Computer networking and communications Books
John Wiley & Sons Inc Professional Microsoft SQL Server 2012
Book SynopsisAn essential how-to guide for experienced DBAs on the most significant product release since 2005! Microsoft SQL Server 2012 will have major changes throughout the SQL Server and will impact how DBAs administer the database.Trade ReviewIf you want a good, wide ranging, general SQL Server 2012 administration book, I can certainly recommend this book. (I Programmer, December 2013)Table of ContentsINTRODUCTION xxxvii CHAPTER 1: SQL SERVER 2012 ARCHITECTURE 1 CHAPTER 2: INSTALLING SQL SERVER 2012 BEST PRACTICES 21 CHAPTER 3: UPGRADING SQL SERVER 2012 BEST PRACTICES 53 CHAPTER 4: MANAGING AND TROUBLESHOOTING THE DATABASE ENGINE 71 CHAPTER 5: AUTOMATING SQL SERVER 105 CHAPTER 6: SERVICE BROKER IN SQL SERVER 2012 147 CHAPTER 7: SQL SERVER CLR INTEGRATION 167 CHAPTER 8: SECURING THE DATABASE INSTANCE 181 CHAPTER 9: CHANGE MANAGEMENT 197 CHAPTER 10: CONFIGURING THE SERVER FOR OPTIMAL PERFORMANCE 233 CHAPTER 11: OPTIMIZING SQL SERVER 2012 273 CHAPTER 12: MONITORING YOUR SQL SERVER 317 CHAPTER 13: PERFORMANCE TUNING T-SQL 399 CHAPTER 14: INDEXING YOUR DATABASE 449 CHAPTER 15: REPLICATION 473 CHAPTER 16: CLUSTERING SQL SERVER 2012 509 CHAPTER 17: BACKUP AND RECOVERY 547 CHAPTER 18: SQL SERVER 2012 LOG SHIPPING 607 CHAPTER 19: DATABASE MIRRORING 641 CHAPTER 20: INTEGRATION SERVICES ADMINISTRATION AND PERFORMANCE TUNING 695 CHAPTER 21: ANALYSIS SERVICES ADMINISTRATION AND PERFORMANCE TUNING 729 CHAPTER 22: SQL SERVER REPORTING SERVICES ADMINISTRATION 765 CHAPTER 23: SQL SERVER 2012 SHAREPOINT 2010 INTEGRATION 815 CHAPTER 24: SQL AZURE ADMINISTRATION AND CONFIGURATION 837 CHAPTER 25: ALWAYSON AVAILABILITY GROUPS 857 INDEX 885
£36.09
John Wiley & Sons Inc Data Mining and Predictive Analytics
Book SynopsisLearn methods of data analysis and their application to real-world data sets This updated second edition serves as an introduction to data mining methods and models, including association rules, clustering, neural networks, logistic regression, and multivariate analysis. The authors apply a unified white box approach to data mining methods and models. This approach is designed to walk readers through the operations and nuances of the various methods, using small data sets, so readers can gain an insight into the inner workings of the method under review. Chapters provide readers with hands-on analysis problems, representing an opportunity for readers to apply their newly-acquired data mining expertise to solving real problems using large, real-world data sets. Data Mining and Predictive Analytics: Offers comprehensive coverage of association rules, clustering, neural networks, logistic regression, multivariate analysis, and R statistical progTable of ContentsPREFACE xxi ACKNOWLEDGMENTS xxix PART I DATA PREPARATION 1 CHAPTER 1 AN INTRODUCTION TO DATA MINING AND PREDICTIVE ANALYTICS 3 1.1 What is Data Mining? What is Predictive Analytics? 3 1.2 Wanted: Data Miners 5 1.3 The Need for Human Direction of Data Mining 6 1.4 The Cross-Industry Standard Process for Data Mining: CRISP-DM 6 1.4.1 CRISP-DM: The Six Phases 7 1.5 Fallacies of Data Mining 9 1.6 What Tasks Can Data Mining Accomplish 10 CHAPTER 2 DATA PREPROCESSING 20 2.1 Why do We Need to Preprocess the Data? 20 2.2 Data Cleaning 21 2.3 Handling Missing Data 22 2.4 Identifying Misclassifications 25 2.5 Graphical Methods for Identifying Outliers 26 2.6 Measures of Center and Spread 27 2.7 Data Transformation 30 2.8 Min–Max Normalization 30 2.9 Z-Score Standardization 31 2.10 Decimal Scaling 32 2.11 Transformations to Achieve Normality 32 2.12 Numerical Methods for Identifying Outliers 38 2.13 Flag Variables 39 2.14 Transforming Categorical Variables into Numerical Variables 40 2.15 Binning Numerical Variables 41 2.16 Reclassifying Categorical Variables 42 2.17 Adding an Index Field 43 2.18 Removing Variables that are not Useful 43 2.19 Variables that Should Probably not be Removed 43 2.20 Removal of Duplicate Records 44 2.21 A Word About ID Fields 45 CHAPTER 3 EXPLORATORY DATA ANALYSIS 54 3.1 Hypothesis Testing Versus Exploratory Data Analysis 54 3.2 Getting to Know the Data Set 54 3.3 Exploring Categorical Variables 56 3.4 Exploring Numeric Variables 64 3.5 Exploring Multivariate Relationships 69 3.6 Selecting Interesting Subsets of the Data for Further Investigation 70 3.7 Using EDA to Uncover Anomalous Fields 71 3.8 Binning Based on Predictive Value 72 3.9 Deriving New Variables: Flag Variables 75 3.10 Deriving New Variables: Numerical Variables 77 3.11 Using EDA to Investigate Correlated Predictor Variables 78 3.12 Summary of Our EDA 81 CHAPTER 4 DIMENSION-REDUCTION METHODS 92 4.1 Need for Dimension-Reduction in Data Mining 92 4.2 Principal Components Analysis 93 4.3 Applying PCA to the Houses Data Set 96 4.4 How Many Components Should We Extract? 102 4.5 Profiling the Principal Components 105 4.6 Communalities 108 4.7 Validation of the Principal Components 110 4.8 Factor Analysis 110 4.9 Applying Factor Analysis to the Adult Data Set 111 4.10 Factor Rotation 114 4.11 User-Defined Composites 117 4.12 An Example of a User-Defined Composite 118 PART II STATISTICAL ANALYSIS 129 CHAPTER 5 UNIVARIATE STATISTICAL ANALYSIS 131 5.1 Data Mining Tasks in Discovering Knowledge in Data 131 5.2 Statistical Approaches to Estimation and Prediction 131 5.3 Statistical Inference 132 5.4 How Confident are We in Our Estimates? 133 5.5 Confidence Interval Estimation of the Mean 134 5.6 How to Reduce the Margin of Error 136 5.7 Confidence Interval Estimation of the Proportion 137 5.8 Hypothesis Testing for the Mean 138 5.9 Assessing the Strength of Evidence Against the Null Hypothesis 140 5.10 Using Confidence Intervals to Perform Hypothesis Tests 141 5.11 Hypothesis Testing for the Proportion 143 CHAPTER 6 MULTIVARIATE STATISTICS 148 6.1 Two-Sample t-Test for Difference in Means 148 6.2 Two-Sample Z-Test for Difference in Proportions 149 6.3 Test for the Homogeneity of Proportions 150 6.4 Chi-Square Test for Goodness of Fit of Multinomial Data 152 6.5 Analysis of Variance 153 CHAPTER 7 PREPARING TO MODEL THE DATA 160 7.1 Supervised Versus Unsupervised Methods 160 7.2 Statistical Methodology and Data Mining Methodology 161 7.3 Cross-Validation 161 7.4 Overfitting 163 7.5 Bias–Variance Trade-Off 164 7.6 Balancing the Training Data Set 166 7.7 Establishing Baseline Performance 167 CHAPTER 8 SIMPLE LINEAR REGRESSION 171 8.1 An Example of Simple Linear Regression 171 8.2 Dangers of Extrapolation 177 8.3 How Useful is the Regression? The Coefficient of Determination, r2 178 8.4 Standard Error of the Estimate, s 183 8.5 Correlation Coefficient r 184 8.6 Anova Table for Simple Linear Regression 186 8.7 Outliers, High Leverage Points, and Influential Observations 186 8.8 Population Regression Equation 195 8.9 Verifying the Regression Assumptions 198 8.10 Inference in Regression 203 8.11 t-Test for the Relationship Between x and y 204 8.12 Confidence Interval for the Slope of the Regression Line 206 8.13 Confidence Interval for the Correlation Coefficient p 208 8.14 Confidence Interval for the Mean Value of y Given x 210 8.15 Prediction Interval for a Randomly Chosen Value of y Given x 211 8.16 Transformations to Achieve Linearity 213 8.17 Box–Cox Transformations 220 CHAPTER 9 MULTIPLE REGRESSION AND MODEL BUILDING 236 9.1 An Example of Multiple Regression 236 9.2 The Population Multiple Regression Equation 242 9.3 Inference in Multiple Regression 243 9.4 Regression with Categorical Predictors, Using Indicator Variables 249 9.5 Adjusting R2: Penalizing Models for Including Predictors that are not Useful 256 9.6 Sequential Sums of Squares 257 9.7 Multicollinearity 258 9.8 Variable Selection Methods 266 9.9 Gas Mileage Data Set 270 9.10 An Application of Variable Selection Methods 271 9.11 Using the Principal Components as Predictors in Multiple Regression 279 PART III CLASSIFICATION 299 CHAPTER 10 k-NEAREST NEIGHBOR ALGORITHM 301 10.1 Classification Task 301 10.2 k-Nearest Neighbor Algorithm 302 10.3 Distance Function 305 10.4 Combination Function 307 10.5 Quantifying Attribute Relevance: Stretching the Axes 309 10.6 Database Considerations 310 10.7 k-Nearest Neighbor Algorithm for Estimation and Prediction 310 10.8 Choosing k 311 10.9 Application of k-Nearest Neighbor Algorithm Using IBM/SPSS Modeler 312 CHAPTER 11 DECISION TREES 317 11.1 What is a Decision Tree? 317 11.2 Requirements for Using Decision Trees 319 11.3 Classification and Regression Trees 319 11.4 C4.5 Algorithm 326 11.5 Decision Rules 332 11.6 Comparison of the C5.0 and CART Algorithms Applied to Real Data 332 CHAPTER 12 NEURAL NETWORKS 339 12.1 Input and Output Encoding 339 12.2 Neural Networks for Estimation and Prediction 342 12.3 Simple Example of a Neural Network 342 12.4 Sigmoid Activation Function 344 12.5 Back-Propagation 345 12.6 Gradient-Descent Method 346 12.7 Back-Propagation Rules 347 12.8 Example of Back-Propagation 347 12.9 Termination Criteria 349 12.10 Learning Rate 350 12.11 Momentum Term 351 12.12 Sensitivity Analysis 353 12.13 Application of Neural Network Modeling 353 CHAPTER 13 LOGISTIC REGRESSION 359 13.1 Simple Example of Logistic Regression 359 13.2 Maximum Likelihood Estimation 361 13.3 Interpreting Logistic Regression Output 362 13.4 Inference: are the Predictors Significant? 363 13.5 Odds Ratio and Relative Risk 365 13.6 Interpreting Logistic Regression for a Dichotomous Predictor 367 13.7 Interpreting Logistic Regression for a Polychotomous Predictor 370 13.8 Interpreting Logistic Regression for a Continuous Predictor 374 13.9 Assumption of Linearity 378 13.10 Zero-Cell Problem 382 13.11 Multiple Logistic Regression 384 13.12 Introducing Higher Order Terms to Handle Nonlinearity 388 13.13 Validating the Logistic Regression Model 395 13.14 WEKA: Hands-On Analysis Using Logistic Regression 399 CHAPTER 14 NAÏVE BAYES AND BAYESIAN NETWORKS 414 14.1 Bayesian Approach 414 14.2 Maximum a Posteriori (Map) Classification 416 14.3 Posterior Odds Ratio 420 14.4 Balancing the Data 422 14.5 Naïve Bayes Classification 423 14.6 Interpreting the Log Posterior Odds Ratio 426 14.7 Zero-Cell Problem 428 14.8 Numeric Predictors for Naïve Bayes Classification 429 14.9 WEKA: Hands-on Analysis Using Naïve Bayes 432 14.10 Bayesian Belief Networks 436 14.11 Clothing Purchase Example 436 14.12 Using the Bayesian Network to Find Probabilities 439 CHAPTER 15 MODEL EVALUATION TECHNIQUES 451 15.1 Model Evaluation Techniques for the Description Task 451 15.2 Model Evaluation Techniques for the Estimation and Prediction Tasks 452 15.3 Model Evaluation Measures for the Classification Task 454 15.4 Accuracy and Overall Error Rate 456 15.5 Sensitivity and Specificity 457 15.6 False-Positive Rate and False-Negative Rate 458 15.7 Proportions of True Positives, True Negatives, False Positives, and False Negatives 458 15.8 Misclassification Cost Adjustment to Reflect Real-World Concerns 460 15.9 Decision Cost/Benefit Analysis 462 15.10 Lift Charts and Gains Charts 463 15.11 Interweaving Model Evaluation with Model Building 466 15.12 Confluence of Results: Applying a Suite of Models 466 CHAPTER 16 COST-BENEFIT ANALYSIS USING DATA-DRIVEN COSTS 471 16.1 Decision Invariance Under Row Adjustment 471 16.2 Positive Classification Criterion 473 16.3 Demonstration of the Positive Classification Criterion 474 16.4 Constructing the Cost Matrix 474 16.5 Decision Invariance Under Scaling 476 16.6 Direct Costs and Opportunity Costs 478 16.7 Case Study: Cost-Benefit Analysis Using Data-Driven Misclassification Costs 478 16.8 Rebalancing as a Surrogate for Misclassification Costs 483 CHAPTER 17 COST-BENEFIT ANALYSIS FOR TRINARY AND k-NARY CLASSIFICATION MODELS 491 17.1 Classification Evaluation Measures for a Generic Trinary Target 491 17.2 Application of Evaluation Measures for Trinary Classification to the Loan Approval Problem 494 17.3 Data-Driven Cost-Benefit Analysis for Trinary Loan Classification Problem 498 17.4 Comparing Cart Models with and without Data-Driven Misclassification Costs 500 17.5 Classification Evaluation Measures for a Generic k-Nary Target 503 17.6 Example of Evaluation Measures and Data-Driven Misclassification Costs for k-Nary Classification 504 CHAPTER 18 GRAPHICAL EVALUATION OF CLASSIFICATION MODELS 510 18.1 Review of Lift Charts and Gains Charts 510 18.2 Lift Charts and Gains Charts Using Misclassification Costs 510 18.3 Response Charts 511 18.4 Profits Charts 512 18.5 Return on Investment (ROI) Charts 514 PART IV CLUSTERING 521 CHAPTER 19 HIERARCHICAL AND k-MEANS CLUSTERING 523 19.1 The Clustering Task 523 19.2 Hierarchical Clustering Methods 525 19.3 Single-Linkage Clustering 526 19.4 Complete-Linkage Clustering 527 19.5 k-Means Clustering 529 19.6 Example of k-Means Clustering at Work 530 19.7 Behavior of MSB, MSE, and Pseudo-F as the k-Means Algorithm Proceeds 533 19.8 Application of k-Means Clustering Using SAS Enterprise Miner 534 19.9 Using Cluster Membership to Predict Churn 537 CHAPTER 20 KOHONEN NETWORKS 542 20.1 Self-Organizing Maps 542 20.2 Kohonen Networks 544 20.3 Example of a Kohonen Network Study 545 20.4 Cluster Validity 549 20.5 Application of Clustering Using Kohonen Networks 549 20.6 Interpreting The Clusters 551 20.7 Using Cluster Membership as Input to Downstream Data Mining Models 556 CHAPTER 21 BIRCH CLUSTERING 560 21.1 Rationale for Birch Clustering 560 21.2 Cluster Features 561 21.3 Cluster Feature Tree 562 21.4 Phase 1: Building the CF Tree 562 21.5 Phase 2: Clustering the Sub-Clusters 564 21.6 Example of Birch Clustering, Phase 1: Building the CF Tree 565 21.7 Example of Birch Clustering, Phase 2: Clustering the Sub-Clusters 570 21.8 Evaluating the Candidate Cluster Solutions 571 21.9 Case Study: Applying Birch Clustering to the Bank Loans Data Set 571 CHAPTER 22 MEASURING CLUSTER GOODNESS 582 22.1 Rationale for Measuring Cluster Goodness 582 22.2 The Silhouette Method 583 22.3 Silhouette Example 584 22.4 Silhouette Analysis of the IRIS Data Set 585 22.5 The Pseudo-F Statistic 590 22.6 Example of the Pseudo-F Statistic 591 22.7 Pseudo-F Statistic Applied to the IRIS Data Set 592 22.8 Cluster Validation 593 22.9 Cluster Validation Applied to the Loans Data Set 594 PART V ASSOCIATION RULES 601 CHAPTER 23 ASSOCIATION RULES 603 23.1 Affinity Analysis and Market Basket Analysis 603 23.2 Support, Confidence, Frequent Itemsets, and the a Priori Property 605 23.3 How Does the A Priori Algorithm Work (Part 1)? Generating Frequent Itemsets 607 23.4 How Does the A Priori Algorithm Work (Part 2)? Generating Association Rules 608 23.5 Extension from Flag Data to General Categorical Data 611 23.6 Information-Theoretic Approach: Generalized Rule Induction Method 612 23.7 Association Rules are Easy to do Badly 614 23.8 How can we Measure the Usefulness of Association Rules? 615 23.9 Do Association Rules Represent Supervised or Unsupervised Learning? 616 23.10 Local Patterns Versus Global Models 617 PART VI ENHANCING MODEL PERFORMANCE 623 CHAPTER 24 SEGMENTATION MODELS 625 24.1 The Segmentation Modeling Process 625 24.2 Segmentation Modeling Using EDA to Identify the Segments 627 24.3 Segmentation Modeling using Clustering to Identify the Segments 629 CHAPTER 25 ENSEMBLE METHODS: BAGGING AND BOOSTING 637 25.1 Rationale for Using an Ensemble of Classification Models 637 25.2 Bias, Variance, and Noise 639 25.3 When to Apply, and not to apply, Bagging 640 25.4 Bagging 641 25.5 Boosting 643 25.6 Application of Bagging and Boosting Using IBM/SPSS Modeler 647 CHAPTER 26 MODEL VOTING AND PROPENSITY AVERAGING 653 26.1 Simple Model Voting 653 26.2 Alternative Voting Methods 654 26.3 Model Voting Process 655 26.4 An Application of Model Voting 656 26.5 What is Propensity Averaging? 660 26.6 Propensity Averaging Process 661 26.7 An Application of Propensity Averaging 661 PART VII FURTHER TOPICS 669 CHAPTER 27 GENETIC ALGORITHMS 671 27.1 Introduction To Genetic Algorithms 671 27.2 Basic Framework of a Genetic Algorithm 672 27.3 Simple Example of a Genetic Algorithm at Work 673 27.4 Modifications and Enhancements: Selection 676 27.5 Modifications and Enhancements: Crossover 678 27.6 Genetic Algorithms for Real-Valued Variables 679 27.7 Using Genetic Algorithms to Train a Neural Network 681 27.8 WEKA: Hands-On Analysis Using Genetic Algorithms 684 CHAPTER 28 IMPUTATION OF MISSING DATA 695 28.1 Need for Imputation of Missing Data 695 28.2 Imputation of Missing Data: Continuous Variables 696 28.3 Standard Error of the Imputation 699 28.4 Imputation of Missing Data: Categorical Variables 700 28.5 Handling Patterns in Missingness 701 PART VIII CASE STUDY: PREDICTING RESPONSE TO DIRECT-MAIL MARKETING 705 CHAPTER 29 CASE STUDY, PART 1: BUSINESS UNDERSTANDING, DATA PREPARATION, AND EDA 707 29.1 Cross-Industry Standard Practice for Data Mining 707 29.2 Business Understanding Phase 709 29.3 Data Understanding Phase, Part 1: Getting a Feel for the Data Set 710 29.4 Data Preparation Phase 714 29.5 Data Understanding Phase, Part 2: Exploratory Data Analysis 721 CHAPTER 30 CASE STUDY, PART 2: CLUSTERING AND PRINCIPAL COMPONENTS ANALYSIS 732 30.1 Partitioning the Data 732 30.2 Developing the Principal Components 733 30.3 Validating the Principal Components 737 30.4 Profiling the Principal Components 737 30.5 Choosing the Optimal Number of Clusters Using Birch Clustering 742 30.6 Choosing the Optimal Number of Clusters Using k-Means Clustering 744 30.7 Application of k-Means Clustering 745 30.8 Validating the Clusters 745 30.9 Profiling the Clusters 745 CHAPTER 31 CASE STUDY, PART 3: MODELING AND EVALUATION FOR PERFORMANCE AND INTERPRETABILITY 749 31.1 Do you Prefer the Best Model Performance, or a Combination of Performance and Interpretability? 749 31.2 Modeling and Evaluation Overview 750 31.3 Cost-Benefit Analysis Using Data-Driven Costs 751 31.4 Variables to be Input to the Models 753 31.5 Establishing the Baseline Model Performance 754 31.6 Models that use Misclassification Costs 755 31.7 Models that Need Rebalancing as a Surrogate for Misclassification Costs 756 31.8 Combining Models Using Voting and Propensity Averaging 757 31.9 Interpreting the Most Profitable Model 758 CHAPTER 32 CASE STUDY, PART 4: MODELING AND EVALUATION FOR HIGH PERFORMANCE ONLY 762 32.1 Variables to be Input to the Models 762 32.2 Models that use Misclassification Costs 762 32.3 Models that Need Rebalancing as a Surrogate for Misclassification Costs 764 32.4 Combining Models using Voting and Propensity Averaging 765 32.5 Lessons Learned 766 32.6 Conclusions 766 APPENDIX A DATA SUMMARIZATION AND VISUALIZATION 768 Part 1: Summarization 1: Building Blocks of Data Analysis 768 Part 2: Visualization: Graphs and Tables for Summarizing and Organizing Data 770 Part 3: Summarization 2: Measures of Center, Variability, and Position 774 Part 4: Summarization and Visualization of Bivariate Relationships 777 INDEX 781
£107.06
John Wiley & Sons Inc Computer Security Handbook
Book SynopsisComputer security touches every part of our daily lives from our computers and connected devices to the wireless signals around us. Breaches have real and immediate financial, privacy, and safety consequences. This handbook has compiled advice from top professionals working in the real world about how to minimize the possibility of computer security breaches in your systems. Written for professionals and college students, it provides comprehensive best guidance about how to minimize hacking, fraud, human error, the effects of natural disasters, and more. This essential and highly-regarded reference maintains timeless lessons and is fully revised and updated with current information on security issues for social networks, cloud computing, virtualization, and more.Table of ContentsPreface Acknowledgments About the Editors About the Contributors A Note to Instructors PART I FOUNDATIONS OF COMPUTER SECURITY Chapter 1 Brief History and Mission of Information System Security (Seymour Bosworth and Robert V. Jacobson) Chapter 2 History of Computer Crime Chapter 3 Toward a New Framework for Information Security (Donn B. Parker, CISSP) Chapter 4 Hardware Elements of Security (Sy Bosworth and Stephen Cobb) Chapter 5 Data Communications and Information Security (Raymond Panko and Eric Fisher) Chapter 6 Local Area Network Topologies, Protocols, and Design (Gary C. Kessler) Chapter 7 Encryption (Stephen Cobb and Corinne LeFrançois) Chapter 8 Using a Common Language for Computer Security Incident Information (John D. Howard) Chapter 9 Mathematical Models of Computer Security (Matt Bishop) Chapter 10 Understanding Studies and Surveys of Computer Crime (M. E. Kabay) Chapter 11 Fundamentals of Intellectual Property Law (William A. Zucker and Scott J. Nathan) PART II THREATS AND VULNERABILITIES Chapter 12 The Psychology of Computer Criminals (Q. Campbell and David M. Kennedy) Chapter 13 The Insider Threat (Gary L. Tagg, CISSP) Chapter 14 Information Warfare (Seymour Bosworth) Chapter 15 Penetrating Computer Systems and Networks (Chey Cobb, Stephen Cobb, M. E. Kabay, and Tim Crothers) Chapter 16 Malicious Code (Robert Guess and Eric Salveggio) Chapter 17 Mobile Code (Robert Gezelter) Chapter 18 Denial-of-Service Attacks (Gary C. Kessler) Chapter 19 Social-engineering and low-tech attacks (Karthik Raman, Susan Baumes, Kevin Beets, and Carl Ness) Chapter 20 Spam, Phishing, and Trojans: Attacks Meant To Fool (Stephen Cobb) Chapter 21 Web-Based Vulnerabilities (Anup K. Ghosh, Kurt Baumgarten, Jennifer Hadley, and Steven Lovaas) Chapter 22 Physical Threats to the Information Infrastructure (Franklin Platt) PART III PREVENTION: TECHNICAL DEFENSES Chapter 23 Protecting the Physical Information Infrastructure (Franklin Platt) Chapter 24 Operating System Security (William Stallings) Chapter 25 Local Area Networks (N. Todd Pritsky, Joseph R. Bumblis, and Gary C. Kessler) Chapter 26 Gateway Security Devices (Justin Opatrny) Chapter 27 Intrusion Detection and Intrusion Prevention Devices (Rebecca Gurley Bace) Chapter 28: Identification and Authentication (Ravi Sandhu, Jennifer Hadley, Steven Lovaas, and Nicholas Takacs) Chapter 29: Biometric Authentication (Eric Salveggio, Steven Lovaas, David R. Lease, and Robert Guess) Chapter 30: E-Commerce and Web Server Safeguards (Robert Gezelter) Chapter 31: Web Monitoring and Content Filtering (Steven Lovaas) Chapter 32 Virtual Private Networks and Secure Remote Access (Justin Opatrny and Carl Ness Chapter 33 802.11 Wireless LAN Security (Gary L. Tagg, CISSP and Jason Sinchak, CISSP) Chapter 34 Securing VoIP (Christopher Dantos and John Mason) Chapter 35 Securing P2P, IM, SMS, and Collaboration Tools (Carl Ness) Chapter 36 Securing Stored Data (David J. Johnson, Nicholas Takacs, Jennifer Hadley, and M. E. Kabay) Chapter 37: PKI and Certificate Authorities (Santosh Chokhani, Padgett Peterson, and Steven Lovaas) Chapter 38: Writing Secure Code (Lester E. Nichols, M. E. Kabay, and Timothy Braithwaite) Chapter 39 Software Development and Quality Assurance (Diane E. Levine, John Mason, and Jennifer Hadley) Chapter 40: Managing Software Patches and Vulnerabilities (Karen Scarfone, Peter Mell, and Murugiah Souppaya) Chapter 41: Antivirus Technology (Chey Cobb and Allysa Myers) Chapter 42: Protecting Digital Rights: Technical Approaches (Robert Guess, Jennifer Hadley, Steven Lovaas, and Diane E. Levine) PART IV PREVENTION: HUMAN FACTORS Chapter 43 Ethical Decision Making and High Technology (James Landon Linderman) Chapter 44: Security Policy Guidelines (M. E. Kabay and Bridgitt Robertson) Chapter 45: Employment Practices and Policies (M. E. Kabay and Bridgitt Robertson) Chapter 46 Vulnerability Assessment (Rebecca Gurley Bace and Jason Sinchak) Chapter 47: Operations Security and Production Controls (M. E. Kabay, Don Holden, and Myles Walsh) Chapter 48: E-Mail and Internet Use Policies (M. E. Kabay and Nicholas Takacs) Chapter 49: Implementing a Security-Awareness Program (K. Rudolph) Chapter 50 Using Social Psychology to Implement Security Policies (M. E. Kabay, Bridgitt Robertson, Mani Akella, and D. T. Lang) Chapter 51: Security Standards for Products (Paul Brusil and Noel Zakin) PART V DETECTING SECURITY BREACHES Chapter 52: Application Controls (Myles Walsh & Susan Baumes) Chapter 53: Monitoring and Control Systems (Caleb S. Coggins and Diane E. Levine) Chapter 54: Security Audits (Donald Glass, Richard O. Moore III, Chris Davis, John Mason, David Gursky, James Thomas, Wendy Carr, M. E. Kabay and Diane Levine) Chapter 55: Cyber Investigation1 (Peter Stephenson) PART VI RESPONSE AND REMEDIATION Chapter 56: Computer Security Incident Response Teams1 (Michael Miora, M. E. Kabay, and Bernie Cowens) Chapter 57: Data Backups and Archives (M. E. Kabay and Don Holden) Chapter 58: Business Continuity Planning (Michael Miora) Chapter 59: Disaster Recovery (Michael Miora) Chapter 60: Insurance Relief (Robert A. Parisi, Jr., John F. Mullen and Kevin Apollo) Chapter 61 Working with Law Enforcement (David A. Land) PART VII MANAGEMENT’S ROLE IN SECURITY Chapter 62 Quantitative Risk Assessment and Risk Management (Robert V. Jacobson & Susan Baumes) Chapter 63: Management Responsibilities and Liabilities (Carl Hallberg, M. E. Kabay, Bridgitt Robertson, and Arthur E. Hutt) Chapter 64: US Legal and Regulatory Security Issues (Timothy Virtue) Chapter 65: The Role of the CISO (Karen F. Worstell) Chapter 66: Developing Security Policies (M. E. Kabay and Sean Kelley) Chapter 67 Developing Classification Policies For Data (Karthik Raman, Kevin Beets, And M. E. Kabay) Chapter 68: Outsourcing and Security (Kip Boyle, Michael Buglewicz, and Steven Lovaas) PART VIII PUBLIC POLICY AND OTHER CONSIDERATIONS Chapter 69: Privacy in Cyberspace: US and European Perspectives (Henry L. Judy, Scott L. David, Benjamin S. Hayes, Jeffrey B. Ritter, Marc Rotenberg and M. E. Kabay) Chapter 70: Anonymity and Identity in Cyberspace (M. E. Kabay, Eric Salveggio, Robert Guess, and Russell D. Rosco) Chapter 71: Healthcare Security and Privacy (Paul Brusil) Chapter 72: Legal and Policy Issues of Censorship and Content Filtering (Lee Tien, Seth Finkelstein, and Steven Lovaas) Chapter 73: Expert Witnesses and the Daubert Challenge (Chey Cobb) Chapter 74: Professional Certification and Training in Information Assurance (M. E. Kabay, Christopher Christian, Kevin Henry and Sondra Schneider) Chapter 75 Undergraduate and Graduate Education in Information Assurance (Vic Maconachy and Seymour Bosworth) Chapter 76: The Future of Information Assurance (Jeremy A. Hansen) Index
£157.50
John Wiley & Sons Inc Scalable Computing and Communications
Book SynopsisReviews the latest advances in the all-important field of scalable computing In telecommunications and software engineering, scalability is the ability of a system, network, or process to either handle growing amounts of work in a graceful manner or be enlarged to accommodate that growth. It is a desirable property for many scientific, industrial, and business applications and an important feature for hardware. This immersive book summarizes the latest research achievements in the field of scalable computing and covers new topics that have emerged recently on computing and communications, such as unconventional computing, green and sustainable computing, cloud and volunteer computing, and more. Filled with contributions from world-renowned engineers, researchers, and IT professionals in diverse areas, Scalable Computing and Communications covers: Circuit and component design Operating systems Green computing NetworkTable of ContentsPreface xix Contributors xxi 1. Scalable Computing and Communications: Past, Present, and Future 1Yanhui Wu, Kashif Bilal, Samee U. Khan, Lizhe Wang, and Albert Y. Zomaya 1.1 Scalable Computing and Communications 1 References 4 2. Reliable Minimum Connected Dominating Sets for Topology Control in Probabilistic Wireless Sensor Networks 7Jing (Selena) He, Shouling Ji, Yi Pan, and Yingshu Li 2.1 Topology Control in Wireless Sensor Networks (WSNs) 7 2.2 DS-Based Topology Control 10 2.3 Deterministic WSNs and Probabilistic WSNs 12 2.4 Reliable MCDS Problem 13 2.5 A GA to Construct RMCDS-GA 17 2.6 Performance Evaluation 26 2.7 Conclusions 27 References 28 3. Peer Selection Schemes in Scalable P2P Video Streaming Systems 31Xin Jin and Yu-Kwong Kwok 3.1 Introduction 31 3.2 Overlay Structures 32 3.3 Peer Selection for Overlay Construction 34 3.4 A Game Theoretic Perspective on Peer Selection 45 3.5 Discussion and Future Work 47 3.6 Summary 48 References 49 4. Multicore and Many-Core Computing 55Ioannis E. Venetis 4.1 Introduction 55 4.2 Architectural Options for Multicore Systems 60 4.3 Multicore Architecture Examples 64 4.4 Programming Multicore Architectures 67 4.5 Many-Core Architectures 74 4.6 Many-Core Architecture Examples 75 4.7 Summary 77 References 77 5. Scalable Computing on Large Heterogeneous CPU/GPU Supercomputers 81Fengshun Lu, Kaijun Ren, Junqiang Song, and Jinjun Chen 5.1 Introduction 81 5.2 Heterogeneous Computing Environments 82 5.3 Scalable Programming Patterns for Large GPU Clusters 84 5.4 Hybrid Implementations 87 5.5 Experimental Results 89 5.6 Conclusions 94 Acknowledgments 94 References 94 6. Diagnosability of Multiprocessor Systems 97Chia-Wei Lee and Sun-Yuan Hsieh 6.1 Introduction 97 6.2 Fundamental Concepts 98 6.3 Diagnosability of (1,2)-MCNS under PMC Model 103 6.4 Diagnosability of 2-MCNS under MM* Model 105 6.5 Application to Multiprocessor Systems 110 6.6 Concluding Remarks 122 References 122 7. A Performance Analysis Methodology for MultiCore, Multithreaded Processors 125Miao Ju, Hun Jung, and Hao Che 7.1 Introduction 125 7.2 Methodology 126 7.3 Simulation Tool (ST) 130 7.4 Analytic Modeling Technique 132 7.5 Testing 136 7.6 Related Work 139 7.7 Conclusions and Future Work 141 References 141 8. The Future in Mobile Multicore Computing 145Blake Hurd, Chiu C. Tan, and Jie Wu 8.1 Introduction 145 8.2 Background 146 8.3 Hardware Initiatives 148 8.4 Software Initiatives 151 8.5 Additional Discussion 152 8.6 Future Trends 153 8.7 Conclusion 154 References 155 9. Modeling and Algorithms for Scalable and Energy-Efficient Execution on Multicore Systems 157Dong Li, Dimitrios S. Nikolopoulos, and Kirk W. Cameron 9.1 Introduction 157 9.2 Model-Based Hybrid Message-Passing Interface (MPI)/OpenMP Power-Aware Computing 158 9.3 Power-Aware MPI Task Aggregation Prediction 170 9.4 Conclusions 181 References 182 10. Cost Optimization for Scalable Communication in Wireless Networks with Movement-Based Location Management 185Keqin Li 10.1 Introduction 185 10.2 Background Information 187 10.3 Cost Measure and Optimization for a Single User 190 10.4 Cost Optimization with Location Update Constraint 192 10.5 Cost Optimization with Terminal Paging Constraint 196 10.6 Numerical Data 201 10.7 Concluding Remarks 206 References / 206 11. A Framework for Semiautomatic Explicit Parallelization 209Ritu Arora, Purushotham Bangalore, and Marjan Mernik 11.1 Introduction 209 11.2 Explicit Parallelization Using MPI 210 11.3 Building Blocks of FraSPA 211 11.4 Evaluation of FraSPA through Case Studies 215 11.5 Lessons Learned 221 11.6 Related Work 222 11.7 Summary 224 References 224 12. Fault Tolerance and Transmission Reliability in Wireless Networks 227Wolfgang W. Bein and Doina Bein 12.1 Introduction: Reliability Issues in Wireless and Sensor Networks 227 12.2 Reliability and Fault Tolerance of Coverage Models for Sensor Networks 230 12.3 Fault-Tolerant k-Fold Pivot Routing in Wireless Sensor Networks 238 12.4 Impact of Variable Transmission Range in All-Wireless Networks 244 12.5 Conclusions and Open Problems 250 References / 251 13. Optimizing and Tuning Scientifi c Codes 255Qing Yi 13.1 Introduction 255 13.2 An Abstract View of the Machine Architecture 256 13.3 Optimizing Scientifi c Codes 256 13.4 Empirical Tuning of Optimizations 262 13.5 Related Work 272 13.6 Summary and Future Work 273 Acknowledgments 273 References 273 14. Privacy and Confi dentiality in Cloud Computing 277Khaled M. Khan and Qutaibah Malluhi 14.1 Introduction 277 14.2 Cloud Stakeholders and Computational Assets 278 14.3 Data Privacy and Trust 280 14.4 A Cloud Computing Example 281 14.5 Conclusion 288 Acknowledgments 288 References 288 15. Reputation Management Systems for Peer-to-Peer Networks 291Fang Qi, Haiying Shen, Harrison Chandler, Guoxin Liu, and Ze Li 15.1 Introduction 291 15.2 Reputation Management Systems 292 15.3 Case Study of Reputation Systems 307 15.4 Open Problems 316 15.5 Conclusion 316 Acknowledgments 317 References 317 16. Toward a Secure Fragment Allocation of Files in Heterogeneous Distributed Systems 321Yun Tian, Mohammed I. Alghamdi, Xiaojun Ruan, Jiong Xie, and Xiao Qin 16.1 Introduction 321 16.2 Related Work 323 16.3 System and Threat Models 325 16.4 S-FAS: A Secure Fragment Allocation Scheme 327 16.5 Assurance Models 329 16.6 Sap Allocation Principles and Prototype 332 16.7 Evaluation of System Assurance and Performance 333 16.8 Conclusion 339 Acknowledgments 341 References 341 17. Adopting Compression in Wireless Sensor Networks 343Xi Deng and Yuanyuan Yang 17.1 Introduction 343 17.2 Compression in Sensor Nodes 345 17.3 Compression Effect on Packet Delay 348 17.4 Online Adaptive Compression Algorithm 350 17.5 Performance Evaluations 360 17.6 Summary 362 References 363 18. GFOG: Green and Flexible Opportunistic Grids 365Harold Castro, Mario Villamizar, German Sotelo, Cesar O. Diaz, Johnatan Pecero, Pascal Bouvry, and Samee U. Khan 18.1 Introduction 365 18.2 Related Work 366 18.3 UnaGrid Infrastructure 369 18.4 Energy Consumption Model 372 18.5 Experimental Results 374 18.6 Conclusions and Future Work 382 References 382 19. Maximizing Real-Time System Utilization by Adjusting Task Computation Times 387Nasro Min-Allah, Samee Ullah Khan, Yongji Wang, Joanna Kolodziej, and Nasir Ghani 19.1 Introduction 387 19.2 Expressing Task Schedulability in Polylinear Surfaces 389 19.3 Task Execution Time Adjustment Based on the P-Bound 391 19.4 Conclusions 393 Acknowledgments 393 References 393 20. Multilevel Exploration of the Optimization Landscape through Dynamical Fitness for Grid Scheduling 395Joanna Kolodziej 20.1 Introduction 395 20.2 Statement of the Problem 397 20.3 General Characteristics of the Optimization Landscape 399 20.4 Multilevel Metaheuristic Schedulers 402 20.5 Empirical Analysis 408 20.6 Conclusions 417 References 417 21. Implementing Pointer Jumping for Exact Inference on Many-Core Systems 419Yinglong Xia, Nam Ma, and Viktor K. Prasanna 21.1 Introduction 419 21.2 Background 420 21.3 Related Work 422 21.4 Pointer Jumping-Based Algorithms for Scheduling Exact Inference 423 21.5 Analysis with Respect to Many-Core Processors 424 21.6 From Exact Inference to Generic Directed Acyclic Graph (DAG)-Structured Computations 427 21.7 Experiments 428 21.8 Conclusions 434 References 435 22. Performance Optimization of Scientifi c Applications Using an Autonomic Computing Approach 437Ioana Banicescu, Florina M. Ciorba, and Srishti Srivastava 22.1 Introduction 437 22.2 Scientifi c Applications and Their Performance 439 22.3 Load Balancing via DLS 441 22.4 The Use of Machine Learning in Improving the Performance of Scientifi c Applications 441 22.5 Design Strategies and an Integrated Framework 445 22.6 Experimental Results, Analysis, and Evaluation 455 22.7 Conclusions, Future Work, and Open Problems 462 Acknowledgments 463 References 463 23. A Survey of Techniques for Improving Search Engine Scalability through Profi ling, Prediction, and Prefetching of Query Results 467C. Shaun Wagner, Sahra Sedigh, Ali R. Hurson, and Behrooz Shirazi 23.1 Introduction 467 23.2 Modeling User Behavior 472 23.3 Grouping Users into Neighborhoods of Similarity 474 23.4 Similarity Metrics 481 23.5 Conclusion and Future Work 497 Appendix A Comparative Analysis of Comparison Algorithms 498 Appendix B Most Popular Searches 501 References 502 24. KNN Queries in Mobile Sensor Networks 507Wei-Guang Teng and Kun-Ta Chuang 24.1 Introduction 507 24.2 Preliminaries and Infrastructure-Based KNN Queries 509 24.3 Infrastructure-Free KNN Queries 511 24.4 Future Research Directions 519 24.5 Conclusions 519 References 520 25. Data Partitioning for Designing and Simulating Efficient Huge Databases 523Ladjel Bellatreche, Kamel Boukhalfa, Pascal Richard, and Soumia Benkrid 25.1 Introduction 523 25.2 Background and Related Work 527 25.3 Fragmentation Methodology 532 25.4 Hardness Study 535 25.5 Proposed Selection Algorithms 538 25.6 Impact of HP on Data Warehouse Physical Design 544 25.7 Experimental Studies 549 25.8 Physical Design Simulator Tool 553 25.9 Conclusion and Perspectives 559 References 560 26. Scalable Runtime Environments for Large-Scale Parallel Applications 563Camille Coti and Franck Cappello 26.1 Introduction 563 26.2 Goals of a Runtime Environment 565 26.3 Communication Infrastructure 567 26.4 Application Deployment 571 26.5 Fault Tolerance and Robustness 577 26.6 Case Studies 582 26.7 Conclusion 586 References 587 27. Increasing Performance through Optimization on APU 591Matthew Doerksen, Parimala Thulasiraman, and Ruppa Thulasiram 27.1 Introduction 591 27.2 Heterogeneous Architectures 591 27.3 Related Work 597 27.4 OpenCL, CUDA of the Future 600 27.5 Simple Introduction to OpenCL Programming 604 27.6 Performance and Optimization Summary 607 27.7 Application 607 27.8 Summary 609 Appendix 609 References 612 28. Toward Optimizing Cloud Computing: An Example of Optimization under Uncertainty 613Vladik Kreinovich 28.1 Cloud Computing: Why We Need It and How We Can Make It Most Efficient 613 28.2 Optimal Server Placement Problem: First Approximation 614 28.3 Server Placement in Cloud Computing: Toward a More Realistic Model 618 28.4 Predicting Cloud Growth: Formulation of the Problem and Our Approach to Solving This Problem 620 28.5 Predicting Cloud Growth: First Approximation 621 28.6 Predicting Cloud Growth: Second Approximation 622 28.7 Predicting Cloud Growth: Third Approximation 623 28.8 Conclusions and Future Work 625 Acknowledgments 625 Appendix: Description of Expenses Related to Cloud Computing 626 References 626 29. Modeling of Scalable Embedded Systems 629Arslan Munir, Sanjay Ranka, and Ann Gordon-Ross 29.1 Introduction 629 29.2 Embedded System Applications 631 29.3 Embedded Systems: Hardware and Software 634 29.4 Modeling: An Integral Part of the Embedded System Design Flow 638 29.5 Single- and Multiunit Embedded System Modeling 644 29.6 Conclusions 654 Acknowledgments 655 References 655 30. Scalable Service Composition in Pervasive Computing 659Joanna Siebert and Jiannong Cao 30.1 Introduction 659 30.2 Service Composition Framework 660 30.3 Approaches and Techniques for Scalable Service Composition in PvCE 664 30.4 Conclusions 671 References 671 31. Virtualization Techniques for Graphics Processing Units 675Pavan Balaji, Qian Zhu, and Wu-Chun Feng 31.1 Introduction 675 31.2 Background 677 31.3 VOCL Framework 677 31.4 VOCL Optimizations 682 31.5 Experimental Evaluation 687 31.6 Related Work 696 31.7 Concluding Remarks 696 References 697 32. Dense Linear Algebra on Distributed Heterogeneous Hardware with a Symbolic DAG Approach 699George Bosilca, Aurelien Bouteiller, Anthony Danalis, Thomas Herault, Piotr Luszczek, and Jack J. Dongara 32.1 Introduction and Motivation 699 32.2 Distributed Datafl ow by Symbolic Evaluation 701 32.3 The DAGuE Datafl ow Runtime 705 32.4 Datafl ow Representation 709 32.5 Programming Linear Algebra with DAGuE 716 32.6 Performance Evaluation 728 32.7 Conclusion 731 32.8 Summary 732 References 733 33. Fault-Tolerance Techniques for Scalable Computing 737Pavan Balaji, Darius Buntinas, and Dries Kimpe 33.1 Introduction and Trends in Large-Scale Computing Systems 737 33.2 Hardware Features for Resilience 738 33.3 Systems Software Features for Resilience 743 33.4 Application or Domain-Specifi c Fault-Tolerance Techniques 748 33.5 Summary 753 References 753 34. Parallel Programming Models for Scalable Computing 759James Dinan and Pavan Balaji 34.1 Introduction to Parallel Programming Models 759 34.2 The Message-Passing Interface (MPI) 761 34.3 Partitioned Global Address Space (PGAS) Models 765 34.4 Task-Parallel Programming Models 769 34.5 High-Productivity Parallel Programming Models 772 34.6 Summary and Concluding Remarks 775 Acknowledgment 775 References 775 35. Grid Simulation Tools for Job Scheduling and Data File Replication 777Javid Taheri, Albert Y. Zomaya, and Samee U. Khan 35.1 Introduction 777 35.2 Simulation Platforms 779 35.3 Problem Statement: Data-Aware Job Scheduling (DAJS) 792 References 795 Index 799
£125.96
John Wiley & Sons Inc Reliability and Availability of Cloud Computing
Book SynopsisThis book addresses IS/IT architects, developers, program managers, product managers, and quality managers who are considering or responsible for applications that will be virtualized or deployed on a cloud.Trade Review“For sure, specialists responsible for recommending, providing, or managing cloud platforms for either private or public cloud will profit with having this work on their shelf. I would also like to highly recommend this position for people new to the considered concepts of cloud computing or computer systems reliability as it provides an excellent background for the both areas.” (IEEE Communications Magazine, 1 October 2013) “Therefore, it will probably only be of real interest to those who are directly involved in improving or implementing their own systems in a cloud platform.” (Computing Reviews, 30 November 2012) Table of ContentsFigures xvii Tables xxi Equations xxiii Introduction xxv I BASICS 1 1 CLOUD COMPUTING 3 1.1 Essential Cloud Characteristics 4 1.2 Common Cloud Characteristics 6 1.3 But What, Exactly, Is Cloud Computing? 7 1.4 Service Models 9 1.5 Cloud Deployment Models 11 1.6 Roles in Cloud Computing 12 1.7 Benefi ts of Cloud Computing 14 1.8 Risks of Cloud Computing 15 2 VIRTUALIZATION 16 2.1 Background 16 2.2 What Is Virtualization? 17 2.3 Server Virtualization 19 2.4 VM Lifecycle 23 2.5 Reliability and Availability Risks of Virtualization 28 3 SERVICE RELIABILITY AND SERVICE AVAILABILITY 29 3.1 Errors and Failures 30 3.2 Eight-Ingredient Framework 31 3.3 Service Availability 34 3.4 Service Reliability 43 3.5 Service Latency 46 3.6 Redundancy and High Availability 50 3.7 High Availability and Disaster Recovery 56 3.8 Streaming Services 58 3.9 Reliability and Availability Risks of Cloud Computing 62 II ANALYSIS 63 4 ANALYZING CLOUD RELIABILITY AND AVAILABILITY 65 4.1 Expectations for Service Reliability and Availability 65 4.2 Risks of Essential Cloud Characteristics 66 4.3 Impacts of Common Cloud Characteristics 70 4.4 Risks of Service Models 72 4.5 IT Service Management and Availability Risks 74 4.6 Outage Risks by Process Area 80 4.7 Failure Detection Considerations 83 4.8 Risks of Deployment Models 87 4.9 Expectations of IaaS Data Centers 87 5 RELIABILITY ANALYSIS OF VIRTUALIZATION 90 5.1 Reliability Analysis Techniques 90 5.2 Reliability Analysis of Virtualization Techniques 95 5.3 Software Failure Rate Analysis 100 5.4 Recovery Models 101 5.5 Application Architecture Strategies 108 5.6 Availability Modeling of Virtualized Recovery Options 110 6 HARDWARE RELIABILITY, VIRTUALIZATION, AND SERVICE AVAILABILITY 116 6.1 Hardware Downtime Expectations 116 6.2 Hardware Failures 117 6.3 Hardware Failure Rate 119 6.4 Hardware Failure Detection 121 6.5 Hardware Failure Containment 122 6.6 Hardware Failure Mitigation 122 6.7 Mitigating Hardware Failures via Virtualization 124 6.8 Virtualized Networks 127 6.9 MTTR of Virtualized Hardware 129 6.10 Discussion 131 7 CAPACITY AND ELASTICITY 132 7.1 System Load Basics 132 7.2 Overload, Service Reliability, and Service Availability 135 7.3 Traditional Capacity Planning 136 7.4 Cloud and Capacity 137 7.5 Managing Online Capacity 144 7.6 Capacity-Related Service Risks 147 7.7 Capacity Management Risks 153 7.8 Security and Service Availability 157 7.9 Architecting for Elastic Growth and Degrowth 162 8 SERVICE ORCHESTRATION ANALYSIS 164 8.1 Service Orchestration Definition 164 8.2 Policy-Based Management 166 8.3 Cloud Management 168 8.4 Service Orchestration’s Role in Risk Mitigation 169 9 GEOGRAPHIC DISTRIBUTION, GEOREDUNDANCY, AND DISASTER RECOVERY 174 9.1 Geographic Distribution versus Georedundancy 175 9.2 Traditional Disaster Recovery 175 9.3 Virtualization and Disaster Recovery 177 9.4 Cloud Computing and Disaster Recovery 178 9.5 Georedundancy Recovery Models 180 9.6 Cloud and Traditional Collateral Benefits of Georedundancy 180 9.7 Discussion 182 III RECOMMENDATIONS 183 10 APPLICATIONS, SOLUTIONS, AND ACCOUNTABILITY 185 10.1 Application Configuration Scenarios 185 10.2 Application Deployment Scenario 187 10.3 System Downtime Budgets 188 10.4 End-to-End Solutions Considerations 197 10.5 Attributability for Service Impairments 201 10.6 Solution Service Measurement 204 10.7 Managing Reliability and Service of Cloud Computing 207 11 RECOMMENDATIONS FOR ARCHITECTING A RELIABLE SYSTEM 209 11.1 Architecting for Virtualization and Cloud 209 11.2 Disaster Recovery 216 11.3 IT Service Management Considerations 217 11.4 Many Distributed Clouds versus Fewer Huge Clouds 224 11.5 Minimizing Hardware-Attributed Downtime 225 11.6 Architectural Optimizations 231 12 DESIGN FOR RELIABILITY OF VIRTUALIZED APPLICATIONS 244 12.1 Design for Reliability 244 12.2 Tailoring DfR for Virtualized Applications 246 12.3 Reliability Requirements 248 12.4 Qualitative Reliability Analysis 256 12.5 Quantitative Reliability Budgeting and Modeling 259 12.6 Robustness Testing 260 12.7 Stability Testing 267 12.8 Field Performance Analysis 268 12.9 Reliability Roadmap 269 12.10 Hardware Reliability 270 13 DESIGN FOR RELIABILITY OF CLOUD SOLUTIONS 271 13.1 Solution Design for Reliability 271 13.2 Solution Scope and Expectations 273 13.3 Reliability Requirements 275 13.4 Solution Modeling and Analysis 279 13.5 Element Reliability Diligence 285 13.6 Solution Testing and Validation 285 13.7 Track and Analyze Field Performance 288 13.8 Other Solution Reliability Diligence Topics 292 14 SUMMARY 296 14.1 Service Reliability and Service Availability 297 14.2 Failure Accountability and Cloud Computing 299 14.3 Factoring Service Downtime 301 14.4 Service Availability Measurement Points 303 14.5 Cloud Capacity and Elasticity Considerations 306 14.6 Maximizing Service Availability 306 14.7 Reliability Diligence 309 14.8 Concluding Remarks 310 Abbreviations 311 References 314 About the Authors 318 Index 319
£70.16
John Wiley & Sons Inc iOS Hackers Handbook
Book SynopsisDiscover all the security risks and exploits that can threaten iOS-based mobile devices iOS is Apple''s mobile operating system for the iPhone and iPad. With the introduction of iOS5, many security issues have come to light. This book explains and discusses them all. The award-winning author team, experts in Mac and iOS security, examines the vulnerabilities and the internals of iOS to show how attacks can be mitigated. The book explains how the operating system works, its overall security architecture, and the security risks associated with it, as well as exploits, rootkits, and other payloads developed for it. Covers iOS security architecture, vulnerability hunting, exploit writing, and how iOS jailbreaks work Explores iOS enterprise and encryption, code signing and memory protection, sandboxing, iPhone fuzzing, exploitation, ROP payloads, and baseband attacks Also examines kernel debugging and exploitation Companion website includesTable of ContentsIntroduction xv Chapter 1 iOS Security Basics 1 Chapter 2 iOS in the Enterprise 15 Chapter 3 Encryption 47 Chapter 4 Code Signing and Memory Protections 69 Chapter 5 Sandboxing 107 Chapter 6 Fuzzing iOS Applications 139 Chapter 7 Exploitation 185 Chapter 8 Return-Oriented Programming 219 Chapter 9 Kernel Debugging and Exploitation 249 Chapter 10 Jailbreaking 297 Chapter 11 Baseband Attacks 327 Appendix References 365 Index 369
