Computer networking and communications Books
CompTIA Cloud Guide to Cloud Computing
Book SynopsisWest's COMPTIA CLOUD+ GUIDE TO CLOUD COMPUTING, 2nd Edition, prepares you for certification exam and career success. Fully updated content maps to objectives of the CompTIA Cloud+ (CVO-003) exam, which now has less emphasis on physical host configuration and more emphasis on cloud infrastructure, management and security. Each module in the second edition is packed with enriching features such as self-check questions, group activities and capstone projects that enable you to sharpen your new skills and knowledge through real design and deployment scenarios. You also can work with three popular cloud platforms: AWS (Amazon Web Services), Microsoft Azure and GCP (Google Cloud Platform). Live virtual machine labs, auto-graded quizzes, videos and hands-on projects in the MindTap digital learning platform provide additional preparation to maximize your success on the exam and well beyond.Table of Contents1. Introduction to Cloud Computing. 2. Virtual Hardware. 3. Migration to the Cloud. 4. Cloud Networking. 5. Cloud Connectivity and Troubleshooting. 6. Securing Cloud Resources. 7. Identity and Access Management. 8. Cloud Storage. 9. Managing Cloud Performance. 10. Cloud Automation.
£60.99
Pearson Education (US) LISP Network, The: Evolution to the
Book SynopsisIn an era of ubiquitous clouds, virtualization, mobility, and the Internet of Things, information and resources must be accessible anytime, from anywhere. Connectivity to devices and workloads must be seamless even when people move: location must be fully independent of device identity. The LISP protocol makes all this possible. LISP is address-family agnostic, so it can encapsulate any protocol within another, and route across virtually any network. LISP applications include very-large-scale virtualization for WANs and multi-tenant data centers; host mobility and location services across data centers; advanced mobile networks; ad-hoc networks; IPv6 enablement, seamless site multi-homing; workload mobility; cellular mobility; multicast and traffic engineering, and more. The LISP Network is the first comprehensive, in-depth guide to LISP concepts, architecture, techniques, and applications. Co-authored by LISP co-creator Dino Farinacci and two pioneering developers of Cisco's LISP implementation, this guide will help you plan and implement LISP in any data center, WAN edge, or service provider core network. Largely implementation-agnostic, this book offers actionable answers to questions such as: What problems does LISP address, and how does it address them? How does LISP work? What are LISP's applications, and how do you architect LISP solutions for each application? How does LISP fit with SDN, IoT, and IPv6? What is LISP's future? The LISP Network concludes with detailed deployment case studies of several LISP applications, each drawn from the authors' pioneering experience.Table of Contents 1. LISP and the Future of Networking 2. LISP Architecture 3. LISP Unicast Handling Fundamentals 4. LISP Multicasting Fundamentals 5. Traffic Engineering and LISP 6. LISP Host Mobility 7. LISP Network Virtualization/Multi-tenancy 8. LISP and the Multi-homed Internet Edge 9. Programmability, Policy and LISP: Integration and Application 10. LISP and the Internet of Things 11. LISP Application Deployment, Configuration and Troubleshooting
£39.59
Pearson Education AI Data Center Network Design and Technologies
a huge range and FREE tracked UK delivery on ALL orders.
£49.39
John Wiley & Sons Inc The Network Security Test Lab
Book SynopsisThe ultimate hands-on guide to IT security and proactive defense The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You''ll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You''ll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on Table of ContentsIntroduction xxi Chapter 1 Building a Hardware and Software Test Platform 1 Why Build a Lab? 2 Hardware Requirements 4 Physical Hardware 5 Equipment You Already Have 6 New Equipment Purchases 7 Used Equipment Purchases 7 Online Auctions 8 Thrift Stores 9 Company Sales 10 Virtual Hardware 10 VMware 12 VirtualBox 15 Hacker Hardware 16 Software Requirements 18 Operating Systems 19 Microsoft Windows 19 Linux 20 Navigating in Linux 23 Linux Basics 25 Mac Os X 28 Software and Applications 28 Learning Applications 29 Hacking Software 31 Summary 32 Key Terms 33 Exercises 34 Equipment Checklist 34 Installing VMware Workstation 35 Exploring Linux Operating System Options 35 Using VMware to Build a Windows Image 35 Using VMware Converter to Create a Virtual Machine 36 Exploring Other Operating System Options 37 Running Kali from VMware 37 Installing Tools on Your Windows Virtual Machine 38 Chapter 2 Passive Information Gathering 39 Starting at the Source 40 Scrutinizing Key Employees 43 Dumpster Diving (Electronic) 45 Analyzing Web Page Coding 48 Exploiting Website Authentication Methods 51 Mining Job Ads and Analyzing Financial Data 53 Using Google to Mine Sensitive Information 56 Exploring Domain Ownership 57 Whois 59 Regional Internet Registries 61 Domain Name System 63 Identifying Web Server Software 66 Web Server Location 69 Summary 70 Key Terms 70 Exercises 72 IP Address and Domain Identification 72 Information Gathering 72 Google Hacking 74 Banner Grabbing 74 Telnet 75 Netcat 75 VisualRoute 76 Chapter 3 Analyzing Network Traffic 77 Why Packet Analysis Is Important 77 How to Capture Network Traffic 78 Promiscuous Mode 78 Hubs and Switches 79 Hubbing Out and Using Taps 79 Switches 79 Capturing Network Traffic 82 Managed and Unmanaged Switches 83 ARP Cache Poisoning 85 Flooding 91 DHCP Redirection 92 Redirection and Interception with ICMP 94 Preventing Packet Capture 94 Dynamic Address Inspection 95 DHCP Snooping 95 Preventing VLAN Hopping 96 Detecting Packet Capture 97 Wireshark 99 Wireshark Basics 99 Filtering and Decoding Traffic 102 Basic Data Capture—A Layer-by-Layer Review 108 Physical—Data-Link Layer 108 Network-Internet Layer 110 Transport—Host-Host Layer 111 Application Layer 115 Other Network Analysis Tools 115 Summary 118 Key Terms 118 Exercises 119 Fun with Packets 119 Packet Analysis with tcpdump 120 Packet Filters 121 Making a One-Way Data Cable 122 Chapter 4 Detecting Live Systems and Analyzing Results 125 TCP/IP Basics 125 The Network Access Layer 127 The Internet Layer 128 The Host-to-Host Layer 132 Transmission Control Protocol 132 User Datagram Protocol 134 The Application Layer 134 Detecting Live Systems with ICMP 138 ICMP—Ping 138 Traceroute 142 Port Scanning 147 TCP and UDP Port Scanning 147 Advanced Port-Scanning Techniques 151 Idle Scan 151 Analyzing Port Scans 155 Port-Scanning Tools 156 Nmap 157 SuperScan 160 Other Scanning Tools 161 OS Fingerprinting 161 Passive Fingerprinting 162 Active Fingerprinting 164 How Nmap OS Fingerprinting Works 165 Scanning Countermeasures 167 Summary 171 Key Terms 171 Exercises 172 Understanding Wireshark 172 Interpreting TCP Flags 174 Performing an ICMP Packet Decode 175 Port Scanning with Nmap 176 Traceroute 177 An Analysis of a Port Scan 178 OS Fingerprinting 179 Chapter 5 Enumerating Systems 181 Enumeration 181 Router and Firewall Enumeration 182 Router Enumeration 182 Firewall Enumeration 187 Router and Firewall Enumeration Countermeasures 191 Windows Enumeration 191 Server Message Block and Interprocess Communication 194 Enumeration and the IPC$ Share 195 Windows Enumeration Countermeasures 195 Linux/Unix Enumeration 196 Enumeration of Application Layer Protocols 197 Simple Network Management Protocol 197 SNMP Enumeration Countermeasures 200 Enumeration of Other Applications 200 Advanced Enumeration 202 SCADA Systems 202 User Agent Strings 210 Mapping the Attack Surface 213 Password Speculation and Cracking 213 Sniffing Password Hashes 216 Exploiting a Vulnerability 218 Protecting Passwords 221 Summary 221 Key Terms 222 Exercises 223 SNMP Enumeration 223 Enumerating Routing Protocols 225 Enumeration with DumpSec 227 Identifying User Agent Strings 227 Browser Enumeration 229 Chapter 6 Automating Encryption and Tunneling Techniques 231 Encryption 232 Secret Key Encryption 233 Data Encryption Standard 235 Triple DES 236 Advanced Encryption Standard 237 One‐Way Functions (Hashes) 237 md Series 238 Sha 238 Public Key Encryption 238 Rsa 239 Diffie‐Hellman 239 El Gamal 240 Elliptic Curve Cryptography 240 Hybrid Cryptosystems 241 Public Key Authentication 241 Public Key Infrastructure 242 Certificate Authority 242 Registration Authority 242 Certificate Revocation List 243 Digital Certificates 243 Certificate Distribution System 244 Encryption Role in Authentication 244 Password Authentication 245 Password Hashing 246 Challenge‐Response 249 Session Authentication 250 Session Cookies 250 Basic Authentication 251 Certificate‐Based Authentication 251 Tunneling Techniques to Obscure Traffic 252 Internet Layer Tunneling 252 Transport Layer Tunneling 254 Application Layer Tunneling 256 Attacking Encryption and Authentication 259 Extracting Passwords 259 Password Cracking 260 Dictionary Attack 261 Brute‐Force Attack 261 Rainbow Table 263 Other Cryptographic Attacks 263 Summary 264 Key Terms 264 Exercises 266 CrypTool 266 Extract an E‐mail Username and Password 268 RainbowCrack 268 John the Ripper 270 Chapter 7 Automated Attack and Penetration Tools 273 Why Attack and Penetration Tools Are Important 274 Vulnerability Assessment Tools 274 Source Code Assessment Tools 275 Application Assessment Tools 276 System Assessment Tools 276 Attributes of a Good System Assessment Tool 278 Nessus 279 Automated Exploit Tools 286 Metasploit 286 Armitage 287 Metasploit Console 288 Metasploit Command‐Line Interface 289 Updating Metasploit 290 BeEF 290 Core Impact 291 Canvas 292 Determining Which Tools to Use 292 Picking the Right Platform 292 Summary 293 Key Terms 294 Exercises 294 Exploring N‐Stalker, a Vulnerability Assessment Tool 294 Exploring Searchsploit on Kali Linux 295 Metasploit Kali 296 Chapter 8 Securing Wireless Systems 299 Wi-Fi Basics 300 Wireless Clients and NICs 301 Wireless Access Points 302 Wireless Communication Standards 302 Bluetooth Basics 304 Wi-Fi Security 305 Wired Equivalent Privacy 305 Wi-Fi Protected Access 307 802.1x Authentication 309 Wireless LAN Threats 310 Wardriving 310 NetStumbler 312 Kismet 314 Eavesdropping 314 Rogue and Unauthorized Access Points 318 Denial of Service 319 Exploiting Wireless Networks 320 Finding and Assessing the Network 320 Setting Up Airodump 321 Configuring Aireplay 321 Deauthentication and ARP Injection 322 Capturing IVs and Cracking the WEP KEY 322 Other Wireless Attack Tools 323 Exploiting Bluetooth 324 Securing Wireless Networks 324 Defense in Depth 325 Misuse Detection 326 Summary 326 Key Terms 327 Exercises 328 Using NetStumbler 328 Using Wireshark to Capture Wireless Traffic 329 Chapter 9 An Introduction to Malware 331 History of Malware 331 Types of Malware 334 Viruses 334 Worms 337 Logic Bombs 338 Backdoors and Trojans 338 Packers, Crypters, and Wrappers 340 Rootkits 343 Crimeware Kits 345 Botnets 347 Advanced Persistent Threats 350 Spyware and Adware 350 Common Attack Vectors 351 Social Engineering 351 Faking It! 352 Pretending through Email 352 Defenses against Malware 353 Antivirus 353 File Integrity Verification 355 User Education 355 Summary 356 Key Terms 356 Exercises 357 Virus Signatures 357 Building Trojans 358 Rootkits 358 Finding Malware 362 Chapter 10 Detecting Intrusions and Analyzing Malware 365 An Overview of Intrusion Detection 365 IDS Types and Components 367 IDS Engines 368 An Overview of Snort 370 Platform Compatibility 371 Limiting Access to the IDS 371 Verification of Configuration 372 Building Snort Rules 373 The Rule Header 374 Logging with Snort 375 Rule Options 376 Advanced Snort: Detecting Buffer Overflows 377 Responding to Attacks and Intrusions 379 Analyzing Malware 381 Tracking Malware to Its Source 382 Identifying Domains and Malicious Sites 382 Building a Testbed 386 Virtual and Physical Targets 386 Operating Systems 387 Network Isolation 387 Testbed Tools 388 Malware Analysis Techniques 390 Static Analysis 390 Dynamic Analysis 394 Summary 397 Key Terms 397 Exercises 398 Building a Snort Windows System 398 Analyzing Malware Communication 400 Analyzing Malware with VirusTotal 401 Chapter 11 Forensic Detection 403 Computer Forensics 404 Acquisition 405 Drive Removal and Hashing 407 Drive-Wiping 409 Logical and Physical Copies 410 Logical Copies 411 Physical Copies 411 Imaging the Drive 412 Authentication 413 Trace-Evidence Analysis 416 Browser Cache 418 Email Evidence 419 Deleted or Overwritten Files and Evidence 421 Other Trace Evidence 422 Hiding Techniques 422 Common File-Hiding Techniques 423 Advanced File-Hiding Techniques 425 Steganography 426 Detecting Steganographic Tools 429 Antiforensics 430 Summary 431 Key Terms 431 Exercises 432 Detecting Hidden Files 432 Basic File-Hiding 432 Advanced File-Hiding 433 Reading Email Headers 433 Use S-Tools to Embed and Encrypt a Message 435 Index 439
£37.05
Manning Publications Microsoft Azure in Action
Book SynopsisLars Klint is a Microsoft MVP, international speaker, and veteran Azure instructor known for turning cloud confusion into clarity. With two decades in software development, Lars brings wit, community passion, and hard-won field experience to every page. He distills complex Azure know-how into step-by-step guidance that empowers developers to ship confidently in the cloud.
£40.49
John Wiley & Sons Cybersecurity For Dummies
Book Synopsis
£19.54
Cambridge University Press Partially Observed Markov Decision Processes
Book SynopsisCovering formulation, algorithms and structural results and linking theory to real-world applications in controlled sensing (including social learning, adaptive radars and sequential detection), this book focuses on the conceptual foundations of partially observed Markov decision processes (POMDPs). It emphasizes structural results in stochastic dynamic programming, enabling graduate students and researchers in engineering, operations research, and economics to understand the underlying unifying themes without getting weighed down by mathematical technicalities. In light of major advances in machine learning over the past decade, this edition includes a new Part V on inverse reinforcement learning as well as a new chapter on non-parametric Bayesian inference (for Dirichlet processes and Gaussian processes), variational Bayes and conformal prediction.
£85.49
Pearson Education (US) CCNP and CCIE Collaboration Core CLCOR 350801
Book SynopsisAnyone who has worked with Jason Ball or has sat in one of his classes knows that his enthusiasm for collaboration is matched only by his engaging zeal for teaching. Jason currently works for Cisco on the Learning & Certifications team, helping manage all the collaboration certification learning content. He has been operating as a collaboration engineer since 2009 and holds 19 different certifications, including a CCNP Collaboration certification and a Cisco Certified Systems Instructor (CCSI) certification. He has been teaching Cisco Voice, Video, and Collaboration certification courses for as many years as he has been involved with Cisco. Some of his accomplishments include serving as a subject matter expert (SME), developing certification content, performing installations of many Cisco UCS servers with collaboration VMs, and performing as a consultant and technical instructor for many years as well. He also co-wrote the CCNA CollaborationTable of Contents Introduction xxxiv Part I AV Fundamentals 3 Chapter 1 Introduction to Collaboration 4 “Do I Know This Already?” Quiz 4 Foundation Topics 6 Audio Communication 6 Video Communication 8 Unified Communication 10 Driving Change in the Industry 11 Exam Preparation Tasks 13 Review All Key Topics 13 Define Key Terms 14 Q&A 14 Chapter 2 Audio Basics 16 “Do I Know This Already?” Quiz 17 Foundation Topics 19 Basic Understanding of Sound 19 Analog vs. Digital Signals 23 ITU Audio Encoding Formats 27 Exam Preparation Tasks 30 Review All Key Topics 30 Define Key Terms 30 Q&A 30 Chapter 3 Video Basics 32 “Do I Know This Already?” Quiz 33 Foundation Topics 35 Basic Understanding of Light 35 Capturing and Cameras 39 Standard Video Codecs 45 Video Container Formats and Codecs 47 Exam Preparation Tasks 49 Review All Key Topics 50 Define Key Terms 50 Q&A 50 Chapter 4 Collaboration Endpoint Components and Environment 52 “Do I Know This Already?” Quiz 53 Foundation Topics 55 Physical Components 55 Sound Behavior 57 Light Behavior 70 Exam Preparation Tasks 81 Review All Key Topics 81 Define Key Terms 82 Q&A 82 Chapter 5 Communication Protocols 84 “Do I Know This Already?” Quiz 85 Foundation Topics 88 PSTN Communication 88 H.323 Communication 91 SIP Communication 95 NAT and Firewall Traversal Solutions 102 Exam Preparation Tasks 109 Review All Key Topics 109 Define Key Terms 110 Q&A 110 Chapter 6 Cisco Solution for Converged Collaboration 112 “Do I Know This Already?” Quiz 114 Foundation Topics 116 Introduction to Cisco Endpoints 116 Introduction to Cisco Call Control 119 Introduction to Cisco Applications 126 Designing a Cisco Collaboration Solution 130 Exam Preparation Tasks 146 Review All Key Topics 146 Define Key Terms 147 Command Reference to Check Your Memory 148 Q&A 148 Part II Endpoints 151 Chapter 7 Cisco Unified Communications Phones 152 “Do I Know This Already?” Quiz 152 Foundation Topics 154 7800 Series Phones 154 8800 Series Phones 157 Software Versions for Phones 160 Exam Preparation Tasks 161 Review All Key Topics 161 Define Key Terms 162 Q&A 162 Chapter 8 Cisco Telepresence Endpoints 164 “Do I Know This Already?” Quiz 165 Foundation Topics 167 CE Software 167 DX Series 171 SX Series 172 MX Series 176 Webex Series 179 Webex Desk Series Endpoints 189 Exam Preparation Tasks 192 Review All Key Topics 192 Define Key Terms 193 Q&A 193 Chapter 9 Endpoint Registration 194 “Do I Know This Already?” Quiz 195 Foundation Topics 197 SIP Registration to the Cisco Unified Communications Manager 197 SIP Registration to Expressway Core 218 H.323 Registration to the Expressway Core 225 Exam Preparation Tasks 229 Review All Key Topics 229 Define Key Terms 230 Command Reference to Check Your Memory 230 Q&A 232 Chapter 10 Call Settings on Cisco CE Software-Based Endpoints 234 “Do I Know This Already?” Quiz 235 Foundation Topics 237 Calling Options 237 Content Sharing Options 246 Other Features 248 Exam Preparation Tasks 259 Review All Key Topics 259 Define Key Terms 260 Q&A 260 Chapter 11 Maintaining Cisco Endpoints 262 “Do I Know This Already?” Quiz 262 Foundation Topics 264 Upgrading Endpoints 264 Backing Up and Restoring CE Software-Based Endpoints 270 Exam Preparation Tasks 276 Review All Key Topics 276 Define Key Terms 277 Q&A 277 Part III Network Requirements for Collaboration Deployments 279 Chapter 12 Cisco Core Network Components 280 “Do I Know This Already?” Quiz 281 Foundation Topics 283 LAN, WAN, and Wireless LAN 283 Gateways 295 Exam Preparation Tasks 302 Review All Key Topics 302 Define Key Terms 302 Q&A 303 Chapter 13 Layer 2 and Layer 3 QoS Parameters 304 “Do I Know This Already?” Quiz 306 Foundation Topics 309 QoS-Related Issues 309 Class Models for Provisioning QoS 311 QoS Requirements 315 Traffic Classifications 319 Configure and Verify LLQ 322 Exam Preparation Tasks 328 Review All Key Topics 328 Define Key Terms 328 Command Reference to Check Your Memory 329 Q&A 331 Chapter 14 DNS, NTP, and SNMP 332 “Do I Know This Already?” Quiz 333 Foundation Topics 334 DNS Settings 334 NTP Settings 339 SNMP Settings 340 Exam Preparation Tasks 342 Review All Key Topics 342 Define Key Terms 343 Q&A 343 Part IV Call Control Mechanisms 345 Chapter 15 Cisco Unified Communications Manager Setup 346 “Do I Know This Already?” Quiz 347 Foundation Topics 349 Services 349 Enterprise Parameters 353 Service Parameters 355 Other Settings 357 Codec Negotiations Using Regions 364 Exam Preparation Tasks 367 Review All Key Topics 367 Define Key Terms 368 Q&A 368 Chapter 16 LDAP Integration with Cisco Unified Communications Manager 370 “Do I Know This Already?” Quiz 371 Foundation Topics 373 Application Users and End Users 373 Cisco Unified Communications Directory Architecture 376 LDAP Synchronization 377 LDAP Authentication 389 Exam Preparation Tasks 393 Review All Key Topics 393 Define Key Terms 393 Q&A 393 Chapter 17 Registering SIP Endpoints to the Cisco Unified Communications Manager 394 “Do I Know This Already?” Quiz 395 Foundation Topics 397 Bulk Administration Tool (BAT) 407 Device Onboarding with Activation Codes 414 Exam Preparation Tasks 420 Review All Key Topics 420 Define Key Terms 421 Q&A 422 Chapter 18 Cisco Unified Communications Manager Call Admission Control (CAC) 424 “Do I Know This Already?” Quiz 425 Foundation Topics 427 Endpoint Addressing 427 Call Privileges 435 Call Coverage 446 Exam Preparation Tasks 454 Review All Key Topics 454 Define Key Terms 454 Q&A 454 Chapter 19 Configuring Globalized Call Routing in Cisco Unified Communications Manager 456 “Do I Know This Already?” Quiz 457 Foundation Topics 458 Call Routing and Path Selection 458 Digit Manipulation 471 Exam Preparation Tasks 473 Review All Key Topics 473 Define Key Terms 474 Q&A 474 Part V Edge Services 477 Chapter 20 Introduction to Cisco Edge Services 478 “Do I Know This Already?” Quiz 479 Foundation Topics 480 Cisco Expressway 480 Cisco Voice Gateway Elements 483 Cisco Unified Border Element 485 Exam Preparation Tasks 486 Review All Key Topics 486 Define Key Terms 487 Q&A 487 Chapter 21 Mobile and Remote Access (MRA) 488 “Do I Know This Already?” Quiz 489 Foundation Topics 492 Requirements for MRA 492 Cisco Unified Communications Manager Settings for MRA 498 TLS Verify Requirements 501 Initializing MRA on Expressway Servers 511 Collaboration Traversal Zones and Search Rules 515 Device Onboarding with Activation Codes over MRA 518 Exam Preparation Tasks 523 Review All Key Topics 523 Define Key Terms 524 Q&A 524 Part VI Webex Calling 527 Chapter 22 Components of the Webex Solution 528 “Do I Know This Already?” Quiz 529 Foundation Topics 531 Webex Meeting 531 Webex Messaging 533 Webex Calling 535 Exam Preparation Tasks 537 Review All Key Topics 538 Define Key Terms 538 Q&A 538 Chapter 23 Adding Users and Devices in the Webex Control Hub 540 “Do I Know This Already?” Quiz 541 Foundation Topics 543 Webex Control Hub Overview 543 Methods of Adding Users to Webex Control Hub 556 Directory Connector Configuration 566 Add Unified IP Phones to Webex Control Hub 570 Add Webex Endpoints to Webex Control Hub 575 Exam Preparation Tasks 578 Review All Key Topics 578 Define Key Terms 579 Q&A 579 Chapter 24 Webex Calling Options 580 “Do I Know This Already?” Quiz 581 Foundation Topics 583 PSTN Options for Webex Calling 583 Routers Supporting Local Gateway 588 Deployment Scenarios for the Local Gateway 593 Exam Preparation Tasks 599 Review All Key Topics 599 Define Key Terms 599 Q&A 599 Chapter 25 Webex Calling Features 600 “Do I Know This Already?” Quiz 600 Foundation Topics 602 Admin-Configurable Features 602 User-Configurable Features 620 Exam Preparation Tasks 629 Review All Key Topics 629 Define Key Terms 630 Q&A 630 Chapter 26 Webex Calling Using a Local Gateway 632 “Do I Know This Already?” Quiz 633 Foundation Topics 635 Webex Control Hub Settings 635 Router Configuration 644 Exam Preparation Tasks 651 Review All Key Topics 652 Define Key Terms 652 Command Reference to Check Your Memory 652 Q&A 657 Part VII Collaboration Applications 659 Chapter 27 Understanding Cisco Unity Connection 660 “Do I Know This Already?” Quiz 661 Foundation Topics 662 Cisco Unity Connection Integration 662 Cisco Unity Connection System Settings 666 Cisco Unity Connection Call Handlers 667 Cisco Unity Connection Call Routing 668 Cisco Unity Connection Distribution Lists 670 Cisco Unity Connection Authentication Rules 670 Cisco Unity Connection Dial Plan 671 Exam Preparation Tasks 671 Review All Key Topics 671 Define Key Terms 672 Q&A 672 Chapter 28 Cisco Unity Connection End-User and Voice Mailbox 674 “Do I Know This Already?” Quiz 675 Foundation Topics 677 Cisco Unity Connection End-User Templates 677 User Templates Basics 681 Default Class of Service 683 Password Settings and Roles 684 Transfer Rules and Greetings 685 Call Actions 686 Message Actions and Caller Input 687 TUI Experience 689 Cisco Unity Connection End Users 690 Cisco Unity Connection Voice Mailboxes 696 Exam Preparation Tasks 698 Review All Key Topics 698 Define Key Terms 699 Q&A 699 Chapter 29 Deploying the Webex Application 700 “Do I Know This Already?” Quiz 701 Foundation Topics 703 Webex App Overview 703 Register Webex App to Cisco Unified Communications Manager 708 Migrate Cisco Jabber Clients to Webex App 715 Exam Preparation Tasks 721 Review All Key Topics 721 Define Key Terms 721 Q&A 721 Part VIII Troubleshooting Collaboration Components 723 Chapter 30 Troubleshooting Endpoints 724 “Do I Know This Already?” Quiz 725 Foundation Topics 727 Accessing Logs on Cisco Unified IP Phones 727 Accessing Logs on CE Software-Based Endpoints 729 Call Signaling and Quality 734 Troubleshooting Cisco Jabber 749 Exam Preparation Tasks 753 Review All Key Topics 753 Define Key Terms 754 Q&A 754 Chapter 31 Cisco Unified Communications Manager Reports 756 “Do I Know This Already?” Quiz 756 Foundation Topics 758 Dialed Number Analyzer 758 CAR Tool 760 CDR and CMR Logs on CUCM 763 Exam Preparation Tasks 770 Review All Key Topics 771 Define Key Terms 771 Q&A 771 Chapter 32 Real-Time Monitoring Tool (RTMT) 772 “Do I Know This Already?” Quiz 772 Foundation Topics 774 Cisco Unified RTMT Overview 774 Monitor Systems with RTMT 778 Monitor the CUCM with RTMT 783 Exam Preparation Tasks 787 Review All Key Topics 787 Define Key Terms 788 Q&A 788 Chapter 33 Understanding the Disaster Recovery System 790 “Do I Know This Already?” Quiz 790 Foundation Topics 792 Disaster Recovery System Overview 792 Backup Cisco Unified Communications Solutions 794 Restore Cisco Unified Communications Solutions 797 Exam Preparation Tasks 799 Review All Key Topics 799 Define Key Terms 799 Q&A 799 Chapter 34 Monitoring Voicemail in Cisco Unity Connection 800 “Do I Know This Already?” Quiz 800 Foundation Topics 802 Generate Reports on Cisco Unity Connection 802 Generate Reports in Cisco Unified Serviceability 808 Use Reports for Troubleshooting and Maintenance 810 Exam Preparation Tasks 814 Review All Key Topics 814 Define Key Terms 815 Q&A 815 Part IX Final Preparation 817 Chapter 35 Final Preparation 818 Hands-on Activities 818 Suggested Plan for Final Review and Study 818 Summary 819 Part X Exam Updates 821 Chapter 36 CCNP and CCIE Collaboration Core (CLCOR) 350-801 Exam Updates 822 The Purpose of This Chapter 822 News about the Next Exam Release 824 Updated Technical Content 824 Part XI Appendices 827 Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 828 Glossary 859 Online Elements Part XII Online Appendices Appendix B Memory Tables Appendix C Memory Tables Answer Key Appendix D Study Planner 9780138200947, TOC, 9/26/23
£52.43
Pearson Education Cisco ThousandEyes
Book SynopsisAaron Trompeter is a technical solutions architect within the ThousandEyes global enterprise segment at Cisco, focusing on visibility and operational awareness for onprem, SaaS, and cloud native. In this role, he aligns his passion for education and learning with his motivation for helping the infrastructure community grow and learn to harness tools to provide use cases that fit each organization. Prior to this role, Aaron spent 6 years as a data center TSA within Cisco and had a few other roles within Cisco as a service provider specialist and software engineer in the Cloud Engineering unit. Aaron has more than 20 years of experience in the IT and engineering areas and has continued to focus on networking and software. Rob Webb began his technical career when, at 17 years old, he enlisted in the military as a teletype technician. His military service spanned more than 28 years, during which time he trained and worked in telecommunications sy
£43.19
Cengage Learning, Inc Linux+ and LPIC-1 Guide to Linux Certification
Book SynopsisEckert's LINUX+ and LPIC-1 GUIDE TO LINUX CERTIFICATION, 6th EDITION, empowers you with the knowledge and skills you need to succeed on CompTIA's Linux��+ (XKO-005) certification exam and the Linux Professional Institute LPIC-1 (101-500 and 102-500) certification exams, as well as in your information technology career. The book covers the latest Linux�� distributions, as well as virtualization, containerization, cloud orchestration and enterprise storage. Comprehensive coverage also addresses key job-related services and cloud technologies, including firewalls, FTP, NFS, Samba, Apache, DNS, DHCP, NTP, Postfix, PostgreSQL, SSH, VNC, RDP, Docker and Kubernetes. Appendices allow you to apply your Linux knowledge to macOS�� and FreeBSD��. Hands-on projects give you practice using the latest Fedora��� and Ubuntu�� Linux�� distributions and can be performed on either a Windows�� PC (Intel�� or ARM��) or macOS�� PC (Intel�� or Apple�� Silicon).Table of Contents1. Introduction to Linux��. 2. Linux�� Installation and Usage. 3. Exploring Linux�� Filesystems. 4. Linux�� Filesystem Management. 5. Linux�� Filesystem Administration. 6. Linux�� Server Deployment. 7. Working with the Shell. 8. System Initialization, X Windows, and Localization. 9. Managing Linux�� Processes. 10. Common Administrative Tasks. 11. Compression, System Backup, and Software Installation. 12. Network Configuration. 13. Configuring Network Services and Cloud Technologies. 14. Security, Troubleshooting, and Performance. Appendix A: Certification. Appendix B: Finding Linux Resources on the Internet. Appendix C: Applying Your Linux�� Knowledge to macOS��. Appendix D: Applying Your Linux�� Knowledge to FreeBSD��.
