![]() |
![]() |
Your cart is empty |
||
Books > Computing & IT > Computer communications & networking
The ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing. This new edition provides complete guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples. All CISA terminology has been revised to reflect the most recent interpretations, including 73 definition and nomenclature changes. Each chapter summary highlights the most important topics on which you'll be tested, and review questions help you gauge your understanding of the material. You also get access to electronic flashcards, practice exams, and the Sybex test engine for comprehensively thorough preparation. For those who audit, control, monitor, and assess enterprise IT and business systems, the CISA certification signals knowledge, skills, experience, and credibility that delivers value to a business. This study guide gives you the advantage of detailed explanations from a real-world perspective, so you can go into the exam fully prepared. * Discover how much you already know by beginning with an assessment test * Understand all content, knowledge, and tasks covered by the CISA exam * Get more in-depths explanation and demonstrations with an all-new training video * Test your knowledge with the electronic test engine, flashcards, review questions, and more The CISA certification has been a globally accepted standard of achievement among information systems audit, control, and security professionals since 1978. If you're looking to acquire one of the top IS security credentials, CISA is the comprehensive study guide you need.
Mapped to the new CompTIA Security+ SY0-701 Certification Exam, Ciampa's COMPTIA SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS, 8th Edition, thoroughly prepares readers for professional certification and career success. The text covers general security concepts, threats, vulnerabilities and mitigations, security architecture, security operations and security program management and oversight. It also includes expansive coverage of attack vectors and attack surfaces, social engineering attacks, data controls, endpoint vulnerabilities and defenses, identity and access management, infrastructure and wireless security, cloud and virtualization security, artificial intelligence and vulnerability management. New Hands-On Projects, case activities and virtual online cybersecurity lab exercises help readers put what they learn into practice.
Managing Business Projects: The Essentials differs from many other project management textbooks. Foremost, it is about business projects as opposed to construction or engineering projects. Although many techniques, like schedule management, apply to both, they are usually applied differently. As its title conveys, the book explains the essential techniques and perspectives needed for business projects to be successful. The focus is on small- and medium-sized projects, up to $20 million, but often below $1 million. Some literature favors large and mega-projects, but for every mega-project, there are many thousands of smaller projects that are vital to the organization and could involve considerable complexity and risk. Nevertheless, the techniques outlined here also apply to mega-projects and their many subprojects; they even apply to some aspects of construction or engineering projects. This book does not aim to cover all project management techniques. In real life there is simply no time for sophisticated ‘should-dos.' Rather, it covers the essentials that apply to almost all business projects; these are unlikely to change in the future even as technology and methodologies advance. The driving idea, which is stated repeatedly, is to do the essentials and to do them consistently and well. Strong emphasis is placed on things that happen before, around, and after the project itself. So, while the basic disciplines like engaging with stakeholders, managing scope, schedules, costs, risks, issues, changes, and communication, are thoroughly explained, other important aspects are covered. These include: governance of a project and of a portfolio of projects, project selection with its financial and non-financial aspects, effective use of the business case through to benefits realization, procurement, outsourcing and partnership, and also the agile mindset that is valuable beyond Agile projects. Besides project managers and sponsors, this book is intended for people who are working in business or government, at any level, or for MBA students. It offers perspectives that enable them to learn more from their everyday experience. It is not aimed at undergraduate students, although many would benefit from the contents.
Packed with hands-on learning tools, Tomsho's GUIDE TO NETWORKING ESSENTIALS, Eighth Edition, equips you with the knowledge and skills to work with network infrastructure devices and network operating systems in a small to medium-size network environment. Focusing on troubleshooting and computer networking technologies, it delivers a comprehensive introduction to network protocols and network devices, including wireless and cybersecurity technologies. It reflects the latest networking technologies and operating systems, covers new Ethernet standards, includes an Internet of Things (IoT) chapter and adds certification mapping to the Microsoft Technology Associate (MTA Exam 98-366) in Networking Fundamentals. Maximizing your success, virtual labs and the MindTap digital learning solution give you ample opportunities to put what you learn into practice and prep for the certification test.
