Computer networking and communications Books
Cengage Learning, Inc CompTIA Network Guide to Networks Cengage
Book SynopsisMaster the technical skills and industry knowledge for an exciting career installing, configuring and troubleshooting computer networks with West's COMPTIA NETWORK+ GUIDE TO NETWORKS, CENGAGE INTERNATIONAL EDITION, 10th Edition, which prepares you for success on the CompTIA's Network+ N10-009 certification exam as content corresponds to all exam objectives, including protocols, topologies, hardware, cloud, network design, security and troubleshooting. Step-by-step instructions and cloud, virtualization and simulation projects give you experience working with hardware, software, operating systems and device interactions. Stories from professionals, discussion prompts, scenario-based practice exam questions, hands-on activities and projects help you explore key concepts. Gain problem-solving tools for any computing environment. MindTap digital resources are also available for additional practice and certification prep.
£76.99
Pearson Education Designing RealWorld Multidomain Networks
Book SynopsisDhrumil Prajapati: Dhrumil is a principal architect within Cisco CX's GES Architecture team. His focus lies on multi-domain networks, and he has been offering a complete lifecycle of professional services and architecture advisory for the past 13 years. His expertise extends to serving enterprise, government, and service provider entities across the globe. His services are designed to assist clients in planning, designing, deploying, managing, and interoperating all networking technology domains within their private or public infrastructure and application environments. In his networking career, Dhrumil has designed networks for more than 150 organizations, which inspired him to write a book on the subject. He is a coauthor of Cisco SD-Access for Industry Verticals (https://cs.co/sda-verticals-book), and holds patents and has given multiple presentations in Cisco Live on SD-Access and multi-domain. Dhrumil holds dua
£40.49
Pearson Education (US) The AI Revolution in Networking Cybersecurity and
Book SynopsisOmar Santos is a cybersecurity thought leader with a passion for driving industry-wide initiatives to enhance the security of critical infrastructures. Omar is the lead of the DEF CON Red Team Village, chair of the Common Security Advisory Framework (CSAF) technical committee, and board member of the OASIS Open standards organization. Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is a renowned expert in ethical hacking, vulnerability research, and incident response. He employs his deep understanding of these disciplines to help organizations stay ahead of emerging threats. His dedication to cybersecurity has made a significant impact on businesses, academic institutions, law enforcement agencies, and other entities striving to bolster their security measures. With over twenty books, video courses, Trade Review“As AI promises to revolutionize many aspects of work and society, there is a critical need for IT professionals to understand how AI can help them in practice. This book provides a highly accessible overview of how new and emerging AI capabilities can improve many key areas of IT. The authors were early industry pioneers in applying AI to improve networking, cybersecurity, and the design & operation of AI-based systems for large enterprises -- and their real-world AI experience is clearly shown throughout the book.”--John Apostolopoulos, Area Tech Lead Communication & Collaboration, Google, formerly VP/CTO Enterprise Networking Business, CiscoTable of ContentsPreface xix Chapter 1. Introducing the Age of AI: Emergence, Growth, and Impact on Technology 1 The End of Human Civilization 2 Significant Milestones in AI Development (This Book Is Already Obsolete) 2 The AI Black Box Problem and Explainable AI 5 What's the Difference Between Large Language Models and Traditional Machine Learning? 6 Hugging Face Hub: A Game-Changer in Collaborative Machine Learning 12 AI's Expansion Across Industries: Networking, Cloud Computing, Security, Collaboration, and IoT 14 AI's Impacts on the Job Market 15 AI's Impacts on Security, Ethics, and Privacy 17 Summary 30 References 31 Chapter 2. Connected Intelligence: AI in Computer Networking 33 The Role of AI in Computer Networking 34 AI for Network Management 37 AI for Network Optimization 45 AI for Network Security 49 AI for Traffic Classification and Prediction 52 AI in Network Digital Twins 54 Summary 55 References 56 Chapter 3. Securing the Digital Frontier: AI's Role in Cybersecurity 59 AI in Incident Response: Analyzing Potential Indicators to Determine the Type of Attack 59 AI in Vulnerability Management and Vulnerability Prioritization 71 AI in Security Governance, Policies, Processes, and Procedures 73 Using AI to Create Secure Network Designs 74 AI and Security Implications of IoT, OT, Embedded, and Specialized Systems 75 AI and Physical Security 76 AI in Security Assessments, Red Teaming, and Penetration Testing 77 AI in Identity and Account Management 80 Using AI for Fraud Detection and Prevention 86 AI and Cryptography 87 AI in Secure Application Development, Deployment, and Automation 90 Summary 93 References 94 Chapter 4. AI and Collaboration Building Bridges, Not Walls 95 Collaboration Tools and the Future of Work 96 AI for Collaboration 101 The Contact Center: A Bridge to Customers 109 AR/VR: A Closer Look 113 Affective Computing 116 Summary 116 References 117 Chapter 5. AI in the Internet of Things (AIoT) 119 Understanding the IoT Landscape 120 AI for Data Analytics and Decision Making 122 AI for IoT Resource Optimization 125 AI for IoT in Supply Chain 127 AI for IoT Security 130 AI for IoT in Sustainability 133 Summary 137 References 137 Chapter 6. Revolutionizing Cloud Computing with AI 139 Understanding the Cloud Computing Environment 139 AI in Cloud Infrastructure Management 145 AI for Cloud Security 147 AI for Cloud Optimization 151 AI and Machine Learning as a Service 153 Challenges of AI and Machine Learning in the Cloud 158 What Lies Ahead 158 References 159 Chapter 7. Impact of AI in Other Emerging Technologies 161 Executive Order on the Development and Use of Artificial Intelligence 162 AI in Quantum Computing 163 How AI Can Revolutionize Quantum Hardware Optimization 167 Data Analysis and Interpretation 168 AI in Blockchain Technologies 169 AI in Autonomous Vehicles and Drones 175 AI in Edge Computing 175 Summary 183 References 184 Index 185
£26.59
McGraw-Hill Education - Europe Incident Response Computer Forensics Third
Book SynopsisPublisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.The definitive guide to incident response--updated for the first time in a decade!Thoroughly revised to cover the latest and most effective tools and techniques, Incident Response & Computer Forensics, Third Edition arms you with the information you need to get your organization out of trouble when data breaches occur. This practical resource covers the entire lifecycle of incident response, including preparation, data collection, data analysis, and remediation. Real-world case studies reveal the methodsbehind--and remediation strategies for--today's most insidious attacks. Architect an infrastructure that allows for methodical investigation and remediation Develop leads, identify indicators of compromise, and determinTable of ContentsPart 1 PREPARING FOR THE INEVITABLE INCIDENT1Real World Incidents2IR Management Handbook3Pre-Incident PreparationPart 2 INCIDENT DETECTION AND CHARACTERIZATION4Getting the Investigation Started5Initial Development of Leads6Discovering the Scope of the Incident Part 3 DATA COLLECTION7Live Data Collection8Forensic Duplication9Network Evidence10Enterprise ServicesPart 4 DATA ANALYSIS11Analysis Methodology12Investigating Windows Systems13Investigating MacOS Systems14Investigating Applications15Malware Triage16Report WritingPart 5 REMEDIATION17Remediation Introduction18Remediation Case StudiesPart 6 APPENDICESApp AAnswers to QuestionsApp BIncident Response Forms
£39.99
Manning Publications Well-Grounded Java Developer, The