£27.99
John Wiley & Sons Inc Information Overload
Book SynopsisThis book covers the ever-increasing problem of information overload from both the professional and academic perspectives. Focusing on the needs of practicing engineers and professional communicators, it addresses the causes and costs of information overload, along with strategies and techniques for reducing and minimizing its negative effects. The theoretical framework of information overload and ideas for future research are also presented. The book brings together an international group of authors, providing a truly global point of view on this important, rarely covered topic.Table of ContentsList of Practical Insights from Corporations xv List of Figures xvii List of Tables xix Foreword xxi Preface xxvii Acknowledgments xxix A Note from the Series Editor xxxi Contributors xxxiii About the Editors xxxvii 1 INFORMATION OVERLOAD: AN INTERNATIONAL CHALLENGE TO PROFESSIONAL ENGINEERS AND TECHNICAL COMMUNICATORS 1 Judith B. Strother, Jan M. Ulijn, and Zohra Fazal 1.1 Definitions, Causes, and Consequences of Information Overload 1 1.1.1 Definitions of Information Overload 1 1.1.2 Causes of Information Overload 2 1.1.3 Consequences of Information Overload 3 1.2 Perspectives on the Concept of Information Overload 4 1.2.1 An Information and Time-Management Perspective 5 1.2.2 A Supplier/Producer/Writer and Client/User/Reader Perspective 5 1.2.3 An International/Intercultural Perspective 7 1.2.4 An Innovation Perspective 7 1.3 Readers of this Book 7 1.4 Structure of this Book 8 1.4.1 Section I: Causes and Costs of Information Overload 8 1.4.2 Section II: Control and Reduction of Information Overload 10 References 11 SECTION I. CAUSES AND COSTS OF INFORMATION OVERLOAD 2 OF TIME MAGAZINE, 24/7 MEDIA, AND DATA DELUGE: THE EVOLUTION OF INFORMATION OVERLOAD THEORIES AND CONCEPTS 15 Debashis “Deb” Aikat and David Remund 2.1 Introduction 16 2.2 Theory and Concept of Information Overload 16 2.3 Information Overload as a Twentieth Century Phenomenon 17 2.4 Evolution of Information and Its Proliferation in Society 21 2.4.1 The Early Quest for Information and Knowledge (320 BCE–Thirteenth Century) 21 2.4.2 The Age of Renaissance (Fourteenth–Seventeenth Century) and the Printing Press 22 2.4.3 The Industrial Revolution (Eighteenth–Nineteenth Century) and Its Information Innovations 23 2.4.4 The Era of the Mind and the Machine (Twentieth Century) 24 2.4.5 Internet Boom and Information Explosion of the 1990s 27 2.4.6 Data Deluge and Information Overload in the Twenty-First Century Digital Age 28 2.5 Information Overload Concepts 29 2.5.1 Definitions of Information Overload and Related Concepts 29 2.5.2 The Context of Information Overload 30 2.5.3 Causes and Consequences of Information Overload 31 2.6 Conclusion and Four Lessons Learned 32 Acknowledgment 33 References 33 PRACTICAL INSIGHTS FROM IBM 39 3 THE CHALLENGE OF INFORMATION BALANCE IN THE AGE OF AFFLUENT COMMUNICATION 41 Paulus Hubert Vossen 3.1 Introduction 42 3.2 Quantitative Aspects of Information Overload 43 3.3 Qualitative Aspects of Information Overload 45 3.3.1 Philosophical Perspective: Information in Science and Technology 45 3.3.2 Political Perspective: Information in Modern Society and a Global World 46 3.3.3 Economic Perspective: Information as a Commodity on the Market 47 3.3.4 Societal Perspective: Information as the Glue Between Communities 48 3.3.5 Psychological Perspective: Information as a Basis for Knowing and Acting 49 3.3.6 Ecological Perspective: Information as a Prerequisite for Living Creatures 50 3.4 Conclusion 51 3.5 A Call for Fundamental Research 52 References 53 PRACTICAL INSIGHTS FROM XEROX 55 Xerox Takes on Information Overload 55 Identifying the Problem 55 Sharing Information 56 Sorting Information 57 Cutting Through the Clutter 57 Life-Saving Software 58 Urban Central Nervous System 58 4 FROM CAVE WALL TO TWITTER: ENGINEERS AND TECHNICAL COMMUNICATORS AS INFORMATION SHAMAN FOR DIGITAL TRIBES 61 Anne Caborn and Cary L. Cooper 4.1 Introduction: The Dawn of the Information Shaman 62 4.2 The Magic of Metaphor 64 4.3 The Audience: The Emergence of Digital Tribes 65 4.4 Quill to Keyboard: The Writer and New Media 66 4.5 Helping the Reader: Techniques for the Information Shaman 68 4.6 The Magic of Hypertext Techniques: Journeys at the Speed of Thought 70 4.7 Conclusion: The Responsibilities of the Information Shaman 72 References 73 PRACTICAL INSIGHTS FROM THE LIMBURG MEDIA GROUP 75 Newspaper Position in The Netherlands 76 Managing Information Overload Using an Evolutionary Approach 76 A Revolutionary Perspective 77 5 THE INFLUENCE OF CULTURE ON INFORMATION OVERLOAD 79 Jan M. Ulijn and Judith B. Strother 5.1 Introduction 80 5.2 Levels of Culture 81 5.3 Cultural Patterns of Discourse Organization 82 5.4 High Context Versus Low Context 83 5.5 Internationalization Versus Localization 85 5.5.1 Latin America 86 5.5.2 Japan 87 5.5.3 China 87 5.6 The Effect of Professional Culture 88 5.7 Japan and U.S. Discourse Structures 91 5.8 Cultural Issues in Reader Versus Writer Responsibility 92 5.9 Implications for Engineers and Technical Communicators and Their Corporations 93 5.10 Conclusion 95 References 95 PRACTICAL INSIGHTS FROM A2Z GLOBAL LANGUAGES 99 6 EFFECT OF COLOR, VISUAL FORM, AND TEXTUAL INFORMATION ON INFORMATION OVERLOAD 103 No€el T. Alton and Alan Manning 6.1 Introduction 104 6.2 Previous Studies of Decorative and Indicative Effects 106 6.3 Experiments and Results 111 6.3.1 Study One: Restaurant Menu Design 112 6.3.2 Study Two: Graph Design and Recall Accuracy 114 6.3.3 Study Three: Diagram Design and Recall Accuracy 116 6.4 Practical Implications for Engineers and Technical Communicators 117 6.5 Conclusion 119 References 121 PRACTICAL INSIGHTS FROM APPLIED GLOBAL TECHNOLOGIES 123 7 COST OF INFORMATION OVERLOAD IN END-USER DOCUMENTATION 125 Prasanna Bidkar 7.1 Introduction 126 7.2 Information Overload 126 7.3 Causes of Information Overload 128 7.4 Sources of Noise in User Documentation 129 7.4.1 Information Content 129 7.4.2 Channel 130 7.4.3 Receiver 131 7.5 Effects of Information Overload on Users 132 7.6 The Current Study 133 7.6.1 The Survey 133 7.6.2 Results and Observations 133 7.7 Cost of Information Overload 135 7.7.1 Cost Framework 135 7.7.2 Scenario 1: Ideal Scenario 136 7.7.3 Scenario 2 136 7.7.4 Scenario 3 136 7.7.5 Scenario 4 136 7.7.6 An Example from the User’s Perspective: Denim Corp 137 7.7.7 An Example from the Producer’s Perspective: Logistics Corp 137 7.8 Conclusion 138 References 139 PRACTICAL INSIGHTS FROM HARRIS CORPORATION 141 Sources of Information Overload 141 Strategies for Dealing with Information Overload 142 SECTION II. CONTROL AND REDUCTION OF INFORMATION OVERLOAD: EMPIRICAL EVIDENCE 8 TAMING THE TERABYTES: A HUMAN-CENTERED APPROACH TO SURVIVING THE INFORMATION DELUGE 147 Eduard Hoenkamp 8.1 Introduction 148 8.2 Reducing Information Overload by Being Precise About What We Ask for 150 8.2.1 Conversational Query Elaboration to Discover Support Groups 150 8.2.2 Constructing Verbose Queries Automatically During a Presentation 151 8.3 Steering Clear of Information Glut Through Live Visual Feedback 152 8.4 Improving Search Engines by Making Them Human Centered 156 8.4.1 Case 1: The Basic Level Category 158 8.4.2 Case 2: The Complex Nominal 162 8.4.3 Case 3: Exploiting Natural Language Properties 165 8.5 Conclusion 167 Acknowledgments 167 References 168 PRACTICAL INSIGHTS FROM THE LABORATORY FOR QUALITY SOFTWARE 171 References 173 9 TECHNOLOGIES FOR DEALING WITH INFORMATION OVERLOAD: AN ENGINEER’S POINT OF VIEW 175 Toon Calders, George H. L. Fletcher, Faisal Kamiran, and Mykola Pechenizkiy 9.1 Introduction 176 9.2 Information Overload: Challenges and Opportunities 177 9.3 Storing and Querying Semistructured Data 179 9.3.1 XML as a Data Format for Semistructured Data 180 9.3.2 RDF as a Data Format for Semistructured Data 181 9.3.3 Remarks on the Use of XML and RDF 183 9.4 Techniques for Retrieving Information 183 9.5 Mining Large Databases for Extracting Information 187 9.6 Processing Data Streams 190 9.7 Summary 190 References 191 PRACTICAL INSIGHTS FROM THE COLLEGE OF AERONAUTICS, FLORIDA INSTITUTE OF TECHNOLOGY 195 From Data to Information to Situational Awareness to Decisions 196 Transformative Airspace Architecture 197 Robust, Agile, and Intelligently Responsive Information-Sharing Architecture 197 Next Generation Efforts to Manage Information 198 Distributed Decision Making 199 System-Wide Information Management (SWIM) 200 Shared Situation Awareness and Collaborative Decision Making 201 Automation and Information in the NAS 201 Summary 201 References 202 10 VISUALIZING INSTEAD OF OVERLOADING: EXPLORING THE PROMISE AND PROBLEMS OF VISUAL COMMUNICATION TO REDUCE INFORMATION OVERLOAD 203 Jeanne Mengis and Martin J. Eppler 10.1 The Qualitative Side of Information Overload 204 10.2 Causes of Information Overload 206 10.3 How Information Visualization Can Improve the Quality of Information and Reduce Information Overload 208 10.4 Using Visualization in Practice: Understanding the Knowing–Doing Gap 209 10.5 Methods and Context of the Study 211 10.5.1 Measures 211 10.5.2 Procedure and Analysis 213 10.6 Indications of the Knowing–Doing Gap: Visuals Are Valued, but Poorly Used 214 10.7 Understanding the Knowing–Doing Gap with TAM 214 10.8 Discussion 216 10.9 Conclusion 217 10.10 Future Research Directions 218 10A.1 Appendix 219 References 222 PRACTICAL INSIGHTS FROM ALVOGEN 227 The Challenges of Information Overload 227 Strategies for Dealing with Information Overload 228 11 DROWNING IN DATA: A REVIEWOF INFORMATION OVERLOAD WITHIN ORGANIZATIONS AND THE VIABILITY OF STRATEGIC COMMUNICATION PRINCIPLES 231 David Remund and Debashis “Deb” Aikat 11.1 Introduction 232 11.2 Defining Information Overload within Organizations 232 11.3 Evolution of the Information Overload Concept in Organizations 234 11.4 Implications of Information Overload within Organizations 235 11.4.1 Organizational Implications 235 11.4.2 Employee Implications 237 11.5 Traditional Strategies for Addressing Information Overload 238 11.5.1 Organizational Strategies 238 11.5.2 Individual Strategies 239 11.6 Strategic Communication Principles: A Viable Solution? 240 11.7 Putting Strategic Communication into Practice 242 11.8 Further Research 243 11.9 Conclusion 243 References 243 PRACTICAL INSIGHTS FROM THE DUTCH EMPLOYERS’ ASSOCIATION 247 Acting as an Information Resource 248 Focusing on the Added Value of Information 248 Co-Creating Added Value in Interaction with Companies 249 A Final Observation 250 References 250 12 BLINDFOLDED THROUGH THE INFORMATION HURRICANE? A REVIEW OF A MANAGER’S STRATEGY TO COPE WITH THE INFORMATION PARADOX 251 Arjen Verhoeff 12.1 Introduction 252 12.2 Decomposing the Information Paradox 253 12.2.1 The Control of the Internal Information Process 253 12.2.2 The Control of the External Information Process 254 12.3 A Framework to Analyze the Information Paradox 255 12.3.1 Do Managers Experience Issues Regarding Information? 257 12.3.2 Do Managers Use an Information Strategy? 257 12.3.3 Do Managers Use a Strategy to Transform Information into Added Value? 257 12.4 Illustrating the Framework with Some Dutch Empirical Evidence 258 12.4.1 The Importance of an Information Strategy 258 12.4.2 Preliminary Survey Among Dutch Managers 259 12.5 Discussion and Conclusion: Lessons in Information Strategy 260 12.5.1 Discussion 260 12.5.2 Methodological Grounding 261 12.5.3 Learning Points 261 12.5.4 Applied Innovative Directions 262 12.5.5 Toward an Innovative Research Agenda 264 12.5.6 General Conclusion 264 References 265 List of References for Boxed Quotations 267 Author Index 269 Subject Index 275
£44.06
John Wiley & Sons Inc Communication Practices in Engineering
Book SynopsisSafety continues to be a primary concern in the food, water, and pharmaceutical industries. Written by experts in food, drug, and water safety, this book examines some of the ways in which communication has affected safety issues in the recent past and encourages discussions about what improvements can be made.Table of ContentsA Note from the Series Editor ix Preface xi List of Contributors xiii Acknowledgments xv 1 Cowboys and Computers: Communicating National Animal Identification in the Beef Industry 1David Wright 1.1 Industries Collide 1 1.1.1 Resistance to Technology in the Beef Industry 3 1.1.2 Having a Cow over Mad Cow Disease 3 1.1.3 Change Is Slow in the Beef Industry 6 1.1.4 Communication Breakdowns and Coffee Shop Policymaking 7 1.1.5 Can We All Just Get Along? 9 1.1.6 USDA Strategies for Communication 10 1.2 A New Approach to Studying Complex Communication Issues 11 1.2.1 Ethnography and Diffusion in the Beef Supply Chain 13 1.2.2 Communication Theory Linguistics and Diffusion in the Beef Supply Chain 16 1.2.3 Linguistic Textual Analysis 19 1.2.4 Diffusing Innovations in the Real World 23 1.2.5 Diffusion and Communication Networks 24 1.3 Results of My Investigation 25 1.3.1 Alice at the Auction 26 1.3.2 Backstage at the Sale Barn 27 1.3.3 Buying the NAIS 29 1.3.4 Down on the Farm 30 1.3.5 Interviews with Members of the Beef Industry 32 1.3.6 Interviews with Livestock Market Owners 33 1.3.7 Rules from the Road 38 1.3.8 Communication Gaps and Communication Theory 40 1.3.9 Textual Analysis with Implicature and Pragmatics 48 1.4 Lessons of Beef and Bandwidth 49 1.4.1 No Pardon for Jargon 51 1.4.2 Alice Is Not in Wonderland 52 1.4.3 The Telephone Game Still Happens 53 1.4.4 It All Comes Down to Doin’ Business 54 1.4.5 What We Have Here Is a Failure to Communicate 56 1.4.6 Culture Is King 58 1.4.7 The Situation Now 59 References 60 2 Children Communicating Food Safety/Teaching Technical Communication to Children: Opportunities Gleaned from the FIRST® LEGO® League 2011 Food Factor Challenge 63Edward A. Malone and Havva Tezcan-Malone 2.1 Enhancing the Visibility and Recognition of Technical Communication 63 2.2 Literature Review: Teaching Technical Communication Engineering and Food Safety to Children 65 2.3 Background: The League the Challenge and the Team 67 2.3.1 First Lego League 67 2.3.2 The Food Factor Challenge 69 2.3.3 The Team: Global Dreamers 70 2.4 Examples of Technical Communication Activities in FLL Projects 71 2.4.1 Branding (Creating a Name and Logo) 72 2.4.2 Conducting Primary and Secondary Research 72 2.4.3 Giving Presentations and Demonstrations 74 2.4.4 Designing a Document 77 2.5 The Food Factor Challenge as a Model of Food-Safety Education 77 2.5.1 Fostering Food-Safety Habits in Children 78 2.5.2 Promoting Dialogue Rather Than Monologue 79 2.5.3 Generating Interest in Food-Safety Careers 79 2.6 Conclusion 80 Acknowledgments 81 References 81 3 The Role of Public (Mis)perceptions in the Acceptance of New Food Technologies: Implications for Food Nanotechnology Applications 89Mary L. Nucci and William K. Hallman 3.1 Accepting New Foods: Consumers Technology and Media 89 3.1.1 Food Technology Acceptance 90 3.1.2 The Role of the Media in Public Perceptions of Food Technologies 92 3.2 Nanotechnology: Unseen Unknown 95 3.2.1 Nanotechnology in the Media 96 3.2.2 Public Perceptions of Nanotechnology 96 3.2.3 Perceptions and Acceptance of Nanotechnology 97 3.3 Discussing New Food Technologies 101 Acknowledgments 103 References 103 4 The New Limeco Story: How One Produce Company Used Third-Party Food Safety Audit Scores to Improve Its Operation 119Roy E. Costa 4.1 Food Safety in Modern Food Supply Operations 119 4.2 Safety Audits Cause Some Level of Controversy 122 4.3 New Limeco’s Journey to Safety 122 4.3.1 Implementing Changes 124 4.3.2 Sanitation Issues 125 4.3.3 Gradual Safety Improvement 125 References 126 5 Communication Practices by Way of Permits and Policy: Do Environmental Regulations Promote Sustainability in the Real World? 129Becca Cammack 5.1 Communication in the Modern Environmental Movement 129 5.2 Background 130 5.2.1 Who Is on the Receiving End of Environmental Regulation? 131 5.2.2 What Are the Effects of Construction and Storm Water on the Environment? 131 5.3 Studying Groundwater Regulation 133 5.3.1 Textual Analysis 133 5.3.2 Case Study 134 5.4 Results of My Investigation 134 5.4.1 The CGP Fact Sheet Background Section 135 5.4.2 The CGP Rationale Section 136 5.4.3 Construction General Permit (CGP) 136 5.4.4 A Targeted Case Study of CGP 137 5.5 Discussion of Study Results 142 References 144 6 Influences of Technical Documentation and Its Translation on Efficiency and Customer Satisfaction 145Elena Sperandio 6.1 Considering Technical Documentation 145 6.1.1 The Problem with Integrating Systems 146 6.1.2 Enterprise Resource Planning Systems 147 6.1.3 Production Information Management Systems 148 6.1.4 Document Management Systems/Content Management Systems 148 6.1.5 Translation Memory Systems/Computer-Aided Translation 149 6.2 Data Management in Technical Communication 150 6.2.1 Development and Diffusion of Data Management Tools 150 6.3 Technical Communication in Small Companies 153 6.3.1 Workflow Advantages in Small Companies 153 6.3.2 Workflow Disadvantages in Small Companies 154 6.4 Technical Communication in Medium-Sized Companies 154 6.4.1 Workflow Advantages in Medium-Sized Companies 155 6.4.2 Workflow Disadvantages in Medium-Sized Companies 156 6.5 Technical Communication in Large Companies 156 6.5.1 Workflow Advantages in Large Companies 158 6.5.2 Workflow Disadvantages in Large Companies 159 6.6 Translation of Technical Information 159 6.6.1 Translations in Small Companies 160 6.6.2 Translations in Medium-Sized Companies 162 6.6.3 Translations in Large Companies 163 6.7 Consequences for Technical Communication 165 6.8 Assumptions About Technical Communication 166 6.9 Outlook 168 References 169 7 Communicating Food Through Muckraking: Ethics Food Engineering and Culinary Realism 171Kathryn C. Dolan 7.1 Muckraking and Promoting Food Safety 172 7.2 Culinary Realism and Food Safety 173 7.2.1 Tubercular Beef in The Jungle 174 7.3 High Fructose Corn Syrup in The Omnivore’s Dilemma and In Defense of Food 179 7.4 Literature as a Watchdog in Food Safety 184 7.5 The Effects of Literature on Everyday Practices 186 References 186 Index 189
£40.80
John Wiley & Sons Inc Evolutionary Algorithms for Mobile Ad Hoc
Book SynopsisThis comprehensive guide describes how evolutionary algorithms (EA) may be used to identify, model, and optimize day-to-day problems that arise for researchers in optimization and mobile networking.Table of ContentsPreface xiii PART I BASIC CONCEPTS AND LITERATURE REVIEW 1 1 INTRODUCTION TO MOBILE AD HOC NETWORKS 3 1.1 Mobile Ad Hoc Networks 6 1.2 Vehicular Ad Hoc Networks 9 1.2.1 Wireless Access in Vehicular Environment (WAVE) 11 1.2.2 Communication Access for Land Mobiles (CALM) 12 1.2.3 C2C Network 13 1.3 Sensor Networks 14 1.3.1 IEEE 1451 17 1.3.2 IEEE 802.15.4 17 1.3.3 ZigBee 18 1.3.4 6LoWPAN 19 1.3.5 Bluetooth 19 1.3.6 Wireless Industrial Automation System 20 1.4 Conclusion 20 References 21 2 INTRODUCTION TO EVOLUTIONARY ALGORITHMS 27 2.1 Optimization Basics 28 2.2 Evolutionary Algorithms 29 2.3 Basic Components of Evolutionary Algorithms 32 2.3.1 Representation 32 2.3.2 Fitness Function 32 2.3.3 Selection 32 2.3.4 Crossover 33 2.3.5 Mutation 34 2.3.6 Replacement 35 2.3.7 Elitism 35 2.3.8 Stopping Criteria 35 2.4 Panmictic Evolutionary Algorithms 36 2.4.1 Generational EA 36 2.4.2 Steady-State EA 36 2.5 Evolutionary Algorithms with Structured Populations 36 2.5.1 Cellular EAs 37 2.5.2 Cooperative Coevolutionary EAs 38 2.6 Multi-Objective Evolutionary Algorithms 39 2.6.1 Basic Concepts in Multi-Objective Optimization 40 2.6.2 Hierarchical Multi-Objective Problem Optimization 42 2.6.3 Simultaneous Multi-Objective Problem Optimization 43 2.7 Conclusion 44 References 45 3 SURVEY ON OPTIMIZATION PROBLEMS FOR MOBILE AD HOC NETWORKS 49 3.1 Taxonomy of the Optimization Process 51 3.1.1 Online and Offline Techniques 51 3.1.2 Using Global or Local Knowledge 52 3.1.3 Centralized and Decentralized Systems 52 3.2 State of the Art 53 3.2.1 Topology Management 53 3.2.2 Broadcasting Algorithms 58 3.2.3 Routing Protocols 59 3.2.4 Clustering Approaches 63 3.2.5 Protocol Optimization 64 3.2.6 Modeling the Mobility of Nodes 65 3.2.7 Selfish Behaviors 66 3.2.8 Security Issues 67 3.2.9 Other Applications 67 3.3 Conclusion 68 References 69 4 MOBILE NETWORKS SIMULATION 79 4.1 Signal Propagation Modeling 80 4.1.1 Physical Phenomena 81 4.1.2 Signal Propagation Models 85 4.2 State of the Art of Network Simulators 89 4.2.1 Simulators 89 4.2.2 Analysis 92 4.3 Mobility Simulation 93 4.3.1 Mobility Models 93 4.3.2 State of the Art of Mobility Simulators 96 4.4 Conclusion 98 References 98 PART II PROBLEMS OPTIMIZATION 105 5 PROPOSED OPTIMIZATION FRAMEWORK 107 5.1 Architecture 108 5.2 Optimization Algorithms 110 5.2.1 Single-Objective Algorithms 110 5.2.2 Multi-Objective Algorithms 115 5.3 Simulators 121 5.3.1 Network Simulator: ns-3 121 5.3.2 Mobility Simulator: SUMO 123 5.3.3 Graph-Based Simulations 126 5.4 Experimental Setup 127 5.5 Conclusion 131 References 131 6 BROADCASTING PROTOCOL 135 6.1 The Problem 136 6.1.1 DFCN Protocol 136 6.1.2 Optimization Problem Definition 138 6.2 Experiments 140 6.2.1 Algorithm Configurations 140 6.2.2 Comparison of the Performance of the Algorithms 141 6.3 Analysis of Results 142 6.3.1 Building a Representative Subset of Best Solutions 143 6.3.2 Interpretation of the Results 145 6.3.3 Selected Improved DFCN Configurations 148 6.4 Conclusion 150 References 151 7 ENERGY MANAGEMENT 153 7.1 The Problem 154 7.1.1 AEDB Protocol 154 7.1.2 Optimization Problem Definition 156 7.2 Experiments 159 7.2.1 Algorithm Configurations 159 7.2.2 Comparison of the Performance of the Algorithms 160 7.3 Analysis of Results 161 7.4 Selecting Solutions from the Pareto Front 164 7.4.1 Performance of the Selected Solutions 167 7.5 Conclusion 170 References 171 8 NETWORK TOPOLOGY 173 8.1 The Problem 175 8.1.1 Injection Networks 175 8.1.2 Optimization Problem Definition 176 8.2 Heuristics 178 8.2.1 Centralized 178 8.2.2 Distributed 179 8.3 Experiments 180 8.3.1 Algorithm Configurations 180 8.3.2 Comparison of the Performance of the Algorithms 180 8.4 Analysis of Results 183 8.4.1 Analysis of the Objective Values 183 8.4.2 Comparison with Heuristics 185 8.5 Conclusion 187 References 188 9 REALISTIC VEHICULAR MOBILITY 191 9.1 The Problem 192 9.1.1 Vehicular Mobility Model 192 9.1.2 Optimization Problem Definition 196 9.2 Experiments 199 9.2.1 Algorithms Configuration 199 9.2.2 Comparison of the Performance of the Algorithms 200 9.3 Analysis of Results 202 9.3.1 Analysis of the Decision Variables 202 9.3.2 Analysis of the Objective Values 204 9.4 Conclusion 206 References 206 10 SUMMARY AND DISCUSSION 209 10.1 A New Methodology for Optimization in Mobile Ad Hoc Networks 211 10.2 Performance of the Three Algorithmic Proposals 213 10.2.1 Broadcasting Protocol 213 10.2.2 Energy-Efficient Communications 214 10.2.3 Network Connectivity 214 10.2.4 Vehicular Mobility 215 10.3 Global Discussion on the Performance of the Algorithms 215 10.3.1 Single-Objective Case 216 10.3.2 Multi-Objective Case 217 10.4 Conclusion 218 References 218 INDEX 221
£86.36
John Wiley & Sons Web Application Defenders Cookbook
Book SynopsisDefending your web applications against hackers and attackers The top-selling book Web Application Hacker''s Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender''s Cookbook is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants. Each recipe shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more. Provides practical tactics for detecting web attacks and malicious behavior anTrade ReviewFor those that want to ensure their web sites are as secure as possible, their developers should certainly implement the delicious recipes in Web Application Defender's Cookbook. (RSA Conference, Jan 2013)Table of ContentsForeword xix Introduction xxiii I Preparing the Battle Space 1 1 Application Fortification 7 Recipe 1-1: Real-time Application Profiling 7 Recipe 1-2: Preventing Data Manipulation with Cryptographic Hash Tokens 15 Recipe 1-3: Installing the OWASP ModSecurity Core Rule Set (CRS) 19 Recipe 1-4: Integrating Intrusion Detection System Signatures 33 Recipe 1-5: Using Bayesian Attack Payload Detection 38 Recipe 1-6: Enable Full HTTP Audit Logging 48 Recipe 1-7: Logging Only Relevant Transactions 52 Recipe 1-8: Ignoring Requests for Static Content 53 Recipe 1-9: Obscuring Sensitive Data in Logs 54 Recipe 1-10: Sending Alerts to a Central Log Host Using Syslog 58 Recipe 1-11: Using the ModSecurity AuditConsole 60 2 Vulnerability Identification and Remediation 67 Recipe 2-1: Passive Vulnerability Identification 70 Recipe 2-2: Active Vulnerability Identification 79 Recipe 2-3: Manual Scan Result Conversion 88 Recipe 2-4: Automated Scan Result Conversion 92 Recipe 2-5: Real-time Resource Assessments and Virtual Patching 99 3 Poisoned Pawns (Hacker Traps) 115 Recipe 3-1: Adding Honeypot Ports 116 Recipe 3-2: Adding Fake robots.txt Disallow Entries 118 Recipe 3-3: Adding Fake HTML Comments 123 Recipe 3-4: Adding Fake Hidden Form Fields 128 Recipe 3-5: Adding Fake Cookies 131 II Asymmetric Warfare 137 4 Reputation and Third-Party Correlation 139 Recipe 4-1: Analyzing the Client’s Geographic Location Data 141 Recipe 4-2: Identifying Suspicious Open Proxy Usage?@147 Recipe 4-3: Utilizing Real-time Blacklist Lookups (RBL) 150 Recipe 4-4: Running Your Own RBL 157 Recipe 4-5: Detecting Malicious Links 160 5 Request Data Analysis 171 Recipe 5-1: Request Body Access 172 Recipe 5-2: Identifying Malformed Request Bodies 178 Recipe 5-3: Normalizing Unicode 182 Recipe 5-4: Identifying Use of Multiple Encodings 186 Recipe 5-5: Identifying Encoding Anomalies 189 Recipe 5-6: Detecting Request Method Anomalies 193 Recipe 5-7: Detecting Invalid URI Data 197 Recipe 5-8: Detecting Request Header Anomalies 200 Recipe 5-9: Detecting Additional Parameters 209 Recipe 5-10: Detecting Missing Parameters 212 Recipe 5-11: Detecting Duplicate Parameter Names 214 Recipe 5-12: Detecting Parameter Payload Size Anomalies 216 Recipe 5-13: Detecting Parameter Character Class Anomalies 219 6 Response Data Analysis 223 Recipe 6-1: Detecting Response Header Anomalies 224 Recipe 6-2: Detecting Response Header Information Leakages 234 Recipe 6-3: Response Body Access 238 Recipe 6-4: Detecting Page Title Changes 240 Recipe 6-5: Detecting Page Size Deviations 243 Recipe 6-6: Detecting Dynamic Content Changes 246 Recipe 6-7: Detecting Source Code Leakages 249 Recipe 6-8: Detecting Technical Data Leakages 253 Recipe 6-9: Detecting Abnormal Response Time Intervals 256 Recipe 6-10: Detecting Sensitive User Data Leakages 259 Recipe 6-11: Detecting Trojan, Backdoor, and Webshell Access Attempts 262 7 Defending Authentication 265 Recipe 7-1: Detecting the Submission of Common/Default Usernames 266 Recipe 7-2: Detecting the Submission of Multiple Usernames 269 Recipe 7-3: Detecting Failed Authentication Attempts 272 Recipe 7-4: Detecting a High Rate of Authentication Attempts 274 Recipe 7-5: Normalizing Authentication Failure Details 280 Recipe 7-6: Enforcing Password Complexity 283 Recipe 7-7: Correlating Usernames with SessionIDs 286 8 Defending Session State 291 Recipe 8-1: Detecting Invalid Cookies 291 Recipe 8-2: Detecting Cookie Tampering 297 Recipe 8-3: Enforcing Session Timeouts 302 Recipe 8-4: Detecting Client Source Location Changes During Session Lifetime 307 Recipe 8-5: Detecting Browser Fingerprint Changes During Sessions 314 9 Preventing Application Attacks 323 Recipe 9-1: Blocking Non-ASCII Characters 323 Recipe 9-2: Preventing Path-Traversal Attacks 327 Recipe 9-3: Preventing Forceful Browsing Attacks 330 Recipe 9-4: Preventing SQL Injection Attacks 332 Recipe 9-5: Preventing Remote File Inclusion (RFI) Attacks 336 Recipe 9-6: Preventing OS Commanding Attacks 340 Recipe 9-7: Preventing HTTP Request Smuggling Attacks 342 Recipe 9-8: Preventing HTTP Response Splitting Attacks 345 Recipe 9-9: Preventing XML Attacks 347 10 Preventing Client Attacks 353 Recipe 10-1: Implementing Content Security Policy (CSP) 353 Recipe 10-2: Preventing Cross-Site Scripting (XSS) Attacks 362 Recipe 10-3: Preventing Cross-Site Request Forgery (CSRF) Attacks 371 Recipe 10-4: Preventing UI Redressing (Clickjacking) Attacks 377 Recipe 10-5: Detecting Banking Trojan (Man-in-the-Browser) Attacks 381 11 Defending File Uploads 387 Recipe 11-1: Detecting Large File Sizes 387 Recipe 11-2: Detecting a Large Number of Files 389 Recipe 11-3: Inspecting File Attachments for Malware 390 12 Enforcing Access Rate and Application Flows 395 Recipe 12-1: Detecting High Application Access Rates 395 Recipe 12-2: Detecting Request/Response Delay Attacks 405 Recipe 12-3: Identifying Inter-Request Time Delay Anomalies 411 Recipe 12-4: Identifying Request Flow Anomalies 413 Recipe 12-5: Identifying a Significant Increase in Resource Usage 414 III Tactical Response 419 13 Passive Response Actions 421 Recipe 13-1: Tracking Anomaly Scores 421 Recipe 13-2: Trap and Trace Audit Logging 427 Recipe 13-3: Issuing E-mail Alerts 428 Recipe 13-4: Data Sharing with Request Header Tagging 436 14 Active Response Actions 441 Recipe 14-1: Using Redirection to Error Pages 442 Recipe 14-2: Dropping Connections 445 Recipe 14-3: Blocking the Client Source Address 447 Recipe 14-4: Restricting Geolocation Access Through Defense Condition (DefCon) Level Changes 452 Recipe 14-5: Forcing Transaction Delays 455 Recipe 14-6: Spoofing Successful Attacks 462 Recipe 14-7: Proxying Traffic to Honeypots 468 Recipe 14-8: Forcing an Application Logout 471 Recipe 14-9: Temporarily Locking Account Access 476 15 Intrusive Response Actions 479 Recipe 15-1: JavaScript Cookie Testing 479 Recipe 15-2: Validating Users with CAPTCHA Testing 481 Recipe 15-3: Hooking Malicious Clients with BeEF 485 Index 495
£30.39
John Wiley & Sons Inc Professional SharePoint 2013 Administration
Book SynopsisSharePoint admin author gurus return to prepare you for working with the new features of SharePoint 2013! The new iteration of SharePoint boasts exciting new features. However, any new version also comes with its fair share of challenges and that's where this book comes in.Table of ContentsINTRODUCTION xxix CHAPTER 1: WHAT’S NEW IN SHAREPOINT 2013 1 Installation Changes 2 System Requirements 2 The Installation Process 2 Upgrading from SharePoint 2010 3 Patching 3 Central Administration 4 Service Applications 5 Claims and Authentication 8 Managing SharePoint 2013 with Windows PowerShell 10 SharePoint Apps 10 Workflow Manager 11 New User Experience 12 Faster 12 Prettier 13 Getting Social 14 Summary 15 CHAPTER 2: ARCHITECTURE AND CAPACITY PLANNING 17 Names, Names, My Kingdom for a Consistent Name! 19 SharePoint Foundation 19 SharePoint Server 2013 20 Search Server Express 22 FAST Search Server 2010 22 SharePoint Online 23 Additional Server Planning 24 Windows Server and Required Additional Software 24 Windows Vista, 7, and 8 25 SQL Server 26 E-mail Servers and SMS Options 26 Hardware Requirements 28 Web Servers 29 Application Servers 30 SQL Servers 40 Mixing and Matching Servers 41 Other Hardware Notes 46 Virtualization 47 Terminology 48 Controlling Deployments 52 HTTP Throttling 52 Large List Throttling 53 Recycle Bin Architectural Implications 54 Software Boundaries and Limits for SharePoint 2013 55 Summary 56 CHAPTER 3: INSTALLING AND CONFIGURING SHAREPOINT 57 Preparing the Environment 57 Logging In and Mounting the File 58 Running the Prerequisite Installer 59 Adding Forgotten Patches 60 Windows Server 2008 R2 61 Windows Server 2012 61 Running Setup 61 Automating Setup 62 Creating the Farm 63 Adding More Servers to the Farm 65 Configuring the Farm 66 Creating Web Applications and More 90 Terminology 90 Web Applications 91 Site Collections and Webs 93 Summary 95 CHAPTER 4: UNDERSTANDING SERVICE APPLICATIONS 97 A History of Service Applications in SharePoint 98 Service Application Fundamentals 99 The Connection Structure 100 Connecting Across Farms 105 Service Applications As a Framework 107 Service Application Administration 107 Creating a New Instance of a Service Application 107 Using the Ribbon to Manage Service Applications 109 Managing Service Application Proxy Groups 112 Multi-Tenancy in SharePoint 2013 118 Managing Service Application Groups 118 Creating a Site Subscription 120 Multi-Tenant Use Cases 121 Partitioning in the Enterprise 121 Summary 123 CHAPTER 5: UPGRADING TO SHAREPOINT 2013 125 Upgrade Considerations 125 What You Can Upgrade 125 What You Can’t Upgrade 130 Don’t Upgrade Crap 131 Upgrading Content 135 Creating the Web Application 135 Testing the Content Database 137 Attaching the Content Database 143 Upgrading Site Collections 146 Throttling and Governance 156 Upgrading Service Applications 157 Business Connectivity Services 158 Managed Metadata 158 Performance Point 159 Search 160 Secure Store 161 User Profile Service 162 Using Third-Party Tools to Migrate Content 163 Upgrading from Older Versions 163 Restructuring Your Farm 163 Choosing Third-Party Migration Software 164 Summary 164 CHAPTER 6: CLAIMS AUTHENTICATION AND OAUTH 165 What’s New with Claims and Authorization? 166 Migrating from Classic to SharePoint 2013 Claims 166 Authentication Infrastructure 167 OAuth 167 Server-to-Server Authentication 168 User Authentication 168 Claims-Based Identity 169 Using Claims-Based Identity 171 Application Authentication 180 Cloud App Model 180 OAuth 181 App Authentication 182 Server-to-Server Authentication 188 SharePoint to SharePoint S2S 189 SharePoint to Exchange and Lync S2S 189 Summary 190 CHAPTER 7: ADMINISTERING SHAREPOINT WITH WINDOWS POWERSHELL 191 Introduction to Windows PowerShell 192 Microsoft SharePoint 2013 Management Shell and Other Hosts 192 Microsoft SharePoint 2013 Management Shell 192 Using Other Windows PowerShell Hosts 193 Commands 195 Cmdlets 195 Functions 196 Scripts 197 Native Commands 198 Basic PowerShell Usage 198 Listing the SharePoint Commands 198 PowerShell Help 200 PowerShell Variables 201 PowerShell Objects 203 PowerShell Pipeline 203 Controlling Output 204 Using SharePoint Commands 207 Working with the Farm 207 Working with the Farm Configuration 208 Web Applications 209 Working with Site Collections 212 Working with Webs 217 Working with Objects Below the Web Level 219 Disposing of SharePoint Variables 223 Some Sample PowerShell Scripts 225 Creating Your SharePoint 2013 Farm with PowerShell 225 Creating Managed Accounts and Service Application Pools 227 Creating the Search Service Application in SharePoint 2013 Server 227 Creating a Claims Web Application 228 Getting Site Collection Size 229 Summary 229 CHAPTER 8: CONFIGURING SHAREPOINT FOR BUSINESS INTELLIGENCE 231 Installing SQL Server Analysis Services 232 Installing SSAS and Data Tools 232 Deploying AdventureWorks 237 Creating a Business Intelligence Center 242 Configuring Excel Services 243 Configuring the Excel Services Service Application 244 Configuring Excel Services to Use the Secure Store 245 Testing the Excel Services Unattended Service Account 248 PowerPivot 2012 250 Installing PowerPivot 251 Configuring PowerPivot Integration 255 Adding Permissions to Central Administration 258 Creating and Confi guring a PowerPivot Workbook 259 SQL Server Reporting Services for SharePoint 2013 264 Creating the Service Application 268 Creating and Deploying an SSRS Report 268 PowerView 274 Configuring PerformancePoint Services 275 Configuring PerformancePoint Services to Use the Secure Store 277 Testing the PerformancePoint Services Unattended Service Account 279 Configuring Visio Services 285 Configuring the Visio Unattended Service Account 285 Configuring the Visio Graphics Service Application 286 Introduction to Access 2013 290 Prerequisites 291 Items to Consider for Access 2013 291 Configuring an Isolated App Domain 291 Microsoft SQL Server 2012 Required Features for Access Services 2013 292 Microsoft SQL Server 2012 Options Required for Use with Access Services 2013 292 Service Account Permissions 295 Creating the Access Services 2013 Service Application 296 Setting SQL Permissions for Your Service Account 298 Configuring IIS 299 Creating a Custom Web App Using Access 2013 Client 300 Summary 302 CHAPTER 9: CONFIGURING SHAREPOINT FOR HIGH-AVAILABILITY BACKUPS 303 Determining Your Business Requirements 303 Content Recovery 305 Content Storage Overview 306 Version History 306 The Recycle Bin 310 Exporting and Importing Sites, Lists, and Libraries 313 Backing Up and Restoring Site Collections 318 Recovering from SQL Server Snapshots 324 Backing Up and Recovering from Disaster 325 Backing Up and Restoring Content Databases 326 Backing Up and Restoring Service Applications 333 Backing Up the Farm 335 Backing Up IIS 337 Backing Up Customizations 338 High-Availability Configurations 339 Load-Balancing 339 SQL AlwaysOn Failover-Clustering 340 SQL Server AlwaysOn Availability Groups 340 HTTP Request Throttling 341 Gradual Site Deletion 343 Summary 343 CHAPTER 10: MANAGING SHAREPOINT DEVELOPER SOLUTIONS AND FEATURES 345 Defining Solutions and Features 345 Understanding Farm Solutions 346 Managing Farm Solutions 348 Managing Farm Solutions via the User Interface 349 Managing Farm Solutions via the Command Line 353 Understanding Sandbox Solutions 355 Managing Sandbox Solutions 356 Understanding Features 358 Feature Manifest 359 Defining Scope 360 Feature Receivers 360 Managing Features 361 Managing Features via the User Interface 361 Managing Features via the Command Line 365 Summary 368 CHAPTER 11: MANAGING AND CONFIGURING APPS 369 Understanding the SharePoint 2013 App 371 Architecture 371 SharePoint 2013 App Marketplaces 372 SharePoint 2013 App Hosting Options 373 App Model Security 376 Setting Up an App-Enabled SharePoint Environment 377 Configuring a Forward Lookup Zone in DNS 378 Configuring SSL for the App Domain (Optional) 381 Configuring the Service Applications 381 Configuring App URLs 382 Setting Up a High-Trust App Environment 384 Managing SharePoint 2013 Apps 392 Configuring an App Catalog 392 Adding an App to a SharePoint Site 394 Removing an App from a SharePoint Site 399 Monitoring SharePoint Apps 400 Monitoring and Managing App Licenses 403 Summary 406 CHAPTER 12: BRANDING SHAREPOINT 407 What Is Branding? 407 Branding Considerations 409 SharePoint and Publishing 410 Components of SharePoint Branding 412 Master Pages 413 Page Layouts and Wiki Pages 414 HTML, Cascading Style Sheets, and More 416 What’s New in Branding for SharePoint 2013 416 Composed Looks 416 Device Channels 419 Image Renditions 424 Display Templates 427 Improving Speed with Minimal Download Strategy 428 Design Manager 429 Understanding the SharePoint 2013 Branding Process 430 Using the Design Manager 430 Deploying Branding Assets 444 Customizing SharePoint Files 444 Upgrading Branding to SharePoint 2013 445 Controlling Access to SharePoint Branding 446 Summary 447 CHAPTER 13: CONFIGURING AND MANAGING ENTERPRISE SEARCH 449 What’s New in Enterprise Search 449 Single Search Architecture 450 Search Center and Search UI 450 Relevancy Improvements 450 Search Architecture 451 Topology 452 Managing the Crawl Process and Crawled Properties 453 Content Processing 454 Analytics Processing 456 Index Processing 459 Query Processing, Query Rules, and Result Sources 460 Administration 460 Configuring Enterprise Search 461 Scaling Out Topology 461 Continuous Crawl and Content Sources 469 Result Sources 474 Managing the Search UI 477 Search Center 477 Customizing the UI 486 Summary 500 CHAPTER 14: CONFIGURING USER PROFILES AND SOCIAL COMPUTING 503 What’s New in Enterprise Social? 504 My Sites 504 Distributed Cache 506 Communities 506 User Profile Synchronization 506 User Profile Replication Engine 507 Managing and Configuring Profile Synchronization 507 Profile Synchronization 508 Choosing a Synchronization Method 508 Active Directory Import 509 SharePoint Profile Synchronization 511 Organization Profiles 522 Audiences 522 Managing and Configuring My Sites 527 Configuring My Sites 527 SkyDrive Pro 536 Managing and Configuring Communities 540 Community Templates 540 Creating and Using Community Sites 541 Summary 544 CHAPTER 15: THE OFFICE WEB APPLICATIONS FOR SHAREPOINT 545 Functionality Overview 546 New Features in SharePoint OWA 2013 546 Additional Functionality for Multiple SharePoint Farms, Lync, Exchange 2013, and File Shares (via Open-Form URL) 547 Integrating OWA with Exchange 2013 547 Integrating OWA with Lync 2013 547 Licensing and Versions 548 Desktop Enhancements 549 User Experience Improvements 549 PowerPoint Broadcasting 549 Excel Web App vs. Excel Services 550 Change Tracking 550 Comments 551 Co-Authoring 551 Embedding 551 Ink Support 552 Quick Preview 553 Sharing a Document 553 Office Web Apps URLs 554 Default Open Behavior for Documents 554 Mobile Device Support 555 PowerPoint Changes 555 Enhanced User Experience 555 Technologies Used 555 Platform and Browser Compatibility 556 Topology 557 Authentication Requirements 560 Migrating from Classic-Mode to Claims-Based Authentication 560 Preparing the Server and Installing OWA via the GUI 561 Installing Prerequisites for Windows Server 2012 561 Installing Prerequisites for Windows 2008 R2 564 Installing Office Web Apps 564 Office Web Apps Confi guration Options 565 Creating Your Own Certificate for Testing 565 Configuring the Security Token Service 570 Using the HTTP Protocol 570 Using the HTTPS Protocol 572 Binding to a SharePoint Farm Using HTTPS 574 Removing a Binding 575 Scaling Office Web Apps 575 Office Web Apps Patching 575 New PowerShell OWA Cmdlets 576 Summary 577 CHAPTER 16: INSTALLING AND CONFIGURING AZURE WORKFLOW SERVER 579 Enchancements in Workflow 579 Workflow in SharePoint 2010 580 Workflow in SharePoint 2013 581 New Workflow Architecture in SharePoint 2013 581 SharePoint Designer Enhancements 583 Installing and Configuring Windows Azure Workflow Server 584 Hardware and Software Requirements 584 Workflow Manager Install 586 Step-by-Step Install 587 Managing Web Application Settings 597 Creating SharePoint 2013 Workfl ows 598 Templates 598 Creating a Custom Workflow Using SharePoint Designer 2013 600 Workflow Visualization Using Visio 2013 609 Creating Custom Workfl ows Using Visual Studio 2012 610 Summary 611 CHAPTER 17: INTEGRATING OFFICE CLIENTS WITH SHAREPOINT 613 What Office 2013 and SharePoint 2013 Share in Common 614 Connecting to SharePoint from within Microsoft Offi ce 2013 Applications 614 Determining When a Document Is Being Actively Co-Authored 615 Live Co-Authoring Compatibility with Other Offi ce Versions 616 Backstage View 616 Taking a Look at the Document Panel 618 Connecting to Office 2013 from SharePoint 2013 620 Integrating SharePoint 2013 with Word 2013 622 Comparing Document Versions 622 Working with Document Barcodes 623 Using Quick Parts 623 Blogging in Microsoft Word 624 Integrating SharePoint 2013 with Excel 626 Importing Spreadsheets into SharePoint 626 Exporting to Excel 627 Displaying Charts 627 Using the Excel Web Access Web Part 627 Integrating SharePoint 2013 with PowerPoint 628 Working with Slide Libraries 628 Broadcasting Slides 628 Integrating SharePoint 2013 with Outlook 628 Managing SharePoint Alerts 629 Connecting SharePoint Lists and Libraries to Outlook 629 Connecting Calendars and Meetings to Outlook 630 Integrating SharePoint 2013 with InfoPath 630 Deploying InfoPath Forms Services in Central Administration 632 InfoPath Form Web Part 633 Customizing the Document Information Panel 633 Customizing SharePoint List Forms 635 Integrating SharePoint 2013 with Visio 636 Setting Up the Visio Graphics Service 636 Adding a Visio Web Access Web Part 637 Integrating SharePoint 2013 with OneNote 638 Integrating SharePoint with Access 2013 and Access Services 639 SharePoint Data as a Table 640 Creating Microsoft Access Views in SharePoint 641 Access Services Overview 642 Publishing Links to Office Client Applications 644 Managing Office 2013 and SharePoint through Group Policy 645 Summary 647 CHAPTER 18: WORKING WITH SHAREPOINT DESIGNER 649 Introduction to SharePoint Designer 2013 650 Requirements for Using SPD 2013 651 Integrating SP 2013 and SPD 2013 652 SPD 2013 and SPD 2010 Interoperability 653 SharePoint Server 2013 Workflow Platform 654 Enabling SharePoint Designer Restrictions 655 Overview of the New User Interface 659 Managing SharePoint Sites with SharePoint Designer 661 The Navigation Pane 662 Creating Subsites with SharePoint Designer 2013 663 Branding with SharePoint Designer 2013 664 Versioning 665 SharePoint Master Pages 666 Editing the Master Page 667 Page Layouts 668 Implementing Workfl ows with SharePoint Designer 2013 670 Summary 673 CHAPTER 19: TROUBLESHOOTING SHAREPOINT 675 The Unified Logging Service 676 Windows Event Logs 676 Trace Logs 680 Powerful PowerShell Tweaks 681 Viewing the ULS Logs with the ULS Viewer 683 Using PowerShell to Tame the ULS Logs 685 The Correlation ID: Your New Best Friend 688 The Developer Dashboard 690 More Troubleshooting Techniques 693 Using Fiddler to Watch Your Web Traffic 693 Creating a New Web Application 695 Making All Your Service Accounts Local Administrators 695 Checking for Failed Timer Jobs 696 Starting Fresh with IISReset 696 Reboots for Everyone! 697 Shoot Trouble Before it Happens! 697 See the Bigger Picture: IIS and SQL 697 Additional Tools and Resources 698 Summary 699 CHAPTER 20: MONITORING AND ANALYTICS 701 Configuring Monitoring in Central Administration 701 Unified Logging Service 702 Configuring ULS via Central Admin 702 Configuring ULS via PowerShell 705 Using and Configuring the Health Analyzer 707 Usage and Health Data Collection 709 Configuring Usage and Health Data Collection 710 Log Collection and Processing 711 Timer Jobs in SharePoint 2013 713 Managing Timer Jobs in Central Admin 714 Managing Timer Jobs in PowerShell 715 Search Service Application Monitoring 716 The Crawl Log 716 Crawl and Query Health Reports 718 Usage Reports 718 Summary 718 CHAPTER 21: CONFIGURING AND MANAGING WEB CONTENT MANAGEMENT AND INTERNET SITES 719 What’s New with WCM? 720 Cross-Site Publishing 720 Catalogs and Category Pages 720 Managed Navigation 721 Content Search 721 Internet Site Improvements 722 Variations and Translation Services 723 Design Manager 723 Snippet Gallery 723 Device Channels 724 Content Authoring Improvements 724 Architecting Internet Sites 725 What Is SharePoint for Internet Sites? 725 Preparing the Farm for WCM 726 Planning and Confi guring WCM Capability 732 Site Publishing Models 745 Configuring and Creating WCM Internet Sites 747 Configuring Cross-Site Publishing 748 Using the New Catalogs Capability 748 Branding 752 Design Manager 753 Navigation 756 Search-Driven Content 762 Search Engine Optimization 766 Authoring Content Improvements 767 Rich Text Editor Improvements 768 Using Video Support Enhancements 769 Image Renditions 769 Summary 771 INDEX 773
