Your cart is empty
The ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing. This new edition provides complete guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples. All CISA terminology has been revised to reflect the most recent interpretations, including 73 definition and nomenclature changes. Each chapter summary highlights the most important topics on which you'll be tested, and review questions help you gauge your understanding of the material. You also get access to electronic flashcards, practice exams, and the Sybex test engine for comprehensively thorough preparation. For those who audit, control, monitor, and assess enterprise IT and business systems, the CISA certification signals knowledge, skills, experience, and credibility that delivers value to a business. This study guide gives you the advantage of detailed explanations from a real-world perspective, so you can go into the exam fully prepared. * Discover how much you already know by beginning with an assessment test * Understand all content, knowledge, and tasks covered by the CISA exam * Get more in-depths explanation and demonstrations with an all-new training video * Test your knowledge with the electronic test engine, flashcards, review questions, and more The CISA certification has been a globally accepted standard of achievement among information systems audit, control, and security professionals since 1978. If you're looking to acquire one of the top IS security credentials, CISA is the comprehensive study guide you need.
*THE INSTANT NEW YORK TIMES BESTSELLER AND WORLD ECONOMIC FORUM BOOK
GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES provides a thorough guide to perimeter defense fundamentals, including intrusion detection and firewalls. This trusted text also covers more advanced topics such as security policies, network address translation (NAT), packet filtering and analysis, proxy servers, virtual private networks (VPN), and network traffic signatures. Thoroughly updated, the new third edition reflects the latest technology, trends, and techniques including virtualization, VMware, IPv6, and ICMPv6 structure, making it easier for current and aspiring professionals to stay on the cutting edge and one step ahead of potential security threats. A clear writing style and numerous screenshots and illustrations make even complex technical material easier to understand, while tips, activities, and projects throughout the text allow you to hone your skills by applying what you learn. Perfect for students and professionals alike in this high-demand, fast-growing field, GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES, Third Edition, is a must-have resource for success as a network security professional.
For undergraduate and graduate courses in Business Data Communication / Networking (MIS) Clear writing style, job-ready detail, and focus on the technologies used in today's marketplace Business Data Networks and Security guides readers through the details of networking, while helping them train for the workplace. It starts with the basics of security and network design and management; goes beyond the basic topology and switch operation covering topics like VLANs, link aggregation, switch purchasing considerations, and more; and covers the latest in networking techniques, wireless networking, with an emphasis on security. With this text as a guide, readers learn the basic, introductory topics as a firm foundation; get sound training for the marketplace; see the latest advances in wireless networking; and learn the importance and ins and outs of security. Teaching and Learning Experience This textbook will provide a better teaching and learning experience-for you and your students. Here's how: *The basic, introductory topics provide a firm foundation. *Job-level content prepares students with the skills demanded by today's employers. *The latest in networking techniques and wireless networking, including a focus on security, keeps students up to date and aware of what's going on in the field. *The flow of the text guides students through the material. MyMISLab not included. Students, if MyMISLab is a recommended/mandatory component of the course, please ask your instructor for the correct ISBN and course ID. MyMISLab is not a self-paced technology and should only be purchased when required by an instructor. Instructors, contact your Pearson representative for more information. MyMISLab is an online homework, tutorial, and assessment product designed to personalize learning and improve results. With a wide range of interactive, engaging, and assignable activities, students are encouraged to actively learn and retain tough course concepts.
For introductory courses in IT Security. A strong business focus through a solid technical presentation of security tools. Corporate Computer Security provides a strong business focus along with a solid technical understanding of security tools. This text gives students the IT security skills they need for the workplace. This edition is more business focused and contains additional hands-on projects, coverage of wireless and data security, and case studies. This program will provide a better teaching and learning experience-for you and your students. Here's how: *Encourage Student's to Apply Concepts: Each chapter now contains new hands-on projects that use contemporary software. *Business Environment Focus: This edition includes more of a focus on the business applications of the concepts. Emphasis has been placed on securing corporate information systems, rather than just hosts in general. *Keep Your Course Current and Relevant: New examples, exercises, and research findings appear throughout the text.