Book SynopsisUnderstanding Java from the JVM up gives you a solid foundation to grow your expertise and take on advanced techniques for performance, concurrency, containerization, and more. In The Well-Grounded Java Developer, Second Edition you will learn: The new Java module system and why you should use it Bytecode for the JVM, including operations and classloading Performance tuning the JVM Working with Java's built-in concurrency and expanded options Programming in Kotlin and Clojure on the JVM Maximizing the benefits from your build/CI tooling with Maven and Gradle Running the JVM in containers Planning for future JVM releases The Well-Grounded Java Developer, Second Edition introduces both the modern innovations and timeless fundamentals you need to know to become a Java master. Authors Ben Evans, Martijn Verburg, and Jason Clark distil their decades of experience as Java Champions, veteran developers, and key contributors to the Java ecosystem into this clear and practical guide. about the technology Java's history of innovation, its huge collection of libraries and frameworks, and the flexibility of the JVM have cemented its place as one of the world's most popular programming languages. Although it's easy to get started with Java, understanding how the language intersects with the JVM is the key to unlocking the power of this awesome language and its deep ecosystem of frameworks, tools, and alternative JVM-based languages. about the book The Well-Grounded Java Developer, Second Edition is a complete revision of the classic original with the latest innovations of the Java platform. It upgrades your existing Java skills with both JVM fundamentals like bytecode, and powerful new features such as modules and concurrency models. You'll broaden your understanding of what's possible by exploring Kotlin and other JVM languages, and learn how functional programming can offer a powerful new perspective. Each concept is illustrated with hands-on examples, including a fully modularized application/library, build setups for Maven and Gradle, and creating your own multithreaded application.Trade Review'A required read to understand new technologies.' Michael Haller 'Provides a lot of great material and helps Java developers discover the "known unknowns" to build their breadth of knowledge that can be leveraged for exploring specific topics in more depth.' Andy Keffalas 'A really good foundation for leveling up your Java development skills. This is a great resource for anybody wanting to dig deeper into the Java ecosystem and learn more about how Java works.' Jared Duncan 'This is a fantastic book to reach beyond the typical Java developer environment.' Matt D.Table of Contentstable of contents PART 1: FROM 8 TO 11 TO 17 READ IN LIVEBOOK 1INTRODUCING MODERN JAVA READ IN LIVEBOOK 2JAVA MODULES READ IN LIVEBOOK 3JAVA 17 PART 2: UNDER THE HOOD READ IN LIVEBOOK 4CLASS FILES AND BYTECODE READ IN LIVEBOOK 5JAVA CONCURRENCY FUNDAMENTALS READ IN LIVEBOOK 6JDK CONCURRENCY LIBRARIES 7 UNDERSTANDING JAVA PERFORMANCE PART 3: NON-JAVA LANGUAGES ON THE JVM READ IN LIVEBOOK 8ALTERNATIVE JVM LANGUAGES READ IN LIVEBOOK 9KOTLIN READ IN LIVEBOOK 10CLOJURE: A DIFFERENT VIEW OF PROGRAMMING PART 4: BUILD AND DEPLOYMENT READ IN LIVEBOOK 11BUILDING WITH GRADLE & MAVEN 12 RUNNING JAVA IN CONTAINERS READ IN LIVEBOOK 13TESTING FUNDAMENTALS 14 TESTING BEYOND JUNIT PART 5: NEW FRONTIERS READ IN LIVEBOOK 15ADVANCED FUNCTIONAL PROGRAMMING 16 ADVANCED CONCURRENT PROGRAMMING 17 MODERN INTERNALS 18 JAVA BEYOND 11 APPENDIXES APPENDIX A: INSTALLING JAVA 11 & BUILDS AND LICENSES APPENDIX B: REVIEW OF STREAMS AND FUNCTIONAL PROGRAMMING IN JAVA
£41.39
John Wiley & Sons CISA Certified Information Systems Auditor
Book Synopsis
£33.24
Pearson Education (US) Cisco SoftwareDefined Access
Book SynopsisJason Gooley, CCIE No. 38759 (RS and SP), is a very enthusiastic and spontaneous person who has more than 25 years of experience in the industry. Currently, Jason works as a technical evangelist for the Worldwide Enterprise Networking sales team at Cisco Systems. Jason is very passionate about helping others in the industry succeed. In addition to being a Cisco Press author, Jason is a distinguished speaker at CiscoLive, contributes to the development of the Cisco CCIE and DevNet exams, provides training for Learning@Cisco, is an active CCIE mentor, is a committee member for the Cisco Continuing Education Program (CE), and is a program committee member of the Chicago Network Operators Group (CHI-NOG), www.chinog.org. Jason also hosts a show called MetalDevOps. Jason can be found at www.MetalDevOps.com, @MetalDevOps, and @Jason_Gooley on all social media platforms. Roddie Hasan, CCIE No. 7472 (RS), is a technical solutions architect for CiTable of ContentsIntroduction xviiChapter 1 Today’s Networks and the Drivers for Change 1Networks of Today 1Common Business and IT Trends 4Common Desired Benefits 5High-Level Design Considerations 6Cisco Digital Network Architecture 10Past Solutions to Today’s Problems 12 Spanning-Tree and Layer 2–Based Networks 13Introduction to Multidomain 16 Cloud Trends and Adoption 18Summary 20Chapter 2 Introduction to Cisco Software-Defined Access 21Challenges with Today’s Networks 22Software-Defined Networking 22Cisco Software-Defined Access 23 Cisco Campus Fabric Architecture 24 Campus Fabric Fundamentals 25 Cisco SD-Access Roles 27Network Access Control 30 Why Network Access Control? 31Introduction to Cisco Identity Services Engine 32 Overview of Cisco Identity Services Engine 32 Cisco ISE Features 34 Secure Access 34 Device Administration 37 Guest Access 38 Profiling 40 Bring Your Own Device 45 Compliance 46 Integrations with pxGrid 48 Cisco ISE Design Considerations 50 Cisco ISE Architecture 50 Cisco ISE Deployment Options 51 Standalone Deployment 51 Distributed Deployment 51 Dedicated Distributed Deployment 52Segmentation with Cisco TrustSec 54 Cisco TrustSec Functions 54 Classification 55 Propagation 55 Enforcement 57Summary 58Chapter 3 Introduction to Cisco DNA Center 59Network Planning and Deployment Trends 59History of Automation Tools 60Cisco DNA Center Overview 62Design and Visualization of the Network 64 Site Design and Layout 64 Network Settings 69 Wireless Deployments 70Network Discovery and Inventory 72 Discovery Tool 72 Inventory 74Device Configuration and Provisioning 77Summary 79Chapter 4 Cisco Software-Defined Access Fundamentals 81Network Topologies 81Cisco Software-Defined Access Underlay 82 Manual Underlay 83 Automated Underlay: LAN Automation 84Wireless LAN Controllers and Access Points in Cisco Software-Defined Access 89Shared Services 90Transit Networks 91 IP-Based Transit 91 SD-Access Transit 92Fabric Creation 92 Fabric Location 93 Fabric VNs 94Fabric Device Roles 94 Control Plane 95 Fabric Borders 96 Border Automation 98 Border and Control Plane Collocation 99 Fabric Edge Nodes 100 Intermediate Nodes 103 External Connectivity 104 Fusion Router 104Host Onboarding 105 Authentication Templates 105 VN to IP Pool Mapping 106 SSID to IP Pool Mapping 108 Switchport Override 109Summary 110References in This Chapter 110Chapter 5 Cisco Identity Services Engine with Cisco DNA Center 111Policy Management in Cisco DNA Center with Cisco ISE 112 Integration of Cisco DNA Center and ISE 113 Certificates in Cisco DNA Center 113 Certificates on Cisco Identity Services Engine 115 Cisco ISE and Cisco DNA Center Integration Process 116Group-Based Access Control 122Segmentation with Third-Party RADIUS Server 126Secure Host Onboarding in Enterprise Networks 128 Endpoint Host Modes in 802.1X 128 Single-Host Mode 128 Multi-Host Mode 128 Multi-Domain Mode 129 Multi-Auth Mode 129802.1X Phased Deployment 130 Why a Phased Approach? 131 Phase I: Monitor Mode (Visibility Mode) 132 Phase II: Low-Impact Mode 133 Phase II: Closed Mode 134Host Onboarding with Cisco DNA Center 136 No Authentication Template 137 Open Authentication Template 138 Closed Authentication 140 Easy Connect 141Security in Cisco Software-Defined Access Network 144 Macro-Segmentation in Cisco SD-Access 144 Micro-Segmentation in Cisco SD-Access 145Policy Set Overview in Cisco ISE 146Segmentation Policy Construction in Cisco SD-Access 148 Corporate Network Access Use Case 149 Guest Access Use Case 159Segmentation Outside the Fabric 164Summary 164References in This Chapter 165Chapter 6 Cisco Software-Defined Access Operation and Troubleshooting 167Cisco SD-Access Under the Covers 167 Fabric Encapsulation 167 LISP 168 VXLAN 171 MTU Considerations 172Host Operation and Packet Flow in Cisco SD-Access 172 DHCP in Cisco SD-Access 172 Wired Host Onboarding and Registration 175 Wired Host Operation 176 Intra-Subnet Traffic in the Fabric 176 Inter-Subnet Traffic in the Fabric 179 Traffic to Destinations Outside of the Fabric 180 Wireless Host Operation 180 Initial Onboarding and Registration 180Cisco SD-Access Troubleshooting 181 Fabric Edge 182 Fabric Control Plane 186Authentication/Policy Troubleshooting 188 Authentication 188 Policy 190 Scalable Group Tags 191Summary 193References in This Chapter 193Chapter 7 Advanced Cisco Software-Defined Access Topics 195Cisco Software-Defined Access Extension to IoT 196 Types of Extended Nodes 198 Extended Nodes 198 Policy Extended Nodes 198 Configuration of Extended Nodes 200 Onboarding the Extended Node 203 Packet Walk of Extended Cisco SD-Access Use Cases 205 Use Case: Hosts in Fabric Communicating with Hosts Connected Outside the Fabric 205 Use Case: Traffic from a Client Connected to a Policy Extended Node 206 Use Case: Traffic to a Client Connected to a Policy Extended Node 207 Use Case: Traffic Flow Within a Policy Extended Node 207Multicast in Cisco SD-Access 208 Multicast Overview 209 IP Multicast Delivery Modes 210Multicast Flows in Cisco SD-Access 210 Scenario 1: Multicast in PIM ASM with Head-End Replication (Fabric RP) 211 Scenario 2: Multicast in PIM SSM with Head-End Replication 213 Scenario 3: Cisco SD-Access Fabric Native Multicast 214 Cisco SD-Access Multicast Configuration in Cisco DNA Center 216Layer 2 Flooding in Cisco SD-Access 218 Layer 2 Flooding Operation 219Layer 2 Border in Cisco SD-Access 221 Layer 2 Intersite 224 Layer 2 Intersite Design and Traffic Flow 224 Fabric in a Box in Cisco SD-Access 227Cisco SD-Access for Distributed Campus Deployments 228 Types of Transit 229 IP Transit 229 Fabric Multisite or Multidomain with IP Transit 230 Cisco SD-Access Transit 232 Cisco SD-WAN Transit 237 Policy Deployment Models in Cisco SD-Access Distributed Deployment 238Cisco SD-Access Design Considerations 240 Latency Considerations 240 Cisco SD-Access Design Approach 241 Very Small Site 241 Small Site 242 Medium Site 243 Large Site 243 Single-Site Design Versus Multisite Design 244 Cisco SD-Access Component Considerations 245 Underlay Network 246 Underlay