£30.39
John Wiley & Sons Inc Microsoft Windows Server 2012 Administration
Book SynopsisFast, accurate answers for common Windows Server questions Serving as a perfect companion to all Windows Server books, this reference provides you with quick and easily searchable solutions to day-to-day challenges of Microsoft's newest version of Windows Server.Table of ContentsIntroduction xvii Part I Getting Started 1 Chapter 1: Getting Started with Windows Server 2012 3 Plan for Windows Server 2012 4 Understand Hardware Requirements 5 Understand Windows Server 2012 Editions and Roles 6 Understand Server Core 9 Consider Your Licensing Options 11 Install Windows Server 2012 12 Perform a Windows Server 2012 Full Installation 12 Perform a Windows Server 2012 Server Core Installation 19 Use sconfig to Configure Your Windows Server 2012 Server Core 19 Upgrade to Windows Server 2012 22 Install Windows Server 2012 Server Unattended 26 Migrate to Windows Server 2012 32 Install Windows Server 2012 Migration Tools 33 Migrate to Windows Server 2012 38 A New Server Manager 38 Chapter 2: Adding Server Roles and Functionality 43 Plan for Windows Server 2012 Roles 44 Plan for Active Directory 45 Plan for Hyper-V 49 Understand Remote Desktop Services 50 Understand Windows Server 2012 Features 52 Install Windows Server 2012 Roles 57 Install Roles on a Windows Server 2012 Full Server Installation 58 Install Roles on a Windows Server 2012 Server Core Installation 71 Chapter 3: Automating Administrative Tasks with Windows Server 2012 77 Understand the Basics of Windows PowerShell v3 78 Understand Windows PowerShell v3 Terminology and Structure 78 Enable Windows PowerShell v3 82 Understand Security in Windows PowerShell 82 Learn to Help Yourself to PowerShell 84 Take the Next Step 91 Use PowerShell Remoting 99 Enable PowerShell Remoting 99 Run Remote Commands 100 Understand PowerShell Integrated Scripting Environment (ISE) 103 Work with the PowerShell ISE 103 Part II Manage Active Directory and Local Users 109 Chapter 4: Maintaining Users and Groups 111 Understand Local Users and Groups 112 Learn Default Local Users and Groups 112 Administer Local Users and Groups 115 Understand Local User Rights 127 Work with Local Account Policies 129 Understand Active Directory Users and Groups 135 Learn Active Directory Users and Groups Terminology 135 Join an Active Directory Domain as a Member 137 Work with Active Directory and Local Groups 138 Manage Users and Groups in Active Directory 139 Automate User and Group Management 146 Load AD PowerShell Modules 147 Work with Users and Groups in PowerShell 147 Use the AD Recycle Bin 151 Chapter 5: Managing and Replicating Active Directory 157 Manage the Active Directory Database 158 Maintain FSMO Roles 159 Transfer FSMO Roles 161 Defragment the Directory Database 166 Audit Active Directory Service 168 Use Fine-Grained Password Policy 172 Create PSOs 173 Understand Active Directory Replication 177 Understand the Components of Replication 177 Understand the Physical Constructs of Replication 179 Chapter 6: Maintaining and Controlling the Centralized Desktop 183 Understand Group Policy 184 Know the Difference Between Policy and Preferences 186 Understand the Scope of Group Policy Management 188 Understand and Control the Order of Precedence 189 Learn Group Policy Processing 191 Administer Group Policy 198 Use the Group Policy Management Editor 208 Automate Group Policy Administrator Tasks 212 Troubleshoot Group Policy 213 Use the Group Policy Modeling Wizard 214 Use Tools to See the RSOP 216 Part III Data Access and Management 221 Chapter 7: Configuring Folder Security, Access, and Replication 223 Implement Permissions 224 Set Standard NTFS Permissions 225 Set Special NTFS Permissions 226 View Effective NTFS Permissions 228 Take Ownership of an NTFS Folder 229 Share Folders 231 Create a Shared Folder 231 Implement Advanced Sharing 232 Resolve Permission Conflicts 234 Configure Offline File Caching 237 Secure Folders and Files 239 Configure the Encrypting File System 239 Configure BitLocker Drive Encryption 241 Install and Enable BitLocker 242 Recover BitLocker 247 Use the BitLocker To Go Tool 248 Implement the Distributed File System 250 Configure a DFS Namespace 251 Configure Replication Groups 254 Enable Previous Versions of Files 257 Restore a Previous Version 258 Chapter 8: Backing Up and Recovering Your Server 261 Understand Backup and Recovery 262 Understand Backup and Recovery Terminology 263 Use Backup and Recovery Tools 264 Manage Backup and Recovery 270 Back Up Your Server 271 Recover Your Data 282 Recover via Shadow Copy 292 Perform Backup and Recovery with Command Tools 294 Use wbadmin.exe 294 Use PowerShell 297 Chapter 9: Managing Disks and Disk Storage 301 Understand the Basics 302 Learn Disk Management and Storage Terminology 302 Work with Your Storage 305 Work with Partitions 312 Use DiskPart 315 Work with RAID Volumes 318 Understand RAID Levels 318 Implement RAID 321 Manage Disk Storage 327 Manage Disk Storage Quotas 327 Work with Data Deduplication 331 Work with Storage Spaces 336 Understand Storage Spaces 336 Create and Configure Storage Spaces 338 Part IV Network Configuration and Communication 345 Chapter 10: Maintaining Your Web Server 347 Install Internet Information Services 348 Understand Internet Information Services Role Services 348 Install IIS on Windows Server 2012 Full Server Installation 354 Install IIS on Windows Server 2012 Core Server 355 Manage Internet Information Services 358 Work with the IIS Management Console 359 Remotely Manage IIS Servers 365 Manage IIS with PowerShell 370 Work with Websites 374 Understand the Basics of IIS Websites 374 Work with Applications 377 Integrate PHP Applications in IIS 379 Chapter 11: Administering DNS 383 Add and Remove DNS Servers 384 Add a DNS Server 384 Configure a New DNS Server 386 Add Query Forwarding 388 Configure a Caching-Only DNS Server 390 Remove a DNS Server 392 Manage a DNS Server 393 Change the Address of a DNS Server 393 Configure a DNS Server to Listen Only on a Selected Address 394 Scavenge Properties for DNS 395 Manage DNS Integration with Active Directory 397 Change Zone Replication 401 Manage Zone Database Files 402 Configure Single-Label DNS Resolution 410 Troubleshoot DNS 412 Chapter 12: Troubleshooting TCP/IP 415 Understand TCP/IP Basics 416 Troubleshoot TCP/IP 417 Understand Troubleshooting Tools 418 Troubleshoot IPv6 420 Verify Connectivity for IPv6 421 Verify Responsiveness 423 Check the Routing Table for IPv6 425 Validate DNS Name Resolution for IPv6 Addresses 426 Flush the DNS Cache 426 Test IPv6 TCP Connections 427 Troubleshoot IPv4 428 Use the Network Connection Repair Tool 428 Verify IPv4 Connectivity 429 Verify Responsiveness 430 Check the Routing Table for IPv4 432 Validate DNS Name Resolution for IPv4 Addresses 432 Flush the DNS Cache 433 Test IPv4 TCP Connections 434 Part V Manage Desktop and Server Virtualization 435 Chapter 13: Managing Remote Access to Your Server 437 Understand Remote Desktop Services 438 Understand the Remote Desktop Services Role 438 Install Remote Desktop Services Role Services 439 Manage Remote Desktop Services 445 Administer Remote Desktop Session Host 445 Activate Remote Desktop Licensing Server 449 Configure Remote Desktop Gateway 450 Configure Remote Desktop Connection Broker 452 Configure Remote Desktop Web Access 453 Work with Virtual Desktop Infrastructure 456 Work with Remote Clients 457 Install and Configure Windows Server 2012 VPNs 457 Install and Configure DirectAccess 463 Chapter 14: Maintaining Virtual Machines 465 Understand Virtualization with Hyper-V 466 Install Hyper-V 466 Work with Virtual Networks 468 Build Virtual Machines 471 Create a Virtual Machine 472 Create Virtual Hard Disks 473 Work with Virtual Machine Settings 476 Install an Operating System 486 Connect to a Virtual Machine 488 Use Snapshots 489 Import a Virtual Machine 491 Export a Virtual Machine 493 Replicate a Virtual Machine 495 Part VI Server Tuning and Maintenance 497 Chapter 15: Tuning and Monitoring Performance 499 Analyze Server Roles 500 Understand the Best Practices Analyzer 500 Use the Best Practices Analyzer 503 Use PowerShell with the Best Practices Analyzer 507 View Server Performance Data 509 Create a System Health Report 510 Understand Performance Monitor 514 View Server Events 522 Work with the Event Viewer 522 Chapter 16: Keeping Your Servers Up-to-Date 531 Work with Windows Updates 532 Find Out What Updates Are 532 Use Windows Update 533 Enable Automatic Updates 535 View Installed Updates 537 Remove an Update 538 Install Automatic Updates Between Scheduled Times 540 Use Group Policy to Configure Automatic Updates 540 Work with Windows Server Update Services 544 Do a Simple WSUS Deployment 544 Get WSUS Updates on Disconnected Networks 548 Use WSUS with Branch Cache 549 Learn the WSUS Requirements 550 Get More Information on WSUS 551 Index 553
£22.94
Wiley Advanced Content Delivery Streaming and Cloud Services
Book SynopsisWhile other books on the market provide limited coverage of advanced CDNs and streaming technologies, concentrating solely on the fundamentals, this book provides an up-to-date comprehensive coverage of the state-of-the-art advancements in CDNs, with a special focus on Cloud-based CDNs.Table of ContentsPreface xv Acknowledgments xxi Contributors xxiii PART I CDN AND MEDIA STREAMING BASICS 1 1 CLOUD-BASED CONTENT DELIVERY AND STREAMING 3Mukaddim Pathan 1.1 Introduction 3 1.2 CDN Overview 5 1.3 Workings of a CDN 10 1.4 CDN Trends 21 1.5 Research Issues 28 1.6 Conclusion 29 References 29 2 LIVE STREAMING ECOSYSTEMS 33Dom Robinson 2.1 Introduction 33 2.2 Live Streaming Pre-Evolution 34 2.3 Live, Linear, Nonlinear 35 2.4 Media Streaming 37 2.5 Related Network Models 38 2.6 Streaming Protocol Success 43 2.7 Platform Divergence and Codec Convergence 44 2.8 Adaptive Bitrate (ABR) Streaming 45 2.9 Internet Radio and HTTP 48 2.10 Conclusion 48 References 49 3 PRACTICAL SYSTEMS FOR LIVE STREAMING 51Dom Robinson 3.1 Introduction 51 3.2 Common Concepts in Live Streaming 52 3.3 The Practicals 56 3.4 Conclusion 69 References 70 4 EFFICIENCY OF CACHING AND CONTENT DELIVERY IN BROADBAND ACCESS NETWORKS 71Gerhard Haslinger 4.1 Introduction 71 4.2 Options and Properties for Web Caching 73 4.3 Zipf Laws for Requests to Popular Content 75 4.4 Efficiency and Performance Modeling for Caches 76 4.5 Effect of Replacement Strategies on Cache Hit Rates 78 4.6 Replacement Methods Based on Request Statistics 81 4.7 Global CDN and P2P Overlays for Content Delivery 84 4.8 Summary and Conclusion 86 Acknowledgments 87 References 87 5 ANYCAST REQUEST ROUTING FOR CONTENT DELIVERY NETWORKS 91Hussein A. Alzoubi, Michael Rabinovich, Seungjoon Lee, Kobus Van Der Merwe, and Oliver Spatscheck 5.1 Introduction 91 5.2 CDN Request Routing: An Overview 93 5.3 A Practical Load-Aware IP Anycast CDN 96 5.4 Mapping Algorithms 98 5.5 Evaluation 102 5.6 IPv6 Anycast CDNs 107 5.7 Discussion and Open Questions 114 5.8 Conclusion 116 References 116 6 CLOUD-BASED CONTENT DELIVERY TO HOME ECOSYSTEMS 119Tiago Cruz, Paulo Sim̃oes, and Edmundo Monteiro 6.1 Introduction 119 6.2 Bringing Cloud Services to Home: State of the Art 120 6.3 Virtualizing the Access Network Infrastructure 123 6.4 Virtualization for Cloud Service Delivery to Home 130 6.5 Future Trends 137 6.6 Summary and Conclusion 137 Acknowledgments 137 References 138 7 MOBILE VIDEO STREAMING 141Ram Lakshmi Narayanan, Yinghua Ye, Anuj Kaul, and Mili Shah 7.1 Introduction 141 7.2 Mobile Broadband Architecture 142 7.3 Video Streaming Protocols 143 7.4 Video Optimization Services 146 7.5 Operator-Hosted CDN 149 7.6 Cloud-Based Video Streaming 151 7.7 Future Research Directions 154 Acknowledgments 156 References 156 PART II CDN PERFORMANCE MANAGEMENT AND OPTIMIZATION 159 8 CDN ANALYTICS: A PRIMER 161Timothy Siglin 8.1 Introduction 161 8.2 Why Measure? 162 8.3 What do we Measure? 162 8.4 What about Business Intelligence? 169 8.5 Measuring Stateless Delivery 171 8.6 Billing Analytics 173 8.7 CDN Analytics Tools 174 8.8 Recent Trends in CDN Analytics 175 8.9 Conclusion 176 References 176 9 CDN MODELING 179Tolga Bektas and Ozgur Ercetin 9.1 Introduction 179 9.2 Basics on Mathematical Modeling and Optimization 180 9.3 Video-on-Demand Applications 182 9.4 Optimization Problems in Content Delivery and VoD Services 185 9.5 Visionary Thoughts for Practitioners 198 9.6 Future Research Directions 198 9.7 Conclusions 199 Acknowledgments 200 References 200 10 ANALYZING CONTENT DELIVERY NETWORKS 203Benjamin Molina, Jaime Calvo, Carlos E. Palau, and Manuel Esteve 10.1 Introduction 203 10.2 Previous Work 204 10.3 Basic CDN Model 205 10.4 Enhancing the Model 206 10.5 Performance Evaluation 212 10.6 Conclusions 216 References 216 11 MULTISOURCE STREAM AGGREGATION IN THE CLOUD 219Marat Zhanikeev 11.1 Introduction 219 11.2 Terminologies 221 11.3 Background and Related Work 222 11.4 The Substream Method in the Cloud 224 11.5 Stream Aggregation in the Cloud 226 11.6 Models 228 11.7 Analysis 231 11.8 Visionary Thoughts for Practitioners 236 11.9 Future Research Directions 238 11.10 Conclusion 239 References 239 12 BEYOND CDN: CONTENT PROCESSING AT THE EDGE OF THE CLOUD 243Salekul Islam and Jean-Charles Gŕegoire 12.1 Introduction 243 12.2 Existing Content Delivery Platforms 244 12.3 Comparison of Existing Content Delivery Platforms 247 12.4 An Edge Cloud-Based Model 251 12.5 Results and Insights 255 12.6 Future Research Directions 256 12.7 Conclusion 257 References 257 13 DYNAMIC RECONFIGURATION FOR ADAPTIVE STREAMING 259Norihiko Yoshida 13.1 Introduction 259 13.2 Background and Related Work 260 13.3 Dynamic Server Deployment 262 13.4 From Content Delivery to Streaming 263 13.5 Future Research Directions 267 13.6 Conclusion 269 Acknowledgments 269 References 269 14 MINING DISTRIBUTED DATA STREAMS ON CONTENT DELIVERY NETWORKS 273Eugenio Cesario, Carlo Mastroianni, and Domenico Talia 14.1 Introduction 273 14.2 Background and Related Work 275 14.3 A Hybrid Multidomain Architecture 277 14.4 A Prototype for Stream Mining in a CDN 281 14.5 Visionary Thoughts for Practitioners 285 14.6 Future Research Directions 285 14.7 Conclusion 286 References 286 15 CDN CAPACITY PLANNING 289Phil Davies and Mukaddim Pathan 15.1 Introduction 289 15.2 Capacity Planning Process 290 15.3 Undertaking the Capacity Planning Process 295 15.4 CDN Capacity Planning Case Study 300 15.5 Recent Developments and Challenges 302 15.6 Summary and Conclusion 303 References 303 PART III CASE STUDIES AND NEXT GENERATION CDNs 305 16 OVERLAY NETWORKS: AN AKAMAI PERSPECTIVE 307Ramesh K. Sitaraman, Mangesh Kasbekar, Woody Lichtenstein, and Manish Jain 16.1 Introduction 307 16.2 Background 309 16.3 Caching Overlays 314 16.4 Routing Overlays 318 16.5 Security Overlays 323 16.6 Conclusion 325 References 326 17 NEXT-GENERATION CDNs: A CoBlitz PERSPECTIVE 329Vivek S. Pai 17.1 Introduction 329 17.2 Carrier CDNs 331 17.3 Managed CDNs 332 17.4 Federated CDNs 333 17.5 Licensed CDNs 335 17.6 Case Study: CoBlitz 337 17.7 CoBlitz Commercialization 343 17.8 Implications of HTTP Adaptive Streaming 345 17.9 CoBlitz Commercialization Lessons 347 17.10 CDN Industry Directions 348 Acknowledgments 349 References 349 18 CONTENT DELIVERY IN CHINA: A ChinaCache PERSPECTIVE 353Michael Talyansky, Alexei Tumarkin, Hunter Xu, and Ken Zhang 18.1 Introduction 353 18.2 Content-Aware Network Services in China 356 18.3 Directions for Future CDN Research and Trends in China 365 18.4 Conclusion 366 References 366 19 PlatonTV: A SCIENTIFIC HIGH DEFINITION CONTENT DELIVERY PLATFORM 369Mirosław Czyrnek, Jedrzej Jajor, Jerzy Jamrozy, Ewa Kusmierek, Cezary Mazurek, Maciej Stroinski, and Jan Weglarz 19.1 Introduction 369 19.2 Background and Related Work 371 19.3 PlatonTV Architecture 372 19.4 Content Ingest 374 19.5 Content Distribution and Management 376 19.6 Content Delivery 379 19.7 Availability and Reliability 381 19.8 Visionary Thoughts for Practitioners 382 19.9 Future Research Directions 383 19.10 Conclusion 383 Acknowledgments 383 References 384 20 CacheCast: A SINGLE-SOURCE MULTIPLE-DESTINATION CACHING MECHANISM 385Piotr Srebrny, Dag H.L. Sorbo, Thomas Plagemann, Vera Goebel, and Andreas Mauthe 20.1 Introduction 385 20.2 Related Work 387 20.3 CacheCast Overview 388 20.4 Background on Multidestination Traffic 389 20.5 CacheCast Design 391 20.6 CacheCast Efficiency 396 20.7 CacheCast Applications 399 20.8 Visionary Thoughts for Practitioners 407 20.9 Future Research Directions 409 20.10 Conclusion 409 Acknowledgments 410 References 410 21 CONTENT REPLICATION AND DELIVERY IN INFORMATION-CENTRIC NETWORKS 413Vasilis Sourlas, Paris Flegkas, Dimitrios Katsaros, and Leandros Tassiulas 21.1 Introduction 413 21.2 Related Work 414 21.3 Framework for Information Replication in ICN 416 21.4 Performance Evaluation 423 21.5 Future Research Directions 426 21.6 Conclusion 426 Acknowledgments 427 References 427 22 ROBUST CONTENT BROADCASTING IN VEHICULAR NETWORKS 431Giancarlo Fortino, Carlos T. Calafate, Juan C. Cano, and Pietro Manzoni 22.1 Introduction 431 22.2 Vehicular Networks 432 22.3 Forward Error Correction Techniques 433 22.4 A Robust Broadcast-Based Content Delivery System 434 22.5 CDS Simulation in NS-3 436 22.6 Performance Evaluation 437 22.7 Future Research Trends 444 22.8 Summary and Conclusion 446 Acknowledgments 447 References 447 23 ON THE IMPACT OF ONLINE SOCIAL NETWORKS IN CONTENT DELIVERY 449Irene Kilanioti, Chryssis Georgiou, and George Pallis 23.1 Introduction 449 23.2 Online Social Networks Background 450 23.3 Characterization of Social Cascades 453 23.4 Online Social Network Measurements 456 23.5 Systems 458 23.6 Future Research Directions 459 23.7 Conclusion 461 Acknowledgments 461 References 461 Index 465
£86.36
John Wiley & Sons Inc Digital Signal Processing with Kernel Methods
Book SynopsisA realistic and comprehensive review of joint approaches to machine learning and signal processing algorithms, with application to communications, multimedia, and biomedical engineering systems Digital Signal Processing with Kernel Methods reviews the milestones in the mixing of classical digital signal processing models and advanced kernel machines statistical learning tools. It explains the fundamental concepts from both fields of machine learning and signal processing so that readers can quickly get up to speed in order to begin developing the concepts and application software in their own research. Digital Signal Processing with Kernel Methods provides a comprehensive overview of kernel methods in signal processing, without restriction to any application field. It also offers example applications and detailed benchmarking experiments with real and synthetic datasets throughout. Readers can find further worked examples with Matlab source code on a website developed by the authors: hTable of ContentsAbout the Authors xiii Preface xvii Acknowledgements xxi List of Abbreviations xxiii Part I Fundamentals and Basic Elements 1 1 From Signal Processing to Machine Learning 3 1.1 A New Science is Born: Signal Processing 3 1.1.1 Signal Processing Before Being Coined 3 1.1.2 1948: Birth of the Information Age 4 1.1.3 1950s: Audio Engineering Catalyzes Signal Processing 4 1.2 From Analog to Digital Signal Processing 5 1.2.1 1960s: Digital Signal Processing Begins 5 1.2.2 1970s: Digital Signal Processing Becomes Popular 6 1.2.3 1980s: Silicon Meets Digital Signal Processing 6 1.3 Digital Signal Processing Meets Machine Learning 7 1.3.1 1990s: New Application Areas 7 1.3.2 1990s: Neural Networks, Fuzzy Logic, and Genetic Optimization 7 1.4 Recent Machine Learning in Digital Signal Processing 8 1.4.1 Traditional Signal Assumptions Are No Longer Valid 8 1.4.2 Encoding Prior Knowledge 8 1.4.3 Learning and Knowledge from Data 9 1.4.4 From Machine Learning to Digital Signal Processing 9 1.4.5 From Digital Signal Processing to Machine Learning 10 2 Introduction to Digital Signal Processing 13 2.1 Outline of the Signal Processing Field 13 2.1.1 Fundamentals on Signals and Systems 14 2.1.2 Digital Filtering 21 2.1.3 Spectral Analysis 24 2.1.4 Deconvolution 28 2.1.5 Interpolation 30 2.1.6 System Identification 31 2.1.7 Blind Source Separation 36 2.2.3 Sparsity, Compressed Sensing, and Dictionary Learning 44 2.3 Multidimensional Signals and Systems 48 2.3.1 Multidimensional Signals 49 2.3.2 Multidimensional Systems 51 2.4 Spectral Analysis on Manifolds 52 2.4.1 Theoretical Fundamentals 52 2.4.2 Laplacian Matrices 54 2.5 Tutorials and Application Examples 57 2.5.1 Real and Complex Signal Processing and Representations 57 2.5.2 Convolution, Fourier Transform, and Spectrum 63 2.5.3 Continuous-Time Signals and Systems 67 2.5.4 Filtering Cardiac Signals 70 2.5.5 Nonparametric Spectrum Estimation 74 2.5.6 Parametric Spectrum Estimation 77 2.5.7 Source Separation 81 2.5.8 Time–Frequency Representations and Wavelets 84 2.5.9 Examples for Spectral Analysis on Manifolds 87 2.6 Questions and Problems 94 3 Signal Processing Models 97 3.1 Introduction 97 3.2 Vector Spaces, Basis, and Signal Models 98 3.2.1 Basic Operations for Vectors 98 3.2.2 Vector Spaces 100 3.2.3 Hilbert Spaces 101 3.2.4 Signal Models 102 3.2.5 Complex Signal Models 104 3.2.6 Standard Noise Models in Digital Signal Processing 105 3.2.7 The Role of the Cost Function 107 3.2.8 The Role of the Regularizer 109 3.3 Digital Signal Processing Models 111 3.3.1 Sinusoidal Signal Models 112 3.3.2 System Identification Signal Models 113 3.3.3 Sinc Interpolation Models 116 3.3.4 Sparse Deconvolution 120 3.3.5 Array Processing 121 3.4 Tutorials and Application Examples 122 3.4.1 Examples of Noise Models 123 3.4.2 Autoregressive Exogenous System Identification Models 132 3.4.3 Nonlinear System Identification Using Volterra Models 138 3.4.4 Sinusoidal Signal Models 140 3.4.5 Sinc-based Interpolation 144 3.4.6 Sparse Deconvolution 152 3.4.7 Array Processing 157 3.5 Questions and Problems 160 3.A MATLABsimpleInterp Toolbox Structure 161 4 Kernel Functions and Reproducing Kernel Hilbert Spaces 165 4.1 Introduction 165 4.2 Kernel Functions and Mappings 169 4.2.1 Measuring Similarity with Kernels 169 4.2.2 Positive-Definite Kernels 169 4.2.3 Reproducing Kernel in Hilbert Space and Reproducing Property 170 4.2.4 Mercer’s Theorem 173 4.3 Kernel Properties 174 4.3.1 Tikhonov’s Regularization 175 4.3.2 Representer Theorem and Regularization Properties 176 4.3.3 Basic Operations with Kernels 178 4.4 Constructing Kernel Functions 179 4.4.1 Standard Kernels 179 4.4.2 Properties of Kernels 180 4.4.3 Engineering Signal Processing Kernels 181 4.5 Complex Reproducing Kernel in Hilbert Spaces 184 4.6 Support Vector Machine Elements for Regression and Estimation 186 4.6.1 Support Vector Regression Signal Model and Cost Function 186 4.6.2 Minimizing Functional 187 4.7 Tutorials and Application Examples 191 4.7.1 Kernel Calculations and Kernel Matrices 191 4.7.2 Basic Operations with Kernels 194 4.7.3 Constructing Kernels 197 4.7.4 Complex Kernels 199 4.7.5 Application Example for Support Vector Regression Elements 202 4.8 Concluding Remarks 205 4.9 Questions and Problems 205 Part II Function Approximation and Adaptive Filtering 209 5 A Support Vector Machine Signal Estimation Framework 211 5.1 Introduction 211 5.2 A Framework for Support Vector Machine Signal Estimation 213 5.3 Primal Signal Models for Support Vector Machine Signal Processing 216 5.3.1 Nonparametric Spectrum and System Identification 218 5.3.2 Orthogonal Frequency Division Multiplexing Digital Communications 220 5.3.3 Convolutional Signal Models 222 5.3.4 Array Processing 225 5.4 Tutorials and Application Examples 227 5.4.1 Nonparametric Spectral Analysis with Primal Signal Models 227 5.4.2 System Identification with Primal Signal Model ;;-filter 228 5.4.3 Parametric Spectral Density Estimation with Primal Signal Models 230 5.4.4 Temporal Reference Array Processing with Primal Signal Models 231 5.4.5 Sinc Interpolation with Primal Signal Models 233 6 Reproducing Kernel Hilbert Space Models for Signal Processing 241 6.1 Introduction 241 6.2 Reproducing Kernel Hilbert Space Signal Models 242 6.2.1 Kernel Autoregressive Exogenous Identification 244 6.2.2 Kernel Finite Impulse Response and the ;;-Filter 247 6.2.3 Kernel Array Processing with Spatial Reference 248 6.2.4 Kernel Semiparametric Regression 249 6.3 Tutorials and Application Examples 258 6.3.1 Nonlinear System Identification with Support Vector Machine–Autoregressive and Moving Average 258 6.3.2 Nonlinear System Identification with the ;;-filter 260 6.3.3 Electric Network Modeling with Semiparametric Regression 264 6.3.4 Promotional Data 272 6.3.5 Spatial and Temporal Antenna Array Kernel Processing 275 6.4 Questions and Problems 279 7 Dual Signal Models for Signal Processing 281 7.1 Introduction 281 7.2 Dual Signal Model Elements 281 7.3 Dual Signal Model Instantiations 283 7.3.1 Dual Signal Model for Nonuniform Signal Interpolation 283 7.3.2 Dual Signal Model for Sparse Signal Deconvolution 284 7.3.3 Spectrally Adapted Mercer Kernels 285 7.4 Tutorials and Application Examples 289 7.4.1 Nonuniform Interpolation with the Dual Signal Model 290 7.4.2 Sparse Deconvolution with the Dual Signal Model 292 7.4.3 Doppler Ultrasound Processing for Fault Detection 294 7.4.4 Spectrally Adapted Mercer Kernels 296 7.4.5 Interpolation of Heart Rate Variability Signals 304 7.4.6 Denoising in Cardiac Motion-Mode Doppler Ultrasound Images 309?m 7.4.7 Indoor Location from Mobile Devices Measurements 316 7.4.8 Electroanatomical Maps in Cardiac Navigation Systems 322 7.5 Questions and Problems 331 8 Advances in Kernel Regression and Function Approximation 333 8.1 Introduction 333 8.2 Kernel-Based Regression Methods 333 8.2.1 Advances in Support Vector Regression 334 8.2.2 Multi-output Support Vector Regression 338 8.2.3 Kernel Ridge Regression 339 8.2.4 Kernel Signal-To-Noise Regression 341 8.2.5 Semisupervised Support Vector Regression 343 8.2.6 Model Selection in Kernel Regression Methods 345 8.4.1 Comparing Support Vector Regression, Relevance Vector Machines, and Gaussian Process Regression 360 8.4.2 Profile-Dependent Support Vector Regression 362 8.4.3 Multi-output Support Vector Regression 364 8.4.4 Kernel Signal-to-Noise Ratio Regression 366 8.4.5 Semisupervised Support Vector Regression 368 8.4.6 Bayesian Nonparametric Model 369 8.4.7 Gaussian Process Regression 370 8.4.8 Relevance Vector Machines 379 8.5 Concluding Remarks 382 8.6 Questions and Problems 383 9 Adaptive Kernel Learning for Signal Processing 387 9.1 Introduction 387 9.2 Linear Adaptive Filtering 387 9.2.1 Least Mean Squares Algorithm 388 9.2.2 Recursive Least-Squares Algorithm 389 9.3 Kernel Adaptive Filtering 392 9.4 Kernel Least Mean Squares 392 9.4.1 Derivation of Kernel Least Mean Squares 393 9.4.2 Implementation Challenges and Dual Formulation 394 9.5.3 Prediction of the Mackey–Glass Time Series with Kernel Recursive Least Squares 401 9.5.4 Beyond the Stationary Model 402 9.5.5 Example on Nonlinear Channel Identification and Reconvergence 405 9.6 Explicit Recursivity for Adaptive Kernel Models 406 9.6.1 Recursivity in Hilbert Spaces 406 9.6.2 Recursive Filters in Reproducing Kernel Hilbert Spaces 408 9.7 Online Sparsification with Kernels 411 9.7.1 Sparsity by Construction 411 9.7.2 Sparsity by Pruning 413 9.8 Probabilistic Approaches to Kernel Adaptive Filtering 414 9.8.1 Gaussian Processes and Kernel Ridge Regression 415 9.8.2 Online Recursive Solution for Gaussian Processes Regression 416 9.8.3 Kernel Recursive Least Squares Tracker 417 9.8.4 Probabilistic Kernel Least Mean Squares 418 9.9 Further Reading 418 9.9.1 Selection of Kernel Parameters 418 9.9.2 Multi-Kernel Adaptive Filtering 419 9.9.3 Recursive Filtering in Kernel Hilbert Spaces 419 9.10 Tutorials and Application Examples 419 9.10.1 Kernel Adaptive Filtering Toolbox 420 9.10.2 Prediction of a Respiratory Motion Time Series 421 9.10.3 Online Regression on the KIN?h?eK Dataset 423 9.10.4 The Mackey–Glass Time Series 425 9.10.5 Explicit Recursivity on Reproducing Kernel in Hilbert Space and Electroencephalogram Prediction 427 9.10.6 Adaptive Antenna Array Processing 428 9.11 Questions and Problems 430 Part III Classification, Detection, and Feature Extraction 433 10 Support Vector Machine and Kernel Classification Algorithms 435 10.1 Introduction 435 10.2 Support Vector Machine and Kernel Classifiers 435 10.2.1 Support Vector Machines 435 10.2.2 Multiclass and Multilabel Support Vector Machines 441 10.2.3 Least-Squares Support Vector Machine 447 10.2.4 Kernel Fisher’s Discriminant Analysis 448 10.3 Advances in Kernel-Based Classification 452 10.3.1 Large Margin Filtering 452 10.3.2 Semisupervised Learning 454 10.3.3 Multiple Kernel Learning 460 10.3.4 Structured-Output Learning 462 10.3.5 Active Learning 468 10.4 Large-Scale Support Vector Machines 477 10.4.1 Large-Scale Support Vector Machine Implementations 477 10.4.2 Random Fourier Features 478 10.4.3 Parallel Support Vector Machine 480 10.4.4 Outlook 483 10.5 Tutorials and Application Examples 485 10.5.1 Examples of Support Vector Machine Classification 485 10.5.2 Example of Least-Squares Support Vector Machine 492 10.5.3 Kernel-Filtering Support Vector Machine for Brain–Computer Interface Signal Classification 493 10.5.4 Example of Laplacian Support Vector Machine 494 10.5.5 Example of Graph-Based Label Propagation 498 10.5.6 Examples of Multiple Kernel Learning 498 10.6 Concluding Remarks 501 10.7 Questions and Problems 502 11 Clustering and Anomaly Detection with Kernels 503 11.1 Introduction 503 11.2 Kernel Clustering 506 11.2.1 Kernelization of the Metric 506 11.2.2 Clustering in Feature Spaces 508 11.3 Domain Description Via Support Vectors 514 11.3.1 Support Vector Domain Description 514 11.3.2 One-Class Support Vector Machine 515 11.3.3 Relationship Between Support Vector Domain Description and Density Estimation 516 11.3.4 Semisupervised One-Class Classification 517 11.4 Kernel Matched Subspace Detectors 518 11.4.1 Kernel Orthogonal Subspace Projection 518 11.4.2 Kernel Spectral Angle Mapper 520 11.5 Kernel Anomaly Change Detection 522 11.5.1 Linear Anomaly Change Detection Algorithms 522 11.5.2 Kernel Anomaly Change Detection Algorithms 523 11.6 Hypothesis Testing with Kernels 525 11.6.1 Distribution Embeddings 526 11.6.3 Maximum Mean Discrepancy 527 11.6.3 One-Class Support Measure Machine 528 11.7 Tutorials and Application Examples 529 11.7.1 Example on Kernelization of the Metric 529 11.7.2 Example on Kernel k-Means 530 11.7.3 Domain Description Examples 531 11.7.4 Kernel Spectral Angle Mapper and Kernel Orthogonal Subspace Projection Examples 534 11.7.5 Example of Kernel Anomaly Change Detection Algorithms 536 11.7.6 Example on Distribution Embeddings and Maximum Mean Discrepancy 540 11.8 Concluding Remarks 541 11.9 Questions and Problems 542 12 Kernel Feature Extraction in Signal Processing 543 12.1 Introduction 543 12.2 Multivariate Analysis in Reproducing Kernel Hilbert Spaces 545 12.2.1 Problem Statement and Notation 545 12.2.2 Linear Multivariate Analysis 546 12.2.3 Kernel Multivariate Analysis 549 12.2.4 Multivariate Analysis Experiments 551 12.3 Feature Extraction with Kernel Dependence Estimates 555 12.3.1 Feature Extraction Using Hilbert–Schmidt Independence Criterion 556 12.3.2 Blind Source Separation Using Kernels 563 12.4 Extensions for Large-Scale and Semisupervised Problems 570 12.4.2 Efficiency with the Incomplete Cholesky Decomposition 570 12.4.3 Efficiency with Random Fourier Features 570 12.4.3 Sparse Kernel Feature Extraction 571 12.4.4 Semisupervised Kernel Feature Extraction 573 12.5 Domain Adaptation with Kernels 575 12.5.1 Kernel Mean Matching 578 12.5.2 Transfer Component Analysis 579 12.5.3 Kernel Manifold Alignment 581 12.5.4 Relations between Domain Adaptation Methods 585 12.5.5 Experimental Comparison between Domain Adaptation Methods 12.6 Concluding Remarks 587 12.7 Questions and Problems 588 References 589Index 631
£100.76
John Wiley & Sons Inc The Browser Hackers Handbook
Book SynopsisHackers exploit browser vulnerabilities to attack deep within networks The Browser Hacker''s Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods. The web browser has become the most popular and widely used computer program in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker''s Handbook thoroughly covers complex security issues and explores relevant topics such as: BypassTable of ContentsIntroduction xv Chapter 1 Web Browser Security 1 A Principal Principle 2 Exploring the Browser 3 Symbiosis with the Web Application 4 Same Origin Policy 4 HTTP Headers 5 Markup Languages 5 Cascading Style Sheets 6 Scripting 6 Document Object Model 7 Rendering Engines 7 Geolocation 9 Web Storage 9 Cross-origin Resource Sharing 9 Html 5 10 Vulnerabilities 11 Evolutionary Pressures 12 HTTP Headers 13 Reflected XSS Filtering 15 Sandboxing 15 Anti-phishing and Anti-malware 16 Mixed Content 17 Core Security Problems 17 Attack Surface 17 Surrendering Control 20 TCP Protocol Control 20 Encrypted Communication 20 Same Origin Policy 21 Fallacies 21 Browser Hacking Methodology 22 Summary 28 Questions 28 Notes 29 Chapter 2 Initiating Control 31 Understanding Control Initiation 32 Control Initiation Techniques 32 Using Cross-site Scripting Attacks 32 Using Compromised Web Applications 46 Using Advertising Networks 46 Using Social Engineering Attacks 47 Using Man-in-the-Middle Attacks 59 Summary 72 Questions 73 Notes 73 Chapter 3 Retaining Control 77 Understanding Control Retention 78 Exploring Communication Techniques 79 Using XMLHttpRequest Polling 80 Using Cross-origin Resource Sharing 83 Using WebSocket Communication 84 Using Messaging Communication 86 Using DNS Tunnel Communication 89 Exploring Persistence Techniques 96 Using IFrames 96 Using Browser Events 98 Using Pop-Under Windows 101 Using Man-in-the-Browser Attacks 104 Evading Detection 110 Evasion using Encoding 111 Evasion using Obfuscation 116 Summary 125 Questions 126 Notes 127 Chapter 4 Bypassing the Same Origin Policy 129 Understanding the Same Origin Policy 130 Understanding the SOP with the DOM 130 Understanding the SOP with CORS 131 Understanding the SOP with Plugins 132 Understanding the SOP with UI Redressing 133 Understanding the SOP with Browser History 133 Exploring SOP Bypasses 134 Bypassing SOP in Java 134 Bypassing SOP in Adobe Reader 140 Bypassing SOP in Adobe Flash 141 Bypassing SOP in Silverlight 142 Bypassing SOP in Internet Explorer 142 Bypassing SOP in Safari 143 Bypassing SOP in Firefox 144 Bypassing SOP in Opera 145 Bypassing SOP in Cloud Storage 149 Bypassing SOP in CORS 150 Exploiting SOP Bypasses 151 Proxying Requests 151 Exploiting UI Redressing Attacks 153 Exploiting Browser History 170 Summary 178 Questions 179 Notes 179 Chapter 5 Attacking Users 183 Defacing Content 183 Capturing User Input 187 Using Focus Events 188 Using Keyboard Events 190 Using Mouse and Pointer Events 192 Using Form Events 195 Using IFrame Key Logging 196 Social Engineering 197 Using TabNabbing 198 Using the Fullscreen 199 Abusing UI Expectations 204 Using Signed Java Applets 223 Privacy Attacks 228 Non-cookie Session Tracking 230 Bypassing Anonymization 231 Attacking Password Managers 234 Controlling the Webcam and Microphone 236 Summary 242 Questions 243 Notes 243 Chapter 6 Attacking Browsers 247 Fingerprinting Browsers 248 Fingerprinting using HTTP Headers 249 Fingerprinting using DOM Properties 253 Fingerprinting using Software Bugs 258 Fingerprinting using Quirks 259 Bypassing Cookie Protections 260 Understanding the Structure 261 Understanding Attributes 263 Bypassing Path Attribute Restrictions 265 Overflowing the Cookie Jar 268 Using Cookies for Tracking 270 Sidejacking Attacks 271 Bypassing HTTPS 272 Downgrading HTTPS to HTTP 272 Attacking Certificates 276 Attacking the SSL/TLS Layer 277 Abusing Schemes 278 Abusing iOS 279 Abusing the Samsung Galaxy 281 Attacking JavaScript 283 Attacking Encryption in JavaScript 283 JavaScript and Heap Exploitation 286 Getting Shells using Metasploit 293 Getting Started with Metasploit 294 Choosing the Exploit 295 Executing a Single Exploit 296 Using Browser Autopwn 300 Using BeEF with Metasploit 302 Summary 305 Questions 305 Notes 306 Chapter 7 Attacking Extensions 311 Understanding Extension Anatomy 312 How Extensions Differ from Plugins 312 How Extensions Differ from Add-ons 313 Exploring Privileges 313 Understanding Firefox Extensions 314 Understanding Chrome Extensions 321 Discussing Internet Explorer Extensions 330 Fingerprinting Extensions 331 Fingerprinting using HTTP Headers 331 Fingerprinting using the DOM 332 Fingerprinting using the Manifest 335 Attacking Extensions 336 Impersonating Extensions 336 Cross-context Scripting 339 Achieving OS Command Execution 355 Achieving OS Command Injection 359 Summary 364 Questions 365 Notes 365 Chapter 8 Attacking Plugins 371 Understanding Plugin Anatomy 372 How Plugins Differ from Extensions 372 How Plugins Differ from Standard Programs 374 Calling Plugins 374 How Plugins are Blocked 376 Fingerprinting Plugins 377 Detecting Plugins 377 Automatic Plugin Detection 379 Detecting Plugins in BeEF 380 Attacking Plugins 382 Bypassing Click to Play 382 Attacking Java 388 Attacking Flash 400 Attacking ActiveX Controls 403 Attacking PDF Readers 408 Attacking Media Plugins 410 Summary 415 Questions 416 Notes 416 Chapter 9 Attacking Web Applications 421 Sending Cross-origin Requests 422 Enumerating Cross-origin Quirks 422 Preflight Requests 425 Implications 425 Cross-origin Web Application Detection 426 Discovering Intranet Device IP Addresses 426 Enumerating Internal Domain Names 427 Cross-origin Web Application Fingerprinting 429 Requesting Known Resources 430 Cross-origin Authentication Detection 436 Exploiting Cross-site Request Forgery 440 Understanding Cross-site Request Forgery 440 Attacking Password Reset with XSRF 443 Using CSRF Tokens for Protection 444 Cross-origin Resource Detection 445 Cross-origin Web Application Vulnerability Detection 450 SQL Injection Vulnerabilities 450 Detecting Cross-site Scripting Vulnerabilities 465 Proxying through the Browser 469 Browsing through a Browser 472 Burp through a Browser 477 Sqlmap through a Browser 480 Browser through Flash 482 Launching Denial-of-Service Attacks 487 Web Application Pinch Points 487 DDoS Using Multiple Hooked Browsers 489 Launching Web Application Exploits 493 Cross-origin DNS Hijack 493 Cross-origin JBoss JMX Remote Command Execution 495 Cross-origin GlassFish Remote Command Execution 497 Cross-origin m0n0wall Remote Command Execution 501 Cross-origin Embedded Device Command Execution 502 Summary 508 Questions 508 Notes 509 Chapter 10 Attacking Networks 513 Identifying Targets 514 Identifying the Hooked Browser’s Internal IP 514 Identifying the Hooked Browser’s Subnet 520 Ping Sweeping 523 Ping Sweeping using XMLHttpRequest 523 Ping Sweeping using Java 528 Port Scanning 531 Bypassing Port Banning 532 Port Scanning using the IMG Tag 537 Distributed Port Scanning 539 Fingerprinting Non-HTTP Services 542 Attacking Non-HTTP Services 545 NAT Pinning 545 Achieving Inter-protocol Communication 549 Achieving Inter-protocol Exploitation 564 Getting Shells using BeEF Bind 579 The BeEF Bind Shellcode 579 Using BeEF Bind in your Exploits 585 Using BeEF Bind as a Web Shell 596 Summary 599 Questions 600 Notes 601 Chapter 11 Epilogue: Final Thoughts 605 Index 609
£42.75
John Wiley & Sons Inc Whois Running the Internet
Book SynopsisDiscusses the evolution of WHOIS and how policy changes will affect WHOIS' place in IT today and in the futureThis book provides a comprehensive overview of WHOIS. The text begins with an introduction to WHOIS and an in-depth coverage of its forty-year history. Afterwards it examines how to use WHOIS and how WHOIS fits in the overall structure of the Domain Name System (DNS). Other technical topics covered include WHOIS query code and WHOIS server details. The book also discusses current policy developments and implementations, reviews critical policy documents, and explains how they will affect the future of the Internet and WHOIS. Additional resources and content updates will be provided through a supplementary website. Includes an appendix with information on current and authoritative WHOIS services around the world Provides illustrations of actual WHOIS records and screenshots of web-based WHOIS query interfaces with inTable of ContentsIntroduction: What is WHOIS? 1 I.1 Conventions Used in this Text 4 I.2 Flow of this Text 5 I.3 WHOIS from versus WHOIS about 5 I.4 Origin of the Term WHOIS 6 I.5 Why WHOIS Is Important (or Should Be) to Everyone 7 I.6 What Kind of Use and Contact is Permitted for WHOIS 7 I.7 Where is the WHOIS Data? 8 I.8 Identifying Remote Communication Sources 8 I.9 Getting Documentation 11 1 The History of WHOIS 13 1.1 In the Beginning 13 1.2 The Sands of Time 14 1.2.1 Seals 15 1.2.2 From Signal Fires on the Great Wall to Telegraphy 15 1.2.3 The Eye of Horus 17 1.3 1950s: On the Wires and in the Air 18 1.3.1 Sputnik Changes Everything 18 1.3.2 Telegraphs, Radio, Teletype, and Telephones 19 1.3.3 WRU: The First WHOIS 20 1.4 1960s: Sparking the Internet to Life 26 1.4.1 SRI, SAIL, and ITS 26 1.4.2 Doug Engelbart: The Father of Office Automation 27 1.5 1970s: Ok, Now That We Have an Internet, How Do We Keep Track of Everyone? 27 1.5.1 Elizabeth “Jake” Feinler 27 1.5.2 The ARPANET Directory as Proto‐WHOIS 27 1.5.3 The Site Status List 28 1.5.4 Distribution of the HOSTS Table 30 1.5.5 Finger 30 1.5.6 Sockets 31 1.5.7 Into the VOID with NLS IDENTFILE 32 1.5.8 NAME/FINGER RFC 742 (1977) 33 1.5.9 Other Early Models 35 1.6 1980s: WHOIS Gets Its Own RFC 36 1.6.1 The DNS 37 1.6.2 WHOIS Updated for Domains (1985) 38 1.6.3 Oops! The Internet Goes Public 39 1.7 1990s: The Internet as We Know It Emerges 40 1.7.1 Referral WHOIS or RWhois RFC 1714 (1994) 41 1.7.2 WHOIS++ RFCs 1834 and 1835 (1995) 41 1.7.3 ICANN Takes over WHOIS (1998) 42 1.8 2000s: WHOIS Standards 42 1.8.1 ICANN’s Registrar Accreditation Agreement and WHOIS (2001) 43 1.8.2 WHOIS Protocol Specification 2004 RFC 3912 (2004) 43 1.8.3 Creaking of Politics 44 References 45 2 Using WHOIS 47 2.1 Domain WHOIS Data 48 2.1.1 Record Terminology 48 2.2 Domain WHOIS Fields 52 2.2.1 Status 54 2.2.2 Registrar 54 2.2.3 Nameservers 55 2.2.4 Registrant, Administrative, Technical, and Billing 56 2.2.5 Names and Organizations 56 2.2.6 Emails 57 2.2.7 Addresses 58 2.2.8 Phone Numbers 58 2.2.9 Record Dates 59 2.2.10 DNSSEC 59 2.2.11 Other Information 60 2.3 Getting Records about Various Resources 60 2.3.1 Starting at the Top: The Empty Domain 60 2.3.2 Query WHOIS for a TLD as a Domain 61 2.3.3 WHOIS for a Registrar or Registry 62 2.3.4 Nameservers 63 2.3.5 Registrar and Registry 64 2.3.6 Special Cases 65 2.3.7 Dealing with Weird Results 73 2.4 IP WHOIS 74 2.4.1 Five Regional NICs 75 2.4.2 CIDR and ASN 80 2.4.3 IPv4 and IPv6 81 2.5 ccTLDs and IDNs 82 2.5.1 ccTLDs 82 2.5.2 IDNs 84 2.5.3 Language versus Script 85 2.5.4 ASCII 85 2.5.5 Unicode 86 2.5.6 Getting WHOIS Records for IDNs 87 2.6 WHOIS Services 87 2.6.1 Port 43 Command Line or Terminal 88 2.6.2 Clients 89 2.6.3 Representational State Transfer (RESTFul) WHOIS 97 2.6.4 Web‐Based WHOIS 97 2.6.5 Telnet to WHOIS Server 99 2.6.6 More Services, Software, and Packages 100 2.6.7 WHOIS Functions, Switches, and Tricks 102 2.6.8 Obscure, Archaic, and Obsolete WHOIS Services 104 References 105 3 Research and Investigations 107 3.1 Completely Disassembling a WHOIS Record 108 3.1.1 A Normal, Safe Domain: cnn.com 108 3.1.2 Deconstructing the WHOIS for a Spammed Domain 116 3.1.3 Illicit Domain WHOIS 120 3.1.4 Virus Domain WHOIS 121 3.1.5 Tracking Cybersquatters and Serial Trademark Violators 123 3.1.6 Network Security Administrator Issues 124 3.1.7 Protecting Your Domain with Accurate WHOIS 125 3.2 More Tools 126 3.2.1 Ping 126 3.2.2 Traceroute 126 3.2.3 Secondary Sources, Historical Data, and Additional Tools 126 References 129 4 WHOIS in the Domain Name System (DNS) 131 4.1 The Big Mistake 131 4.2 Basics of the DNS 133 4.2.1 TCP/IP, Layers, and Resolvers 133 4.2.2 How a Domain Becomes a Website 134 4.2.3 WHOIS Pervades the DNS 134 4.2.4 ICANN, IANA, Registries, and Registrars 135 4.2.5 .ARPA: Special Architectural TLD 138 4.2.6 Setting the Example with Reserved Domains 139 4.2.7 DNS RFCs 882, 883, 1033, and 1034 140 4.3 DNS RR 141 4.3.1 Berkeley Internet Name Domain 141 4.3.2 Shared WHOIS Project 141 4.3.3 Using the DiG 142 4.3.4 Graphic DNS Software and Websites 145 4.3.5 Finding Hidden Registrars and Tracking Roots 146 4.3.6 Traceroute 150 4.4 Outside the DNS: An Internet without WHOIS 153 4.4.1 The Onion Routing 153 4.4.2 .ONION and Other TLDs 155 Reference 157 5 WHOIS Code 159 5.1 Automating WHOIS with Batching and Scripting 159 5.1.1 DiG Example 159 5.1.2 DOS Batch File Example 160 5.1.3 VBScript Example 160 5.2 WHOIS Client Code 161 5.2.1 What a WHOIS Client Should Do 161 5.2.2 Early Versions 163 5.2.3 C/C++ 164 5.2.4 Perl 168 5.2.5 Java 169 5.2.6 Recursive Python WHOIS by Peter Simmons 169 5.2.7 Lisp WHOIS by Evrim Ulu 169 5.3 Web WHOIS Forms 170 5.3.1 Creating a WHOIS Web Interface with PHP 170 5.4 Parsing WHOIS Records 171 5.4.1 Ruby WHOIS by Simone Carletti 171 5.4.2 Regular Expressions 173 6 WHOIS Servers 175 6.1 Historical Servers 176 6.2 Server Standards and ICANN Requirements 177 6.3 Finding the Right Server 178 6.4 Installing and Configuring WHOIS Servers 180 6.4.1 JWhoisServer by Klaus Zerwes 180 6.4.2 WHOIS Daemon 186 6.5 WHOIS Database 186 7 WHOIS Policy Issues 189 7.1 The WHOIS Policy Debate 189 7.1.1 Basic Policy 191 7.1.2 ICANN Registrar Accreditation Agreement WHOIS Standards 191 7.1.3 Lack of Language Support in WHOIS 193 7.1.4 Abuses 193 7.1.5 Privacy 195 7.1.6 Source of Concerns 197 7.1.7 Creating Balance 197 7.1.8 European Privacy Laws and WHOIS 200 7.1.9 Drawing the Line 201 7.1.10 Uniform Domain‐Name Dispute‐Resolution Policy 203 7.1.11 WHOIS Inaccuracy, Falsification, Obfuscation, and Access Denial 209 7.2 Studies, Reports, and Activities on WHOIS 209 7.2.1 SSAC (2002) 210 7.2.2 Benjamin Edelman Congressional Testimony on WHOIS (2003) 210 7.2.3 US Government Accountability Office Report on Prevalence of False Contact Information in WHOIS (2005) 211 7.2.4 WHOIS Study Hypotheses Group Report to the GNSO Council (2008) 211 7.2.5 National Opinion Research Center at the University of Chicago (2009) 212 7.2.6 WHOIS Policy Review Team Final Report (2012) 212 7.3 WHOIS Enforcement and Nonenforcement at ICANN 213 7.3.1 Tracking ICANN’s Response to WHOIS Inaccuracy 215 7.3.2 ICANN Compliance Designed for Failure 218 7.3.3 ICANN’s Contract with Registrars Not Enforceable on WHOIS Accuracy 219 References 223 8 The Future of WHOIS 225 8.1 New gTLDs 226 8.2 WHOIS‐Based Extensible Internet Registration Data Service (WEIRDS) 227 8.3 Aggregated Registry Data Services (ARDS) 230 8.4 Truly Solving the Problem 231 8.5 Conclusion: The Domain Money Wall—or Why ICANN Will Never Fix WHOIS 232 Appendix A: WHOIS Code 237 Appendix B: WHOIS Servers 293 Index 331
