Your cart is empty
The ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing. This new edition provides complete guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples. All CISA terminology has been revised to reflect the most recent interpretations, including 73 definition and nomenclature changes. Each chapter summary highlights the most important topics on which you'll be tested, and review questions help you gauge your understanding of the material. You also get access to electronic flashcards, practice exams, and the Sybex test engine for comprehensively thorough preparation. For those who audit, control, monitor, and assess enterprise IT and business systems, the CISA certification signals knowledge, skills, experience, and credibility that delivers value to a business. This study guide gives you the advantage of detailed explanations from a real-world perspective, so you can go into the exam fully prepared. * Discover how much you already know by beginning with an assessment test * Understand all content, knowledge, and tasks covered by the CISA exam * Get more in-depths explanation and demonstrations with an all-new training video * Test your knowledge with the electronic test engine, flashcards, review questions, and more The CISA certification has been a globally accepted standard of achievement among information systems audit, control, and security professionals since 1978. If you're looking to acquire one of the top IS security credentials, CISA is the comprehensive study guide you need.
*THE INSTANT NEW YORK TIMES BESTSELLER AND WORLD ECONOMIC FORUM BOOK
GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES provides a thorough guide to perimeter defense fundamentals, including intrusion detection and firewalls. This trusted text also covers more advanced topics such as security policies, network address translation (NAT), packet filtering and analysis, proxy servers, virtual private networks (VPN), and network traffic signatures. Thoroughly updated, the new third edition reflects the latest technology, trends, and techniques including virtualization, VMware, IPv6, and ICMPv6 structure, making it easier for current and aspiring professionals to stay on the cutting edge and one step ahead of potential security threats. A clear writing style and numerous screenshots and illustrations make even complex technical material easier to understand, while tips, activities, and projects throughout the text allow you to hone your skills by applying what you learn. Perfect for students and professionals alike in this high-demand, fast-growing field, GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES, Third Edition, is a must-have resource for success as a network security professional.
With a foreword from Bill Gates From Microsoft's President and one of the tech industry's wisest thinkers, a frank and thoughtful reckoning with how to balance enormous promise and existential risk as the digitization of everything accelerates. __________ Microsoft President Brad Smith operates by a simple core belief: when your technology changes the world, you bear a responsibility to help address the world you have helped create. This might seem uncontroversial, but it flies in the face of a tech sector long obsessed with rapid growth and sometimes on disruption as an end in itself. Now, though, we have reached an inflection point: Silicon Valley has moved fast and it has broken things. A new understanding has emerged that companies that create technology must accept greater responsibility for the future. And governments will need to regulate technology by moving faster and catching up with the pace of innovation that is impacting our communities and changing the world. In Tools and Weapons, Brad Smith takes us into the cockpit of one of the world's largest and most powerful tech companies as it finds itself in the middle of some of the thorniest emerging issues of our time. These are challenges that come with no pre-existing playbook, including privacy, cybercrime and cyberwar, social media, the moral conundrums of AI, big tech's relationship to inequality and the challenges for democracy, far and near. While in no way a self-glorifying "Microsoft memoir," the book opens up the curtain remarkably wide onto some of the company's most crucial recent decision points, as it strives to protect the hopes technology offers against the very real threats it also presents. Every tool can be a weapon in the wrong person's hands, and companies are being challenged in entirely new ways to embrace the totality of their responsibilities. We have moved from a world in which Silicon Valley could take no prisoners to one in which tech companies and governments must work together to address the challenges and adapt to the changes technology has unleashed. There are huge ramifications to be thought through, and Brad Smith provides a marvellous and urgently necessary contribution to that effort.
Would you say your phone is safe, or your computer? What about your car? Or your bank? There is a global war going on and the next target could be anyone, from a global corporation to a randomly selected person. From cybercrime villages in Romania to intellectual property theft campaigns in China, these are the true stories of the hackers behind some of the largest cyberattacks in history, and those committed to stopping them. You've never heard of them and you're not getting their real names. Kate Fazzini has met the hackers that create new cyberweapons, hack sports cars and develop ransomware capable of stopping international banks in their tracks. Kingdom of Lies is a fast-paced look at technological innovations that were mere fantasy only a few years ago, but now make up an integral part of all our lives.