This is a complete teaching and learning package for the 2011 specifications helping both students and tutors to get the best results.
The Pentester Blueprint guides readers on how to prepare and enter the cybersecurity filed as a penetration tester aka ethical hacker or white hat hacker. While there are a lot of books about technical tools for penetration testing, The Pentester Blueprint describes the role of a penetration tester, what a pentest entails, and the prerequisite knowledge required to start the educational journey of a pentester. The book goes on to detail learning resources and industry certifications that are helpful in becoming a pentester. The Pentester Blueprint evolved from the author's frequent popular presentations on the same topic at many conferences. Coverage includes: Foundation - Discuss the foundational perquisite knowledge needed to become a pentester. Discuss the IT basic skills such as operating systems, networking and security needed to be a pentester. Hacking skills - Discuss developing hacking skills and the hacker mindset. Education options - Discuss learning options such as college classes, security training providers and self-study. Education resources - Discuss education resources including; books, videos, conferences and community. Certifications and degrees - Discuss credentials useful for gaining employment as a pentester including; degrees and certificates. Getting Experience - Discuss methods for developing hacking/pentesting skills such as labs (third party and home), CTFs, bug bounties, pro bono/volunteer work. Developing a plan - Discuss how to assess current skillset and knowledge to find a starting place and the perform a gap analysis to develop a learning plan. Discuss goal setting and educational milestones to track progress. Getting employed as a pentester - Discuss how to find a job as a pentester through networking, social media and community evolvement.
The transfer of information over the world wide web depends critically on secure communications. The need to protect the material we send and receive from cyberspace, from the largest of business transactions to the simplest of personal web-pages, is crucial in ensuring we can continue to use this incredible resource safely. Cryptology provides the most reliable tools for storing or transmitting digital information and is the gold standard for attaining the levels of security our online interactions demand. Taking a step-by-step approach, P. K. Yuen demonstrates how to master web-based security skills including: protecting websites from hackers and viruses; encrypting email; building a secure web-database; performing secure business transactions over the web. Working from a problem-solving perspective, he shows how to implement security solutions and looks from the attacker's point of view at possible challenges to that security. In short, Practical Cryptology and Web Security offers a practical and comprehensive guide to all aspects of web security. This book features over 120 worked examples, many from industry, demonstrate the key considerations in implementing web security. AES, this book examines the latest web technologies in terms of security, including XML Signatures and XML Digital Contracts. PK Yuen is a well known expert on Communications, Internet and the World Wide Web. He has over 13 years' experience working on web technologies including large scale application developments, engineer training and project leadership and working on the security system of the Shanghai Pu Dong airport, China. He also co-authored Practical Web Technologies, published by Addison-Wesley in 2003.
Incorporate offense and defense for a more effective network security strategy Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals. Assaults and manipulation of computer networks are rampant around the world. One of the biggest challenges is fitting the ever-increasing amount of information into a whole plan or framework to develop the right strategies to thwart these attacks. This book clears the confusion by outlining the approaches that work, the tools that work, and resources needed to apply them. * Understand the fundamental concepts of computer network exploitation * Learn the nature and tools of systematic attacks * Examine offensive strategy and how attackers will seek to maintain their advantage * Understand defensive strategy, and how current approaches fail to change the strategic balance Governments, criminals, companies, and individuals are all operating in a world without boundaries, where the laws, customs, and norms previously established over centuries are only beginning to take shape. Meanwhile computer espionage continues to grow in both frequency and impact. This book will help you mount a robust offense or a strategically sound defense against attacks and exploitation. For a clear roadmap to better network security, Network Attacks and Exploitation is your complete and practical guide.
The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side. * Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition * Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more * Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws. Also available as a set with, CEHv8: Certified Hacker Version 8 Study Guide, Ethical Hacking and Web Hacking Set, 9781119072171.