Master the technical skills and industry knowledge you need to begin an exciting career installing, configuring and troubleshooting computer networks with West/Dean/Andrews' NETWORK+ GUIDE TO NETWORKS, 8th edition. It thoroughly prepares you for success on CompTIA's Network+ N10-007 certification exam with fully mapped coverage of all objectives, including protocols, topologies, hardware, network design, security and troubleshooting. Virtualization-based projects give you experience working with a wide variety of hardware, software, operating systems and device interactions, while "On the Job" stories, Applying Concepts activities, and Hands-On and Capstone Projects let you explore concepts in more depth. MindTap Networking offers additional practice and certification prep. The text's emphasis on real-world problem solving provides the tools for success in any computing environment.
Safety of Web Applications: Risks, Encryption and Handling Vulnerabilities with PHP explores many areas that can help computer science students and developers integrate security into their applications. The Internet is not secure, but it's very friendly as a tool for storing and manipulating data. Customer confidence in Internet software is based on it's ability to prevent damage and attacks, but secure software is complicated, depending on several factors, including good risk estimation, good code architecture, cyphering, web server configuration, coding to prevent the most common attacks, and identification and rights allocation.
Distributed Systems: Concurrency and Consistency explores the gray area of distributed systems and draws a map of weak consistency criteria, identifying several families and demonstrating how these may be implemented into a programming language. Unlike their sequential counterparts, distributed systems are much more difficult to design, and are therefore prone to problems. On a large scale, usability reminiscent of sequential consistency, which would provide the same global view to all users, is very expensive or impossible to achieve. This book investigates the best ways to specify the objects that are still possible to implement in these systems.
In RIOT Control, security experts from McAfee discuss how the Internet of Things (IoT) flips the current internet with de-centralized, uncontrolled elements driving massive data from the ends into central servers and the cloud, rather than the other way around. Some estimates suggest that every human being will soon be surrounded by 1,000 to 5,000 connected objects eventually, 100 trillion static or moving objects which makes for a complex system, prone to unexpected behaviors. As various industry domains rush to adopt IoT technologies, they need guidance on IoT-ready security and risk management practices to ensure system availability and security. This book explains IoT risk in terms of project requirements,
business needs, and system designs that include endpoints, network
connectivity, and cloud-based data centers. Understand the threats
and vulnerabilities of the IoT, as well as performance metrics at
the enterprise level. In recommending emerging techniques, the
authors provide insight to help judge which are best according to
specific risks and organizational needs under consideration.
Multiple case studies span several chapters to better illustrate
the business, operational, and technical risks inherent in IoT
deployments.
The third edition of "Security Careers" is the authoritative reference for current job descriptions and pay practices of security, compliance, and ethicsoccupations. The job descriptions and compensation ranges in this report are drawn from research from the Foushee Group, which has been conducting this research since 1980. "Security Careers" includes more than 75 job descriptions for security-related positions, which range from the entry-level security guard to the top global corporate executive. It also provides four years of compensation trend data to give a thorough understanding of competitive pay practices across the industry. This book can be used by anyone who manages security personnel or by security professionals who want to develop their careers. "Security Careers" is a part of Elsevier s Security Executive
Council Risk Management Portfolio, a collection of real world
solutions and "how-to" guidelines that equip executives,
practitioners, and educators with proven information for successful
security and risk management programs.
This book tackles online social networks by navigating these
systems from the birth to the death of their digital presence.
Navigating the social within the digital can be a contentious
undertaking, as social networks confuse the boundary between
offline and online relationships. These systems work to bring
people together in an online environment, yet participation can
dislocate users from other relationships and deviant online
behaviour can create offline issues. The author begins by examining
the creation of a digital presence in online networks popularized
by websites such as Facebook and MySpace. The book explores how the
digital presence influences how social, cultural and professional
relationships are discovered, forged, maintained and broken, and
journeys through the popular criticisms of social networking such
as employee time-wasting, bullying, stalking, the alleged links
between social networks and suicide and the decline of a user s
public image. Social networks are often treated as morally
ambiguous spaces, which highlights a dissonance between digital and
social literacies. This discord is approached through an
exploration of the everyday undercurrents present in social
networks. The discussion of the digital presence ends by addressing
the intricacies of becoming digitally dead, which explores how a
user removes their identity, with finality, from social networks
and the entire web.
The objective of this book is to outline the best practice in
designing, installing, commissioning and troubleshooting industrial
data communications systems. In any given plant, factory or
installation there are a myriad of different industrial
communications standards used and the key to successful
implementation is the degree to which the entire system integrates
and works together.
A uniquely practical DSP text, this book gives a thorough
understanding of the principles and applications of DSP with a
minimum of mathematics, and provides the reader with an
introduction to DSP applications in telecoms, control engineering
and measurement and data analysis systems.