Like it or not, your every move is being watched and analyzed. Consumer's identities are being stolen, and a person's every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.
In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge--and he teaches you "the art of invisibility." Mitnick is the world's most famous--and formerly the Most Wanted--computer hacker. He has hacked into some of the country's most powerful and seemingly impenetrable agencies and companies, and at one point he was on a three-year run from the FBI. Now, though, Mitnick is reformed and is widely regarded as the expert on the subject of computer security. He knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening.
In THE ART OF INVISIBILITY Mitnick provides both online and real life tactics and inexpensive methods to protect you and your family, in easy step-by-step instructions. He even talks about more advanced "elite" techniques, which, if used properly, can maximize your privacy. Invisibility isn't just for superheroes--privacy is a power you deserve and need in this modern age.
An accessible introduction to cybersecurity concepts and practices Cybersecurity Essentials provides a comprehensive introduction to the field, with expert coverage of essential topics required for entry-level cybersecurity certifications. An effective defense consists of four distinct challenges: securing the infrastructure, securing devices, securing local networks, and securing the perimeter. Overcoming these challenges requires a detailed understanding of the concepts and practices within each realm. This book covers each challenge individually for greater depth of information, with real-world scenarios that show what vulnerabilities look like in everyday computing scenarios. Each part concludes with a summary of key concepts, review questions, and hands-on exercises, allowing you to test your understanding while exercising your new critical skills. Cybersecurity jobs range from basic configuration to advanced systems analysis and defense assessment. This book provides the foundational information you need to understand the basics of the field, identify your place within it, and start down the security certification path. * Learn security and surveillance fundamentals * Secure and protect remote access and devices * Understand network topologies, protocols, and strategies * Identify threats and mount an effective defense Cybersecurity Essentials gives you the building blocks for an entry level security certification and provides a foundation of cybersecurity knowledge
Each Student Book and ActiveBook have has clearly laid out pages with a range of supportive features to aid learning and teaching: Getting to know your unit sections ensure learners understand the grading criteria and unit requirements. Getting ready for Assessment sections focus on preparation for external assessment with guidance for learners on what to expect. Hints and tips will help them prepare for assessment and sample answers are provided for a range of question types including, short and long answer questions, all with a supporting commentary. Learners can also prepare for internal assessment using this feature. A case study of a learner completing the internal assessment for that unit covering 'How I got started', 'How I brought it all together' and 'What I got from the experience'. Pause Point feature provide opportunities for learners to self-evaluate their learning at regular intervals. Each Pause Point point feature gives learners a Hint or Extend option to either revisit and reinforce the topic or to encourage independent research or study skills. Case Study and Theory into Practice features enable development of problem-solving skills and place the theory into real life situations learners could encounter. Assessment Activity/Practice provide scaffolded assessment practice activities that help prepare learners for assessment. Within each assessment practice activity, a Plan, Do and Review section supports learners' formative assessment by making sure they fully understand what they are being asked to do, what their goals are and how to evaluate the task and consider how they could improve. Dedicated Think Future pages provide case studies from the industry, with a focus on aspects of skills development that can be put into practice in a real work environment and further study.
The ultimate hands-on guide to IT security and proactive defense The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills. Security technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. The Network Security Test Lab is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers. * Get acquainted with your hardware, gear, and test platform * Learn how attackers penetrate existing security systems * Detect malicious activity and build effective defenses * Investigate and analyze attacks to inform defense strategy The Network Security Test Lab is your complete, essential guide.
The continued growth of e-commerce mandates the emergence of new technical standards and methods that will securely integrate online activities with pre-existing infrastructures, laws and processes. Protocols for Secure Electronic Commerce, Second Edition addresses the security portion of this challenge. It is a full compendium of the protocols for securing online commerce and payments, serving as an invaluable resource for students and professionals in the fields of computer science and engineering, IT security, and financial and banking technology.