£78.26
John Wiley & Sons Inc Big Data
Book SynopsisLeverage big data to add value to your business Social media analytics, web-tracking, and other technologies help companies acquire and handle massive amounts of data to better understand their customers, products, competition, and markets.Table of ContentsPreface xix Introduction xxi 1 The Big Data Business Opportunity 1 The Business Transformation Imperative 3 Walmart Case Study 3 The Big Data Business Model Maturity Index 5 Business Monitoring 7 Business Insights 7 Business Optimization 9 Data Monetization 10 Business Metamorphosis 12 Big Data Business Model Maturity Observations 16 Summary 18 2 Big Data History Lesson 19 Consumer Package Goods and Retail Industry Pre-1988 19 Lessons Learned and Applicability to Today’s Big Data Movement 23 Summary 24 3 Business Impact of Big Data 25 Big Data Impacts: The Questions Business Users Can Answer 26 Managing Using the Right Metrics 27 Data Monetization Opportunities 30 Digital Media Data Monetization Example 30 Digital Media Data Assets and Understanding Target Users 31 Data Monetization Transformations and Enrichments 32 Summary 34 4 Organizational Impact of Big Data 37 Data Analytics Lifecycle 40 Data Scientist Roles and Responsibilities 42 Discovery 43 Data Preparation 43 Model Planning 44 Model Building 44 Communicate Results 45 Operationalize 46 New Organizational Roles 46 User Experience Team 46 New Senior Management Roles 47 Liberating Organizational Creativity 49 Summary 51 5 Understanding Decision Theory 53 Business Intelligence Challenge 53 The Death of Why 55 Big Data User Interface Ramifications 56 The Human Challenge of Decision Making 58 Traps in Decision Making 58 What Can One Do? 62 Summary 63 6 Creating the Big Data Strategy 65 The Big Data Strategy Document 66 Customer Intimacy Example 67 Turning the Strategy Document into Action 69 Starbucks Big Data Strategy Document Example 70 San Francisco Giants Big Data Strategy Document Example 73 Summary 77 7 Understanding Your Value Creation Process 79 Understanding the Big Data Value Creation Drivers 81 Driver #1: Access to More Detailed Transactional Data 82 Driver #2: Access to Unstructured Data 82 Driver #3: Access to Low-latency (Real-Time) Data 83 Driver #4: Integration of Predictive Analytics 84 Big Data Envisioning Worksheet 85 Big Data Business Drivers: Predictive Maintenance Example 86 Big Data Business Drivers: Customer Satisfaction Example 87 Big Data Business Drivers: Customer Micro-segmentation Example 89 Michael Porter’s Valuation Creation Models 91 Michael Porter’s Five Forces Analysis 91 Michael Porter’s Value Chain Analysis 93 Value Creation Process: Merchandising Example 94 Summary 104 8 Big Data User Experience Ramifications 105 The Unintelligent User Experience 106 Understanding the Key Decisions to Build a Relevant User Experience 107 Using Big Data Analytics to Improve Customer Engagement 108 Uncovering and Leveraging Customer Insights 110 Rewiring Your Customer Lifecycle Management Processes 112 Using Customer Insights to Drive Business Profitability 113 Big Data Can Power a New Customer Experience 116 B2C Example: Powering the Retail Customer Experience 116 B2B Example: Powering Small- and Medium-Sized Merchant Effectiveness 119 Summary 122 9 Identifying Big Data Use Cases 125 The Big Data Envisioning Process 126 Step 1: Research Business Initiatives 127 Step 2: Acquire and Analyze Your Data 129 Step 3: Ideation Workshop: Brainstorm New Ideas 132 Step 4: Ideation Workshop: Prioritize Big Data Use Cases 138 Step 5: Document Next Steps 139 The Prioritization Process 140 The Prioritization Matrix Process 142 Prioritization Matrix Traps 143 Using User Experience Mockups to Fuel the Envisioning Process 145 Summary 149 10 Solution Engineering 151 The Solution Engineering Process 151 Step 1: Understand How the Organization Makes Money 153 Step 2: Identify Your Organization’s Key Business Initiatives 155 Step 3: Brainstorm Big Data Business Impact 156 Step 4: Break Down the Business Initiative into Use Cases 157 Step 5: Prove Out the Use Case 158 Step 6: Design and Implement the Big Data Solution. 159 Solution Engineering Tomorrow’s Business Solutions 161 Customer Behavioral Analytics Example 162 Predictive Maintenance Example 163 Marketing Effectiveness Example 164 Fraud Reduction Example 166 Network Optimization Example 166 Reading an Annual Report 167 Financial Services Firm Example 168 Retail Example 169 Brokerage Firm Example 171 Summary 172 11 Big Data Architectural Ramifications 173 Big Data: Time for a New Data Architecture 173 Introducing Big Data Technologies 175 Apache Hadoop 176 Hadoop MapReduce 177 Apache Hive 178 Apache HBase 178 Pig 178 New Analytic Tools 179 New Analytic Algorithms 180 Bringing Big Data into the Traditional Data Warehouse World 181 Data Enrichment: Think ELT, Not ETL 181 Data Federation: Query is the New ETL 183 Data Modeling: Schema on Read 184 Hadoop: Next Gen Data Staging and Prep Area 185 MPP Architectures: Accelerate Your Data Warehouse 187 In-database Analytics: Bring the Analytics to the Data 188 Cloud Computing: Providing Big Data Computational Power 190 Summary 191 12 Launching Your Big Data Journey 193 Explosive Data Growth Drives Business Opportunities 194 Traditional Technologies and Approaches Are Insufficient 195 The Big Data Business Model Maturity Index 197 Driving Business and IT Stakeholder Collaboration 198 Operationalizing Big Data Insights 199 Big Data Powers the Value Creation Process 200 Summary 202 13 Call to Action 203 Identify Your Organization’s Key Business Initiatives 203 Start with Business and IT Stakeholder Collaboration 204 Formalize Your Envisioning Process 204 Leverage Mockups to Fuel the Creative Process 205 Understand Your Technology and Architectural Options 205 Build off Your Existing Internal Business Processes 206 Uncover New Monetization Opportunities 206 Understand the Organizational Ramifications 207 Index 209
£24.79
John Wiley & Sons Inc Cabling
Book SynopsisDevelop the skills you need to design and build a reliable, cost-effective cabling infrastructure Fully updated for the growing demand of fiber optics for large-scale communications networks and telecommunication standards, this new edition is organized into two parts.Table of ContentsIntroduction xxxiii Part I LAN Networks and Cabling Systems 1 Chapter 1 Introduction to Data Cabling 3 Chapter 2 Cabling Specifications and Standards 57 Chapter 3 Choosing the Correct Cabling 103 Chapter 4 Cable System and Infrastructure Constraints 133 Chapter 5 Cabling System Components 157 Chapter 6 Tools of the Trade 183 Chapter 7 Copper Cable Media 215 Chapter 8 Fiber-Optic Media 255 Chapter 9 Wall Plates 281 Chapter 10 Connectors 299 Chapter 11 Network Equipment 325 Chapter 12 Wireless Networks 343 Chapter 13 Cabling System Design and Installation 367 Chapter 14 Cable Connector Installation 401 Chapter 15 Cable System Testing and Troubleshooting 433 Chapter 16 Creating a Request for Proposal 467 Chapter 17 Cabling @ Work: Experience from the Field 493 Part II Fiber-Optic Cabling and Components 507 Chapter 18 History of Fiber Optics and Broadband Access 509 Chapter 19 Principles of Fiber-Optic Transmission 519 Chapter 20 Basic Principles of Light 539 Chapter 21 Optical Fiber Construction and Theory 555 Chapter 23 Safety 605 Chapter 24 Fiber-Optic Cables 621 Chapter 25 Splicing 653 Chapter 26 Connectors 693 Chapter 27 Fiber-Optic Light Sources and Transmitters 763 Chapter 28 Fiber-Optic Detectors and Receivers 793 Chapter 29 Passive Components and Multiplexers 819 Chapter 30 Passive Optical Networks 849 Chapter 31 Cable Installation and Hardware 869 Chapter 32 Fiber-Optic System Design Considerations 903 Chapter 33 Test Equipment and Link/Cable Testing 941 Chapter 34 Troubleshooting and Restoration 995 Appendices 1037 Appendix A The Bottom Line 1039 Appendix B Cabling Resources 1097 Appendix C Registered Communications Distribution Designer (RCDD) Certification 1103 Appendix D Home Cabling: Wiring Your Home for Now and the Future 1109 Appendix E Overview of IEEE 1394 and USB Networking 1115 Appendix F The Electronics Technicians Association, International (ETA) Certifications 1121 Glossary Index 1241
£74.00
John Wiley & Sons Inc Hacking Point of Sale
Book SynopsisMust-have guide for professionals responsible for securing credit and debit card transactions As recent breaches like Target and Neiman Marcus show, payment card information is involved in more security breaches than any other data type. In too many places, sensitive card data is simply not protected adequately.Table of ContentsIntroduction xxiii Part I Anatomy of Payment Application Vulnerabilities 1 Chapter 1 Processing Payment Transactions 3 Chapter 2 Payment Application Architecture 25 Chapter 3 PCI 55 Part II Attacks on Point of Sale Systems 91 Chapter 4 Turning 40 Digits into Gold 93 Chapter 5 Penetrating Security Free Zones 125 Chapter 6 Breaking into PCI-protected Areas 147 Part III Defense 165 Chapter 7 Cryptography in Payment Applications 167 Chapter 8 Protecting Cardholder Data 195 Chapter 9 Securing Application Code 219 Conclusion 249 Appendix A POS Vulnerability Rank Calculator 251 Appendix B Glossary 257 Index 265
£45.12
John Wiley & Sons Inc Professional Microsoft SQL Server 2014
Book SynopsisFill the gap between planning and doing with SSIS 2014 The 2014 release of Microsoft's SQL Server Integration Services provides enhancements for managing extraction, transformation, and load operations, plus expanded in-memory capabilities, improved disaster recovery, increased scalability, and much more.Trade ReviewThis book is suitable for both developers that are new to SSIS development, and experienced developers looking for a more complete understanding. I highly recommend it. (I Programmer, July 2014)Table of ContentsIntroduction xxvii Chapter 1: Welcome to SQL Server Integration Services 1 SQL Server SSIS Historical Overview 2 What’s New in SSIS 2 Tools of the Trade 3 Import and Export Wizard 3 The SQL Server Data Tools Experience 4 SSIS Architecture 5 Packages 5 Control Flow 5 Data Flow 9 Variables 14 Parameters 14 Error Handling and Logging 14 Editions of SQL Server 14 Summary 15 Chapter 2: The SSIS Tools 17 Import and Export Wizard 17 SQL Server Data Tools 24 The Solution Explorer Window 26 The SSIS Toolbox 27 The Properties Windows 28 The SSIS Package Designer 28 Control Flow 29 Connection Managers 32 Variables 33 Data Flow 34 Parameters 35 Event Handlers 35 Package Explorer 36 Executing a Package 37 Management Studio 37 Summary 37 Chapter 3: SSIS Tasks 39 SSIS Task Objects 40 Using the Task Editor 40 The Task Editor Expressions Tab 41 Looping and Sequence Tasks 41 Script Task (.NET) 41 Analysis Services Tasks 44 Analysis Services Execute DDL Task 44 Analysis Services Processing Task 44 Data Mining Query Task 46 Data Flow Task 47 Data Preparation Tasks 48 Data Profiler 48 File System Task 50 Archiving a File 52 FTP Task 53 Getting a File Using FTP 54 Web Service Task 56 Retrieving Data Using the Web Service Task and XML Source Component 59 XML Task 62 Validating an XML File 64 RDBMS Server Tasks 66 Bulk Insert Task 66 Using the Bulk Insert Task 69 Execute SQL Task 71 Workflow Tasks 82 Execute Package Task 82 Execute Process Task 84 Message Queue Task 86 Send Mail Task 87 WMI Data Reader Task 88 WMI Event Watcher Task 91 Polling a Directory for the Delivery of a File 91 SMO Administration Tasks 92 Transfer Database Task 93 Transfer Error Messages Task 94 Transfer Logins Task 94 Transfer Master Stored Procedures Task 95 Transfer Jobs Task 96 Transfer SQL Server Objects Task 96 Summary 97 Chapter 4: The Data Flow 99 Understanding the Data Flow 99 Data Viewers 100 Sources 101 OLE DB Source 102 Excel Source 104 Flat File Source 105 Raw File Source 110 XML Source 110 ADO.NET Source 111 Destinations 111 Excel Destination 112 Flat File Destination 112 OLE DB Destination 112 Raw File Destination 113 Recordset Destination 114 Data Mining Model Training 114 DataReader Destination 114 Dimension and Partition Processing 114 Common Transformations 115 Synchronous versus Asynchronous Transformations 115 Aggregate 115 Conditional Split 117 Data Conversion 118 Derived Column 119 Lookup 121 Row Count 121 Script Component 122 Slowly Changing Dimension 123 Sort 123 Union All 125 Other Transformations 126 Audit 126 Character Map 128 Copy Column 128 Data Mining Query 129 DQS Cleansing 130 Export Column 130 Fuzzy Lookup 132 Fuzzy Grouping 139 Import Column 143 Merge 145 Merge Join 146 Multicast 146 OLE DB Command 147 Percentage and Row Sampling 148 Pivot Transform 149 Unpivot 152 Term Extraction 154 Term Lookup 158 Data Flow Example 160 Summary 164 Chapter 5: Using Variables, Parameters, and Expressions 165 Dynamic Package Objects 166 Variable Overview 166 Parameter Overview 166 Expression Overview 167 Understanding Data Types 168 SSIS Data Types 168 Date and Time Type Support 170 How Wrong Data Types and Sizes Can Affect Performance 171 Unicode and Non-Unicode Conversion Issues 171 Casting in SSIS Expressions 173 Using Variables and Parameters 174 Defining Variables 174 Defining Parameters 175 Variable and Parameter Data Types 176 Working with Expressions 177 C#-Like? Close, but Not Completely 178 The Expression Builder 179 Syntax Basics 180 Using Expressions in SSIS Packages 194 Summary 204 Chapter 6: Containers 205 Task Host Containers 205 Sequence Containers 206 Groups 207 For Loop Container 207 Foreach Loop Container 210 Foreach File Enumerator Example 211 Foreach ADO Enumerator Example 213 Summary 218 Chapter 7: Joining Data 219 The Lookup Transformation 220 Using the Merge Join Transformation 221 Contrasting SSIS and the Relational Join 222 Lookup Features 224 Building the Basic Package 225 Using a Relational Join in the Source 227 Using the Merge Join Transformation 230 Using the Lookup Transformation 235 Full-Cache Mode 235 No-Cache Mode 239 Partial-Cache Mode 240 Multiple Outputs 243 Expressionable Properties 246 Cascaded Lookup Operations 247 Cache Connection Manager and Cache Transform 249 Summary 252 Chapter 8: Creating an End-to-End Package 253 Basic Transformation Tutorial 253 Creating Connections 254 Creating the Control Flow 257 Creating the Data Flow 257 Completing the Package 259 Saving the Package 260 Executing the Package 260 Typical Mainframe ETL with Data Scrubbing 261 Creating the Data Flow 263 Handling Dirty Data 263 Finalizing 268 Handling More Bad Data 269 Looping and the Dynamic Tasks 271 Looping 271 Making the Package Dynamic 272 Summary 274 Chapter 9: Scripting in SSIS 275 Introducing SSIS Scripting 276 Getting Started in SSIS Scripting 277 Selecting the Scripting Language 277 Using the VSTA Scripting IDE 278 Example: Hello World 279 Adding Code and Classes 281 Using Managed Assemblies 282 Example: Using Custom .NET Assemblies 283 Using the Script Task 286 Configuring the Script Task Editor 287 The Script Task Dts Object 288 Accessing Variables in the Script Task 289 Connecting to Data Sources in a Script Task 293 Raising an Event in a Script Task 303 Writing a Log Entry in a Script Task 309 Using the Script Component 310 Differences from a Script Task 310 Configuring the Script Component Editor 311 Accessing Variables in a Script Component 313 Connecting to Data Sources in a Script Component 314 Raising Events 314 Logging 315 Example: Data Validation 316 Synchronous versus Asynchronous 324 Essential Coding, Debugging, and Troubleshooting Techniques 327 Structured Exception Handling 327 Script Debugging and Troubleshooting 330 Summary 333 Chapter 10: Advanced Data Cleansing in SSIS 335 Advanced Derived Column Use 336 Text Parsing Example 338 Advanced Fuzzy Lookup and Fuzzy Grouping 340 Fuzzy Lookup 340 Fuzzy Grouping 347 DQS Cleansing 350 Data Quality Services 351 DQS Cleansing Transformation 355 Master Data Management 358 Master Data Services 359 Summary 362 Chapter 11: Incremental Loads in SSIS 363 Control Table Pattern 363 Querying the Control Table 364 Querying the Source Table 366 Updating the Control Table 366 SQL Server Change Data Capture 367 Benefits of SQL Server CDC 368 Preparing CDC 369 Capture Instance Tables 371 The CDC API 372 Using the SSIS CDC Tools 374 Summary 379 Chapter 12: Loading a Data Warehouse 381 Data Profiling 383 Initial Execution of the Data Profiling Task 383 Reviewing the Results of the Data Profiling Task 386 Turning Data Profile Results into Actionable ETL Steps 390 Data Extraction and Cleansing 391 Dimension Table Loading 391 Loading a Simple Dimension Table 392 Loading a Complex Dimension Table 397 Considerations and Alternatives to the SCD Transformation 408 Fact Table Loading 409 SSAS Processing 421 Using a Master ETL Package 426 Summary 428 Chapter 13: Using the Relational Engine 429 Data Extraction 430 SELECT * is Bad 430 WHERE is Your Friend 432 Transform during Extract 433 Many ANDs Make Light Work 437 SORT in the Database 437 Modularize 439 SQL Server Does Text Files Too 440 Using Set-Based Logic 444 Data Loading 446 Database Snapshots 446 The MERGE Operator 448 Summary 452 Chapter 14: Accessing Heterogeneous Data 453 Excel and Access 455 64-Bit Support 455 Working with Excel Files 457 Working with Access 462 Importing from Oracle 469 Oracle Client Setup 469 Importing Oracle Data 470 Using XML and Web Services 472 Configuring the Web Service Task 472 Working with XML Data as a Source 483 Flat Files 486 Loading Flat Files 487 Extracting Data from Flat Files 489 ODBC 491 Other Heterogeneous Sources 494 Summary 495 Chapter 15: Reliability and Scalability 497 Restarting Packages 498 Simple Control Flow 499 Containers within Containers and Checkpoints 501 Variations on a Theme 503 Inside the Checkpoint File 505 Package Transactions 507 Single Package, Single Transaction 508 Single Package, Multiple Transactions 509 Two Packages, One Transaction 511 Single Package Using a Native Transaction in SQL Server 512 Error Outputs 513 Scaling Out 516 Architectural Features 516 Scaling Out Memory Pressures 517 Scaling Out by Staging Data 517 Scaling Out with Parallel Loading 522 Summary 528 Chapter 16: Understanding and Tuning the Data Flow Engine 529 The SSIS Engine 530 Understanding the SSIS Data Flow and Control Flow 530 Handling Workflows with the Control Flow 533 Data Processing in the Data Flow 533 Memory Buffer Architecture 534 Types of Transformations 534 Advanced Data Flow Execution Concepts 543 SSIS Data Flow Design and Tuning 549 Data Flow Design Practices 550 Optimizing Package Processing 555 Troubleshooting Data Flow Performance Bottlenecks 558 Pipeline Performance Monitoring 559 Summary 562 Chapter 17: SS IS Software Development Life Cycle 563 Introduction to Software Development Life Cycles 565 SDLCs: A Brief History 566 Types of Software Development Life Cycles 566 Versioning and Source Code Control 567 Subversion (SVN) 568 Team Foundation Server, Team System, and SSIS 573 Summary 590 Chapter 18: Error and Event Handling 591 Using Precedence Constraints 592 Precedence Constraint Basics 592 Advanced Precedence Constraints and Expressions 593 Event Handling 601 Events 602 Using Event Handlers 603 Event Handler Inheritance 611 Breakpoints 612 Error Rows 616 Logging 622 Logging Providers 622 Log Events 623 Catalog Logging 627 Summary 629 Chapter 19: Programming and Extending SSIS 631 The Sample Components 632 Component 1: Source Adapter 632 Component 2: Transform 633 Component 3: Destination Adapter 634 The Pipeline Component Methods 634 Design-Time Functionality 635 Runtime 639 Connection Time 640 Building the Components 642 Preparation 642 Building the Source Component 648 Building the Transformation Component 660 Building the Destination Adapter 671 Using the Components 679 Installing the Components 679 Debugging Components 680 Design Time 680 Building the Complete Package 682 Runtime Debugging 682 Upgrading to SQL Server 2014 687 Summary 687 Chapter 20: Adding a User Interface to Your Component 689 Three Key Steps for Designing the UI: An Overview 690 Building the User Interface 690 Adding the Project 691 Implementing IDtsComponentUI 693 Setting the UITypeName 697 Building the Form 699 Extending the User Interface 704 Runtime Connections 704 Component Properties 707 Handling Errors and Warnings 708 Column Properties 711 Other UI Considerations 712 Summary 712 Chapter 21: External Management and WMI Task Implementation 715 External Management of SSIS with Managed Code 716 Setting Up a Test SSIS Package for Demonstration Purposes 716 The Managed Object Model Code Library 717 Catalog Management 718 Folder Management 719 Environments 720 The DTS Runtime Managed Code Library 722 SSIS Deployment Projects 722 Parameter Objects 723 Server Deployment 725 Executing SSIS Packages Deployed to the SSIS Catalog 726 Environment References 727 Package Operations 728 Application Object Maintenance Operations 729 Package Operations 729 Package Monitoring 732 Project, Folder, and Package Listing 734 A Package Management Example 735 Package Log Providers 745 Specifying Events to Log 747 Programming to Log Providers 748 SQL Server 2014 Operation Logs 749 Package Configurations 751 Creating a Configuration 752 Programming the Configuration Object 753 Configuration Object 754 Windows Management Instrumentation Tasks 755 WMI Reader Task Explained 755 WMI Data Reader Example 756 WMI Event Watcher Task 762 WMI Event Watcher Task Example 763 Summary 766 Chapter 22: Ad ministering SSIS 767 Using the SSIS Catalog 768 Setting the SSIS Catalog Properties 768 SSISDB 771 Deployment Models 772 Project Deployment Model 773 Package Deployment Model 775 Using T-SQL with SSIS 781 Executing Packages 781 Using Parameters 782 Querying Tables for Parameter Values 783 Using Environments 784 Using Data Taps 789 Creating a Central SSIS Server 790 Clustering SSIS 792 Package Configuration 794 Command-Line Utilities 798 DTExec 798 DTExecUI 799 DTUtil 804 Security 806 Securing the SSIS Catalog 806 Legacy Security 809 Scheduling Packages 811 SQL Server Agent 811 Proxy Accounts 813 64-Bit Issues 814 Monitoring Package Executions 815 Built-in Reporting 815 Custom Reporting 819 Performance Counters 819 Summary 820 Appendix A: SS IS Crib Notes 821 When to Use Control Flow Tasks 821 When to Use Data Flow Transforms 822 Common Expressions and Scripts 824 Appendix B: SS IS Internal Views and Stored Procedures 829 Views 829 Stored Procedures 830 Appendix C: Interviewing for an ETL Developer Position 833 Questions 833 Answers 834 Index 839
£35.20
John Wiley & Sons Inc Vehicular Ad Hoc Network Security and Privacy
Book SynopsisThis book provides an overview of vehicular networks, fromtraffic engineering to human factors. The book addresses theunique design requirements for security and privacy preservationfor vehicular communications to increase road safety.Table of ContentsList of Figures xi List of Tables xv Acronyms xvii Preface xix 1 INTRODUCTION 1 1.1 Background 1 1.2 DSRC AND VANET 2 1.2.1 DSRC 2 1.2.2 VANET 3 1.2.3 Characteristics of VANET 6 1.3 Security and Privacy Threats 7 1.4 Security and Privacy Requirements 8 1.5 Challenges and Prospects 9 1.5.1 Conditional Privacy Preservation in VANETs 9 1.5.2 Authentication with Efficient Revocation in VANETs 10 1.6 Standardization and Related Activities 11 1.7 Security Primitives 13 1.8 Outline of the Book 17 References 17 2 GSIS: GROUP SIGNATURE AND ID-BASED SIGNATURE-BASED SECURE AND PRIVACY-PRESERVING PROTOCOL 21 2.1 Introduction 21 2.2 Preliminaries and Background 23 2.2.1 Group Signature 23 2.2.2 Bilinear Pairing and ID-Based Cryptography 23 2.2.3 Threat Model 23 2.2.4 Desired Requirements 24 2.3 Proposed Secure and Privacy-Preserving Protocol 25 2.3.1 Problem Formulation 25 2.3.2 System Setup 27 2.3.3 Security Protocol between OBUs 29 2.3.4 Security Protocol between RSUs and OBUs 38 2.4 Performance Evaluation 41 2.4.1 Impact of Traffic Load 43 2.4.2 Impact of Cryptographic Signature Verification Delay 43 2.4.3 Membership Revocation and Tracing Efficiency 45 2.5 Concluding Remarks 47 References 47 3 ECPP: EFFICIENT CONDITIONAL PRIVACY PRESERVATION PROTOCOL 51 3.1 Introduction 51 3.2 System Model and Problem Formulation 52 3.2.1 System Model 52 3.2.2 Design Objectives 54 3.3 Proposed ECPP Protocol 55 3.3.1 System Initialization 55 3.3.2 OBU Short-Time Anonymous Key Generation 56 3.3.3 OBU Safety Message Sending 62 3.3.4 OBU Fast Tracking Algorithm 63 3.4 Analysis on Conditional Privacy Preservation 64 3.5 Performance Analysis 66 3.5.1 OBU Storage Overhead 66 3.5.2 OBU Computation Overhead on Verification 66 3.5.3 TA Computation Complexity on OBU Tracking 68 3.6 Concluding Remarks 69 References 69 4 PSEUDONYM-CHANGING STRATEGY FOR LOCATION PRIVACY 71 4.1 Introduction 71 4.2 Problem Definition 73 4.2.1 Network Model 73 4.2.2 Threat Model 74 4.2.3 Location Privacy Requirements 75 4.3 Proposed PCS Strategy for Location Privacy 75 4.3.1 KPSD Model for PCS Strategy 75 4.3.2 Anonymity Set Analysis for Achieved Location Privacy 79 4.3.3 Feasibility Analysis of PCS Strategy 85 4.4 Performance Evaluation 86 4.5 Concluding Remarks 89 References 89 5 RSU-AIDED MESSAGE AUTHENTICATION 91 5.1 Introduction 91 5.2 System Model and Preliminaries 93 5.2.1 System Model 93 5.2.2 Assumption 93 5.2.3 Problem Statement 94 5.2.4 Security Objectives 95 5.3 Proposed RSU-Aided Message Authentication Scheme 96 5.3.1 Overview 96 5.3.2 Mutual Authentication and Key Agreement between RSUs and Vehicles 96 5.3.3 Hash Aggregation 98 5.3.4 Verification 99 5.3.5 Privacy Enhancement 100 5.4 Performance Evaluation 101 5.4.1 Message Loss Ratio 102 5.4.2 Message Delay 102 5.4.3 Communication Overhead 104 5.5 Security Analysis 105 5.6 Concluding Remarks 106 References 107 6 TESLA-BASED BROADCAST AUTHENTICATION 109 6.1 Introduction 109 6.2 Timed Efficient and Secure Vehicular Communication Scheme 110 6.2.1 Preliminaries 110 6.2.2 System Formulation 112 6.2.3 Proposed TSVC Scheme 113 6.2.4 Enhanced TSVC with Nonrepudiation 118 6.2.5 Discussion 123 6.3 Security Analysis 129 6.4 Performance Evaluation 129 6.4.1 Impact of Vehicle Moving Speed 131 6.4.2 Impact of Vehicle Density 132 6.5 Concluding Remarks 134 References 134 7 DISTRIBUTED COOPERATIVE MESSAGE AUTHENTICATION 137 7.1 Introduction 137 7.2 Problem Formulation 138 7.2.1 Network Model 138 7.2.2 Security Model 139 7.3 Basic Cooperative Authentication Scheme 140 7.4 Secure Cooperative Authentication Scheme 141 7.4.1 Evidence and Token for Fairness 142 7.4.2 Authentication Proof 145 7.4.3 Flows of Proposed Scheme 146 7.5 Security Analysis 147 7.5.1 Linkability Attack 147 7.5.2 Free-Riding Attack without Authentication Efforts 147 7.5.3 Free-Riding Attack with Fake Authentication Efforts 148 7.6 Performance Evaluation 148 7.6.1 Simulation Settings 148 7.6.2 Simulation Results 149 7.7 Concluding Remarks 150 References 151 8 CONTEXT-AWARE COOPERATIVE AUTHENTICATION 153 8.1 Introduction 153 8.2 Message Trustworthiness in VANETs 156 8.3 System Model and Design Goal 159 8.3.1 Network Model 159 8.3.2 Attack Model 159 8.3.3 Design Goals 160 8.4 Preliminaries 160 8.4.1 Pairing Technique 160 8.4.2 Aggregate Signature and Batch Verification 160 8.5 Proposed AEMAT Scheme 161 8.5.1 System Setup 161 8.5.2 Registration 162 8.5.3 SER Generation and Broadcasting 162 8.5.4 SER Opportunistic Forwarding 162 8.5.5 SER Aggregated Authentication 163 8.5.6 SER Aggregated Trustworthiness 165 8.6 Security Discussion 168 8.6.1 Collusion Attacks 168 8.6.2 Privacy Protection of Witnesses 168 8.7 Performance Evaluation 169 8.7.1 Transmission Cost 169 8.7.2 Computational Cost 169 8.8 Concluding Remarks 170 References 170 9 FAST HANDOVER AUTHENTICATION BASED ON MOBILITY PREDICTION 173 9.1 Introduction 173 9.2 Vehicular Network Architecture 175 9.3 Proposed Fast Handover Authentication Scheme Based on Mobility Prediction 176 9.3.1 Multilayer Perceptron Classifier 176 9.3.2 Proposed Authentication Scheme 178 9.4 Security Analysis 183 9.4.1 Replay Attack 183 9.4.2 Forward Secrecy 183 9.5 Performance Evaluation 184 9.6 Concluding Remarks 185 References 186 Index 187
£97.16
John Wiley & Sons Inc Wireshark for Security Professionals
Book SynopsisMaster Wireshark to solve real-world security problems If you don't already use Wireshark for a wide range of information security tasks, you will after this book. Mature and powerful, Wireshark is commonly used to find root cause of challenging network issues. This book extends that power to information security professionals, complete with a downloadable, virtual lab environment. Wireshark for Security Professionals covers both offensive and defensive concepts that can be applied to essentially any InfoSec role. Whether into network security, malware analysis, intrusion detection, or penetration testing, this book demonstrates Wireshark through relevant and useful examples. Master Wireshark through both lab scenarios and exercises. Early in the book, a virtual lab environment is provided for the purpose of getting hands-on experience with Wireshark. Wireshark is combined with two popular platforms: Kali, the security-focused Linux distribution, aTable of ContentsIntroduction xiii Chapter 1 Introducing Wireshark 1 What Is Wireshark? 2 A Best Time to Use Wireshark? 2 Avoiding Being Overwhelmed 3 The Wireshark User Interface 3 Packet List Pane 5 Packet Details Pane 6 Packet Bytes Pane 8 Filters 9 Capture Filters 9 Display Filters 13 Summary 17 Exercises 18 Chapter 2 Setting Up the Lab 19 Kali Linux 20 Virtualization 22 Basic Terminology and Concepts 23 Benefits of Virtualization 23 Virtual Box 24 Installing VirtualBox 24 Installing the VirtualBox Extension Pack 31 Creating a Kali Linux Virtual Machine 33 Installing Kali Linux 40 The W4SP Lab 46 Requirements 46 A Few Words about Docker 47 What Is GitHub? 48 Creating the Lab User 49 Installing the W4SP Lab on the Kali Virtual Machine 50 Setting Up the W4SP Lab 53 The Lab Network 54 Summary 55 Exercises 56 Chapter 3 The Fundamentals 57 Networking 58 OSI Layers 58 Networking between Virtual Machines 61 Security 63 The Security Triad 63 Intrusion Detection and Prevention Systems 63 False Positives and False Negatives 64 Malware 64 Spoofing and Poisoning 66 Packet and Protocol Analysis 66 A Protocol Analysis Story 67 Ports and Protocols 71 Summary 73 Exercises 74 Chapter 4 Capturing Packets 75 Sniffing 76 Promiscuous Mode 76 Starting the First Capture 78 TShark 82 Dealing with the Network 86 Local Machine 87 Sniffing Localhost 88 Sniffing on Virtual Machine Interfaces 92 Sniffing with Hubs 96 SPAN Ports 98 Network Taps 101 Transparent Linux Bridges 103 Wireless Networks 105 Loading and Saving Capture Files 108 File Formats 108 Ring Buffers and Multiple Files 111 Recent Capture Files 116 Dissectors 118 W4SP Lab: Managing Nonstandard HTTP Traffic 118 Filtering SMB Filenames 120 Packet Colorization 123 Viewing Someone Else’s Captures 126 Summary 127 Exercises 128 Chapter 5 Diagnosing Attacks 129 Attack Type: Man-in-the-Middle 130 Why MitM Attacks Are Effective 130 How MitM Attacks Get Done: ARP 131 W4SP Lab: Performing an ARP MitM Attack 133 W4SP Lab: Performing a DNS MitM Attack 141 How to Prevent MitM Attacks 147 Attack Type: Denial of Service 148 Why DoS Attacks Are Effective 149 How DoS Attacks Get Done 150 How to Prevent DoS Attacks 155 Attack Type: Advanced Persistent Threat 156 Why APT Attacks Are Effective 156 How APT Attacks Get Done 157 Example APT Traffic in Wireshark 157 How to Prevent APT Attacks 161 Summary 162 Exercises 162 Chapter 6 Offensive Wireshark 163 Attack Methodology 163 Reconnaissance Using Wireshark 165 Evading IPS/IDS 168 Session Splicing and Fragmentation 168 Playing to the Host, Not the IDS 169 Covering Tracks and Placing Backdoors 169 Exploitation 170 Setting Up the W4SP Lab with Metasploitable 171 Launching Metasploit Console 171 VSFTP Exploit 172 Debugging with Wireshark 173 Shell in Wireshark 175 TCP Stream Showing a Bind Shell 176 TCP Stream Showing a Reverse Shell 183 Starting ELK 188 Remote Capture over SSH 190 Summary 191 Exercises 192 Chapter 7 Decrypting TLS, Capturing USB, Keyloggers, and Network Graphing 193 Decrypting SSL/TLS 193 Decrypting SSL/TLS Using Private Keys 195 Decrypting SSL/TLS Using Session Keys 199 USB and Wireshark 202 Capturing USB Traffic on Linux 203 Capturing USB Traffic on Windows 206 TShark Keylogger 208 Graphing the Network 212 Lua with Graphviz Library 213 Summary 218 Exercises 219 Chapter 8 Scripting with Lua 221 Why Lua? 222 Scripting Basics 223 Variables 225 Functions and Blocks 226 Loops 228 Conditionals 230 Setup 230 Checking for Lua Support 231 Lua Initialization 232 Windows Setup 233 Linux Setup 233 Tools 234 Hello World with TShark 236 Counting Packets Script 237 ARP Cache Script 241 Creating Dissectors for Wireshark 244 Dissector Types 245 Why a Dissector Is Needed 245 Experiment 253 Extending Wireshark 255 Packet Direction Script 255 Marking Suspicious Script 257 Snooping SMB File Transfers 260 Summary 262 Index 265
£34.00
John Wiley & Sons Inc Introduction to Network Security
Book SynopsisIntroductory textbook in the important area of network security for undergraduate and graduate students Comprehensively covers fundamental concepts with newer topics such as electronic cash, bit-coin, P2P, SHA-3, E-voting, and Zigbee security Fully updated to reflect new developments in network security Introduces a chapter on Cloud security, a very popular and essential topic Uses everyday examples that most computer users experience to illustrate important principles and mechanisms Features a companion website with Powerpoint slides for lectures and solution manuals to selected exercise problems, available at http://www.cs.uml.edu/~wang/NetSec Table of ContentsPreface xv About the Authors xix 1 Network Security Overview 1 1.1 Mission and Definitions 1 1.2 Common Attacks and Defense Mechanisms 3 1.2.1 Eavesdropping 3 1.2.2 Cryptanalysis 4 1.2.3 Password Pilfering 5 1.2.4 Identity Spoofing 13 1.2.5 Buffer-Overflow Exploitations 16 1.2.6 Repudiation 18 1.2.7 Intrusion 19 1.2.8 Traffic Analysis 19 1.2.9 Denial of Service Attacks 20 1.2.10 Malicious Software 22 1.3 Attacker Profiles 25 1.3.1 Hackers 25 1.3.2 Script Kiddies 26 1.3.3 Cyber Spies 26 1.3.4 Vicious Employees 27 1.3.5 Cyber Terrorists 27 1.3.6 Hypothetical Attackers 27 1.4 Basic Security Model 27 1.5 Security Resources 29 1.5.1 CERT 29 1.5.2 SANS Institute 29 1.5.3 Microsoft Security 29 1.5.4 NTBugtraq 29 1.5.5 Common Vulnerabilities and Exposures 30 1.6 Closing Remarks 30 1.7 Exercises 30 1.7.1 Discussions 30 1.7.2 Homework 31 2 Data Encryption Algorithms 45 2.1 Data Encryption Algorithm Design Criteria 45 2.1.1 ASCII Code 46 2.1.2 XOR Encryption 46 2.1.3 Criteria of Data Encryptions 48 2.1.4 Implementation Criteria 50 2.2 Data Encryption Standard 50 2.2.1 Feistel’s Cipher Scheme 50 2.2.2 DES Subkeys 52 2.2.3 DES Substitution Boxes 54 2.2.4 DES Encryption 55 2.2.5 DES Decryption and Correctness Proof 57 2.2.6 DES Security Strength 58 2.3 Multiple DES 59 2.3.1 Triple-DES with Two Keys 59 2.3.2 2DES and 3DES/3 59 2.3.3 Meet-in-the-Middle Attacks on 2DES 60 2.4 Advanced Encryption Standard 61 2.4.1 AES Basic Structures 61 2.4.2 AES S-Boxes 63 2.4.3 AES-128 Round Keys 65 2.4.4 Add Round Keys 66 2.4.5 Substitute-Bytes 67 2.4.6 Shift-Rows 67 2.4.7 Mix-Columns 67 2.4.8 AES-128 Encryption 68 2.4.9 AES-128 Decryption and Correctness Proof 69 2.4.10 Galois Fields 70 2.4.11 Construction of the AES S-Box and Its Inverse 73 2.4.12 AES Security Strength 74 2.5 Standard Block Cipher Modes of Operations 74 2.5.1 Electronic-Codebook Mode 75 2.5.2 Cipher-Block-Chaining Mode 75 2.5.3 Cipher-Feedback Mode 75 2.5.4 Output-Feedback Mode 76 2.5.5 Counter Mode 76 2.6 Offset Codebook Mode of Operations 77 2.6.1 Basic Operations 77 2.6.2 OCB Encryption and Tag Generation 78 2.6.3 OCB Decryption and Tag Verification 79 2.7 Stream Ciphers 80 2.7.1 RC4 Stream Cipher 80 2.7.2 RC4 Security Weaknesses 81 2.8 Key Generations 83 2.8.1 ANSI X9.17 PRNG 83 2.8.2 BBS Pseudorandom Bit Generator 83 2.9 Closing Remarks 84 2.10 Exercises 85 2.10.1 Discussions 85 2.10.2 Homework 85 3 Public-Key Cryptography and Key Management 93 3.1 Concepts of Public-Key Cryptography 93 3.2 Elementary Concepts and Theorems in Number Theory 95 3.2.1 Modular Arithmetic and Congruence Relations 96 3.2.2 Modular Inverse 96 3.2.3 Primitive Roots 98 3.2.4 Fast Modular Exponentiation 98 3.2.5 Finding Large Prime Numbers 100 3.2.6 The Chinese Remainder Theorem 101 3.2.7 Finite Continued Fractions 102 3.3 Diffie-Hellman Key Exchange 103 3.3.1 Key Exchange Protocol 103 3.3.2 Man-in-the-Middle Attacks 104 3.3.3 Elgamal PKC 106 3.4 RSA Cryptosystem 106 3.4.1 RSA Key Pairs, Encryptions, and Decryptions 106 3.4.2 RSA Parameter Attacks 109 3.4.3 RSA Challenge Numbers 112 3.5 Elliptic-Curve Cryptography 113 3.5.1 Commutative Groups on Elliptic Curves 113 3.5.2 Discrete Elliptic Curves 115 3.5.3 ECC Encodings 116 3.5.4 ECC Encryption and Decryption 117 3.5.5 ECC Key Exchange 118 3.5.6 ECC Strength 118 3.6 Key Distributions and Management 118 3.6.1 Master Keys and Session Keys 119 3.6.2 Public-Key Certificates 119 3.6.3 CA Networks 120 3.6.4 Key Rings 121 3.7 Closing Remarks 123 3.8 Exercises 123 3.8.1 Discussions 123 3.8.2 Homework 124 4 Data Authentication 129 4.1 Cryptographic Hash Functions 129 4.1.1 Design Criteria of Cryptographic Hash Functions 130 4.1.2 Quest for Cryptographic Hash Functions 131 4.1.3 Basic Structure of Standard Hash Functions 132 4.1.4 SHA-512 132 4.1.5 WHIRLPOOL 135 4.1.6 SHA-3 Standard 139 4.2 Cryptographic Checksums 143 4.2.1 Exclusive-OR Cryptographic Checksums 143 4.2.2 Design Criteria of MAC Algorithms 144 4.2.3 Data Authentication Algorithm 144 4.3 HMAC 144 4.3.1 Design Criteria of HMAC 144 4.3.2 HMAC Algorithm 145 4.4 Birthday Attacks 145 4.4.1 Complexity of Breaking Strong Collision Resistance 146 4.4.2 Set Intersection Attack 147 4.5 Digital Signature Standard 149 4.5.1 Signing 149 4.5.2 Signature Verifying 150 4.5.3 Correctness Proof of Signature Verification 150 4.5.4 Security Strength of DSS 151 4.6 Dual Signatures and Electronic Transactions 151 4.6.1 Dual Signature Applications 152 4.6.2 Dual Signatures and Electronic Transactions 152 4.7 Blind Signatures and Electronic Cash 153 4.7.1 RSA Blind Signatures 153 4.7.2 Electronic Cash 154 4.7.3 Bitcoin 156 4.8 Closing Remarks 158 4.9 Exercises 158 4.9.1 Discussions 158 4.9.2 Homework 158 5 Network Security Protocols in Practice 165 5.1 Crypto Placements in Networks 165 5.1.1 Crypto Placement at the Application Layer 168 5.1.2 Crypto Placement at the Transport Layer 168 5.1.3 Crypto Placement at the Network Layer 168 5.1.4 Crypto Placement at the Data-Link Layer 169 5.1.5 Implementations of Crypto Algorithms 169 5.2 Public-Key Infrastructure 170 5.2.1 X.509 Public-Key Infrastructure 170 5.2.2 X.509 Certificate Formats 171 5.3 IPsec: A Security Protocol at the Network Layer 173 5.3.1 Security Association 173 5.3.2 Application Modes and Security Associations 174 5.3.3 AH Format 176 5.3.4 ESP Format 178 5.3.5 Secret Key Determination and Distribution 179 5.4 SSL/TLS: Security Protocols at the Transport Layer 183 5.4.1 SSL Handshake Protocol 184 5.4.2 SSL Record Protocol 187 5.5 PGP and S/MIME: Email Security Protocols 188 5.5.1 Basic Email Security Mechanisms 189 5.5.2 PGP 190 5.5.3 S/MIME 191 5.6 Kerberos: An Authentication Protocol 192 5.6.1 Basic Ideas 192 5.6.2 Single-Realm Kerberos 193 5.6.3 Multiple-Realm Kerberos 195 5.7 SSH: Security Protocols for Remote Logins 197 5.8 Electronic Voting Protocols 198 5.8.1 Interactive Proofs 198 5.8.2 Re-encryption Schemes 199 5.8.3 Threshold Cryptography 200 5.8.4 The Helios Voting Protocol 202 5.9 Closing Remarks 204 5.10 Exercises 204 5.10.1 Discussions 204 5.10.2 Homework 204 6 Wireless Network Security 211 6.1 Wireless Communications and 802.11 WLAN Standards 211 6.1.1 WLAN Architecture 212 6.1.2 802.11 Essentials 213 6.1.3 Wireless Security Vulnerabilities 214 6.2 Wired Equivalent Privacy 215 6.2.1 Device Authentication and Access Control 215 6.2.2 Data Integrity Check 215 6.2.3 LLC Frame Encryption 216 6.2.4 Security Flaws of WEP 218 6.3 Wi-Fi Protected Access 221 6.3.1 Device Authentication and Access Controls 221 6.3.2 TKIP Key Generations 222 6.3.3 TKIP Message Integrity Code 224 6.3.4 TKIP Key Mixing 226 6.3.5 WPA Encryption and Decryption 229 6.3.6 WPA Security Strength and Weaknesses 229 6.4 IEEE 802.11i/WPA2 230 6.4.1 Key Generations 231 6.4.2 CCMP Encryptions and MIC 231 6.4.3 802.11i Security Strength and Weaknesses 232 6.5 Bluetooth Security 233 6.5.1 Piconets 233 6.5.2 Secure Pairings 235 6.5.3 SAFER+ Block Ciphers 235 6.5.4 Bluetooth Algorithms E1, E21, and E22 238 6.5.5 Bluetooth Authentication 240 6.5.6 A PIN Cracking Attack 241 6.5.7 Bluetooth Secure Simple Pairing 242 6.6 ZigBee Security 243 6.6.1 Joining a Network 243 6.6.2 Authentication 244 6.6.3 Key Establishment 244 6.6.4 Communication Security 245 6.7 Wireless Mesh Network Security 245 6.7.1 Blackhole Attacks 247 6.7.2 Wormhole Attacks 247 6.7.3 Rushing Attacks 247 6.7.4 Route-Error-Injection Attacks 247 6.8 Closing Remarks 248 6.9 Exercises 248 6.9.1 Discussions 248 6.9.2 Homework 248 7 Cloud Security 253 7.1 The Cloud Service Models 253 7.1.1 The REST Architecture 254 7.1.2 Software-as-a-Service 254 7.1.3 Platform-as-a-Service 254 7.1.4 Infrastructure-as-a-Service 254 7.1.5 Storage-as-a-Service 255 7.2 Cloud Security Models 255 7.2.1 Trusted-Third-Party 255 7.2.2 Honest-but-Curious 255 7.2.3 Semi-Honest-but-Curious 255 7.3 Multiple Tenancy 256 7.3.1 Virtualization 256 7.3.2 Attacks 258 7.4 Access Control 258 7.4.1 Access Control in Trusted Clouds 259 7.4.2 Access Control in Untrusted Clouds 260 7.5 Coping with Untrusted Clouds 263 7.5.1 Proofs of Storage 264 7.5.2 Secure Multiparty Computation 265 7.5.3 Oblivious Random Access Machines 268 7.6 Searchable Encryption 271 7.6.1 Keyword Search 271 7.6.2 Phrase Search 274 7.6.3 Searchable Encryption Attacks 275 7.6.4 Searchable Symmetric Encryptions for the SHBC Clouds 276 7.7 Closing Remarks 280 7.8 Exercises 280 7.8.1 Discussions 280 7.8.2 Homework 280 8 Network Perimeter Security 283 8.1 General Firewall Framework 284 8.2 Packet Filters 285 8.2.1 Stateless Filtering 285 8.2.2 Stateful Filtering 287 8.3 Circuit Gateways 288 8.3.1 Basic Structures 288 8.3.2 SOCKS 290 8.4 Application Gateways 290 8.4.1 Cache Gateways 291 8.4.2 Stateful Packet Inspections 291 8.5 Trusted Systems and Bastion Hosts 291 8.5.1 Trusted Operating Systems 292 8.5.2 Bastion hosts and Gateways 293 8.6 Firewall Configurations 294 8.6.1 Single-Homed Bastion Host System 294 8.6.2 Dual-Homed Bastion Host System 294 8.6.3 Screened Subnets 296 8.6.4 Demilitarized Zones 297 8.6.5 Network Security Topology 297 8.7 Network Address Translations 298 8.7.1 Dynamic NAT 298 8.7.2 Virtual Local Area Networks 298 8.7.3 Small Office and Home Office Firewalls 299 8.8 Setting Up Firewalls 299 8.8.1 Security Policy 300 8.8.2 Building a Linux Stateless Packet Filter 300 8.9 Closing Remarks 301 8.10 Exercises 301 8.10.1 Discussions 301 8.10.2 Homework 302 9 Intrusion Detections 309 9.1 Basic Ideas of Intrusion Detection 309 9.1.1 Basic Methodology 310 9.1.2 Auditing 311 9.1.3 IDS Components 312 9.1.4 IDS Architecture 313 9.1.5 Intrusion Detection Policies 315 9.1.6 Unacceptable Behaviors 316 9.2 Network-Based Detections and Host-Based Detections 316 9.2.1 Network-Based Detections 317 9.2.2 Host-Based Detections 318 9.3 Signature Detections 319 9.3.1 Network Signatures 320 9.3.2 Host-Based Signatures 321 9.3.3 Outsider Behaviors and Insider Misuses 322 9.3.4 Signature Detection Systems 323 9.4 Statistical Analysis 324 9.4.1 Event Counter 324 9.4.2 Event Gauge 324 9.4.3 Event Timer 325 9.4.4 Resource Utilization 325 9.4.5 Statistical Techniques 325 9.5 Behavioral Data Forensics 325 9.5.1 Data Mining Techniques 326 9.5.2 A Behavioral Data Forensic Example 326 9.6 Honeypots 327 9.6.1 Types of Honeypots 327 9.6.2 Honeyd 328 9.6.3 MWCollect Projects 331 9.6.4 Honeynet Projects 331 9.7 Closing Remarks 331 9.8 Exercises 332 9.8.1 Discussions 332 9.8.2 Homework 332 10 The Art of Anti-Malicious Software 337 10.1 Viruses 337 10.1.1 Virus Types 338 10.1.2 Virus Infection Schemes 340 10.1.3 Virus Structures 341 10.1.4 Compressor Viruses 342 10.1.5 Virus Disseminations 343 10.1.6 Win32 Virus Infection Dissection 344 10.1.7 Virus Creation Toolkits 345 10.2 Worms 346 10.2.1 Common Worm Types 346 10.2.2 The Morris Worm 346 10.2.3 The Melissa Worm 347 10.2.4 The Code Red Worm 348 10.2.5 The Conficker Worm 348 10.2.6 Other Worms Targeted at Microsoft Products 349 10.2.7 Email Attachments 350 10.3 Trojans 351 10.3.1 Ransomware 353 10.4 Malware Defense 353 10.4.1 Standard Scanning Methods 354 10.4.2 Anti-Malicious-Software Products 354 10.4.3 Malware Emulator 355 10.5 Hoaxes 356 10.6 Peer-to-Peer Security 357 10.6.1 P2P Security Vulnerabilities 357 10.6.2 P2P Security Measures 359 10.6.3 Instant Messaging 359 10.6.4 Anonymous Networks 359 10.7 Web Security 360 10.7.1 Basic Types of Web Documents 361 10.7.2 Security of Web Documents 362 10.7.3 ActiveX 363 10.7.4 Cookies 364 10.7.5 Spyware 365 10.7.6 AJAX Security 365 10.7.7 Safe Web Surfing 367 10.8 Distributed Denial-of-Service Attacks 367 10.8.1 Master-Slave DDoS Attacks 367 10.8.2 Master-Slave-Reflector DDoS Attacks 367 10.8.3 DDoS Attacks Countermeasures 368 10.9 Closing Remarks 370 10.10 Exercises 370 10.10.1 Discussions 370 10.10.2 Homework 370 Appendix A 7-bit ASCII code 377 Appendix B SHA-512 Constants (in Hexadecimal) 379 Appendix C Data Compression Using ZIP 381 Exercise 382 Appendix D Base64 Encoding 383 Exercise 384 Appendix E Cracking WEP Keys Using WEPCrack 385 E.1 System Setup 385 AP 385 Trim Size: 170mm x 244mm Wang ftoc.tex V1 - 04/21/2015 10:14 P.M. Page xiv xiv Contents User’s Network Card 385 Attacker’s Network Card 386 E.2 Experiment Details 386 Step 1: Initial Setup 386 Step 2: Attacker Setup 387 Step 3: Collecting Weak Initialization Vectors 387 Step 4: Cracking 387 E.3 Sample Code 388 Appendix F Acronyms 393 Further Reading 399 Index 406
£95.00
John Wiley & Sons Inc Phishing Dark Waters
