually engaged in
unpacking a handsome silver urn, which had been sent to him, as a
memorial of his own kindness to them, by the late officers of the
Philadelphia.
Through the exertions of this constant friend, Bainbridge soon
obtained justice, and his ship was released. He then went up the
Baltic. In this trade, Capt. Bainbridge was induced to continue, until
the rencontre occurred, between his late ship, the President, and the
British vessel of war, the Little Belt. As soon as apprized of this
event, he left St. Petersburg, and made the best of his way to the
Atlantic coast, over-land. In February, 1812, he reached Washington,
and reported himself for service. But no consequences ever followed
the action mentioned, and a period of brief but delusive calm
succeeded, during which few, if any, believed that war was near. Still
it had been seriously contemplated; and, it is understood, the
question of the disposition of the navy, in the event of a struggle so
serious as one with Great Britain’s occurring, had been gravely
agitated in the cabinet. To his great mortification, Bainbridge learned
the opinion prevailed that it would be expedient to lay up all the
vessels; or, at most, to use them only for harbor defence.
Fortunately, the present Com. Stewart, an officer several years the
junior of Bainbridge in rank, but one of high moral courage and of
great decision of character, happened to be also at the seat of
government. After a consultation, these two captains had interviews
with the Secretary and President, and, at the request of the latter,
addressed to him such a letter as finally induced a change of policy.
Had Bainbridge and Stewart never served their country but in this
one act, they would be entitled to receive its lasting gratitude. Their

Full download Principles of Information Security 7th Edition Michael E. Whitman file pdf all chapter on 2024

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Full download Principles of Information Security 7th Edition Michael E. Whitman file pdf all chapter on 2024

Uploaded by

Copyright:

Available Formats

Principles of Information Security 7th

Edition Michael E. Whitman

Management of Information Security 6th Edition Michael

Principles of Information Security 6th Edition Whitman

Principles of Incident Response & Disaster Recovery

Security Analysis : Principles and Techniques (7th

Management of Information Security 5th Edition, (Ebook

eTextbook 978-0134444284 Cryptography and Network

Principles of information systems 13th Edition Ralph

Principles of Computer Security: CompTIA Security+ and

Australia • Brazil • Canada • Mexico • Singapore • United Kingdom • United States

Associate Product Manager: Danielle Klahr

Senior Director, Content Creation: Rebecca von

Content Manager: Christina Nyren Cengage

Design Director: Jack Pendleton

Cover Designer: Erin Griffin Notice to the Reader

Printed in the United States of America

To my grandchildren, Julie and Ellie; it is a wonderful life.

Developing and Implementing Effective Managing Risk 157

Business Continuity 212 Codes Of Ethics Of Professional

Personnel Control Strategies 287 Why Use an IDPS? 340

Detection and Prevention Systems Cryptographic Algorithms 396

Digital Signatures 401 Module Summary 444

Introduction To Information Security Physical Security 490

Structure and Module Descriptions

Module 1—Introduction to Information Security

Module 2—The Need for Information Security

Module 3—Information Security Management

Module 4—Risk Management

Module 5—Incident Response and Contingency Planning

Module 6—Legal, Ethical, and Professional Issues

Module 7—Security and Personnel

Module 8—Security Technology: Access Controls, Firewalls,

Module 9—Security Technology: Intrusion Detection

Module 11—Implementing Information Security

Module 12—Information Security Maintenance

New to This Edition

MindTap for Principles of Information Security,

Access Everything You Need in One Place

Empower Students to Reach Their Potential

Control Your Course—and Your Content

Get a Dedicated Team, Whenever You Need Them

• Paul Witman, California Lutheran University

• Dan Seiter, Developmental Editor

You might also like

Developing and Implementing Effective Managing Risk 157

Business Continuity 212 Codes Of Ethics Of Professional

Personnel Control Strategies 287 Why Use an IDPS? 340

Detection and Prevention Systems Cryptographic Algorithms 396

Digital Signatures 401 Module Summary 444

Introduction To Information Security Physical Security 490