The ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing. This new edition provides complete guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples. All CISA terminology has been revised to reflect the most recent interpretations, including 73 definition and nomenclature changes. Each chapter summary highlights the most important topics on which you'll be tested, and review questions help you gauge your understanding of the material. You also get access to electronic flashcards, practice exams, and the Sybex test engine for comprehensively thorough preparation. For those who audit, control, monitor, and assess enterprise IT and business systems, the CISA certification signals knowledge, skills, experience, and credibility that delivers value to a business. This study guide gives you the advantage of detailed explanations from a real-world perspective, so you can go into the exam fully prepared. * Discover how much you already know by beginning with an assessment test * Understand all content, knowledge, and tasks covered by the CISA exam * Get more in-depths explanation and demonstrations with an all-new training video * Test your knowledge with the electronic test engine, flashcards, review questions, and more The CISA certification has been a globally accepted standard of achievement among information systems audit, control, and security professionals since 1978. If you're looking to acquire one of the top IS security credentials, CISA is the comprehensive study guide you need.

*THE INSTANT NEW YORK TIMES BESTSELLER AND WORLD ECONOMIC FORUM BOOK CLUB PICK*

'A clear, compelling guide to some of the most pressing debates in technology today.' Bill Gates, from the foreword

'The de facto ambassador for the technology industry at large.' The New York Times

'One of the few executives willing to speak openly about the industry's most vexing issues.' Sunday Times

Microsoft President Brad Smith operates by a simple core belief: when your technology changes the world, you bear a responsibility to help address the world you have helped create.

This might seem uncontroversial, but it flies in the face of a tech sector long obsessed with rapid growth and sometimes on disruption as an end in itself. While sweeping digital transformation holds great promise, we have reached an inflection point. The world has turned information technology into both a powerful tool and a formidable weapon, and new approaches are needed to manage an era defined by even more powerful inventions like artificial intelligence. Companies that create technology must accept greater responsibility for the future, and governments will need to regulate technology by moving faster and catching up with the pace of innovation.

In Tools and Weapons, Brad Smith and Carol Ann Browne bring us a captivating narrative from the cockpit of one of the world's largest and most powerful tech companies as it finds itself in the middle of some of the thorniest emerging issues of our time. These are challenges that come with no pre-existing playbook, including privacy, cybercrime and cyberwar, social media, the moral conundrums of artificial intelligence, big tech's relationship to inequality, and the challenges for democracy, far and near. While in no way a self-glorifying "Microsoft memoir," the book pulls back the curtain remarkably wide onto some of the company's most crucial recent decision points as it strives to protect the hopes technology offers against the very real threats it also presents. There are huge ramifications for communities and countries, and Brad Smith provides a thoughtful and urgent contribution to that effort.

From Microsoft's President and one of the tech industry's wisest thinkers, a frank and thoughtful reckoning with how to balance enormous promise and existential risk as the digitization of everything accelerates.

In Tools and Weapons, Brad Smith takes us behind the scenes on some of the biggest stories to hit the tech industry in the past decade and some of the biggest threats we face. From Edward Snowden's NSA leak to the NHS WannaCry ransomware attack, this book is essential reading to understand what's happening in the world around us.

If you watched Inside Bill's Brain: Decoding Bill Gates on Netflix, you will find Tools and Weapons equally fascinating.

'This is a colourful and insightful insiders' view of how technology is both empowering us and threatening us. From privacy to cyberattacks, this timely book is a useful guide for how to navigate the digital future.' Walter Isaacson, bestselling author of Steve Jobs

Master the technical skills and industry know-how to begin an exciting career installing, configuring, and troubleshooting computer networks with the completely updated NETWORK+ GUIDE TO NETWORKS, 7E. You can prepare for success on CompTIA's Network+ N10-006 certification exam with fully mapped coverage of all objectives, including protocols, topologies, hardware, network design, and troubleshooting. This edition addresses today's latest technology with new features that make essential information easily accessible and help you visualize high-level concepts. New OSI layer icons visually link concepts and the OSI model. New and updated "On the Job" stories, Applying Concepts activities, Hands-On and Case Projects let you explore concepts in more depth. The NETWORK+ GUIDE TO NETWORKS, 7E's emphasis on real-world problem solving provides the tools you need to succeed in any computing environment.

GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES provides a thorough guide to perimeter defense fundamentals, including intrusion detection and firewalls. This trusted text also covers more advanced topics such as security policies, network address translation (NAT), packet filtering and analysis, proxy servers, virtual private networks (VPN), and network traffic signatures. Thoroughly updated, the new third edition reflects the latest technology, trends, and techniques including virtualization, VMware, IPv6, and ICMPv6 structure, making it easier for current and aspiring professionals to stay on the cutting edge and one step ahead of potential security threats. A clear writing style and numerous screenshots and illustrations make even complex technical material easier to understand, while tips, activities, and projects throughout the text allow you to hone your skills by applying what you learn. Perfect for students and professionals alike in this high-demand, fast-growing field, GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES, Third Edition, is a must-have resource for success as a network security professional.

Providing essential information for business managers, computer programmers, system designers, as well as home computer users, DATABASE COMMUNICATIONS AND COMPUTER NETWORKS, 8e provides a thorough introduction that includes coverage of the language of computer networks as well as the effects of data communications on business and society. Balancing technical concepts with everyday issues, it equips you with a solid understanding of the basic features, operations, and limitations of different types of computer networks. It offers full coverage of wireless technologies, industry convergence, compression techniques, network security, LAN technologies, VoIP, and error detection and correction. The Eighth Edition also offers up-to-the-minute coverage of near field communications, updated USB interface, lightning interface, and IEEE 802.11 ac and ad wireless standards, firewall updates, router security problems, the Internet of Things, cloud computing, zero-client workstations, and Internet domain names.

Master the technical skills and industry knowledge you need to begin an exciting career installing, configuring and troubleshooting computer networks with West/Dean/Andrews' NETWORK+ GUIDE TO NETWORKS, 8th edition. It thoroughly prepares you for success on CompTIA's Network+ N10-007 certification exam with fully mapped coverage of all objectives, including protocols, topologies, hardware, network design, security and troubleshooting. Virtualization-based projects give you experience working with a wide variety of hardware, software, operating systems and device interactions, while "On the Job" stories, Applying Concepts activities, and Hands-On and Capstone Projects let you explore concepts in more depth. MindTap Networking offers additional practice and certification prep. The text's emphasis on real-world problem solving provides the tools for success in any computing environment.

For undergraduate and graduate courses in Business Data Communication / Networking (MIS) Clear writing style, job-ready detail, and focus on the technologies used in today's marketplace Business Data Networks and Security guides readers through the details of networking, while helping them train for the workplace. It starts with the basics of security and network design and management; goes beyond the basic topology and switch operation covering topics like VLANs, link aggregation, switch purchasing considerations, and more; and covers the latest in networking techniques, wireless networking, with an emphasis on security. With this text as a guide, readers learn the basic, introductory topics as a firm foundation; get sound training for the marketplace; see the latest advances in wireless networking; and learn the importance and ins and outs of security. Teaching and Learning Experience This textbook will provide a better teaching and learning experience-for you and your students. Here's how: *The basic, introductory topics provide a firm foundation. *Job-level content prepares students with the skills demanded by today's employers. *The latest in networking techniques and wireless networking, including a focus on security, keeps students up to date and aware of what's going on in the field. *The flow of the text guides students through the material. MyMISLab not included. Students, if MyMISLab is a recommended/mandatory component of the course, please ask your instructor for the correct ISBN and course ID. MyMISLab is not a self-paced technology and should only be purchased when required by an instructor. Instructors, contact your Pearson representative for more information. MyMISLab is an online homework, tutorial, and assessment product designed to personalize learning and improve results. With a wide range of interactive, engaging, and assignable activities, students are encouraged to actively learn and retain tough course concepts.