Network Design Considerations 246 Overlay Network 247 Overlay Fabric Design Considerations 247 Fabric Control Plane Node Design Considerations 248 Fabric Border Node Design Considerations 248 Infrastructure Services Design Considerations 249 Fabric Wireless Integration Design Considerations 249 Wireless Over-the-Top Centralized Wireless Option Design Considerations 250 Mixed SD-Access Wireless and Centralized Wireless Option Design Considerations 250 Wireless Guest Deployment Considerations 250 Security Policy Design Considerations 251Cisco SD-Access Policy Extension to Cisco ACI 252Summary 254References in This Chapter 254Chapter 8 Advanced Cisco DNA Center 255Cisco DNA Center Architecture and Connectivity 256 Hardware and Scale 256 Network Connectivity 256 High Availability and Clustering with Cisco DNA Center 258Software Image Management 259 Image Repository 261 Golden Image 262 Upgrading Devices 263Cisco DNA Center Templates 266 Template Creation 267 Template Assignment and Network Profiles 269 Deploying Templates 270Plug and Play 272 Onboarding Templates 273 PnP Agent 275 Claiming a Device 276Cisco DNA Center Tools 280 Topology 280 Command Runner 281 Security Advisories 283Summary 284References in This Chapter 284Chapter 9 Cisco DNA Assurance 285Assurance Benefits 285 Challenges of Traditional Implementations 285 Cisco DNA Analytics 286Cisco DNA Assurance Architecture 287 Cisco DNA Assurance Data Collection Points 289 Streaming Telemetry 290 Network Time Travel 292 Health Dashboards 292 Overall Health Dashboard 293 Network Health Dashboard 294 Cisco SD-Access Fabric Network Health 296 Client Health Dashboard 297 Application Health Dashboard 299Cisco DNA Assurance Tools 300 Intelligent Capture 300 Anomaly Capture 301 Path Trace 303 Sensor Tests 303 Cisco AI Network Analytics 304Summary 306References in This Chapter 306Glossary 3079780136448389 TOC 6/24/2020
£40.49
Pearson Education (US) Building Data Centers with VXLAN BGP EVPN: A
Book SynopsisThe complete guide to building and managing next-generation data center network fabrics with VXLAN and BGP EVPN This is the only comprehensive guide and deployment reference for building flexible data center network fabrics with VXLAN and BGP EVPN technologies. Writing for experienced network professionals, three leading Cisco experts address everything from standards and protocols to functions, configurations, and operations. The authors first explain why and how data center fabrics are evolving, and introduce Cisco’s fabric journey. Next, they review key switch roles, essential data center network fabric terminology, and core concepts such as network attributes, control plane details, and the associated data plane encapsulation. Building on this foundation, they provide a deep dive into fabric semantics, efficient creation and addressing of the underlay, multi-tenancy, control and data plane interaction, forwarding flows, external interconnectivity, and service appliance deployments. You’ll find detailed tutorials, descriptions, and packet flows that can easily be adapted to accommodate customized deployments. This guide concludes with a full section on fabric management, introducing multiple opportunities to simplify, automate, and orchestrate data center network fabrics. Learn how changing data center requirements have driven the evolution to overlays, evolved control planes, and VXLAN BGP EVPN spine-leaf fabrics Discover why VXLAN BGP EVPN fabrics are so scalable, resilient, and elastic Implement enhanced unicast and multicast forwarding of tenant traffic over the VXLAN BGP EVPN fabric Build fabric underlays to efficiently transport uni- and multi-destination traffic Connect the fabric externally via Layer 3 (VRF-Lite, LISP, MPLS L3VPN) and Layer 2 (VPC) Choose your most appropriate Multi-POD, multifabric, and Data Center Interconnect (DCI) options Integrate Layer 4-7 services into the fabric, including load balancers and firewalls Manage fabrics with POAP-based day-0 provisioning, incremental day 0.5 configuration, overlay day-1 configuration, or day-2 operations Table of Contents Introduction xv Chapter 1 Introduction to Programmable Fabric 1 Today’s Data Center Challenges and Requirements 2 The Data Center Fabric Journey 3 Cisco Open Programmable Fabric 10 Fabric-Related Terminology 13 Data Center Network Fabric Properties 14 Server or Endpoint Connectivity Options 15 Summary 17 References 17 Chapter 2 VXLAN BGP EVPN Basics 21 Overlays 23 Introduction to VXLAN 27 VXLAN Flood and Learn (F&L) 30 Introduction to BGP EVPN with VXLAN 32 MP-BGP Features and Common Practices 34 IETF Standards and RFCs 37 Host and Subnet Route Distribution 40 Host Deletion and Move Events 46 Summary 48 References 49 Chapter 3 VXLAN/EVPN Forwarding Characteristics 53 Multidestination Traffic 54 Leveraging Multicast Replication in the Underlying Network 55 Using Ingress Replication 58 VXLAN BGP EVPN Enhancements 60 ARP Suppression 60 Distributed IP Anycast Gateway 65 Integrated Route and Bridge (IRB) 69 Endpoint Mobility 73 Virtual PortChannel (vPC) in VXLAN BGP EVPN 76 DHCP 81 Summary 85 References 85 Chapter 4 The Underlay 87 Underlay Considerations 88 MTU Considerations 91 IP Addressing 93 IP Unicast Routing 99 OSPF as an Underlay 100 IS-IS as an Underlay 102 BGP as an Underlay 103 IP Unicast Routing Summary 106 Multidestination Traffic 107 Unicast Mode 107 Multicast Mode 109 PIM Any Source Multicast (ASM) 112 BiDirectional PIM (PIM BiDir) 114 Summary 119 References 119 Chapter 5 Multitenancy 121 Bridge Domains 123 VLANs in VXLAN 124 Layer 2 Multitenancy: Mode of Operation 129 VLAN-Oriented Mode 130 BD-Oriented Mode 131 VRF in VXLAN BGP EVPN 132 Layer 3 Multitenancy: Mode of Operation 134 Summary 137 References 138 Chapter 6 Unicast Forwarding 139 Intra-Subnet Unicast Forwarding (Bridging) 139 Non-IP Forwarding (Bridging) 147 Inter-Subnet Unicast Forwarding (Routing) 149 Routed Traffic to Silent Endpoints 158 Forwarding with Dual-Homed Endpoint 164 IPv6 167 Summary 169 Chapter 7 Multicast Forwarding 171 Layer 2 Multicast Forwarding 171 IGMP in VXLAN BGP EVPN Networks 174 Layer 2 Multicast Forwarding in vPC 178 Layer 3 Multicast Forwarding 182 Summary 184 References 184 Chapter 8 External Connectivity 185 External Connectivity Placement 185 External Layer 3 Connectivity 189 U-Shaped and Full-Mesh Models 190 VRF Lite/Inter-AS Option A 192 LISP 195 MPLS Layer 3 VPN (L3VPN) 200 External Layer 2 Connectivity 203 Classic Ethernet and vPC 204 Extranet and Shared Services 206 Local/Distributed VRF Route Leaking 207 Downstream VNI Assignment 210 Summary 212 Reference 212 Chapter 9 Multi-Pod, Multifabric, and Data Center Interconnect (DCI) 213 Contrasting OTV and VXLAN 213 Multi-Pod 219 Interconnection at the Spine Layer 227 Interconnection at the Leaf Layer 227 Multifabric 228 Inter-pod/Interfabric 231 Interfabric Option 1: Multi-Pod 232 Interfabric Option 2: Multifabric 233 Interfabric Option 3 (Multisite for Layer 3) 235 Interfabric Option 4 (Multisite for Layer 2) 236 Summary 238 References 238 Chapter 10 Layer 4—7 Services Integration 241 Firewalls in a VXLAN BGP EVPN Network 242 Routing Mode 242 Bridging Mode 244 Firewall Redundancy with Static Routing 245 Static Route Tracking at a Service Leaf 248 Static Routing at a Remote Leaf 248 Physical Connectivity 249 Inter-Tenant/Tenant-Edge Firewall 250 Services-Edge Design 254 Intra-Tenant Firewalls 254 Mixing Intra-Tenant and Inter-Tenant Firewalls 260 Application Delivery Controller (ADC) and Load Balancer in a VXLAN BGP EVPN Network 262 One-Armed Source-NAT 262 Direct VIP Subnet Approach 263 Indirect VIP Subnet Approach 264 Return Traffic 265 Service Chaining: Firewall and Load Balancer 267 Summary 271 References 271 Chapter 11 Introduction to Fabric Management 273 Day-0 Operations: Automatic Fabric Bring-Up 275 In-Band Versus Out-of-Band POAP 276 Other Day-0 Considerations 278 Day-0.5 Operations: Incremental Changes 279 Day-1 Operations: Overlay Services Management 280 Virtual Topology System (VTS) 282 Nexus Fabric Manager (NFM) 282 Data Center Network Manager (DCNM) 283 Compute Integration 283 Day-2 Operations: Monitoring and Visibility 285 VXLAN OAM (NGOAM) 294 Summary 299 References 299 Appendix A VXLAN BGP EVPN Implementation Options 303 9781587144677, TOC, 3/16/17
£40.04
John Wiley & Sons Inc Cryptography Engineering