Incorporate offense and defense for a more effective network security strategy Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals. Assaults and manipulation of computer networks are rampant around the world. One of the biggest challenges is fitting the ever-increasing amount of information into a whole plan or framework to develop the right strategies to thwart these attacks. This book clears the confusion by outlining the approaches that work, the tools that work, and resources needed to apply them. * Understand the fundamental concepts of computer network exploitation * Learn the nature and tools of systematic attacks * Examine offensive strategy and how attackers will seek to maintain their advantage * Understand defensive strategy, and how current approaches fail to change the strategic balance Governments, criminals, companies, and individuals are all operating in a world without boundaries, where the laws, customs, and norms previously established over centuries are only beginning to take shape. Meanwhile computer espionage continues to grow in both frequency and impact. This book will help you mount a robust offense or a strategically sound defense against attacks and exploitation. For a clear roadmap to better network security, Network Attacks and Exploitation is your complete and practical guide.
Learn how to attack and defend the world s most popular web server platform Linux Server Security: Hack and Defend presents a detailed guide for experienced admins, aspiring hackers and other IT professionals seeking a more advanced understanding of Linux security. Written by a 20-year veteran of Linux server deployment this book provides the insight of experience along with highly practical instruction. The topics range from the theory of past, current, and future attacks, to the mitigation of a variety of online attacks, all the way to empowering you to perform numerous malicious attacks yourself (in the hope that you will learn how to defend against them). By increasing your understanding of a hacker s tools and mindset you're less likely to be confronted by the all-too-common reality faced by many admins these days: someone else has control of your systems. * Master hacking tools and launch sophisticated attacks: perform SQL injections, deploy multiple server exploits and crack complex passwords. * Defend systems and networks: make your servers invisible, be confident of your security with penetration testing and repel unwelcome attackers. * Increase your background knowledge of attacks on systems and networks and improve all-important practical skills required to secure any Linux server. The techniques presented apply to almost all Linux distributions including the many Debian and Red Hat derivatives and some other Unix-type systems. Further your career with this intriguing, deeply insightful, must-have technical book. Diverse, broadly-applicable and hands-on practical, Linux Server Security: Hack and Defend is an essential resource which will sit proudly on any techie's bookshelf.
The only official, comprehensive reference guide to the CISSP All new for 2019 and beyond, this is the authoritative common body of knowledge (CBK) from (ISC)2 for information security professionals charged with designing, engineering, implementing, and managing the overall information security program to protect organizations from increasingly sophisticated attacks. Vendor neutral and backed by (ISC)2, the CISSP credential?meets the stringent requirements of ISO/IEC Standard 17024. This CBK covers the new eight domains of CISSP with the necessary depth to apply them to the daily practice of information security. Written by a team of subject matter experts, this comprehensive reference covers all of the more than 300 CISSP objectives and sub-objectives in a structured format with: Common and good practices for each objective Common vocabulary and definitions References to widely accepted computing standards Highlights of successful approaches through case studies Whether youve earned your CISSP credential or are looking for a valuable resource to help advance your security career, this comprehensive guide offers everything you need to apply the knowledge of the most recognized body of influence in information security.
Get prepared for your Information Security job search! Do you want to equip yourself with the knowledge necessary to succeed in the Information Security job market? If so, you've come to the right place. Packed with the latest and most effective strategies for landing a lucrative job in this popular and quickly-growing field, Getting an Information Security Job For Dummies provides no-nonsense guidance on everything you need to get ahead of the competition and launch yourself into your dream job as an Information Security (IS) guru. Inside, you'll discover the fascinating history, projected future, and current applications/issues in the IS field. Next, you'll get up to speed on the general educational concepts you'll be exposed to while earning your analyst certification and the technical requirements for obtaining an IS position. Finally, learn how to set yourself up for job hunting success with trusted and supportive guidance on creating a winning resume, gaining attention with your cover letter, following up after an initial interview, and much more. Covers the certifications needed for various jobs in the Information Security field Offers guidance on writing an attention-getting resume Provides access to helpful videos, along with other online bonus materials Offers advice on branding yourself and securing your future in Information Security If you're a student, recent graduate, or professional looking to break into the field of Information Security, this hands-on, friendly guide has you covered.