For introductory courses in IT Security. A strong business focus through a solid technical presentation of security tools. Corporate Computer Security provides a strong business focus along with a solid technical understanding of security tools. This text gives students the IT security skills they need for the workplace. This edition is more business focused and contains additional hands-on projects, coverage of wireless and data security, and case studies. This program will provide a better teaching and learning experience-for you and your students. Here's how: *Encourage Student's to Apply Concepts: Each chapter now contains new hands-on projects that use contemporary software. *Business Environment Focus: This edition includes more of a focus on the business applications of the concepts. Emphasis has been placed on securing corporate information systems, rather than just hosts in general. *Keep Your Course Current and Relevant: New examples, exercises, and research findings appear throughout the text.

For courses in wireless networking, wireless communications, wireless data communications or wireless technology in departments of Computer Science, Engineering, IT, and Continuing Education. The rapid growth of mobile telephone use, satellite services, and the wireless Internet are generating tremendous changes in telecommunications and networking. Combining very current technical depth with a strong pedagogy and advanced Web support, this new edition provides a comprehensive guide to wireless technology-exploring key topics such as technology and architecture, network types, design approaches, and the latest applications. Visit Stallings Companion Website at http: //williamstallings.com/CompSec/CompSec1e.html for student and instructor resources and his Computer Science Student Resource site http: //williamstallings.com/StudentSupport.html Password protected instructor resources can be accessed here by clicking on the Resources Tab to view downloadable files. (Registration required) They include Power Point Slides, Solutions, tables and figure

This is a complete teaching and learning package for the 2011 specifications helping both students and tutors to get the best results.

The Pentester Blueprint guides readers on how to prepare and enter the cybersecurity filed as a penetration tester aka ethical hacker or white hat hacker. While there are a lot of books about technical tools for penetration testing, The Pentester Blueprint describes the role of a penetration tester, what a pentest entails, and the prerequisite knowledge required to start the educational journey of a pentester. The book goes on to detail learning resources and industry certifications that are helpful in becoming a pentester. The Pentester Blueprint evolved from the author's frequent popular presentations on the same topic at many conferences. Coverage includes: Foundation - Discuss the foundational perquisite knowledge needed to become a pentester. Discuss the IT basic skills such as operating systems, networking and security needed to be a pentester. Hacking skills - Discuss developing hacking skills and the hacker mindset. Education options - Discuss learning options such as college classes, security training providers and self-study. Education resources - Discuss education resources including; books, videos, conferences and community. Certifications and degrees - Discuss credentials useful for gaining employment as a pentester including; degrees and certificates. Getting Experience - Discuss methods for developing hacking/pentesting skills such as labs (third party and home), CTFs, bug bounties, pro bono/volunteer work. Developing a plan - Discuss how to assess current skillset and knowledge to find a starting place and the perform a gap analysis to develop a learning plan. Discuss goal setting and educational milestones to track progress. Getting employed as a pentester - Discuss how to find a job as a pentester through networking, social media and community evolvement.

Linux Security Fundamentals provides basic foundational concepts of securing a Linux environment. The focus is the digital self-defense of an individual user. This includes a general understanding of major threats against individual computing systems, networks, services and identity as well as approaches to prevent and mitigate them. This book is useful for anyone considering a career as a Linux administrator or for those administrators who need to learn more about Linux security issues. Topics include: Security Concepts Encryption Node, Device and Storage Security Network and Service Security Identity and Privacy Readers will also have access to Sybex's superior online interactive learning environment and test bank, including chapter tests, a practice exam, electronic flashcards, a glossary of key terms.

A comprehensive introduction to network flows that brings together the classic and the contemporary aspects of the field, and provides an integrative view of theory, algorithms, and applications.