SCADA (Supervisory Control and Data Acquisition) systems are at the
heart of the modern industrial enterprise ranging from mining
plants, water and electrical utility installations to oil and gas
plants. In a market that is crowded with high-level monographs and
reference guides, more practical information for professional
engineers is required. This book covers the essentials of SCADA
communication systems focussing on DNP3, the IEC 60870.5 standard
and other new developments in this area. It commences with a brief
review of the fundamentals of SCADA systems' hardware, software and
the communications systems (such as RS-232, RS-485, Ethernet and
TCP/IP) that connect the SCADA Modules together. A solid review is
then done on the DNP3 and IEC 60870.5 protocols where its features,
message structure, practical benefits and applications are
discussed. This book provides you with the knowledge to design your
next SCADA system more effectively with a focus on using the latest
communications technologies available.
There are many data communications titles covering design,
installation, etc, but almost none that specifically focus on
industrial networks, which are an essential part of the day-to-day
work of industrial control systems engineers, and the main focus of
an increasingly large group of network specialists.
Because this is a book for engineers the practical coverage is
reinforced by use of the latest interanational standards, in
particular BICSI standards (USA and international) and EU
requirements. This will make the book ideal for the large number of
industry-based training courses. Coverage has also been matched to
the requirements of the revised City & Guilds 3466-04 course.
CCNA Interactive Learning: More than 300 labs More than 4,000 hands-on tasks Four Kinds of Labs: Skill Builders Subnetting Exercises Configuration Scenarios Troubleshooting Scenarios The CCNA 200-301 Network Simulator is a single-user software package. It helps you develop and improve hands-on configuration and troubleshooting skills without the investment in expensive lab hardware. This state-of-the-art, interactive simulation software enables you to practice your networking skills with more than 300 structured labs designed to help you learn by doing, the most effective method of learning. Experience realistic network device responses as you perform each lab, which include detailed instructions, topology diagrams, critical-thinking questions, hints, and answers. Working through the labs, you will quickly become proficient with all the common Cisco IOS version 15 router and switch commands on the CCNA exam. Unlike other simulators on the market, the lab scenarios included in the CCNA 200-301 Network Simulator are far more complex, challenging you to learn how to perform real-world network configuration and troubleshooting tasks. Master the hands-on skills needed to succeed on the CCNA exam, including: Network fundamentals Network access IP connectivity IP services Security fundamentals IP Subnetting Skill Builders: These 175+ labs are narrowly focused, enabling you to practice your configuration skills on a single topic. Coverage includes: Interface settings and status Router and Switch CLI Exec Mode and config process Telnet, Ping, Traceroute, and terminal history Switch IP address, connectivity, and forwarding PC IP commands Configuring IP addresses Subnet Zero IP addressing and IPv6 address configuration CDP and LLDP VLANs and Trunking Router-on-a-stick STP and MLS Static and Dynamic EtherChannel Wireless LAN Controllers Connected, static, and default routes OSPF SSH NAT NTP Router and switch security fundamentals ACL CHCP Dynamic ARP Port security IOS backup Subnetting Exercises: These 80 labs help you to perform subnetting calculations quickly and accurately, a critical skill for success on the CCNA exam. Topics covered include: IPv4 and IPv6 subnet ID calculation IP address rejection IP route selection VLSM overlaps IPv6 EUI-64 calculation Selecting VLSM routes Configuration Scenarios: These 40+ labs are more broadly focused, combining multiple technologies into configuration scenarios that mimic real-world environments. These labs are longer and more complex,challenging you to put your configuration skills to the test. Topics covered include: IP and MAC comparisons Switch IP connectivity and security Subnetting and addressing IP addressing and configuration IPv6 configuraiton Switch interfaces and forwarding VLAN trunking STP analysis, configuration, and prediction Wireless LAN Controllers Static routing Configuring default routes OSPF Router-on-a-stick to MLS SSH and Telnet NAT ACL Password recovery Rebuilding a configuration Troubleshooting Scenarios: These 18 labs present typical troubleshooting scenarios and require you to explore the misconfigured network, isolate the issues, and correct the problems. These are very complicated and realistic scenarios that truly test your ability to perform the job of a network engineer. Topics covered include: Switch forwarding Path analysis and troubleshooting IPv4/IPv6 addressing IP routing OSPF VLAN troubleshooting STP Network discovery Port security System requirements: Operating Systems: Windows 10 (32/64 bit) Windows 8.1 (32/64 bit) Mac OS 10.15 (Catalina) Mac OS 10.14 (Mojave) Mac OS 10.13 (High Sierra) Free Storage Space: 1 GB (minimum) System memory (RAM): 4 GB (minimum) Processor: i3 3.4 GHz (minimum) and above Software Pre-requisites: Node JS 10 PDF reader Monitor resolution: Minimum resolution: 1024 X 768 Best viewed: 1280 X 800 and above Internet speed: 2 Mbps (minimum) is needed only during software activation, reporting feedback and receiving updates. After activation, Internet is not needed for accessing the labs in the application. Language: English (US)
This pocket guide is perfect as a quick reference for PCI professionals, or as a handy introduction for new staff. It explains the fundamental concepts of the latest iteration of the PCI DSS, v3.2.1, making it an ideal training resource. It will teach you how to protect your customers' cardholder data with best practice from the Standard.