Harden the human firewall against the most current threats Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker's repertoire--why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly-used techniques that fool even the most robust security personnel, and shows you how these techniques have been used in the past. The way that we make decisions as humans affects everything from our emotions to our security. Hackers, since the beginning of time, have figured out ways to exploit that decision making process and get you to take an action not in your best interest. This new Second Edition has been updated with the most current methods used by sharing stories, examples, and scientific study behind how those decisions are exploited. Networks and systems can be hacked, but they can also be protected; when the "system" in question is a human being, there is no software to fall back on, no hardware upgrade, no code that can lock information down indefinitely. Human nature and emotion is the secret weapon of the malicious social engineering, and this book shows you how to recognize, predict, and prevent this type of manipulation by taking you inside the social engineer's bag of tricks. Examine the most common social engineering tricks used to gain access Discover which popular techniques generally don't work in the real world Examine how our understanding of the science behind emotions and decisions can be used by social engineers Learn how social engineering factors into some of the biggest recent headlines Learn how to use these skills as a professional social engineer and secure your company Adopt effective counter-measures to keep hackers at bay By working from the social engineer's playbook, you gain the advantage of foresight that can help you protect yourself and others from even their best efforts. Social Engineering gives you the inside information you need to mount an unshakeable defense.
Nobody wants to shell out a lot of money for something theyll use once or, with any luck, never. But thats where most corporations find themselves today. Network managers see disaster recovery as outside their jurisdiction, and therefore as a competitor for system resources. External incentives to deploy disaster recovery from customers and partners may be pressing, but internal incentives are working against them.
Bitcoin has been hailed as an Internet marvel and decried as the preferred transaction vehicle for criminals. It has left nearly everyone without a computer science degree confused: how do you "mine" money from ones and zeros? The answer lies in a technology called blockchain. A general-purpose tool for creating secure, decentralized, peer-to-peer applications, blockchain technology has been compared to the Internet in both form and impact. Blockchains are being used to create "smart contracts," to expedite payments, to make financial instruments, to organize the exchange of data and information, and to facilitate interactions between humans and machines. But by cutting out the middlemen, they run the risk of undermining governmental authorities' ability to supervise activities in banking, commerce, and the law. As this essential book makes clear, the technology cannot be harnessed productively without new rules and new approaches to legal thinking. "Attempts to do for blockchain what the likes of Laurence Lessig and Tim Wu did for the Internet and cyberspace-explain how a new technology will upend the current legal and social order...Blockchain and the Law is not just a theoretical guide. It's also a moral one." -Fortune "Perfectly links technical understanding with practical and legal implications. Blockchains will matter crucially; this book, beautifully and clearly written for a wide audience, powerfully demonstrates how." -Lawrence Lessig "If you...don't `get' crypto, this is the book-length treatment for you." -Tyler Cowen, Marginal Revolution
Commercial, personal and sensitive information is very hard to keep secure, and technological solutions are not the only answer. In today's technology-driven environment, there is an ever-increasing demand for information delivery on various devices in the office, at home and in public places. A compromise has to be struck between security of information and its availability. This book provides significant first steps along the path of dealing with information assurance in a realistic and comprehensive manner. The second edition has been expanded to include the security of cloud-based resources. The remainder of the contents have been reviewed and reordered to reflect the changes to the BCS Certification in Information Security Management Principles which the book supports. "The security of personal information has never been of greater concern to the public. The BCS provides valuable leadership in this area and this is a timely contribution to a vital process" (Richard Thomas, Information Commissioner). (Review of previous edition)
The only official CCSP practice test product endorsed by (ISC) With over 1,000 practice questions, this book gives you the opportunity to test your level of understanding and gauge your readiness for the Certified Cloud Security Professional (CCSP) exam long before the big day. These questions cover 100% of the CCSP exam domains, and include answers with full explanations to help you understand the reasoning and approach for each. Logical organization by domain allows you to practice only the areas you need to bring you up to par, without wasting precious time on topics you've already mastered. As the only official practice test product for the CCSP exam endorsed by (ISC) , this essential resource is your best bet for gaining a thorough understanding of the topic. It also illustrates the relative importance of each domain, helping you plan your remaining study time so you can go into the exam fully confident in your knowledge. When you're ready, two practice exams allow you to simulate the exam day experience and apply your own test-taking strategies with domains given in proportion to the real thing. The online learning environment and practice exams are the perfect way to prepare, and make your progress easy to track.