Book SynopsisAn essential anti-phishing desk reference for anyone with an email address Phishing Dark Waters addresses the growing and continuing scourge of phishing emails, and provides actionable defensive techniques and tools to help you steer clear of malicious emails. Phishing is analyzed from the viewpoint of human decision-making and the impact of deliberate influence and manipulation on the recipient. With expert guidance, this book provides insight into the financial, corporate espionage, nation state, and identity theft goals of the attackers, and teaches you how to spot a spoofed e-mail or cloned website. Included are detailed examples of high profile breaches at Target, RSA, Coca Cola, and the AP, as well as an examination of sample scams including the Nigerian 419, financial themes, and post high-profile event attacks. Learn how to protect yourself and your organization using anti-phishing tools, and how to create your own phish to use as part of a security awareness Table of ContentsForeword xxiii Introduction xxvii Chapter 1 An Introduction to the Wild World of Phishing 1 Phishing 101 2 How People Phish 4 Examples 7 High-Profi le Breaches 7 Phish in Their Natural Habitat 10 Phish with Bigger Teeth 22 Spear Phishing 27 Summary 29 Chapter 2 The Psychological Principles of Decision-Making 33 Decision-Making: Small Bits 34 Cognitive Bias 35 Physiological States 37 External Factors 38 The Bottom Line About Decision-Making 39 It Seemed Like a Good Idea at the Time 40 How Phishers Bait the Hook 41 Introducing the Amygdala 44 The Guild of Hijacked Amygdalas 45 Putting a Leash on the Amygdala 48 Wash, Rinse, Repeat 49 Summary 50 Chapter 3 Influence and Manipulation 53 Why the Difference Matters to Us 55 How Do I Tell the Difference? 56 How Will We Build Rapport with Our Targets? 56 How Will Our Targets Feel After They Discover They’ve Been Tested? 56 What Is Our Intent? 57 But the Bad Guys Will Use Manipulation . . . 57 Lies, All Lies 58 P Is for Punishment 59 Principles of Influence 61 Reciprocity 61 Obligation 62 Concession 63 Scarcity 63 Authority 64 Consistency and Commitment 65 Liking 66 Social Proof 67 More Fun with Influence 67 Our Social Nature 67 Physiological Response 68 Psychological Response 69 Things to Know About Manipulation 70 Summary 71 Chapter 4 Lessons in Protection 75 Lesson One: Critical Thinking 76 How Can Attackers Bypass This Method? 77 Lesson Two: Learn to Hover 77 What If I Already Clicked the Link and I Think It’s Dangerous? 80 How Can Attackers Bypass This Method? 81 Lesson Three: URL Deciphering 82 How Can Attackers Bypass This Method? 85 Lesson Four: Analyzing E-mail Headers 85 How Can Attackers Bypass This Method? 90 Lesson Five: Sandboxing 90 How Can Attackers Bypass This Method? 91 The “Wall of Sheep,” or a Net of Bad Ideas 92 Copy and Paste Your Troubles Away 92 Sharing Is Caring 93 My Mobile Is Secure 94 A Good Antivirus Program Will Save You 94 Summary 95 Chapter 5 Plan Your Phishing Trip: Creating the Enterprise Phishing Program 97 The Basic Recipe 99 Why? 99 What’s the Theme? 102 The Big, Fat, Not-So-Legal Section 105 Developing the Program 107 Setting a Baseline 108 Setting the Difficulty Level 109 Writing the Phish 121 Tracking and Statistics 122 Reporting 125 Phish, Educate, Repeat 127 Summary 128 Chapter 6 The Good, the Bad, and the Ugly: Policies and More 131 Oh, the Feels: Emotion and Policies 132 The Definition 132 The Bad 133 Making It “Good” 133 The Boss Is Exempt 133 The Definition 134 The Bad 134 Making It “Good” 134 I’ll Just Patch One of the Holes 135 The Definition 135 The Bad 136 Making It “Good” 136 Phish Just Enough to Hate It 136 The Definition 137 The Bad 137 Making It “Good” 138 If You Spot a Phish, Call This Number 138 The Definition 139 The Bad 139 Making It “Good” 140 The Bad Guys Take Mondays Off 140 The Definition 141 The Bad 141 Making It “Good” 141 If You Can’t See It, You Are Safe 142 The Definition 142 The Bad 143 Making It “Good” 143 The Lesson for Us All 143 Summary 144 Chapter 7 The Professional Phisher’s Tackle Bag 147 Commercial Applications 149 Rapid7 Metasploit Pro 149 ThreatSim 152 PhishMe 158 Wombat PhishGuru 161 PhishLine 165 Open Source Applications 168 SET: Social-Engineer Toolkit 168 Phishing Frenzy 171 Comparison Chart 174 Managed or Not 176 Summary 177 Chapter 8 Phish Like a Boss 179 Phishing the Deep End 180 Understand What You’re Dealing With 180 Set Realistic Goals for Your Organization 182 Plan Your Program 183 Understand the Stats 183 Respond Appropriately 184 Make the Choice: Build Inside or Outside 186 Summary 187 Index 189
£22.94
John Wiley & Sons Inc The Mobile Application Hackers Handbook
Book SynopsisSee your app through a hacker''s eyes to find the real sources of vulnerability The Mobile Application Hacker''s Handbook is a comprehensive guide to securing all mobile applications by approaching the issue from a hacker''s point of view. Heavily practical, this book provides expert guidance toward discovering and exploiting flaws in mobile applications on the iOS, Android, Blackberry, and Windows Phone platforms. You will learn a proven methodology for approaching mobile application assessments, and the techniques used to prevent, disrupt, and remediate the various types of attacks. Coverage includes data storage, cryptography, transport layers, data leakage, injection attacks, runtime manipulation, security controls, and cross-platform apps, with vulnerabilities highlighted and detailed information on the methods hackers use to get around standard security. Mobile applications are widely used in the consumer and enterprise markets to process and/or store sensTrade Review“..there is a shocking lack of published material on the topic of mobile security. The Mobile Application Hacker’s Handbook seeks to change this and be a positive movement to educating others in the topic of mobile security awareness.” (Vigilance-Security Magazine, March 2015)Table of ContentsIntroduction xxxi Chapter 1 Mobile Application (In)security 1 The Evolution of Mobile Applications 2 Mobile Application Security 4 Summary 15 Chapter 2 Analyzing iOS Applications 17 Understanding the Security Model 17 Understanding iOS Applications 22 Jailbreaking Explained 29 Understanding the Data Protection API 43 Understanding the iOS Keychain 46 Understanding Touch ID 51 Reverse Engineering iOS Binaries 53 Summary 67 Chapter 3 Attacking iOS Applications 69 Introduction to Transport Security 69 Identifying Insecure Storage 81 Patching iOS Applications with Hopper 85 Attacking the iOS Runtime 92 Understanding Interprocess Communication 118 Attacking Using Injection 123 Summary 131 Chapter 4 Identifying iOS Implementation Insecurities 133 Disclosing Personally Identifi able Information 133 Identifying Data Leaks 136 Memory Corruption in iOS Applications 142 Summary 146 Chapter 5 Writing Secure iOS Applications 149 Protecting Data in Your Application 149 Avoiding Injection Vulnerabilities 156 Securing Your Application with Binary Protections 158 Summary 170 Chapter 6 Analyzing Android Applications 173 Creating Your First Android Environment 174 Understanding Android Applications 179 Understanding the Security Model 206 Reverse‐Engineering Applications 233 Summary 246 Chapter 7 Attacking Android Applications 247 Exposing Security Model Quirks 248 Attacking Application Components 255 Accessing Storage and Logging 304 Misusing Insecure Communications 312 Exploiting Other Vectors 326 Additional Testing Techniques 341 Summary 351 Chapter 8 Identifying and Exploiting Android Implementation Issues 353 Reviewing Pre‐Installed Applications 353 Exploiting Devices 365 Infiltrating User Data 416 Summary 426 Chapter 9 Writing Secure Android Applications 427 Principle of Least Exposure 427 Essential Security Mechanisms 429 Advanced Security Mechanisms 450 Slowing Down a Reverse Engineer 451 Summary 455 Chapter 10 Analyzing Windows Phone Applications 459 Understanding the Security Model 460 Understanding Windows Phone 8.x Applications 473 Developer Sideloading 483 Building a Test Environment 484 Analyzing Application Binaries 506 Summary 509 Chapter 11 Attacking Windows Phone Applications 511 Analyzing for Data Entry Points 511 Attacking Transport Security 525 Attacking WebBrowser and WebView Controls 534 Identifying Interprocess Communication Vulnerabilities 542 Attacking XML Parsing 560 Attacking Databases 568 Attacking File Handling 573 Patching .NET Assemblies 578 Summary 585 Chapter 12 Identifying Windows Phone Implementation Issues 587 Identifying Insecure Application Settings Storage 588 Identifying Data Leaks 591 Identifying Insecure Data Storage 593 Insecure Random Number Generation 601 Insecure Cryptography and Password Use 605 Identifying Native Code Vulnerabilities 616 Summary 626 Chapter 13 Writing Secure Windows Phone Applications 629 General Security Design Considerations 629 Storing and Encrypting Data Securely 630 Secure Random Number Generation 634 Securing Data in Memory and Wiping Memory 635 Avoiding SQLite Injection 636 Implementing Secure Communications 638 Avoiding Cross‐Site Scripting in WebViews and WebBrowser Components 640 Secure XML Parsing 642 Clearing Web Cache and Web Cookies 642 Avoiding Native Code Bugs 644 Using Exploit Mitigation Features 644 Summary 645 Chapter 14 Analyzing BlackBerry Applications 647 Understanding BlackBerry Legacy 647 Understanding BlackBerry 10 652 Understanding the BlackBerry 10 Security Model 660 BlackBerry 10 Jailbreaking 665 Using Developer Mode 666 The BlackBerry 10 Device Simulator 667 Accessing App Data from a Device 668 Accessing BAR Files 669 Looking at Applications 670 Summary 678 Chapter 15 Attacking BlackBerry Applications 681 Traversing Trust Boundaries 682 Summary 691 Chapter 16 Identifying BlackBerry Application Issues 693 Limiting Excessive Permissions 694 Resolving Data Storage Issues 695 Checking Data Transmission 696 Handling Personally Identifiable Information and Privacy 698 Ensuring Secure Development 700 Summary 704 Chapter 17 Writing Secure BlackBerry Applications 705 Securing BlackBerry OS 7.x and Earlier Legacy Java Applications 706 General Java Secure Development Principals 706 Making Apps Work with the Application Control Policies 706 Memory Cleaning 707 Controlling File Access and Encryption 709 SQLite Database Encryption 710 Persistent Store Access Control and Encryption 711 Securing BlackBerry 10 Native Applications 716 Securing BlackBerry 10 Cascades Applications 723 Securing BlackBerry 10 HTML5 and JavaScript (WebWorks) Applications 724 Securing Android Applications on BlackBerry 10 726 Summary 726 Chapter 18 Cross‐Platform Mobile Applications 729 Introduction to Cross‐Platform Mobile Applications 729 Bridging Native Functionality 731 Exploring PhoneGap and Apache Cordova 736 Summary 741 Index 743
£47.50
John Wiley & Sons Inc Network Attacks and Exploitation
Book SynopsisIncorporate offense and defense for a more effective network security strategy Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals. Assaults and manipulation of computer networks are rampant around the world. One of the biggeTable of ContentsIntroduction xvii Chapter 1 Computer Network Exploitation 1 Operations 4 Operational Objectives 5 Strategic Collection 6 Directed Collection 7 Non-Kinetic Computer Network Attack (CNA) 7 Strategic Access 9 Positional Access 9 CNE Revisited 11 A Framework for Computer Network Exploitation 11 First Principles 12 Principles 12 Themes 14 Summary 15 Chapter 2 The Attacker 17 Principle of Humanity 17 Life Cycle of an Operation 18 Stage 1: Targeting 19 Stage 2: Initial Access 22 Stage 3: Persistence 24 Stage 4: Expansion 25 Stage 5: Exfiltration 26 Stage 6: Detection 26 Principle of Access 27 Inbound Access 27 Outbound Access 29 Bidirectional Access 35 No Outside Access 35 Access Summary 36 Principle of Economy 37 Time 37 Targeting Capabilities 37 Exploitation Expertise 38 Networking Expertise 38 Software Development Expertise 39 Operational Expertise 40 Operational Analysis Expertise 40 Technical Resources 41 Economy Summary 41 Attacker Structure 41 Summary 43 Chapter 3 The Defender 45 Principle of Humanity 45 Humanity and Network Layout 46 Humanity and Security Policy 47 Principle of Access 48 The Defensive Life Cycle 49 Principle of Economy 51 The Helpful Defender 53 Summary 54 Chapter 4 Asymmetries 55 False Asymmetries 56 Advantage Attacker 59 Motivation 60 Initiative 61 Focus 62 Effect of Failure 62 Knowledge of Technology 64 Analysis of Opponent 64 Tailored Software 65 Rate of Change 66 Advantage Defender 67 Network Awareness 68 Network Posture 68 Advantage Indeterminate 69 Time 69 Efficiency 70 Summary 71 Chapter 5 Attacker Frictions 73 Mistakes 74 Complexity 74 Flawed Attack Tools 75 Upgrades and Updates 77 Other Attackers 78 The Security Community 80 Bad Luck 81 Summary 81 Chapter 6 Defender Frictions 83 Mistakes 83 Flawed Software 84 Inertia 86 The Security Community 87 Complexity 89 Users 91 Bad Luck 92 Summary 92 Chapter 7 Offensive Strategy 93 Principle 1: Knowledge 95 Measuring Knowledge 96 Principle 2: Awareness 97 Measuring Awareness 98 Principle 3: Innovation 98 Measuring Innovation 99 Defensive Innovation 100 Principle 4: Precaution 101 Measuring Precaution 103 Principle 5: Operational Security 105 Minimizing Exposure 106 Minimizing Recognition 107 Controlling Reaction 108 Measuring Operational Security 109 Principle 6: Program Security 110 Attacker Liabilities 110 Program Security Costs 112 Measuring Program Security 120 Crafting an Offensive Strategy 121 Modular Frameworks 124 A Note on Tactical Decisions 126 Summary 127 Chapter 8 Defensive Strategy 129 Failed Tactics 130 Antivirus and Signature-Based Detection 130 Password Policies 132 User Training 134 Crafting a Defensive Strategy 135 Cloud-Based Security 143 Summary 145 Chapter 9 Offensive Case Studies 147 Stuxnet 148 Access 148 Economy 149 Humanity 149 Knowledge 149 Awareness 149 Precaution 150 Innovation 151 Operational Security 151 Program Security 153 Stuxnet Summary 154 Flame 154 Gauss 157 Dragonfly 159 Red October 160 APT 1 162 Axiom 164 Summary 165 Epilogue 167 Appendix Attack Tools 169 Antivirus Defeats 169 Audio/Webcam Recording 170 Backdoor 170 Bootkit 171 Collection Tools 171 Exploits 171 Fuzzer 172 Hardware-based Trojan 172 Implant 173 Keystroke Logger 173 Network Capture 173 Network Survey 173 Network Tunnel 174 Password Dumpers and Crackers 174 Packer 175 Persistence Mechanism 175 Polymorphic Code Generator 177 Rootkit 178 Screen Scraper 178 System Survey 178 Vulnerability Scanner 178 References 179 Bibliography 189 Index 193
£34.20
John Wiley & Sons Inc Fundamentals of Big Data Network Analysis for
Book SynopsisPresents the methodology of big data analysis using examples from research and industry There are large amounts of data everywhere, and the ability to pick out crucial information is increasingly important. Contrary to popular belief, not all information is useful; big data network analysis assumes that data is not only large, but also meaningful, and this book focuses on the fundamental techniques required to extract essential information from vast datasets. Featuring case studies drawn largely from the iron and steel industries, this book offers practical guidance which will enable readers to easily understand big data network analysis. Particular attention is paid to the methodology of network analysis, offering information on the method of data collection, on research design and analysis, and on the interpretation of results. A variety of programs including UCINET, NetMiner, R, NodeXL, and Gephi for network analysis are covered in detail. Fundamentals of Big Data Network AnalTable of ContentsPreface ix About the Authors xi List of Figures xiii List of Tables xvii 1 Why Big Data? 1 1.1 Big Data 1 1.2 What Creates Big Data? 6 1.3 How Do We Use Big Data? 9 1.4 Essential Issues Related to Big Data 13 References 14 2 Basic Programs for Analyzing Networks 15 2.1 UCINET 15 2.2 NetMiner 20 2.3 R 22 2.4 Gephi 28 2.5 NodeXL 31 References 32 3 Understanding Network Analysis 35 3.1 Defining Social Network Analysis 35 3.2 Basic SNA Concepts 37 3.2.1 Basic Terminology 37 3.2.2 Representation of a Network 38 3.3 Social Network Data 40 3.3.1 One]Mode and Two]Mode Networks 40 3.3.2 Attributes and Weights 42 3.3.3 Network Data Form 42 References 44 4 Research Methods Using SNA 45 4.1 SNA Research Procedures 46 4.2 Identifying the Research Problem and Developing Hypotheses 47 4.2.1 Identifying the Research Problem 47 4.2.2 Developing Hypotheses 47 4.3 Research Design 49 4.3.1 Defining the Network Model 49 4.3.2 Establishing Network Boundaries 51 4.3.3 Measurement Evaluation 52 4.4 Acquisition of Network Data 54 4.4.1 Survey 54 4.4.2 Interview, Observation, and Experiment 55 4.4.3 Existing Data 56 4.5 Data Cleansing 58 4.5.1 Extraction of the Node and Link 59 4.5.2 Merging and Separation of Data 59 4.5.3 Directional Transformation in the Link 61 4.5.4 Transformation of the Weights in Links 64 4.5.5 Transformation of the Two]Mode Network to a One]Mode Network 66 References 69 5 Position and Structure 71 5.1 Position 71 5.1.1 Degree Centrality 72 5.1.2 Closeness Centrality 82 5.1.3 Betweenness Centrality 84 5.1.4 Prestige Centrality 85 5.1.5 Broker 88 5.2 Cohesive Subgroup 91 5.2.1 Component 91 5.2.2 Community 92 5.2.3 Clique 93 5.2.4 k]Core 95 References 96 6 Connectivity and Role 97 6.1 Connection Analysis 98 6.1.1 Connectivity 98 6.1.2 Reciprocity 99 6.1.3 Transitivity 102 6.1.4 Assortativity 104 6.1.5 Network Properties 104 6.2 Role 104 6.2.1 Structural Equivalence 105 6.2.2 Automorphic Equivalence 107 6.2.3 Role Equivalence 109 6.2.4 Regular Equivalence 111 6.2.5 Block Modeling 115 References 117 7 Data Structure in NetMiner 119 7.1 Sample Data 119 7.1.1 01.Org_Net_Tiny1 120 7.1.2 02.Org_Net_Tiny2 120 7.1.3 03.Org_Net_Tiny3 121 7.2 Main Concept 122 7.2.1 Data Structure 122 7.2.2 Creating Data 124 7.2.3 Inserting Data 125 7.2.4 Importing Data 129 7.3 Data Preprocessing 130 7.3.1 Change of Link 130 7.3.2 Extraction and Reordering of the Node and Link 133 7.3.3 Data Merge and Split 136 Reference 140 8 Network Analysis Using NetMiner 141 8.1 Centrality and Cohesive Subgroup 141 8.1.1 Centrality 141 8.1.2 Cohesive Subgroup 147 8.2 Connectivity and Equivalence 153 8.2.1 Connectivity 153 8.2.2 Equivalence 156 8.3 Visualization and Exploratory Analysis 161 8.3.1 Visualization 161 8.3.2 Transformation of the Two]Mode Network to a One]Mode Network 168 Appendix A Visualization 171 A.1 Spring Algorithm 171 A.2 Multidimensional Scaling Algorithm 173 A.3 Cluster Algorithm 173 A.4 Layered Algorithm 174 A.5 Circular Algorithm 174 A.6 Simple Algorithm 175 References 176 Appendix B Case Study: Knowledge Structure of Steel Research 179 Index 193
£48.40
John Wiley & Sons Inc Communicating in Risk Crisis and High Stress
Book SynopsisTable of ContentsA Note from the Series Editor xiii Acknowledgments xv Author Biography xvii 1 The Critical Role of Risk, High Concern, and Crisis Communication 1 1.1 Case Diary: A Collision of Facts and Perceptions 2 1.2 What Will Readers Find in This Book? 3 1.3 Why You Will Use This Book 4 1.4 The Need for This Book – Now 5 1.4.1 New Literature, New Research 5 1.4.2 Changes in the Communications Landscape 6 1.4.3 Changes in Journalism and the Perception of Facts 7 1.4.4 Changes in Laws, Regulations, and Societal Expectations 7 1.4.5 Changes in Concerns about Health, Safety, and the Environment 7 1.4.6 Changes in Levels of Trust 7 1.4.7 Changes in the Global Political Environment 8 1.4.8 The COVID- 19 Pandemic and the Changed Communication Landscape 8 2 Core Concepts 11 2.1 Case Diary: Recognizing Change as a High Concern Issue 11 2.2 Defining the Concept and Term Risk 13 2.3 Defining the Concept and Term Risk Communication 14 2.4 Risk Communication and Its Relationship to Risk Analysis 17 2.5 Defining the Concepts and Terms High Concern and High Concern Communication 19 2.6 Defining the Concept and Term Crisis 22 2.7 Defining the Concept and Term Crisis Communication 24 2.8 Chapter Resources 25 Endnotes 31 3 An Overview of Risk Communication 33 3.1 Case Diary: Complex Issues Destroy Homes 33 3.2 Challenges and Difficulties Faced in Communicating Risk Information 35 3.2.1 Characteristics and Limitations of Scientific and Technical Data about Risks 35 3.2.2 Characteristics and Limitations of Spokespersons in Communicating Information about Risks 35 3.2.2.1 Case Study: “Go Hard, Go Early”: Risk Communication Lessons from New Zealand’s Response to COVID-19 37 3.2.3 Characteristics and Limitations of Risk Management Regulations and Standards 41 3.2.3.1 Debates and Disagreements 41 3.2.3.2 Limited Resources for Risk Assessment and Management 41 3.2.3.3 Underestimating the Difficulty of and Need for Risk Communication 42 3.2.3.4 Lack of Coordination and Collaboration 42 3.2.4 Characteristics and Limitations of Traditional Media Channels in Communicating Information about Risks 42 3.2.5 Characteristics and Limitations of Social Media Channels in Communicating Information about Risks 43 3.2.6 Characteristics and Limitations of People in their Ability to Evaluate and Interpret Risk Information 44 3.3 Changes in How the Brain Processes Information Under Conditions of High Stress 48 3.4 Risk Communication Theory 49 3.4.1 Trust Determination Theory 49 3.4.2 Negative Dominance Theory 50 3.4.3 Mental Noise Theory 50 3.4.4 Risk Perception Theory 50 3.5 Risk Communication Principles and Guidelines 55 3.5.1 Principle 1. Accept and Involve All Interested and Affected Persons as Legitimate Partners 55 3.5.2 Principle 2. Plan Carefully and Evaluate Performance 55 3.5.3 Principle 3. Listen to Your Audience 57 3.5.4 Principle 4. Be Honest, Frank, and Open 57 3.5.5 Principle 5. Coordinate and Collaborate with Other Credible Sources 58 3.5.6 Principle 6. Meet the Needs of Traditional and Social Media 58 3.5.7 Principle 7. Speak Clearly and with Compassion 58 3.6 Key Takeaway Concepts and Conclusions from this Overview Chapter 59 3.7 Chapter Resources 59 Endnotes 66 4 Development of Risk Communication Theory and Practice 69 4.1 Case Diary: Origin Story 69 4.2 Introduction 70 4.2.1 Historical Phase 1: Presenting Risk Numbers 71 4.2.2 Historical Phase 2: Listening and Planning 71 4.2.3 Historical Phase 3: Stakeholder Engagement 72 4.2.4 Covello and Sandman’s Four Stages of Risk Communication 72 4.2.4.1 Stage 1: Ignore the Public 73 4.2.4.2 Stage 2: Explaining Risk Data Better 73 4.2.4.3 Stage 3: Stakeholder Engagement 77 4.2.4.4 Stage 4: Empowerment 78 4.3 Summary 79 4.4 Chapter Resources 79 Endnotes 83 5 Stakeholder Engagement and Empowerment 87 5.1 Case Diary: A Town Hall Public Meeting Goes Very Wrong 87 5.2 Introduction 89 5.3 Levels of Stakeholder Engagement 91 5.3.1 Types of Stakeholder Engagement 93 5.4 Benefits of Stakeholder Engagement 95 5.5 Limitations and Challenges of Stakeholder Engagement 96 5.6 Techniques and Approaches for Effective Stakeholder Engagement 97 5.7 Meetings with Stakeholders 100 5.7.1 Town Hall Meetings 101 5.7.2 Open House Meetings/Information Workshops 102 5.7.3 Tips for Meetings with Stakeholders 102 5.8 Chapter Resources 104 Endnotes 107 6 Communicating in a Crisis 111 6.1 Case Diary: The Challenge of Partnership in a Crisis 112 6.2 The Three Phases of a Crisis 113 6.3 Communication in the Precrisis Preparedness Phase 115 6.3.1 Precrisis Communication Activity: Identifying Potential Crises 117 6.3.2 Case Study: The 2010 BP Deepwater Horizon Oil Spill 118 6.3.3 Precrisis Communication Activity: Identify Goals and Objectives 120 6.3.4 Precrisis Communication Activity: Develop a Crisis Communication Plan 121 6.3.5 Precrisis Communication Activity: Identify, Train, and Test Crisis Communication Spokespersons 124 6.3.6 Precrisis Communication Activity: Engaging Stakeholders 124 6.3.7 Precrisis Communication Activity: Identifying Stakeholders’ Questions and Concerns 126 6.3.8 Drafting Messages for Anticipated Stakeholder Questions and Concerns 126 6.3.9 Precrisis Communication Activity: Conducting Exercises to Test the Crisis Communication Plan 128 6.3.10 Precrisis Communication Activity: Incident Command System (ICS) and the Joint Information Center (JIC) 129 6.4 Communications in the Crisis Response Phase 130 6.4.1 Case Study: Lac-Mégantic Rail Tragedy 134 6.4.2 Disaster and Emergency Warnings 136 6.4.2.1 Designing Effective Warnings 137 6.4.2.2 Steps in the Disaster and Emergency Warning Process 137 6.5 Communicating Effectively about Blame, Accountability, and Responsibility 139 6.6 Communicating an Apology 140 6.6.1 Case Study: Maple Leaf Foods and the Listeria Food Contamination Crisis 141 6.6.2 Case Study: Southwest Airlines Apology 144 6.7 Communications in the Postcrisis Recovery Phase 145 6.7.1 Case Study and Case Diary: New York City’s Communication Trials by Fire, from West Nile to 9/11 146 6.7.2 Case Study: Johnson & Johnson and the Tylenol Tampering Case 147 6.7.3 Case Study: Flint, Michigan and Contaminated Drinking Water 149 6.8 Chapter Resources 151 Endnotes 159 7 Foundational Principles: Perceptions, Biases, and Information Filters 165 7.1 Case Diary: “A” Is for “Apples” 165 7.2 Message Perception and Reception in High Concern Situations 168 7.3 Message Filter Theory: A Set of Principles Drawn from the Behavioral and Neuroscience Literature 169 7.4 Case Study: COVID- 19 and Risk Perception Factors 171 7.4.1 Social Amplification Filters 173 7.4.2 Mental Shortcut Filters 174 7.4.3 Knowledge and Belief Filters 176 7.4.4 Personality Filters 177 7.4.5 Negative Dominance/Loss Aversion Filters 177 7.5 Message Filters and the Brain 179 7.6 Message Filters, Perceptions, and Models of Human Behavior 179 7.7 Message Filters, Perceptions, and Persuasion 180 7.8 Message Filters, Perceptions, and Ethics 181 7.9 Message Filters and the Issue of Acceptable Risk 182 7.9.1 Factors in Determining Acceptable Risk 183 7.9.2 Strategies for Addressing Acceptable Risk 184 7.10 The Message is in the Mind of the Receiver 186 7.11 Chapter Resources 186 Endnotes 192 8 Foundational Principles: Trust, Culture, and Worldviews 197 8.1 Case Diary: A Disease Outbreak in Africa 198 8.2 Trust Determination 200 8.3 Characteristics and Attributes of Trust 201 8.3.1 Trust and First Impressions 203 8.3.2 Loss of Trust 204 8.3.3 Gaining Trust 206 8.3.3.1 Gaining Trust through Stakeholder Engagement 206 8.3.3.2 Gaining Trust through Trust Transference 206 8.3.3.3 Gaining Trust through Actions and Behavior 207 8.4 Case Study: Trust and the Chernobyl Nuclear Power Plant Accident 207 8.5 Case Diary: The Fukushima Japan Nuclear Power Plant Accident 208 8.6 Gaining Trust in High- Stakes Negotiations 210 8.7 Case Diary: Gaining Trust and the SARS Outbreak in Hong Kong 211 8.8 Trust and Culture 212 8.9 Cultural Competency 212 8.9.1 Different Communication Styles 213 8.9.2 Different Attitudes and Approaches toward Conflict 214 8.9.3 Different Nonverbal Communication 214 8.9.4 Different Attitudes and Approaches to Decision Making 214 8.9.5 Different Attitudes and Approaches toward Information Disclosure 215 8.9.6 Different Attitudes and Approaches to Knowing 215 8.9.7 Different Attitudes and Approaches toward Conversation and Discourse 215 8.9.8 Different Attitudes and Approaches toward the Use of Humor 215 8.10 Risk Perceptions, Trust, and Cultural Theory 215 8.11 Risk Perceptions, Trust, and Worldviews 217 8.12 Case Diary: Fame, Family, and Fear in Public Health Communications 218 8.13 Chapter Resources 221 Endnotes 227 9 Best Practices for Message Development in High Concern Situations 231 9.1 Case Diary: Mapping Through a Maze of COVID Confusion 231 9.2 Introduction 232 9.3 Crafting Messages in the Context of Stress and High Concern Decision- Making 233 9.3.1 Trust Determination and Messaging in High-Stress Situations 233 9.3.1.1 The CCO Best Practice 233 9.3.2 Impaired Comprehension and Messaging in High-Stress Situations 234 9.3.3 Negative Dominance and Messaging in High-Stress Situations 234 9.3.4 Emotional Impact and Messaging in High-Stress Situations 235 9.3.4.1 Case Study: Hoarding Toilet Paper at the Outset of the 2020 COVID-19 Pandemic 236 9.4 Message Mapping 238 9.4.1 Benefits of Message Maps 238 9.4.2 Message Maps and the Brain 241 9.4.3 The Development of Message Mapping 243 9.4.4 Case Study: Message Maps and Asbestos 244 9.4.5 Steps in Developing a Message Map 245 9.4.5.1 Step 1: Identify, Profile, and Prioritize Key Stakeholders 245 9.4.5.2 Step 2: Develop Lists of Stakeholder Questions and Concerns 248 9.4.5.3 Case Study: Stakeholder Questions, Terrorism, and Disasters 249 9.4.5.4 Step 3: Develop Key Messages 249 9.4.5.5 Step 4: Develop Supporting Information 252 9.4.5.6 Step 5: Testing the Message Map 253 9.4.5.7 Step 6: Repurpose Maps through Appropriate Information Channels 254 9.5 Summary 254 9.6 Chapter Resources 255 Endnotes 263 Appendices 265 Appendix 9.1 265 Appendix 9.2 267 Appendix 9.3 277 Appendix 9.4 280 10 Communicating Numbers, Statistics, and Technical Information about a Risk or Threat 285 10.1 Case Diary: A Civil Action 285 10.2 Introduction 288 10.3 Case Study: Numbers, Statistics, and COVID-19 289 10.4 Brain Processes That Filter How Technical Information about Risk or Threat Is Received and Understood 292 10.4.1 Risk and Threat Perception Filters 293 10.4.2 Thought Processing Filters 294 10.4.3 Mental Model Filters 294 10.4.4 Emotional Filters 295 10.4.5 Motivational Filters 295 10.5 Challenges in Explaining Technical Information About a Risk or Threat 296 10.6 Framing 297 10.7 Technical Jargon 298 10.8 Information Clarity 299 10.9 Units of Measurement 300 10.10 Case Study: Risk Numbers, Risk Statistics, and the Challenger Accident 303 10.11 Comparisons 304 10.12 Lessons Learned 308 10.13 Chapter Resources 308 Endnotes 315 11 Evaluating Risk, High Concern, and Crisis Communications 321 11.1 Case Diary: Finding the Road to Rio 321 11.1.1 The Mosquito Front 322 11.1.2 The Citizen Front 322 11.1.3 The Olympic Athlete and Visitor Front 323 11.1.4 Communication Strategy: The Citizen Front 323 11.1.5 Communication Strategy: Olympic Athlete and Visitor Front 323 11.2 Introduction 324 11.3 Benefits of Evaluation 326 11.4 Evaluation Practices for Risk, High Concern, and Crisis Communication 327 11.5 Case Studies of Evaluation Comparison to Best Practice: Hurricane Katrina, COVID-19 and Vaccination Hesitancy, and Outbreak of COVID-19 in Wuhan, China 329 11.5.1 Hurricane Katrina 329 11.5.2 COVID-19 and Vaccination Hesitancy 330 11.5.3 Outbreak of COVID-19 in Wuhan, China 330 11.6 Barriers and Challenges to Evaluation 332 11.6.1 Differences in Values 332 11.6.2 Differences in Goals 332 11.6.3 Competition for Resources 332 11.6.4 Ability to Learn from Results 333 11.7 Evaluation Measures 338 11.7.1 Process/Implementation Evaluation Measures 338 11.7.2 Outcome/Impact Evaluation Measures 339 11.7.3 Formative Evaluation Measures 340 11.8 An Integrated Approach to Evaluation 341 11.9 Resource: Case Study of Focus Group Testing of Mosquito-Control Messages, Florida, 2018–2019 342 11.10 Evaluation Tools 347 11.11 Chapter Resources 348 Endnotes 353 12 Communicating with Mainstream News Media 357 12.1 Case Diary: A High Stakes Chess Game with a News Media Outlet 357 12.2 Introduction 359 12.3 Characteristics of the Mainstream News Media 361 12.3.1 Content 361 12.3.2 Clarity 362 12.3.3 Avoiding Prejudice 362 12.3.4 Topicality 362 12.3.5 Diversity 363 12.3.6 Subject Matter Expertise 363 12.3.7 Resources 363 12.3.8 Career Advancement 364 12.3.9 Watchdogs 364 12.3.10 Amplifiers 364 12.3.11 Skepticism 364 12.3.12 Source Dependency 365 12.3.13 Professionalism and Independence 365 12.3.14 Covering Uncertainty 366 12.3.15 Legal Constraints 366 12.3.16 Special Populations 366 12.3.17 Competition 366 12.3.18 Confidentiality and Protection of Sources 367 12.3.19 Deadlines 367 12.3.20 Trust 367 12.3.21 Storytelling 368 12.3.22 Balance and Controversy 368 12.4 Guidelines and Best Practices for Interacting with Mainstream News Media 368 12.5 The Media Interview 370 12.6 Lessons and Trends 375 12.7 Case Diary: A Ten-Round Exercise 377 12.8 Chapter Resources 378 Endnotes 381 13 Social Media and the Changing Landscape for Risk, High Concern, and Crisis Communication 385 13.1 Case Diary: Myth-Busting: Mission Impossible? 385 13.2 Introduction 387 13.3 Benefits of Social Media Outlets for Risk, High Concern, and Crisis Communication 389 13.3.1 Speed 389 13.3.2 Access 390 13.3.3 Reach 390 13.3.4 Amplification 390 13.3.5 Transparency 390 13.3.6 Understanding 390 13.3.7 Changes in Behaviors 391 13.3.8 Relationship Building 391 13.3.9 Timeliness 391 13.3.10 Hyperlocal Specificity 391 13.3.11 Listening and Feedback 392 13.3.12 Taking Advantage of the Benefits of Social Media 392 13.4 Challenges of Social Media for Risk, High Concern, and Crisis Communication 393 13.4.1 Rising Expectations 393 13.4.2 Repostings/Redistribution 393 13.4.3 Permanent Storage 394 13.4.4 Hacking/Security 394 13.4.5 Rise and Fall of Social Media Platforms 394 13.4.6 Resources 394 13.4.7 Privacy and Confidentiality 394 13.4.8 Cognitive Overload 395 13.4.9 Players on the Field 395 13.4.10 Misinformation, Disinformation, and Rumors 395 13.5 Case Study: Social Media and the 2007 and 2011 Shooter Incidents at Virginia Polytechnic Institute and State University (Virginia Tech) 397 13.6 Case Study: Social Media and the 2013 Southern Alberta/Calgary Flood 398 13.7 Best Practices for Using Social Media in Risk, High Concern, and Crisis Situations 400 13.7.1 Create a Social Media Plan 400 13.7.2 Staff Appropriately for Social Media Communication 400 13.7.3 Ensure Continuous Updating 401 13.7.4 Identify Your Partners 401 13.7.5 Assess and Reassess Your Selection of Platforms 401 13.7.6 Create and Maintain as Many Social Media Accounts as You and Your Stakeholders Need 401 13.7.7 Be Prepared for the Special Social Media Requirements and Pressures in a Crisis 401 13.7.8 Provide Guidance for Employees and Engage Them in the Process 402 13.7.9 Don’t Skip Evaluation 403 13.8 Case Diary: Social Media and the Negative Power of“Junk”Information about Risks and Threats 403 13.9 Lessons Learned and Trends 404 13.10 Chapter Resources 404 Endnotes 408 Index 411
£39.85
John Wiley & Sons Inc Group Policy
Book SynopsisGet up to speed on the latest Group Policy tools, features, and best practices Group Policy, Fundamentals, Security, and the Managed Desktop, 3rd Edition helps you streamline Windows and Windows Server management using the latest Group Policy tools and techniques. This updated edition covers Windows 10 and Windows Server vNext, bringing you up to speed on all the newest settings, features, and best practices. Microsoft Group Policy MVP Jeremy Moskowitz teaches you the major categories of Group Policy, essential troubleshooting techniques, and how to manage your Windows desktops. This is your complete guide to the latest Group Policy features and functions for all modern Windows clients and servers, helping you manage more efficiently and effectively. Perform true desktop and server management with the Group Policy Preferences, ADMX files, and additional add-ons Use every feature of the GPMC and become a top-notch administratoTable of ContentsIntroduction xxv Chapter 1 Group Policy Essentials 1 Getting Ready to Use This Book 2 Getting Started with Group Policy 7 Group Policy Entities and Policy Settings 7 Active Directory and Local Group Policy 9 Understanding Local Group Policy 10 Group Policy and Active Directory 13 Linking Group Policy Objects 15 Final Thoughts on Local GPOs 20 An Example of Group Policy Application 21 Examining the Resultant Set of Policy 23 At the Site Level 23 At the Domain Level 24 At the OU Level 24 Bringing It All Together 25 Group Policy, Active Directory, and the GPMC 26 Implementing the GPMC on Your Management Station 27 Creating a One-Stop-Shop MMC 30 Group Policy 101 and Active Directory 32 Active Directory Users and Computers vs. GPMC 32 Adjusting the View within the GPMC 33 The GPMC-centric View 35 Our Own Group Policy Examples 37 More about Linking and the Group Policy Objects Container 38 Applying a Group Policy Object to the Site Level 41 Applying Group Policy Objects to the Domain Level 44 Applying Group Policy Objects to the OU Level 47 Testing Your Delegation of Group Policy Management 52 Understanding Group Policy Object Linking Delegation 54 Granting OU Admins Access to Create New Group Policy Objects 55 Creating and Linking Group Policy Objects at the OU Level 56 Creating a New Group Policy Object Affecting Computers in an OU 59 Moving Computers into the Human Resources Computers OU 61 Verifying Your Cumulative Changes 62 Final Thoughts 64 Chapter 2 Managing Group Policy with the GPMC and via PowerShell 67 Common Procedures with the GPMC and PowerShell 69 Raising or Lowering the Precedence of Multiple Group Policy Objects 75 Understanding GPMC’s Link Warning 76 Stopping Group Policy Objects from Applying 78 Block Inheritance 85 The Enforced Function 87 Security Filtering and Delegation with the GPMC 90 Filtering the Scope of Group Policy Objects with Security 91 User Permissions on Group Policy Objects 102 Granting Group Policy Object Creation Rights in the Domain 104 Special Group Policy Operation Delegations 105 Who Can Create and Use WMI Filters? 107 Performing RSoP Calculations with the GPMC 109 What’s-Going-On Calculations with Group Policy Results 110 What-If Calculations with Group Policy Modeling 116 Searching and Commenting Group Policy Objects and Policy Settings 118 Searching for GPO Characteristics 119 Filtering Inside a GPO for Policy Settings 121 Comments for GPOs and Policy Settings 132 Starter GPOs 137 Creating a Starter GPO 139 Editing a Starter GPO 139 Leveraging a Starter GPO 141 Delegating Control of Starter GPOs 142 Wrapping Up and Sending Starter GPOs 143 Should You Use Microsoft’s Pre-created Starter GPOs? 144 Back Up and Restore for Group Policy 145 Backing Up Group Policy Objects 146 Restoring Group Policy Objects 148 Backing Up and Restoring Starter GPOs 152 Backing Up and Restoring WMI Filters 153 Backing Up and Restoring IPsec Filters 153 Migrating Group Policy Objects between Domains 154 Basic Interdomain Copy and Import 154 Copy and Import with Migration Tables 162 GPMC At-a-Glance Icon View 166 Final Thoughts 167 Chapter 3 Group Policy Processing Behavior Essentials 169 Group Policy Processing Principles 170 Don’t Get Lost 172 Initial Policy Processing 172 Background Refresh Policy Processing 174 Security Background Refresh Processing 187 Special Case: Moving a User or a Computer Object 193 Windows 8, 8.1, and 10 Group Policy: Subtle Differences 194 Policy Application via Remote Access, Slow Links, and after Hibernation 200 When and How Does Windows Check for Slow Links? 200 What Is Processed over a Slow Network Connection? 201 Always Get Group Policy (Even on the Road, through the Internet) 202 Using Group Policy to Affect Group Policy 205 Affecting the User Settings of Group Policy 205 Affecting the Computer Settings of Group Policy 207 The Missing Group Policy Preferences Policy Settings 219 Final Thoughts 221 Chapter 4 Advanced Group Policy Processing 223 Fine-Tuning When and Where Group Policy Applies 223 Using WMI Filters to Filter the Scope of a Group Policy Object (Itself) 224 Using PolicyPak Admin Templates Manager to Filter the Scope of a Group Policy Object’s Contents 230 Group Policy Loopback Processing 231 Reviewing Normal Group Policy Processing 232 Group Policy Loopback—Merge Mode 233 Group Policy Loopback—Replace Mode 233 Loopback without Loopback (Switched Mode with PolicyPak Application Manager and PolicyPak Admin Templates Manager) 239 Group Policy with Cross-Forest Trusts 242 What Happens When Logging onto Different Clients across a Cross-Forest Trust? 243 Disabling Loopback Processing When Using Cross-Forest Trusts 245 Understanding Cross-Forest Trust Permissions 245 Final Thoughts 247 Chapter 5 Group Policy Preferences 249 Powers of the Group Policy Preferences 252 Computer Configuration ➢ Preferences 258 User Configuration ➢ Preferences 269 Group Policy Preferences Concepts 278 Preference vs. Policy 279 The Overlap of Group Policy vs. Group Policy Preferences and Associated Issues 281 The Lines and Circles and the CRUD Action Modes 293 Common Tab 301 Group Policy Preferences Tips, Tricks, and Troubleshooting 313 Quick Copy, Drag and Drop, Cut and Paste, and Sharing of Settings 313 Multiple Preference Items at a Level 315 Temporarily Disabling a Single Preference Item or Extension Root 317 Environment Variables 318 Managing Group Policy Preferences: Hiding Extensions from within the Editor 320 Troubleshooting: Reporting, Logging, and Tracing 321 Giving Group Policy Preferences a “Boost” (Using PolicyPak Preferences Manager and PolicyPak Cloud) 329 Using PolicyPak Preferences Manager to Maintain Group Policy Preferences while Offline 330 Using PolicyPak Preferences Manager to Deliver Group Policy Preferences Using “Not Group Policy” 330 Delivering Group Policy Preferences over the Internet Using PolicyPak Cloud (to Domain-Joined and Non–Domain-Joined Machines) 331 Final Thoughts 332 Chapter 6 Managing Applications and Settings Using Group Policy 335 Understanding Administrative Templates 336 Administrative Templates: Then and Now 336 Policy vs. Preference 337 Exploring ADM vs. ADMX and ADML Files 342 Looking Back at ADM Files 342 Understanding the Updated GPMC’s ADMX and ADML Files 342 Comparing ADM vs. ADMX Files 344 ADMX and ADML Files: What They Do and the Problems They Solve 345 Problem and Solution 1: Tackling SYSVOL Bloat 345 Problem 2: How Do We Deal with Multiple Languages? 346 Problem 3: How Do We Deal with “Write Overlaps”? 347 Problem 4: How Do We Distribute Updated Definitions to All Our Administrators? 349 The Central Store 349 The Windows ADMX/ADML Central Store 351 Creating and Editing GPOs in a Mixed Environment 355 Scenario 1: Start by Creating and Editing a GPO Using the Older GPMC; Edit Using Another Older GPMC Management Station 355 Scenario 2: Start by Creating and Editing a GPO with the Older GPMC; Edit Using the Updated GPMC 356 Scenario 3: Start by Creating and Editing a GPO Using the Updated GPMC; Edit Using Another Updated GPMC Management Station 358 Scenario 4: Start by Creating and Editing a GPO Using an Updated GPMC Management Station; Edit Using an Older GPMC Management Station 358 Using ADM and ADMX Templates from Other Sources 359 Using ADM Templates with the Updated GPMC 359 Using ADMX Templates from Other Sources 361 ADMX Migrator and ADMX Editor Tools 362 ADMX Migrator 363 ADMX Creation and Editor Tools 365 PolicyPak Application Manager 365 PolicyPak Concepts and Installation 367 Top PolicyPak Application Manager Pak Examples 369 Understanding PolicyPak Superpowers and What Happens When Computers Are Off the Network 373 Final Thoughts 376 Chapter 7 Troubleshooting Group Policy 379 Under the Hood of Group Policy 381 Inside Local Group Policy 381 Inside Active Directory Group Policy Objects 383 The Birth, Life, and Death of a GPO 385 How Group Policy Objects Are “Born” 386 How a GPO “Lives” 387 Death of a GPO 415 How Client Systems Get Group Policy Objects 416 The Steps to Group Policy Processing 416 Client-Side Extensions 419 Where Are Administrative Templates Registry Settings Stored? 427 Why Isn’t Group Policy Applying? 429 Reviewing the Basics 429 Advanced Inspection 432 Client-Side Troubleshooting 441 RSoP for Windows Clients 442 Advanced Group Policy Troubleshooting with the Event Viewer Logs 450 Group Policy Processing Performance 462 Final Thoughts 463 Chapter 8 Implementing Security with Group Policy 465 The Two Default Group Policy Objects 466 GPOs Linked at the Domain Level 467 Group Policy Objects Linked to the Domain Controllers OU 471 Oops, the “Default Domain Policy” GPO and/or “Default Domain Controllers Policy” GPO Got Screwed Up! 473 The Strange Life of Password Policy 475 What Happens When You Set Password Settings at an OU Level 475 Fine-Grained Password Policy 477 Inside Basic and Advanced Auditing 482 Basic Auditable Events Using Group Policy 482 Auditing File Access 487 Auditing Group Policy Object Changes 489 Advanced Audit Policy Configuration 491 Restricted Groups 495 Strictly Controlling Active Directory Groups 497 Strictly Applying Group Nesting 499 Which Groups Can Go into Which Other Groups via Restricted Groups? 500 Restrict Software Using AppLocker 500 Inside Software Restriction Policies 501 Software Restriction Policies’ “Philosophies” 502 Software Restriction Policies’ Rules 503 Restricting Software Using AppLocker 510 Controlling User Account Control with Group Policy 531 Just Who Will See the UAC Prompts, Anyway? 534 Understanding the Group Policy Controls for UAC 539 UAC Policy Setting Suggestions 548 Wireless (802.3) and Wired Network (802.11) Policies 551 802.11 Wireless Policy for Windows XP 552 802.11 Wireless Policy and 802.3 Wired Policy for Modern Windows 553 Configuring Windows Firewall with Group Policy 554 Manipulating the Windows Firewall (the Old Way) 557 Windows Firewall with Advanced Security WFAS 558 IPsec (Now in Windows Firewall with Advanced Security) 567 How Windows Firewall Rules Are Ultimately Calculated 572 Final Thoughts 576 Chapter 9 Profiles: Local, Roaming, and Mandatory 579 Setting the Stage for Multiple Clients 579 What Is a User Profile? 583 The NTUSER.DAT File 583 Profile Folders for Type 1 Computers (Windows XP and Windows 2003 Server) 584 Profile Folders for Type 2–5 Computers (Windows Vista and Later) 586 The Default Local User Profile 591 The Default Network User Profile 594 Roaming Profiles 599 Are Roaming Profiles “Evil”? And What Are the Alternatives? 601 Setting Up Roaming Profiles 604 Testing Roaming Profiles 608 Roaming and Nonroaming Folders 610 Managing Roaming Profiles 614 Manipulating Roaming Profiles with Computer Group Policy Settings 617 Manipulating Roaming Profiles with User Group Policy Settings 630 Mandatory Profiles 635 Establishing Mandatory Profiles for Windows XP 636 Establishing Mandatory Profiles for Modern Windows 638 Mandatory Profiles—Finishing Touches 639 Forced Mandatory Profiles (Super-Mandatory) 640 Final Thoughts 642 Chapter 10 The Managed Desktop, Part 1: Redirected Folders, Offline Files, and the Synchronization Manager 643 Redirected Folders 644 Available Folders to Redirect 644 Redirected Documents/My Documents 645 Redirecting the Start Menu and the Desktop 665 Redirecting the Application Data Folder 666 Group Policy Setting for Folder Redirection 667 Troubleshooting Redirected Folders 669 Offline Files and Synchronization 672 Making Offline Files Available 673 Inside Windows 10 File Synchronization 676 Handling Conflicts 684 Client Configuration of Offline Files 686 Using Folder Redirection and Offline Files over Slow Links 694 Synchronizing over Slow Links with Redirected My Documents 695 Synchronizing over Slow Links with Regular Shares 697 Teaching Windows 10 How to React to Slow Links 698 Using Group Policy to Configure Offline Files (User and Computer Node) 702 Troubleshooting Sync Center 710 Turning Off Folder Redirection’s Automatic Offline Caching for Desktops 712 Final Thoughts 720 Chapter 11 The Managed Desktop, Part 2: Software Deployment via Group Policy 723 Group Policy Software Installation (GPSI) Overview 724 The Windows Installer Service 726 Understanding .MSI Packages 726 Utilizing an Existing .MSI Package 727 Assigning and Publishing Applications 732 Assigning Applications 732 Publishing Applications 733 Rules of Deployment 734 Package-Targeting Strategy 734 Advanced Published or Assigned 745 The General Tab 746 The Deployment Tab 746 The Upgrades Tab 750 The Categories Tab 752 The Modifications Tab 752 The Security Tab 754 Default Group Policy Software Installation Properties 755 The General Tab 755 The Advanced Tab 756 The File Extensions Tab 757 The Categories Tab 757 Removing Applications 757 Users Can Manually Change or Remove Applications 758 Automatically Removing Assigned or Published .MSI Applications 758 Forcibly Removing Assigned or Published .MSI Applications 759 Using Group Policy Software Installation over Slow Links 761 MSI, the Windows Installer, and Group Policy 764 Inside the MSIEXEC Tool 764 Patching a Distribution Point 765 Affecting Windows Installer with Group Policy 767 Deploying Office 2010 and Later Using Group Policy (MSI Version) 771 Steps to Office 2013 and 2016 Deployment Using Group Policy 772 Result of Your Office Deployment Using Group Policy 782 Installing Office Using Click-to-Run 783 Getting Office Click-to-Run 784 Installing Office Click-to-Run by Hand 784 Deploying Office Click-to-Run via Group Policy 786 System Center Configuration Manager vs. Group Policy (and Alternatives) 793 Final Thoughts 796 Chapter 12 Finishing Touches with Group Policy: Scripts, Internet Explorer, Hardware Control, Printer Deployment, Local Admin Password Control 797 Scripts: Logon, Logoff, Startup, and Shutdown 798 Non-PowerShell-Based Scripts 798 Deploying PowerShell Scripts to Windows 7 and Later Clients 801 Managing Internet Explorer with Group Policy 802 Managing Internet Explorer with Group Policy Preferences 803 Internet Explorer’s Group Policy Settings 805 Understanding Internet Explorer 11’s Enterprise Mode 806 Managing Internet Explorer 11 Using PolicyPak Application Manager 808 Restricting Access to Hardware via Group Policy 808 Group Policy Preferences Devices Extension 809 Restricting Driver Access with Policy Settings 814 Getting a Handle on Classes and IDs 815 Restricting or Allowing Your Hardware via Group Policy 817 Understanding the Remaining Policy Settings for Hardware Restrictions 819 Assigning Printers via Group Policy 821 Zapping Down Printers to Users and Computers (a Refresher) 821 Implementing Rotating Local Passwords with LAPS 830 What to Install from LAPS 831 Extending the Schema and Setting LAPS Permissions 832 Using a Group Policy Object to Manage LAPS 835 Using LAPS Management’s Tools: Fat Client and PowerShell 836 Final Thoughts for This Chapter and for the Book 838 Appendix A Scripting Group Policy Operations with Windows PowerShell 839 Using PowerShell to Do More with Group Policy 840 Preparing for Your PowerShell Experience 841 Getting Started with PowerShell 842 Documenting Your Group Policy World with PowerShell 846 Setting GPO Permissions 867 Manipulating GPOs with PowerShell 870 Performing a Remote GPupdate (Invoking GPupdate) 880 Replacing Microsoft’s GPMC Scripts with PowerShell Equivalents 881 Final Thoughts 883 Appendix B Group Policy and VDI 885 Why Is VDI Different? 886 Tuning Your Images for VDI 887 Specific Functions to Turn Off for VDI Machines 888 Group Policy Settings to Set and Avoid for Maximum VDI Performance 889 Group Policy Tweaks for Fast VDI Video 891 Tweaking RDP Using Group Policy for VDI 891 Tweaking RemoteFX using Group Policy for VDI 892 Managing and Locking Down Desktop UI Tweaks 893 Final Thoughts for VDI and Group Policy 894 Appendix C Advanced Group Policy Management 897 The Challenge of Group Policy Change Management 898 Architecture and Installation of AGPM 899 AGPM Architecture 899 Installing AGPM 900 What Happens after AGPM Is Installed? 906 GPMC Differences with AGPM Client 906 What’s With All the Access Denied Errors? 908 Does the World Change Right Away? 908 Understanding the AGPM Delegation Model 908 AGPM Delegation Roles 909 AGPM Common Tasks 912 Understanding and Working with AGPM’s Flow 914 Controlling Your Currently Uncontrolled GPOs 915 Creating a GPO and Immediately Controlling It 918 Check Out a GPO 919 Viewing Reports about a Controlled GPO 921 Editing a Checked-Out Offline Copy of a GPO 921 Performing a Check In of a Changed GPO 923 Deploying a GPO into Production 924 Making Additional Changes to a GPO and Labeling a GPO 926 Using History and Differences to Roll Back a GPO 927 Using “Import from Production” to Catch Up a GPO 931 Uncontrolling, Restoring, and Destroying a GPO 932 Searching for GPOs Using the Search Box 934 AGPM Tasks with Multiple Admins 935 E‑mail Preparations and Configurations for AGPM Requests 936 Adding Someone to the AGPM System 939 Requesting the Creation of New Controlled GPO 943 Approving or Rejecting a Pending Request 944 Editing the GPO Offline via Check Out/Check In 946 Requesting Deployment of the GPO 946 Analyzing a GPO (as a Reviewer) 948 Advanced Configuration and Troubleshooting of AGPM 950 Production Delegation 950 Auto-Deleting Old GPO Versions 951 Export and Import of Controlled GPOs between Forests and/or Domains 951 Troubleshooting AGPM Permissions 953 Leveraging AGPM Templates 955 Changing Permissions on GPO Archives 958 Backing Up, Restoring, and Moving the AGPM Server 959 Changing the Port That AGPM Uses 962 Events from AGPM 963 Leveraging the Built-in AGPM ADMX Template 963 Final Thoughts 968 Appendix D Security Compliance Manager 969 SCM: Installation 970 SCM: Getting Around 972 SCM: Usual Use Case 974 Importing Existing GPOs 980 Comparing and Merging Baselines 980 LocalGPO Tool 983 Installing SCM’s LocalGPO Tool 984 Using SCM’s LocalGPO 985 Final Thoughts on LocalGPO and SCM 989 Appendix E Microsoft Intune and PolicyPak Cloud 991 Microsoft Intune 991 Getting Started with Microsoft Intune 992 Using Microsoft Intune 995 Setting Up Microsoft Intune Groups 995 Setting Up Policies Using Microsoft Intune 996 Microsoft Intune and Group Policy Conflicts 997 Final Thoughts on Microsoft Intune 998 PolicyPak Cloud 998 PolicyPak Cloud 101 999 Understanding PolicyPak Cloud Policies 999 Creating and Using PolicyPak Cloud Groups 1001 Joining PolicyPak Cloud 1001 Final Thoughts on PolicyPak Cloud 1003 Final Thoughts on Microsoft Intune and PolicyPak Cloud 1003 Index 1005