£72.99
John Wiley & Sons Inc If Its Smart Its Vulnerable
Book SynopsisTable of ContentsForeword: Jeff Moss xiii Preface xvii Saab 9000 Turbo xxi The Good and the Bad of the Internet 1 Prehistoric Internet 2 The First Websites 5 Linux Is the World’s Most Important System 7 iPhone vs. Supercomputer 10 Online Communities 11 Money Is Data 13 Codes All Around Us 14 Geopolitics 17 Security Tetris 21 Who Are We Fighting? 24 Schoolboys 24 Spammer 26 Professional Cybercrime Groups 28 Extremists 29 The Rolex 30 Malware—Then, Now, and in the Near Future 33 The History of Malware 34 Viruses on Floppies 34 Brain.A 35 File Viruses 43 Macro Viruses 43 Email Worms 45 Internet Worms 46 The Virus Wars 49 Web Attacks 51 Mobile Phone Viruses 51 Worms on Social Media 54 Smartphones and Malware 55 Law Enforcement Malware 57 Case R2D2 58 Cracking Passwords 59 When a Hacker Spilled Her Coffee 60 Ransomware Trojans 61 The History of Ransomware Trojans 61 Cryptolocker 64 Honest Criminals 65 Notpetya 65 Case Maersk 67 Wannacry 71 My Week with Wannacry 72 Targeted Ransomware Trojans 76 Ransomware Trojans v2 77 The Human Element 79 The Two Problems 80 The Heist 82 CEO Fraud 89 Touring the Headquarters 92 Protecting Company Networks 95 Zero Trust 100 Bug Bounties 101 Wi- Fi Terms of Use 110 Mikko’s Tips 112 Mikko’s Tips for the Startup Entrepreneur 114 Boat for Sale 118 What If the Network Goes Down? 121 Electrical Networks 122 Security in Factories 124 A Search Engine for Computers 126 Slammer 128 Hypponen’s Law 130 Dumb Devices 132 Regulation 134 Car Software Updates 136 Online Privacy 137 Life Without Google 138 Murder Charges Never Expire 139 Is Google Listening to You? 142 Gorillas 143 Startup Business Logic 145 Biometrics 147 Antisocial Media 149 Online Influencing and Elections 151 Privacy Is Dead 153 Before and After Gmail 156 Encryption Techniques 160 Perfect Encryption 160 Unbreakable Encryption 161 Criminal Use of Encryption Systems 162 Data Is The New Uranium 166 CASE Vastaamo 168 Patient Registry 169 Technologies 170 Vastaamo.tar 171 Extortion Messages 173 The Hunt for the TAR File 175 Innocent Victims 177 Cryptocurrencies 179 The Value of Money 180 Blockchains 181 Blockchain Applications 182 Blockchains and Money 183 The Environmental Impacts of Bitcoin 185 Playing the Market 187 Ethereum, Monero, and Zcash 189 Nft 191 Bitcoin and Crime 193 Border Guards vs. Bitcoin 195 Technology, Espionage, and Warfare Online 199 Cyberweapons 200 Lunch Break at Google 201 Technology and Warfare 202 Under a False Flag 204 Concealability of Cyberweapons 205 The Fog of Cyberwar 207 Case Prykarpattyaoblenergo 211 Case Pyeongchang 213 Governments as Malware Authors 214 Russia and China 216 Case Stuxnet 217 Damage Coverage 226 Explosion at the White House 227 My Boycott of RSA, Inc 229 The Future 233 Artificial Intelligence 234 Wolverines 237 AI Will Take Our Jobs 238 Smart Malware 239 Metaverse 240 The Technology of Warfare 241 “You Are Under Arrest for a Future Murder” 242 Those Who Can Adapt Will Prosper 243 Tesla 245 Trends in Technology 247 Coda 249 Index 251
£18.69
In Easy Steps Rust Programming in easy steps
a huge range and FREE tracked UK delivery on ALL orders.
£16.40
McGraw-Hill Education Data Communications and Networking with TCPIP
Book SynopsisData Communications and Networking, 6th Edition, teaches the principles of networking using TCP/IP protocol suite. It employs a bottom-up approach where each layer in the TCP/IP protocol suite is built on the services provided by the layer below. This edition has undergone a major restructuring to reduce the number of chapters and focus on the organization of TCP/IP protocol suite. It concludes with three chapters that explore multimedia, network management, and cryptography/network security. Technologies related to data communications and networking are among the fastest growing in our culture today, and there is no better guide to this rapidly expanding field than Data Communications and Networking.Table of ContentsChapter 1: IntroductionChapter 2: Physical LayerChapter 3: Data-Link LayerChapter 4: Local Area Networks: LANsChapter 5: Wide Area Networks: WANsChapter 6: Connecting Devices and Virtual LANsChapter 7: Network Layer: Data TransferChapter 8: Network Layer: Routing of PacketsChapter 9: Transport LayerChapter 10: Application LayerChapter 11: MultimediaChapter 12: Network ManagementChapter 13: Cryptography and Network Security
£56.99
John Wiley & Sons Inc Designing the Internet of Things
Book SynopsisExplores the platforms that you can use to develop hardware or software, discusses design concepts that can make your products eye-catching and appealing. This book explains how to combine sensors, servos, robotics, Arduino chips, and more with various networks or the Internet, to create interactive, cutting-edge devices.Trade ReviewAccording to friends of mine who work in the disciplines above, this is an excellent introduction to read through the principles of prototyping through to manufacture and business considerations (Mob76 Outlook, December 2013)Table of ContentsIntroduction 1 PART I: PROTOTYPING 5 Chapter 1: The Internet of Things: An Overview 7 Chapter 2: Design Principles for Connected Devices 21 Chapter 3: Internet Principles 41 Chapter 4: Thinking About Prototyping 63 Chapter 5: Prototyping Embedded Devices 87 Chapter 6: Prototyping the Physical Design 147 Chapter 7: Prototyping Online Components 173 Chapter 8: Techniques for Writing Embedded Code 205 PART II: FROM PROTOTYPE TO REALITY 225 Chapter 9: Business Models 227 Chapter 10: Moving to Manufacture 255 Chapter 11: Ethics 289 Index 311
£16.99
Pearson Education Limited Computer Networking A TopDown Approach Global
Book SynopsisAbout our authors Jim Kurose is a Distinguished University Professor in the College of Information and Computer Sciences at the University of Massachusetts Amherst, where he has been on the faculty since receiving his PhD in computer science from Columbia University. He received a BA in physics from Wesleyan University. He has held a number of visiting scientist positions in the US and abroad, including IBM Research, INRIA and the Sorbonne University in France. He recently completed a 5-year term as Assistant Director at the US National Science Foundation, where he led the Directorate of Computer and Information Science and Engineering in its mission is to uphold the nation's leadership in scientific discovery and engineering innovation. Jim is proud to have mentored and taught an amazing group of students, and to have received a number of awards for his research, teaching and service, including the IEEE Infocom Award, the ACM SIGCOMM Lifetime AchievTable of ContentsChapter 1: Computer Networks and the Internet 1.1 What Is the Internet? 1.1.1 A Nuts-and-Bolts Description 1.1.2 A Services Description 1.1.3 What Is a Protocol? 1.2 The Network Edge 1.2.1 Access Networks 1.2.2 Physical Media 1.3 The Network Core 1.3.1 Packet Switching 1.3.2 Circuit Switching 1.3.3 A Network of Networks 1.4 Delay, Loss, and Throughput in Packet-Switched Networks 1.4.1 Overview of Delay in Packet-Switched Networks 1.4.2 Queuing Delay and Packet Loss 1.4.3 End-to-End Delay 1.4.4 Throughput in Computer Networks 1.5 Protocol Layers and Their Service Models 1.5.1 Layered Architecture 1.5.2 Encapsulation 1.6 Networks Under Attack 1.7 History of Computer Networking and the Internet 1.7.1 The Development of Packet Switching: 1961—1972 1.7.2 Proprietary Networks and Internetworking: 1972—1980 1.7.3 A Proliferation of Networks: 1980—1990 1.7.4 The Internet Explosion: The 1990s 1.7.5 The New Millennium 1.8 Summary Homework Problems and Questions Wireshark Lab Chapter 2: Application Layer 2.1 Principles of Network Applications 2.1.1 Network Application Architectures 2.1.2 Processes Communicating 2.1.3 Transport Services Available to Applications 2.1.4 Transport Services Provided by the Internet 2.1.5 Application-Layer Protocols 2.1.6 Network Applications Covered in This Book 2.2 The Web and HTTP 2.2.1 Overview of HTTP 2.2.2 Non-Persistent and Persistent Connections 2.2.3 HTTP Message Format 2.2.4 User-Server Interaction: Cookies 2.2.5 Web Caching 2.2.6 HTTP/2 2.3 Electronic Mail in the Internet 2.3.1 SMTP 2.3.2 Mail Message Formats 2.3.3 Mail Access Protocols 2.4 DNS–The Internet's Directory Service 2.4.1 Services Provided by DNS 2.4.2 Overview of How DNS Works 2.4.3 DNS Records and Messages 2.5 Peer-to-Peer Applications 2.5.1 P2P File Distribution 2.6 Video Streaming and Content Distribution Networks 2.6.1 Internet Video 2.6.2 HTTP Streaming and DASH 2.6.3 Content Distribution Networks 2.6.4 Case Studies: Netflix and YouTube 2.7 Socket Programming: Creating Network Applications 2.7.1 Socket Programming with UDP 2.7.2 Socket Programming with TCP 2.8 Summary Homework Problems and Questions Socket Programming Assignments Wireshark Labs: HTTP, DNS Chapter 3: Transport Layer 3.1 Introduction and Transport-Layer Services 3.1.1 Relationship Between Transport and Network Layers 3.1.2 Overview of the Transport Layer in the Internet 3.2 Multiplexing and Demultiplexing 3.3 Connectionless Transport: UDP 3.3.1 UDP Segment Structure 3.3.2 UDP Checksum 3.4 Principles of Reliable Data Transfer 3.4.1 Building a Reliable Data Transfer Protocol 3.4.2 Pipelined Reliable Data Transfer Protocols 3.4.3 Go-Back-N (GBN) 3.4.4 Selective Repeat (SR) 3.5 Connection-Oriented Transport: TCP 3.5.1 The TCP Connection 3.5.2 TCP Segment Structure 3.5.3 Round-Trip Time Estimation and Timeout 3.5.4 Reliable Data Transfer 3.5.5 Flow Control 3.5.6 TCP Connection Management 3.6 Principles of Congestion Control 3.6.1 The Causes and the Costs of Congestion 3.6.2 Approaches to Congestion Control 3.7 TCP Congestion Control 3.7.1 Classic TCP congestion Control 3.7.2 Network-Assisted Explicit Congestion Notification and Delay-based Congestion Control 3.7.3 Fairness 3.8 Evolution of transport-layer functionality 3.9 Summary Homework Problems and Questions Programming Assignments Wireshark Labs: Exploring TCP, UDP Chapter 4: The Network Layer: Data Plane 4.1 Overview of Network Layer 4.1.1 Forwarding and Routing: The Network Data and Control Planes 4.1.2 Network Service Models 4.2 What's Inside a Router? 4.2.1 Input Port Processing and Destination-Based Forwarding 4.2.2 Switching 4.2.3 Output Port Processing 4.2.4 Where Does Queuing Occur? 4.2.5 Packet Scheduling 4.3 The Internet Protocol (IP): IPv4, Addressing, IPv6, and More 4.3.1 IPv4 Datagram Format 4.3.2 IPv4 Addressing 4.3.3 Network Address Translation (NAT) 4.3.4 IPv6 4.4 Generalized Forwarding and SDN 4.4.1 Match 4.4.2 Action 4.4.3 OpenFlow Examples of Match-plus-action in Action 4.5 Middleboxes 4.6 Summary Homework Problems and Questions Wireshark Lab: IP Chapter 5: The Network Layer: Control Plane 5.1 Introduction 5.2 Routing Algorithms 5.2.1 The Link-State (LS) Routing Algorithm 5.2.2 The Distance-Vector (DV) Routing Algorithm 5.3 Intra-AS Routing in the Internet: OSPF 5.4 Routing Among the ISPs: BGP 5.4.1 The Role of BGP 5.4.2 Advertising BGP Route Information 5.4.3 Determining the Best Routes 5.4.4 IP-Anycast 5.4.5 Routing Policy 5.4.6 Putting the Pieces Together: Obtaining Internet Presence 5.5 The SDN Control Plane 5.5.1 The SDN Control Plane: SDN Controller and SDN Control Applications 5.5.2 OpenFlow Protocol 5.5.3 Data and Control Plane Interaction: An Example 5.5.4 SDN: Past and Future 5.6 ICMP: The Internet Control Message Protocol 5.7 Network Management, SNMP, and NETCONF/YANG 5.7.1 The Network Management Framework 5.7.2 The Simple Network Management Protocol (SNMP) 5.7.3 NETCONF and YANG 5.8 Summary Homework Problems and Questions Socket Programming Assignment Programming Assignment Wireshark Lab: ICMP Chapter 6: The Link Layer and LANs 6.1 Introduction to the Link Layer 6.1.1 The Services Provided by the Link Layer 6.1.2 Where Is the Link Layer Implemented? 6.2 Error-Detection and -Correction Techniques 6.2.1 Parity Checks 6.2.2 Checksumming Methods 6.2.3 Cyclic Redundancy Check (CRC) 6.3 Multiple Access Links and Protocols 6.3.1 Channel Partitioning Protocols 6.3.2 Random Access Protocols 6.3.3 Taking-Turns Protocols 6.3.4 DOCSIS: The Link-Layer Protocol for Cable Internet Access 6.4 Switched Local Area Networks 6.4.1 Link-Layer Addressing and ARP 6.4.2 Ethernet 6.4.3 Link-Layer Switches 6.4.4 Virtual Local Area Networks (VLANs) 6.5 Link Virtualization: A Network as a Link Layer 6.5.1 Multiprotocol Label Switching (MPLS) 6.6 Data Center Networking 6.6.1 Data Center Architectures 6.6.2 Trends in Data Center Networking 6.7 Retrospective: A Day in the Life of a Web Page Request 6.7.1 Getting Started: DHCP, UDP, IP, and Ethernet 6.7.2 Still Getting Started: DNS and ARP 6.7.3 Still Getting Started: Intra-Domain Routing to the DNS Server 6.7.4 Web Client-Server Interaction: TCP and HTTP 6.8 Summary Homework Problems and Questions Wireshark Labs: Ethernet and Home Networking Chapter 7: Wireless and Mobile Networks 7.1 Introduction 7.2 Wireless Links and Network Characteristics 7.2.1 CDMA 7.3 Wireless LANs 7.3.1 The 802.11 Architecture 7.3.2 The 802.11 MAC Protocol 7.3.3 The IEEE 802.11 Frame 7.3.4 Mobility in the Same IP Subnet 7.3.5 Advanced Features in 802.11 7.3.6 Bluetooth 7.4 Cellular Networks: 4G and 5G 7.4.1 4G LTE Cellular Networks: Architecture and Elements 7.4.2 LTE Protocol Stacks 7.4.3 LTE Radio Access Network 7.4.4 LTE Network Attachment and Power Management 7.4.5 The Global Cellular Network: a Network of Networks 7.4.6 5G Cellular Networks 7.5 Mobility Management: Principles 7.5.1 Device Mobility: a Network-layer Perspective 7.5.2 Home Networks and Roaming on Visited Networks 7.5.3 Direct and Indirect Routing to/from a Mobile Device 7.6 Mobile Management in Practice 7.6.1 Mobility Management in 4G/5G Networks 7.6.2 Mobile IP 7.7 Wireless and Mobility: Impact on Higher-Layer Protocols 7.8 Summary Homework Problems and Questions Wireshark Lab: 802.11 Chapter 8: Security in Computer Networks 8.1 What Is Network Security? 8.2 Principles of Cryptography 8.2.1 Symmetric Key Cryptography 8.2.2 Public Key Encryption 8.3 Message Integrity and Digital Signatures 8.3.1 Cryptographic Hash Functions 8.3.2 Message Authentication Code 8.3.3 Digital Signatures 8.4 End-Point Authentication 8.4.1 Building an Authentication Protocol 8.5 Securing E-Mail 8.5.1 Secure E-Mail 8.5.2 PGP 8.6 Securing TCP Connections: SSL 8.6.1 The Big Picture 8.6.2 A More Complete Picture 8.7 Network-Layer Security: IPsec and Virtual Private Networks 8.7.1 IPsec and Virtual Private Networks (VPNs) 8.7.2 The AH and ESP Protocols 8.7.3 Security Associations 8.7.4 The IPsec Datagram 8.7.5 IKE: Key Management in IPsec 8.8 Securing Wireless LANs and 4G/5G Cellular Networks 8.8.1 Authentication and Key Agreement in 802.11 Wireless LANs 8.8.2 Authentication and Key Agreement in 4G/5G Cellular Networks 8.9 Operational Security: Firewalls and Intrusion Detection Systems 8.9.1 Firewalls 8.9.2 Intrusion Detection Systems 8.10 Summary Homework Problems and Questions Wireshark Lab: SSL IPsec Lab
£66.49
Pearson Education Limited Computer Networks Global Edition
Book SynopsisTable of Contents1. Introduction Uses of Computer Networks Types of Computer Networks Network Technology, from Local to Global Examples of Networks Network Protocols Reference Models Standardization Policy, Legal, and Social Issues Metric Units Outline of the Rest of the Book Summary 2. The Physical Layer Guided Transmission Media Wireless Transmission Using the Spectrum for Transmission From Waveforms to Bits The Public Switched Telephone Network Cellular Networks Cable Networks Communication Satellites Comparing Different Access Networks Policy at the Physical Layer Summary 3. The Data Link Layer Data Link Layer Design Issues Error Detection and Correction Elementary Data Link Protocols Improving Efficiency Data Link Protocols in Practice Summary 4. The Medium Access ControlSublayer The Channel Allocation Problem Multiple Access Protocols Ethernet Wireless LANs Bluetooth DOCSIS Data Link Layer Switching Summary 5. The Network Layer Network Layer Design Issues Routing Algorithms in a Single Network Traffic Management at the Network Layer Quality of Service and Application QoE Internetworking Software Defined Networking The Network Layer in the Internet Policy at the Network layer Summary 6. The Transport Layer The Transport Service Elements of Transport Protocols Congestion Control The Internet Transport Protocols: UDP The Internet Transport Protocols: TCP, QUIC, BBR Performance Monitoring Delay-Tolerant Networking Summary 7. The Application Layer DNS — The Domain Name System Electronic Mail The World Wide Web HTTP/2 Streaming Audio and Video Content Delivery Networks and Distributed Cloud Services Summary 8. Security Fundamentals of Network Security The Core Ingredients of an Attack Firewalls and Intrusion Detection Systems Cryptography Symmetric-Key Algorithms Public-Key Algorithms Digital Signatures Management of Public Keys Authentication Protocols Communication Security Email Security Web Security Social Issues Summary 9. List and Bibliography Suggestions for Further Reading Alphabetical Bibliography
£999.99
John Wiley & Sons From Chaos to Clarity How Data Visualization can
Book Synopsis
£18.69
John Wiley & Sons Inc Security Engineering
Book SynopsisTable of ContentsPreface to the Third Edition xxxvii Preface to the Second Edition xli Preface to the First Edition xliii Formy daughter, and other lawyers… xlvii Foreword xlix Part I Chapter 1 What Is Security Engineering? 3 1.1 Introduction 3 1.2 A framework 4 1.3 Example 1 – a bank 6 1.4 Example 2 – a military base 7 1.5 Example 3 – a hospital 8 1.6 Example 4 – the home 10 1.7 Definitions 11 1.8 Summary 16 Chapter 2 Who Is the Opponent? 17 2.1 Introduction 17 2.2 Spies 19 2.2.1 The Five Eyes 19 2.2.1.1 Prism 19 2.2.1.2 Tempora 20 2.2.1.3 Muscular 21 2.2.1.4 Special collection 22 2.2.1.5 Bullrun and Edgehill 22 2.2.1.6 Xkeyscore 23 2.2.1.7 Longhaul 24 2.2.1.8 Quantum 25 2.2.1.9 CNE 25 2.2.1.10 The analyst’s viewpoint 27 2.2.1.11 Offensive operations 28 2.2.1.12 Attack scaling 29 2.2.2 China 30 2.2.3 Russia 35 2.2.4 The rest 38 2.2.5 Attribution 40 2.3 Crooks 41 2.3.1 Criminal infrastructure 42 2.3.1.1 Botnet herders 42 2.3.1.2 Malware devs 44 2.3.1.3 Spam senders 45 2.3.1.4 Bulk account compromise 45 2.3.1.5 Targeted attackers 46 2.3.1.6 Cashout gangs 46 2.3.1.7 Ransomware 47 2.3.2 Attacks on banking and payment systems 47 2.3.3 Sectoral cybercrime ecosystems 49 2.3.4 Internal attacks 49 2.3.5 CEO crimes 49 2.3.6 Whistleblowers 50 2.4 Geeks 52 2.5 The swamp 53 2.5.1 Hacktivism and hate campaigns 54 2.5.2 Child sex abuse material 55 2.5.3 School and workplace bullying 57 2.5.4 Intimate relationship abuse 57 2.6 Summary 59 Research problems 60 Further reading 61 Chapter 3 Psychology and Usability 63 3.1 Introduction 63 3.2 Insights from psychology research 64 3.2.1 Cognitive psychology 65 3.2.2 Gender, diversity and interpersonal variation 68 3.2.3 Social psychology 70 3.2.3.1 Authority and its abuse 71 3.2.3.2 The bystander effect 72 3.2.4 The social-brain theory of deception 73 3.2.5 Heuristics, biases and behavioural economics 76 3.2.5.1 Prospect theory and risk misperception 77 3.2.5.2 Present bias and hyperbolic discounting 78 3.2.5.3 Defaults and nudges 79 3.2.5.4 The default to intentionality 79 3.2.5.5 The affect heuristic 80 3.2.5.6 Cognitive dissonance 81 3.2.5.7 The risk thermostat 81 3.3 Deception in practice 81 3.3.1 The salesman and the scamster 82 3.3.2 Social engineering 84 3.3.3 Phishing 86 3.3.4 Opsec 88 3.3.5 Deception research 89 3.4 Passwords 90 3.4.1 Password recovery 92 3.4.2 Password choice 94 3.4.3 Difficulties with reliable password entry 94 3.4.4 Difficulties with remembering the password 95 3.4.4.1 Naïve choice 96 3.4.4.2 User abilities and training 96 3.4.4.3 Design errors 98 3.4.4.4 Operational failures 100 3.4.4.5 Social-engineering attacks 101 3.4.4.6 Customer education 102 3.4.4.7 Phishing warnings 103 3.4.5 System issues 104 3.4.6 Can you deny service? 105 3.4.7 Protecting oneself or others? 105 3.4.8 Attacks on password entry 106 3.4.8.1 Interface design 106 3.4.8.2 Trusted path, and bogus terminals 107 3.4.8.3 Technical defeats of password retry counters 107 3.4.9 Attacks on password storage 108 3.4.9.1 One-way encryption 109 3.4.9.2 Password cracking 109 3.4.9.3 Remote password checking 109 3.4.10 Absolute limits 110 3.4.11 Using a password manager 111 3.4.12 Will we ever get rid of passwords? 