This well-balanced text touches on theoretical and applied aspects of protecting digital data. The reader is provided with the basic theory and is then shown deeper fascinating detail, including the current state of the art. Readers will soon become familiar with methods of protecting digital data while it is transmitted, as well as while the data is being stored. Both basic and advanced error-correcting codes are introduced together with numerous results on their parameters and properties. The authors explain how to apply these codes to symmetric and public key cryptosystems and secret sharing. Interesting approaches based on polynomial systems solving are applied to cryptography and decoding codes. Computer algebra systems are also used to provide an understanding of how objects introduced in the book are constructed, and how their properties can be examined. This book is designed for Masters-level students studying mathematics, computer science, electrical engineering or physics.
Written by leading researchers, this complete introduction brings together all the theory and tools needed for building robust machine learning in adversarial environments. Discover how machine learning systems can adapt when an adversary actively poisons data to manipulate statistical inference, learn the latest practical techniques for investigating system security and performing robust data analysis, and gain insight into new approaches for designing effective countermeasures against the latest wave of cyber-attacks. Privacy-preserving mechanisms and the near-optimal evasion of classifiers are discussed in detail, and in-depth case studies on email spam and network security highlight successful attacks on traditional machine learning algorithms. Providing a thorough overview of the current state of the art in the field, and possible future directions, this groundbreaking work is essential reading for researchers, practitioners and students in computer security and machine learning, and those wanting to learn about the next stage of the cybersecurity arms race.
This value-packed packed set for the serious CISSP certification candidate combines the bestselling (ISC)(2) CISSP Certified Information Systems Security Professional Official Study Guide, 8th Edition with an all new collection of Practice Exams to give you the best preparation ever for the high-stakes CISSP Exam. (ISC)(2) CISSP Study Guide, 8th Edition has been completely updated for the latest 2018 CISSP Body of Knowledge. This bestselling Sybex study guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions. Along with the book, you also get access to Sybex's superior online interactive learning environment that includes four unique 250 question practice exams to help you identify where you need to study more, more than 650 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam, a searchable glossary in PDF to give you instant access to the key terms you need to know for the exam. Add to that the all-new (ISC)(2) CISSP Certified Information Systems Security Professional Official Practice Tests, 2nd edition with 2 more complete 250-question exams and another 100 questions for each of the 8 domains and you'll be as ready as you can be for the CISSP exam. Coverage of all of the exam topics in each book means you'll be ready for: Security and Risk Management Asset Security Security Engineering Communication and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security
Using a well-conceived incident response plan in the aftermath of an online security breach enables your team to identify attackers and learn how they operate. But, only when you approach incident response with a cyber threat intelligence mindset will you truly understand the value of that information. With this practical guide, you'll learn the fundamentals of intelligence analysis, as well as the best ways to incorporate these techniques into your incident response process. Each method reinforces the other: threat intelligence supports and augments incident response, while incident response generates useful threat intelligence. This book helps incident managers, malware analysts, reverse engineers, digital forensics specialists, and intelligence analysts understand, implement, and benefit from this relationship. In three parts, this in-depth book includes: The fundamentals: get an introduction to cyber threat intelligence, the intelligence process, the incident-response process, and how they all work together Practical application: walk through the intelligence-driven incident response (IDIR) process using the F3EAD process-Find, Fix Finish, Exploit, Analyze, and Disseminate The way forward: explore big-picture aspects of IDIR that go beyond individual incident-response investigations, including intelligence team building
For computer-security courses that are taught at the undergraduate level and that have as their sole prerequisites an introductory computer science sequence (e.g., CS 1/CS 2). A new Computer Security textbook for a new generation of IT professionals. Unlike most other computer security textbooks available today, Introduction to Computer Security, 1e does NOT focus on the mathematical and computational foundations of security, and it does not assume an extensive background in computer science. Instead it looks at the systems, technology, management, and policy side of security, and offers students fundamental security concepts and a working knowledge of threats and countermeasures with "just-enough" background in computer science. The result is a presentation of the material that is accessible to students of all levels.