Operations Anti-Patterns, DevOps Solutions shows how to implement DevOps techniques in the kind of imperfect environments most developers work in. Part technology tutorial, part reference manual, and part psychology handbook, this practical guide shows you realistic ways to bring DevOps to your team when you don't have the flexibility to make sweeping changes in organizational structure. Focused on process improvements you can make from the bottom up, everything in Operations Anti-Patterns, DevOps Solutions is actionable for your team-from constructing a streamlined workflow system to developing dashboards and operational metrics to measure the right aspects of performance. To better understand the behavior of both individuals and organizations, you'll also learn the psychological reasoning behind why DevOps techniques are effective. Key Features * Creating a post-mortem framework to analyze projects and incidents * Monitoring and managing team time * Building cultural touchstones that assist with team building * Automating change management * Techniques for adopting automation to power your workflows For team leaders and managers. About the technology By emphasising shared responsibility for delivering software, DevOps transforms the way technology departments work. Looking beyond tool choice and design philosophy, DevOps demands a change in an organization's attitude and approach. Jeff Smith has been in the technology industry for over 15 years, both as management and individual contributor. He has managed DevOps transformations at Centro, an ad-tech firm, and Grubhub, an online ordering platform.

The transfer of information over the world wide web depends critically on secure communications. The need to protect the material we send and receive from cyberspace, from the largest of business transactions to the simplest of personal web-pages, is crucial in ensuring we can continue to use this incredible resource safely. Cryptology provides the most reliable tools for storing or transmitting digital information and is the gold standard for attaining the levels of security our online interactions demand. Taking a step-by-step approach, P. K. Yuen demonstrates how to master web-based security skills including: protecting websites from hackers and viruses; encrypting email; building a secure web-database; performing secure business transactions over the web. Working from a problem-solving perspective, he shows how to implement security solutions and looks from the attacker's point of view at possible challenges to that security. In short, Practical Cryptology and Web Security offers a practical and comprehensive guide to all aspects of web security. This book features over 120 worked examples, many from industry, demonstrate the key considerations in implementing web security. AES, this book examines the latest web technologies in terms of security, including XML Signatures and XML Digital Contracts. PK Yuen is a well known expert on Communications, Internet and the World Wide Web. He has over 13 years' experience working on web technologies including large scale application developments, engineer training and project leadership and working on the security system of the Shanghai Pu Dong airport, China. He also co-authored Practical Web Technologies, published by Addison-Wesley in 2003.

A helpful guide on all things Cisco

Do you wish that the complex topics of routers, switches, and networking could be presented in a simple, understandable presentation? With "Cisco Networking All-in-One For Dummies," they are! This expansive reference is packed with all the information you need to learn to use Cisco routers and switches to develop and manage secure Cisco networks. This straightforward-by-fun guide offers expansive coverage of Cisco and breaks down intricate subjects such as networking, virtualization, and database technologies into easily digestible pieces. Drills down complex subjects concerning Cisco networking into easy-to-understand, straightforward coverageShares best practices for utilizing Cisco switches and routers to implement, secure, and optimize Cisco networksReviews Cisco networking solutions and products, securing Cisco networks, and optimizing Cisco networksDetails how to design and implement Cisco networks

Whether you're new to Cisco networking products and services or an experienced professional looking to refresh your knowledge about Cisco, this "For Dummies" guide provides you with the coverage, solutions, and best practices you need.

Demonstrate your expertise with Microsoft Office 2010! This all-in-one guide is designed to help you practice and prepare for the four core Microsoft Office Specialist (MOS) exams.

With the MOS 2010 Study Guide, you get full, objective-by-objective coverage for: Exam 77-881: Microsoft Word 2010 Exam 77-882: Microsoft Excel 2010 Exam 77-883: Microsoft PowerPoint 2010 Exam 77-884: Microsoft Outlook 2010

Use the book's easy-to-follow procedures and illustrations to review the essential skills measured by the MOS exams. And you can apply what you've learned hands-on--using the downloadable files for all the book's practice tasks.