Book SynopsisThe ultimate guide to cryptography, updated from an author team of the world's top cryptography experts. Cryptography is vital to keeping information safe, in an era when the formula to do so becomes more and more challenging.Table of ContentsPreface to Cryptography Engineering xxiii History xxiv Example Syllabi xxiv Additional Information xxvi Preface to Practical Cryptography (the 1st Edition) xxvii How to Read this Book xxix Part I Introduction 1 Chapter 1 The Context of Cryptography 3 1.1 The Role of Cryptography 4 1.2 The Weakest Link Property 5 1.3 The Adversarial Setting 7 1.4 Professional Paranoia 8 1.4.1 Broader Benefits 9 1.4.2 Discussing Attacks 9 1.5 Threat Model 10 1.6 Cryptography Is Not the Solution 12 1.7 Cryptography Is Very Difficult 13 1.8 Cryptography Is the Easy Part 13 1.9 Generic Attacks 14 1.10 Security and Other Design Criteria 14 1.10.1 Security Versus Performance 14 1.10.2 Security Versus Features 17 1.10.3 Security Versus Evolving Systems 17 1.11 Further Reading 18 1.12 Exercises for Professional Paranoia 18 1.12.1 Current Event Exercises 19 1.12.2 Security Review Exercises 20 1.13 General Exercises 21 Chapter 2 Introduction to Cryptography 23 2.1 Encryption 23 2.1.1 Kerckhoffs’ Principle 24 2.2 Authentication 25 2.3 Public-Key Encryption 27 2.4 Digital Signatures 29 2.5 PKI 29 2.6 Attacks 31 2.6.1 The Ciphertext-Only Model 31 2.6.2 The Known-Plaintext Model 31 2.6.3 The Chosen-Plaintext Model 32 2.6.4 The Chosen-Ciphertext Model 32 2.6.5 The Distinguishing Attack Goal 32 2.6.6 Other Types of Attack 33 2.7 Under the Hood 33 2.7.1 Birthday Attacks 33 2.7.2 Meet-in-the-Middle Attacks 34 2.8 Security Level 36 2.9 Performance 37 2.10 Complexity 37 2.11 Exercises 38 Part II Message Security 41 Chapter 3 Block Ciphers 43 3.1 What Is a Block Cipher? 43 3.2 Types of Attack 44 3.3 The Ideal Block Cipher 46 3.4 Definition of Block Cipher Security 46 3.4.1 Parity of a Permutation 49 3.5 Real Block Ciphers 50 3.5.1 DES 51 3.5.2 AES 54 3.5.3 Serpent 56 3.5.4 Twofish 57 3.5.5 Other AES Finalists 58 3.5.6 Which Block Cipher Should I Choose? 59 3.5.7 What Key Size Should I Use? 60 3.6 Exercises 61 Chapter 4 Block Cipher Modes 63 4.1 Padding 64 4.2 ECB 65 4.3 CBC 65 4.3.1 Fixed IV 66 4.3.2 Counter IV 66 4.3.3 Random IV 66 4.3.4 Nonce-Generated IV 67 4.4 OFB 68 4.5 CTR 70 4.6 Combined Encryption and Authentication 71 4.7 Which Mode Should I Use? 71 4.8 Information Leakage 72 4.8.1 Chances of a Collision 73 4.8.2 How to Deal With Leakage 74 4.8.3 About Our Math 75 4.9 Exercises 75 Chapter 5 Hash Functions 77 5.1 Security of Hash Functions 78 5.2 Real Hash Functions 79 5.2.1 A Simple But Insecure Hash Function 80 5.2.2 MD5 81 5.2.3 SHA-1 82 5.2.4 SHA-224, SHA-256, SHA-384, and SHA-512 82 5.3 Weaknesses of Hash Functions 83 5.3.1 Length Extensions 83 5.3.2 Partial-Message Collision 84 5.4 Fixing the Weaknesses 84 5.4.1 Toward a Short-term Fix 85 5.4.2 A More Efficient Short-term Fix 85 5.4.3 Another Fix 87 5.5 Which Hash Function Should I Choose? 87 5.6 Exercises 87 Chapter 6 Message Authentication Codes 89 6.1 What a MAC Does 89 6.2 The Ideal MAC and MAC Security 90 6.3 CBC-MAC and CMAC 91 6.4 HMAC 93 6.5 GMAC 94 6.6 Which MAC to Choose? 95 6.7 Using a MAC 95 6.8 Exercises 97 Chapter 7 The Secure Channel 99 7.1 Properties of a Secure Channel 99 7.1.1 Roles 99 7.1.2 Key 100 7.1.3 Messages or Stream 100 7.1.4 Security Properties 101 7.2 Order of Authentication and Encryption 102 7.3 Designing a Secure Channel: Overview 104 7.3.1 Message Numbers 105 7.3.2 Authentication 106 7.3.3 Encryption 106 7.3.4 Frame Format 107 7.4 Design Details 107 7.4.1 Initialization 107 7.4.2 Sending a Message 108 7.4.3 Receiving a Message 109 7.4.4 Message Order 111 7.5 Alternatives 112 7.6 Exercises 113 Chapter 8 Implementation Issues (I) 115 8.1 Creating Correct Programs 116 8.1.1 Specifications 117 8.1.2 Test and Fix 118 8.1.3 Lax Attitude 119 8.1.4 So How Do We Proceed? 119 8.2 Creating Secure Software 120 8.3 Keeping Secrets 120 8.3.1 Wiping State 121 8.3.2 Swap File 122 8.3.3 Caches 124 8.3.4 Data Retention by Memory 125 8.3.5 Access by Others 127 8.3.6 Data Integrity 127 8.3.7 What to Do 128 8.4 Quality of Code 128 8.4.1 Simplicity 129 8.4.2 Modularization 129 8.4.3 Assertions 130 8.4.4 Buffer Overflows 131 8.4.5 Testing 131 8.5 Side-Channel Attacks 132 8.6 Beyond this Chapter 133 8.7 Exercises 133 Part III Key Negotiation 135 Chapter 9 Generating Randomness 137 9.1 Real Random 138 9.1.1 Problems With Using Real Random Data 139 9.1.2 Pseudorandom Data 140 9.1.3 Real Random Data and PRNGS 140 9.2 Attack Models for a PRNG 141 9.3 Fortuna 142 9.4 The Generator 143 9.4.1 Initialization 145 9.4.2 Reseed 145 9.4.3 Generate Blocks 146 9.4.4 Generate Random Data 146 9.4.5 Generator Speed 147 9.5 Accumulator 147 9.5.1 Entropy Sources 147 9.5.2 Pools 148 9.5.3 Implementation Considerations 150 9.5.3.1 Distribution of Events Over Pools 150 9.5.3.2 Running Time of Event Passing 151 9.5.4 Initialization 152 9.5.5 Getting Random Data 153 9.5.6 Add an Event 154 9.6 Seed File Management 155 9.6.1 Write Seed File 156 9.6.2 Update Seed File 156 9.6.3 When to Read and Write the Seed File 157 9.6.4 Backups and Virtual Machines 157 9.6.5 Atomicity of File System Updates 158 9.6.6 First Boot 158 9.7 Choosing Random Elements 159 9.8 Exercises 161 Chapter 10 Primes 163 10.1 Divisibility and Primes 163 10.2 Generating Small Primes 166 10.3 Computations Modulo a Prime 167 10.3.1 Addition and Subtraction 168 10.3.2 Multiplication 169 10.3.3 Groups and Finite Fields 169 10.3.4 The GCD Algorithm 170 10.3.5 The Extended Euclidean Algorithm 171 10.3.6 Working Modulo 2 172 10.4 Large Primes 173 10.4.1 Primality Testing 176 10.4.2 Evaluating Powers 178 10.5 Exercises 179 Chapter 11 Diffie-Hellman 181 11.1 Groups 182 11.2 Basic DH 183 11.3 Man in the Middle 184 11.4 Pitfalls 185 11.5 Safe Primes 186 11.6 Using a Smaller Subgroup 187 11.7 The Size of p 188 11.8 Practical Rules 190 11.9 What Can Go Wrong? 191 11.10 Exercises 193 Chapter 12 RSA 195 12.1 Introduction 195 12.2 The Chinese Remainder Theorem 196 12.2.1 Garner’s Formula 196 12.2.2 Generalizations 197 12.2.3 Uses 198 12.2.4 Conclusion 199 12.3 Multiplication Modulo n 199 12.4 RSA Defined 200 12.4.1 Digital Signatures with RSA 200 12.4.2 Public Exponents 201 12.4.3 The Private Key 202 12.4.4 The Size of n 203 12.4.5 Generating RSA Keys 203 12.5 Pitfalls Using RSA 205 12.6 Encryption 206 12.7 Signatures 209 12.8 Exercises 211 Chapter 13 Introduction to Cryptographic Protocols 213 13.1 Roles 213 13.2 Trust 214 13.2.1 Risk 215 13.3 Incentive 215 13.4 Trust in Cryptographic Protocols 217 13.5 Messages and Steps 218 13.5.1 The Transport Layer 219 13.5.2 Protocol and Message Identity 219 13.5.3 Message Encoding and Parsing 220 13.5.4 Protocol Execution States 221 13.5.5 Errors 221 13.5.6 Replay and Retries 223 13.6 Exercises 225 Chapter 14 Key Negotiation 227 14.1 The Setting 227 14.2 A First Try 228 14.3 Protocols Live Forever 229 14.4 An Authentication Convention 230 14.5 A Second Attempt 231 14.6 A Third Attempt 232 14.7 The Final Protocol 233 14.8 Different Views of the Protocol 235 14.8.1 Alice’s View 235 14.8.2 Bob’s View 236 14.8.3 Attacker’s View 236 14.8.4 Key Compromise 238 14.9 Computational Complexity of the Protocol 238 14.9.1 Optimization Tricks 239 14.10 Protocol Complexity 240 14.11 A Gentle Warning 241 14.12 Key Negotiation from a Password 241 14.13 Exercises 241 Chapter 15 Implementation Issues (II) 243 15.1 Large Integer Arithmetic 243 15.1.1 Wooping 245 15.1.2 Checking DH Computations 248 15.1.3 Checking RSA Encryption 248 15.1.4 Checking RSA Signatures 249 15.1.5 Conclusion 249 15.2 Faster Multiplication 249 15.3 Side-Channel Attacks 250 15.3.1 Countermeasures 251 15.4 Protocols 252 15.4.1 Protocols Over a Secure Channel 253 15.4.2 Receiving a Message 253 15.4.3 Timeouts 255 15.5 Exercises 255 Part IV Key Management 257 Chapter 16 The Clock 259 16.1 Uses for a Clock 259 16.1.1 Expiration 259 16.1.2 Unique Value 260 16.1.3 Monotonicity 260 16.1.4 Real-Time Transactions 260 16.2 Using the Real-Time Clock Chip 261 16.3 Security Dangers 262 16.3.1 Setting the Clock Back 262 16.3.2 Stopping the Clock 262 16.3.3 Setting the Clock Forward 263 16.4 Creating a Reliable Clock 264 16.5 The Same-State Problem 265 16.6 Time 266 16.7 Closing Recommendations 267 16.8 Exercises 267 Chapter 17 Key Servers 269 17.1 Basics 270 17.2 Kerberos 270 17.3 Simpler Solutions 271 17.3.1 Secure Connection 272 17.3.2 Setting Up a Key 272 17.3.3 Rekeying 272 17.3.4 Other Properties 273 17.4 What to Choose 273 17.5 Exercises 274 Chapter 18 The Dream of PKI 275 18.1 A Very Short PKI Overview 275 18.2 PKI Examples 276 18.2.1 The Universal PKI 276 18.2.2 VPN Access 276 18.2.3 Electronic Banking 276 18.2.4 Refinery Sensors 277 18.2.5 Credit Card Organization 277 18.3 Additional Details 277 18.3.1 Multilevel Certificates 277 18.3.2 Expiration 278 18.3.3 Separate Registration Authority 279 18.4 Summary 280 18.5 Exercises 280 Chapter 19 PKI Reality 281 19.1 Names 281 19.2 Authority 283 19.3 Trust 284 19.4 Indirect Authorization 285 19.5 Direct Authorization 286 19.6 Credential Systems 286 19.7 The Modified Dream 288 19.8 Revocation 289 19.8.1 Revocation List 289 19.8.2 Fast Expiration 290 19.8.3 Online Certificate Verification 291 19.8.4 Revocation Is Required 291 19.9 So What Is a PKI Good For? 292 19.10 What to Choose 293 19.11 Exercises 294 Chapter 20 PKI Practicalities 295 20.1 Certificate Format 295 20.1.1 Permission Language 295 20.1.2 The Root Key 296 20.2 The Life of a Key 297 20.3 Why Keys Wear Out 298 20.4 Going Further 300 20.5 Exercises 300 Chapter 21 Storing Secrets 301 21.1 Disk 301 21.2 Human Memory 302 21.2.1 Salting and Stretching 304 21.3 Portable Storage 306 21.4 Secure Token 306 21.5 Secure UI 307 21.6 Biometrics 308 21.7 Single Sign-On 309 21.8 Risk of Loss 310 21.9 Secret Sharing 310 21.10 Wiping Secrets 311 21.10.1 Paper 311 21.10.2 Magnetic Storage 312 21.10.3 Solid-State Storage 313 21.11 Exercises 313 Part V Miscellaneous 315 Chapter 22 Standards and Patents 317 22.1 Standards 317 22.1.1 The Standards Process 317 22.1.1.1 The Standard 319 22.1.1.2 Functionality 319 22.1.1.3 Security 320 22.1.2 SSL 320 22.1.3 AES: Standardization by Competition 321 22.2 Patents 322 Chapter 23 Involving Experts 323 Bibliography 327 Index 339
£36.00
O'Reilly Media DNS and BIND 5e
Book SynopsisTalks about distributed host information database that's responsible for translating names into addresses, routing mail to its proper destination, and even listing phone numbers with the new ENUM standard. This book covers BIND 9.3.2 as well as BIND 8.4.7.