113 3.5 CAPTCHAs 115 3.6 Summary 116 Research problems 117 Further reading 118 Chapter 4 Protocols 119 4.1 Introduction 119 4.2 Password eavesdropping risks 120 4.3 Who goes there? – simple authentication 122 4.3.1 Challenge and response 124 4.3.2 Two-factor authentication 128 4.3.3 The MIG-in-the-middle attack 129 4.3.4 Reflection attacks 132 4.4 Manipulating the message 133 4.5 Changing the environment 134 4.6 Chosen protocol attacks 135 4.7 Managing encryption keys 136 4.7.1 The resurrecting duckling 137 4.7.2 Remote key management 137 4.7.3 The Needham-Schroeder protocol 138 4.7.4 Kerberos 139 4.7.5 Practical key management 141 4.8 Design assurance 141 4.9 Summary 143 Research problems 143 Further reading 144 Chapter 5 Cryptography 145 5.1 Introduction 145 5.2 Historical background 146 5.2.1 An early stream cipher – the Vigenère 147 5.2.2 The one-time pad 148 5.2.3 An early block cipher – Playfair 150 5.2.4 Hash functions 152 5.2.5 Asymmetric primitives 154 5.3 Security models 155 5.3.1 Random functions – hash functions 157 5.3.1.1 Properties 157 5.3.1.2 The birthday theorem 158 5.3.2 Random generators – stream ciphers 159 5.3.3 Random permutations – block ciphers 161 5.3.4 Public key encryption and trapdoor one-way permutations 163 5.3.5 Digital signatures 164 5.4 Symmetric crypto algorithms 165 5.4.1 SP-networks 165 5.4.1.1 Block size 166 5.4.1.2 Number of rounds 166 5.4.1.3 Choice of S-boxes 167 5.4.1.4 Linear cryptanalysis 167 5.4.1.5 Differential cryptanalysis 168 5.4.2 The Advanced Encryption Standard (AES) 169 5.4.3 Feistel ciphers 171 5.4.3.1 The Luby-Rackoff result 173 5.4.3.2 DES 173 5.5 Modes of operation 175 5.5.1 How not to use a block cipher 176 5.5.2 Cipher block chaining 177 5.5.3 Counter encryption 178 5.5.4 Legacy stream cipher modes 178 5.5.5 Message authentication code 179 5.5.6 Galois counter mode 180 5.5.7 XTS 180 5.6 Hash functions 181 5.6.1 Common hash functions 181 5.6.2 Hash function applications – HMAC, commitments and updating 183 5.7 Asymmetric crypto primitives 185 5.7.1 Cryptography based on factoring 185 5.7.2 Cryptography based on discrete logarithms 188 5.7.2.1 One-way commutative encryption 189 5.7.2.2 Diffie-Hellman key establishment 190 5.7.2.3 ElGamal digital signature and DSA 192 5.7.3 Elliptic curve cryptography 193 5.7.4 Certification authorities 194 5.7.5 TLS 195 5.7.5.1 TLS uses 196 5.7.5.2 TLS security 196 5.7.5.3 TLS 1.3 197 5.7.6 Other public-key protocols 197 5.7.6.1 Code signing 197 5.7.6.2 PGP/GPG 198 5.7.6.3 QUIC 199 5.7.7 Special-purpose primitives 199 5.7.8 How strong are asymmetric cryptographic primitives? 200 5.7.9 What else goes wrong 202 5.8 Summary 203 Research problems 204 Further reading 204 Chapter 6 Access Control 207 6.1 Introduction 207 6.2 Operating system access controls 209 6.2.1 Groups and roles 210 6.2.2 Access control lists 211 6.2.3 Unix operating system security 212 6.2.4 Capabilities 214 6.2.5 DAC and MAC 215 6.2.6 Apple’s macOS 217 6.2.7 iOS 217 6.2.8 Android 218 6.2.9 Windows 219 6.2.10 Middleware 222 6.2.10.1 Database access controls 222 6.2.10.2 Browsers 223 6.2.11 Sandboxing 224 6.2.12 Virtualisation 225 6.3 Hardware protection 227 6.3.1 Intel processors 228 6.3.2 Arm processors 230 6.4 What goes wrong 231 6.4.1 Smashing the stack 232 6.4.2 Other technical attacks 234 6.4.3 User interface failures 236 6.4.4 Remedies 237 6.4.5 Environmental creep 238 6.5 Summary 239 Research problems 240 Further reading 240 Chapter 7 Distributed Systems 243 7.1 Introduction 243 7.2 Concurrency 244 7.2.1 Using old data versus paying to propagate state 245 7.2.2 Locking to prevent inconsistent updates 246 7.2.3 The order of updates 247 7.2.4 Deadlock 248 7.2.5 Non-convergent state 249 7.2.6 Secure time 250 7.3 Fault tolerance and failure recovery 251 7.3.1 Failure models 252 7.3.1.1 Byzantine failure 252 7.3.1.2 Interaction with fault tolerance 253 7.3.2 What is resilience for? 254 7.3.3 At what level is the redundancy? 255 7.3.4 Service-denial attacks 257 7.4 Naming 259 7.4.1 The Needham naming principles 260 7.4.2 What else goes wrong 263 7.4.2.1 Naming and identity 264 7.4.2.2 Cultural assumptions 265 7.4.2.3 Semantic content of names 267 7.4.2.4 Uniqueness of names 268 7.4.2.5 Stability of names and addresses 269 7.4.2.6 Restrictions on the use of names 269 7.4.3 Types of name 270 7.5 Summary 271 Research problems 272 Further reading 273 Chapter 8 Economics 275 8.1 Introduction 275 8.2 Classical economics 276 8.2.1 Monopoly 278 8.3 Information economics 281 8.3.1 Why information markets are different 281 8.3.2 The value of lock-in 282 8.3.3 Asymmetric information 284 8.3.4 Public goods 285 8.4 Game theory 286 8.4.1 The prisoners’ dilemma 287 8.4.2 Repeated and evolutionary games 288 8.5 Auction theory 291 8.6 The economics of security and dependability 293 8.6.1 Why is Windows so insecure? 294 8.6.2 Managing the patching cycle 296 8.6.3 Structural models of attack and defence 298 8.6.4 The economics of lock-in, tying and DRM 300 8.6.5 Antitrust law and competition policy 302 8.6.6 Perversely motivated guards 304 8.6.7 Economics of privacy 305 8.6.8 Organisations and human behaviour 307 8.6.9 Economics of cybercrime 308 8.7 Summary 310 Research problems 311 Further reading 311 Part II Chapter 9 Multilevel Security 315 9.1 Introduction 315 9.2 What is a security policy model? 316 9.3 Multilevel security policy 318 9.3.1 The Anderson report 319 9.3.2 The Bell-LaPadula model 320 9.3.3 The standard criticisms of Bell-LaPadula 321 9.3.4 The evolution of MLS policies 323 9.3.5 The Biba model 325 9.4 Historical examples of MLS systems 326 9.4.1 SCOMP 326 9.4.2 Data diodes 327 9.5 MAC: from MLS to IFC and integrity 329 9.5.1 Windows 329 9.5.2 SELinux 330 9.5.3 Embedded systems 330 9.6 What goes wrong 331 9.6.1 Composability 331 9.6.2 The cascade problem 332 9.6.3 Covert channels 333 9.6.4 The threat from malware 333 9.6.5 Polyinstantiation 334 9.6.6 Practical problems with MLS 335 9.7 Summary 337 Research problems 338 Further reading 339 Chapter 10 Boundaries 341 10.1 Introduction 341 10.2 Compartmentation and the lattice model 344 10.3 Privacy for tigers 346 10.4 Health record privacy 349 10.4.1 The threat model 351 10.4.2 The BMA security policy 353 10.4.3 First practical steps 356 10.4.4 What actually goes wrong 357 10.4.4.1 Emergency care 358 10.4.4.2 Resilience 359 10.4.4.3 Secondary uses 359 10.4.5 Confidentiality – the future 362 10.4.6 Ethics 365 10.4.7 Social care and education 367 10.4.8 The Chinese Wall 369 10.5 Summary 371 Research problems 372 Further reading 373 Chapter 11 Inference Control 375 11.1 Introduction 375 11.2 The early history of inference control 377 11.2.1 The basic theory of inference control 378 11.2.1.1 Query set size control 378 11.2.1.2 Trackers 379 11.2.1.3 Cell suppression 379 11.2.1.4 Other statistical disclosure control mechanisms 380 11.2.1.5 More sophisticated query controls 381 11.2.1.6 Randomization 382 11.2.2 Limits of classical statistical security 383 11.2.3 Active attacks 384 11.2.4 Inference control in rich medical data 385 11.2.5 The third wave: preferences and search 388 11.2.6 The fourth wave: location and social 389 11.3 Differential privacy 392 11.4 Mind the gap? 394 11.4.1 Tactical anonymity and its problems 395 11.4.2 Incentives 398 11.4.3 Alternatives 399 11.4.4 The dark side 400 11.5 Summary 401 Research problems 402 Further reading 402 Chapter 12 Banking and Bookkeeping 405 12.1 Introduction 405 12.2 Bookkeeping systems 406 12.2.1 Double-entry bookkeeping 408 12.2.2 Bookkeeping in banks 408 12.2.3 The Clark-Wilson security policy model 410 12.2.4 Designing internal controls 411 12.2.5 Insider frauds 415 12.2.6 Executive frauds 416 12.2.6.1 The post office case 418 12.2.6.2 Other failures 419 12.2.6.3 Ecological validity 420 12.2.6.4 Control tuning and corporate governance 421 12.2.7 Finding the weak spots 422 12.3 Interbank payment systems 424 12.3.1 A telegraphic history of E-commerce 424 12.3.2 SWIFT 425 12.3.3 What goes wrong 427 12.4 Automatic teller machines 430 12.4.1 ATM basics 430 12.4.2 What goes wrong 433 12.4.3 Incentives and injustices 437 12.5 Credit cards 438 12.5.1 Credit card fraud 439 12.5.2 Online card fraud 440 12.5.3 3DS 443 12.5.4 Fraud engines 444 12.6 EMV payment cards 445 12.6.1 Chip cards 445 12.6.1.1 Static data authentication 446 12.6.1.2 ICVVs, DDA and CDA 450 12.6.1.3 The No-PIN attack 451 12.6.2 The preplay attack 452 12.6.3 Contactless 454 12.7 Online banking 457 12.7.1 Phishing 457 12.7.2 CAP 458 12.7.3 Banking malware 459 12.7.4 Phones as second factors 459 12.7.5 Liability 461 12.7.6 Authorised push payment fraud 462 12.8 Nonbank payments 463 12.8.1 M-Pesa 463 12.8.2 Other phone payment systems 464 12.8.3 Sofort, and open banking 465 12.9 Summary 466 Research problems 466 Further reading 468 Chapter 13 Locks and Alarms 471 13.1 Introduction 471 13.2 Threats and barriers 472 13.2.1 Threat model 473 13.2.2 Deterrence 474 13.2.3 Walls and barriers 476 13.2.4 Mechanical locks 478 13.2.5 Electronic locks 482 13.3 Alarms 484 13.3.1 How not to protect a painting 485 13.3.2 Sensor defeats 486 13.3.3 Feature interactions 488 13.3.4 Attacks on communications 489 13.3.5 Lessons learned 493 13.4 Summary 494 Research problems 495 Further reading 495 Chapter 14 Monitoring and Metering 497 14.1 Introduction 497 14.2 Prepayment tokens 498 14.2.1 Utility metering 499 14.2.2 How the STS system works 501 14.2.3 What goes wrong 502 14.2.4 Smart meters and smart grids 504 14.2.5 Ticketing fraud 508 14.3 Taxi meters, tachographs and truck speed limiters 509 14.3.1 The tachograph 509 14.3.2 What goes wrong 511 14.3.2.1 How most tachograph manipulation is done 511 14.3.2.2 Tampering with the supply 512 14.3.2.3 Tampering with the instrument 512 14.3.2.4 High-tech attacks 513 14.3.3 Digital tachographs 514 14.3.3.1 System-level problems 515 14.3.3.2 Other problems 516 14.3.4 Sensor defeats and third-generation devices 518 14.3.5 The fourth generation – smart tachographs 518 14.4 Curfew tags: GPS as policeman 519 14.5 Postage meters 522 14.6 Summary 526 Research problems 527 Further reading 527 Chapter 15 Nuclear Command and Control 529 15.1 Introduction 529 15.2 The evolution of command and control 532 15.2.1 The Kennedy memorandum 532 15.2.2 Authorization, environment, intent 534 15.3 Unconditionally secure authentication 534 15.4 Shared control schemes 536 15.5 Tamper resistance and PALs 538 15.6 Treaty verification 540 15.7 What goes wrong 541 15.7.1 Nuclear accidents 541 15.7.2 Interaction with cyberwar 542 15.7.3 Technical failures 543 15.8 Secrecy or openness? 544 15.9 Summary 545 Research problems 546 Further reading 546 Chapter 16 Security Printing and Seals 549 16.1 Introduction 549 16.2 History 550 16.3 Security printing 551 16.3.1 Threat model 552 16.3.2 Security printing techniques 553 16.4 Packaging and seals 557 16.4.1 Substrate properties 558 16.4.2 The problems of glue 558 16.4.3 PIN mailers 559 16.5 Systemic vulnerabilities 560 16.5.1 Peculiarities of the threat model 562 16.5.2 Anti-gundecking measures 563 16.5.3 The effect of random failure 564 16.5.4 Materials control 564 16.5.5 Not protecting the right things 565 16.5.6 The cost and nature of inspection 566 16.6 Evaluation methodology 567 16.7 Summary 569 Research problems 569 Further reading 570 Chapter 17 Biometrics 571 17.1 Introduction 571 17.2 Handwritten signatures 572 17.3 Face recognition 575 17.4 Fingerprints 579 17.4.1 Verifying positive or negative identity claims 581 17.4.2 Crime scene forensics 584 17.5 Iris codes 588 17.6 Voice recognition and morphing 590 17.7 Other systems 591 17.8 What goes wrong 593 17.9 Summary 596 Research problems 597 Further reading 597 Chapter 18 Tamper Resistance 599 18.1 Introduction 599 18.2 History 601 18.3 Hardware security modules 601 18.4 Evaluation 607 18.5 Smartcards and other security chips 609 18.5.1 History 609 18.5.2 Architecture 610 18.5.3 Security evolution 611 18.5.4 Random number generators and PUFs 621 18.5.5 Larger chips 624 18.5.6 The state of the art 628 18.6 The residual risk 630 18.6.1 The trusted interface problem 630 18.6.2 Conflicts 631 18.6.3 The lemons market, risk dumping and evaluation games 632 18.6.4 Security-by-obscurity 632 18.6.5 Changing environments 633 18.7 So what should one protect? 634 18.8 Summary 636 Research problems 636 Further reading 636 Chapter 19 Side Channels 639 19.1 Introduction 639 19.2 Emission security 640 19.2.1 History 641 19.2.2 Technical surveillance and countermeasures 642 19.3 Passive attacks 645 19.3.1 Leakage through power and signal cables 645 19.3.2 Leakage through RF signals 645 19.3.3 What goes wrong 649 19.4 Attacks between and within computers 650 19.4.1 Timing analysis 651 19.4.2 Power analysis 652 19.4.3 Glitching and differential fault analysis 655 19.4.4 Rowhammer, CLKscrew and Plundervolt 656 19.4.5 Meltdown, Spectre and other enclave side channels 657 19.5 Environmental side channels 659 19.5.1 Acoustic side channels 659 19.5.2 Optical side channels 661 19.5.3 Other side-channels 661 19.6 Social side channels 663 19.7 Summary 663 Research problems 664 Further reading 664 Chapter 20 Advanced Cryptographic Engineering 667 20.1 Introduction 667 20.2 Full-disk encryption 668 20.3 Signal 670 20.4 Tor 674 20.5 HSMs 677 20.5.1 The xor-to-null-key attack 677 20.5.2 Attacks using backwards compatibility and time-memory tradeoffs 678 20.5.3 Differential protocol attacks 679 20.5.4 The EMV attack 681 20.5.5 Hacking the HSMs in CAs and clouds 681 20.5.6 Managing HSM risks 681 20.6 Enclaves 682 20.7 Blockchains 685 20.7.1 Wallets 688 20.7.2 Miners 689 20.7.3 Smart contracts 689 20.7.4 Off-chain payment mechanisms 691 20.7.5 Exchanges, cryptocrime and regulation 692 20.7.6 Permissioned blockchains 695 20.8 Crypto dreams that failed 695 20.9 Summary 696 Research problems 698 Further reading 698 Chapter 21 Network Attack and Defence 699 21.1 Introduction 699 21.2 Network protocols and service denial 701 21.2.1 BGP security 701 21.2.2 DNS security 703 21.2.3 UDP, TCP, SYN floods and SYN reflection 704 21.2.4 Other amplifiers 705 21.2.5 Other denial-of-service attacks 706 21.2.6 Email – from spies to spammers 706 21.3 The malware menagerie – Trojans, worms and RATs 708 21.3.1 Early history of malware 709 21.3.2 The Internet worm 710 21.3.3 Further malware evolution 711 21.3.4 How malware works 713 21.3.5 Countermeasures 714 21.4 Defense against network attack 715 21.4.1 Filtering: firewalls, censorware and wiretaps 717 21.4.1.1 Packet filtering 718 21.4.1.2 Circuit gateways 718 21.4.1.3 Application proxies 719 21.4.1.4 Ingress versus egress filtering 719 21.4.1.5 Architecture 720 21.4.2 Intrusion detection 722 21.4.2.1 Types of intrusion detection 722 21.4.2.2 General limitations of intrusion detection 724 21.4.2.3 Specific problems detecting network attacks 724 21.5 Cryptography: the ragged boundary 725 21.5.1 SSH 726 21.5.2 Wireless networking at the periphery 727 21.5.2.1 WiFi 727 21.5.2.2 Bluetooth 728 21.5.2.3 HomePlug 729 21.5.2.4 VPNs 729 21.6 CAs and PKI 730 21.7 Topology 733 21.8 Summary 734 Research problems 734 Further reading 735 Chapter 22 Phones 737 22.1 Introduction 737 22.2 Attacks on phone networks 738 22.2.1 Attacks on phone-call metering 739 22.2.2 Attacks on signaling 742 22.2.3 Attacks on switching and configuration 743 22.2.4 Insecure end systems 745 22.2.5 Feature interaction 746 22.2.6 VOIP 747 22.2.7 Frauds by phone companies 748 22.2.8 Security economics of telecomms 749 22.3 Going mobile 750 22.3.1 GSM 751 22.3.2 3G 755 22.3.3 4G 757 22.3.4 5G and beyond 758 22.3.5 General MNO failings 760 22.4 Platform security 761 22.4.1 The Android app ecosystem 763 22.4.1.1 App markets and developers 764 22.4.1.2 Bad Android implementations 764 22.4.1.3 Permissions 766 22.4.1.4 Android malware 767 22.4.1.5 Ads and third-party services 768 22.4.1.6 Pre-installed apps 770 22.4.2 Apple’s app ecosystem 770 22.4.3 Cross-cutting issues 774 22.5 Summary 775 Research problems 776 Further reading 776 Chapter 23 Electronic and Information Warfare 777 23.1 Introduction 777 23.2 Basics 778 23.3 Communications systems 779 23.3.1 Signals intelligence techniques 781 23.3.2 Attacks on communications 784 23.3.3 Protection techniques 785 23.3.3.1 Frequency hopping 786 23.3.3.2 DSSS 787 23.3.3.3 Burst communications 788 23.3.3.4 Combining covertness and jam resistance 789 23.3.4 Interaction between civil and military uses 790 23.4 Surveillance and target acquisition 791 23.4.1 Types of radar 792 23.4.2 Jamming techniques 793 23.4.3 Advanced radars and countermeasures 795 23.4.4 Other sensors and multisensor issues 796 23.5 IFF systems 797 23.6 Improvised explosive devices 800 23.7 Directed energy weapons 802 23.8 Information warfare 803 23.8.1 Attacks on control systems 805 23.8.2 Attacks on other infrastructure 808 23.8.3 Attacks on elections and political stability 809 23.8.4 Doctrine 811 23.9 Summary 812 Research problems 813 Further reading 813 Chapter 24 Copyright and DRM 815 24.1 Introduction 815 24.2 Copyright 817 24.2.1 Software 817 24.2.2 Free software, free culture? 823 24.2.3 Books and music 827 24.2.4 Video and pay-TV 828 24.2.4.1 Typical system architecture 829 24.2.4.2 Video scrambling techniques 830 24.2.4.3 Attacks on hybrid scrambling systems 832 24.2.4.4 DVB 836 24.2.5 DVD 837 24.3 DRM on general-purpose computers 838 24.3.1 Windows media rights management 839 24.3.2 FairPlay, HTML5 and other DRM systems 840 24.3.3 Software obfuscation 841 24.3.4 Gaming, cheating, and DRM 843 24.3.5 Peer-to-peer systems 845 24.3.6 Managing hardware design rights 847 24.4 Information hiding 848 24.4.1 Watermarks and copy generation management 849 24.4.2 General information hiding techniques 849 24.4.3 Attacks on copyright marking schemes 851 24.5 Policy 854 24.5.1 The IP lobby 857 24.5.2 Who benefits? 859 24.6 Accessory control 860 24.7 Summary 862 Research problems 862 Further reading 863 Chapter 25 New Directions? 865 25.1 Introduction 865 25.2 Autonomous and remotely-piloted vehicles 866 25.2.1 Drones 866 25.2.2 Self-driving cars 867 25.2.3 The levels and limits of automation 869 25.2.4 How to hack a self-driving car 872 25.3 AI / ML 874 25.3.1 ML and security 875 25.3.2 Attacks on ML systems 876 25.3.3 ML and society 879 25.4 PETS and operational security 882 25.4.1 Anonymous messaging devices 885 25.4.2 Social support 887 25.4.3 Living off the land 890 25.4.4 Putting it all together 891 25.4.5 The name’s Bond. James Bond 893 25.5 Elections 895 25.5.1 The history of voting machines 896 25.5.2 Hanging chads 896 25.5.3 Optical scan 898 25.5.4 Software independence 899 25.5.5 Why electronic elections are hard 900 25.6 Summary 904 Research problems 904 Further reading 905 Part III Chapter 26 Surveillance or Privacy? 909 26.1 Introduction 909 26.2 Surveillance 912 26.2.1 The history of government wiretapping 912 26.2.2 Call data records (CDRs) 916 26.2.3 Search terms and location data 919 26.2.4 Algorithmic processing 920 26.2.5 ISPs and CSPs 921 26.2.6 The Five Eyes’ system of systems 922 26.2.7 The crypto wars 925 26.2.7.1 The back story to crypto policy 926 26.2.7.2 DES and crypto research 927 26.2.7.3 CryptoWar 1 – the Clipper chip 928 26.2.7.4 CryptoWar 2 – going spotty 931 26.2.8 Export control 934 26.3 Terrorism 936 26.3.1 Causes of political violence 936 26.3.2 The psychology of political violence 937 26.3.3 The role of institutions 938 26.3.4 The democratic response 940 26.4 Censorship 941 26.4.1 Censorship by authoritarian regimes 942 26.4.2 Filtering, hate speech and radicalisation 944 26.5 Forensics and rules of evidence 948 26.5.1 Forensics 948 26.5.2 Admissibility of evidence 950 26.5.3 What goes wrong 951 26.6 Privacy and data protection 953 26.6.1 European data protection 953 26.6.2 Privacy regulation in the USA 956 26.6.3 Fragmentation? 958 26.7 Freedom of information 960 26.8 Summary 961 Research problems 962 Further reading 962 Chapter 27 Secure Systems Development 965 27.1 Introduction 965 27.2 Risk management 966 27.3 Lessons from safety-critical systems 969 27.3.1 Safety engineering methodologies 970 27.3.2 Hazard analysis 971 27.3.3 Fault trees and threat trees 971 27.3.4 Failure modes and effects analysis 972 27.3.5 Threat modelling 973 27.3.6 Quantifying risks 975 27.4 Prioritising protection goals 978 27.5 Methodology 980 27.5.1 Top-down design 981 27.5.2 Iterative design: from spiral to agile 983 27.5.3 The secure development lifecycle 985 27.5.4 Gated development 987 27.5.5 Software as a Service 988 27.5.6 From DevOps to DevSecOps 991 27.5.6.1 The Azure ecosystem 991 27.5.6.2 The Google ecosystem 992 27.5.6.3 Creating a learning system 994 27.5.7 The vulnerability cycle 995 27.5.7.1 The CVE system 997 27.5.7.2 Coordinated disclosure 998 27.5.7.3 Security incident and event management 999 27.5.8 Organizational mismanagement of risk 1000 27.6 Managing the team 1004 27.6.1 Elite engineers 1004 27.6.2 Diversity 1005 27.6.3 Nurturing skills and attitudes 1007 27.6.4 Emergent properties 1008 27.6.5 Evolving your workflow 1008 27.6.6 And finally… 1010 27.7 Summary 1010 Research problems 1011 Further reading 1012 Chapter 28 Assurance and Sustainability 1015 28.1 Introduction 1015 28.2 Evaluation 1018 28.2.1 Alarms and locks 1019 28.2.2 Safety evaluation regimes 1019 28.2.3 Medical device safety 1020 28.2.4 Aviation safety 1023 28.2.5 The Orange book 1025 28.2.6 FIPS 140 and HSMs 1026 28.2.7 The common criteria 1026 28.2.7.1 The gory details 1027 28.2.7.2 What goes wrong with the Common Criteria 1029 28.2.7.3 Collaborative protection profiles 1031 28.2.8 The ‘Principle of Maximum Complacency’ 1032 28.2.9 Next steps 1034 28.3 Metrics and dynamics of dependability 1036 28.3.1 Reliability growth models 1036 28.3.2 Hostile review 1039 28.3.3 Free and open-source software 1040 28.3.4 Process assurance 1042 28.4 The entanglement of safety and security 1044 28.4.1 The electronic safety and security of cars 1046 28.4.2 Modernising safety and security regulation 1049 28.4.3 The Cybersecurity Act 2019 1050 28.5 Sustainability 1051 28.5.1 The Sales of goods directive 1052 28.5.2 New research directions 1053 28.6 Summary 1056 Research problems 1057 Further reading 1058 Chapter 29 Beyond “Computer Says No” 1059 Bibliography 1061 Index 1143
£46.20
John Wiley & Sons Inc Deep Dive