£38.00
John Wiley & Sons Inc Security Privacy and Digital Forensics in the
Book SynopsisIn a unique and systematic way, this book discusses the security and privacy aspects of the cloud, and the relevant cloud forensics. Cloud computing is an emerging yet revolutionary technology that has been changing the way people live and work. However, with the continuous growth of cloud computing and related services, security and privacy has become a critical issue. Written by some of the top experts in the field, this book specifically discusses security and privacy of the cloud, as well as the digital forensics of cloud data, applications, and services. The first half of the book enables readers to have a comprehensive understanding and background of cloud security, which will help them through the digital investigation guidance and recommendations found in the second half of the book. Part One ofSecurity, Privacy and Digital Forensics in theCloudcovers cloud infrastructure security; confidentiality of data; access control in cloud IaaS; clouTable of ContentsList of Contributors xv Part I Cloud Security and Privacy 1 1 Introduction to the Cloud and Fundamental Security and Privacy Issues of the Cloud 3Hassan Takabi and Mohammad GhasemiGol 1.1 Introduction 3 1.2 Cloud Computing and Security Issues 4 1.3 Identity Security in the Cloud 9 1.4 Information Security in the Cloud 9 1.5 Cloud Security Standards 16 1.6 Conclusion 20 References 20 2 Cloud Infrastructure Security 23Mohammad GhasemiGol 2.1 Introduction 23 2.2 Infrastructure Security in the Cloud 24 2.3 Infrastructure Security Analysis in Some Clouds 31 2.4 Protecting Cloud Infrastructure 45 2.5 Conclusion 49 References 49 3 Confidentiality of Data in the Cloud: Conflicts Between Security and Cost 51Nathalie Baracaldo and Joseph Glider 3.1 Introduction 51 3.2 Background 51 3.3 Confidentiality: Threats and Adversaries 54 3.4 Achieving Data Confidentiality in Cloud Storage Systems 55 3.5 Reducing Cloud Storage System Costs through Data‐Reduction Techniques 57 3.6 Reconciling Data Reduction and Confidentiality 59 3.7 Trusted Decrypter 62 3.8 Future Directions for Cloud Storage Confidentiality with Low Cost 74 3.9 Conclusions 76 References 77 4 Access Control in Cloud IaaS 81Yun Zhang, Ram Krishnan, Farhan Patwa, and Ravi Sandhu 4.1 Introduction 81 4.2 Background 82 4.3 Access Control in OpenStack Cloud IaaS 83 4.4 Access Control in AWS Cloud IaaS 90 4.5 Access Control in Azure Cloud IaaS 99 4.6 Conclusions 107 References 107 5 Cloud Security and Privacy Management 109Patrick Kamongi 5.1 Introduction and Background 109 5.2 Security and Privacy Analysis 111 5.3 Best Security Practices and Recommendation 117 5.4 Use Case Example: Microsoft Office 365, SaaS Version 118 5.5 Current Trends and Future Direction 125 5.6 Related Works 125 5.7 Conclusion 126 Acknowledgments 126 References 126 6 Hacking and Countermeasures in the Cloud 129Farzaneh Abazari, Hassan Takabi, and Morteza Analoui 6.1 Introduction 129 6.2 Background 130 6.3 Cloud Security Threats 130 6.4 Cloud Security Countermeasures 134 6.5 Hacking the Cloud: Reality Check 136 6.6 Future of Cloud Security 137 6.6.1 Cloud Security for the IoT 138 6.7 Conclusions 139 References 139 7 Risk Management and Disaster Recovery in the Cloud 143Saman Zonouz 7.1 Introduction 143 7.2 Background 143 7.3 Consequence‐ Centric Security Assessment 145 7.4 Future Directions 154 7.5 Conclusions 155 8 Cloud Auditing and Compliance 157Paolina Centonze 8.1 Introduction 157 8.2 Background 157 8.3 Cloud Auditing 162 8.4 Cloud Compliance 170 8.5 Future Research Directions for Cloud Auditing and Compliance 183 8.6 Conclusion 184 References 185 Further Reading 187 9 Security‐as‐a‐Service (SECaaS) in the Cloud 189Saman Taghavi Zargar, Hassan Takabi, and Jay Iyer 9.1 Introduction 189 9.2 Related Work 192 9.3 Security‐ as‐a‐Service Framework 194 9.4 Conclusions 199 References 199 Part II Cloud Forensics 201 10 Cloud Forensics: Model, Challenges, and Approaches 203Lei Chen, Nhien‐An Le‐Khac, Sebastian Schlepphorst, and Lanchuan Xu 10.1 Introduction 203 10.2 Background 204 10.3 Process and Model of Cloud Forensics 207 10.4 Cloud Forensics Methods, Approaches, and Tools 211 10.5 Challenges in Cloud Forensics 213 10.6 Conclusions 214 References 214 11 Cyberterrorism in the Cloud: Through a Glass Darkly 217Barry Cartwright, George R. S. Weir, and Richard Frank 11.1 Introduction 217 11.2 What is Terrorism? 218 11.3 Defining Cyberterrorism 220 11.4 Cyberterrorism vs. Terrorist Use of Cyberspace 221 11.5 Cyberterrorism in the Cloud 222 11.6 The Benefits of the Cloud to Cyberterrorists 225 11.7 Cyberlaw and Cyberterrorism 227 11.8 Conclusion: Through a Glass Darkly 230 References 232 12 Digital Forensic Process and Model in the Cloud 239Nhien‐An Le‐Khac, James Plunkett, M‐Tahar Kechadi, and Lei Chen 12.1 Introduction 239 12.2 Digital Forensics Models 240 12.3 Cloud Forensics Process and Model 243 12.4 Toward a New Cloud Forensics Model 246 12.5 Evaluation and Analysis 251 12.6 Conclusion 253 References 253 13 Data Acquisition in the Cloud 257Nhien‐An Le‐Khac, Michel Mollema, Robert Craig, Steven Ryder, and Lei Chen 13.1 Introduction 257 13.2 Background 258 13.3 Data Center as a Source of Evidence 259 13.4 Cloud Service Providers: Essential Requirements, Governance, and Challenges 260 13.4.1 Business Model 261 13.5 Cloud Storage Forensics 264 13.6 Case Study 1: Finding Data Centers on the Internet in Data‐Dense Environments 265 13.7 Case Study 2: Cloud Forensics for the Amazon Simple Storage Service 274 13.8 Conclusion 281 References 281 14 Digital Evidence Management, Presentation, and Court Preparation in the Cloud: A Forensic Readiness Approach 283Lucia De Marco, Nhien‐An Le‐Khac, and M‐Tahar Kechadi 14.1 Introduction 283 14.2 Cloud Forensics and Challenges 284 14.3 Digital Forensics Readiness 285 14.4 Cloud Forensics Readiness 287 14.5 Forensics Readiness in Evidence Management, Presentation, and Court Preparation 291 14.6 Conclusion 295 References 296 15 Analysis of Cloud Digital Evidence 301Irfan Ahmed and Vassil Roussev 15.1 Introduction 301 15.2 Background 305 15.3 Current Approaches 307 15.4 Proposed Comprehensive Approaches 312 15.5 Discussion 317 15.6 Conclusions 317 References 318 16 Forensics‐as‐a‐Service (FaaS) in the State‐of‐the‐Art Cloud 321Avinash Srinivasan and Frank Ferrese 16.1 Introduction 321 16.2 Background and Motivation 323 16.3 State of the Art in Parallel and Distributed Forensic Analysis 325 16.4 Conclusion and Future Research Direction 334 References 335 Index 339
£84.56
John Wiley & Sons Inc The IEEE Guide to Writing in the Engineering and
Book SynopsisHelps both engineers and students improve their writing skills by learning to analyze target audience, tone, and purpose in order to effectively write technical documents This book introduces students and practicing engineers to all the components of writing in the workplace. It teaches readers how considerations of audience and purpose govern the structure of their documents within particular work settings. The IEEE Guide to Writing in the Engineering and Technical Fields is broken up into two sections: Writing in Engineering Organizations and What Can You Do With Writing? The first section helps readers approach their writing in a logical and persuasive way as well as analyze their purpose for writing. The second section demonstrates how to distinguish rhetorical situations and the generic forms to inform, train, persuade, and collaborate. The emergence of the global workplace has brought with it an increasingly important role for effective technical communication. Engineers more Table of ContentsA Note from the Series Editor, ix About the Authors, xi PART I A TECHNIQUE FOR WRITING LIKE A PROFESSIONAL 1 Introduction, 3 1 The Social Situation of Text 7 The Social Contexts for Technical Writing, 8 Models of the Writing Environment, 9 Transmission Models, 10 Correctness Models, 11 Cognitive/Behavioral Models, 13 Social/Rhetorical Models, 14 This Guide's Approach, 16 The Rhetorical Situation: Purpose, 18 The Rhetorical Situation: Audience, 21 The Rhetorical Situation: Identity, 26 The Rhetorical Situation: Context, 28 The Pragmatic Situation: Community and Genre, 29 2 Making Writing Decisions 33 Introduction, 34 Document Structure and Granularity, 35 Arranging Text at the Macro Level, 37 Sectioning and Heading Sections, 39 Aids for Navigating and Understanding Document Structure, 43 Creating Effects with Lexis and Syntax at the Micro Level, 45 Lexical Technique: Word Choice, Technical Terms, and Hedges and Boosters, 47 Syntactic Technique: Modification, Clausal Arrangement, and Discursive Cueing, 53 Intermediate Structural Units and Argumentative Movement, 68 Paragraph Cohesion and Paragraphs as Structural Units of a Document, 69 Structures Other than Paragraphs, 72 Citations and Other Intertextual Statements, 73 Implications for the Process of Writing, 75 Additional Reading, 77 PART 2 WRITING DOCUMENTS 79 Introduction 81 3 Writing to Know: Informative Documents 85 Introduction, 86 The Purposes of Informative Documents, 86 Occasions for Preparing an Informative Document, 88 Audiences for an Informative Document, 88 Key Communication Strategies When Writing to Know, 90 Understanding What Constitutes Sufficient Evidence to Support a Claim, 90 Structuring Evidence in Your Document, 91 Establishing Expertise, 92 Questions for Analyzing Existing Documents, 93 Some Typical Informative Documents, 93 Reports, 93 Specifications, 104 4 Writing to Enable: Instructions and Guidance 109 Introduction, 110 The Purposes of Enabling Documents, 110 Occasions for Preparing an Enabling Document, 112 Audiences for an Enabling Document, 112 Key Communication Strategies When Writing to Enable, 113 Anticipating a Document's Use Context, 113 Deciding How Much Background Is Warranted, 115 Testing the Document with Users, 116 Questions for Analyzing Existing Documents, 119 Characteristic Enabling Documents, 119 Manuals/Guides and Other Documents That Primarily Contain Instructions/Directions/Procedures, 119 Tutorials/Training Materials, 128 Policies, 130 5 Writing to Convince: Persuasive Documents 133 Introduction, 134 The Purposes of Persuasive Documents, 134 Occasions for Preparing a Persuasive Document, 135 Audiences for the Persuasive Document, 136 Key Communication Strategies When Writing to Convince, 137 Designing Your Argument to Consider the Audience's Preexisting Beliefs, 137 Using the Terms and Values of the Audience to Articulate a Shared Goal, 140 Assuring Outcomes and Benefits without Seeming Unrealistic, 142 Questions for Analyzing Existing Documents, 143 Typical Examples of Persuasive Documents, 145 Proposals, 145 Business Plans, 149 6 Correspondence: Medium of Workplace Collaboration 155 Introduction, 156 The Purposes of Correspondence, 157 Occasions for Preparing Correspondence, 158 Audiences for Correspondence, 158 Key Communication Strategies When Corresponding, 160 Consider Workplace Roles and Official and Unofficial Relationships and Responsibilities, 160 Evaluate Target Size and Frequency of Communication for a Relationship, 162 Pause to Reconsider Composition, Time, and Tone before Sending, 163 Characteristics of Correspondence Documents, 165 Letters, Memoranda, and E-mails, 165 Types of Correspondence, 167 Pre- and Post-meeting Documents: Announcements, Agendas, and Minutes, 170 Social Media, 171 Appendix: IEEE Style for References, 173 Index, 183
£56.66
John Wiley & Sons Inc Multimedia Networks
Book SynopsisThe transportation of multimedia over the network requires timely and errorless transmission much more strictly than other data. This had led to special protocols and to special treatment in multimedia applications (telephony, IP-TV, streaming) to overcome network issues. This book begins with an overview of the vast market combined with the user's expectations. The base mechanisms of the audio/video coding (H.26x etc.) are explained to understand characteristics of the generated network traffic. Further chapters treat common specialized underlying IP network functions which cope with multimedia data in conjunction which special time adaption measures. Based on those standard functions these chapters can treat uniformly SIP, H.248, High-End IP-TV, Webcast, Signage etc. A special section is devoted to home networks which challenge high-end service delivery due to possibly unreliable management. The whole book treats concepts described in accessible IP-based standards and which are impleTable of ContentsPreface xi Acknowledgments xiii About the Authors xv Abbreviations xvii 1 Introduction 1 1.1 Types of Networks 2 1.1.1 Internet 2 1.1.2 Telecommunication Provider Networks 2 1.1.3 Company Networks 3 1.1.4 University Networks 3 1.1.5 Home Networks 3 1.1.6 Overview 4 1.2 Standard Organizations 4 1.3 Market 5 2 Requirements 7 2.1 Telephony 7 2.2 Streaming 10 2.3 IPTV 11 2.4 High-End Videoconferences 12 2.5 Webcast 15 2.6 Requirement Summary 16 3 Audio, Image, Video Coding, and Transmission 19 3.1 Audio 19 3.1.1 Companding 21 3.1.2 Differential Quantization 23 3.1.3 Vocoders 26 3.2 Basics of Video Coding 30 3.2.1 Simple Compression 34 3.2.2 Motion Estimation 35 3.2.3 Statistical Compression 36 3.2.4 Transform Functions 40 3.3 JPEG 43 3.4 MPEG/H.26x Video Compression 45 3.4.1 MPEG Data Streams 47 3.4.2 H.261 49 3.4.3 MPEG-4 52 3.4.4 H.264 52 3.4.5 Scalable Video Codec 58 3.4.6 H.265 59 3.5 Other Video Compression Standards 62 3.6 Three-Dimensional Video 64 3.7 Error Resilience 66 3.8 Transcoder 68 4 Underlying Network Functions 71 4.1 Real-Time Protocol (RTP) 71 4.1.1 Elements of RTP 73 4.1.2 Details of RTP 73 4.1.3 RTP Payload 74 4.1.4 Details of RTCP 79 4.2 Session Description Protocol (SDP) 86 4.2.1 SDP Overview 86 4.2.2 Extending SDP 89 4.2.3 Javascript Session Establishment Protocol (JSEP) 89 4.3 Streaming 90 4.3.1 Real-Time Streaming Protocol (RTSP) 90 4.4 Multicast 96 4.4.1 Multicast Overview 96 4.4.2 Multicast Addressing 97 4.4.3 Types of Multicast 98 4.4.4 Multicast End Delivery 99 4.4.5 Multicast Routing Protocols 102 4.4.6 Protocol Independent Multicast – Sparse Mode 103 4.4.7 Application Layer Multicast 107 4.5 Quality of Service 108 4.5.1 Integrated Services (Intserv) 109 4.5.2 Resource Reservation Protocol (RSVP) 110 4.5.3 Differentiated Services (DiffServ) 111 4.5.4 QoS on the LAN 116 4.5.5 QoS in the Real World 117 4.6 NTP 118 4.7 Caching 120 4.7.1 Caching Elements 120 4.7.2 Web Cache Communications Protocol (WCCP) 122 4.7.3 Content Delivery Networks 122 4.7.4 Use of Cache Servers in Private Networks 123 5 Synchronization and Adaptation 125 5.1 End-to-End Model 125 5.2 Jitter 128 5.3 Packet Loss 129 5.4 Play-Out Time 130 5.4.1 Hypothetical Decoder 131 5.4.2 Multiple Streams 132 5.4.3 Adaptive Play-Out 133 5.5 Congestion Control 133 5.6 Delay 135 5.7 Queuing 138 5.8 Media Player 140 5.9 Storage and Retrieval 141 5.10 Integration Scripting Languages 143 5.11 Optimization 144 6 Session Initiation Protocol 147 6.1 SIP Basics 148 6.1.1 First Steps with SIP 148 6.1.2 SIP Servers 152 6.1.3 More SIP Methods 156 6.2 PSTN Interconnection 158 6.3 Conferencing 161 6.4 Presence 166 6.5 Network Address Translation 169 6.6 APIs and Scripting 172 6.7 Security and Safety 172 6.8 Planning a VoIP Company Telephony System 175 6.8.1 Dial Plan 177 6.8.2 Emergency 178 6.8.3 VoIP Network Planning 179 7 Other Standard VoIP Protocols 183 7.1 H.323 VoIP Family 183 7.1.1 H.225 185 7.1.2 H.245 189 7.1.3 Comparing SIP and H.323 191 7.2 T.120 Data Applications 192 7.3 Gateway Control 194 7.3.1 H.248 195 7.3.2 Signal Control 198 7.4 Mobile VoIP 202 7.4.1 IP Multimedia Subsystem 202 7.4.2 VoLTE 208 7.5 Skype 211 8 WebRTC 213 8.1 WebRTC Transport 215 8.1.1 ICE Revisited 217 8.2 RTP/SDP Adaptations 219 8.3 Interworking 220 9 Streaming and Over-the-Top TV 223 9.1 HTTP Live Streaming – Apple 224 9.2 Smooth Streaming – Microsoft 226 9.3 HTTP Dynamic Streaming – Adobe 227 9.4 Dynamic Adaptive Streaming over HTTP – DASH 229 9.4.1 History of MPEG-DASH 229 9.4.2 Description of MPEG-DASH 229 9.5 DASH and Network Interaction 233 9.5.1 Player Reaction to Network Conditions 234 9.5.2 Fairness, Efficiency, and Stability 234 9.5.3 Bufferbloat 235 9.6 Content Delivery Networks 237 9.6.1 CDN Technology 237 9.6.2 Akamai 240 9.6.3 The Future of CDNs 240 9.7 Providers 242 9.7.1 Amazon Instant Video 242 9.7.2 YouTube 242 9.7.3 Netflix 243 9.7.4 Hulu 243 9.7.5 Common Issues for all Providers 244 10 Home Networks 245 10.1 IETF Home Standards 246 10.1.1 IP Address Assignment 247 10.1.2 Name Resolution 247 10.1.3 Service Discovery – Zeroconf and Others 249 10.1.4 Zeroconf Implementations 251 10.2 UPnP 251 10.2.1 Service Discovery – UPnP 253 10.2.2 AV Architecture and its Elements 254 10.3 DLNA 260 10.4 Residential Gateway 261 10.4.1 IMS Integration 262 10.4.2 Network Separation 262 11 High-End IPTV 265 11.1 Overview of DVB IPTV 266 11.2 Live Media Broadcast 268 11.2.1 Retransmission 268 11.2.2 Channel Switch 271 11.3 Datacast Protocols 274 11.3.1 Flute 274 11.3.2 DVB SD&S Transport Protocol 276 11.3.3 Digital Storage Media – Command and Control 278 11.4 Management Functions 279 11.4.1 Service Discovery and Selection 279 11.4.2 Broadband Content Guide 280 11.4.3 Remote and Firmware Management 280 11.5 Content Download Service 282 11.6 Deployments 283 11.7 Companion Screen Application 285 11.8 Set-Top-Box Functions 288 11.9 Integration into Other Systems 289 11.9.1 IPTV and IMS 289 11.9.2 IPTV and IMS and WebRTC 290 11.9.3 IPTV and Home Network 290 12 Solutions and Summary 291 12.1 Global Webcast 291 12.2 Digital Signage Broadcasting 295 12.3 Call Center 297 12.3.1 Functional Components 297 12.3.2 Technical Components 299 12.4 Videoconference and TelePresence 303 12.4.1 Cisco’s Telepresence 305 12.4.2 Cisco’s Telepresence Transport Specifics 306 12.4.3 Cisco’s Telepresence Network Setup 308 12.5 Summary of Requirements versus Solutions 310 References 313 Index 345
£73.76
John Wiley & Sons Inc Selfhealing Control Technology for Distribution
Book SynopsisSystematically introduces self-healing control theory for distribution networks, rigorously supported by simulations and applications A comprehensive introduction to self-healing control for distribution networks Details the construction of self-healing control systems with simulations and applications Provides key principles for new generation protective relay and network protection Demonstrates how to monitor and manage system performance Highlights practical implementation of self-healing control technologies, backed by rigorous research data and simulationsTable of ContentsForeword ix Preface xi 1 Overview 1 1.1 Proposal of Smart Grid 1 1.2 Development Status of China’s Power Distribution Network Automation 2 1.3 Development of Self‐healing Control Theory 3 2 Architecture of Self‐healing Control System for Distribution Network 7 2.1 Characteristics 7 2.2 Structure of Self‐healing Control System 8 3 Advanced Application Software of Smart Dispatching and Self‐healing Control for Power Distribution Network 11 3.1 Design Principles of Application Software for Smart Dispatching Platform 11 3.2 Overall Structure of Automation System for Power Distribution Network 13 3.2.1 Supporting Platform Layer 13 3.2.1.1 Integration Bus Layer 13 3.2.1.2 Data Bus Layer 15 3.2.1.3 Public Service Layer 15 3.2.2 Application System Layer 16 3.3 Smart Dispatching Platform Functions 16 3.3.1 Supporting Platform 16 3.3.2 Operation Monitoring of Power Distribution Network 17 3.3.3 Information Interaction with Other Systems 19 3.3.4 Advanced Application Software of Self‐healing Control 21 4 A New Generation of Relay Protection for Distribution Networks 27 4.1 Principles and Application of Network Protection for Distribution Networks 27 4.2 Adaptive Protection 28 4.2.1 Development History and Features of Adaptive Protection 29 4.2.2 Realization Mode of Adaptive Protection 31 4.2.2.1 Local Adaptive Protection (Non‐channel Adaptive Protection) 32 4.2.2.2 Area/Wide‐Area Adaptive Protection 34 4.3 Networking Protection for Distribution Network 36 4.3.1 Concept of Networking Protection for Distribution Network 37 4.3.1.1 Networking Protection 37 4.3.1.2 Area/Wide‐Area Adaptive Protection Based on Networking – Networking Protection for Distribution Network 38 4.3.1.3 Distribution Network Automation System – Fundamental Framework of Networking Protection 39 4.3.1.4 Networking: An Effective Method for Realizing Area/Wide‐Area Adaptive Protection for Distribution Networks 42 4.3.2 Realization of Networking Protection for Distribution Network 44 4.3.2.1 System Framework of Networking Protection for Distribution Network 44 4.3.2.2 Dispatching Control Layer of Distribution Network 44 4.3.2.3 Substation Layer 44 4.3.2.4 Networking Bus Protection 46 4.3.2.5 Network Backup Automatic Switching 47 4.3.2.6 Network Adaptive Current Protection 49 5 Distribution Network Communication Technology and Networking 57 5.1 Introduction to Distribution Communications 57 5.2 Backbone Communication Network 59 5.2.1 SDH Technology 59 5.2.2 MSTP Technology 59 5.3 Distribution Communication Technology 60 5.3.1 EPON 60 5.3.1.1 EPON Technology and Characteristics 60 5.3.1.2 EPON Interface 63 5.3.1.3 EPON Transmission System 63 5.3.2 Industrial Ethernet 64 5.3.3 Wireless Communication 65 5.3.4 Power‐Line Carrier 66 5.4 Communication Networking Method of Power Distribution 68 5.4.1 Basic Topology 68 5.4.1.1 Networking Application 70 5.4.2 Industrial Ethernet 72 5.4.3 Wireless Communication 72 5.4.3.1 Short‐Distance Communication 72 5.4.3.2 TD‐LTE 73 5.4.4 Hybrid Networking 74 5.4.4.1 Optical Fiber + Power‐Line Carrier 77 5.4.4.2 Optical Fiber + Wireless 77 5.4.4.3 Power‐Line Carrier + Wireless 77 6 Detection Management System for Distribution Network Devices 81 6.1 Significance of Distribution Equipment Condition‐Based Monitoring and Maintenance 81 6.1.1 Equipment Condition Monitoring Technology 83 6.1.1.1 Common Sensors 83 6.1.1.2 Distribution Transformer Condition Monitoring and Diagnosis Technology 84 6.1.1.3 HV Breaker Condition‐Based Monitor 94 6.1.1.4 Lighting Arrester Condition Monitoring 105 6.1.1.5 Capacitive Equipment Status‐Detection System 119 6.2 Distribution Network Device Monitoring System and Network Monitoring Management System 128 6.2.1 Distribution Network Equipment Supervisory Terminal and Distribution Network System Terminal Layer 129 6.2.2 Condition Monitoring System Relies on Automation System Communication Channel 130 6.2.3 Primary Station for Distribution Equipment Condition‐Based Maintenance and Integration of DMS 131 6.2.4 Geological Information‐Based Distribution Network Condition Monitoring and Maintenance 132 6.2.4.1 Integration Mode 133 6.2.4.2 Information Interaction 134 6.2.5 Distribution Equipment Assessment and Condition Maintenance 135 6.2.5.1 Information Support 136 6.2.5.2 Distribution Device Condition Assessment 138 6.2.5.3 Device Risk Assessment 140 6.2.5.4 Fault Diagnosis 143 6.2.5.5 Condition Improvement and Maintenance 144 7 Implementation of Self‐healing Control Technology 147 7.1 Principle of Implementation of Self‐healing Control 147 7.1.1 Characteristics of Self‐healing Function 147 7.1.2 Basic Principle of Self‐healing Control 147 7.2 Self‐healing Control Method 149 7.2.1 Urban Distribution Network Self‐healing Control Method Based on Quantity of State 149 7.2.2 Self‐healing Control Method for Distribution Network Based on Distributed Power and Micro‐grid 151 7.2.3 Distribution Network Self‐healing Control Based on Coordination Control Model 151 7.3 Implementation of Distribution Network Self‐healing 159 7.3.1 Self‐adaptive Relay Protection Units 160 7.3.2 Relay Protection 161 7.3.2.1 Basic Requirements 161 7.3.2.2 Self‐adaption 161 7.3.3 SCADA/RTU 163 7.3.3.1 History of SCADA 163 7.3.3.2 Development of SCADA 164 7.3.4 Wide‐Area Measuring System and Phasor Measuring Unit 165 7.3.4.1 WAMS System 167 7.3.4.2 PMU/WAMS and SCADA/EMS 167 7.3.4.3 Application of PMU or WAMS 168 7.3.5 Smart Grid and WAMS 169 8 Pilot Project 171 8.1 Simulation Analysis 171 8.1.1 Components 171 8.1.2 Test Items 171 8.1.3 Information Flow of Simulation System 171 8.1.4 Test Results 171 8.1.4.1 System States 171 8.1.4.2 System Management 171 8.1.4.3 Self‐healing Control 171 8.1.4.4 Simulation Analysis 172 8.1.4.5 History Query 172 8.1.5 Simulation Cases 174 8.1.5.1 Simulation Case 1 174 8.1.5.2 Simulation Case 2 174 8.1.5.3 Simulation Case 3 175 8.2 Pilot Application 177 8.2.1 Requirements for Pilot Power Grid 177 8.2.2 Contents of Demonstration Project 178 8.2.3 Distribution Network of Pilot Project 178 9 Development Progress of Smart Grid in the World 189 9.1 Introduction 189 9.2 Current Situation of Chinese Smart Grid: China’s National Strategy 190 9.2.1 Distribution Network Automation 190 9.2.2 Standards Release 190 9.2.3 Research and Demonstration 190 9.3 Current Situation of Foreign Countries’ Smart Grid 193 9.3.1 United States 193 9.3.2 Europe 193 9.3.3 The Americas 194 9.3.4 Multinational Cooperation 194 9.3.5 EPRI USA Smart Grid Demonstration Initiative: 5 Year Update on Multinational Cooperation 195 9.4 Energy Network 196 9.5 Opportunities and Challenges 196 References 199 Postscript 201 Index 203
£106.98
John Wiley & Sons Inc Mastering Microsoft Exchange Server 2016
Book SynopsisA bestselling Exchange Server guide, updated for the 2016 release Mastering Microsoft Exchange Server 2016 is the gold-standard reference for system administrators and first-time users alike.Table of ContentsIntroduction xxvii Part 1 • Exchange Fundamentals 1 Chapter 1 • Putting Exchange Server 2016 in Context 3 Chapter 2 • Introducing the Changes in Exchange Server 2016 25 Chapter 3 • Understanding Availability, Recovery, and Compliance 41 Chapter 4 • Virtualizing Exchange Server 2016 71 Chapter 5 • Introduction to PowerShell and the Exchange Management Shell 91 Chapter 6 • Understanding the Exchange Autodiscover Process 145 Part 2 • Getting Exchange Server Running 169 Chapter 7 • Exchange Server 2016 Quick Start Guide 171 Chapter 8 • Understanding Server Roles and Configurations 195 Chapter 9 • Exchange Server 2016 Requirements 209 Chapter 10 • Installing Exchange Server 2016 227 Chapter 11 • Upgrades and Migrations to Exchange Server 2016 or Office 365 249 Part 3 • Recipient Administration 273 Chapter 12 • Management Permissions and Role-Based Access Control 275 Chapter 13 • Basics of Recipient Management 315 Chapter 14 • Managing Mailboxes and Mailbox Content 331 Chapter 15 • Managing Mail-Enabled Groups, Mail Users, and Mail Contacts 389 Chapter 16 • Managing Resource Mailboxes 413 Chapter 17 • Managing Modern Public Folders 435 Chapter 18 • Managing Archiving and Compliance 463 Part 4 • Server Administration 493 Chapter 19 • Creating and Managing Mailbox Databases 495 Chapter 20 • Creating and Managing Database Availability Groups 519 Chapter 21 • Understanding the Client Access Services 559 Chapter 22 • Managing Connectivity with Transport Services 597 Chapter 23 • Managing Transport, Data Loss Prevention, and Journaling Rules 635 Part 5 • Troubleshooting and Operating 665 Chapter 24 • Troubleshooting Exchange Server 2016 667 Chapter 25 • Backing Up and Restoring Exchange Server 691 Appendix • The Bottom Line 719 Index 753
£38.00
John Wiley & Sons Inc DNS Security Management
Book SynopsisAn advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS).Table of ContentsPreface xiii Acknowledgments xvii 1 INTRODUCTION 1 Why Attack DNS? 1 Network Disruption 2 DNS as a Backdoor 2 DNS Basic Operation 3 Basic DNS Data Sources and Flows 4 DNS Trust Model 5 DNS Administrator Scope 6 Security Context and Overview 7 Cybersecurity Framework Overview 7 Framework Implementation 9 What’s Next 15 2 INTRODUCTION TO THE DOMAIN NAME SYSTEM (DNS) 17 DNS Overview – Domains and Resolution 17 Domain Hierarchy 18 Name Resolution 18 Zones and Domains 23 Dissemination of Zone Information 25 Additional Zones 26 Resolver Configuration 27 Summary 29 3 DNS PROTOCOL AND MESSAGES 31 DNS Message Format 31 Encoding of Domain Names 31 Name Compression 32 Internationalized Domain Names 34 DNS Message Format 35 DNS Update Messages 43 The DNS Resolution Process Revisited 48 DNS Resolution Privacy Extension 55 Summary 56 4 DNS VULNERABILITIES 57 Introduction 57 DNS Data Security 57 DNS Information Trust Model 59 DNS Information Sources 60 DNS Risks 61 DNS Infrastructure Risks and Attacks 62 DNS Service Availability 62 Hardware/OS Attacks 63 DNS Service Denial 63 Pseudorandom Subdomain Attacks 67 Cache Poisoning Style Attacks 67 Authoritative Poisoning 71 Resolver Redirection Attacks 73 Broader Attacks that Leverage DNS 74 Network Reconnaissance 75 DNS Rebinding Attack 77 Reflector Style Attacks 78 Data Exfiltration 79 Advanced Persistent Threats 81 Summary 83 5 DNS TRUST SECTORS 85 Introduction 85 Cybersecurity Framework Items 87 Identify 87 Protect 87 Detect 88 DNS Trust Sectors 88 External DNS Trust Sector 91 Basic Server Configuration 93 DNS Hosting of External Zones 97 External DNS Diversity 97 Extranet DNS Trust Sector 98 Recursive DNS Trust Sector 99 Tiered Caching Servers 100 Basic Server Configuration 101 Internal Authoritative DNS Servers 103 Basic Server Configuration 105 Additional DNS Deployment Variants 108 Internal Delegation DNS Master/Slave Servers 109 Multi-Tiered Authoritative Configurations 109 Hybrid Authoritative/Caching DNS Servers 111 Stealth Slave DNS Servers 111 Internal Root Servers 111 Deploying DNS Servers with Anycast Addresses 113 Other Deployment Considerations 118 High Availability 118 Multiple Vendors 118 Sizing and Scalability 118 Load Balancers 119 Lab Deployment 119 Putting It All Together 119 6 SECURITY FOUNDATION 121 Introduction 121 Hardware/Asset Related Framework Items 122 Identify: Asset Management 122 Identify: Business Environment 123 Identify: Risk Assessment 124 Protect: Access Control 126 Protect: Data Security 127 Protect: Information Protection 129 Protect: Maintenance 130 Detect: Anomalies and Events 131 Detect: Security Continuous Monitoring 131 Respond: Analysis 132 Respond: Mitigation 132 Recover: Recovery Planning 133 Recover: Improvements 133 DNS Server Hardware Controls 134 DNS Server Hardening 134 Additional DNS Server Controls 136 Summary 137 7 SERVICE DENIAL ATTACKS 139 Introduction 139 Denial of Service Attacks 139 Pseudorandom Subdomain Attacks 141 Reflector Style Attacks 143 Detecting Service Denial Attacks 144 Denial of Service Protection 145 DoS/DDoS Mitigation 145 Bogus Queries Mitigation 147 PRSD Attack Mitigation 148 Reflector Mitigation 148 Summary 151 8 CACHE POISONING DEFENSES 153 Introduction 153 Attack Forms 154 Packet Interception or Spoofing 154 ID Guessing or Query Prediction 155 Name Chaining 155 The Kaminsky DNS Vulnerability 156 Cache Poisoning Detection 159 Cache Poisoning Defense Mechanisms 160 UDP Port Randomization 160 Query Name Case Randomization 161 DNS Security Extensions 161 Last Mile Protection 167 9 SECURING AUTHORITATIVE DNS DATA 169 Introduction 169 Attack Forms 170 Resolution Data at Rest 170 Domain Registries 170 DNS Hosting Providers 171 DNS Data in Motion 172 Attack Detection 172 Authoritative Data 172 Domain Registry 173 Domain Hosting 173 Falsified Resolution 173 Defense Mechanisms 174 Defending DNS Data at Rest 174 Defending Resolution Data in Motion with DNSSEC 176 Summary 186 10 ATTACKER EXPLOITATION OF DNS 187 Introduction 187 Network Reconnaissance 187 Data Exfiltration 188 Detecting Nefarious use of DNS 189 Detecting Network Reconnaissance 189 DNS Tunneling Detection 190 Mitigation of Illicit DNS Use 193 Network Reconnaissance Mitigation 193 Mitigation of DNS Tunneling 193 11 MALWARE AND APTS 195 Introduction 195 Malware Proliferation Techniques 196 Phishing 196 Spear Phishing 196 Downloads 196 File Sharing 197 Email Attachments 197 Watering Hole Attack 197 Replication 197 Implantation 197 Malware Examples 198 Malware Use of DNS 198 DNS Fluxing 198 Dynamic Domain Generation 202 Detecting Malware 202 Detecting Malware Using DNS Data 203 Mitigating Malware Using DNS 206 Malware Extrication 206 DNS Firewall 207 Summary 210 12 DNS SECURITY STRATEGY 213 Major DNS Threats and Mitigation Approaches 214 Common Controls 214 Disaster Defense 214 Defenses Against Human Error 220 DNS Role-Specific Defenses 220 Stub Resolvers 220 Forwarder DNS Servers 221 Recursive Servers 221 Authoritative Servers 222 Broader Security Strategy 222 Identify Function 223 Protect Function 224 Detect Function 225 Respond Function 226 Recover Function 227 13 DNS APPLICATIONS TO IMPROVE NETWORK SECURITY 229 Safer Web Browsing 230 DNS-Based Authentication of Named Entities (DANE) 230 Email Security 232 Email and DNS 233 DNS Block Listing 237 Sender Policy Framework (SPF) 238 Domain Keys Identified Mail (DKIM) 242 Domain-Based Message Authentication, Reporting, and Conformance (DMARC) 245 Securing Automated Information Exchanges 246 Dynamic DNS Update Uniqueness Validation 246 Storing Security-Related Information 247 Other Security Oriented DNS Resource Record Types 247 Summary 251 14 DNS SECURITY EVOLUTION 253 Appendix A: Cybersecurity Framework Core DNS Example 257 Appendix B: DNS Resource Record Types 285 Bibliography 291 Index 299
£81.86
John Wiley & Sons Inc Network Forensics
Book SynopsisIntensively hands-on training for real-world network forensics Network Forensics provides a uniquely practical guide for IT and law enforcement professionals seeking a deeper understanding of cybersecurity.Table of ContentsIntroduction xxi 1 Introduction to Network Forensics 1 What Is Forensics? 3 Handling Evidence 4 Cryptographic Hashes 5 Chain of Custody 8 Incident Response 8 The Need for Network Forensic Practitioners 10 Summary 11 References 12 2 Networking Basics 13 Protocols 14 Open Systems Interconnection (OSI) Model 16 TCP/IP Protocol Suite 18 Protocol Data Units 19 Request for Comments 20 Internet Registries 23 Internet Protocol and Addressing 25 Internet Protocol Addresses 28 Internet Control Message Protocol (ICMP) 31 Internet Protocol Version 6 (IPv6) 31 Transmission Control Protocol (TCP) 33 Connection-Oriented Transport 36 User Datagram Protocol (UDP) 38 Connectionless Transport 39 Ports 40 Domain Name System 42 Support Protocols (DHCP) 46 Support Protocols (ARP) 48 Summary 49 References 51 3 Host-Side Artifacts 53 Services 54 Connections 60 Tools 62 netstat 63 nbstat 66 ifconfi g/ipconfi g 68 Sysinternals 69 ntop 73 Task Manager/Resource Monitor 75 ARP 77 /proc Filesystem 78 Summary 79 4 Packet Capture and Analysis 81 Capturing Packets 82 Tcpdump/Tshark 84 Wireshark 89 Taps 91 Port Spanning 93 ARP Spoofi ng 94 Passive Scanning 96 Packet Analysis with Wireshark 98 Packet Decoding 98 Filtering 101 Statistics 102 Following Streams 105 Gathering Files 106 Network Miner 108 Summary 110 5 Attack Types 113 Denial of Service Attacks 114 SYN Floods 115 Malformed Packets 118 UDP Floods 122 Amplifi cation Attacks 124 Distributed Attacks 126 Backscatter 128 Vulnerability Exploits 130 Insider Threats 132 Evasion 134 Application Attacks 136 Summary 140 6 Location Awareness 143 Time Zones 144 Using whois 147 Traceroute 150 Geolocation 153 Location-Based Services 156 WiFi Positioning 157 Summary 158 7 Preparing for Attacks 159 NetFlow 160 Logging 165 Syslog 166 Windows Event Logs 171 Firewall Logs 173 Router and Switch Logs 177 Log Servers and Monitors 178 Antivirus 180 Incident Response Preparation 181 Google Rapid Response 182 Commercial Offerings 182 Security Information and Event Management 183 Summary 185 8 Intrusion Detection Systems 187 Detection Styles 188 Signature-Based 188 Heuristic 189 Host-Based versus Network-Based 190 Snort 191 Suricata and Sagan 201 Bro 203 Tripwire 205 OSSEC 206 Architecture 206 Alerting 207 Summary 208 9 Using Firewall and Application Logs 211 Syslog 212 Centralized Logging 216 Reading Log Messages 220 LogWatch 222 Event Viewer 224 Querying Event Logs 227 Clearing Event Logs 231 Firewall Logs 233 Proxy Logs 236 Web Application Firewall Logs 238 Common Log Format 240 Summary 243 10 Correlating Attacks 245 Time Synchronization 246 Time Zones 246 Network Time Protocol 247 Packet Capture Times 249 Log Aggregation and Management 251 Windows Event Forwarding 251 Syslog 252 Log Management Offerings 254 Timelines 257 Plaso 258 PacketTotal 259 Wireshark 261 Security Information and Event Management 262 Summary 263 11 Network Scanning 265 Port Scanning 266 Operating System Analysis 271 Scripts 273 Banner Grabbing 275 Ping Sweeps 278 Vulnerability Scanning 280 Port Knocking 285 Tunneling 286 Passive Data Gathering 287 Summary 289 12 Final Considerations 291 Encryption 292 Keys 293 Symmetric 294 Asymmetric 295 Hybrid 296 SSL/TLS 297 Cloud Computing 306 Infrastructure as a Service 306 Storage as a Service 309 Software as a Service 310 Other Factors 311 The Onion Router (TOR) 314 Summary 317 Index 319
£45.12
John Wiley & Sons Inc CCNA Security Study Guide
Book SynopsisCisco has announced big changes to its certification program. As of February 24, 2020, all current certifications will be retired, and Cisco will begin offering new certification programs. The good news is if you're working toward any current CCNA certification, keep going. You have until February 24, 2020 to complete your current CCNA. If you already have CCENT/ICND1 certification and would like to earn CCNA, you have until February 23, 2020 to complete your CCNA certification in the current program. Likewise, if you're thinking of completing the current CCENT/ICND1, ICND2, or CCNA Routing and Switching certification, you can still complete them between now and February 23, 2020. Lay the foundation for a successful career in network security CCNA Security Study Guide offers comprehensive review for Exam 210-260. Packed with concise explanations of core security concepts, this book is designed to help you sucTable of ContentsIntroduction xxi Assessment Test xxxi Chapter 1 Understanding Security Fundamentals 1 Goals of Security 2 Confidentiality 2 Integrity 3 Availability 3 Guiding Principles 3 Common Security Terms 6 Risk Management Process 7 Network Topologies 15 CAN 15 WAN 16 Data Center 16 SOHO 17 Virtual 17 Common Network Security Zones 17 DMZ 17 Intranet and Extranet 18 Public and Private 18 VLAN 18 Summary 19 Exam Essentials 19 Review Questions 20 Chapter 2 Understanding Security Threats 25 Common Network Attacks 26 Motivations 26 Classifying Attack Vectors 27 Spoofing 28 Password Attacks 29 Reconnaissance Attacks 30 Buffer Overflow 34 DoS 34 DDoS 36 Man-in-the-Middle Attack 37 ARP Poisoning 37 Social Engineering 38 Phishing/Pharming 38 Prevention 38 Malware 39 Data Loss and Exfiltration 39 Summary 40 Exam Essentials 40 Review Questions 42 Chapter 3 Understanding Cryptography 45 Symmetric and Asymmetric Encryption 46 Ciphers 46 Algorithms 48 Hashing Algorithms 53 MD5 54 SHA-1 54 SHA-2 54 HMAC 55 Digital Signatures 55 Key Exchange 57 Application: SSH 57 Public Key Infrastructure 57 Public and Private Keys 58 Certificates 60 Certificate Authorities 61 PKI Standards 63 PKI Topologies 64 Certificates in the ASA 65 Cryptanalysis 67 Summary 68 Exam Essentials 68 Review Questions 69 Chapter 4 Securing the Routing Process 73 Securing Router Access 74 Configuring SSH Access 74 Configuring Privilege Levels in IOS 76 Configuring IOS Role-Based CLI 77 Implementing Cisco IOS Resilient Configuration 79 Implementing OSPF Routing Update Authentication 80 Implementing OSPF Routing Update Authentication 80 Implementing EIGRP Routing Update Authentication 82 Securing the Control Plane 82 Control Plane Policing 83 Summary 84 Exam Essentials 85 Review Questions 86 Chapter 5 Understanding Layer 2 Attacks 91 Understanding STP Attacks 92 Understanding ARP Attacks 93 Understanding MAC Attacks 95 Understanding CAM Overflows 96 Understanding CDP/LLDP Reconnaissance 97 Understanding VLAN Hopping 98 Switch Spoofing 98 Double Tagging 99 Understanding DHCP Spoofing 99 Summary 101 Exam Essentials 101 Review Questions 102 Chapter 6 Preventing Layer 2 Attacks 107 Configuring DHCP Snooping 108 Configuring Dynamic ARP Inspection 110 Configuring Port Security 112 Configuring STP Security Features 114 BPDU Guard 114 Root Guard 115 Loop Guard 115 Disabling DTP 116 Verifying Mitigations 116 DHCP Snooping 116 DAI 117 Port Security 118 STP Features 118 DTP 120 Summary 120 Exam Essentials 121 Review Questions 122 Chapter 7 VLAN Security 127 Native VLANs 128 Mitigation 128 PVLANs 128 PVLAN Edge 131 PVLAN Proxy Attack 132 ACLs on Switches 133 Port ACLs 133 VLAN ACLs 133 Summary 134 Exam Essentials 134 Review Questions 136 Chapter 8 Securing Management Traffic 141 In-Band and Out-of-Band Management 142 AUX Port 142 VTY Ports 143 HTTPS Connection 144 SNMP 144 Console Port 145 Securing Network Management 146 SSH 146 HTTPS 146 ACLs 146 Banner Messages 147 Securing Access through SNMP v3 149 Securing NTP 150 Using SCP for File Transfer 151 Summary 151 Exam Essentials 152 Review Questions 153 Chapter 9 Understanding 802.1x and AAA 157 802.1x Components 158 RADIUS and TACACS+ Technologies 159 Configuring Administrative Access with TACACS+ 160 Local AAA Authentication and Accounting 160 SSH Using AAA 161 Understanding Authentication and Authorization Using ACS and ISE 161 Understanding the Integration of Active Directory with AAA 162 TACACS+ on IOS 162 Verify Router Connectivity to TACACS+ 164 Summary 164 Exam Essentials 165 Review Questions 166 Chapter 10 Securing a BYOD Initiative 171 The BYOD Architecture Framework 172 Cisco ISE 172 Cisco TrustSec 174 The Function of Mobile Device Management 177 Integration with ISE Authorization Policies 177 Summary 178 Exam Essentials 179 Review Questions 180 Chapter 11 Understanding VPNs 185 Understanding IPsec 186 Security Services 186 Protocols 189 Delivery Modes 192 IPsec with IPV6 194 Understanding Advanced VPN Concepts 195 Hairpinning 195 Split Tunneling 196 Always-on VPN 197 NAT Traversal 198 Summary 199 Exam Essentials 199 Review Questions 200 Chapter 12 Configuring VPNs 203 Configuring Remote Access VPNs 204 Basic Clientless SSL VPN Using ASDM 204 Verify a Clientless Connection 207 Basic AnyConnect SSL VPN Using ASDM 207 Verify an AnyConnect Connection 209 Endpoint Posture Assessment 209 Configuring Site-to-Site VPNs 209 Implement an IPsec Site-to-Site VPN with Preshared Key Authentication 209 Verify an IPsec Site-to-Site VPN 212 Summary 212 Exam Essentials 213 Review Questions 214 Chapter 13 Understanding Firewalls 219 Understanding Firewall Technologies 220 Packet Filtering 220 Proxy Firewalls 220 Application Firewall 221 Personal Firewall 221 Stateful vs. Stateless Firewalls 222 Operations 222 State Table 223 Summary 224 Exam Essentials 224 Review Questions 225 Chapter 14 Configuring NAT and Zone-Based Firewalls 229 Implementing NAT on ASA 9.x 230 Static 231 Dynamic 232 PAT 233 Policy NAT 233 Verifying NAT Operations 235 Configuring Zone-Based Firewalls 236 Class Maps 237 Default Policies 237 Configuring Zone-to-Zone Access 239 Summary 240 Exam Essentials 240 Review Questions 241 Chapter 15 Configuring the Firewall on an ASA 245 Understanding Firewall Services 246 Understanding Modes of Deployment 247 Routed Firewall 247 Transparent Firewall 247 Understanding Methods of Implementing High Availability 247 Active/Standby Failover 248 Active/Active Failover 248 Clustering 249 Understanding Security Contexts 249 Configuring ASA Management Access 250 Initial Configuration 250 Configuring Cisco ASA Interface Security Levels 251 Security Levels 251 Configuring Security Access Policies 253 Interface Access Rules 253 Object Groups 254 Configuring Default Cisco Modular Policy Framework (MPF) 256 Summary 257 Exam Essentials 257 Review Questions 259 Chapter 16 Intrusion Prevention 263 IPS Terminology 264 Threat 264 Risk 264 Vulnerability 265 Exploit 265 Zero-Day Threat 265 Actions 265 Network-Based IPS vs. Host-Based IPS 266 Host-Based IPS 266 Network-Based IPS 266 Promiscuous Mode 266 Detection Methods 267 Evasion Techniques 267 Packet Fragmentation 267 Injection Attacks 270 Alternate String Expressions 271 Introducing Cisco FireSIGHT 271 Capabilities 271 Protections 272 Understanding Modes of Deployment 273 Inline 275 Positioning of the IPS within the Network 275 Outside 275 DMZ 276 Inside 277 Understanding False Positives, False Negatives, True Positives, and True Negatives 277 Summary 278 Exam Essentials 278 Review Questions 280 Chapter 17 Content and Endpoint Security 285 Mitigating Email Threats 286 Spam Filtering 286 Context-Based Filtering 287 Anti-malware Filtering 287 DLP 287 Blacklisting 288 Email Encryption 288 Cisco Email Security Appliance 288 Putting the Pieces Together 290 Mitigating Web-Based Threats 292 Understanding Web Proxies 292 Cisco Web Security Appliance 293 Mitigating Endpoint Threats 294 Cisco Identity Services Engine (ISE) 294 Antivirus/Anti-malware 294 Personal Firewall 294 Hardware/Software Encryption of Local Data 294 HIPS 295 Summary 295 Exam Essentials 295 Review Questions 296 Appendix Answers to Review Questions 301 Chapter 1: Understanding Security Fundamentals 302 Chapter 2: Understanding Security Threats 304 Chapter 3: Understanding Cryptography 305 Chapter 4: Securing the Routing Process 307 Chapter 5: Understanding Layer 2 Attacks 309 Chapter 6: Preventing Layer 2 Attacks 311 Chapter 7: VLAN Security 312 Chapter 8: Securing Management Traffic 314 Chapter 9: Understanding 802.1x and AAA 316 Chapter 10: Securing a BYOD Initiative 317 Chapter 11: Understanding VPNs 319 Chapter 12: Configuring VPNs 321 Chapter 13: Understanding Firewalls 322 Chapter 14: Configuring NAT and Zone-Based Firewalls 324 Chapter 15: Configuring the Firewall on an ASA 325 Chapter 16: Intrusion Prevention 327 Chapter 17: Content and Endpoint Security 328 Index 331