Passwords are not enough A password is a single authentication factor - anyone who has it can use it. No matter how strong it is, if it's lost or stolen, it's entirely useless at keeping information private. To secure your data properly, you also need to use a separate, secondary authentication factor. Data breaches are now commonplace In recent years, large-scale data breaches have increased dramatically in both severity and number, and the loss of personal information - including password data - has become commonplace. Furthermore, the fact that rapidly evolving password-cracking technology and the habitual use - and reuse - of weak passwords has rendered the security of username and password combinations negligible, and you have a very strong argument for more robust identity authentication. Consumers are beginning to realise just how exposed their personal and financial information is, and are demanding better security from the organisations that collect, process and store it. This has led to a rise in the adoption of two-factor authentication (TFA or 2FA). In the field of authentication security, the method of proving identity can be broken down into three characteristics - roughly summarised as 'what you have', 'what you are' and 'what you know'. Two-factor authentication relies on the combination of two of these factors. Product overview TFA is nothing new. It's mandated by requirement 8.3 of the Payment Card Industry Data Security Standard (PCI DSS) and banks have been using it for years, combining payment cards ('what you have') and PINs ('what you know'). If you use online banking you'll probably also have a chip authentication programme (CAP) keypad, which generates a one-time password (OTP). What is new is TFA's rising adoption beyond the financial sector. Two-Factor Authentication provides a comprehensive evaluation of popular secondary authentication methods, such as: Hardware-based OTP generation SMS-based OTP delivery Phone call-based mechanisms Geolocation-aware authentication Push notification-based authentication Biometric authentication factors Smart card verification As well as examining MFA (multi-factor authentication), 2SV (two-step verification) and strong authentication (authentication that goes beyond passwords, using security questions or layered security), the book also discusses the wider application of TFA for the average consumer, for example at such organisations as Google, Amazon and Facebook. It also considers the future of multi-factor authentication, including its application to the Internet of Things (IoT). Increasing your password strength will do absolutely nothing to protect you from online hacking, phishing attacks or corporate data breaches. If you're concerned about the security of your personal and financial data, you need to read this book. About the author Mark Stanislav is an information technology professional with over a decade's varied experience in systems administration, web application development and information security. He is currently a senior security consultant for the Strategic Services team at Rapid7. Mark has spoken internationally at nearly 100 events, including RSA, DEF CON, SecTor, SOURCE Boston, ShmooCon and THOTCON. News outlets such as the Wall Street Journal, Al Jazeera America, Fox Business, MarketWatch, CNN Money, Yahoo Finance, Marketplace and The Register have featured Mark's research, initiatives and insights on information security.