Book SynopsisTable of ContentsForeword xix Preface xxi Introduction xxv Part I Foundational OSINT 1 Chapter 1 Open Source Intelligence 3 1.1 What Is OSINT? 3 1.2 A Brief History of OSINT 6 The Past 6 The Present 8 The Future 10 1.3 Critical Thinking 14 1.4 Mental Health 16 1.5 Personal Bias 17 1.6 Ethics 19 Chapter 2 The Intelligence Cycle 23 2.1 What Is the Intelligence Cycle? 23 2.2 Planning and Requirements Phase 24 2.3 Collection Phase 26 The Art of Pivoting 27 Overcoming OSINT Challenges 33 RESET Technique 33 Gap Analysis 34 Why We Have So Much Data 37 2.4 Documentation Methods 39 2.5 Processing and Evaluation Phase 44 Scoping 45 Data Enrichment 45 2.6 Analysis and Production Phase 47 Visualizations 47 2.7 Reporting 50 Report Tone 51 Report Design 51 Example Report 54 2.8 Dissemination and Consumption Phases 54 Tippers 55 Feedback Phase 55 Challenges in the Intelligence Cycle 55 Chapter 3 The Adversarial Mindset 57 3.1 Getting to Know the Adversary 57 3.2 Passive vs. Active Recon 64 Chapter 4 Operational Security 67 4.1 What Is OPSEC? 67 Threat Modeling 68 Persona Non Grata Method 68 Security or “Baseball” Cards 69 Attack Trees 71 4.2 Steps for OPSEC 72 Outlining the Five Steps of OPSEC 72 Step 1: Define Critical Information 72 Step 2: Analyze the Threat 72 Step 3: Determine Vulnerabilities 73 Step 4: Risk Assessment 73 Step 5: Apply Countermeasures 74 4.3 OPSEC Technology 77 Virtual Private Network 77 Why Use a VPN? 77 Choosing a VPN 78 VPN Concerns 78 Privacy Browsers 79 Tor 79 Freenet 80 I2p 82 Virtual Machine 83 Mobile Emulator 85 4.4 Research Accounts 85 4.5 Congratulations! 90 Part II OSINT Touchpoints 91 Chapter 5 Subject Intelligence 97 5.1 Overview 97 What Is Subject Intelligence? 98 Digital Footprint 98 Examining a Subject’s Pattern of Life 102 5.2 Names 106 Subject Names 106 Naming Conventions 107 Arabic Naming Conventions 107 Chinese Naming Conventions 109 Russian Naming Conventions 109 Name Searching Techniques 110 5.3 Subject Usernames 110 Username Searching Techniques 111 Correlating Accounts and Subject Information by Username 112 5.4 Subject Emails 116 How to begin connecting accounts 117 Correlating Accounts and Subject Information by Email 117 Google Accounts 119 Correlating an Email with a Domain 120 Email Verification 122 Privacy Emails 124 Data Breaches 125 5.5 Subject Phone Numbers 129 Typing Phone Numbers to additional selectors 129 Correlating a Phone Number with a Subject 129 Phone Number Spoofing 131 5.6 Public Records and Personal Disclosures 132 Methods for incorporating public records searches 132 Collecting Public Records Associated with a Subject 132 U.S. Official Public Record Sources 134 U.S. Unofficial Sources 142 Chapter 6 Social Media Analysis 145 6.1 Social Media 145 Key Parts of Social Media 146 Collecting Social Media Data on a Subject 148 Correlating Subject Social Media Accounts 149 Subject Associations and Interactions on Social Media 151 User Media and Metadata 156 Social Media Pivots at a Glance 159 6.2 Continuous Community Monitoring 160 Methods for the Continuous Monitoring of a Group 160 Facebook Groups 161 Telegram Channels 162 Reddit 164 4chan and 8kun 166 I Joined a Community, Now What? 167 I Am Unable to Join a Community, Can I Still Monitor Them? 168 6.3 Image and Video Analysis 169 How to Look at an Image/Video 169 Reverse Image Searching 172 Image- Based Geolocation 173 Image Analysis 173 Geolocation Steps 175 Image Analysis 177 Geolocation Steps 178 Image Analysis and Geolocation for Real- Time Events 181 6.4 Verification 184 Misinformation, Disinformation, and Malinformation 185 How Do We Verify If Content Is Mis/Dis/Mal? 186 Spotting a Bot Account or Bot Network 187 Visualizing and Analyzing Social Networks 190 Spotting Digitally Altered Content 193 Photo Manipulation 196 Video Manipulation 199 6.5 Putting It All Together 200 Chasing a Puppy Scam 200 Chapter 7 Business and Organizational Intelligence 209 7.1 Overview 209 What Is Organizational Intelligence? 209 7.2 Corporate Organizations 212 Understanding the Basics of Corporate Structure 213 Entity Types 213 7.3 Methods for Analyzing Organizations 215 Government Sources and Official Registers 216 Edgar 218 Annual Reports and Filings 219 Annual Report to Shareholders 220 Forms 10- K, 10- Q, and 8- K 220 Digital Disclosures and Leaks 220 Organizational Websites 221 Social Media for Organizations 225 Business Indiscretions and Lawsuits 226 Contracts 229 Government Contracts 229 Contract Reading 101 231 Power Mapping 239 Tips for Analyzing Organizations Outside the United States 243 Canada 243 United Kingdom 243 China 246 Russia 246 Middle East 249 7.4 Recognizing Organizational Crime 250 Shell Corporations 251 The “Tells” 252 7.5 Sanctions, Blacklists, and Designations 253 Organizations that designate sanctions 254 The United Nations Security Council 254 The Office of Foreign Assets Control 254 Other Blacklists 254 7.6 501(c)(3) Nonprofits 255 Primary Source Documents 256 IRS Form 990 256 IRS Tax Exempt Organization Search 257 Annual Reports 258 Consumer Reports and Reviews 259 Charity Navigator 259 7.7 Domain Registration and IP Analysis 260 An Organization’s IPs, Domain Names and Websites 261 What Is an IP address? 261 What Is a Domain Name? 261 What Is a Website, and Why Does All of This Matter? 261 Analyzing Organization Websites 262 Robots.txt 262 Website Design and Content 263 Website Metadata 264 Analyzing WHOIS Record Data 265 Analyzing IP Addresses 267 IP Addresses 101 267 What Can I Do with an IP Address? 269 Words of Caution 270 Chapter 8 Transportation Intelligence 273 8.1 Overview 273 What Is Transportation Intelligence? 273 The Criticality of Transportation Intelligence 274 Visual Intelligence 275 Spotters 275 Social Media Disclosures 276 Webcam 276 Satellite Imagery 278 Signal Detection 281 Understanding Navigational Systems 282 Dark Signals 284 Signal Spoofing 285 Identity Manipulation 287 GNSS Jamming 287 GNSS Meaconing 288 8.2 Vessels 289 Introduction to Maritime Intelligence 289 Types of Maritime Entities 289 Vessel Terminology 290 Maritime Discovery and Analysis Methods 291 Vessel Paths and Locations 292 Vessel Meetings 293 Port Calls 297 Maritime Entity Ownership and Operation 300 Maritime Critical Infrastructure and Entity Vulnerabilities 301 Ship-to-Shore Critical Infrastructure 302 8.3 Railways 305 Introduction to Railway Intelligence 305 Types of Railway Entities 306 Railway Terminology 307 Railway Discovery and Analysis Methods 308 Visual Identification of Rail Lines 308 Railway Routes and Schedules 314 Railway Entity Ownership and Operation 317 Railway Critical Infrastructure and Entity Vulnerabilities 318 8.4 Aircraft 323 Introduction to Aircraft Intelligence 323 Types of Aircraft 324 Parts of a Typical Jet 325 Aircraft and Air Travel Terminology 327 Aircraft Discovery and Analysis Methods 328 Identifying Aircraft 329 Flight Paths and Locations 346 Limiting Aircraft Data Displayed and Private ICAO Addresses Listings 349 Tracking Cargo 350 Notice to Air Missions (NOTAMs) 350 Air Traffic Control Communications 352 Aerodromes 352 Geolocation and Imagery Analysis of Aircraft 355 Aviation Entity Ownership and Operation 358 Aviation Critical Infrastructure and Entity Vulnerabilities 361 8.5 Automobiles 362 Introduction to Automotive Intelligence 362 Types of Automobile Entities 362 Automobile Terminology 363 Automobile Discovery and Analysis Methods 364 Identifying Automobiles 364 Tips for Monitoring and Analyzing Automobile Routes 371 Automobile Entity Ownership and Operation 374 Automobile Security and Technology 375 Chapter 9 Critical Infrastructure and Industrial Intelligence 379 9.1 Overview of Critical Infrastructure and Industrial Intelligence 379 What Is Operational Technology? 384 What Is IoT and IIoT? 385 9.2 Methods for the Analysis of Critical Infrastructure, OT, and IoT Systems 387 Planning the Analysis 388 Five Possible Information Gathering Avenues 388 Visualizations 390 Plotting Locations with Google Earth Pro 391 Using Premade Visualizations 397 Public Disclosures 402 Contracts 402 Social Media 402 Job Advertisements 404 Company Disclosures 404 Infrastructure Search Tools 405 Censys.io 405 Kamerka 406 9.3 Wireless 408 Overview of Wireless Networks 408 Mobile Networks 409 War Driving 410 Low- Power Wide- Area Networks 412 Long Range Radio (LoRa) 412 Wireless SSID, BSSID, MAC 413 Service Set Identifier (SSID) 413 Basic Service Set Identifier (BSSID) 413 Extended Service Set Identifier (ESSID) 413 Media Access Control (MAC) Address 413 9.4 Methods for Analyzing Wireless Networks 415 Information Gathering Techniques 415 Here are some pivots for wireless network information gathering 415 Wi- Fi Searching Techniques 418 WiGLE 418 Plotting Wireless Locations with Google Earth Pro 421 Tower Searching Techniques 423 Chapter 10 Financial Intelligence 425 10.1 Overview 425 Financial Organizations 426 Financial Intelligence Units 426 Financial Crimes Enforcement Network 426 The Financial Action Task Force 426 The Federal Deposit Insurance Corporation 427 International Monetary Fund 427 Federal Financial Institutions Examination Council 427 The Office of Foreign Assets Control 428 10.2 Financial Crime and Organized Crime, Together Forever <3 429 Transnational Criminal Organizations 430 Politically Exposed Person 432 Anti- Money Laundering 433 The Counter Financing of Terrorism 435 Tax Evasion, Tax Fraud, and Embezzlement 437 10.3 Methods for Analysis 438 Financial Identifiers 440 Issuer Identification Number 440 Routing Number (ABA Routing Numbers) 440 Society for Worldwide Interbank Financial Organization 440 Value- Added Tax 441 BIN- Bank Identification Number 441 Location- Based Resources 443 Drug Financing Analysis Resources 446 Organized Crime Analysis Resources 448 Negative News String Searching 449 Chapter 11 Cryptocurrency 451 11.1 Overview of Cryptocurrency 451 The Basics of Cryptocurrency 453 How Is Cryptocurrency Used and Transferred? 453 What Is a Cryptocurrency Wallet? 454 What Is Blockchain? 455 Types of Cryptocurrencies 457 Coin and Token Quick Reference 457 Bitcoin 458 Ether 458 Binance 458 Tether 459 Solana 459 Dogecoin 459 Monero (XMR) 459 What Is Cryptocurrency Mining and Minting? 460 Types of Verification 461 Public Blockchains vs. Private Blockchains 463 Why Tracking Cryptocurrency Matters 463 Money Laundering 464 Fraud, Illegal Sales, and CSAM/CSEM 467 11.2 The Dark Web 471 Overview of the Dark Web 471 Darknet Marketplaces 473 11.3 Methods for Cryptocurrency Analysis 475 Where to Begin? 475 Starting with a Subject of Interest 476 Starting with a Wallet of Interest 478 Tracing Cash- Outs at the Exchange Point 481 Following Cryptocurrency Mining Scripts 483 Starting with a Transaction of Interest 485 Chapter 12 Non-fungible Tokens 489 12.1 Overview of Non-fungible Tokens 489 NFT Crimes 490 Ponzi Schemes and Rug Pulls 490 Fake NFTs 491 Get Rich Quick 491 Phishing 491 12.2 Methods for Analyzing NFTs 491 By Wallet Number or Address 491 By Image 494 What Is ENS? 496 Look for Metadata 497 Chapter 13 What’s Next? 499 13.1 Thank You for Diving In with Me 499 Important Reminders 500 Index 503
£27.99
John Wiley & Sons Inc Fighting Phishing
Book SynopsisKeep valuable data safe from even the most sophisticated social engineering and phishing attacks Fighting Phishing: Everything You Can Do To Fight Social Engineering and Phishing serves as the ideal defense against phishing for any reader, from large organizations to individuals. Unlike most anti-phishing books, which focus only on one or two strategies, this book discusses all the policies, education, and technical strategies that are essential to a complete phishing defense. This book gives clear instructions for deploying a great defense-in-depth strategy to defeat hackers and malware. Written by the lead data-driven defense evangelist at the world''s number one anti-phishing company, KnowBe4, Inc., this guide shows you how to create an enduring, integrated cybersecurity culture. Learn what social engineering and phishing are, why they are so dangerous to your cybersecurity, and how to defend against them Educate yourself and other users on how
£18.69
John Wiley & Sons Hacking For Dummies
£18.39
John Wiley & Sons Inc Advanced Penetration Testing
Book SynopsisBuild a better defense against motivated, organized, professional attacks Advanced Penetration Testing: Hacking the World''s Most Secure Networks takes hacking far beyond Kali linux and Metasploit to provide a more complex attack simulation. Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating dataeven from organizations without a direct Internet connectionthis guide contains the crucial techniques that provide a more accurate picture of your system''s defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanninTable of ContentsForeword xxiii Introduction xxvii Chapter 1 Medical Records (In)security 1 An Introduction to Simulating Advanced Persistent Threat 2 Background and Mission Briefi ng 2 Payload Delivery Part 1: Learning How to Use the VBA Macro 5 How NOT to Stage a VBA Attack 6 Examining the VBA Code 11 Avoid Using Shellcode 11 Automatic Code Execution 13 Using a VBA/VBS Dual Stager 13 Keep Code Generic Whenever Possible 14 Code Obfuscation 15 Enticing Users 16 Command and Control Part 1: Basics and Essentials 19 The Attack 23 Bypassing Authentication 23 Summary 27 Exercises 28 Chapter 2 Stealing Research 29 Background and Mission Briefi ng 30 Payload Delivery Part 2: Using the Java Applet for Payload Delivery 31 Java Code Signing for Fun and Profit 32 Writing a Java Applet Stager 36 Create a Convincing Pretext 39 Signing the Stager 40 Notes on Payload Persistence 41 Microsoft Windows 41 Linux 42 OSX 45 Command and Control Part 2: Advanced Attack Management 45 Adding Stealth and Multiple System Management 45 Implementing a Command Structure 47 Building a Management Interface 48 The Attack 49 Situational Awareness 50 Using AD to Gather Intelligence 50 Analyzing AD Output 51 Attack Against Vulnerable Secondary System 52 Credential Reuse Against Primary Target System 53 Summary 54 Exercises 55 Chapter 3 Twenty-First Century Heist 57 What Might Work? 57 Nothing Is Secure 58 Organizational Politics 58 APT Modeling versus Traditional Penetration Testing 59 Background and Mission Briefi ng 59 Command and Control Part III: Advanced Channels and Data Exfi ltration 60 Notes on Intrusion Detection and the Security Operations Center 64 The SOC Team 65 How the SOC Works 65 SOC Reaction Time and Disruption 66 IDS Evasion 67 False Positives 67 Payload Delivery Part III: Physical Media 68 A Whole New Kind of Social Engineering 68 Target Location Profi ling 69 Gathering Targets 69 The Attack 72 Summary 75 Exercises 75 Chapter 4 Pharma Karma 77 Background and Mission Briefi ng 78 Payload Delivery Part IV: Client-Side Exploits 1 79 The Curse That Is Flash 79 At Least You Can Live Without It 81 Memory Corruption Bugs: Dos and Don’ts 81 Reeling in the Target 83 Command and Control Part IV: Metasploit Integration 86 Metasploit Integration Basics 86 Server Confi guration 86 Black Hats/White Hats 87 What Have I Said About AV? 88 Pivoting 89 The Attack 89 The Hard Disk Firewall Fail 90 Metasploit Demonstration 90 Under the Hood 91 The Benefits of Admin 92 Typical Subnet Cloning 96 Recovering Passwords 96 Making a Shopping List 99 Summary 101 Exercises 101 Chapter 5 Guns and Ammo 103 Background and Mission Briefing 104 Payload Delivery Part V: Simulating a Ransomware Attack 106 What Is Ransomware? 106 Why Simulate a Ransomware Attack? 107 A Model for Ransomware Simulation 107 Asymmetric Cryptography 108 Remote Key Generation 109 Targeting Files 110 Requesting the Ransom 111 Maintaining C2 111 Final Thoughts 112 Command and Control Part V: Creating a Covert C2 Solution 112 Introducing the Onion Router 112 The Torrc File 113 Configuring a C2 Agent to Use the Tor Network 115 Bridges 115 New Strategies in Stealth and Deployment 116 VBA Redux: Alternative Command-Line Attack Vectors 116 PowerShell 117 FTP 117 Windows Scripting Host (WSH) 118 BITSadmin 118 Simple Payload Obfuscation 119 Alternative Strategies in Antivirus Evasion 121 The Attack 125 Gun Design Engineer Answers Your Questions 126 Identifying the Players 127 Smart(er) VBA Document Deployment 128 Email and Saved Passwords 131 Keyloggers and Cookies 132 Bringing It All Together 133 Summary 134 Exercises 135 Chapter 6 Criminal Intelligence 137 Payload Delivery Part VI: Deploying with HTA 138 Malware Detection 140 Privilege Escalation in Microsoft Windows 141 Escalating Privileges with Local Exploits 143 Exploiting Automated OS Installations 147 Exploiting the Task Scheduler 147 Exploiting Vulnerable Services 149 Hijacking DLLs 151 Mining the Windows Registry 154 Command and Control Part VI: The Creeper Box 155 Creeper Box Specifi cation 155 Introducing the Raspberry Pi and Its Components 156 GPIO 157 Choosing an OS 157 Configuring Full-Disk Encryption 158 A Word on Stealth 163 Configuring Out-of-Band Command and Control Using 3G/4G 164 Creating a Transparent Bridge 168 Using a Pi as a Wireless AP to Provision Access by Remote Keyloggers 169 The Attack 171 Spoofing Caller ID and SMS Messages 172 Summary 174 Exercises 174 Chapter 7 War Games 175 Background and Mission Briefi ng 176 Payload Delivery Part VII: USB Shotgun Attack 178 USB Media 178 A Little Social Engineering 179 Command and Control Part VII: Advanced Autonomous Data Exfiltration 180 What We Mean When We Talk About “Autonomy” 180 Means of Egress 181 The Attack 185 Constructing a Payload to Attack a Classified Network 187 Stealthy 3G/4G Software Install 188 Attacking the Target and Deploying the Payload 189 Efficient “Burst-Rate” Data Exfiltration 190 Summary 191 Exercises 191 Chapter 8 Hack Journalists 193 Briefing 193 Advanced Concepts in Social Engineering 194 Cold Reading 194 C2 Part VIII: Experimental Concepts in Command and Control 199 Scenario 1: C2 Server Guided Agent Management 199 Scenario 2: Semi-Autonomous C2 Agent Management 202 Payload Delivery Part VIII: Miscellaneous Rich Web Content 205 Java Web Start 205 Adobe AIR 206 A Word on HTML5 207 The Attack 207 Summary 211 Exercises 211 Chapter 9 Northern Exposure 213 Overview 214 Operating Systems 214 Red Star Desktop 3.0 215 Red Star Server 3.0 219 North Korean Public IP Space 221 The North Korean Telephone System 224 Approved Mobile Devices 228 The “Walled Garden”: The Kwangmyong Intranet 230 Audio and Video Eavesdropping 231 Summary 233 Exercises 234 Index 235
£31.20
John Wiley & Sons Inc Secrets and Lies
Book SynopsisThis anniversary edition which has stood the test of time as a runaway best-seller provides a practical, straight-forward guide to achieving security throughout computer networks. No theory, no math, no fiction of what should be working but isn''t, just the facts. Known as the master of cryptography, Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. A much-touted section: Schneier''s tutorial on just what cryptography (a subset of computer security) can and cannot do for them, has received far-reaching praise from both the technical and business community. Praise for Secrets and Lies This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. That''s why Secrets and Lies belongs in every manager''s library.-Business Week Startlingly lively....a jewel box of little surprises you can actually use.-Fortune SeTable of ContentsForeword to 2015 15th Anniversary Edition ix Introduction From the Paperback Edition xiii Preface xxiii About the Author xxvii 1. Introduction 1 Part 1: The Landscape 11 2. Digital Threats 14 3. Attacks 23 4. Adversaries 42 5. Security Needs 59 Part 2: Technologies 83 6. Cryptography 85 7. Cryptography in Context 102 8. Computer Security 120 9. Identification and Authentication 135 10. Networked-Computer Security 151 11. Network Security 176 12. Network Defenses 188 13. Software Reliability 202 14. Secure Hardware 212 15. Certificates and Credentials 225 16. Security Tricks 240 17. The Human Factor 255 Part 3: Strategies 271 18. Vulnerabilities and the Vulnerability Landscape 274 19. Threat Modeling and Risk Assessment 288 20. Security Policies and Countermeasures 307 21. Attack Trees 318 22. Product Testing and Verification 334 23. The Future of Products 353 24. Security Processes 367 25. Conclusion 389 Afterword 396 Resources 399 Acknowledgments 401 Index 403
£20.40
John Wiley & Sons Inc CEH v11 Certified Ethical Hacker Study Guide