£30.39
John Wiley & Sons Inc Risk Communication
Book SynopsisTHE ESSENTIAL HANDBOOK FOR EFFECTIVELY COMMUNICATING ENVIRONMENTAL, SAFETY, AND HEALTH RISKS, FULLY REVISED AND UPDATED Now in its sixth edition, Risk Communication has proven to be a valuable resource for people who are tasked with the responsibility of understanding how to apply the most current approaches to care, consensus, and crisis communication. The sixth edition updates the text with fresh and illustrative examples, lessons learned, and recent research as well as provides advice and guidelines for communicating risk information in the United States and other countries. The authors help readers understand the basic theories and practices of risk communication and explain how to plan an effective strategy and put it into action. The book also contains information on evaluating risk communication efforts and explores how to communicate risk during and after an emergency. Risk Communication brings together in one resource proven scientiTable of ContentsList of Figures XVII List of Tables XIX Preface XXI About the Authors XXIII 1 INTRODUCTION 1 To Begin 2 The Risk Communication Process 6 Audiences, Situations, and Purposes 8 References 8 PART I UNDERSTANDING RISK COMMUNICATION 2 APPROACHES TO COMMUNICATING RISK 11 Cross-Cutting Risk Communication Approaches 12 Care Communication Approaches 20 Consensus Communication Approach 23 Crisis Communication Approaches 24 Summary 26 References 26 Additional Resources 28 3 LAWS THAT MANDATE RISK COMMUNICATION 29 Comprehensive Environmental Response, Compensation, and Liability Act 30 Emergency Planning and Community Right-to-Know Act 31 Executive Order 12898, Environmental Justice in Minority Populations and Low-Income Populations 34 Executive Order 13045, Reduce Environmental Health and Safety Risks to Children 34 Food and Drug Administration Regulations on Prescription Drug Communication 35 National Environmental Policy Act 35 Natural Resource Damage Assessment 36 Occupational Safety and Health Act 37 Resource Conservation and Recovery Act 39 Risk Management Plan Rule 39 Privacy Rule 39 Other Government Inducements 40 Summary 42 References 42 Additional Resources 43 4 CONSTRAINTS TO EFFECTIVE RISK COMMUNICATION 45 Constraints on the Communicator 45 Constraints from the Audience 55 Constraints for Both Communicator and Audience 63 Summary 65 References 65 Additional Resources 67 5 ETHICAL ISSUES 69 Social Ethics 70 Organizational Ethics 77 Personal Ethics 82 Summary 85 References 85 Additional Resources 86 6 PRINCIPLES OF RISK COMMUNICATION 89 Principles of Process 90 Principles of Presentation 95 Principles for Comparing Risks 100 Summary 104 References 104 Additional Resources 105 PART II PLANNING THE RISK COMMUNICATION EFFORT 7 DETERMINE PURPOSE AND OBJECTIVES 109 Factors That Influence Purpose and Objectives 110 Reference 114 Additional Resources 115 8 ANALYZE YOUR AUDIENCE 117 Begin with Purpose and Objectives 118 Choose a Level of Analysis 119 Determine Key Audience Characteristics 122 Determine How to Find Audience Analysis Information 125 Incorporate Audience Analysis Information into Risk Communication Efforts 129 References 132 Additional Resources 133 9 DEVELOP YOUR MESSAGE 135 Common Pitfalls 136 Information People Want 139 Mental Models 141 Message Mapping and Message Development Templates 144 Health Risk Communication 144 Crisis Communication 147 References 150 Additional Resource 151 10 DETERMINE THE APPROPRIATE METHODS 153 Information Materials 153 Visual Representation of Risk 155 Face-to-Face Communication 156 The News Media 158 Stakeholder Participation 160 Technology-Assisted Communication 162 Social Media 163 Partnerships 164 Additional Resources 166 11 SET A SCHEDULE 167 Legal Requirements 167 Organizational Requirements 168 The Scientific Process 169 Ongoing Activities 169 Audience Needs 170 Reference 172 12 DEVELOP A COMMUNICATION PLAN 173 What to Include in a Communication Plan 174 Developing Risk Communication Strategies 177 References 183 Additional Resources 184 PART III PUTTING RISK COMMUNICATION INTO ACTION 13 INFORMATION MATERIALS 187 Constructing Information Materials 187 Guidelines for Specific Types of Information Materials 195 References 202 Additional Resources 202 14 VISUAL REPRESENTATIONS OF RISKS 203 Design Visuals for Specific Audiences and Uses 205 Match the Visual Portrayal to the Information to Be Conveyed 207 Pretest Graphics with Those Who Will Use Them 209 Using Visuals to Personalize Risk Information 213 Comparing Risks in Visual Formats 213 Static versus Interactive Visuals 216 Depicting Probability and Uncertainty 218 Warning Labels 227 Consider Using Action Levels 230 Ethical Portrayal of Risk Information 232 Using Visual Information in Group Decision Making 235 References 236 Additional Resources 239 15 FACE-TO-FACE COMMUNICATION 241 Constructing Face-to-Face Messages 242 Guidelines for Specific Types of Face-to-Face Communication 247 References 258 Additional Resource 258 16 NEWS MEDIA 259 The Roles of the News Media in Risk Communication 260 Understanding Cultural Differences 263 Guidelines for Interacting with the News Media 266 Getting the Word Out 275 Dealing with Fake News 279 References 281 Additional Resources 283 17 STAKEHOLDER PARTICIPATION 285 Requirements for Stakeholder Participation 286 Guidelines for Specific Types of Stakeholder Participation Activities 290 References 311 Additional Resources 312 18 TECHNOLOGY-ASSISTED COMMUNICATION 315 Choosing Technology-Based Applications 316 Workplace Risk Communication 317 Web-Delivered and Stand-Alone Multimedia Programs 322 Traditional Electronic Forums 327 Interactive Multimedia Programs in Public Places 328 Technology in Care Communication 331 Technology in Consensus Communication 332 Technology in Crisis Communication 336 References 343 Additional Resources 345 19 SOCIAL MEDIA 347 General Principles on Participating in Social Media to Communicate Risk 348 Sharing Content via Social Media 354 Engaging with Stakeholders 355 Monitoring Changes in Perception via Social Media 356 Guidelines for Specific Types of Social Media 358 Evaluating Social Media Effectiveness 362 Dealing with Fake News 364 References 367 Additional Resources 369 20 PARTNERSHIPS 371 Categories of Partnerships 372 General Principles for Working in Partnership 374 Working with Influencers 378 Evaluating and Ending Partnerships 381 References 383 Additional Resources 384 PART IV EVALUATING RISK COMMUNICATION EFFORTS 21 EVALUATION OF RISK COMMUNICATION EFFORTS 387 Why Evaluate Risk Communication Efforts? 387 The Meaning of Success 388 Types of Evaluations 391 Conducting the Evaluation 393 References 397 Additional Resources 398 PART V SPECIAL CASES IN RISK COMMUNICATION 22 EMERGENCY RISK COMMUNICATION 401 Understanding Emergency Risk Communication 402 Planning for the Unexpected 409 Communicating During an Emergency 436 Communicating After an Emergency 448 References 452 Additional Resources 456 23 INTERNATIONAL RISK COMMUNICATION 457 Recognize the Similarities 458 Account for Cultural Differences 459 Look for “Your” Risk in Other Countries 461 Plan for Cross-Country Communication 463 References 466 Additional Resources 468 24 PUBLIC HEALTH CAMPAIGNS 471 Understand Your Goals 472 Use Research to Design Campaigns 473 Use Multiple Methods to Reach People 474 When Things Go Wrong 479 Evaluate Success 481 References 485 Additional Resources 486 RESOURCES 489 General Risk Communication Resources 489 Environmental Risk Communication Resources 491 Safety Risk Communication Resources 491 Health Risk Communication Resources 492 Care Communication Resources 493 Consensus Communication Resources 493 Crisis Communication Resources 494 GLOSSARY 497 INDEX 501
£64.76
John Wiley & Sons Inc Mastering VMware NSX for vSphere
Book SynopsisA clear, comprehensive guide to VMware's latest virtualization solution Mastering VMware NSX for vSphere is the ultimate guide to VMware's network security virtualization platform. Written by a rock star in the VMware community, this book offers invaluable guidance and crucial reference for every facet of NSX, with clear explanations that go far beyond the public documentation. Coverage includes NSX architecture, controllers, and edges; preparation and deployment; logical switches; VLANS and VXLANS; logical routers; virtualization; edge network services; firewall security; and much more to help you take full advantage of the platform's many features. More and more organizations are recognizing both the need for stronger network security and the powerful solution that is NSX; usage has doubled in the past year alone, and that trend is projected to growand these organizations need qualified professionals who know how to work effectively with the NSX platform. This book covers everythiTable of ContentsIntroduction xvii Chapter 1 Abstracting Network and Security 1 Networks: 1990s 1 Colocation 2 Workload-to-Server Ratio 3 Inefficient Resource Allocation 3 The Long Road to Provisioning 3 Data Centers Come of Age 4 Data Center Workloads 4 Workloads Won’t Stay Put 5 VMware 6 Virtualization 6 What is Happening in There? 6 Portability 8 Virtualize Away 8 Extending Virtualization to Storage 9 Virtual Networking and Security 9 NSX to the Rescue 10 The Bottom Line 13 Chapter 2 NSX Architecture and Requirements 15 NSX Network Virtualization 16 Planes of Operation 16 NSX Manager Role and Function 18 ESXi Hosts 19 vCenter Server 20 vSphere Distributed Switch 21 NSX VIBs 23 Competitive Advantage: IOChain 24 IOChain Security Features 24 NSX Controllers 25 NSX Controller Clustering 26 NSX Controller Roles 26 NSX Edge 28 ESG Sizing 30 NSX Role-Based Access Control 30 Overlay and Underlay Networks 32 Replication Modes for Traffic Going to Multiple Destinations 34 The Bottom Line 36 Chapter 3 Preparing NSX 39 NSX Manager Prerequisites 39 Open Ports and Name Resolution 40 Minimum Resource Requirements for NSX Data Center Appliances 40 vSphere HA and DRS 41 IP Addressing and Port Groups 43 Installing the Client Integration Plug-in 44 Installing NSX Manager 44 Associating NSX Manager to vCenter 46 Adding AD/LDAP to NSX 47 Linking Multiple NSX Managers Together (Cross- vCenter NSX) 51 Multi-site Consistency with Universal Components 51 Primary and Secondary NSX Managers 53 Preparing ESXi Clusters for NSX 54 Creating a Universal Transport Zone on the Primary NSX Manager 56 vSphere Distributed Switches Membership 57 Adding Secondary NSX Managers 58 The Bottom Line 59 Chapter 4 Distributed Logical Switch 61 vSphere Standard Switch (vSS) 62 Traffic Shaping 63 Understanding Port Groups 64 NIC Teaming 65 Ensuring Security 66 Virtual Distributed Switch (vDS) 67 Virtual eXtensible LANs (VXLANs) 68 Employing Logical Switches 71 Three Tables That Store VNI Information 73 Collecting VNI Information 74 Centralized MAC Table 75 VTEP Table 76 We Might as Well Talk about ARP Now 79 Filling In the L2 and L3 Headers 79 Switch Security Module 81 Understanding Broadcast, Unknown Unicast, and Multicast 83 Layer 2 Flooding 83 Replication Modes 83 Deploying Logical Switches 84 Creating a Logical Switch 85 The Bottom Line 85 Chapter 5 Marrying VLANs and VXLANs 87 Shotgun Wedding: Layer 2 Bridge 87 Architecture 88 Challenges 89 Deployment 90 Under the Hood 102 Layer 2 VPN 102 NSX Native L2 Bridging 103 Hardware Switches to the Rescue 103 Hardware VTEPs 103 Deployment 104 Under the Hood 104 The Bottom Line 105 Chapter 6 Distributed Logical Router 107 Distributed Logical Router (DLR) 107 Control Plane Smarts 108 Logical Router Control Virtual Machine 108 Understanding DLR Efficiency 111 Another Concept to Consider 115 Let’s Get Smart about Routing 117 OSPF 119 Border Gateway Protocol (BGP) 120 Oh Yeah, Statics Too 123 Deploying Distributed Logical Routers 125 The Bottom Line 134 Chapter 7 NFV: Routing with NSX Edges 137 Network Function Virtualization: NSX Has It Too 137 This is Nice: Edge HA A 138 Adding HA 139 Let’s Do Routing Like We Always Do 140 Deploying the Edge Services Gateway 144 Configuring BGP 151 Configuring OSPF 154 Configuring Static Routes 155 Routing with the DLR and ESG 156 Using CLI Commands 156 Default Behaviors to Be Aware Of 157 Equal Cost Multi-Path Routing157 The Bottom Line 160 Chapter 8 More NVF: NSX Edge Services Gateway 163 ESG Network Placement 163 Network Address Translation 164 Configuring Source NAT 166 Configuring Destination NAT 166 Configuring SNAT on the ESG 167 Configuring DNAT on the ESG 169 ESG Load Balancer 171 Configuring an ESG Load Balancer 173 Layer 2 VPN (If You Must) 178 Secure Sockets Layer Virtual Private Network 179 Split Tunneling 180 Configuring SSL VPN 180 Internet Protocol Security VPN 187 Understanding NAT Traversal 188 Configuring IPsec Site-to-Site VPN with the ESG 188 Round Up of Other Services 190 DHCP Service 191 Configuring the ESG as a DHCP Server 192 DHCP Relay 194 Configuring the DLR for DHCP Relay 196 DNS Relay 198 Configuring DNS Relay on the ESG 199 The Bottom Line 200 Chapter 9 NSX Security, the Money Maker 203 Traditional Router ACL Firewall 203 I Told You about the IOChain 204 Slot 2: Distributed Firewall 206 Under the Hood 207 Adding DFW Rules 210 Segregating Firewall Rules 214 IP Discovery 215 Gratuitous ARP Used in ARP Poisoning Attacks 216 Why is My Traffic Getting Blocked? 218 Great, Now It’s Being Allowed 219 Identity Firewall: Rules Based on Who Logs In 220 Distributing Firewall Rules to Each ESXi Host: What’s Happening? 220 The Bottom Line 222 Chapter 10 Service Composer and Third-Party Appliances 223 Security Groups 224 Dynamic Inclusion 225 Static Inclusion 226 Static Exclusion 226 Defining a Security Group through Static Inclusion 227 Defining a Security Group through Dynamic Inclusion 229 Customizing a Security Group with Static Exclusion 231 Defining a Security Group Using Security Tags 231 Adding to DFW Rules 233 Service Insertion 236 IOChain, the Gift that Keeps on Giving 236 Layer 7 Stuff: Network Introspection 236 Guest Introspection 237 Service Insertion Providers 238 Security Policies 239 Creating Policies 239 Enforcing Policies 243 The Bottom Line 245 Chapter 11 vRealize Automation and REST APIs 247 vRealize Automation Features 247 vRA Editions 249 Integrating vRA and NSX 250 vRealize Automation Endpoints 250 Associating NSX Manager with vRealize Automation 252 Network Profiles 253 vRA External, Routed, and NAT Network Profiles 255 Reservations 258 vRealize Orchestrator Workflows 261 Creating a Blueprint for One Machine261 Adding NSX Workflow to a Blueprint 264 Creating a Request Service in the vRA Catalog 265 Configuring an Entitlement 268 Deploying a Blueprint that Consumes NSX Services 271 REST APIs 273 NSX REST API GET Request 275 NSX REST API POST Request 275 NSX REST API DELETE Request 276 The Bottom Line 277 Appendix The Bottom Line 279 Chapter 1: Abstracting Network and Security 279 Chapter 2: NSX Architecture and Requirements 280 Chapter 3: Preparing NSX 280 Chapter 4: Distributed Logical Switch 281 Chapter 5: Marrying VLANs and VXLANs 283 Chapter 6: Distributed Logical Router 284 Chapter 7: NFV: Routing with NSX Edges 286 Chapter 8: More NVF: NSX Edge Services Gateway 287 Chapter 9: NSX Security, the Money Maker 289 Chapter 10: Service Composer and Third-Party Appliances 290 Chapter 11: vRealize Automation and REST APIs 291 Index 293
£35.62
John Wiley & Sons Inc Windows Server 2019 PowerShell AllinOne For
Book SynopsisTable of ContentsIntroduction 1 About This Book 1 Foolish Assumptions 2 Icons Used in This Book 2 Beyond the Book 3 Where to Go from Here 3 Book 1: Installing and Setting Up Windows Server 2019 5 Chapter 1: An Overview of Windows Server 2019 7 Extra! Extra! Read All About It! Seeing What’s New in Windows Server 2019 8 Deciding Which Windows Server 2019 Edition Is Right for You 12 Essentials 12 Standard 13 Datacenter 13 Walking the Walk: Windows Server 2019 User Experiences 13 Desktop Experience 13 Server Core 14 Nano 15 Seeing What Server Manager Has to Offer 15 Windows Admin Center: Your New Best Friend 17 Chapter 2: Using Boot Diagnostics 21 Accessing Boot Diagnostics 21 From the DVD 22 From the boot menu 24 Using a Special Boot Mode 25 Safe Mode 25 Enable Boot Logging 27 Enable Low-Resolution Video 27 Last Known Good Configuration 27 Directory Services Restore Mode 28 Debugging Mode 28 Disable Automatic Restart on System Failure 29 Disable Driver Signature Enforcement 29 Disable Early Launch Anti-Malware Driver 29 Performing a Memory Test 30 Using the Command Prompt 32 Working with Third-Party Boot Utilities 32 Chapter 3: Performing the Basic Installation 35 Making Sure You Have What It Takes 36 Central processing unit 36 Random access memory 38 Storage 38 Network adapter 39 DVD drive 39 UEFI-based firmware 39 Trusted Platform Module 39 Monitor 39 Keyboard and mouse 40 Performing a Clean Install 40 Upgrading Windows 43 Performing a Network Install with Windows Deployment Services 46 Chapter 4: Performing Initial Configuration Tasks 47 Understanding Default Settings 48 Getting an Overview of the Configuration Process 49 Providing Computer Information 50 Windows Server 2019 with Desktop Experience 50 Windows Server 2019 Core 54 Updating Windows Server 2019 60 Windows Server 2019 with Desktop Experience 60 Windows Server 2019 Core 62 Customizing Windows Server 2019 64 Windows Server 2019 with Desktop Experience 64 Windows Server 2019 Core 67 Configuring Startup Options with BCDEdit 70 Book 2: Configuring Windows Server 2019 73 Chapter 1: Configuring Server Roles and Features 75 Using Server Manager 75 Roles and features 76 Diagnostics 77 Configuration tasks 78 Configure and Manage Storage 79 Understanding Server Roles 80 Active Directory Certificate Services 80 Active Directory Domain Services 81 Active Directory Federation Services 81 Active Directory Lightweight Directory Services 81 Active Directory Rights Management Services 82 Device Health Attestation 82 Dynamic Host Configuration Protocol 82 Domain Name System 83 Fax Server 83 File and Storage Services 84 Host Guardian Service 84 Hyper-V 85 Network Controller 85 Network Policy and Access Services 85 Print and Document Services 86 Remote Access 86 Remote Desktop Services 86 Volume Activation Services 86 Web Services 87 Windows Deployment Services 87 Windows Server Update Services 87 Understanding Server Features 87 .NET 3.5 88 .NET 4.7 88 Background Intelligent Transfer Service 88 BitLocker Drive Encryption 88 BitLocker Network Unlock 89 BranchCache 89 Client for NFS 89 Containers 89 Data Center Bridging 90 Direct Play 90 Enhanced Storage 90 Failover Clustering 90 Group Policy Management 91 Host Guardian Hyper-V Support 91 I/O Quality of Service 91 IIS Hostable Web Core 91 Internet Printing Client 91 IP Address Management Server 92 Internet Storage Name Server Service 92 LPR Port Monitor 92 Management OData IIS Extension 92 Media Foundation 92 Message Queueing 93 Multipath I/O 93 Multipoint Connector 93 Network Load Balancing 93 Network Virtualization 93 Peer Name Resolution Protocol 94 Quality Windows Audio Video Experience 94 RAS Connection Manager Administration Kit 94 Remote Assistance 94 Remote Differential Compression 94 Remote Server Administration Tools 94 RPC over HTTP Proxy 95 Setup and Boot Event Collection 95 Simple TCP/IP Services 95 SMB 1.0/CIFS File Sharing Support 95 SMB Bandwidth Limit 96 SMTP Server 96 Simple Network Management Protocol Service 96 Software Load Balancer 96 Storage Migration Service 97 Storage Migration Service Proxy 97 Storage Replica 97 System Data Archiver 97 System Insights 98 Telnet Client 98 TFTP Client 98 VM Shielding Tools for Fabric Management 98 WebDAV Redirector 98 Windows Biometric Framework 99 Windows Defender Antivirus 99 Windows Identity Foundation 3.5 99 Windows Internal Database 99 Windows PowerShell 99 Windows Process Activation Service 99 Windows Search Service 100 Windows Server Backup 100 Windows Server Migration Tools 100 Windows Standards-Based Storage Management 100 Windows Subsystem for Linux 101 Windows TIFF IFilter 101 WinRM IIS Extension 101 WINS Server 101 Wireless LAN Service 101 WoW64 Support 101 XPS Viewer 102 Chapter 2: Configuring Server Hardware 103 Working with Device Manager 104 Opening Device Manager 104 Configuring how Device Manager displays 104 Viewing devices that are not working properly 106 Understanding resources 107 Viewing hidden devices 108 Scanning for new devices 109 Working with older devices 109 Viewing individual device settings 109 Updating drivers 111 Configuring power management 111 Using the Add Hardware Wizard 112 Performing Hard-Drive-Related Tasks 113 Choosing basic or dynamic disks 114 Using multipath I/O 115 Working with storage area networks 116 Understanding Storage Spaces Direct 117 Working with Storage Replica 123 Using Storage Quality of Service 124 Encrypting with BitLocker 124 Performing Printer-Related Tasks 134 Using the Printer Install Wizard 134 Configuring print options 136 Configuring the Print Server role 137 Connecting to a Printer on a Print Server 140 Performing Other Configuration Tasks 141 Keyboard 141 Mouse 141 Power management 142 Sound 143 Language 143 Fonts 143 Chapter 3: Using the Control Panel 145 Accessing the Control Panel 145 Configuring the Control Panel 146 Understanding Control Panel Items 148 Chapter 4: Working with Workgroups 157 Knowing What a Workgroup Is 158 Knowing If a Workgroup Is Right for You 158 Comparing Centralized and Group Sharing 159 Configuring a Server for a Workgroup 159 Changing the name of your workgroup 160 Adding groups 161 Creating users and adding users to the group 162 Adding shared resources 164 Managing Workgroups 168 The Computer Management console 168 The User Account window 169 PowerShell 170 Examining the Peer Name Resolution Protocol 172 Chapter 5: Promoting Your Server to Domain Controller 173 Understanding Domains 173 What is a domain? 174 Forests and domains and OUs, oh my! 174 Understanding privileged domain groups 175 Examining Flexible Single Master Operation roles on domain controllers 175 Preparing to Create a Domain 177 Functional levels 178 Forest functional level 179 Domain functional level 179 Performing Domain Configuration Prerequisites 179 Checking for unsupported roles and features 180 Installing and configuring Domain Name System 180 Installing and configuring Dynamic Host Configuration Protocol 183 Configuring the Server as a Domain Controller 187 Installing Active Directory Domain Services 188 Configuring Active Directory Domain Services 188 Converting your DNS Zone to an Active Directory Integrated Zone 190 Authorizing your DHCP Server for your Active Directory environment 193 Configuring the user accounts 194 Sharing resources on a domain 196 Joining clients to the domain 197 Wrapping Things Up 202 Chapter 6: Managing DNS and DHCP with IP Address Management 205 Installing IP Address Management 206 Configuring IP Address Management 206 Using IP Address Management 210 Overview 210 Server Inventory 211 IP Address Space 211 Monitor and Manage 213 Event Catalog 215 Access Control 215 Book 3: Administering Windows Server 2019 217 Chapter 1: An Overview of the Tools Menu in Server Manager 219 Accessing the Server Manager Tools Menu 219 Working with Common Administrative Tools 222 Computer Management 222 Defragment and Optimize Drives 222 Disk Cleanup 223 Event Viewer 224 Local Security Policy 224 Registry Editor 226 Services 226 System Configuration 228 Task Scheduler 228 Installing and Using Remote Server Administration Tools 229 Installing Remote Server Administration Tools 229 Using Remote Server Administration Tools 230 Chapter 2: Setting Group Policy 233 Understanding How Group Policy Works 234 Starting the Group Policy Editor 235 Performing Computer Management 236 Modifying computer software settings 238 Modifying computer settings 239 Using Administrative Templates 240 Performing User Configuration 241 Modifying user software settings 241 Modifying a user’s Windows Settings 242 Using user Administrative Templates 244 Viewing Resultant Set of Policy 244 Chapter 3: Configuring the Registry 247 Starting Registry Editor 248 Importing and Exporting Registry Elements 248 Exporting Registry elements 249 Importing Registry elements 249 Finding Registry Elements 250 Understanding Registry Data Types 251 Understanding the Hives 252 HKEY_CLASSES_ROOT 252 HKEY_CURRENT_USER 253 HKEY_LOCAL_MACHINE 254 HKEY_USERS 255 HKEY_CURRENT_CONFIG 256 Loading and Unloading Hives 256 Connecting to Network Registries 258 Setting Registry Security 259 Setting permissions in the Windows Registry 259 Disabling Remote Registry access 259 Securing remote administration 260 Chapter 4: Working with Active Directory 263 Active Directory 101 263 Configuring Objects in Active Directory 264 Using Active Directory Domains and Trusts 264 Using Active Directory Sites and Services 269 Using Active Directory Users and Computers 270 Using Active Directory Administrative Center 274 Chapter 5: Performing Standard Maintenance 277 Activating Windows 277 Through the graphical user interface 278 Through the command line 278 Configuring the User Interface 280 Working with the Folder Options dialog box 280 Setting your Internet Options 282 Focusing on your Personalization settings 284 Reporting problems 286 Setting your Regional and Language Options 286 Working with the Performance Options dialog box 287 Understanding How User Access Control Affects Maintenance Tasks 288 Adding and Removing Standard Applications 289 Measuring Reliability and Performance 290 Performance Monitor 290 Resource Monitor 292 Task Manager 293 Protecting the Data on Your Server 294 System Backup 295 System Restore 297 Performing Disk Management Tasks 298 Managing storage 299 Managing disks 299 Defragmenting drives 300 Automating Diagnostic Tasks with Task Scheduler 301 Discovering task status 301 Using preconfigured tasks 302 Creating your own tasks 304 Working with Remote Desktop 305 Working with Remote Server Administration Tools 306 Figuring out firewall rules 306 Connecting to the server 306 Managing your servers 307 Working with Admin Center 308 Focusing on firewall rules 309 Connecting to a server 309 Using Windows Admin Center to manage your servers 309 Creating a Windows Recovery Drive 311 Chapter 6: Working at the Command Line 313 Opening an Administrative Command Prompt 313 Configuring the Command Line 314 Customizing how you interact with the Command Prompt 314 Changing the font 316 Choosing your window layout 317 Defining text colors 318 Setting Environmental Variables 319 Getting Help at the Command Line 320 Understanding Command Line Symbols 322 Chapter 7: Working with PowerShell 323 Opening an Administrative PowerShell Window 324 Configuring PowerShell 325 Options 325 Font 327 Layout 328 Colors 328 Using a Profile Script 330 Setting Environmental Variables 330 Getting Help in PowerShell 332 Understanding PowerShell Punctuation 334 Book 4: Configuring Networking in Windows Server 2019 337 Chapter 1: Overview of Windows Server 2019 Networking 339 Getting Acquainted with the Network and Sharing Center 340 Using the Network Connections Tools 342 Status 342 Ethernet 343 Dial-up 344 VPN 344 Proxy 344 Configuring TCP/IP 346 Understanding DHCP 349 Defining DNS 350 Creating a DNS zone 352 DNS and Active Directory 353 Making DNS fault tolerant 354 Chapter 2: Performing Basic Network Tasks 355 Viewing Network Properties 355 Connecting to Another Network 357 Connecting to the Internet 358 Setting up a dial-up connection 359 Connecting to a virtual private network 360 Managing Network Connections 361 Understanding the Client for Microsoft Networks feature 362 Configuring the Internet Protocol 362 Installing network features 364 Uninstalling network features 364 Chapter 3: Accomplishing Advanced Network Tasks 367 Working with Remote Desktop Services 367 Installing Remote Desktop Services 368 Configuring user-specific settings 369 Configuring apps 371 Using RD Web Access 372 Configuring and using RDS licensing 374 Working with Network Policy and Access Services 376 Network Policy Server 377 Troubleshooting at the Command Line 381 Chapter 4: Diagnosing and Repairing Network Connection Problems 383 Using Windows Network Diagnostics 384 Repairing Individual Connections 386 Network Troubleshooting at the Command Line 388 Working with Windows Firewall 389 Making Sense of Common Configuration Errors 391 Duplicate IP addresses 391 No gateway address 391 No DNS servers set 392 An application is experiencing network issues 392 Everything should be working, but it’s not 392 Working with Other Troubleshooting Tools 392 Book 5: Managing Security with Windows Server 2019 395 Chapter 1: Understanding Windows Server 2019 Security 397 Understanding Basic Windows Server Security 397 The CIA triad: Confidentiality, integrity, and availability 398 Authentication, authorization, and accounting 399 Access tokens 399 Security descriptors 399 Access control lists 400 Working with Files and Folders 403 Setting file and folder security 403 Creating a Local Security Policy 406 Paying Attention to Windows Security 408 Virus & Threat Protection 408 Firewall & Network Protection 408 App & Browser Control 410 Device Security 411 Chapter 2: Configuring Shared Resources 413 Comparing Share Security with File System Security 413 Shared folder permissions 414 File system security 415 Effective permissions validation 415 Sharing Resources 417 Storage media 417 Printers 418 Other resources 419 Configuring Access with Federated Rights Management 419 Working with Active Directory Federation Services 420 Working with Active Directory Rights Management Services 424 Chapter 3: Configuring Operating System Security 433 Understanding and Using User Account Control 433 Using User Account Control to protect the server 434 Running tasks as administrator 434 Watching out for automatic privilege elevation 435 Overriding User Account Control settings 435 Managing User Passwords 438 Understanding Credential Guard 439 How Credential Guard works 440 Credential Guard Hardware Requirements 440 How to enable Credential Guard 441 Configuring Startup and Recovery Options 444 Chapter 4: Working with the Internet 447 Firewall Basics 447 Getting acquainted with the Windows Defender Firewall profiles 448 Enabling and disabling the Windows Defender Firewall 448 Configuring Windows Defender Firewall with Advanced Security 451 Working with profile settings 452 Working with inbound/outbound rules 454 Understanding IPSec 457 Configuring the IPSec settings 458 Chapter 5: Understanding Digital Certificates 461 Certificates in Windows Server 2019 462 Cryptography 101 462 Certificate-specific concepts 464 Types of Certificates in Active Directory Certificate Services 465 User certificates 465 Computer 466 Chapter 6: Installing and Configuring AD CS 469 Introducing Certificate Authority Architecture 470 Root certificate authorities 470 Issuing certificate authorities 471 Policy certificate authorities 471 Installing a Certificate Authority 471 Creating the CAPolicy.inf file 471 Installing the root certificate authority 473 Installing the issuing certificate authority 477 Enrolling for certificates 478 Setting up web enrollment 481 Installing Online Certificate Status Protocol 482 Configuring Certificate Auto-Enrollment 485 Configuring the template 485 Configuring Group Policy 486 Chapter 7: Securing Your DNS Infrastructure 489 Understanding DNSSEC 489 The basics of DNSSEC 490 Records used for DNSSEC 490 Configuring DNSSEC 491 Understanding DANE 495 The basics of DANE 495 Configuring DANE 496 Book 6: Working with Windows PowerShell 501 Chapter 1: Introducing PowerShell 503 Understanding the Basics of PowerShell 503 Objects 504 Pipeline 504 Providers 505 Variables 506 Sessions 506 Comments 507 Aliases 507 Cmdlets 507 Using PowerShell 509 Writing PowerShell commands and scripts 509 Working with objects 513 Working with the pipeline 514 Working with modules 516 Working with comparison operators 518 Getting information out of PowerShell 519 Scripting logic 521 Other cool tricks 522 Running PowerShell Remotely 527 Invoke-Command 527 New-PSSession 527 Enter-PSSession 527 Getting Help in PowerShell 528 Update-Help 528 Get-Help 529 -Detailed and -Full 529 Identifying Security Issues with PowerShell 530 Execution Policy 530 Code signing 531 Firewall requirements for PowerShell remoting 534 Chapter 2: Understanding the NET Framework 535 Introducing the Various Versions of NET Framework 535 Focusing on New Features in NET 4.7 538 Viewing the Global Assembly Cache 539 Understanding assembly security 540 Identifying the two types of assembly privacy 540 Viewing assembly properties 541 Understanding NET Standard and NET Core 541 .NET Core 542 .NET Standard 542 Tying it all together: NET and PowerShell 542 Chapter 3: Working with Scripts and Cmdlets 543 Introducing Common Scripts and Cmdlets 543 Executing Scripts or Cmdlets 544 Working with COM objects 545 Combining multiple cmdlets 545 Working from Another Location 546 Performing Simple Administrative Tasks with PowerShell Scripts 548 Adding users in Active Directory 548 Creating a CSV file and populating it with data from Active Directory 548 Checking to see if a patch is installed 550 Checking running processes or services 550 Chapter 4: Creating Your Own Scripts and Advanced Functions 551 Creating a PowerShell Script 552 Creating a simple script 552 Running the script 557 Defining a Script Policy 558 Signing a PowerShell Script 559 Creating a PowerShell Advanced Function 559 Playing with parameters 560 Creating the advanced function 561 Using the advanced function 563 Chapter 5: PowerShell Desired State Configuration 567 Getting an Overview of PowerShell Desired State Configuration 567 Configurations 568 Resources 569 Local Configuration Manager 571 Creating a PowerShell Desired State Configuration Script 572 Applying the PowerShell Desired State Configuration Script 573 Compiling into MOF 574 Applying the new configuration 575 Push and Pull: Using PowerShell Desired State Configuration at Scale 575 Push mode 576 Pull mode 577 Book 7: Installing and Administering Hyper-V 579 Chapter 1: What Is Hyper-V? 581 Introduction to Virtualization 581 Type 1 and Type 2 Hypervisors 582 Type 1 hypervisors 583 Type 2 hypervisors 583 Installing and Configuring Hyper-V 583 Installing Hyper-V 584 Configuring Hyper-V 586 Virtual Switch Manager 591 Virtual SAN Manager 591 Chapter 2: Virtual Machines 593 Creating a Virtual Machine 593 Configuring a Virtual Machine 597 Add Hardware 598 Firmware 598 Security 598 Memory 599 Processor 600 SCSI Controller 601 Network Adapter 602 Name 603 Integration Services 603 Checkpoints 603 Smart Paging File Location 603 Automatic Start Action 604 Automatic Stop Action 604 Shielded Virtual Machines 604 Chapter 3: Virtual Networking 605 Identifying the Types of Virtual Switches 606 External 606 Internal 606 Private 606 Creating a Virtual Switch 607 Hyper-V Manager 607 PowerShell 608 Getting into Advanced Hyper-V Networking 610 Virtual local area network tagging 610 Bandwidth management 613 Network interface card teaming 614 Looking at single-root I/O virtualization 619 Chapter 4: Virtual Storage 621 Understanding Virtual Disk Formats 621 Considering Types of Disks 622 Fixed 622 Dynamic 622 Differencing 623 Pass-through 623 Adding Storage to the Host 623 Adding the drives 623 Changing the default save locations of virtual disk files 625 Adding Storage to the Virtual Machine 626 Adding a new virtual drive 626 Expanding a disk drive 629 Adding a pass-through disk 630 Converting a VHD disk file to a VHDX disk file 631 Attaching the converted drive to the virtual machine 632 Chapter 5: High Availability in Hyper-V 635 Hyper-V Replica 635 Setting up Hyper-V Replica on the Hyper-V hosts 636 Setting up replication on the virtual machines 638 Live Migration 640 Setting up live migration 641 Kicking off a live migration 643 Storage Migration 644 Failover Clustering 645 Installing Failover Clustering 645 Configuring Failover Clustering 646 Configuring a witness for your failover cluster 647 Book 8: Installing, Configuring, and Using Containers 649 Chapter 1: Introduction to Containers in Windows Server 2019 651 Understanding Containers 652 Knowing what a container looks like 652 Defining important container terms 653 Seeing how containers run on Windows 653 Considering Use Cases for Containers 654 Developers 654 System administrators 654 Deciding What Type of Containers You Want to Use 655 Windows Server containers 655 Hyper-V containers 655 Managing Containers at Scale 656 Chapter 2: Docker and Docker Hub 657 Introduction to Docker 657 Docker architecture 658 Basic Docker commands 658 Introduction to Docker Hub 659 Finding public images 659 Creating a private repository 662 Using a private repository 664 Chapter 3: Installing Containers on Windows Server 2019 667 Installing Windows Containers 668 Installing Hyper-V Containers 669 Installing Docker 670 Testing Your Container Installation 672 Windows container 672 Hyper-V container 672 Chapter 4: Configuring Docker and Containers on Windows Server 2019 675 Working with Dockerfile 675 Applying Custom Metadata to Containers and Other Objects 678 Creating labels 679 Viewing labels 679 Configuring Containers 680 Starting containers automatically 680 Limiting a container’s resources 681 Configuring the Docker Daemon with daemon.json 682 Chapter 5: Managing Container Images 685 Making Changes to Images and Saving the Changes You Make 685 Pushing Images to Docker Hub 689 Pulling Images from Docker Hub 691 Handling Image Versioning 693 Chapter 6: Container Networking 695 Considering the Different Types of Network Connections 696 Viewing Your Network Adapters and Virtual Switches 697 Configuring a Network Address Translation Network Connection 698 Configuring a Transparent Network Connection 699 Configuring an Overlay Network Connection 700 Configuring an l2bridge Network Connection 701 Configuring an l2tunnel Network Connection 702 Connecting to a Network 703 Chapter 7: Container Storage 705 Getting Acquainted with Container Storage 705 Creating a Volume Inside of a Container 706 Working with Persistent Volumes 709 Looking at volume types 709 Removing volumes 712 Index 713
£23.79
John Wiley & Sons Inc SCADA Security
Book SynopsisExamines the design and use of Intrusion Detection Systems (IDS) to secure Supervisory Control and Data Acquisition (SCADA) systems Cyber-attacks on SCADA systems?the control system architecture that uses computers, networked data communications, and graphical user interfaces for high-level process supervisory management?can lead to costly financial consequences or even result in loss of life. Minimizing potential risks and responding to malicious actions requires innovative approaches for monitoring SCADA systems and protecting them from targeted attacks. SCADA Security: Machine Learning Concepts for Intrusion Detection and Prevention is designed to help security and networking professionals develop and deploy accurate and effective Intrusion Detection Systems (IDS) for SCADA systems that leverage autonomous machine learning. Providing expert insights, practical advice, and up-to-date coverage of developments in SCADA security, this authoritative guide presents Table of ContentsForeword ix Preface xi Acronyms xv 1. Introduction 1 2. Background 15 3. SCADA-Based Security Testbed 25 4. Efficient k-Nearest Neighbour Approach Based on Various-Widths Clustering 63 5. SCADA Data-Driven Anomaly Detection 87 6. A Global Anomaly Threshold to Unsupervised Detection 119 7. Threshold Password-Authenticated Secret Sharing Protocols 151 8. Conclusion 179 References 185 Index 195
£90.86
John Wiley & Sons Inc Critical Infrastructure Protection in Homeland