ISO/IEC 27001:2005 is an international standard for information security management systems (ISMSs). Closely allied to ISO/IEC 27002:2005 (which used to be known as ISO17799), this standard (sometimes called the ISMS standard) can help organisations meet all their information-related regulatory compliance objectives and can help them prepare and position themselves for new and emerging regulations. Information is the lifeblood of today s organis-ation and, therefore, ensuring that information is simultaneously protected and available to those who need it is essential to modern business operations. Information systems are not usually designed from the outset to be secure. Technical security measures and checklists are limited in their ability to protect a complete information system. Management systems and procedural controls are essential components of any really secure information system and, to be effective, need careful planning and attention to detail. ISO/IEC 27001 provides the specification for an information security management system and, in the related Code of Practice, ISO/IEC 27002, it draws on the knowledge of a group of experienced information security practitioners in a wide range of significant organisations across more than 40 countries to set out best practice in information security. An ISO27001-compliant system will provide a systematic approach to ensuring the availability, confidentiality and integrity of corporate information. The controls of ISO27001 are based on identifying and combating the entire range of potential risks to the organisation s information assets. This helpful, handy ISO27001/ISO27002 pocket guide gives a useful overview of these two important information security standards. Key features include: The ISO/IEC 27000 Family of Information Security Standards Background to the Standards Specification vs Code of Practice Certification process The ISMS and ISO27001 Overview of ISO/IEC 27001:2005 Documentation & Records Management Responsibility Policy & Scope Risk Assessment Implementation
The modern business world faces many new challenges in preserving its confidentiality and data from online attackers. Further, it also faces a struggle with preventing fraud. These challenges threaten businesses internally and externally and can cause huge losses. It is essential for business leaders to be up to date on the current fraud prevention, confidentiality, and data security to protect their businesses. Fraud Prevention, Confidentiality, and Data Security for Modern Businesses provides examples and research on the security challenges, practices, and blueprints for today's data storage and analysis systems to protect against current and emerging attackers in the modern business world. It includes the organizational, strategic, and technological depth to design modern data security practices within any organization. Covering topics such as confidential communication, information security management, and social engineering, this premier reference source is an indispensable resource for business executives and leaders, entrepreneurs, IT managers, security specialists, students and educators of higher education, librarians, researchers, and academicians.
The damaging effects of cyberattacks to an industry like the Cooperative Connected and Automated Mobility (CCAM) can be tremendous. From the least important to the worst ones, one can mention for example the damage in the reputation of vehicle manufacturers, the increased denial of customers to adopt CCAM, the loss of working hours (having direct impact on the European GDP), material damages, increased environmental pollution due e.g., to traffic jams or malicious modifications in sensors' firmware, and ultimately, the great danger for human lives, either they are drivers, passengers or pedestrians. Connected vehicles will soon become a reality on our roads, bringing along new services and capabilities, but also technical challenges and security threats. To overcome these risks, the CARAMEL project has developed several anti-hacking solutions for the new generation of vehicles. CARAMEL (Artificial Intelligence-based Cybersecurity for Connected and Automated Vehicles), a research project co-funded by the European Union under the Horizon 2020 framework programme, is a project consortium with 15 organizations from 8 European countries together with 3 Korean partners. The project applies a proactive approach based on Artificial Intelligence and Machine Learning techniques to detect and prevent potential cybersecurity threats to autonomous and connected vehicles. This approach has been addressed based on four fundamental pillars, namely: Autonomous Mobility, Connected Mobility, Electromobility, and Remote Control Vehicle. This book presents theory and results from each of these technical directions.
Since the advent of the internet, online communities have emerged as a way for users to share their common interests and connect with others with ease. As the possibilities of the online world grew and the COVID-19 pandemic raged across the world, many organizations recognized the utility in not only providing further services online, but also in transitioning operations typically fulfilled in-person to an online space. As society approaches a reality in which most community practices have moved to online spaces, it is essential that community leaders remain knowledgeable on the best practices in cultivating engagement. Community Engagement in the Online Space evaluates key issues and practices pertaining to community engagement in remote settings. It analyzes various community engagement efforts within remote education, online groups, and remote work. This book further reviews the best practices for community engagement and considerations for the optimization of these practices for effective virtual delivery to support emergency environmental challenges, such as pandemic conditions. Covering topics such as community belonging, global health virtual practicum, and social media engagement, this premier reference source is an excellent resource for program directors, faculty and administrators of both K-12 and higher education, students of higher education, business leaders and executives, IT professionals, online community moderators, librarians, researchers, and academicians. |
![]() ![]() You may like...
Introduction to Intelligent Simulation…
Abdelhakim Artiba, V. V. Emelyanov, …
Hardcover
R4,656
Discovery Miles 46 560
Flash Memory Integration - Performance…
Jalil Boukhobza, Pierre Olivier
Hardcover
R1,942
Discovery Miles 19 420
Machine Learning and Artificial…
Benjamin Moseley, Lion Krischer
Hardcover
Digital Signal Processing - Theory and…
K. Deergha Rao, M.N.S. Swamy
Hardcover
R3,056
Discovery Miles 30 560
|