This value-packed packed set for the serious CISSP certification candidate combines the bestselling (ISC) CISSP Certified Information Systems Security Professional Official Study Guide, 8th Edition with an all new collection of Practice Exams to give you the best preparation ever for the high-stakes CISSP Exam. (ISC) CISSP Study Guide, 8th Edition has been completely updated for the latest 2018 CISSP Body of Knowledge. This bestselling Sybex study guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions. Along with the book, you also get access to Sybex's superior online interactive learning environment that includes four unique 250 question practice exams to help you identify where you need to study more, more than 650 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam, a searchable glossary in PDF to give you instant access to the key terms you need to know for the exam. Add to that the all-new (ISC) CISSP Certified Information Systems Security Professional Official Practice Tests, 2nd edition with 2 more complete 250-question exams and another 100 questions for each of the 8 domains and you'll be as ready as you can be for the CISSP exam. Coverage of all of the exam topics in each book means you'll be ready for: Security and Risk Management Asset Security Security Engineering Communication and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security
There are an estimated 8.7 billion devices currently connected to the Internet - and each one is a threat to its owner. Computers and computer systems rule our lives, and it is impossible to imagine life without them. But as society has become evermore dependent, both economically and politically, on the electronic flow of information, it has made us vulnerable to the real and destabilizing threat of cyber attack - the extremes of which could see us having to exist without power, vital resources and communications. Confronting this terrifying reality, Cyber Attack explores the digital dangers we face and examines the extremes they could reach. The book also investigates who is responsible and what can be done to protect us. Cyber Attack is written by bestselling author Paul Day, a former hacker turned leading computer security expert, and covers all areas of digital menace. What you learn in this book will make you think again next time you make an online transaction or send sensitive information from your smart phone. "The extent of what is going on is astonishing - with industrial size processes involving many thousands of people lying behind state-sponsored cyber espionage and organised cyber crime" Jonathan Evans, former Director General of MI5.
Resources designed to support learners of the 2010 BTEC Level 3 National IT specification*. Extensive unit coverage: Student Book 1 covers 14 units including all the mandatory units, giving learners the breadth to tailor the course to their needs and interests, when combined with Student Book 2. Functional Skills and Personal Learning and Thinking Skills are embedded in activities throughout the book. WorkSpace case studies take learners into the real world of work, showing them how they can apply their knowledge in a real-life context.
You may like...
Programming with STM32: Getting Started…
Donald Norris Paperback
Andreas Antonopoulos, Gavin Wood Paperback
Crafting an Information Security…
Jeff Bollinger, Brandon Enright, … Paperback
The Official (ISC)2 Guide to the SSCP…
Adam Gordon, Steven Hernandez Hardcover
(ISC)2 SSCP Systems Security Certified…
Mike Wills Paperback
Intelligence-Driven Incident Response
Scott Roberts, Rebekah Brown Paperback
CEH v9 - Certified Ethical Hacker…
Raymond Blockmon Paperback
Security Intelligence - A Practitioner's…
Qing Li, Gregory Clark Paperback
70-220 ALS Designing Microsoft (R…
Microsoft Official Academic Course Hardcover R1,017 Discovery Miles 10 170
CISSP All-in-One Exam Guide, Eighth…
Shon Harris, Fernando Maymi Paperback