Book SynopsisAs protecting informationcontinues to bea growing concern for today's businesses, certifications in IT security have become highly desirable, even as the number of certifications has grown. Now you can set yourself apart with the Certified Ethical Hacker (CEH v11) certification. The CEH v11 Certified Ethical Hacker Study Guide offers a comprehensive overview of the CEH certification requirements using concise and easy-to-follow instructions. Chapters are organized by exam objective, with a handy section that maps each objective to its corresponding chapter, so you can keep track of your progress. The text provides thorough coverage of all topics, along with challenging chapter review questions and Exam Essentials, a key feature that identifies critical study areas. Subjects include common attack practices like reconnaissance and scanning. Also covered are topics like intrusion detection, DoS attacks, buffer overflows, wireless attacks, mobile attacks, Internet of Things (IoT) and more. This study guide goes beyond test prep, providing practical hands-on exercises to reinforce vital skills and real-world scenarios that put what you've learned into the context of actual job roles. Gain a unique certification that allows you to function like an attacker, allowing you to identify vulnerabilities so they can be remediatedExpand your career opportunities with an IT certificate that satisfies the Department of Defense's 8570 Directive for Information Assurance positionsFully updated for the 2020 CEH v11 exam, including the latest developments in IT securityAccess the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms Thanks to its clear organization, all-inclusive coverage, and practical instruction, the CEH v11 Certified Ethical Hacker Study Guide is an excellent resource for anyone who needs to understand the hacking process or anyone who wants to demonstrate their skills as a Certified Ethical Hacker.Table of ContentsIntroduction xix Assessment Test xxvi Chapter 1 Ethical Hacking 1 Overview of Ethics 2 Overview of Ethical Hacking 5 Methodologies 6 Cyber Kill Chain 6 Attack Lifecycle 8 Methodology of Ethical Hacking 10 Reconnaissance and Footprinting 10 Scanning and Enumeration 11 Gaining Access 11 Maintaining Access 12 Covering Tracks 12 Summary 13 Chapter 2 Networking Foundations 15 Communications Models 17 Open Systems Interconnection 18 TCP/IP Architecture 21 Topologies 22 Bus Network 22 Star Network 23 Ring Network 24 Mesh Network 25 Hybrid 26 Physical Networking 27 Addressing 27 Switching 28 IP 29 Headers 29 Addressing 31 Subnets 33 TCP 34 UDP 38 Internet Control Message Protocol 39 Network Architectures 40 Network Types 40 Isolation 41 Remote Access 43 Cloud Computing 44 Storage as a Service 45 Infrastructure as a Service 46 Platform as a Service 48 Software as a Service 49 Internet of Things 51 Summary 52 Review Questions 54 Chapter 3 Security Foundations 57 The Triad 59 Confidentiality 59 Integrity 61 Availability 62 Parkerian Hexad 63 Risk 64 Policies, Standards, and Procedures 66 Security Policies 66 Security Standards 67 Procedures 68 Guidelines 68 Organizing Your Protections 69 Security Technology 72 Firewalls 72 Intrusion Detection Systems 77 Intrusion Prevention Systems 80 Endpoint Detection and Response 81 Security Information and Event Management 83 Being Prepared 84 Defense in Depth 84 Defense in Breadth 86 Defensible Network Architecture 87 Logging 88 Auditing 90 Summary 92 Review Questions 93 Chapter 4 Footprinting and Reconnaissance 97 Open Source Intelligence 99 Companies 99 People 108 Social Networking 111 Domain Name System 124 Name Lookups 125 Zone Transfers 130 Passive DNS 133 Passive Reconnaissance 136 Website Intelligence 139 Technology Intelligence 144 Google Hacking 144 Internet of Things (IoT) 146 Summary 148 Review Questions 150 Chapter 5 Scanning Networks 155 Ping Sweeps 157 Using fping 157 Using MegaPing 159 Port Scanning 161 Nmap 162 masscan 176 MegaPing 178 Metasploit 180 Vulnerability Scanning 183 OpenVAS 184 Nessus 196 Looking for Vulnerabilities with Metasploit 202 Packet Crafting and Manipulation 203 hping 204 packETH 207 fragroute 209 Evasion Techniques 211 Protecting and Detecting 214 Summary 215 Review Questions 217 Chapter 6 Enumeration 221 Service Enumeration 223 Remote Procedure Calls 226 SunRPC 226 Remote Method Invocation 228 Server Message Block 232 Built-in Utilities 233 nmap Scripts 237 NetBIOS Enumerator 239 Metasploit 240 Other Utilities 242 Simple Network Management Protocol 245 Simple Mail Transfer Protocol 247 Web-Based Enumeration 250 Summary 257 Review Questions 259 Chapter 7 System Hacking 263 Searching for Exploits 265 System Compromise 269 Metasploit Modules 270 Exploit-DB 274 Gathering Passwords 276 Password Cracking 279 John the Ripper 280 Rainbow Tables 282 Kerberoasting 284 Client-Side Vulnerabilities 289 Living Off the Land 291 Fuzzing 292 Post Exploitation 295 Evasion 295 Privilege Escalation 296 Pivoting 301 Persistence 304 Covering Tracks 307 Summary 313 Review Questions 315 Chapter 8 Malware 319 Malware Types 321 Virus 321 Worm 323 Trojan 324 Botnet 324 Ransomware 326 Dropper 328 Malware Analysis 328 Static Analysis 329 Dynamic Analysis 340 Creating Malware 349 Writing Your Own 350 Using Metasploit 353 Obfuscating 356 Malware Infrastructure 357 Antivirus Solutions 359 Persistence 360 Summary 361 Review Questions 363 Chapter 9 Sniffing 367 Packet Capture 368 tcpdump 369 tshark 376 Wireshark 378 Berkeley Packet Filter 382 Port Mirroring/Spanning 384 Packet Analysis 385 Spoofing Attacks 390 ARP Spoofing 390 DNS Spoofing 394 sslstrip 397 Spoofing Detection 398 Summary 399 Review Questions 402 Chapter 10 Social Engineering 407 Social Engineering 408 Pretexting 410 Social Engineering Vectors 412 Physical Social Engineering 413 Badge Access 413 Man Traps 415 Biometrics 416 Phone Calls 417 Baiting 418 Phishing Attacks 418 Website Attacks 422 Cloning 423 Rogue Attacks 426 Wireless Social Engineering 427 Automating Social Engineering 430 Summary 433 Review Questions 435 Chapter 11 Wireless Security 439 Wi-Fi 440 Wi-Fi Network Types 442 Wi-Fi Authentication 445 Wi-Fi Encryption 446 Bring Your Own Device 450 Wi-Fi Attacks 451 Bluetooth 462 Scanning 463 Bluejacking 465 Bluesnarfing 466 Bluebugging 466 Mobile Devices 466 Mobile Device Attacks 467 Summary 472 Review Questions 474 Chapter 12 Attack and Defense 479 Web Application Attacks 480 XML External Entity Processing 482 Cross-Site Scripting 483 SQL Injection 485 Command Injection 487 File Traversal 489 Web Application Protections 490 Denial-of-Service Attacks 492 Bandwidth Attacks 492 Slow Attacks 495 Legacy 497 Application Exploitation 497 Buffer Overflow 498 Heap Spraying 500 Application Protections and Evasions 501 Lateral Movement 502 Defense in Depth/Defense in Breadth 504 Defensible Network Architecture 506 Summary 508 Review Questions 510 Chapter 13 Cryptography 515 Basic Encryption 517 Substitution Ciphers 517 Diffie-Hellman 520 Symmetric Key Cryptography 521 Data Encryption Standard 522 Advanced Encryption Standard 523 Asymmetric Key Cryptography 524 Hybrid Cryptosystem 525 Nonrepudiation 525 Elliptic Curve Cryptography 526 Certificate Authorities and Key Management 528 Certificate Authority 528 Trusted Third Party 531 Self-Signed Certificates 532 Cryptographic Hashing 534 PGP and S/MIME 536 Disk and File Encryption 538 Summary 541 Review Questions 543 Chapter 14 Security Architecture and Design 547 Data Classification 548 Security Models 550 State Machine 550 Biba 551 Bell-LaPadula 552 Clark-Wilson Integrity Model 552 Application Architecture 553 n-tier Application Design 554 Service-Oriented Architecture 557 Cloud-Based Applications 559 Database Considerations 561 Security Architecture 563 Summary 567 Review Questions 569 Chapter 15 Cloud Computing and the Internet of Things 573 Cloud Computing Overview 574 Cloud Services 578 Shared Responsibility Model 583 Public vs. Private Cloud 585 Cloud Architectures and Deployment 586 Responsive Design 588 Cloud-Native Design 589 Deployment 590 Dealing with REST 593 Common Cloud Threats 598 Access Management 598 Data Breach 600 Web Application Compromise 600 Credential Compromise 602 Insider Threat 604 Internet of Things 604 Operational Technology 610 Summary 612 Review Questions 614 Appendix Answers to Review Questions 617 Chapter 2: Networking Foundations 618 Chapter 3: Security Foundations 619 Chapter 4: Footprinting and Reconnaissance 622 Chapter 5: Scanning Networks 624 Chapter 6: Enumeration 627 Chapter 7: System Hacking 629 Chapter 8: Malware 632 Chapter 9: Sniffing 635 Chapter 10: Social Engineering 636 Chapter 11: Wireless Security 638 Chapter 12: Attack and Defense 641 Chapter 13: Cryptography 643 Chapter 14: Security Architecture and Design 645 Chapter 15: Cloud Computing and the Internet of Things 646 Index 649
£30.39
Cengage Learning, Inc CompTIA CySA Guide to Cybersecurity Analyst
Book SynopsisDevelop the advanced cybersecurity knowledge and skills for success on the latest CompTIA Cybersecurity Analyst certification exam (CySA+ CS0-002) with Ciampa's COMPTIA CYSA+ GUIDE TO CYBERSECURITY ANALYST (CS0-002), 2nd Edition. Updated, "stair-stepped" content builds on material you've previously mastered as you learn to analyze and interpret threat intelligence data, identify and address both external and internal vulnerabilities and respond effectively to cyber incidents. Each module opens with an actual, recent cybersecurity event that provides context for the information that follows. Quick review questions help test your understanding as you progress through content that completely maps to the latest CySA+ CS0-002 certification. MindTap digital resources offer additional tools to boost understanding and performance. Each module culminates with hands-on Live Virtual Machine Labs that allow you to troubleshoot, practice, explore and try different solutions in a safe, sandbox envirTable of ContentsPart 1: EXTERNAL THREATS & INTERNAL VULNERABILITIES 1. Enterprise threats and vulnerabilities 2. Utilizing threat data and intelligence sources 3. Vulnerability management 4. Cloud computing and assessment tools Part 2: CONTROLS 5. Infrastructure controls 6. Software and hardware assurance best practices Part 3: MONITORING 7. Data analysis (3.1) 8. Advanced monitoring Part 4: INCIDENT RESPONSE 9. Cyber Incident Planning and Procedures 10. Reacting to a Cyber Incident: Indicators and Forensics Part 5: COMPLIANCE AND ASSESSMENT 11. Organizational risk management 12. Data privacy and protection
£74.99
O'Reilly Media Microsoft Power Automate Cookbook
Book Synopsis
£62.25
John Wiley & Sons Inc Hands on Hacking
Book SynopsisTable of ContentsForeword xviii Introduction xx Chapter 1 Hacking a Business Case 1 All Computers are Broken 2 The Stakes 4 What’s Stolen and Why It’s Valuable 4 The Internet of Vulnerable Things 4 Blue, Red, and Purple Teams 5 Blue Teams 5 Red Teams 5 Purple Teams 7 Hacking is Part of Your Company’s Immune System 9 Summary 11 Notes 12 Chapter 2 Hacking Ethically and Legally 13 Laws That Affect Your Work 14 Criminal Hacking 15 Hacking Neighborly 15 Legally Gray 16 Penetration Testing Methodologies 17 Authorization 18 Responsible Disclosure 19 Bug Bounty Programs 20 Legal Advice and Support 21 Hacker House Code of Conduct 22 Summary 22 Chapter 3 Building Your Hack Box 23 Hardware for Hacking 24 Linux or BSD? 26 Host Operating Systems 27 Gentoo Linux 27 Arch Linux 28 Debian 28 Ubuntu 28 Kali Linux 29 Verifying Downloads 29 Disk Encryption 31 Essential Software 33 Firewall 34 Password Manager 35 Email 36 Setting Up VirtualBox 36 Virtualization Settings 37 Downloading and Installing VirtualBox 37 Host-Only Networking 37 Creating a Kali Linux VM 40 Creating a Virtual Hard Disk 42 Inserting a Virtual CD 43 Virtual Network Adapters 44 Labs 48 Guest Additions 51 Testing Your Virtual Environment 52 Creating Vulnerable Servers 53 Summary 54 Chapter 4 Open Source Intelligence Gathering 55 Does Your Client Need an OSINT Review? 56 What are You Looking For? 57 Where Do You Find It? 58 OSINT Tools 59 Grabbing Email Addresses from Google 59 Google Dorking the Shadows 62 A Brief Introduction to Passwd and Shadow Files 62 The Google Hacking Database 65 Have You Been “Pwned” Yet? 66 OSINT Framework Recon-ng 67 Recon-ng Under the Hood 74 Harvesting the Web 75 Document Metadata 76 Maltego 80 Social Media Networks 81 Shodan 83 Protecting Against OSINT 85 Summary 86 Chapter 5 The Domain Name System 87 The Implications of Hacking DNS 87 A Brief History of DNS 88 The DNS Hierarchy 88 A Basic DNS Query 89 Authority and Zones 92 DNS Resource Records 92 BIND9 95 DNS Hacking Toolkit 98 Finding Hosts 98 WHOIS 98 Brute-Forcing Hosts with Recon-ng 100 Host 101 Finding the SOA with Dig 102 Hacking a Virtual Name Server 103 Port Scanning with Nmap 104 Digging for Information 106 Specifying Resource Records 108 Information Leak CHAOS 111 Zone Transfer Requests 113 Information-Gathering Tools 114 Fierce 115 Dnsrecon 116 Dnsenum 116 Searching for Vulnerabilities and Exploits 118 Searchsploit 118 Other Sources 119 DNS Traffic Amplification 120 Metasploit 121 Carrying Out a Denial-of-Service Attack 125 DoS Attacks with Metasploit 126 DNS Spoofi ng 128 DNS Cache Poisoning 129 DNS Cache Snooping 131 DNSSEC 131 Fuzzing 132 Summary 134 Chapter 6 Electronic Mail 135 The Email Chain 135 Message Headers 137 Delivery Status Notifications 138 The Simple Mail Transfer Protocol 141 Sender Policy Framework 143 Scanning a Mail Server 145 Complete Nmap Scan Results (TCP) 149 Probing the SMTP Service 152 Open Relays 153 The Post Office Protocol 155 The Internet Message Access Protocol 157 Mail Software 158 Exim 159 Sendmail 159 Cyrus 160 PHP Mail 160 Webmail 161 User Enumeration via Finger 162 Brute-Forcing the Post Office 167 The Nmap Scripting Engine 169 CVE-2014-0160: The Heartbleed Bug 172 Exploiting CVE-2010-4345 180 Got Root? 183 Upgrading Your Shell 184 Exploiting CVE-2017-7692 185 Summary 188 Chapter 7 The World Wide Web of Vulnerabilities 191 The World Wide Web 192 The Hypertext Transfer Protocol 193 HTTP Methods and Verbs 195 HTTP Response Codes 196 Stateless 198 Cookies 198 Uniform Resource Identifiers 200 LAMP: Linux, Apache, MySQL, and PHP 201 Web Server: Apache 202 Database: MySQL 203 Server-Side Scripting: PHP 203 Nginx 205 Microsoft IIS 205 Creepy Crawlers and Spiders 206 The Web Server Hacker’s Toolkit 206 Port Scanning a Web Server 207 Manual HTTP Requests 210 Web Vulnerability Scanning 212 Guessing Hidden Web Content 216 Nmap 217 Directory Busting 218 Directory Traversal Vulnerabilities 219 Uploading Files 220 WebDAV 220 Web Shell with Weevely 222 HTTP Authentication 223 Common Gateway Interface 225 Shellshock 226 Exploiting Shellshock Using Metasploit 227 Exploiting Shellshock with cURL and Netcat 228 SSL, TLS, and Heartbleed 232 Web Administration Interfaces 238 Apache Tomcat 238 Webmin 240 phpMyAdmin 241 Web Proxies 242 Proxychains 243 Privilege Escalation 245 Privilege Escalation Using DirtyCOW 246 Summary 249 Chapter 8 Virtual Private Networks 251 What is a VPN? 251 Internet Protocol Security 253 Internet Key Exchange 253 Transport Layer Security and VPNs 254 User Databases and Authentication 255 SQL Database 255 RADIUS 255 LDAP 256 PAM 256 TACACS+ 256 The NSA and VPNs 257 The VPN Hacker’s Toolkit 257 VPN Hacking Methodology 257 Port Scanning a VPN Server 258 Hping3 259 UDP Scanning with Nmap 261 IKE-scan 262 Identifying Security Association Options 263 Aggressive Mode 265 OpenVPN 267 LDAP 275 OpenVPN and Shellshock 277 Exploiting CVE-2017-5618 278 Summary 281 Chapter 9 Files and File Sharing 283 What is Network-Attached Storage? 284 File Permissions 284 NAS Hacking Toolkit 287 Port Scanning a File Server 288 The File Transfer Protocol 289 The Trivial File Transfer Protocol 291 Remote Procedure Calls 292 RPCinfo 294 Server Message Block 295 NetBIOS and NBT 296 Samba Setup 298 Enum4Linux 299 SambaCry (CVE-2017-7494) 303 Rsync 306 Network File System 308 NFS Privilege Escalation 309 Searching for Useful Files 311 Summary 312 Chapter 10 UNIX 315 UNIX System Administration 316 Solaris 316 UNIX Hacking Toolbox 318 Port Scanning Solaris 319 Telnet 320 Secure Shell 324 RPC 326 CVE-2010-4435 329 CVE-1999-0209 329 CVE-2017-3623 330 Hacker’s Holy Grail EBBSHAVE 331 EBBSHAVE Version 4 332 EBBSHAVE Version 5 335 Debugging EBBSHAVE 335 R-services 338 The Simple Network Management Protocol 339 Ewok 341 The Common UNIX Printing System 341 The X Window System 343 Cron and Local Files 347 The Common Desktop Environment 351 EXTREMEPARR 351 Summary 353 Chapter 11 Databases 355 Types of Databases 356 Flat-File Databases 356 Relational Databases 356 Nonrelational Databases 358 Structured Query Language 358 User-Defined Functions 359 The Database Hacker’s Toolbox 360 Common Database Exploitation 360 Port Scanning a Database Server 361 MySQL 362 Exploring a MySQL Database 362 MySQL Authentication 373 PostgreSQL 374 Escaping Database Software 377 Oracle Database 378 MongoDB 381 Redis 381 Privilege Escalation via Databases 384 Summary 392 Chapter 12 Web Applications 395 The OWASP Top 10 396 The Web Application Hacker’s Toolkit 397 Port Scanning a Web Application Server 397 Using an Intercepting Proxy 398 Setting Up Burp Suite Community Edition 399 Using Burp Suite Over HTTPS 407 Manual Browsing and Mapping 412 Spidering 415 Identifying Entry Points 418 Web Vulnerability Scanners 418 Zed Attack Proxy 419 Burp Suite Professional 420 Skipfish 421 Finding Vulnerabilities 421 Injection 421 SQL Injection 422 SQLmap 427 Drupageddon 433 Protecting Against SQL Injection 433 Other Injection Flaws 434 Broken Authentication 434 Sensitive Data Exposure 436 XML External Entities 437 CVE-2014-3660 437 Broken Access Controls 439 Directory Traversal 440 Security Misconfiguration 441 Error Pages and Stack Traces 442 Cross-Site Scripting 442 The Browser Exploitation Framework 445 More about XSS Flaws 450 XSS Filter Evasion 450 Insecure Deserialization 452 Known Vulnerabilities 453 Insufficient Logging and Monitoring 453 Privilege Escalation 454 Summary 455 Chapter 13 Microsoft Windows 457 Hacking Windows vs. Linux 458 Domains, Trees, and Forests 458 Users, Groups, and Permissions 461 Password Hashes 461 Antivirus Software 462 Bypassing User Account Control 463 Setting Up a Windows VM 464 A Windows Hacking Toolkit 466 Windows and the NSA 467 Port Scanning Windows Server 467 Microsoft DNS 469 Internet Information Services 470 Kerberos 471 Golden Tickets 472 NetBIOS 473 LDAP 474 Server Message Block 474 ETERNALBLUE 476 Enumerating Users 479 Microsoft RPC 489 Task Scheduler 497 Remote Desktop 497 The Windows Shell 498 PowerShell 501 Privilege Escalation with PowerShell 502 PowerSploit and AMSI 503 Meterpreter 504 Hash Dumping 505 Passing the Hash 506 Privilege Escalation 507 Getting SYSTEM 508 Alternative Payload Delivery Methods 509 Bypassing Windows Defender 512 Summary 514 Chapter 14 Passwords 517 Hashing 517 The Password Cracker’s Toolbox 519 Cracking 519 Hash Tables and Rainbow Tables 523 Adding Salt 525 Into the /etc/shadow 526 Different Hash Types 530 MD5 530 SHA-1 531 SHA-2 531 SHA256 531 SHA512 531 bcrypt 531 CRC16/CRC32 532 PBKDF2 532 Collisions 533 Pseudo-hashing 533 Microsoft Hashes 535 Guessing Passwords 537 The Art of Cracking 538 Random Number Generators 539 Summary 540 Chapter 15 Writing Reports 543 What is a Penetration Test Report? 544 Common Vulnerabilities Scoring System 545 Attack Vector 545 Attack Complexity 546 Privileges Required 546 User Interaction 547 Scope 547 Confidentiality, Integrity, and Availability Impact 547 Report Writing as a Skill 549 What Should a Report Include? 549 Executive Summary 550 Technical Summary 551 Assessment Results 551 Supporting Information 552 Taking Notes 553 Dradis Community Edition 553 Proofreading 557 Delivery 558 Summary 559 Index 561
£28.00
John Wiley & Sons Inc Quantum Computing For Dummies
Book SynopsisTable of ContentsIntroduction 1 Part 1: The Power of Quantum Computing 7 Chapter 1: Quantum Computing Boot Camp 9 Chapter 2: Looking Back to Early and Classical Computing 27 Chapter 3: Examining the Roots of Quantum Computing 47 Chapter 4: Introducing Quantum Technology 1.0 69 Chapter 5: Unveiling Quantum Computing 83 Chapter 6: Quantum Computing Accelerates 99 Part 2: Quantum Computing Options 113 Chapter 7: Choosing Between Classical and Quantum Computing 115 Chapter 8: Getting Started with Quantum Computing 131 Chapter 9: It’s All about the Stack 153 Chapter 10: Racing for the Perfect Qubit 173 Chapter 11: Choosing a Qubit Type 187 Part 3: Getting Entangled with Quantum Computing 207 Chapter 12: Programming a Quantum Computer 209 Chapter 13: Quantum Computing Applications 237 Chapter 14: Quantum Computing Algorithms 255 Chapter 15: Cloud Access Options 281 Chapter 16: Educational Resources 305 Part 4: The Part of Tens 327 Chapter 17: Ten Myths Surrounding Quantum Computing 329 Chapter 18: Ten Tech Questions Answered 339 Chapter 19: Ten Business Questions Answered 347 Chapter 20: Ten University Research Programs 355 Index 361
£19.54
John Wiley & Sons Inc CCNA Certification Study Guide Volume 1
Book SynopsisYour comprehensive guide to succeeding on the UPDATED CCNA Certification exam In the newly revised second edition of the CCNA Certification Study Guide Volume 1: Exam 200-301 v1.1, celebrated Cisco educator and network guru Todd Lammle and expert Donald Robb deliver an intuitive and efficient roadmap to the challenging CCNA Certification test. The updated Study Guide covers many topics, including network fundamentals and access, IP connectivity and services, security fundamentals, automation, programmability, artificial intelligence, and more. The CCNA Certification Study Guide comes with complementary access to a robust set of online study tools designed to assess and advance your exam readiness. You'll find: Up-to-date information relevant to the latest Cisco technologies and job rolesAn interactive online test bank, including hundreds of practice test questions, flashcards, and a glossary of key terms and definitionsDiscussions of everything from VLANs and Inter-VLAN Routing to switching, OSPF, IP routing, and more Perfect for anyone preparing to pursue the updated CCNA Certification, the CCNA Certification Study Guide Volume 1: Exam 200-301 v1.1, Second Editon, is a must-read for practicing IT professionals looking for a refresher on Cisco networking fundamentals.