Business operations in large organizations today involve massive, interactive, and layered networks of teams and personnel collaborating across hierarchies and countries on complex tasks. To optimize productivity, businesses need to know: what communication patterns do high-performing teams have in common? Is it possible to predict a team's performance before it starts work on a project? How can productive team behavior be fostered? This comprehensive review for researchers and practitioners in data mining and social networks surveys recent progress in the emerging field of network science of teams. Focusing on the underlying social network structure, the authors present models and algorithms characterizing, predicting, optimizing, and explaining team performance, along with key applications, open challenges, and future trends.

Just five years ago, infrastructure as code was a new concept for many companies. Today, even banks, governments, and other highly regulated organizations are moving to the cloud, leading teams everywhere to build up large, complex infrastructure codebases. With this practical book, Kief Morris of ThoughtWorks shows you how to effectively use principles, practices, and patterns pioneered by infrastructure and development teams to manage cloud age infrastructure. Ideal for system administrators, infrastructure engineers, software developers, team leads, and architects, this insightful second edition demonstrates the tools you need for implementing infrastructure as code. You'll learn about the platforms and tooling involved in creating and configuring infrastructure elements, patterns for using these tools, and practices for making infrastructure as code work in your environment. In four parts, this book covers: Foundations:Understand how to use Infrastructure as Code to drive continuous change and raise the bar of operational quality. These chapters lay out a framework for the various tools and technologies involved in building platforms to run software in the cloud. Working with infrastructure stacks: These chapters introduce practical patterns and approaches for defining, provisioning, testing, and continuously delivering changes to infrastructure resources. This includes managing and configuring environments and sharing infrastructure code. Working With Servers And Other Application Runtime Platforms:Discover patterns for provisioning and configuring servers and clusters for deploying applications. Working With Larger Systems and Teams: When you have multiple teams building and using cloud infrastructure, you need to consider workflows and governance, as well as architectural patterns for creating and managing many different infrastructure elements.

Mobile Communications introduces the topic by providing a thorough grounding in the field of mobile communications. A wide range of examples is combined with a strong pedagogy to allow the book's use in high level courses and for self-study. This book provides a non-mathematical, computer science focus.

The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side. * Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition * Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more * Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws. Also available as a set with, CEHv8: Certified Hacker Version 8 Study Guide, Ethical Hacking and Web Hacking Set, 9781119072171.

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. Essential Linux Management Skills Made EasyEffectively deploy and maintain Linux and other Free and Open Source Software (FOSS) on your servers or entire network using this practical resource. Linux Administration: A Beginner's Guide, Sixth Edition provides up-to-date details on the latest Linux distributions, including Fedora, Red Hat Enterprise Linux, CentOS, Debian, and Ubuntu. Learn how to install and customize Linux, work from the GUI or command line, configure Internet and intranet services, interoperate with Windows systems, and create reliable backups. Performance tuning, security, and virtualization are also covered and real-world examples help you put the techniques presented into practice. Install and configure popular Linux distributions, including the latest versions of Fedora, CentOS, openSUSE, Debian, and Ubuntu Administer Linux servers from the GUI or from the command line (shell) Manage users, permissions, folders, and native FOSS applications Compile, tune, upgrade, and customize the latest Linux kernel 3.x series Work with proc, SysFS, and cgroup file systems Understand and manage the Linux TCP/IP networking stack and services for both IPv4 and IPv6 Build robust firewalls, and routers using Netfilter and Linux Create and maintain print, e-mail, FTP, and web servers Use LDAP or NIS for identity management Set up and administer DNS, POP3, IMAP3, and DHCP servers Use GlusterFS, NFS, and Samba for sharing and distributing file system resources Explore and implement Linux virtualization technologies using KVM