£999.99
Cambridge University Press Foundations of Cryptography v1 Volume 1 Basic
Book SynopsisFocuses on the basic mathematical tools needed for cryptographic design: computational difficulty (one-way functions), pseudorandomness and zero-knowledge proofs.Trade Review'The written style is excellent and natural, making the text rather comfortable to read even on quite advanced topics. The book is suitable for students in a graduate course on cryptography, and is also a useful reference text for experts.' The Mathematical GazetteTable of ContentsList of figures; Preface; 1. Introduction; 2. Computational difficulty; 3. Pseudorandom generators; 4. Zero-knowledge proof systems; Appendix A: background in computational number theory; Appendix B: brief outline of volume 2; Bibliography; Index.
£48.44
John Wiley & Sons Inc TCP IP for Dummies
Book SynopsisPacked with the latest information on TCP/IP standards and protocols TCP/IP is a hot topic, because it's the glue that holds the Internet and the Web together, and network administrators need to stay on top of the latest developments.Table of ContentsIntroduction 1 About This Book 1 Conventions Used in This Book 2 Foolish Assumptions 2 How This Book Is Organized 3 Part I: TCP/IP from Names to Addresses 3 Part II: Getting Connected 3 Part III: Configuring Clients and Servers: Web, E-Mail, and Chat 4 Part IV: Even More TCP/IP Applications and Services 4 Part V: Network Troubleshooting and Security 4 Part VI: The Part of Tens 5 Icons Used in This Book 5 Where to Go from Here 6 Part I: TCP/IP from Names to Addresses 7 Chapter 1: Understanding TCP/IP Basics 9 Following Rules for the Internet: TCP/IP Protocols 10 Who’s in charge of the Internet and TCP/IP? 10 Checking out RFCs: The written rules 12 Examining Other Standards Organizations That Add to the Rules 13 Distinguishing Between the Internet, an Internet, and an Intranet 13 Extending Intranets to Extranets 14 Introducing Virtual Private Networks 15 Exploring Geographically Based Networks 16 Networks connected by wires and cables 16 Wireless networks 17 The geography of TCP/IP 17 Chapter 2: Layering TCP/IP Protocols 19 Taking a Timeout for Hardware 19 Starting with network connection media 20 Colliding with Ethernet 20 Stacking the TCP/IP Layers 22 Layer 1: The physical layer 23 Layer 2: The data link layer 24 Layer 3: The internet layer 24 Layer 4: The transport layer 24 Layer 5: The application layer 25 TCP/IP For Dummies, 6th Edition viii Chewing through Network Layers: A Packet’s Journey 25 Understanding TCP/IP: More than just protocols 27 Determining whether your network has a protocol, an application, or a service 27 Plowing through the Protocol List (In Case You Thought Only Two Existed) 28 Physical layer protocols 29 Data link layer protocols 29 Internet layer protocols 29 Transport layer protocols 31 Application layer protocols 36 Chapter 3: Serving Up Clients and Servers 43 Understanding the Server Side 43 Examining the server’s job 44 Identifying types of servers 44 Using dedicated servers 45 Understanding the Client Side 45 Defining a client 45 Clients, clients everywhere 46 Answering the Question “Are You Being Served?” 46 Supporting TCP/IP with Client/Server and Vice Versa 47 Recognizing Other Internetworking Styles: Peer-to-Peer Computing 47 Determining whether peer-to-peer workgroups are still handy 48 P2P applications — P2P across the Internet 48 Chapter 4: Nice Names and Appetizing Addresses 51 What Did You Say Your Host’s Name Is? 52 Playing the numbers game 52 Identifying a computer as uniquely yours 53 Translating names into numbers 54 Taking a Closer Look at IP Addresses 54 Savoring Classful Addressing 55 Recognizing the Parts of an IP Address 56 Class A is for a few enormous networks 57 Class B is for lots of big networks 57 Class C is for millions of small networks 57 Class D is for multicasting 57 Biting Down on Bits and Bytes 58 Obtaining an IP Address 60 Choosing whether to go public or stay private 60 Obeying the network police 61 Obtaining a globally unique IP address 61 Acquiring a static address 62 Getting dynamic addresses with DHCP 62 Finding out your IP address 62 Table of Contents ix Resolving Names and Addresses with DNS 64 Understanding the minimum amount of information about DNS 64 Using DNS to “Do Nifty Searches” 65 Describing Fully Qualified Domain Names (FQDNs) 65 Branching out into domains 66 Stalking new domains 68 Determining Whether the Internet Will Ever Fill Up 68 Choking on bandwidth 68 Panicking about not having enough addresses 69 Dishing Up More Kinds of Addresses 69 MAC: Media Access Control 69 Port numbers 70 Chapter 5: Need More Addresses? Try Subnetting and NAT 73 Working with Subnets and Subnet Masks 74 Defining subnet masks 76 Why a network has a mask when it has no subnets 76 Subnetting 101 77 Letting the DHCP Protocol Do the Work for You 79 One administrator’s nightmare is another’s fantasy 80 Understanding how the DHCP protocol works —it’s client/server again 81 Being evicted after your lease expires 82 Sharing Addresses with Network Address Translation (NAT) 83 Understanding how NAT works 83 Securing NAT 84 Using NAT and DHCP to work together 84 Swallowing NAT incompatibilities 86 Digesting NAT-PT (Network Address Translation-Protocol Translation) 87 Part II: Getting Connected 89 Chapter 6: Configuring a TCP/IP Network — the Software Side 91 Installing TCP/IP? Probably Not 91 Detecting whether TCP/IP is installed 92 Determining whether it’s IPv4, IPv6, or both 92 Savoring TCP/IP right out of the box 93 Six Steps to a Complete TCP/IP Configuration 94 Step 1: Determining whether your computer is a client or server or both 95 Step 2: Gathering client information 95 Step 3: Setting up your NIC(s) 95 TCP/IP For Dummies, 6th Edition x Step 4: Deciding on a static IP address or a DHCP leased address 96 Step 5: Choosing how your host will translate names into IP addresses 97 Step 6: Gathering server information 97 Setting TCP/IP Client Properties 97 Configuring TCP/IP on a Mac OS X client 98 Configuring TCP/IP on a Linux or Unix client 100 Configuring a TCP/IP client on Windows Vista 102 Configuring a TCP/IP client on Windows XP 103 Setting TCP/IP Server Properties 104 Installing TCP/IP from Scratch 105 Feasting on Network Files 107 The local hosts file 107 The trusted hosts file, hostsequiv 109 Freddie’s nightmare: Your personal trust file 110 The services file 111 Daemons Aren’t Devils 113 Relishing your daemons113 Finding the daemons on your computer 113 Chapter 7: Networking SOHO with Wireless 115 Gulping the Minimum Hardware Details 116 NICs 116 Routers 117 Setting Up a Home Wireless Network in Four Steps 118 Step 1: Choose your wireless hardware 118 Step 2: Connect your wireless router 120 Step 3: Set up your wireless router 121 Step 4: Connect your computers 124 Securing Your Network 124 Securing the wired side 125 Securing the wireless side 125 Broadband for Everyone? We Hope 128 Level 1: Using wireless hotspots 128 Level 2: Paying for broadband wireless service 129 Level 3: Going anywhere you want to connect to the Internet with WiMAX 129 Chapter 8: Advancing into Routing Protocols 131 Understanding Routing Lingo 132 Routing Through the Layers — the Journey of a Packet 135 A new message heads out across the Net 135 The message visits the router 137 Into an Internet router and out again 139 Reaching the destination 140 Table of Contents xi Getting a Handle on How Routers Work 143 Getting Started with Routers 146 Swallowing Routing Protocols 148 Nibbling on IGP protocols 149 Exterior Gateway Protocols (EGP) 152 Understanding How BGP Routers Work 154 Juicing Up Routing with CIDR 154 C Is for Classless 156 CIDR pressing the routing tables 157 You say “subnet,” aggregating.net says “aggregate” 159 Securing Your Router 159 Coring the apple with Denial of Service (DoS) Attacks 160 Hijacking routers 160 Eavesdropping on BGP 161 It’s so sad 161 S-BGP (Secure BGP): Proposals to make BGP routing secure 161 Chapter 9: IPv6: IP on Steroids 163 Say Hello to IPv6 163 Digesting IPv4 limitations 164 Absorbing IPv6 advantages 164 If It Ain’t Broke, Don’t Fix It — Unless It Can Be Improved 165 Wow! Eight Sections in an IPv6 Address? 165 Why use hexadecimal? 166 There’s good news and there’s bad news 166 Take advantage of IPv6 address shortcuts 167 Special IPv6 Addresses 169 IPv6 — and the Using Is Easy 169 Checking out the network with autodiscovery 170 Ensuring that your address is unique 171 Automatically assigning addresses 172 Realizing that autoregistration says “Let us serve you” 172 IPv6 Installation 173 Configuring IPv6 on Windows XP and Windows Server 2003 173 Welcoming IPv6 to Mac OS X175 Getting started with IPv6 in Unix and Linux 175 Other Delicious IPv6 Morsels 176 Security for all 176 Faster, better multimedia 178 Support for real-time applications 178 Improved support for mobile computing 178 Share the Planet — IPv6 and IPv4 Can Coexist 179 Stacking IPv4 and Iv6 179 Tunneling IPv6 through IPv4 180 Whew — You Made It! 180 TCP/IP For Dummies, 6th Edition xii Chapter 10: Serving Up DNS (The Domain Name System) 181 Taking a Look at the DNS Components 182 Going Back to DNS Basics 183 Revisiting Client/Server with DNS 184 Dishing up DNS client/server definitions 184 Snacking on resolvers and name servers 184 Who’s in charge here? 186 Serving a DNS client’s needs 186 Oops! Can’t help you 187 Who’s Responsible for Name and Address Information? 187 Understanding Servers and Authority 189 Primary name server: Master of your domain 189 Secondary name servers 190 Caching servers 192 Understanding Domains and Zones 193 Problem Solving with Dynamic DNS (DYNDNS) 195 Diving into DNSSEC (DNS Security Extensions) 195 Why does DNS need DNSSEC? 