Learn how to attack and defend the world s most popular web server platform Linux Server Security: Hack and Defend presents a detailed guide for experienced admins, aspiring hackers and other IT professionals seeking a more advanced understanding of Linux security. Written by a 20-year veteran of Linux server deployment this book provides the insight of experience along with highly practical instruction. The topics range from the theory of past, current, and future attacks, to the mitigation of a variety of online attacks, all the way to empowering you to perform numerous malicious attacks yourself (in the hope that you will learn how to defend against them). By increasing your understanding of a hacker s tools and mindset you're less likely to be confronted by the all-too-common reality faced by many admins these days: someone else has control of your systems. * Master hacking tools and launch sophisticated attacks: perform SQL injections, deploy multiple server exploits and crack complex passwords. * Defend systems and networks: make your servers invisible, be confident of your security with penetration testing and repel unwelcome attackers. * Increase your background knowledge of attacks on systems and networks and improve all-important practical skills required to secure any Linux server. The techniques presented apply to almost all Linux distributions including the many Debian and Red Hat derivatives and some other Unix-type systems. Further your career with this intriguing, deeply insightful, must-have technical book. Diverse, broadly-applicable and hands-on practical, Linux Server Security: Hack and Defend is an essential resource which will sit proudly on any techie's bookshelf.
For courses in Cryptography, Computer Security, and Network Security The Principles and Practice of Cryptography and Network Security Stallings' Cryptography and Network Security, Seventh Edition, introduces students to the compelling and evolving field of cryptography and network security. In an age of viruses and hackers, electronic eavesdropping, and electronic fraud on a global scale, security is paramount. The purpose of this book is to provide a practical survey of both the principles and practice of cryptography and network security. In the first part of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practical applications that have been implemented and are in use to provide network security. The Seventh Edition streamlines subject matter with new and updated material - including Sage, one of the most important features of the book. Sage is an open-source, multiplatform, freeware package that implements a very powerful, flexible, and easily learned mathematics and computer algebra system. It provides hands-on experience with cryptographic algorithms and supporting homework assignments. With Sage, students learn a powerful tool that can be used for virtually any mathematical application. The book also provides an unparalleled degree of support for instructors and students to ensure a successful teaching and learning experience.
Protect your organization from scandalously easy-to-hack MFA security "solutions" Multi-Factor Authentication (MFA) is spreading like wildfire across digital environments. However, hundreds of millions of dollars have been stolen from MFA-protected online accounts. How? Most people who use multifactor authentication (MFA) have been told that it is far less hackable than other types of authentication, or even that it is unhackable. You might be shocked to learn that all MFA solutions are actually easy to hack. That's right: there is no perfectly safe MFA solution. In fact, most can be hacked at least five different ways. Hacking Multifactor Authentication will show you how MFA works behind the scenes and how poorly linked multi-step authentication steps allows MFA to be hacked and compromised. This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You'll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers') needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book. Learn how different types of multifactor authentication work behind the scenes See how easy it is to hack MFA security solutions--no matter how secure they seem Identify the strengths and weaknesses in your (or your customers') existing MFA security and how to mitigate Author Roger Grimes is an internationally known security expert whose work on hacking MFA has generated significant buzz in the security world. Read this book to learn what decisions and preparations your organization needs to take to prevent losses from MFA hacking.
You may like...
Information Theoretic Security and…
Holger Boche, H. Vincent Poor Hardcover R2,552 Discovery Miles 25 520
Cryptography - The Key to Digital…
Keith Martin Hardcover
Paul Day Hardcover
#deleted - Big Tech's Battle to Erase…
Allum Bokhari CD
CompTIA CySA+ Practice Tests - Exam…
Mike Chapple, David Seidl Paperback
The Official (ISC)2 Guide to the CISSP…
John Warsinske, Mark Graff, … Hardcover R1,763 Discovery Miles 17 630
Interference Management in Wireless…
Venugopal V. Veeravalli, Aly El Gamal Hardcover R1,886 Discovery Miles 18 860
Dieter Gollmann Paperback R1,209 Discovery Miles 12 090
Computer Networking for LANS to WANS…
James Antonakos, Kenneth Mansfield, Jr. Paperback
Data Localization Laws and Policy - The…
W. Kuan Hon Hardcover R3,623 Discovery Miles 36 230