Book SynopsisCovers critical infrastructure protection, providing a rigorous treatment of risk, resilience, complex adaptive systems, and sector dependence Wide in scope, this classroom-tested book is the only one to emphasize a scientific approach to protecting the key infrastructures components of a nation. It analyzes the complex network of entities that make up a nation''s infrastructure, and identifies vulnerabilities and risks in various sectors by combining network science, complexity theory, risk analysis, and modeling and simulation. This approach reduces the complex problem of protecting water supplies, energy pipelines, telecommunication stations, power grid, and Internet and Web networks to a much simpler problem of protecting a few critical nodes. The new third edition of Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation incorporates a broader selection of ideas and sectors than the previous book. Divided into three secTable of ContentsForeword By Sen. Mark Warner xv Foreword By Prof. Andrew Odlyzko xxi Preface xxxiii How to Use this Book xxxvii About the Companion Website xxxix 1 Origins of Critical Infrastructure Protection 1 1.1 Recognition 3 1.2 Natural Disaster Recovery 4 1.3 Definitional Phase 5 1.4 Public–Private Cooperation 8 1.5 Federalism: Whole of Government 8 1.6 Rise of the Framework 10 1.7 Implementing a Risk Strategy 12 1.7.1 Risk‐Informed Decision‐Making 13 1.7.2 Resilience‐Informed Decision‐Making 14 1.7.3 Prevention or Response? 15 1.8 Analysis 16 1.8.1 The Public–Private Partnership (PPP) Conundrum 17 1.8.2 The Information Sharing Conundrum 17 1.8.3 Climate Change Conundrum 17 1.8.4 The Funding Conundrum 17 1.8.5 Spend 80% on 20% of the Country 18 1.9 Exercises 18 1.10 Discussions 19 References 20 2 Risk Strategies 21 2.1 Expected Utility Theory 23 2.1.1 Threat–Asset Pairs 24 2.2 PRA and Fault Trees 24 2.2.1 An Example: Your Car 26 2.3 MRBA and Resource Allocation 26 2.3.1 Another Example: Redundant Power 27 2.4 Cyber Kill Chains are Fault Trees 28 2.5 PRA in the Supply Chain 29 2.6 Protection Versus Response 30 2.7 Threat is an Output 32 2.8 Bayesian Belief Networks 33 2.8.1 A Bayesian Network for Threat 33 2.8.2 Predictive Analytics 34 2.9 Risk of a Natural Disaster 35 2.9.1 Exceedence 35 2.9.2 EP vs. PML Risk 35 2.10 Earthquakes 36 2.11 Black Swans and Risk 36 2.12 Black Swan Floods 37 2.13 Are Natural Disasters Getting Worse? 38 2.14 Black Swan Al Qaeda Attacks 38 2.15 Black Swan Pandemic 39 2.16 Risk and Resilience 41 2.17 Exercises 42 2.18 Discussions 43 References 43 3 Theories of Catastrophe 44 3.1 Normal Accident Theory (NAT) 45 3.2 Blocks and Springs 46 3.3 Bak’s Punctuated Equilibrium Theory 48 3.4 Tragedy of the Commons (TOC) 51 3.4.1 The State Space Diagram 52 3.5 The US Electric Power Grid 52 3.6 Paradox of Enrichment (POE) 55 3.6.1 The Great Recessions 56 3.6.2 Too Much Money 56 3.7 Competitive Exclusion Principle (CEP) 57 3.7.1 Gause’s Law 58 3.7.2 The Self‐Organizing Internet 58 3.7.3 A Monoculture 59 3.8 Paradox of Redundancy (POR) 59 3.9 Resilience of Complex Infrastructure Systems 60 3.9.1 Expected Utility and Risk 60 3.9.2 Countering SOC 60 3.9.3 The TOC Test 61 3.9.4 POE and Nonlinearity 61 3.9.5 CEP and Loss of Redundancy 61 3.9.6 POR and Percolation 62 3.10 Emergence 62 3.10.1 Opposing Forces in Emergent CIKR 62 3.11 Exercises 63 3.12 Discussions 64 References 64 4 Complex CIKR Systems 66 4.1 CIKR as Networks 69 4.1.1 Emergence 72 4.1.2 Classes of CIKR Networks 74 4.1.3 Self‐Organized Networks 75 4.2 Cascading CIKR Systems 76 4.2.1 The Fundamental Resilience Line 80 4.2.2 Critical Factors and Cascades 81 4.2.3 Targeted Attacks 82 4.3 Network Flow Risk and Resilience 85 4.3.1 Braess’s Paradox 86 4.3.2 Flow Network Resilience 87 4.4 Paradox of Redundancy 88 4.4.1 Link Percolation and Robustness 88 4.4.2 Node Percolation and Robustness 89 4.4.3 Blocking Nodes 89 4.5 Network Risk 91 4.5.1 Crude Oil and Keystone XL 92 4.5.2 MBRA Network Resource Allocation 92 4.6 The Fragility Framework 96 4.6.1 The Hodges Fragility Framework 96 4.6.2 The Hodges Fault Tree 97 4.7 Exercises 98 4.8 Discussions 99 References 100 5 Communications 101 5.1 Early Years 102 5.2 Regulatory Structure 105 5.3 The Architecture of the Communications Sector 106 5.3.1 Physical Infrastructure 107 5.3.2 Wireless Networks 108 5.3.3 Extraterrestrial Communication 108 5.3.4 Land Earth Stations 109 5.3.5 Cellular Networks 110 5.3.6 Generations 110 5.3.7 Wi‐Fi Technology 111 5.4 Risk and Resilience Analysis 111 5.4.1 Importance of Carrier Hotels 113 5.4.2 Network Analysis 114 5.4.3 Flow Analysis 116 5.4.4 Robustness 116 5.4.5 The Submarine Cable Network 117 5.4.6 HPM Attacks 117 5.5 Cellular Network Threats 118 5.5.1 Cyber Threats 119 5.5.2 HPM‐Like Threats 120 5.5.3 Physical Threats 120 5.6 Analysis 120 5.7 Exercises 121 5.8 Discussions 122 References 122 6 Internet 123 6.1 The Internet Monoculture 125 6.1.1 The Original Sin 127 6.1.2 How TCP/IP Works 128 6.1.3 More Original Sin 130 6.2 Analyzing The Autonomous System Network 130 6.2.1 The AS500 Network 130 6.2.2 Countermeasures 132 6.3 The RFC Process 133 6.3.1 Emergence of Email 133 6.3.2 Emergence of TCP/IP 133 6.4 The Internet of Things (IOT) 134 6.4.1 Data Scraping 135 6.4.2 IoT Devices 135 6.4.3 More IoT Exploits 136 6.5 Commercialization 137 6.6 The World Wide Web 137 6.7 Internet Governance 138 6.7.1 IAB and IETF 138 6.7.2 ICANN Wars 140 6.7.3 ISOC 141 6.7.4 W3C 141 6.8 Internationalization 142 6.9 Regulation and Balkanization 142 6.10 Exercises 143 6.11 Discussions 144 7 Cyber Threats 145 7.1 Threat Surface 146 7.1.1 Script Kiddies 148 7.1.2 Black‐Hats 149 7.1.3 Weaponized Exploits 149 7.1.4 Ransomware and the NSA 150 7.2 Basic Vulnerabilities 151 7.2.1 The First Exploit 152 7.2.2 TCP/IP Flaws 153 7.2.3 Open Ports 154 7.2.4 Buffer Overflow Exploits 155 7.2.5 DDoS Attacks 155 7.2.6 Email Exploits 156 7.2.7 Flawed Application and System Software 157 7.2.8 Trojans, Worms, Viruses, and Keyloggers 158 7.2.9 Hacking the DNS 159 7.3 Botnets 159 7.3.1 Hardware Flaws 160 7.4 Cyber Risk Analysis 161 7.5 Cyber Infrastructure Risk 161 7.5.1 Blocking Node Analysis 163 7.5.2 Machine Learning Approach 165 7.5.3 Kill Chain Approach 165 7.6 Analysis 166 7.7 Exercises 166 7.8 Discussions 168 References 168 8 Information Technology (IT) 169 8.1 Principles of IT Security 171 8.2 Enterprise Systems 171 8.2.1 Loss of Service 172 8.2.2 Loss of Data 172 8.2.3 Loss of Security 172 8.3 Cyber Defense 173 8.3.1 Authenticate Users 173 8.3.2 Trusted Path 174 8.3.3 Inside the DMZ 175 8.4 Basics of Encryption 176 8.4.1 DES 177 8.4.2 3DES 177 8.4.3 AES 177 8.5 Asymmetric Encryption 177 8.5.1 Public Key Encryption 179 8.5.2 RSA Illustrated 180 8.5.3 Shor’s Algorithm 180 8.6 PKI 181 8.6.1 Definition of PKI 182 8.6.2 Certificates 182 8.6.3 Blockchain 183 8.6.4 FIDO and WebAuth 184 8.6.5 Mathematics of Passwords 184 8.7 Countermeasures 185 8.8 Exercises 187 8.9 Discussions 188 References 188 9 Hacking Social Networks 189 9.1 Web 2.0 and the Social Network 190 9.2 Social Networks Amplify Memes 193 9.3 Topology Matters 194 9.4 Computational Propaganda 194 9.5 The ECHO Chamber 197 9.6 Big Data Analytics 198 9.6.1 Algorithmic Bias 199 9.6.2 The Depths of Deep Learning 200 9.6.3 Data Brokers 200 9.7 GDPR 201 9.8 Social Network Resilience 202 9.9 The Regulated Web 203 9.9.1 The Century of Regulation 203 9.10 Exercises 204 9.11 Discussions 205 References 206 10 Supervisory Control and Data Acquisition 207 10.1 What is SCADA? 208 10.2 SCADA Versus Enterprise Computing Differences 209 10.3 Common Threats 210 10.4 Who is in Charge? 211 10.5 SCADA Everywhere 212 10.6 SCADA Risk Analysis 213 10.7 NIST‐CSF 216 10.8 SFPUC SCADA Redundancy 216 10.8.1 Redundancy as a Resiliency Mechanism 218 10.8.2 Risk Reduction and Resource Allocation 220 10.9 Industrial Control of Power Plants 221 10.9.1 Maximum PML 221 10.9.2 Recovery 221 10.9.3 Node Resilience 222 10.10 Analysis 225 10.11 Exercises 227 10.12 Discussions 228 11 Water and Water Treatment 229 11.1 From Germs to Terrorists 230 11.1.1 Safe Drinking Water Act 231 11.1.2 The WaterISAC 231 11.2 Foundations: SDWA of 1974 232 11.3 The Bioterrorism Act of 2002 232 11.3.1 Is Water for Drinking? 233 11.3.2 Climate Change and Rot: The New Threats 234 11.4 The Architecture of Water Systems 235 11.4.1 The Law of The River 235 11.5 The Hetch Hetchy Network 235 11.5.1 Bottleneck Analysis 236 11.6 Risk Analysis 238 11.6.1 Multidimensional Analysis 238 11.6.2 Blocking Nodes 239 11.7 Hetch Hetchy Investment Strategies 239 11.7.1 The Rational Actor Attacker 240 11.8 Hetch Hetchy Threat Analysis 242 11.8.1 Chem/Bio Threats 242 11.8.2 Earthquake Threats 244 11.8.3 Allocation to Harden Threat–Asset Pairs 244 11.9 Analysis 245 11.10 Exercises 246 11.11 Discussions 247 References 248 12 Energy 249 12.1 Energy Fundamentals 251 12.2 Regulatory Structure of the Energy Sector 252 12.2.1 Evolution of Energy Regulation 252 12.2.2 Other Regulations 253 12.2.3 The Energy ISAC 254 12.3 Interdependent Coal 254 12.3.1 Interdependency with Transportation 254 12.4 The Rise of Oil and the Automobile 255 12.4.1 Oil 255 12.4.2 Natural Gas 256 12.5 Energy Supply Chains 256 12.5.1 PADDs 257 12.5.2 Refineries 258 12.5.3 Transmission 258 12.5.4 Transport4 259 12.5.5 Storage 259 12.5.6 Natural Gas Supply Chains 259 12.5.7 SCADA 259 12.6 The Critical Gulf of Mexico Cluster 259 12.6.1 Refineries 260 12.6.2 Transmission Pipelines 260 12.6.3 Storage 262 12.7 Threat Analysis of the Gulf of Mexico Supply Chain 265 12.8 Network Analysis of the Gulf of Mexico Supply Chain 266 12.9 The Keystonexl Pipeline Controversy 267 12.10 The Natural Gas Supply Chain 268 12.11 Analysis 270 12.12 Exercises 270 12.13 Discussions 271 References 272 13 Electric Power 273 13.1 The Grid 274 13.2 From Death Rays to Vertical Integration 275 13.2.1 Early Regulation 276 13.2.2 Deregulation and EPACT 1992 278 13.2.3 Energy Sector ISAC 278 13.3 Out of Orders 888 and 889 Comes Chaos 279 13.3.1 Economics Versus Physics 280 13.3.2 Betweenness Increases SOC 281 13.4 The North American Grid 281 13.4.1 ACE and Kirchhoff’s Law 283 13.5 Anatomy of a Blackout 283 13.5.1 What Happened on August 14 285 13.6 Threat Analysis 286 13.6.1 Attack Scenario 1: Disruption of Fuel Supply to Power Plants 286 13.6.2 Attack Scenario 2: Destruction of Major Transformers 287 13.6.3 Attack Scenario 3: Disruption of SCADA Communications 287 13.6.4 Attack Scenario 4: Creation of a Cascading Transmission Failure 287 13.7 Risk Analysis 288 13.8 Analysis of WECC96 288 13.9 Analysis 291 13.10 Exercises 292 13.11 Discussions 294 References 294 14 Healthcare and Public Health 295 14.1 The Sector Plan 296 14.2 Roemer’s Model 297 14.2.1 Components of Roemer’s Model 298 14.3 The Complexity of Public Health 299 14.4 Risk Analysis of HPH Sector 300 14.5 Bioterrorism 300 14.5.1 Classification of Biological Agents 301 14.6 Epidemiology 303 14.6.1 The Kermack–McKendrick Model 303 14.6.2 SARS 304 14.7 Predicting Pandemics 304 14.7.1 The Levy Flight Theory of Pandemics 306 14.8 Bio‐Surveillance 307 14.8.1 HealthMap 307 14.8.2 Big Data 307 14.8.3 GeoSentinel 308 14.9 Network Pandemics 309 14.10 The World Travel Network 310 14.11 Exercises 312 14.12 Discussions 313 References 313 15 Transportation 314 15.1 Transportation Under Transformation 316 15.2 The Road to Prosperity 319 15.2.1 Economic Impact 319 15.2.2 The National Highway System (NHS) 319 15.2.3 The Interstate Highway Network Is Resilient 320 15.2.4 The NHS Is Safer 320 15.3 Rail 320 15.3.1 Birth of Regulation 322 15.3.2 Freight Trains 323 15.3.3 Passenger Rail 324 15.3.4 Commuter Rail Resiliency 324 15.4 Air 325 15.4.1 Resilience of the Hub‐and‐Spoke Network 326 15.4.2 Security of Commercial Air Travel 328 15.4.3 How Safe and Secure Is Flying in the United States? 329 15.5 Airport Games 330 15.5.1 GUARDS 330 15.5.2 Bayesian Belief Networks 331 15.6 Exercises 331 15.7 Discussions 332 References 332 16 Supply Chains 334 16.1 The World Is Flat, But Tilted 335 16.1.1 Supply‐Side Supply 336 16.1.2 The Father of Containerization 337 16.1.3 The Perils of Efficient Supply Chains 337 16.2 The World Trade Web 340 16.2.1 Economic Contagions 342 16.3 Risk Assessment 344 16.3.1 MSRAM 344 16.3.2 PROTECT 345 16.4 Analysis 346 16.5 Exercises 347 16.6 Discussions 347 References 348 17 Banking and Finance 349 17.1 The Financial System 351 17.1.1 Federal Reserve vs. US Treasury 352 17.1.2 Operating the System 353 17.1.3 Balancing the Balance Sheet 353 17.1.4 Paradox of Enrichment 354 17.2 Financial Networks 355 17.2.1 FedWire 355 17.2.2 TARGET 356 17.2.3 SWIFT 356 17.2.4 Credit Card Networks 356 17.2.5 3‐D Secure Payment 357 17.3 Virtual Currency 358 17.3.1 Intermediary PayPal 358 17.3.2 ApplePay 358 17.3.3 Cryptocurrency 359 17.4 Hacking The Financial Network 361 17.5 Hot Money 363 17.5.1 The Dutch Disease 364 17.6 The End of Stimulus? 364 17.7 Fractal Markets 365 17.7.1 Efficient Market Hypothesis (EMH) 366 17.7.2 Fractal Market Hypothesis (FMH) 366 17.7.3 Predicting Collapse 367 17.8 Exercises 369 17.9 Discussions 370 References 370 18 Strategies for a Networked Nation 371 18.1 Whole of Government 372 18.2 Risk and Resilience 373 18.3 Complex and Emergent CIKR 373 18.4 Communications and the Internet 374 18.5 Information Technology (IT) 375 18.6 Surveillance Capitalism 375 18.7 Industrial Control Systems 376 18.8 Energy and Power 376 18.9 Global Pandemics 377 18.10 Transportation and Supply Chains 377 18.11 Banking and Finance 378 18.12 Discussions 378 Appendix A: Math: Probability Primer 379 A.1 A Priori Probability 379 A.2 A Pori Probability 381 A.3 Random Networks 382 A.4 Conditional Probability 383 A.5 Bayesian Networks 384 A.6 Bayesian Reasoning 385 References 387 Further Reading 388 Appendix B: Math: Risk and Resilience 389 B.1 Expected Utility Theory 390 B.1.1 Fault Trees 390 B.1.2 Fault Tree Minimization 391 B.1.3 XOR Fault Tree Allocation Algorithm 392 B.2 Bayesian Estimation 392 B.2.1 Bayesian Networks 392 B.3 Exceedence and PML Risk 394 B.3.1 Modeling EP 394 B.3.2 Estimating EP From Data 395 B.3.3 How to Process Time‐Series Data 396 B.4 Network Risk 397 B.5 Model‐Based Risk Analysis (MBRA) 398 B.5.1 Network Resource Allocation 401 B.5.2 Simulation 402 B.5.3 Cascade Risk 402 B.5.4 Flow Risk 402 References 403 Appendix C: Math: Spectral Radius 404 C.1 Network as Matrix 404 C.2 Matrix Diagonalization 404 C.3 Relationship to Risk and Resilience 406 C.3.1 Equation 1 406 C.3.2 Equation 2 407 Reference 407 Appendix D: Math: Tragedy of the Commons 408 D.1 Lotka–Volterra Model 408 D.2 Hopf–Holling Model 408 Appendix E: Math: The DES and RSA Algorithm 410 E.1 DES Encryption 410 E.2 RSA Encryption 410 Appendix F: Glossary 412 Index 414
£105.26
John Wiley & Sons Inc Network Modeling Simulation and Analysis in
Book SynopsisThe purpose of this book is first to study MATLAB programming concepts, then the basic concepts of modeling and simulation analysis, particularly focus on digital communication simulation. The book will cover the topics practically to describe network routing simulation using MATLAB tool. It will cover the dimensions'' like Wireless network and WSN simulation using MATLAB, then depict the modeling and simulation of vehicles power network in detail along with considering different case studies. Key features of the book include: Discusses different basics and advanced methodology with their fundamental concepts of exploration and exploitation in NETWORK SIMULATION. Elaborates practice questions and simulations in MATLAB Student-friendly and Concise Useful for UG and PG level research scholar Aimed at Practical approach for network simulation with more programs with step by step comments. Based on the Latest technoTable of ContentsList of Figures xi List of Tables xv Foreword xvii Preface xix Acknowledgments xxi Acronyms xxiii 1 Introduction to Modeling, Simulations and Analysis 1 1.1 MATLAB Modeling and Simulation 2 1.2 Computer Networks Performance Modeling and Simulation 4 1.2.1 Computer-Based Models 4 1.2.2 Computer Network Simulation 5 1.3 Discrete-Event Simulation for MATLAB 6 1.3.1 Terminology and Components of Discrete-Event Simulation 7 1.3.2 The Principle of Discrete-Event Simulation 8 1.3.3 ESTA Algorithm 9 1.3.4 ANALYSIS: Determination of Time to Attain Steady State Condition for MATLAB 11 1.4 Simulation Software Selection for MATLAB 11 1.5 Simulation Tools Based on High Performance 12 1.5.1 Network Model 13 1.5.2 Network Simulators 15 1.6 Conclusion 22 References 23 2 Introduction to MATLAB Programming 25 2.1 Introduction 26 2.2 Basic Features 27 2.2.1 Features of MATLAB 27 2.2.2 Uses of MATLAB 27 2.3 Notation, Syntax, and Operations 27 2.3.1 Practical Examples for MATLAB 27 2.3.2 Use of Semicolon (;) in MATLAB 28 2.3.3 Adding Comments 29 2.3.4 Commonly Utilized Operators and Special Characters 29 2.3.5 Unique Variables and Constants 30 2.3.6 Sparing Process 30 2.3.7 MATLAB Decisions 30 2.3.8 MATLAB Loops 31 2.4 Import and Export Operations 32 2.4.1 Import Data in MATLAB 32 2.4.2 Export Data in MATLAB 38 2.5 Elements 40 2.5.1 Commands 40 2.5.2 MATLAB Basics 41 2.5.3 Creating Matrices 42 2.5.4 Framework Operations 42 2.5.5 Using M-Files 44 2.6 Plotting 47 2.6.1 Including Various Types of Graphs 48 2.6.2 Creation of a Multiple Number of Functions in a Similar Graph 49 2.6.3 Creating a Graph According to Various Colors 50 2.7 Uncommon Function 51 2.8 Executable Files Generation 52 2.9 Calling and Accumulating Executable Documents 54 2.10 Calling Objects from External Programs 55 2.11 JAVA Classes 56 2.12 The Guide 56 2.12.1 Open a New User Interface 57 2.12.2 Guide Window Size Setting 58 2.12.3 Design the User Interface 58 2.12.4 Adjust the Components 59 2.12.5 Mark the Push Buttons 60 2.12.6 Menu Items-Rundown Pop-Up 61 2.12.7 Static Test Alteration Procedure in MATLAB 61 2.12.8 Spare the Layout 62 2.12.9 Behavior of the App 63 2.12.10 Produce Data to Plot in MATLAB 63 2.12.11 Pop-Up Menu Characteristics 65 2.12.12 Behavior of Push Button 66 2.13 Effective Programming through MATLAB 67 2.13.1 Condition 68 2.13.2 Practice Programs 68 2.13.3 Specific Functions in MATLAB 69 2.14 Clones Process Using MATLAB 69 2.14.1 GNU Octave 69 2.14.2 Scilab 70 2.14.3 Sage 70 2.15 Parallel MATLAB System 71 2.15.1 Run a Batch Job 71 2.15.2 Run a Batch Parallel Loop 72 2.15.3 Current Folder Browser - Run Script as Batch Job 73 2.16 Conclusion 74 References 75 3 Digital Communication System Simulation Using MATLAB 77 3.1 Introduction to Digital Communication 78 3.1.1 Data Transmission 78 3.1.2 Example 79 3.1.3 The Conversion of Analog and Digital Signals 80 3.1.4 Information, Bandwidth, and Noise 82 3.2 Simulation of Rayleigh Fading Model 83 3.2.1 Rayleigh Fading Basics 83 3.2.2 Rayleigh Fading 84 3.3 BPSK Modulation and Demodulation 86 3.3.1 BPSK Modulation 86 3.3.2 BPSK Demodulation 87 3.4 QPSK Modulation and Demodulation 89 3.4.1 QPSK Transmitter 90 3.4.2 QPSK Receiver 93 3.4.3 Performance Simulation over AWGN 93 3.5 Image Error Rate vs Signal-to-Noise Ratio 94 3.5.1 M-QAM Modulation 94 3.5.2 Baseband Rectangular M-QAM Modulator 95 3.6 Recreation of OFDM Framework 99 3.6.1 Figuring (Es /n0) or (Eb /n0) for OFDM Framework 101 3.6.2 Impact of Cyclic Prefix on Es /n 101 3.6.3 Effect of Unused Subcarriers on Es/N 102 3.6.4 Arrangement of Subcarriers 103 3.6.5 MATLAB Sample Code 103 3.7 Conclusion 108 References 109 4 Statistical Analysis of Network Data Using MATLAB 111 4.1 Introduction to Association Networks 112 4.2 Time Series, Stationary, Time Series Decomposition, De-trending 114 4.2.1 Time Series Analysis 114 4.2.2 Stationarity 115 4.2.3 Time Series Decomposition 117 4.2.4 De-trending 118 4.3 Autocorrelation, Test for Independence, Linear Autoregressive Models 124 4.3.1 Autocorrelation 124 4.3.2 ACF and IACF Parameters 126 4.3.3 Test of Independence 128 4.3.4 Linear Autoregressive Models 135 4.3.5 Linear Prediction and Autoregressive Modeling 137 4.4 Mutual Information and Test for Independence 139 4.4.1 Testing the Significance of the Null Hypothesis I(X; Y) = 0 139 4.4.2 Producing the Mutual Information Distribution from Surrogates 141 4.5 Spurious Cross-Correlation, Vector Autoregressive Models and Dynamic Regression Models 143 4.5.1 Cross Correlation 143 4.5.2 Vector Autoregression (VAR) Models 146 4.5.3 Coupled Dynamical Systems 149 4.6 Conclusion 150 References 150 5 Network Routing Simulation Using MATLAB 155 5.1 Evaluation of Granger Causality Measures on Known Systems 156 5.1.1 A Historical Viewpoint 158 5.1.2 Application to Recreated Information 164 5.1.3 Application to FMRI BOLD Information from a Visuospatial Consideration Undertaking 170 5.2 Demand Modeling and Performance Measurement 173 5.2.1 Objectives 173 5.2.2 Approach to Model Development 174 5.2.3 Development of Models 175 5.2.4 Outline of Findings from Phase Two: Model Validation 176 5.3 Universal Algorithms and Sequential Algorithms 178 5.3.1 Genetic Algorithm for Improvement Utilizing MATLAB 178 5.3.2 Masses Diversity-Measure-Run, Prosperity Scaling 182 5.4 Acoustic-Centric and Radio-Centric Algorithms 190 5.5 AODV Routing Protocol 194 5.5.1 Keeping Up Sequence Numbers 196 5.5.2 Association Breaks 196 5.5.3 Neighborhood Repairs 197 5.5.4 Security Considerations 197 5.6 Conclusion 203 References 204 6 Wireless Network Simulation Using MATLAB 209 6.1 Radio Propagation for Shadowing Methods 210 6.1.1 Radio Propagation Modeling 210 6.1.2 Partition Dependence 210 6.1.3 Small-Scale Blurring 210 6.1.4 Free-Space Propagation 211 6.1.5 Ray Tracing 212 6.1.6 Indoor Propagation 220 6.1.7 Classic Empirical Models 221 6.1.8 COST 231-Hata Model 221 6.1.9 COST 231-Walfish-Ikegami Model 222 6.1.10 Erceg Model 224 6.1.11 Multiple Slope Models 225 6.2 Mobility: Arbitrary Waypoint Demonstrates 234 6.2.1 Random Waypoint Model 234 6.2.2 Regular Problems with Random Waypoint Model 235 6.2.3 Irregular Waypoint on the Border (RWPB) 235 6.2.4 Markovian Waypoint Model 235 6.3 PHY: SNR-Based Bundle Catches, Communication, Dynamic Transmission Rate and Power 235 6.3.1 Mac: Ieee 802.11 236 6.3.2 IEEE 802.11 RTS/CTS Exchange 237 6.4 NET: Ad Hoc Routing 238 6.4.1 Dynamic Destination Sequenced Distance Vector 240 6.4.2 Wireless Routing Protocol 243 6.4.3 Global State Routing 243 6.4.4 Fisheye State Routing 244 6.4.5 Hierarchical State Routing 244 6.4.6 Zone-Based Hierarchical Link State Routing Protocol 245 6.4.7 Clusterhead Gateway Switch Routing Protocol 246 6.4.8 Cluster-Based Routing Protocols 247 6.4.9 Ad Hoc On-Demand Distance Vector Routing 248 6.4.10 Dynamic Source Routing Protocol 249 6.4.11 Temporally Ordered Routing Algorithm 250 6.4.12 Associativity-based Routing 252 6.4.13 Signal Stability Routing 253 6.5 APP: Overlay Routing Protocols 254 6.5.1 System/Application Designs, Optimizations, and Implementations on Overlay Networks 254 6.5.2 Routing Overlays for VoIP 255 6.5.3 Measurement, Modeling, and Improvement of BitTorrent Overlays 256 6.6 Conclusion 259 References 260 7 Mobility Modeling for Vehicular Communication Networks Using MATLAB 267 7.1 Vehicle Network Toolbox 268 7.1.1 Transmit and Receive CAN Messages 268 7.1.2 Examine Received Messages 271 7.1.3 CAN Message Reception Callback Function 272 7.2 Network Management (NM) 274 7.2.1 Plan Your Network Installation 274 7.2.2 Planning Your Network Installation 275 7.2.3 Setting Up a Remote Client Access Configuration 275 7.2.4 Setting Up Local Client Access Configuration 275 7.3 Interaction Layer 277 7.3.1 Directing Protocols in MANET 278 7.3.2 Specially Appointed On-Demand Distance Vector 278 7.3.3 Dynamic Source Routing (DSR) 278 7.3.4 Diagram of Mobility Model 279 7.3.5 Results and Analysis 280 7.3.6 Association Variation Results 282 7.4 Transport Protocols 285 7.4.1 TCP Transport Protocol 285 7.4.2 User Datagram Protocol, or UDP 286 7.4.3 Reliable Data Protocol, or RDP 286 7.4.4 Transmission Control Protocol, or TCP 286 7.5 Conclusion 287 References 288 8 Case Studies and Sample Codes 291 8.1 Case Determination and Structure 292 8.1.1 Exhibiting Analysis 293 8.1.2 Case Example 293 8.1.3 The Best Strategy 293 8.1.4 Impediment of the Technique 293 8.1.5 Sorts of Contextual Investigations 294 8.1.6 Relevant Examinations in Business 294 8.1.7 Summing Up from Logical Investigations 294 8.1.8 History 295 8.1.9 Related Vocations 295 8.2 Case Study 1: Gas Online 296 8.2.1 Load Data into Project 296 8.2.2 Construct Boundary Models 296 8.3 Case Study 2 302 8.3.1 Case 1: Create a Credit Scorecard Dissent 302 8.3.2 Case 2: Binning Information 304 8.4 Case Study 3: Random Waypoint Mobility Model 306 8.5 Case Study 4: Node localization in Wireless Sensor Network 312 8.6 Case Study 5: LEACH Routing Protocol for a WSN 325 8.7 Conclusion 334 References 334
£164.66
John Wiley & Sons Inc Networking Fundamentals
Book SynopsisA clear and concise resource on Windows networking, perfect for IT beginners Did you know that nearly 85% of IT support roles require a good understanding of networking concepts? If you are looking to advance your IT career, you will need a foundational understanding of Windows networking. Network Fundamentals covers everything you need to know about network infrastructures, hardware, protocols, and services. You will learn everything you need to gain the highly in-demand Networking Fundamentals MTA Certification. This entry-level credential could be your first step into a rewarding, stable and lucrative IT career. This new Sybex guide covers the basics of networking starting from the ground level, so no previous IT knowledge is required. Each chapter features approachable discussion of the latest networking technologies and concepts, closing with a quiz so you can test your knowledge before moving to the next section. Even if you are brand new to computers, Network Fundamentals wilTable of ContentsIntroduction xv Lesson 1 Understanding Local Area Networking 1 Examining Local Area Networks, Devices, and Data Transfer 3 Defining the LAN 3 Identifying Types of LANs 20 Getting to Know Perimeter Networks 23 Identifying Network Topologies and Standards 25 Identifying Network Topologies 25 Defining Ethernet Standards 29 Identifying the Differences Between Client/Server and Peer-to-Peer 32 Skill Summary 36 Knowledge Assessment 38 Multiple Choice 38 Fill in the Blank 40 Business Case Scenarios 41 Scenario 1-1: Planning and Documenting a Basic LAN 41 Scenario 1-2: Selecting the Correct Networking Model 41 Scenario 1-3: Selecting Network Adapters for Your LAN Computers 41 Scenario 1-4: Configuring the Correct Subnet Mask 41 Solutions to Business Case Scenarios 42 Lesson 2 Defining Networks with the OSI Model 43 Understanding OSI Basics 45 Defining the OSI Model Layers 46 Defining the Communications Subnetwork 48 Define the Physical Layer 49 Define the Data Link Layer 51 Understanding Layer 2 Switching 52 Understanding Layer 3 Switching 56 Understanding Characteristics of Switches 56 Defining the Upper OSI Layers 58 Defining the Transport Layer 59 Defining the Session Layer 62 Defining the Presentation Layer 63 Defining the Application Layer 64 Reviewing the OSI Layers 65 Defining the TCP/IP Model 67 Skill Summary 68 Knowledge Assessment 69 Multiple Choice 69 Fill in the Blank 71 Business Case Scenarios 71 Scenario 2-1: Installing the Appropriate Switch 71 Scenario 2-2: Defining the IP Address and Ports Used by Destination Servers 72 Scenario 2-3: Ensuring a Newly Created Email Account’s Logon is Encrypted 72 Scenario 2-4: Creating a Permanent ARP Table Entry 72 Lesson 3 Understanding Wired and Wireless Networks 75 Recognizing Wired Networks and Media Types 77 Identifying and Working with Twisted-Pair Cables 77 Identifying and Working with Fiber-Optic Cable 86 Understanding Wireless Networks 89 Identifying Wireless Devices 89 Identifying Wireless Networking Standards 91 Skill Summary 97 Knowledge Assessment 98 Multiple Choice 98 Fill in the Blank 100 Business Case Scenarios 100 Scenario 3-1: Selecting Channels for a WLAN 100 Scenario 3-2: Running Cable Drops Properly 100 Scenario 3-3: Selecting Network Adapters for Your WLAN Computers 101 Scenario 3-4: Securing a WLAN 101 Lesson 4 Understanding Internet Protocol 103 Working with IPV4 105 Categorizing IPv4 Addresses 105 Default Gateways and DNS Servers 114 Defining Advanced IPv4 Concepts 117 Working with IPV6 129 Understanding IPv6 130 Configuring IPv6 133 Skill Summary 140 Knowledge Assessment 142 Multiple Choice 142 Fill in the Blank 144 Business Case Scenarios 145 Scenario 4-1: Defining a Private Class C IP Network 145 Scenario 4-2: Specifying the Correct Device 145 Scenario 4-3: Implementing the Correct Class Network 145 Scenario 4-4: Implementing the Correct Subnet Mask 145 Lesson 5 Implementing TCP/IP in the Command Line 147 Using Basic TCP/IP Commands 149 Working with the Command Prompt Window 149 Using ipconfig and ping 152 Working with Advanced TCP/IP Commands 162 Using netstat and nbtstat 162 Using tracert and pathping 167 Using nslookup 170 Using ftp and telnet 171 Using Windows PowerShell 173 Using net 180 Skill Summary 188 Knowledge Assessment 189 Multiple Choice 189 Fill in the Blank 192 Business Case Scenarios 195 Scenario 5-1: Connecting to an FTP Server 195 Scenario 5-2: Troubleshooting TCP/IP Results 195 Scenario 5-3: Documenting a Basic Wide Area Network 196 Scenario 5-4: Using Advanced Ping 196 Lesson 6 Working with Networking Services 199 Setting Up Common Networking Services 201 Working with the Dynamic Host Configuration Protocol (DHCP) 202 Introducing Remote Administration 208 Enable Remote Desktop 210 Access Remote Desktop 210 Defining More Networking Services 213 Defining RRAS 213 Defining IPsec 217 Defining Name Resolution Techniques 218 Defining DNS 218 Defining WINS 222 Skill Summary 223 Knowledge Assessment 225 Multiple Choice 225 Fill in the Blank 227 Business Case Scenarios 227 Scenario 6-1: Selecting the Appropriate Services 227 Scenario 6-2: Selecting the Appropriate Services 228 Scenario 6-3: Setting Up a DHCP Server 228 Scenario 6-4: Setting Up a New DHCP and Migrating Old Computers 228 Scenario 6-5: Managing Remote Connections 228 Lesson 7 Understanding Wide Area Networks 231 Understanding Routing 233 Identifying Static and Dynamic Routing 233 Understanding Quality of Service (QOS) 237 Defining Common WAN Technologies and Connections 239 Defining Packet Switching 239 Defining T-Carriers 249 Defining Other WAN Technologies and Internet Connectivity 250 Skill Summary 252 Knowledge Assessment 254 Multiple Choice 254 Fill in the Blank 256 Business Case Scenarios 256 Scenario 7-1: Selecting the Appropriate Service and Protocol 256 Scenario 7-2: Selecting the Appropriate WAN Technology 256 Scenario 7-3: Recommending the Right Service 257 Scenario 7-4: Setting Up Routes to Other Networks 257 Lesson 8 Defining Network Infrastructures and Network Security 259 Understanding Networks Outside the LAN 261 Defining the Internet 261 Defining Intranets and Extranets 262 Configuring VPN Connections and Authentication 264 Selecting Types of VPN Protocols 265 Selecting Authentication for VPN Connections 267 Creating a VPN Connection Using the Create a VPN Connection Wizard 268 Creating a VPN Connection Using Windows 10 Settings 270 Using Connection Manager (CM) and the Connection Manager Administration Kit (CMAK) 272 Understanding Security Devices and Zones 273 Defining Firewalls and Other Perimeter Security Devices 273 Redefining the DMZ 277 Putting It All Together 278 Skill Summary 281 Knowledge Assessment 282 Multiple Choice 282 Fill in the Blank 284 Business Case Scenarios 285 Scenario 8-1: Setting Up a DMZ 285 Scenario 8-2: Selecting the Appropriate Solution 285 Scenario 8-3: Setting Up a PPTP Server 285 Scenario 8-4: Creating a WAN with VPN 286 Appendix Answer Key 289 Lesson 1: Understanding Local Area Networking 290 Answers to Knowledge Assessment 290 Answers to Business Case Scenarios 291 Lesson 2: Defining Networks with the OSI Model 292 Answers to Knowledge Assessment 292 Answers to Business Case Scenarios 293 Lesson 3: Understanding Wired and Wireless Networks 293 Answers to Knowledge Assessment 293 Answers to Business Case Scenarios 294 Lesson 4: Understanding Internet Protocol 295 Answers to Knowledge Assessment 295 Answers to Business Case Scenarios 296 Lesson 5: Implementing TCP/IP in the Command Line 297 Answers to Knowledge Assessment 297 Answers to Business Case Scenarios 298 Lesson 6: Working with Networking Services 298 Answers to Knowledge Assessment 298 Answers to Business Case Scenarios 299 Lesson 7: Understanding Wide Area Networks 301 Answers to Knowledge Assessment 301 Answers to Business Case Scenarios 302 Lesson 8: Defining Network Infrastructure and Network Security 302 Answers to Knowledge Assessment 302 Answers to Business Case Scenarios 303 Index 305
£26.34
John Wiley & Sons Inc Understanding Cisco Networking Technologies
Book SynopsisLeading Cisco authority Todd Lammle helps you gain insights into the new core Cisco network technologies Understanding Cisco Networking Technologies is an important resource for those preparing for the new Cisco Certified Network Associate (CCNA) certification exam as well as IT professionals looking to understand Cisco's latest networking products, services, and technologies. Written by bestselling author and internationally recognized Cisco expert Todd Lammle, this in-depth guide provides the fundamental knowledge required to implement and administer a broad range of modern networking and IT infrastructure. Cisco is the worldwide leader in network technologies80% of the routers on the Internet are Cisco. This authoritative book provides you with a solid foundation in Cisco networking, enabling you to apply your technical knowledge to real-world tasks. Clear and accurate chapters cover topics including routers, switches, controllers and other network comTable of ContentsIntroduction xvii Chapter 1 Internetworking 1 Internetworking Basics 2 Internetworking Models 10 The Layered Approach 11 Advantages of Reference Models 12 The OSI Reference Model 12 The Application Layer 14 The Presentation Layer 15 The Session Layer 16 The Transport Layer 16 The Network Layer 21 The Data Link Layer 23 The Physical Layer 26 Summary 29 Chapter 2 Ethernet Networking and Data Encapsulation 31 Ethernet Networks in Review 32 Collision Domain 32 Broadcast Domain 34 CSMA/CD 35 Half- and Full-Duplex Ethernet 36 Ethernet at the Data Link Layer 38 Ethernet at the Physical Layer 45 Ethernet Cabling 48 Straight-Through Cable 49 Crossover Cable 49 Rolled Cable 51 Fiber Optic 53 Data Encapsulation 55 The Cisco Three-Layer Hierarchical Model 59 The Core Layer 60 The Distribution Layer 60 The Access Layer 61 Summary 61 Chapter 3 Introduction to TCP/IP 63 Introducing TCP/IP 64 A Brief History of TCP/IP 64 TCP/IP and the DoD Model 65 The Process/Application Layer Protocols 66 The Host-to-Host or Transport Layer Protocols 76 The Internet Layer Protocols 85 IP Addressing 93 IP Terminology 94 The Hierarchical IP Addressing Scheme 94 Private IP Addresses (RFC 1918) 99 IPv4 Address Types 101 Layer 2 Broadcasts 101 Layer 3 Broadcasts 102 Unicast Address 102 Multicast Address 103 Summary 104 Chapter 4 Easy Subnetting 105 Subnetting Basics 106 How to Create Subnets 107 Subnet Masks 108 Classless Inter-Domain Routing (CIDR) 109 IP Subnet-Zero 111 Subnetting Class C Addresses 112 Subnetting Class B Addresses 123 Summary 131 Chapter 5 Troubleshooting IP Addressing 133 Cisco’s Way of Troubleshooting IP 134 Determining IP Address Problems 137 Summary 141 Chapter 6 Cisco’s Internetworking Operating System (IOS) 143 The IOS User Interface 144 Cisco IOS 144 Connecting to a Cisco IOS Device 145 Bringing Up a Switch 147 Command-Line Interface (CLI) 147 Entering the CLI 148 Overview of Router Modes 148 CLI Prompts 149 Editing and Help Features 151 Administrative Configurations 156 Hostnames 157 Banners 157 Setting Passwords 159 Encrypting Your Passwords 165 Descriptions 166 Router and Switch Interfaces 169 Bringing Up an Interface 172 Viewing, Saving, and Erasing Configurations 177 Deleting the Configuration and Reloading the Device 179 Verifying Your Configuration 179 Summary 192 Chapter 7 Managing a Cisco Internetwork 193 The Internal Components of a Cisco Router and Switch 194 The Router and Switch Boot Sequence 195 Backing Up and Restoring the Cisco Configuration 196 Backing Up the Cisco Configuration 197 Restoring the Cisco Configuration 199 Erasing the Configuration 199 Configuring DHCP 200 DHCP Relay 202 Verifying DHCP on Cisco IOS 202 Using Telnet 203 Telnetting into Multiple Devices Simultaneously 205 Checking Telnet Connections 205 Checking Telnet Users 206 Closing Telnet Sessions 206 Resolving Hostnames 206 Building a Host Table 207 Using DNS to Resolve Names 208 Checking Network Connectivity and Troubleshooting 210 Using the ping Command 210 Using the traceroute Command 211 Debugging 212 Using the show processes Command 215 Summary 215 Chapter 8 Managing Cisco Devices 217 Managing the Configuration Register 218 Understanding the Configuration Register Bits 218 Checking the Current Configuration Register Value 220 Boot System Commands 221 Recovering Passwords 222 Backing Up and Restoring the Cisco IOS 224 Verifying Flash Memory 226 Backing Up the Cisco IOS 227 Restoring or Upgrading the Cisco Router IOS 227 Using the Cisco IOS File System (Cisco IFS) 230 Licensing 235 Right-To-Use Licenses (Evaluation Licenses) 237 Backing Up and Uninstalling the License 240 Summary 241 Chapter 9 IP Routing 243 Routing Basics 245 The IP Routing Process 247 The Cisco Router Internal Process 253 Testing Your IP Routing Understanding 254 Configuring IP Routing 258 Corp Configuration 259 SF Configuration 261 LA Configuration 265 Configuring IP Routing in Our Network 267 Static Routing 268 Default Routing 273 Dynamic Routing 276 Routing Protocol Basics 276 Routing Information Protocol (RIP) 278 Configuring RIP Routing 279 Holding Down RIP Propagations 282 Summary 284 Chapter 10 Wide Area Networks 287 Introduction to Wide Area Networks 288 WAN Topology Options 289 Defining WAN Terms 291 WAN Connection Bandwidth 292 WAN Connection Types 293 WAN Support 294 Cabling the Serial Wide Area Network 297 Serial Transmission 297 Data Terminal Equipment and Data Communication Equipment 298 High-Level Data-Link Control (HDLC) Protocol 299 Point-to-Point Protocol (PPP) 301 Link Control Protocol (LCP) Configuration Options 303 PPP Session Establishment 303 PPP Authentication Methods 304 Configuring PPP on Cisco Routers 304 Configuring PPP Authentication 305 Verifying and Troubleshooting Serial Links 305 Multilink PPP (MLP) 311 PPP Client (PPPoE) 314 Configuring a PPPoE client 315 Summary 316 Glossary 317 Index 365
£30.39
John Wiley & Sons Inc CCNA Certification Study Guide
Book SynopsisCisco expert Todd Lammle prepares you for the NEW Cisco CCNA certification exam! Cisco, the world leader in network technologies, has released the new Cisco Certified Network Associate (CCNA) exam. This consolidated certification exam tests a candidate's ability to implement and administer a wide range of modern IT networking technologies. The CCNA Certification Study Guide: Volume 2 Exam 200-301 covers every exam objective, including network components, IP connectivity and routing, network security, virtual networking, and much more. Clear and accurate chapters provide you with real-world examples, hands-on activities, in-depth explanations, and numerous review questions to ensure that you're fully prepared on exam day. Written by the leading expert on Cisco technologies and certifications, this comprehensive exam guide includes access to the acclaimed Sybex online learning systeman interactive environment featuring practice exams, electronic flashcards,Table of ContentsIntroduction xxv Assessment Test xl Chapter 1 Network Fundamentals 1 Network Components 2 Next-Generation Firewalls and IPS 6 Network Topology Architectures 10 Physical Interfaces and Cables 17 Ethernet Cabling 19 Summary 24 Exam Essentials 24 Review Questions 26 Chapter 2 TCP/IP 29 Introducing TCP/IP 30 TCP/IP and the DoD Model 31 IP Addressing 60 IPv4 Address Types 67 Summary 71 Exam Essentials 71 Review Questions 73 Chapter 3 Easy Subnetting 75 Subnetting Basics 76 Summary 102 Exam Essentials 102 Review Questions 103 Chapter 4 Troubleshooting IP Addressing 105 Cisco’s Way of Troubleshooting IP 106 Summary 114 Exam Essentials 114 Review Questions 115 Chapter 5 IP Routing 117 Routing Basics 119 The IP Routing Process 121 Configuring IP Routing 132 Configuring IP Routing in Our Network 141 Dynamic Routing 150 Routing Information Protocol (RIP) 152 Summary 159 Exam Essentials 159 Review Questions 161 Chapter 6 Open Shortest Path First (OSPF) 163 Open Shortest Path First (OSPF) Basics 164 Configuring OSPF 171 OSPF and Loopback Interfaces 179 Verifying OSPF Configuration 182 Summary 188 Exam Essentials 188 Review Questions 189 Chapter 7 Layer 2 Switching 193 Switching Services 194 Configuring Catalyst Switches 204 Summary 215 Exam Essentials 215 Review Questions 216 Chapter 8 VLANs and Inter-VLAN Routing 219 VLAN Basics 220 Identifying VLANs 224 Routing Between VLANs 229 Configuring VLANs 231 Summary 247 Exam Essentials 247 Review Questions 248 Chapter 9 Enhanced Switched Technologies 251 Spanning Tree Protocol (STP) 252 Types of Spanning-Tree Protocols 259 Modifying and Verifying the Bridge ID 267 Spanning-Tree Failure Consequences 273 PortFast and BPDU Guard 275 EtherChannel 278 Summary 284 Exam Essentials 284 Review Questions 285 Chapter 10 Access Lists 289 Perimeter, Firewall, and Internal Routers 290 Introduction to Access Lists 291 Standard Access Lists 295 Extended Access Lists 303 Monitoring Access Lists 313 Summary 316 Exam Essentials 316 Review Questions 317 Chapter 11 Network Address Translation (NAT) 319 When Do We Use NAT? 320 Types of Network Address Translation 322 NAT Names 322 How NAT Works 323 Testing and Troubleshooting NAT 328 Summary 333 Exam Essentials 333 Review Questions 334 Chapter 12 IP Services 337 Exploring Connected Devices Using CDP and LLDP 338 Network Time Protocol (NTP) 347 SNMP 348 Syslog 352 Secure Shell (SSH) 357 Summary 358 Exam Essentials 358 Review Questions 360 Chapter 13 Security 363 Network Security Threats 365 Three Primary Network Attacks 365 Network Attacks 366 Security Program Elements 374 Layer 2 Security Features 378 Authentication Methods 381 Managing User Accounts 386 Security Password Policy Elements 389 User-Authentication Methods 398 Setting Passwords 400 Summary 407 Exam Essentials 407 Review Questions 408 Chapter 14 First Hop Redundancy Protocol (HSRP) 411 Client Redundancy Issues 412 Introducing First Hop Redundancy Protocol (FHRP) 414 Hot Standby Router Protocol (HSRP) 416 Summary 429 Exam Essentials 429 Review Questions 430 Chapter 15 Virtual Private Networks (VPNs) 433 Virtual Private Networks 434 GRE Tunnels 441 Summary 447 Exam Essentials 447 Review Questions 448 Chapter 16 Quality of Service (QoS) 451 Quality of Service 452 Trust Boundary 454 QoS Mechanisms 455 Summary 461 Exam Essentials 461 Review Questions 462 Chapter 17 Internet Protocol Version 6 (IPv6) 465 Why Do We Need IPv6? 467 The Benefits and Uses of IPv6 467 IPv6 Addressing and Expressions 469 How IPv6 Works in an Internetwork 473 IPv6 Routing Protocols 483 Configuring IPv6 on Our Internetwork 484 Configuring Routing on Our Internetwork 487 Summary 490 Exam Essentials 490 Review Questions 492 Chapter 18 Troubleshooting IP, IPv6, and VLANs 495 Endpoints 496 Servers 497 IP Config 498 Troubleshooting IP Network Connectivity 507 Troubleshooting IPv6 Network Connectivity 522 Troubleshooting VLAN Connectivity 531 Summary 544 Exam Essentials 545 Review Questions 546 Chapter 19 Wireless Technologies 549 Wireless Networks 551 Basic Wireless Devices 553 Wireless Principles 556 Nonoverlapping Wi-Fi channels 565 Radio Frequency (RF) 569 Wireless Security 581 Summary 588 Exam Essentials 588 Review Question 590 Chapter 20 Configuring Wireless Technologies 595 WLAN Deployment Models 596 Setting Up a Wireless LAN Controller (WLC) 602 Joining Access Points (APs) 607 Wireless LAN Controllers (WLC) 610 WLC Port Types 611 WLC Interface Types 614 AP Modes 629 AP and WLC Management Access Connections 633 Summary 655 Exam Essentials 655 Review Questions 657 Chapter 21 Virtualization, Automation, and Programmability 661 Virtual Machine Fundamentals 662 Virtualization Components 665 Virtualization Features 666 Virtualization Types 668 Virtualization Solutions 669 Automation Components 670 Summary 684 Exam Essentials 684 Review Questions 685 Chapter 22 SDN Controllers 689 Traditional Network Monitoring Systems (NMS) 690 Traditional Network Configuration Managers (NCM) 699 Traditional Networking 702 Introduction to SDN 706 Separating the Control Plane 709 Controller-Based Architectures 710 SDN Network Components 712 DNA Center Overview 718 Summary 736 Exam Essentials 737 Review Questions 738 Chapter 23 Configuration Management 743 Team Silos 744 DevOps 748 Infrastructure as Code (IaC) 748 Ansible 750 Ansible Tower/AWX 763 Puppet 764 Chef 772 Summary 781 Exam Essentials 782 Review Questions 783 Appendix Answer to Review Questions 787 Chapter 1: Network Fundamentals 788 Chapter 2: TCP/IP 788 Chapter 3: Easy Subnetting 789 Chapter 4: Troubleshooting IP Addressing 790 Chapter 5: IP Routing 791 Chapter 6: Open Shortest Path First (OSPF) 792 Chapter 7: Layer 2 Switching 792 Chapter 8: VLANs and Inter-VLAN Routing 794 Chapter 9: Enhanced Switched Technologies 795 Chapter 10: Access Lists 796 Chapter 11: Network Address Translation (NAT) 797 Chapter 12: IP Services 797 Chapter 13: Security 798 Chapter 14: First Hop Redundancy Protocol (HSRP) 799 Chapter 15: Virtual Private Networks (VPNs) 800 Chapter 16: Quality of Service (QoS) 801 Chapter 17: Internet Protocol Version 6 (IPv6) 802 Chapter 18: Troubleshooting IP, IPv6, and VLANs 803 Chapter 19: Wireless Technologies 803 Chapter 20: Configuring Wireless Technologies 805 Chapter 21: Virtualization, Automation, and Programmability 806 Chapter 22: SDN Controllers 806 Chapter 23: Configuration Management 808 Index 809
£40.80
John Wiley & Sons Inc Cisco CCNA Certification 2 Volume Set
Book Synopsis
£52.50
John Wiley & Sons Inc Mastering Microsoft Teams
Book SynopsisGet the most out of Microsoft Teams with this comprehensive and insightful resource Mastering Microsoft Teams: Creating a Hub for Successful Teamwork in Office 365shows readers howto communicate intelligently and effectively within Microsoft's powerful Office 365.This book covers all the topics required for a full and comprehensive understanding of collaborating within the Microsoft suite of software, including: Architecture Implementing Teams Teams and Channels Chats, Calls and Meetings Extending Teams with Custom Apps Conferencing Security and Compliance Best Practices for Organizational Success Written for IT administrators, managers, supervisors,and team members who participate or want to participate in a Microsoft Teams environment,Mastering Microsoft Teamsintroduces readers to the architecture and structure of the software before showing, in a straightforward and simpTable of ContentsIntroduction xv Chapter 1 Getting to Know Microsoft Teams 1 Overview of Microsoft Teams 1 Key Benefits of Microsoft Teams 2 Teams for Work 3 Teams for Home 10 Teams for Education 11 Microsoft Teams Collaboration and Acknowledgment 17 Environmental Readiness and User Adoption 18 Teams Adoption 18 Teams Architecture 21 Teams and Microsoft 365 21 The Bottom Line 22 Chapter 2 Teams, Channels, Chats, and Apps 25 Overview of Teams, Channels, Chats, and Apps 25 Teams and Channels 25 Chats 33 Teams Apps 37 Best Practices 40 Team Membership and Roles 41 Creating and Managing Teams 42 Org-wide Teams 43 Team Settings 45 Best Practices 56 Working with Channels 59 Creating Channels 59 Channel Moderation 59 Sending Messages in a Channel 60 Sending Announcements in a Channel 60 Cross-Post a Channel Conversation 63 Best Practices 63 Teams Templates 66 User Presence in Microsoft Teams 70 Status Duration Setting 70 The Bottom Line 72 Chapter 3 Meetings and Conferencing 73 Overview of Meetings and Conferencing 73 Meetings and Conferencing Prerequisites 74 Meetings in Teams 74 Private Meetings vs. Channel Meetings 74 Scheduling a Meeting 78 Joining a Meeting 83 Using Video in Microsoft Teams 87 Recording a Meeting 91 Meeting Notes 93 Meeting Etiquette and Tips 94 Calls in Teams 95 Turn a Chat into a Call 95 Adding Additional People to Call Started from Chat 96 See Your Call History 97 Recommendations and Tips 98 Live Events 98 Event Group Roles 98 Live Event Permissions 100 Scheduling 101 Production 101 Streaming Platform 102 Enterprise Content Delivery Network 103 Attendee Experience 103 Live Event Usage Report 103 Webinars 103 Breakout Rooms 104 Audio Conferencing 105 What Is Audio Conferencing? 105 Conferencing Bridges and Phone Numbers 105 The Bottom Line 105 Chapter 4 Extending Teams with Apps 107 Teams App Platform 107 Core Workloads and Extensible Platform 107 Types of Apps in Microsoft Teams 108 Understanding Apps in Teams 109 Teams App Capabilities 109 Apps Scope 117 Personal Apps 117 Microsoft Apps 117 Third-Party Apps 118 Extending with Custom Apps 121 Teams App Templates 121 Power Platform (Low/No Code) 133 Microsoft Teams App Development Platform 146 The Bottom Line 147 Chapter 5 Administering Teams 149 Teams Administrator Roles 149 Teams Admin Center 150 Teams Menu 150 Teams Policies 154 Update Policies 157 Teams Templates 157 Template Policies 159 Meetings Menu 160 Conference Bridges 161 Meeting Policies 161 Meeting Settings 166 Live Events 168 Messaging Policies Menu 169 Users Menu 171 Guest Access and External Access 171 Teams Settings 172 Teams Apps Menu 176 Manage Apps 176 Permission Policies 177 Setup Policies 180 Customize Store 181 Analytics & Reports Menu 187 The Bottom Line 188 Chapter 6 Security, Compliance, and Governance 191 Security 191 Identity Models and Authentication 191 Multi-Factor Authentication 192 Safe Links 192 Compliance and Governance 195 Information Retention 196 Information Barriers 197 Retention Policies 198 Retention Policies for Microsoft Teams 199 Communication Compliance 200 Communication Compliance in Microsoft Teams 201 Policy-Based Recording for Calls and Meetings 204 Sensitivity Labels 205 Data Loss Prevention 212 Privacy and Microsoft Teams 218 Data Location in Microsoft Teams 218 The Bottom Line 219 Appendix A Accessing Teams 221 Microsoft Teams App 221 Browser Client 221 Desktop Client 225 Mobile Client 230 Appendix B The Bottom Line 235 Chapter 1: Getting to Know Microsoft Teams 235 Chapter 2: Teams, Channels, Chats, and Apps 236 Chapter 3: Meetings and Conferencing 237 Chapter 4: Extending Teams with Apps 239 Chapter 5: Administering Teams 239 Chapter 6: Security, Compliance, and Governance 240 Index 241
£27.99