196 Glimpsing behind the scenes of DNSSEC 197 Part III: Configuring Clients and Servers: Web, E-Mail, and Chat 199 Chapter 11: Digesting Web Clients and Servers 201 Standardizing Web Services 201 Deciphering the Languages of the Web 202 HTML 202 HTML 4 204 XML 205 XHTML 205 HTML + MIME = MHTML 205 Java and other Web dialects 205 Hypertext and hypermedia 206 Understanding How Web Browsing Works 207 Serving up a Web page 207 Storing user information as cookies 209 Managing cookies with your browser 210 Dishing up multimedia over the Internet 212 Feeding Web Pages with Atom and RSS 214 Reducing the Web’s Wide Waistline to Increase Speed 215 Proxy Serving for Speed and Security 218 Caching pages 219 Improving security with filtering 220 Setting up a proxy client 220 Finishing touches 223 Table of Contents xiii Setting Up a Caching Proxy Server 223 Outlining the general steps for installing and configuring squid 223 Configuring squid for Microsoft Windows Server 2008 224 Browsing Securely 228 Ensuring that a site is secure 228 Using your browser’s security features 229 Setting Up a Web Server 230 Setting up the Apache HTTP Server 231 Speeding up Apache 234 Making Apache more secure 234 Adding Security to HTTP 235 Taking a look at HTTPS 236 Getting up to speed on SSL 236 Stepping through an SSL Transaction 237 Using Digital Certificates for Secure Web Browsing 238 Chapter 12: Minimum Security Facilities 239 What’s the Worst That Could Happen? 239 Jump-Starting Security with the Big Three 240 Installing a personal firewall 241 Vaccinating your system with the anti-s 242 Encrypting data so snoopers can’t read it 243 Adding a Few More Basic Protections 243 Chapter 13: Eating Up E-Mail 245 Getting the Big Picture about How E-Mail Works 245 Feasting on E-Mail’s Client-Server Delights 246 E-mail clients 246 E-mail clients versus Web mail clients 247 E-mail servers 247 Postfix: Configuring the fastest-growing MTA 249 Sharpening the Finer Points of Mail Servers 252 Transferring e-mail by way of store-and-forward 253 Transferring e-mail by way of DNS MX records 254 Understanding How SMTP Works with MTAs 255 Defining E-Mail Protocols 255 Adding More Protocols to the Mix 256 POP3 256 IMAP4 257 HTTP 258 LDAP 258 DNS and its MX records 258 TCP/IP For Dummies, 6th Edition xiv Chapter 14: Securing E-Mail 261 Common Sense: The Most Important Tool in Your Security Arsenal 261 Being Aware of Possible Attacks 262 Phishing 263 Popping up and under 263 Getting spied on 263 Meeting malware 265 Bombing 265 Have you got anything without spam? Spam, spam, spam! 266 Spoofing 267 Finding Out Whether You’re a Victim 267 Playing Hide-and-Seek with Your E-Mail Address 268 Layering Security 269 Layer 1: Letting your ISP protect your network 269 Layer 2: Building your own walls 270 Layer 3: Securing e-mail on the server side 271 Layer 4: Securing e-mail on the client side 274 Layer 5: Suitely extending e-mail security 278 Using Secure Mail Clients and Servers 278 Setting up a secure IMAP or POP client 279 Setting up a secure mail server 281 Encrypting e-mail 281 Chapter 15: Beyond E-Mail: Social Networking and Online Communities 285 Thumbing to Talk About 286 Choosing a Communication Method 287 Getting together with IRC 288 Jabbering with XMPP 288 Feeding Your Craving for News 289 Getting Even More Social 290 Part IV: Even More TCP/IP Applications and Services 291 Chapter 16: Mobile IP — The Moveable Feast 293 Going Mobile 294 Understanding How Mobile IP Works 294 Sailing into the Future: Potential Mobile IPv6 Enhancements 296 Mobilizing Security 297 Understanding the risks 297 Using basic techniques to protect your mobile devices 298 Table of Contents xv Chapter 17: Saving Money with VoIP (Voice Over Internet Protocol) 299 Getting the Scoop on VoIP 299 Getting Started Using VoIP 300 Step 1: Get broadband 300 Step 2: Decide how to call 301 Step 3: Make the call 302 Step 4: Convert the bits back into voice (with VoIP software) 303 Step 5: Converse 303 Yo-Yo Dieting: Understanding How VoIP Packets Move through the Layers 304 Trekking the Protocols from RTP to H323 304 Talking the talk with the TCP/IP stack and more 305 Ingesting VoIP standards from the ITU 306 Vomiting and Other Vicious VoIP Vices 306 Securing Your Calls from VoIP Violation 306 You, too, can be a secret agent 307 Authenticating VoIP-ers 307 Keeping voice attacks separate from data 308 Defending with firewalls 308 Testing Your VoIP Security 308 Chapter 18: File and Print Sharing Services 309 Defining Basic File Sharing Terms 309 Using FTP to Copy Files 310 Understanding how FTP works 310 Using anonymous FTP to get good stuff 311 Choosing your FTP client 312 Transferring the files 312 Securing FTP file transfers 315 Using rcp or scp to Copy Files 316 Sharing Network File Systems 317 Nifty file sharing with NFS (Network File System) 317 Solving the buried file update problem with NFSv4 318 Examining the mount Protocol 319 Automounting 320 Configuring an NFS Server 320 Step 1: Edit the exports file 321 Step 2: Update the netgroup file 321 Step 3: Start the daemons 322 Configuring an NFS Client 323 TCP/IP For Dummies, 6th Edition xvi Picking Up Some NFS Performance Tips 324 Hardware tips 324 Server tips 325 Client tips 325 Weighing performance against security 325 Getting NFS Security Tips 325 Sharing Files Off the Stack 326 Using Windows network shares 326 Using Samba to share file and print services 327 Working with Network Print Services 328 Valuing IPP features 329 Setting up Windows Server 2008 print servers over IPP 330 Printing with the Common Unix Print System (CUPS) 331 Chapter 19: Sharing Compute Power 333 Sharing Network Resources 333 Accessing Remote Computers 334 Using a telnet client 334 “R” you ready for more remote access? 335 Executing commands with rsh and rexec 335 Securing Remote Access Sessions 336 Taking Control of Remote Desktops 337 Sharing Clustered Resources 338 Clustering for high availability 338 Clustering for load balancing 338 Clustering for supercomputing 339 Sharing Compute Power with Grid and Volunteer Computing 339 Part V: Network Troubleshooting and Security 341 Chapter 20: Staying with Security Protocols 343 Determining Who Is Responsible for Network Security 344 Following the Forensic Trail: Examining the Steps for Securing Your Network 344 Step 1: Prescribing Preventive Medicine for Security 345 Step 2: Observing Symptoms of Malware Infection 347 Uncovering more contagions 348 Step 3: Diagnosing Security Ailments with netstat, ps, and Logging 355 Monitoring network use with ps 355 Nosing around with netstat 357 Examining logs for symptoms of disease 362 Syslog-ing into the next generation 363 Microsoft proprietary event logging 370 Table of Contents xvii Chapter 21: Relishing More Meaty Security 373 Defining Encryption 374 Advancing Encryption with Advanced Encryption Standard (AES) 375 Peering into Authentication 376 Do you have any ID? A digital certificate will do 377 Getting digital certificates 377 Using digital certificates378 Checking your certificates 379 Coping with certificate problems 380 IPSec (IP Security Protocol): More Authentication 381 Kerberos — Guardian or Fiend? 382 Understanding Kerberos concepts 382 Playing at Casino Kerberos 383 Training the dog — one step per head 384 Setting up a Kerberos server step by step 385 Setting up a Kerberos client step by step 387 Chapter 22: Troubleshooting Connectivity and Performance Problems 389 Chasing Network Problems from End to End 390 Getting Started with Ping 390 Pinging away with lots of options 391 And now, for “some-ping” completely different: Running ping graphically 393 Death by ping 395 Diagnosing Problems Step by Step 396 Pinging yourself and others 396 Using nslookup to query a name server 401 Using traceroute (tracert) to fi nd network problems 403 Simplifying SNMP, the Simple Network Management Protocol 406 Just barely describing how SNMP works 406 Using SMNP programming free 407 Part VI: The Part of Tens 411 Chapter 23: Ten More Uses for TCP/IP 413 Chapter 24: Ten More Resources for Information about TCP/IP Security 417 Index 421
£22.09
John Wiley & Sons Inc The Security Culture Playbook
Book SynopsisTable of ContentsAbout the Authors viii Acknowledgments xii Introduction xxv Part I: Foundation 1 Chapter 1: You Are Here 3 Why All the Buzz? 4 What Is Security Culture, Anyway? 8 A Problem of Definition 9 A Problem of Overconfidence 11 Takeaways 12 Chapter 2: Up-leveling the Conversation: Security Culture Is a Board-level Concern 13 A View from the Top 14 Telling the Human Side of the Story 15 What’s the Cost of Not Getting This Right? 16 Cybercriminals Are Doubling Down on Their Attacks Against Your Employees 19 Your People and Security Culture Are at the Center of Everything 20 The Implication 22 Getting It Right 24 Takeaways 25 Chapter 3: The Foundations of Transformation 27 The Core Thesis 29 The Knowledge-Intention-Behavior Gap 29 Three Realities of Security Awareness 31 Program Focus 31 Extending the Discussion 33 Introducing the Security Culture Maturity Model 33 The Security Culture Maturity Model in Brief 35 The S-Curves 36 The Value of the Security Culture Maturity Model 37 You Are Always Either Building Strength or Allowing Atrophy 37 Takeaways 38 Part II: Exploration 39 Chapter 4: Just What Is Security Culture, Anyway? 41 Lessons from Safety Culture 42 A Jumble of Terms 44 Information Security Culture 45 IT Security Culture 45 Cybersecurity Culture 46 Security Culture in the Modern Day 46 Technology Focus 47 Compliance Focus 48 Human-Reality Focus 49 Takeaways 51 Chapter 5: Critical Concepts from the Social Sciences 53 What’s the Real Goal—Awareness, Behavior, or Culture? 