£38.00
Packt Publishing Limited Python Network Programming Cookbook
Book SynopsisDiscover practical solutions for a wide range of real-world network programming tasksAbout This Book Solve real-world tasks in the area of network programming, system/networking administration, network monitoring, and more. Familiarize yourself with the fundamentals and functionalities of SDN Improve your skills to become the next-gen network engineer by learning the various facets of Python programmingWho This Book Is ForThis book is for network engineers, system/network administrators, network programmers, and even web application developers who want to solve everyday network-related problems. If you are a novice, you will develop an understanding of the concepts as you progress with this book. What You Will Learn Develop TCP/IP networking client/server applications Administer local machines' IPv4/IPv6 network interfaces Write multi-purpose efficient web clients for HTTP and HTTPS protocols Perform remote system administration tasks over Telnet and SSH connections Interact with popular websites via web services such as XML-RPC, SOAP, and REST APIs Monitor and analyze major common network security vulnerabilities Develop Software-Defined Networks with Ryu, OpenDaylight, Floodlight, ONOS, and POX Controllers Emulate simple and complex networks with Mininet and its extensions for network and systems emulations Learn to configure and build network systems and Virtual Network Functions (VNF) in heterogeneous deployment environments Explore various Python modules to program the InternetIn DetailPython Network Programming Cookbook - Second Edition highlights the major aspects of network programming in Python, starting from writing simple networking clients to developing and deploying complex Software-Defined Networking (SDN) and Network Functions Virtualization (NFV) systems. It creates the building blocks for many practical web and networking applications that rely on various networking protocols. It presents the power and beauty of Python to solve numerous real-world tasks in the area of network programming, network and system administration, network monitoring, and web-application development. In this edition, you will also be introduced to network modelling to build your own cloud network. You will learn about the concepts and fundamentals of SDN and then extend your network with Mininet. Next, you'll find recipes on Authentication, Authorization, and Accounting (AAA) and open and proprietary SDN approaches and frameworks. You will also learn to configure the Linux Foundation networking ecosystem and deploy and automate your networks with Python in the cloud and the Internet scale. By the end of this book, you will be able to analyze your network security vulnerabilities using advanced network packet capture and analysis techniques. Style and approachThis book follows a practical approach and covers major aspects of network programming in Python. It provides hands-on recipes combined with short and concise explanations on code snippets. This book will serve as a supplementary material to develop hands-on skills in any academic course on network programming. This book further elaborates network softwarization, including Software-Defined Networking (SDN), Network Functions Virtualization (NFV), and orchestration. We learn to configure and deploy enterprise network platforms, develop applications on top of them with Python.
£37.99
Springer Verlag, Singapore Online Urbanization: Online Services in China’s
Book SynopsisThis book highlights the new urban–rural relationship that has emerged under the influence of e-commerce in China. In this regard, it presents case studies on the Suichang rural e-commerce model and Alibaba’s rural strategy, together with analyses of online service in China. Furthermore, by means of a brief review of the urban–rural relationship throughout China’s history, and of academic literature on the study of space, it explains the special logic of urbanization in China. As such, the book makes a valuable contribution to the body of literature on the space of flows and grassrooting, aspects that are essential to appreciating the complexity of the new urban–rural relationship in underdeveloped areas (including developing countries and underdeveloped areas in developed countries) in the ongoing information era.Table of ContentsChapter 1: IntroductionChapter 2: From Globalization to China’s UrbanizationChapter 3: A Unique Path: The Evolution of China’s Urban-Rural Relationship through HistoryChapter 4: Bottom-up Approach with Global Powerhouse: Suichang Model Chapter 5: Global Strengthen with Local Practice: Alibaba’s Rural StrategyChapter 6: Spatial Regeneration of Regional RestructuringChapter 7: Reflections: Urban Rural Flows with Online UrbanizationProspect: From Online Urbanization to Empire OnlineChinese Index
£40.49
John Wiley & Sons Inc The Art of Deception
Book SynopsisThe world''s most infamous hacker offers an insider''s view of the low-tech threats to high-tech security Kevin Mitnick''s exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world''s most notorious hacker gives new meaning to the old adage, It takes a thief to catch a thief. Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustTrade Review“…authoritative…” (Retail Systems, December 2005) Mitnick is the most famous computer hacker in the world. Since his first arrest in 1981, at age 17, he has spent nearly half his adult life either in prison or as a fugitive. He has been the subject of three books and his alleged 1982 hack into NORAD inspired the movie WarGames. Since his plea-bargain release in 2000, he says he has reformed and is devoting his talents to helping computer security. It's not clear whether this book is a means toward that end or a, wink-wink, fictionalized account of his exploits, with his name changed to protect his parole terms. Either way, it's a tour de force, a series of tales of how some old-fashioned blarney and high-tech skills can pry any information from anyone. As entertainment, it's like reading the climaxes of a dozen complex thrillers, one after the other. As a security education, it's a great series of cautionary tales; however, the advice to employees not to give anyone their passwords is bland compared to the depth and energy of Mitnick's description of how he actually hacked into systems. As a manual for a would-be hacker, it's dated and nonspecific -- better stuff is available on the Internet—but it teaches the timeless spirit of th e hack. Between the lines, a portrait emerges of the old-fashioned hacker stereotype: a socially challenged, obsessive loser addicted to an intoxication sense of power that comes from stalking and spying. (Oct.) Forecast: Mitnick's notoriety and his well written, entertaining stories should generate positive word-of-mouth. With the double appeal of a true-crime memoir and a manual for computer security, this book will enjoy good sales. (Publishers Weekly, June 24, 2002) "...an interesting read..." (www.infosecnews.com, 17 July 2002) "...highly entertaining...will appeal to a broad audience..." (Publishing News, 26 July 2002) The world's most famous computer hacker and cybercult hero, once the subject of a massive FBI manhunt for computer fraud, has written a blueprint for system security based on his own experiences. Mitnick, who was released from federal prison in 1998 after serving a 22-month term, explains that unauthorized intrusion into computer networks is not limited to exploiting security holes in hardware and software. He focuses instead on a common hacker technique known as social engineering in which a cybercriminal deceives an individual into providing key information rather than trying to use technology to reveal it. Mitnick illustrates the tactics comprising this "art of deception" through actual case studies, showing that even state-of-the-art security software can't protect businesses from the dangers of human error. With Mitnick's recommended security policies, readers gain the information their organizations need to detect and ward off the threat of social engineering. Required reading for IT professionals, this book is highly recommended for public, academic, and corporate libraries. [This should not be confused with Ridley Pearson's new thriller, The Art of Deception. —Ed]—Joe Accardi, William Rainey Harper Coll. Lib., Palatine, IL (Library Journal, August 2002) He was the FBI's most-wanted hacker. But in his own eyes, Mitnick was simply a small-time con artist with an incredible memory, a knack for social engineering, and an enemy at The New York Times. That foe, John Markoff, made big bucks selling two books about Mitnick - without ever interviewing him. This is Mitnick's account, complete with advice for how to protect yourself from similar attacks. I believe his story. (WIRED Magazine, October 2002) Kevin Mitnick spent five years in jail at the federal authorities' behest, but The Art of Deception: Controlling the Human Element of Security (Kevin Mitnick and William Simon), reveals that he was no lowly grifter. Rather, by impersonating others in order to talk guileless employees out of access protocols, Mr. Mitnick was practicing "the performance art called social engineering." While every society has had its demimonde-like the Elizabethan coney catchers who duped visitors to 16th-century London--it's in the United States that con artists assumedlegendary status. The definitive book is still The Big Con from 1940 (Anchor Books), which commemorates a golden age already receding when it was published: the grifters it describes--like the High Ass Kid and Slobbering Bob--thrived between 1914 and 1929, when technological advances and unparalleled prosperity generated a roller-coaster stock market. That sounds a lot like the past decade. So how did the culture of the con do during the Internet era? On Mr. Mitnick's evidence, it flourished and evolved. The Art of Deception is itself a bit of a fraud as far as advice on upgrading security. But the book does deliver on "social engineering" exercises. Some aren't even illegal and Mr. Mitnick -- weasel that he is -- lovingly records their most elaborate convolutions. One way or another, you'll find the information useful. (Red Herring, October 2002) "Mitnick outlines dozens of social engineering scenarios in his book, dissecting the ways attackers can easily exploit what he describes as 'that natural human desire to help others and be a good team player.'" (Wired.com, October 3, 2002) Finally someone is on to the real cause of data security breaches--stupid humans. Notorious hacker Kevin Mitnick--released from federal prison in January 2000 and still on probation--reveals clever tricks of the "social engineering" trade and shows how to fend them off in The Art of Deception: Controlling the Human Element of Security (Wiley, $27.50). Most of the book, coauthored by William Simon (not the one running for governor of California), is a series of fictional episodes depicting the many breathtakingly clever ways that hackers can dupe trusting souls into breaching corporate and personal security--information as simple as an unlisted phone number or as complicated as plans for a top-secret product under development. The rest lays out a fairly draconian plan of action for companies that want to strengthen their defenses. Takeaway: You can put all the technology you want around critical information, but all it takes to break through is one dolt who gives up his password to a "colleague" who claims to be working from the Peoria office. What's useful about this book is its explanation of risks in seemingly innocuous systems few people think about. The caller ID notification that proves you're talking to a top executive of your firm? Easily forged. The password your assistant logs in with? Easily guessed. The memos you toss into the cheap office shredder? Easily reconstructed. The extension that you call in the IT department? Easily forwarded. Physical security can be compromised, too. It's not hard to gain access to a building by "piggybacking" your way in the door amid the happy throng returning from lunch. You'd better have confidence in your IT professionals, because they're likely to have access to everything on the corporate system, including your salary and personal information. Mitnick offers some ideas for plugging these holes, like color-coded ID cards with really big photos. Implementing the book's security action plan in full seems impossible, but it's a good idea to warn employees from the boss down to the receptionist and janitors not to give out even innocuous information to people claiming to be helpful IT folks without confirming their identity--and to use things like encryption technology as fallbacks. Plenty of would-be Mitnicks--and worse--still ply their trade in spaces cyber and psychological. --S.M. (Forbes Magazine - October 14, 2002) "...the book describes how people can get sensitive information without even stepping near a computer through 'social engineering' -- the use of manipulation or persuasion to deceive people by convincing them that you are someone else." (CNN.com's Technology section, October 9, 2002) "...engaging style...fascinating true stories..." (The CBL Source, October/December 2002) "…the book describes how people can get information without even stepping near a computer…" (CNN, 16 October 2002) "…each vignette reads like a mini-cybermystery thriller…I willingly recommend The Art of Deception. It could save you from embarrassment or an even worse fate…" (zdnet.co.uk, 15 October 2002) "…details the ways that employees can inadvertently leak information that can be exploited by hackers to compromise computer systems…the book is scary in ways that computer security texts usually do not manage to be…" (BBC online, 14 October 2002) "…more educational than tell-all…" (Forbes, 2 October 2002) "…would put a shiver into anyone responsible for looking after valuable computer data…the exploits are fictional but realistic…the book is about hacking peoples heads…" (The Independent, 21 October 2002) "…the key strength of The Art of Deception is the stream of anecdotes - with explanations about how and why hacks succeed…provides a solid basis for staff training on security…" (Information Age, October 2002) "…should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature…" (Unix Review, 18 October 2002 "…disturbingly convincing…" (Fraud Watch, Vol.10, No.5, 2002 "…the worlds most authoritative handbook…an unputdownable succession of case studies…chilling…trust me, Kevin Mitnick is right…" (Business a.m, 29 October 2002) "…a damn good read…I would expect to see it as required reading on courses that cover business security…Should you read this book? On several levels the answer has to be yes. If you run your own business, work in one, or just want a good read, this is worth it…" (Acorn User, 29 October 2002) "...the analysis of individual cases is carried out thoroughly...ultimately, the value of the book is that it may encourage security managers to be more assiduous in teaching their staff to check the identities of the people they deal with, and better corporate security will be the result..." (ITWeek, 1 November 2002) "...a penetrating insight into the forgotten side of computer security..." (IT Week, 4 November 2002) "...a highly entertaining read...Mitnick has a laid-back style which makes the book easy to read and of great interest, even to those of us who have no interest in computers..." (Business Age, September 2002) "...one of the hacker gurus of our time...makes it abundantly clear that everyone can be fooled and cheated by the professionals...." (The Times Higher Education Supplement, 15 November 2002) "...focuses on teaching companies how to defeat someone like him…full of specific examples of the ways apparently innocent bits of information can be stitched together to mount a comprehensive attack on an organisation's most prized information..." (New Scientist, 23 November 2002) "...all simple things, little titbits of seemingly innocuous information, which when gathered together give the hacker the power to cripple the biggest corporation or the smallest home business..." (New Media Age, 14 November 2002) "…highly acclaimed…a fascinating account…" (Information Security Management, November 2002) "...His new book, The Art of Deception, presents itself as a manual to help companies defeat hackers..." Also listed in recommended reading list (The Guardian, 13 December 2002) “…gets it’s point across and contains some valuable pointers…”(MacFormat, January 2003) “…supremely educational…a sexy way to hammer home a relevant point…what makes it sing is the clear information that Mitnick brings to the table…”(Business Week, 8 January 2003) “…Indispensable…”(Focus, February 2003) "...incredibly intriguing...a superb book which would be beneficial for anyone to read..." (Telecomworldwire, 4 February 2003) "...a good overview of one of the most neglected aspects of computer security..." (Technology and Society, 7 February 2003) "...fascinating to read...should strike fear into the hearts of commercial computer security departments..." (Business Week, 3 September 2003) "...a penetrating insight into the forgotten side of computer security..." (Accountancy Age, 19 February 2003) Top 10 Popular Science Books (New Scientist, 21 February f2003) "...should be assigned as required reading in every IT department...excellent advice..." (Electronic Commerce Guide, 12 February 2003) “…an interesting and educational read for anyone with a role to play in corporate security…”(Computer Business Review, 6 March 2003) “…if you were not having security nightmares before, read this book and you certainly will…” (IT Showcase News, 6 March 2003) “….easy to understand and actually fun to read…”(Slashdot, 6 March 2003) “…a good read, well written…” (Managing Information, March 2003) “…structured like a mini detective story series…the unfolding attacks are compulsive reading…” (Aberdeen Evening Express, 7 June 21003) “…a real eye-opener…well written and produced…an easy and valuable read…” (Accounting Web, 19 June 2003) “…a superb book which would be beneficial for anyone to read…” (M2 Best Books, 4 February 2003) “…the insights for earlier chapters are fascinationg, and that alone makes it worth blagging a copy for review…”(Mute, Summer/Autumn 2003) “…a good read, well-written…this accessibility makes it doubly important…” (Managing Information – 5 star rating, October 2003)Table of ContentsForeword. Preface. Introduction. Part 1: Behind the Scenes. Chapter 1: Security's Weakest Link. Part 2: The Art of the Attacker. Chapter 2: When Innocuous Information Isn't. Chapter 3: The Direct Attack: Just Asking for It. Chapter 4: Building Trust. Chapter 5: "Let Me Help You". Chapter 6: "Can You Help Me?". Chapter 7: Phony Sites and Dangerous Attachments. Chapter 8: Using Sympathy, Guilt, and Intimidation. Chapter 9: The Reverse Sting. Part 3: Intruder Alert. Chapter 10: Entering the Premises. Chapter 11: Combining Technology and Social Engineering. Chapter 12: Attacks on the Entry-Level Employee. Chapter 13: Clever Cons. Chapter 14: Industrial Espionage. Part 4: Raising the Bar. Chapter 15: Information Security Awareness and Training. Chapter 16: Recommended Corporate Information Security Policies. Security at a Glance. Sources. Acknowledgements. Index.
£28.80
O'Reilly Media Understanding Linux Network Internals
Book SynopsisA no-nonsense guide to Linux networking, which offers a clear view of the underlying concepts and teaches you to follow the C code that implements it. The topics include: system initialization, network interface card (NIC) device drivers, bridging, routing, ICMP, and more.Trade Review"Anyone who works with Linux networking should have a copy to hand to help with those inexplicable problems and to better understand how it all works." - James Millen, BJHC & IM, November 2006
£38.39
Sybex CCNA Certification Study Guide Volume 1 Volume 2
Book Synopsis
£48.75
CRC Press Introduction to Industrial Internet of Things and
Book SynopsisIndustrial IoT (IIoT) and Industry 4.0 are newly developing and fast emerging domains of interest among students, researchers, and professionals in academia and industry. Due to the popular demand of this topic, Introduction to Industrial Internet of Things and Industry 4.0 is written to serve a diverse readership from the domains of computer science and engineering, mechanical engineering, information technology, industrial engineering, electronics engineering, and other related branches of engineering. Based on the lead authorâs massive open online courses (MOOCs), this book can be used as a textbook on the emerging paradigm of Industry 4.0 and IIoT, as well as a reference for professionals working in sectors of IIoT.The book covers the significant aspects of IIoT in detail, including sensors, actuators, data transmission, and data acquisition, which form the core of IIoT. Topics and concepts are presented in a comprehensive manner, so that readers can develop expertise and knowledge. The book helps beginners to gain a basic idea of Industry 4.0 and IIoT as the first section is an overview of IoT applications, infrastructure-based protocols, cloud computing, and fog computing. The second section is designed to impart a basic knowledge of Industry 4.0 and IIoT as well as of the different phases of development in industry. Delving into more advanced areas, other sections in the book cover: The business models and reference architecture of IIoT The technological aspects of Industry 4.0 and IIoT Predictive and prescriptive analytics applied in IIoT-based implementations Applications and case studies of IIoT Key enabling technologies of IIoT To aid students and professional master IIoT and Industry 4.0, the book includes conceptual questions, exercises, and learning objectives.Table of ContentsPart 1. Prerequisites. Chapter 1. Overview of Internet of Things. Part 2. Introduction. Chapter 2. Introduction to Industry 4.0 and Industrial Internet of Things. Chapter 3. Industry 4.0: Basics. Chapter 4. Industrial Internet of Things: Basics. Chapter 5. Business Models and Reference Architecture of IIoT. Part 3. Technological Aspects of Industry 4.0 and IIoT. Chapter 6. Key Technologies-Part 1. Chapter 7. Key Technologies-Part 2. Part 4. Enabling Technologies of IIoT. Chapter 8. Connectivity. Chapter 9. Communication. Chapter 10. Interoperability. Part 5. IIoT Analytics. Chapter 11. Introduction to Analytics. Chapter 12. Machine Learning and Data Science. Part 6. Applications and Case Studies. Chapter 13. Healthcare. Chapter 14. Inventory Management & Quality Control. Chapter 15. Plant Safety and Security. Chapter 16. Case Studies.
£71.24
John Wiley & Sons Inc Active Directory For Dummies
Book SynopsisYour guide to learning Active Directory the quick and easy way Whether you''re new to Active Directory (AD) or a savvy system administrator looking to brush up on your skills,?Active Directory for Dummies will steer you in the right direction. Since its original release, Microsoft''s implementation of the lightweight directory access protocol (LDAP) for the Windows Server line of networking software has become one of the most popular directory service products in the world. If you''re involved with the design and support of Microsoft directory services and/or solutions, you''re in the right place. This comprehensive guide starts by showing you the basics of AD, so you can utilize its structures to simplify your life and secure your digital environment. From there, you''ll discover how to exert fine-grained control over groups, assets, security, permissions, and policies on a Windows network and efficiently configure, manage, and update the network. With coverage of secTable of ContentsIntroduction 1 Part I: Getting Started 5 Chapter 1: Understanding Active Directory 7 Chapter 2: Analyzing Requirements for Active Directory 23 Chapter 3: Designing an Active Directory Implementation Plan 41 Part II: Planning and Deploying with Active Directory Domain Services 53 Chapter 4: Playing the Name Game 55 Chapter 5: Creating a Logical Structure 71 Chapter 6: Getting Physical 83 Chapter 7: Ready to Deploy! 103 Part III: New Active Directory Features 127 Chapter 8: AD LDS: Active Directory on a Diet 129 Chapter 9: Federating Active Directory 141 Chapter 10: AD Certificate Services and Rights Management Services 157 Part IV: Managing Active Directory 173 Chapter 11: Managing Users, Groups, and Other Objects 175 Chapter 12: Managing Active Directory Replication 203 Chapter 13: Schema-ing! 219 Chapter 14: Managing Security with Active Directory Domain Services 233 Chapter 15: Maintaining Active Directory 253 Part V: The Part of Tens 271 Chapter 16: The Ten Most Important Active Directory Design Points 273 Chapter 17: Ten Cool Web Sites for Active Directory Info 279 Chapter 18: Ten Troubleshooting Tips for Active Directory 285 Part VI: Appendixes 291 Appendix A: Windows 2008 AD Command Line Tools 293 Appendix B: Glossary 305 Index 315
£22.09
Cambridge University Press Graph Spectra for Complex Networks
Book SynopsisThis concise and self-contained introduction builds up the spectral theory of graphs from scratch, including linear algebra and the theory of polynomials. Covering several types of graphs, it provides the mathematical foundation needed to understand and apply spectral insight to real-world communications systems and complex networks.Table of ContentsSymbols; 1. Introduction; Part I. Spectra of Graphs: 2. Algebraic graph theory; 3. Eigenvalues of the adjacency matrix; 4. Eigenvalues of the Laplacian Q; 5. Effective resistance matrix; 6. Spectra of special types of graphs; 7. Density function of the eigenvalues; 8. Spectra of complex networks; Part II. Eigensystem: 9. Topics in linear algebra; 10. Eigensystem of a matrix; Part III. Polynomials: 11. Polynomials with real coefficients; 12. Orthogonal polynomials; References; Index.
£47.49
CRC Press Red Team Evaluation Framework
a huge range and FREE tracked UK delivery on ALL orders.
£48.96
John Wiley & Sons Inc Networking For Dummies
Book SynopsisSet up a secure network at home or the office Fully revised to cover Windows 10 and Windows Server 2019, this new edition of the trusted Networking For Dummies helps both beginning network administrators and home users to set up and maintain a network. Updated coverage of broadband and wireless technologies, as well as storage and back-up procedures, ensures that you'll learn how to build a wired or wireless network, secure and optimize it, troubleshoot problems, and much more. From connecting to the Internet and setting up a wireless network to solving networking problems and backing up your datathis #1 bestselling guide covers it all. Build a wired or wireless network Secure and optimize your network Set up a server and manage Windows user accounts Use the cloudsafely Written by a seasoned technology authorand jam-packed with tons of helpful step-by-step instructionsthis is the book network administrTable of ContentsIntroduction 1 About This Book 1 Foolish Assumptions 2 Icons Used in This Book 3 Beyond the Book 3 Where to Go from Here 4 Part 1: Getting Started with Networking 5 Chapter 1: Let’s Network! 7 Defining a Network 8 Why Bother with a Network? 11 Sharing files 11 Sharing resources 11 Sharing programs 12 Sharing messages 12 Servers and Clients 13 Dedicated Servers and Peers 13 What Makes a Network Tick? 15 It’s Not a Personal Computer Anymore! 16 The Network Administrator 17 What Have They Got That You Don’t Got? 18 Chapter 2: Configuring Windows and Mac Clients 21 Configuring Windows Network Connections 22 Joining a Windows Computer to a Domain 27 Configuring Mac Network Settings 29 Joining a Mac Computer to a Domain 33 Chapter 3: Life on the Network 37 Distinguishing between Local Resources and Network Resources 38 What’s in a Name? 38 Logging on to the Network 40 Understanding Shared Folders 42 Four Good Uses for a Shared Folder 43 Store files that everybody needs 43 Store your own files 44 Make a temporary resting place for files on their way to other users 44 Back up your local hard drive 45 Oh, the Network Places You’ll Go 45 Mapping Network Drives 47 Using a Network Printer 50 Adding a network printer 51 Printing to a network printer 52 Playing with the print queue 53 Logging off the Network 55 Chapter 4: More Ways to Use Your Network 57 Sharing Your Stuff 57 Enabling File and Printer Sharing 58 Sharing a Folder 59 Using the Public Folder 61 Sharing a Printer 62 Using Microsoft Office on a Network 64 Accessing network files 64 Using workgroup templates 65 Networking an Access database 67 Working with Offline Files 68 Part 2: Designing Your Network 73 Chapter 5: Planning a Network 75 Making a Network Plan 75 Being Purposeful 76 Taking Stock 77 What you need to know 77 Programs that gather information for you 79 To Dedicate or Not to Dedicate: That Is the Question 80 File servers 81 Print servers 81 Web servers 82 Mail servers 82 Database servers 83 Application servers 83 License servers 83 Choosing a Server Operating System 83 Planning the Infrastructure 84 Drawing Diagrams 84 Chapter 6: Dealing with TCP/IP 87 Understanding Binary 88 Counting by ones 88 Doing the logic thing 89 Introducing IP Addresses 90 Networks and hosts 90 The dotted-decimal dance 91 Classifying IP Addresses 91 Class A addresses 92 Class B addresses 93 Class C addresses 93 Subnetting 94 Subnets 95 Subnet masks 96 The great subnet roundup 97 Private and public addresses 98 Understanding Network Address Translation 98 Configuring Your Network for DHCP 99 Understanding DHCP 100 DHCP servers 100 Understanding scopes 101 Feeling excluded? 102 Reservations suggested 103 How long to lease? 104 Managing a Windows Server 2019 DHCP Server 104 Configuring a Windows DHCP Client 105 Using DNS 106 Domains and domain names 106 Fully qualified domain names 108 Working with the Windows DNS Server 109 Configuring a Windows DNS Client 110 Chapter 7: Oh, What a Tangled Web We Weave: Cables and Switches 111 What Is Ethernet? 112 All about Cable 114 Cable categories 116 What’s with the pairs? 117 To shield or not to shield 117 When to use plenum cable 118 Sometimes solid, sometimes stranded 118 Installation guidelines 119 The tools you need 120 Pinouts for twisted-pair cables 121 RJ-45 connectors 122 Crossover cables 124 Wall jacks and patch panels 124 Understanding Switches 126 Comparing managed and unmanaged switches 126 Daisy-chaining switches 128 Stacking switches 128 Looking at distribution switches and access switches 129 Powering Up with Power over Ethernet 130 Looking at Three Types of Network Rooms 131 Chapter 8: Setting Up a Wireless Network 133 Diving into Wireless Networking 134 A Little High School Electronics 135 Waves and frequencies 135 Wavelength and antennas 137 Spectrums and the FCC 137 Eight-Oh-Two-Dot-Eleventy Something: Understanding Wireless Standards 139 Home on the Range 140 Using Wireless Network Adapters 141 Setting Wireless Access Points 142 Infrastructure mode 142 Multifunction WAPs 143 Roaming Capabilities 144 Wireless bridging 144 Ad-hoc networks 145 Configuring a Wireless Access Point 145 Basic configuration options 146 DHCP configuration 146 Connecting to a Wireless Network 147 Paying Attention to Wireless Network Security 149 Chapter 9: Connecting to the Internet 155 Connecting to the Internet 155 Connecting with cable or DSL 156 Connecting with high-speed private lines 157 Sharing an Internet connection 158 Securing Your Connection with a Firewall 159 Using a firewall 159 Comparing residential gateways to firewall routers 161 Looking at the built-in Windows firewall 161 Providing a Backup Internet Connection 163 Part 3: Working with Servers 165 Chapter 10: Virtualizing Your Network 167 Understanding Virtualization 167 Understanding Hypervisors 169 Understanding Virtual Disks 171 Understanding Network Virtualization 173 Looking at the Benefits of Virtualization 174 Choosing Virtualization Hosts 176 Understanding Windows Server 2019 Licensing 176 Introducing Hyper-V 178 Understanding the Hyper-V hypervisor 178 Understanding virtual disks 179 Enabling Hyper-V 180 Getting Familiar with Hyper-V 181 Creating a Virtual Switch 182 Creating a Virtual Disk 184 Creating a Virtual Machine 188 Installing an Operating System 192 Chapter 11: Setting Up a Windows Server 195 Planning a Windows Server Installation 196 Checking system requirements 196 Reading the release notes 196 Considering your licensing options 196 Deciding your TCP/IP configuration 197 Choosing workgroups or domains 197 Running Setup 198 Adding Server Roles and Features 203 Creating a New Domain 208 Chapter 12: Managing Windows User Accounts 213 Understanding How Active Directory Is Organized 214 Objects 214 Domains 215 Organizational units 215 Trees 216 Forests 216 Understanding Windows User Accounts 216 Local accounts versus domain accounts 216 User account properties 217 Creating a New User 217 Setting User Properties 220 Changing the user’s contact information 220 Setting account options 221 Specifying logon hours 223 Restricting access to certain computers 223 Setting the user’s profile information 224 Resetting User Passwords 225 Disabling and Enabling User Accounts 226 Deleting a User 226 Working with Groups 227 Creating a group 227 Adding a member to a group 228 Creating a Logon Script 230 Chapter 13: Managing Network Storage 231 Understanding Disk Storage 231 Hard disk drives 231 Solid state drives to the rescue! 234 It’s a RAID! 234 Three ways to attach disks to your servers 236 Focusing on File Servers 237 Understanding permissions 237 Understanding shares 239 Managing Your File Server 240 Using the New Share Wizard 241 Sharing a folder without the wizard 245 Granting permissions 247 Part 4: Managing Your Network 251 Chapter 14: Welcome to Network Management 253 What a Network Administrator Does 254 Choosing the Part-Time Administrator 255 The Three “Ups” of Network Management 256 Managing Network Users 257 Acquiring Software Tools for Network Administrators 258 Building a Library 259 Pursuing Certification 260 Helpful Bluffs and Excuses 261 Chapter 15: Supporting Your Users 263 Establishing the Help Desk’s Charter 264 Tracking Support Tickets 265 Deciding How to Communicate with Users 267 Using Remote Assistance 268 Enabling Remote Assistance 269 Inviting someone to help you via a Remote Assistance session 270 Responding to a Remote Assistance invitation 273 Creating a Knowledge Base 275 Creating a Self-Service Help Portal 275 Using Satisfaction Surveys 276 Tracking Help Desk Performance 278 Using Help Desk Management Software 279 Chapter 16: Using Group Policy 281 Understanding Group Policy 281 Enabling Group Policy Management on Windows Server 2019 282 Creating Group Policy Objects 283 Filtering Group Policy Objects 289 Forcing Group Policy Updates 292 Chapter 17: Managing Software Deployment 293 Understanding Software Licenses 294 Using a License Server 297 Deploying Network Software 298 Deploying software manually 298 Running Setup from a network share 299 Installing silently 300 Creating an administrative installation image 301 Pushing out software with Group Policy 302 Keeping Software Up to Date 302 Chapter 18: Managing Mobile Devices 305 The Many Types of Mobile Devices 306 Considering Security for Mobile Devices 307 Managing iOS Devices 308 Understanding the iPhone 308 Understanding the iPad 309 Integrating iOS devices with Exchange 309 Configuring an iOS device for Exchange email 311 Managing Android Devices 314 Looking at the Android OS 314 Perusing Android’s core applications 315 Integrating Android with Exchange 316 Part 5: Securing Your Network 317 Chapter 19: Welcome to Cybersecurity Network 319 Do You Need Security? 320 The Three Pillars of Cybersecurity 321 Two Approaches to Security 322 Physical Security: Locking Your Doors 323 Securing User Accounts 324 Obfuscating your usernames 324 Using passwords wisely 325 Generating passwords For Dummies 326 Secure the Administrator account 328 Managing User Security 328 User accounts 329 Built-in accounts 330 User rights 331 Permissions (who gets what) 331 Group therapy 332 User profiles 333 Logon scripts 334 Securing the Human Firewall 334 Chapter 20: Hardening Your Network 337 Firewalls 337 The Many Types of Firewalls 339 Packet filtering 339 Stateful packet inspection (SPI) 341 Circuit-level gateway 342 Application gateway 342 Next-generation firewall 343 Virus Protection 343 What is a virus? 343 Antivirus programs 345 Safe computing 346 Patching Things Up 346 Chapter 21: Securing Your Email 349 Defining Spam 350 Sampling the Many Flavors of Spam 351 Using Antispam Software 352 Understanding Spam Filters 353 Looking at Three Types of Antispam Software 356 On-premises antispam 356 Antispam appliances 357 Cloud-based antispam services 358 Minimizing Spam 359 Chapter 22: Backing Up Your Data 361 3-2-1: The Golden Rule of Backups 361 How Often Should You Back Up Your Data? 363 Choosing Where to Back Up Your Data 364 Establishing Two Key Backup Objectives 365 Backing Up to Tape 366 Understanding Backup Software 367 Examining File-Based Backups 368 Full backups 369 Copy backups 370 Incremental backups 370 Differential backups 371 Backup and Virtualization 371 Verifying Tape Reliability 373 Keeping Backup Equipment Clean and Reliable 374 Setting Backup Security 375 Chapter 23: Planning for Disaster 377 Assessing Different Types of Disasters 378 Environmental disasters 379 Deliberate disasters 379 Disruption of services 380 Equipment failure 380 Other disasters 381 Analyzing the Impact of a Disaster 381 Developing a Business Continuity Plan 382 Holding a Fire Drill 383 Part 6: More Ways to Network 385 Chapter 24: Accommodating Remote Users 387 Using Outlook Web App 388 Using a Virtual Private Network 389 Looking at VPN security 390 Understanding VPN servers and clients 391 Connecting with Remote Desktop Connection 393 Enabling Remote Desktop Connection 394 Connecting remotely 395 Using keyboard shortcuts for Remote Desktop 397 Chapter 25: Life in Cloud City 399 Introducing Cloud Computing 400 Looking at the Benefits of Cloud Computing 401 Detailing the Drawbacks of Cloud Computing 402 Examining Three Basic Kinds of Cloud Services 403 Applications 404 Platforms 404 Infrastructure 405 Public Clouds versus Private Clouds 405 Introducing Some of the Major Cloud Providers 406 Amazon 406 Google 407 Microsoft 407 Getting into the Cloud 408 Chapter 26: Going Hybrid 409 What Is a Hybrid Cloud? 409 What Are the Benefits of Hybrid Cloud? 411 Elasticity 411 Flexibility 412 Agility 412 Innovation 412 Operational efficiency 412 Integrating Identity 413 Azure Active Directory 413 Single sign-on 414 Looking at Hybrid Cloud Virtualization Platforms 416 Part 7: The Part of Tens 419 Chapter 27: Ten Networking Commandments 421 I Thou Shalt Back Up Thy Data Religiously 421 II Thou Shalt Protect Thy Network from Infidels 422 III Thou Shalt Train Up Thy Users in the Ways of Safe Computing 422 IV Thou Shalt Keepeth Thy Network Drive Pure and Cleanse It of Old Files 423 V Thou Shalt Not Tinker with Thine Network Configuration unless Thou Knowest What Thou Art Doing 423 VI Thou Shalt Not Covet Thy Neighbor’s Network 423 VII Thou Shalt Not Take Down Thy Network without Proper Notification 424 VIII Thou Shalt Keep an Adequate Supply of Spare Parts 424 IX Thou Shalt Not Steal Thy Neighbor’s Program without a License 424 X Thou Shalt Write Down Thy Network Configuration upon Tablets of Stone 425 Chapter 28: Ten Big Network Mistakes 427 Skimping on Hardware 427 Turning Off or Restarting a Server Computer While Users Are Logged On 428 Deleting Important Files on the Server 429 Copying a File from the Server, Changing It, and Then Copying It Back 429 Sending Something to the Printer Again Just Because It Didn’t Print the First Time 430 Assuming That the Server Is Safely Backed Up 430 Connecting to the Internet without Considering Security Issues 430 Plugging in a Wireless Access Point without Asking 431 Thinking You Can’t Work Just Because the Network Is Down 431 Running Out of Space on a Server 432 Always Blaming the Network 433 Chapter 29: Ten Things You Should Keep in Your Closet 435 Duct Tape 435 Tools 436 Patch Cables 436 Cable Ties and Velcro 436 Twinkies 437 Replacement Parts 437 Cheap Network Switches 438 The Complete Documentation of the Network on Tablets of Stone 438 The Network Manuals and Disks 438 Ten Copies of This Book 439 Index 441
£22.09
John Wiley & Sons Inc CWNA Certified Wireless Network Administrator
Book SynopsisTable of ContentsForeword xxxv Introduction xxxvii Assessment Test lvi Chapter 1 Overview of Wireless Standards, Organizations, and Fundamentals 1 History of Wireless Local Area Networks 3 Standards Organizations 5 Institute of Electrical and Electronics Engineers 8 Core, Distribution, and Access 22 Communications Fundamentals 24 Summary 33 Exam Essentials 33 Review Questions 34 Chapter 2 IEEE 802.11 Standard and Amendments 39 Original IEEE 802.11 Standard 42 IEEE 802.11-2020 Ratified Amendments 44 IEEE 802.11 Draft Amendments 63 Defunct Amendments 66 IEEE Task Group m 68 Summary 69 Exam Essentials 69 Review Questions 70 Chapter 3 Radio Frequency Fundamentals 75 What Is a Radio Frequency Signal? 77 Radio Frequency Characteristics 78 Radio Frequency Behaviors 87 Summary 103 Exam Essentials 103 Review Questions 104 Chapter 4 Radio Frequency Components, Measurements, and Mathematics 109 Components of RF Communications 112 Units of Power and Comparison 115 RF Mathematics 123 Noise Floor 130 Signal-to-Noise Ratio 130 Received Signal Strength Indicator 131 Link Budget 135 Summary 140 Exam Essentials 142 Review Questions 143 Chapter 5 Radio Frequency Signal and Antenna Concepts 147 Azimuth and Elevation Charts (Antenna Radiation Envelopes) 150 Interpreting Polar Charts 152 Beamwidth 155 Antenna Types 157 Visual Line of Sight 169 RF Line of Sight 169 Fresnel Zone 170 Earth Bulge 174 Antenna Polarization 175 Antenna Diversity 176 Multiple-Input, Multiple-Output 177 Antenna Connection and Installation 179 Antenna Accessories 187 Regulatory Compliance 192 Summary 194 Exam Essentials 194 Review Questions 195 Chapter 6 Wireless Networks and Spread Spectrum Technologies 199 Throughput vs. Bandwidth 201 Narrowband and Spread Spectrum 202 Frequency-Hopping Spread Spectrum 205 Direct-Sequence Spread Spectrum 208 Orthogonal Frequency-Division Multiplexing 211 Industrial, Scientific, and Medical Bands 218 5 GHz Unlicensed National Information Infrastructure Bands 220 60 GHz for Wi-Fi 223 Below 1 GHz 224 2.4 GHz Channels 224 5 GHz Channels 227 6 GHz Channels 232 Summary 239 Exam Essentials 239 Review Questions 240 Chapter 7 Wireless LAN Topologies 245 Wireless Networking Topologies 247 802.11 Stations 251 802.11 Service Sets 255 802.11 Configuration Modes 267 Summary 269 Exam Essentials 269 Review Questions 271 Chapter 8 802.11 Medium Access 275 CSMA/CA vs. CSMA/CD 276 Collision Detection 277 Distributed Coordination Function 278 Hybrid Coordination Function 286 Wi-Fi Multimedia 288 Airtime Fairness 290 Summary 292 Exam Essentials 292 Review Questions 293 Chapter 9 802.11 MAC 297 Packets, Frames, and Bits 299 Data-Link Layer 300 Physical Layer 301 802.11 and 802.3 Interoperability 302 802.11 MAC Header 303 802.11 Frame Body 315 802.11 Trailer 316 802.11 State Machine 317 Management Frames 318 Control Frames 333 Data Frames 341 Power Management 344 Summary 350 Exam Essentials 350 Review Questions 352 Chapter 10 MIMO Technology: HT and VHT 357 MIMO 360 Multi-User MIMO 371 Channels 376 Guard Interval 382 256-QAM Modulation 384 802.11n/ac PPDUs 388 802.11n/ac MAC 390 HT/VHT Protection Mechanisms 399 Wi-Fi Alliance Certification 400 Summary 403 Exam Essentials 403 Review Questions 405 Chapter 11 WLAN Architecture 409 WLAN Client Devices 411 Management, Control, and Data Planes 421 WLAN Architecture 423 Specialty WLAN Infrastructure 437 Cloud Networking 445 Application Programming Interface 448 Infrastructure Management 451 Summary 456 Exam Essentials 457 Review Questions 458 Chapter 12 Power over Ethernet (PoE) 463 History of PoE 464 PoE Devices 467 Planning and Deploying PoE 484 Summary 490 Exam Essentials 491 Review Questions 492 Chapter 13 WLAN Design Concepts 497 WLAN Coverage Design 499 Roaming Design 505 Channel Design 512 Capacity Design 534 Voice vs. Data 546 Dual 5 GHz and Software-Defined Radios 548 6 GHz WLAN Design 551 Physical Environment 557 Antennas 558 Outdoor Design 562 Summary 563 Exam Essentials 564 Review Questions 565 Chapter 14 Site Survey and Validation 569 WLAN Site Survey and Design Interview 572 Vertical Market Considerations 582 Legacy AP-on-a-Stick Survey 585 Hybrid Survey 595 Validation Survey 599 Site Survey Tools 604 Documents and Reports 609 Summary 614 Exam Essentials 615 Review Questions 616 Chapter 15 WLAN Troubleshooting 621 Five Tenets of WLAN Troubleshooting 623 Layer 1 Troubleshooting 629 Layer 2 Troubleshooting 636 Security Troubleshooting 648 Roaming Troubleshooting 661 Channel Utilization 665 Layers 3–7 Troubleshooting 667 WLAN Troubleshooting Tools 671 Summary 679 Exam Essentials 679 Review Questions 680 Chapter 16 Wireless Attacks, Intrusion Monitoring, and Policy 687 Wireless Attacks 688 Intrusion Monitoring 706 Wireless Security Policies 712 Summary 716 Exam Essentials 717 Review Questions 718 Chapter 17 802.11 Network Security Architecture 723 802.11 Security Basics 725 Legacy 802.11 Security 729 Robust Security 736 Management Frame Protection 757 WPA 2 757 WPA 3 758 Enhanced Open 761 6 GHz Wi-Fi Security 762 Traffic Segmentation 763 VPN Wireless Security 766 Summary 770 Exam Essentials 770 Review Questions 772 Chapter 18 Bring Your Own Device (BYOD) and Guest Access 777 Mobile Device Management 780 Company-Issued Devices vs. Personal Devices 781 Self-Service Device Onboarding for Employees 795 Guest WLAN Access 798 Hotspot 2.0 and Passpoint 811 Network Access Control 816 Summary 824 Exam Essentials 825 Review Questions 826 Chapter 19 802.11ax: High Efficiency (HE) 831 802.11ax = Wi-Fi 6 833 Wi-Fi Traffic Congestion 834 HE Overview 836 Multi-User 837 OFDMA 838 MU-MIMO 851 BSS Color and Spatial Reuse 855 Target Wake Time 861 Additional 802.11ax PHY and MAC Capabilities 862 Wi-Fi 6 Key Questions 867 Wi-Fi CERTIFIED 6 873 Summary 874 Review Questions 875 Chapter 20 WLAN Deployment and Vertical Markets 879 Deployment Considerations for Commonly Supported WLAN Applications and Devices 881 Corporate Data Access and End-User Mobility 885 Network Extension to Remote Areas 886 Bridging: Building-to-Building Connectivity 887 Wireless ISP: Last-Mile Data Delivery 888 Small Office/Home Office 888 Temporary Office Networking 889 Branch Offices 890 Teleworker Wi-Fi 890 Educational/Classroom Use 891 Industrial: Warehousing and Manufacturing 892 Retail 892 Healthcare 894 Municipal Networks 895 Hotspots: Public Network Access 895 Stadium Networks 897 Transportation Networks 897 Law Enforcement Networks 898 First-Responder Networks 899 Managed Service Providers 900 Fixed Mobile Convergence 900 WLAN and Health 901 Internet of Things 901 WLAN Vendors 902 Summary 904 Exam Essentials 904 Review Questions 905 Appendix A Answers to Review Questions 909 Chapter 1: Overview of Wireless Standards, Organizations, and Fundamentals 910 Chapter 2: IEEE 802.11 Standard and Amendments 911 Chapter 3: Radio Frequency Fundamentals 914 Chapter 4: Radio Frequency Components, Measurements, and Mathematics 915 Chapter 5: Radio Frequency Signal and Antenna Concepts 918 Chapter 6: Wireless Networks and Spread Spectrum Technologies 919 Chapter 7: Wireless LAN Topologies 922 Chapter 8: 802.11 Medium Access 924 Chapter 9: 802.11 Mac 926 Chapter 10: MIMO Technology: HT and VHT 929 Chapter 11: WLAN Architecture 932 Chapter 12: Power over Ethernet (PoE) 934 Chapter 13: WLAN Design Concepts 937 Chapter 14: Site Survey and Validation 940 Chapter 15: WLAN Troubleshooting 943 Chapter 16: Wireless Attacks, Intrusion Monitoring, and Policy 946 Chapter 17: 802.11 Network Security Architecture 948 Chapter 18: Bring Your Own Device (BYOD) and Guest Access 951 Chapter 19: 802.11ax: High Efficiency (HE) 954 Chapter 20: WLAN Deployment and Vertical Markets 957 Appendix B Abbreviations and Acronyms 961 Certifications 962 Organizations and Regulations 962 Measurements 963 Technical Terms 964 Index 981