54 Coming to Terms with Our Irrational Nature 55 We Are Lazy 56 Why Don’t We Just Give Up? 60 Security Culture—A Part of Organizational Culture 61 Takeaways 62 Chapter 6: The Components of Security Culture 63 A Problem of Definition 64 The Academic Perspective 64 The Practitioner Perspective 65 Defining Security Culture 66 Security Culture as Dimensions 67 The Seven Dimensions of Security Culture 69 Attitudes 69 Behaviors 69 Cognition 69 Communication 70 Compliance 70 Norms 70 Responsibilities 71 The Security Culture Survey 71 Example Findings from Measuring the Seven Dimensions 72 Normalized Use of Unauthorized Services 73 Confidentiality and Insider Threats 74 Last Thought 74 Takeaways 75 Chapter 7: Interviews with Organizational Culture Experts and Academics 77 John R. Childress, PYXIS Culture Technologies Limited 78 Why Is Culture Important? 78 Why Do You Find Culture Interesting? 79 Is There a Specific Definition of Culture That You Find Useful? 79 What Actions Can Be Taken to Direct Cultural Change? 80 Is There a Success or Horror Story You’d Like to Share Related to Culture Change? 81 How Does a Culture Evolve (or How Often?) 82 Professor John McAlaney, Bournemouth University, UK 82 Why Is Culture Important? 83 Why Do You Find Culture Interesting? 83 Is There a Specific Definition of Culture That You Find Useful? 83 What Actions Can Be Taken to Direct Cultural Change? 84 Is There a Success or Horror Story You’d Like to Share Related to Culture Change? 85 How Does a Culture Evolve (or How Often?) 85 Dejun “Tony” Kong, PhD, Muma College of Business, University of South Florida 86 Why Is Culture Important? 86 Why Do You Find Culture Interesting? 86 Is There a Specific Definition of Culture That You Find Useful? 87 How Do You Use Metrics to Improve Culture / Measure the Effectiveness of Cultural Change? 87 Michael Leckie, Silverback Partners, LLC 87 Why Is Culture Important? 88 Why Do You Find Culture Interesting? 89 Is There a Specific Definition of Culture That You Find Useful? 90 How Do You Use Metrics to Improve Culture / Measure the Effectiveness of Cultural Change? 90 What Actions Can Be Taken to Direct Cultural Change? 91 Is There a Success or Horror Story You’d Like to Share Related to Culture Change? 93 How Does a Culture Evolve (or How Often?) 93 Part III: Transformation 95 Chapter 8: Introducing the Security Culture Framework 97 The Power of Three 99 Step 1: Measure 100 Know Where You are 101 Decide Where You Want to Be 102 Find Your Gap 104 Step 2: Involve 106 Building Support 106 Different Audiences 108 Step 3: Engage 109 Rinse and Repeat 111 Benefits of Using the Security Culture Framework 111 Takeaways 112 Chapter 9: The Secrets to Measuring Security Culture 113 Connecting Awareness, Behavior, and Culture 115 How Can You Measure the Unseen? 116 Using Existing Data 116 The Right Way to Use Data 119 Methods of Measuring Culture 119 Observation 120 Experimentation 121 Interrogation (Surveys and Interviews) 121 A/B Testing 122 Multiple Metrics, Single Score 124 Trends 125 A Note Regarding Completion Rates 127 Takeaways 128 Chapter 10: How to Influence Culture 129 Resistance to Change 130 Be Proactive 131 The Complexity of Culture 133 Using the Seven Dimensions to Influence Your Security Culture 134 Attitudes 134 Behaviors 136 Cognition 138 Communication 140 Compliance 141 Norms 143 Responsibilities 144 How Do You Know Which Dimension to Target? 146 Takeaways 147 Chapter 11: Culture Sticking Points 149 Does Culture Change Have to Be Difficult? 150 Using Norms Is a Double-Edged Sword 151 Failing to Plan Is Planning to Fail 152 If You Try to Work Against Human Nature, You Will Fail 153 Not Seeing the Culture You Are Embedded In 155 Takeaways 156 Chapter 12: Planning and Maturing Your Program 157 Taking Stock of What We’ve Covered 158 View Your Culture Through Your Employees’ Eyes 159 Culture Carriers 160 Building and Modeling Maturity 161 Exploring the Data 162 Culture Maturity Indicators 162 Level 1: Basic Compliance 165 Level 2: Security Awareness Foundation 165 Level 3: Programmatic Security Awareness & Behavior 166 Level 4: Security Behavior Management 167 Level 5: Sustainable Security Culture 168 There Are Stories in the Data 170 A Seat at the Table 174 Takeaways 175 Chapter 13: Quick Tips for Gaining and Maintaining Support 177 You Are a Guide 178 Sell by Using Stories 179 Lead with Empathy, Know Your Audience 180 Set Expectations 184 Takeaways 185 Chapter 14: Interviews with Security Culture Thought Leaders 187 Alexandra Panaretos, Ernst & Young 188 Why Is Culture Important? 188 Why Do You Find Culture Interesting? 189 Is There a Success or Horror Story You’d Like to Share Related to Culture Change? 190 Dr. Jessica Barker, Cygenta 193 Why Is Security Culture Important? 193 Why Do You Find Culture Interesting? 194 What Actions Can Be Taken to Direct Cultural Change? 194 What Is Your Most Interesting Experience with Culture? 195 Kathryn Tyrpak, Jaguar Land Rover 195 Why Is Culture Important? 195 Why Do You Find Culture Interesting? 196 Is There a Specific Definition of Culture That You Find Useful? 196 How Do You Use Metrics to Improve Culture / Measure the Effectiveness of Cultural Change? 196 What Actions Can Be Taken to Direct Cultural Change? 197 Lauren Zink, Boeing 197 Why Is Culture Important? 198 Why Do You Find Culture Interesting? 198 Is There a Specific Definition of Culture That You Find Useful? 199 How Do You Use Metrics to Improve Culture / Measure the Effectiveness of Cultural Change? 199 Mark Majewski, Rock Central 200 Why Is Culture Important? 200 Why Do You Find Culture Interesting? 200 Is There a Specific Definition of Culture That You Find Useful? 201 How Do You Use Metrics to Improve Culture / Measure the Effectiveness of Cultural Change? 201 What Actions Can Be Taken to Direct Cultural Change? 201 Is There a Success or Horror Story You’d Like to Share Related to Culture Change? 202 How Does a Culture Evolve (or How Often?) 202 Mo Amin, moamin.com 203 Why Is Culture Important? 203 Why Do You Find Culture Interesting? 203 Is There a Specific Definition of Culture That You Find Useful? 203 How Do You Use Metrics to Improve Culture / Measure the Effectiveness of Cultural Change? 203 What Actions Can Be Taken to Direct Cultural Change? 204 Is There a Success or Horror Story You’d Like to Share Related to Culture Change? 204 How Does a Culture Evolve (or How Often)? 205 Chapter 15: Parting Thoughts 207 Engage the Community 208 Be a Lifelong Learner 209 Be a Realistic Optimist 210 Conclusion 211 Bibliography 213 Index 217
£17.09
Pearson Education (US) Art of Network Architecture, The: Business-Driven
Book SynopsisThe Art of Network Architecture Business-Driven Design The business-centered, business-driven guide to architecting and evolving networks The Art of Network Architecture is the first book that places business needs and capabilities at the center of the process of architecting and evolving networks. Two leading enterprise network architects help you craft solutions that are fully aligned with business strategy, smoothly accommodate change, and maximize future flexibility. Russ White and Denise Donohue guide network designers in asking and answering the crucial questions that lead to elegant, high-value solutions. Carefully blending business and technical concerns, they show how to optimize all network interactions involving flow, time, and people. The authors review important links between business requirements and network design, helping you capture the information you need to design effectively. They introduce today’s most useful models and frameworks, fully addressing modularity, resilience, security, and management. Next, they drill down into network structure and topology, covering virtualization, overlays, modern routing choices, and highly complex network environments. In the final section, the authors integrate all these ideas to consider four realistic design challenges: user mobility, cloud services, Software Defined Networking (SDN), and today’s radically new data center environments. • Understand how your choices of technologies and design paradigms will impact your business • Customize designs to improve workflows, support BYOD, and ensure business continuity • Use modularity, simplicity, and network management to prepare for rapid change • Build resilience by addressing human factors and redundancy • Design for security, hardening networks without making them brittle • Minimize network management pain, and maximize gain • Compare topologies and their tradeoffs • Consider the implications of network virtualization, and walk through an MPLS-based L3VPN example • Choose routing protocols in the context of business and IT requirements • Maximize mobility via ILNP, LISP, Mobile IP, host routing, MANET, and/or DDNS • Learn about the challenges of removing and changing services hosted in cloud environments • Understand the opportunities and risks presented by SDNs • Effectively design data center control planes and topologiesTable of ContentsIntroduction xx Part I Framing the Problem Chapter 1 Business and Technology 1 Business Drives Technology 2 The Business Environment 2 The Big Picture 3 The Competition 4 The Business Side of the Network 5 Technologies and Applications 5 Network Evaluation 6 The Network’s Customers 6 Internal Users 7 External Users 8 Guest Users 9 Technology Drives Business 9 Part II Business-Driven Design Chapter 2 Designing for Change 11 Organic Growth and Decline 12 Mergers, Acquisitions, and Divestments 14 Centralizing Versus Decentralizing 15 Chapter 3 Improving Business Operations 19 Workflow 19 Matching Data Flow and Network Design 20 Person-to-Person Communication 21 Person-to-Machine Communication 21 Machine-to-Machine Communication 22 Bringing It All Together 23 BYOD 24 BYOD Options 24 BYOD Design Considerations 27 BYOD Policy 28 Business Continuity 29 Business Continuity Versus Disaster Recovery 29 Business Continuity Planning 30 Business Continuity Design Considerations 31 Summary 33 Part III Tools of the Trade Chapter 4 Models 35 The Seven-Layer Model 36 Problems with the Seven-Layer Model 38 The Four-Layer Model 38 Iterative Layering Model 39 Connection-Oriented and Connectionless 41 A Hybrid Model 42 The Control Plane 43 What Am I Trying to Reach? 