£41.60
John Wiley & Sons Inc CompTIA Network Review Guide
Book SynopsisPrep for success on the Network+ N10-008examandfor yournew career in network administrationwith thismust-have resource Inthe newly updated Fifth Edition of theCompTIA Network+ Review Guide: Exam: N10-008,a leading expert in Network Operations, Jon Buhagiar, deliversa focused and concisehandbookfor anyonepreparing for thenewNetwork+N10-008 exam or for a career in network administration. This guide isorganizedinto five parts, with each part corresponding to one of the 5 objective domain areas of the Network+ exam: Fundamentals, Implementations, Operations, Security, and Troubleshooting. You'llhandilylearncrucial IT skills like designing and implementing functional networks, configuring and managing essential network devices,using switches and routers to segment network traffic, and securing existing networks.This book also allows you to: Quickly and comprehensively prepare forthe Network+ N10-008 exam with intuitively organized infoand eTable of ContentsIntroduction xvii Chapter 1 Domain 1.0: Networking Fundamentals 1 1.1 Compare and contrast the Open Systems Interconnection (OSI) model layers and encapsulation concepts 11 OSI Model 12 Protocol Data Units 21 Data Encapsulation and Decapsulation 22 Exam Essentials 26 1.2 Explain the characteristics of network topologies and network types 28 Wired Topologies 28 Types 33 Service- Related Entry Point 39 Virtualization 40 Virtual Networking Components 40 Service Type 43 Service Delivery 48 Exam Essentials 50 1.3 Summarize the types of cables and connectors and explain which is the appropriate type for a solution 51 Media Types 51 Connector Types 55 Transceivers 60 Media Converters 62 Characteristics of Fiber Transceivers 63 Termination Points 65 Copper Cabling Standards 70 Copper Termination Standards 73 Ethernet Deployment Standards 76 Exam Essentials 78 1.4 Given a scenario, configure a subnet and use appropriate IP addressing schemes 80 Private vs. Public 80 Nat/pat 81 IPv4 Concepts 84 IPv6 Concepts 88 Address Assignments 93 Subnetting 99 Virtual IP (VIP) 107 Exam Essentials 108 1.5 Explain common ports and protocols, their application, and encrypted alternatives 110 Protocols and Ports 110 IP Protocol Types 117 Connection- Oriented vs. Connectionless 121 Exam Essentials 122 1.6 Explain the use and purpose of network services 123 Dns 123 DHCP Service 132 Ntp 137 Exam Essentials 137 1.7 Explain basic corporate and datacenter network architecture 139 Three- Tiered Model 139 Software- Defined Networking 140 Spine and Leaf 142 Traffic Flows 143 Host Locations 144 Network Storage Types 145 Connection Type 147 Exam Essentials 150 1.8 Summarize cloud concepts and connectivity options 151 Characteristics of a Cloud 151 Cloud Delivery Models 152 Types of Services 155 Infrastructure as Code 157 Connectivity Methods 160 Multitenancy 161 Elasticity 161 Scalability 162 Security Implications/Considerations 162 Relationship Between Local and Cloud Resources 163 Exam Essentials 163 Review Questions 165 Chapter 2 Domain 2.0: Network Implementations 169 2.1 Compare and contrast various devices, their features, and their appropriate placement on the network 173 Network Devices 173 Exam Essentials 203 2.2 Compare and contrast routing technologies and bandwidth management concepts 204 Routing 204 Bandwidth Management 212 Exam Essentials 215 2.3 Given a scenario, configure and deploy common Ethernet switching features 216 Characteristics of Ethernet and IP Communications 216 Basic Switch Functions 220 Segmentation and Interface Properties 227 Switching Features 231 Exam Essentials 234 2.4 Given a scenario, install and configure the appropriate wireless standards and technologies 235 802.11 Standards 235 Frequencies 238 Wireless Considerations 239 Wireless Modes of Operation 245 Wireless Security 248 Cellular 252 Exam Essentials 254 Review Questions 256 Chapter 3 Domain 3.0: Network Operations 261 3.1 Given a scenario, use the appropriate statistics and sensors to ensure network availability 265 Performance Metrics 265 Snmp 270 Network Device Logs 274 Interface Statistics/Status 279 Interface Errors or Alerts 286 Environmental Factors and Sensors 289 Performance Baselines 291 NetFlow Data 292 Uptime/Downtime 293 Exam Essentials 294 3.2 Explain the purpose of organizational documents and policies 296 Plans and Procedures 296 Hardening and Security Policies 303 Common Documentation 307 Common Agreements 315 Exam Essentials 316 3.3 Explain high availability and disaster recovery concepts and summarize which is the best solution 318 Load Balancing 318 Multipathing 318 Network Interface Card (NIC) Teaming 320 Redundant Hardware/Clusters 320 Facilities and Infrastructure Support 326 Redundancy and High Availability (HA) Concepts 330 Backups 334 Exam Essentials 336 Review Questions 338 Chapter 4 Domain 4.0: Network Security 343 4.1 Explain common security concepts 348 Confidentiality, Integrity, Availability (CIA) 348 Threats 349 Vulnerabilities 350 Exploits 351 Least Privilege 351 Role- Based Access 352 Zero Trust 352 Defense in Depth 353 Authentication Methods 357 Security Assessments 364 Security Information and Event Management (SIEM) 366 Exam Essentials 366 4.2 Compare and contrast common types of attacks 368 Technology- Based 368 Human and Environmental 378 Exam Essentials 379 4.3 Given a scenario, apply network hardening techniques 381 Best Practices 381 Wireless Security 390 IOT Considerations 395 Exam Essentials 396 4.4 Compare and contrast remote access methods and security implications 397 Vpn 397 Remote Desktop Connection 400 Remote Desktop Gateway 401 Ssh 401 Virtual Network Computing (VNC) 402 Virtual Desktop 402 Authentication and Authorization Considerations 403 In- Band vs. Out- of- Band Management 403 Exam Essentials 405 4.5 Explain the importance of physical security 406 Detection Methods 407 Prevention Methods 410 Asset Disposal 413 Exam Essentials 415 Review Questions 416 Chapter 5 Domain 5.0: Network Troubleshooting 421 5.1 Explain the network troubleshooting methodology 427 Identify the Problem 428 Establish a Theory of Probable Cause 430 Test the Theory to Determine the Cause 431 Establish a Plan of Action to Resolve the Problem and Identify Potential Effects 432 Implement the Solution or Escalate as Necessary 432 Verify Full System Functionality and, If Applicable, Implement Preventive Measures 433 Document Findings, Actions, Outcomes, and Lessons Learned 433 Exam Essentials 433 5.2 Given a scenario, troubleshoot common cable connectivity issues and select the appropriate tools 434 Specifications and Limitations 434 Cable Considerations 435 Cable Application 437 Common Issues 439 Common Tools 445 Exam Essentials 456 5.3 Given a scenario, use the appropriate network software tools and commands 458 Software Tools 458 Command- Line Tools 466 Basic Network Platform Commands 481 Exam Essentials 485 5.4 Given a scenario, troubleshoot common wireless connectivity issues 486 Specifications and Limitations 486 Considerations 489 Common Issues 493 Exam Essentials 498 5.5 Given a scenario, troubleshoot general networking issues 499 Considerations 499 Common Issues 501 Exam Essentials 530 Review Questions 532 Appendix Answers to Review Questions 537 Chapter 1: Domain 1.0: Networking Fundamentals 538 Chapter 2: Domain 2.0: Network Implementations 541 Chapter 3: Domain 3.0: Network Operations 544 Chapter 4: Domain 4.0: Network Security 547 Chapter 5: Domain 5.0: Network Troubleshooting 550 Index 553
£20.40
Pearson Education Computer Networks and Internets Global Edition
Book SynopsisTable of Contents Chapter 1 Introduction And Overview Chapter 2 Internet Trends Chapter 3 Internet Applications And Network Programming Chapter 4 Traditional Internet Applications Chapter 5 Overview Of Data Communications Chapter 6 Information Sources And Signals Chapter 7 Transmission Media Chapter 8 Reliability And Channel Coding Chapter 9 Transmission Modes Chapter 10 Modulation And Modems Chapter 11 Multiplexing And Demultiplexing (Channelization) Chapter 12 Access And Interconnection Technologies Chapter 13 Local Area Networks: Packets, Frames, And Topologies Chapter 14 The IEEE MAC Sublayer Chapter 15 Wired LAN Technology (Ethernet And 802.3) Chapter 16 Wireless Networking Technologies Chapter 17 Repeaters, Bridges, And Switches Chapter 18 WAN Technologies And Dynamic Routing Chapter 19 Networking Technologies Past And Present Chapter 20 Internetworking: Concepts, Architecture, And Protocols Chapter 21 IP: Internet Addressing Chapter 22 Datagram Forwarding Chapter 23 Support Protocols And Technologies Chapter 24 UDP: Datagram Transport Service Chapter 25 TCP: Reliable Transport Service Chapter 26 Internet Routing And Routing Protocols Chapter 27 Network Performance (QoS And DiffServ) Chapter 28 Multimedia And IP Telephony (VoIP) Chapter 29 Network Security Chapter 30 Network Management (SNMP) Chapter 31 Software Defined Networking (SDN) Chapter 32 The Internet Of Things Chapter 33 Trends In Networking Technologies And Uses Appendix 1 A Simplified Application Programming Interface
£75.04
John Wiley & Sons Inc ISC2 CISSP Certified Information Systems Security
Book Synopsis
£30.39
John Wiley & Sons Networking AllinOne For Dummies
Book Synopsis
£30.39
Sybex CCNA Certification Study Guide Volume 1 and
Book SynopsisA two-volume Study Guide set to help you prepare for success on the UPDATED Cisco CCNA Certification Exam 200-301 v1.1. Get certified and advance your technical career. To earn a Cisco Certified Network Associate (CCNA) certification, you only need to pass one exam that validates your knowledge and skills related to everything from networking to automation. This inclusive, two-book set provides what you need to know to succeed on the UPDATED CCNA Exam 200-301 v1.1. The set includesCCNA Certification Study Guide Volume 1, Second Edition, and CCNA Certification Study Guide Volume 2, Second Edition. Both Study Guidesprovide comprehensive information and foundational knowledge about core Cisco technologies, helping you implement and administer Cisco solutions. Volumes 1 and 2 prepare you to take and pass the UPDATED CCNA certification Exam 200-301 v1.1, which assesses your abilities related to network fundamentals. Both books cover a range of topics so you can get ready for the exam and apply your technical knowledge. Prepare for testing on network and security fundamentalsReview network access conceptsSolidify your knowledge related to IP connectivity and servicesAssess your automation and programmability skills Written by a Cisco expert, Todd Lammle, this 2-volume Study Guide set helps you master the concepts you need to succeed as a networking administrator. It also connects you to online interactive learning tools, including sample questions, a pre-assessment, practice exam, flashcards, and a glossary. If you want to earn the new CCNA certification and keep moving forward in your IT career, this book and study guide are for you.
£56.25
John Wiley & Sons Grey Area Dark Web Data Collection and the Future of OSINT
£30.39
Pearson Education (US) IoT Fundamentals: Networking Technologies,
Book SynopsisToday, billions of devices are Internet-connected, IoT standards and protocols are stabilizing, and technical professionals must increasingly solve real problems with IoT technologies. Now, five leading Cisco IoT experts present the first comprehensive, practical reference for making IoT work. IoT Fundamentals brings together knowledge previously available only in white papers, standards documents, and other hard-to-find sources—or nowhere at all. The authors begin with a high-level overview of IoT and introduce key concepts needed to successfully design IoT solutions. Next, they walk through each key technology, protocol, and technical building block that combine into complete IoT solutions. Building on these essentials, they present several detailed use cases, including manufacturing, energy, utilities, smart+connected cities, transportation, mining, and public safety. Whatever your role or existing infrastructure, you’ll gain deep insight what IoT applications can do, and what it takes to deliver them. Fully covers the principles and components of next-generation wireless networks built with Cisco IOT solutions such as IEEE 802.11 (Wi-Fi), IEEE 802.15.4-2015 (Mesh), and LoRaWAN Brings together real-world tips, insights, and best practices for designing and implementing next-generation wireless networks Presents start-to-finish configuration examples for common deployment scenarios Reflects the extensive first-hand experience of Cisco experts Table of Contents Foreword xxvi Introduction xxviiiPart I Introduction to IoT 1Chapter 1 What Is IoT? 3 Genesis of IoT 4 IoT and Digitization 6 IoT Impact 7 Connected Roadways 8 Connected Factory 12 Smart Connected Buildings 15 Smart Creatures 19 Convergence of IT and OT 21 IoT Challenges 23 Summary 24 References 24Chapter 2 IoT Network Architecture and Design 27 Drivers Behind New Network Architectures 28 Scale 30 Security 31 Constrained Devices and Networks 32 Data 32 Legacy Device Support 32 Comparing IoT Architectures 33 The oneM2M IoT Standardized Architecture 33 The IoT World Forum (IoTWF) Standardized Architecture 35 Additional IoT Reference Models 39 A Simplified IoT Architecture 40 The Core IoT Functional Stack 43 Layer 1: Things: Sensors and Actuators Layer 44 Layer 2: Communications Network Layer 46 Layer 3: Applications and Analytics Layer 59 IoT Data Management and Compute Stack 63 Fog Computing 65 Edge Computing 68 The Hierarchy of Edge, Fog, and Cloud 68 Summary 70 References 71Part II Engineering IoT Networks 73Chapter 3 Smart Objects: The “Things” in IoT 75 Sensors, Actuators, and Smart Objects 76 Sensors 76 Actuators 81 Micro-Electro-Mechanical Systems (MEMS) 83 Smart Objects 84 Sensor Networks 87 Wireless Sensor Networks (WSNs) 88 Communication Protocols for Wireless Sensor Networks 92 Summary 93Chapter 4 Connecting Smart Objects 95 Communications Criteria 96 Range 96 Frequency Bands 98 Power Consumption 101 Topology 102 Constrained Devices 103 Constrained-Node Networks 104 IoT Access Technologies 107 IEEE 802.15.4 108 IEEE 802.15.4g and 802.15.4e 118 IEEE 1901.2a 124 IEEE 802.11ah 130 LoRaWAN 134 NB-IoT and Other LTE Variations 142 Summary 146Chapter 5 IP as the IoT Network Layer 149 The Business Case for IP 150 The Key Advantages of Internet Protocol 150 Adoption or Adaptation of the Internet Protocol 152 The Need for Optimization 154 Constrained Nodes 155 Constrained Networks 156 IP Versions 157 Optimizing IP for IoT 159 From 6LoWPAN to 6Lo 159 Header Compression 161 Fragmentation 162 Mesh Addressing 163 6TiSCH 165 RPL 167 Authentication and Encryption on Constrained Nodes 173 Profiles and Compliances 174 Internet Protocol for Smart Objects (IPSO) Alliance 174 Wi-SUN Alliance 174 Thread 174 IPv6 Ready Logo 175 Summary 175Chapter 6 Application Protocols for IoT 177 The Transport Layer 178 IoT Application Transport Methods 180 Application Layer Protocol Not Present 180 SCADA 182 Generic Web-Based Protocols 189 IoT Application Layer Protocols 191 Summary 204Chapter 7 Data and Analytics for IoT 205 An Introduction to Data Analytics for IoT 206 Structured Versus Unstructured Data 207 Data in Motion Versus Data at Rest 209 IoT Data Analytics Overview 209 IoT Data Analytics Challenges 211 Machine Learning 212 Machine Learning Overview 212 Machine Learning and Getting Intelligence from Big Data 218 Predictive Analytics 220 Big Data Analytics Tools and Technology 220 Massively Parallel Processing Databases 222 NoSQL Databases 223 Hadoop 224 The Hadoop Ecosystem 227 Edge Streaming Analytics 230 Comparing Big Data and Edge Analytics 231 Edge Analytics Core Functions 232 Distributed Analytics Systems 235 Network Analytics 236 Flexible NetFlow Architecture 238 Summary 242 References 243Chapter 8 Securing IoT 245 A Brief History of OT Security 246 Common Challenges in OT Security 249 Erosion of Network Architecture 249 Pervasive Legacy Systems 250 Insecure Operational Protocols 250 Other Protocols 253 Device Insecurity 254 Dependence on External Vendors 255 Security Knowledge 256 How IT and OT Security Practices and Systems Vary 256 The Purdue Model for Control Hierarchy 257 OT Network Characteristics Impacting Security 259 Security Priorities: Integrity, Availability, and Confidentiality 261 Security Focus 261 Formal Risk Analysis Structures: OCTAVE and FAIR 262 OCTAVE 262 FAIR 265 The Phased Application of Security in an Operational Environment 266 Secured Network Infrastructure and Assets 266 Deploying Dedicated Security Appliances 269 Higher-Order Policy Convergence and Network Monitoring 272 Summary 274Part III IoT in Industry 275Chapter 9 Manufacturing 277 An Introduction to Connected Manufacturing 278 An IoT Strategy for Connected Manufacturing 279 Business Improvements Driven Through IoT 281 An Architecture for the Connected Factory 282 Industrial Automation and Control Systems Reference Model 282 The CPwE Reference Model 284 CPwE Resilient Network Design 286 CPwE Wireless 289 Industrial Automation Control Protocols 293 EtherNet/IP and CIP 293 PROFINET 294 The PROFINET Architecture 296 Media Redundancy Protocol (MRP) 297 Modbus/TCP 298 Connected Factory Security 299 A Holistic Approach to Industrial Security 299 Edge Computing in the Connected Factory 304 Connected Machines and Edge Computing 304 Summary 307 References 307Chapter 10 Oil and Gas 309 An Introduction to the Oil and Gas Industry 310 Defining Oil and Gas 310 The Oil and Gas Value Chain 313 Current Trends in the Oil and Gas Industry 314 Industry Key Challenges as Digitization Drivers 316 IoT and the Oil and Gas Industry 319 Improving Operational Efficiency 321 The Purdue Model for Control Hierarchy in Oil and Gas Networks 321 Oil and Gas Use Cases for IoT 323 IoT Architectures for Oil and Gas 326 Control Room Networks for Oil and Gas 327 Wired Networks for Oil and Gas 328 Wireless Networks for Oil and Gas 328 Wireless Use Cases in the Oil and Gas Industry 332 The Risk Control Framework for Cybersecurity in IoT 335 Securing the Oil and Gas PCN: Background 337 Securing the Oil and Gas PCN: Use Cases and Requirements 338 Data Analytics for Predictive Asset Monitoring 341 Summary 342 References 343Chapter 11 Utilities 345 An Introduction to the Power Utility Industry 347 The IT/OT Divide in Utilities 348 The GridBlocks Reference Model 350 GridBlocks: An 11-Tiered Reference Architecture 352 The Primary Substation GridBlock and Substation Automation 356 SCADA 357 IEC 61850: The Modernization of Substation Communication Standards 358 Network Resiliency Protocols in the Substation 362 System Control GridBlock: The Substation WAN 364 Defining Teleprotection 364 Designing a WAN for Teleprotection 367 The Field Area Network (FAN) GridBlock 369 Advanced Metering Infrastructure 371 Other Use Cases 373 Securing the Smart Grid 377 NERC CIP 378 Smart Grid Security Considerations 380 The Future of the Smart Grid 381 Summary 382 References 383Chapter 12 Smart and Connected Cities 385 An IoT Strategy for Smarter Cities 386 Vertical IoT Needs for Smarter Cities 386 Global vs. Siloed Strategies 389 Smart City IoT Architecture 390 Street Layer 391 City Layer 394 Data Center Layer 395 Services Layer 397 On-Premises vs. Cloud 398 Smart City Security Architecture 398 Smart City Use-Case Examples 401 Connected Street Lighting 401 Connected Environment 409 Summary 411 References 412Chapter 13 Transportation 413 Transportation and Transports 413 Transportation Challenges 415 Roadways 415 Mass Transit 416 Rail 417 Challenges for Transportation Operators and Users 418 IoT Use Cases for Transportation 420 Connected Cars 421 Connected Fleets 422 Infrastructure and Mass Transit 422 An IoT Architecture for Transportation 427 IoT Technologies for Roadways 427 Connected Roadways Network Architecture 434 Extending the Roadways IoT Architecture to Bus Mass Transit 440 Extending Bus IoT Architecture to Railways 442 Summary 447 References 448Chapter 14 Mining 449 Mining Today and Its Challenges 451 Scale 451 Safety 455 Environment 455 Security 456 Volatile Markets 456 Challenges for IoT in Modern Mining 456 The OT Roles in Mining 456 Connectivity 457 An IoT Strategy for Mining 459 Improved Safety and Location Services 459 Location Services 461 Improved Efficiencies 464 Improved Collaboration 465 IoT Security for Mining 466 An Architecture for IoT in Mining 467 IEEE 802.11 as the IoT Access Layer 468 802.11 Outdoor Wireless Mesh 468 4G/LTE 474 Wireless in Underground Mining 475 Industrial Wireless 476 Isolated vs. Connected Mine Networks 476 Core Network Connectivity 478 Network Design Consideration for Mining Applications 479 Data Processing 480 Summary 481Chapter 15 Public Safety 483 Overview of Public Safety 484 Public Safety Objects and Exchanges 484 Public and Private Partnership for Public Safety IoT 486 Public Safety Adoption of Technology and the IoT 488 An IoT Blueprint for Public Safety 489 Mission Continuum 489 Mission Fabric 490 Inter-agency Collaboration 491 Emergency Response IoT Architecture 493 Mobile Command Center 494 Mobile Vehicles: Land, Air, and Sea 501 IoT Public Safety Information Processing 506 School Bus Safety 508 Bus Location and Student Onboarding/Offboarding 508 Driver Behavior Reporting 510 Diagnostic Reporting 511 Video Surveillance 511 Student Wi-Fi 513 Push-to-Talk Communication 513 School Bus Safety Network Architecture 513 Summary 514 Reference 5159781587144561, TOC, 5/16/2017
£36.44
Springer Verlag, Singapore Multimedia Technologies in the Internet of Things
Book SynopsisThis book proposes a comprehensive overview of the state-of-the-art research work on multimedia analysis in IoT applications. This is a third volume by editors which provides theoretical and practical approach in the area of multimedia and IOT applications and performance analysis. Further, multimedia communication, deep learning models to multimedia data, and the new (IOT) approaches are also covered. It addresses the complete functional framework in the area of multimedia data, IoT, and smart computing techniques. It bridges the gap between multimedia concepts and solutions by providing the current IOT frameworks, their applications in multimedia analysis, the strengths and limitations of the existing methods, and the future directions in multimedia IOT analytics.Table of ContentsQuantum Blockchain Approach for Security Enhancement in Cyber World.- Quantum Computing for Healthcare: A review on Implementation Trends and Recent Advances.- Towards Task Scheduling Approaches to Reduce Energy Consumption in Cloud Computing Environment.- An Efficient Data Transferring through Li-Fi Technology: A Smart Home Appliance.- Modeling of Fuzzy Logic Based Classification System Using the Gravitational Search Algorithm.- Big Data Based Image Handling – A Review of Implementation using Amazon Web Services.- Real Time System for Forecasting Natural Disasters using the Social Network.- Call Based Smart Transportation using Artificial Intelligence.- Design Issues for Developing Routing Protocols for Flying Adhoc Network.- Online Stream Processing and Multimedia Oriented IoT: Tools for Sustainable Development of Smart Cities.- Big Data Analytics and Data Mining for Healthcare Informatics (HCI).- Integration of Quantum Computing and Blockchain Technology: A Cryptographic Perspective.
£132.99