43 Where Is It? 44 How Do I Get There? 45 Other Network Metadata 46 Control Plane Relationships 46 Routing 46 Quality of Service 48 Network Measurement and Management 49 Interaction Between Control Planes 49 Reactive and Proactive 51 The Waterfall Model 53 Places in the Network 54 Summary 56 Chapter 5 Underlying Support 57 Questions You Should Ask 57 What Happens When the Link Fails? 57 What Types of Virtualization Can Be Run Over This Link? 58 How Does the Link Support Quality of Service? 59 Marking Packets 59 Queues and Rate Limiters 59 Speeds and Feeds Versus Quality of Service 60 Spanning Tree 61 TRILL 62 TRILL Operation 62 TRILL in the Design Landscape 64 TRILL and the Fabrics 65 Final Thoughts on the Physical Layer 65 Chapter 6 Principles of Modularity 67 Why Modularize? 68 Machine Level Information Overload 68 Machine Level Information Overload Defined 69 Reducing Machine Information Level Overload 71 Separating Complexity from Complexity 72 Human Level Information Overload 73 Clearly Assigned Functionality 74 Repeatable Configurations 75 Mean Time to Repair and Modularization 75 How Do You Modularize? 77 Topology and Reachability 77 Aggregating Topology Information at Router B 78 Aggregating Reachability Information at Router B 78 Filtering Routing Information at Router B 79 Splitting Failure Domains Horizontally and Vertically 79 Modularization and Optimization 81 Summary 82 Chapter 7 Applying Modularity 83 What Is Hierarchical Design? 83 A Hub-and-Spoke Design Pattern 84 An Architectural Methodology 85 Assign Each Module One Function 85 All Modules at a Given Level Should Share Common Functionality 86 Build Solid Redundancy at the Intermodule Level 87 Hide Information at Module Edges 88 Typical Hierarchical Design Patterns 89 Virtualization 90 What Is Virtualization? 90 Virtualization as Vertical Hierarchy 93 Why We Virtualize 93 Communities of Interest 94 Network Desegmentation 94 Separation of Failure Domains 94 Consequences of Network Virtualization 95 Final Thoughts on Applying Modularity 96 Chapter 8 Weathering Storms 97 Redundancy as Resilience 98 Network Availability Basics 98 Adding Redundancy 99 MTTR, Resilience, and Redundancy 100 Limits on Control Plane Convergence 100 Feedback Loops 102 The Interaction Between MTTR and Redundancy 103 Fast Convergence Techniques 104 Detecting the Topology Change 104 Propagating Information About the Change 105 Calculating the New Best Path 106 Switching to the New Best Path 107 The Impact of Fast Convergence 107 Fast Reroute 108 P/Q Space 109 Loop-Free Alternates 110 Remote Loop-Free Alternates 110 Not-Via Fast Reroute 111 Maximally Redundant Trees 113 Final Thoughts on Fast Reroute 115 The Human Side of Resilience 115 Chapter 9 Securing the Premises 117 The OODA Loop 118 Observe 119 Orient 122 Decide 124 Act 125 Brittleness 125 Building Defense In 126 Modularization 128 Modularity, Failure Domains, and Security 128 Modularity, Complexity, and Security 128 Modularity, Functionality, and Security 129 Resilience 129 Some Practical Considerations 129 Close a Door, Open a Door 129 Beware of Virtualization 131 Social Engineering 131 Summary 132 Chapter 10 Measure Twice 133 Why Manage? 133 Justifying the Cost of the Network 134 Planning 135 Decreasing the Mean Time to Repair 136 Increasing the Mean Time Between Mistakes 136 Management Models 137 Fault, Configuration, Accounting, Performance, and Security 137 Observe, Orient, Decide, and Act (OODA) 138 Deploying Management 140 Loosen the Connection Between Collection and Management 140 Sampling Considerations 141 Where and What 142 End-to-End/Network 142 Interface/Transport 143 Failure Domain/Control Plane 143 Bare Necessities 144 Summary 145 Part IV Choosing Materials Chapter 11 The Floor Plan 147 Rings 147 Scaling Characteristics 147 Resilience Characteristics 149 Convergence Characteristics 151 Generalizing Ring Convergence 154 Final Thoughts on Ring Topologies 155 Full Mesh 155 Clos Networks 157 Clos and the Control Plane 159 Clos and Capacity Planning 160 Partial Mesh 161 Disjoint Parallel Planes 162 Advantages of Disjoint Topologies 163 Added Complexity 164 The Bottom Line 164 Divergent Data Planes 165 Cubes 166 Toroid Topologies 167 Summary 169 Chapter 12 Building the Second Floor 171 What Is a Tunnel? 171 Is MPLS Tunneling? 173 Fundamental Virtualization Questions 175 Data Plane Interaction 176 Control Plane Considerations 177 Control Plane Interaction 177 Scaling 178 Multicast 179 Security in a Virtual Topology 180 MPLS-Based L3VPNs 182 Operational Overview 182 Fundamental Questions 185 The Maximum Transmission Unit 185 Quality of Service 186 Control Plane Interaction 186 Scaling 187 Multicast 188 Security in MPLS-Based L3VPNs 188 MPLS-Based L3VPN Summary 188 VXLAN 189 Operational Overview 189 Fundamental Questions 190 Control Plane Interaction 190 Scaling 190 VXLAN Summary 191 Summary 191 Chapter 13 Routing Choices 193 Which Routing Protocol? 194 How Fast Does the Routing Protocol Converge? 194 Is the Routing Protocol Proprietary? 196 How Easy Is the Routing Protocol to Configure and Troubleshoot? 197 Which Protocol Degrades in a Way That Works with the Business? 198 Which Protocol Works Best on the Topology the Business Usually Builds? 199 Which Protocol is Right? 200 IPv6 Considerations 202 What Is the Shape of the Deployment? 202 How Does Your Deployment Grow? 202 Topological Deployment 203 Virtual Topology Deployment 203 Where Are the Policy Edges? 203 Routing Protocol Interaction with IPv6 204 IS-IS Interaction with IPv6 204 OSPF Interaction with IPv6 205 EIGRP Interaction with IPv6 206 Deploying BGP 206 Why Deploy BGP? 207 Complexity of Purpose 207 Complexity of Place 208 Complexity of Policy 208 BGP Deployment Models 209 iBGP Edge-to-Edge (Overlay Model) 209 iBGP Core 210 eBGP Edge-to-Edge (Core and Aggregation Model) 211 Summary 212 Chapter 14 Considering Complexity 213 Control Plane State 213 Concepts of Control Plane State 214 Network Stretch 215 Configuration State 217 Control Plane Policy Dispersion 218 Data Plane State 220 Reaction Time 223 Managing Complexity Trade-offs 225 Part V Current and Future Trends Chapter 15 Network in Motion 227 The Business Case for Mobility 228 A Campus Bus Service 228 A Mobile Retail Analysis Team 229 Shifting Load 230 Pinning the Hard Problems into Place 230 Mobility Requires State 231 Mobility Requires Speed 231 State Must Be Topologically Located 232 State and the Network Layers 233 IP-Centric Mobility Solutions 234 Identifier-Locator Network Protocol (ILNP) 235 Locator Identifier Separation Protocol (LISP) 237 Mobile IP 238 Host Routing 239 Mobile Ad-Hoc Networks (MANET) 240 Dynamic DNS 242 Final Thoughts on Mobility Solutions 243 Remote Access Solutions 244 Separate Network Access from Application Access 244 Consider Cloud-Based Solutions 245 Keep Flexibility as a Goal 246 Consider Total Cost 248 Consider Making Remote Access the Norm 248 What Solution Should You Deliver? 249 Chapter 16 On Psychologists, Unicorns, and Clouds 251 A Cloudy History 252 This Time It’s Different 254 What Does It Cost? 255 What Are the Risks? 256 What Problems Can Cloud Solve Well? 257 What Services Is Cloud Good at Providing? 258 Storage 258 Content Distribution 259 Database Services 260 Application Services 260 Network Services 260 Deploying Cloud 261 How Hard Is Undoing the Deployment? 261 How Will the Service Connect to My Network? 261 How Does Security Work? 262 Systemic Interactions 262 Flying Through the Cloud 262 Components 263 Looking Back Over the Clouds 264 Chapter 17 Software-Defined Networks 265 Understanding SDNs 265 A Proposed Definition 265 A Proposed Framework 266 The Distributed Model 267 The Augmented Model 268 The Hybrid Model 269 The Replace Model 271 Offline Routing/Online Reaction 272 OpenFlow 274 Objections and Considerations 276 Conclusion 281 Software-Defined Network Use Cases 281 SDNs in a Data Center 281 What OpenFlow Brings to the Table 281 Challenges to the OpenFlow Solution 283 SDNs in a Wide-Area Core 283 Final Thoughts on SDNs 285 Chapter 18 Data Center Design 287 Data Center Spine and Leaf Fabrics 287 Understanding Spine and Leaf 288 The Border Leaf 291 Sizing a Spine and Leaf Fabric 291 Speed of the Fabric 291 Number of Edge Ports 292 Total Fabric Bandwidth 293 Why No Oversubscription? 294 The Control Plane Conundrum 295 Why Not Layer 2 Alone? 295 Where Should Layer 3 Go? 296 Software-Defined Networks as a Potential Solution 298 Network Virtualization in the Data Center 299 Thoughts on Storage 299 Modularity and the Data Center 300 Summary 301 9781587143755 TOC 3/12/2014
£51.29
O'Reilly Media Network Warrior
Book SynopsisThis book starts where certification exams leave off. Network Warrior provides a thorough and practical guide to the entire network infrastructure. You'll learn how to deal with real Cisco networks, rather than the hypothetical situations presented on exams like the CCNA.
£38.99
Manning Publications Rust Web Development
Book SynopsisCreate bulletproof, high-performance web apps and servers with Rust. In Rust Web Development you will learn: Handling the borrow checker in an asynchronous environment Creating web APIs and using JSON in Rust Graceful error handling Testing, tracing, logging, and debugging Deploying Rust applications Efficient database access Rust Web Development is a hands-on guide to building server-based web applications with Rust. If you've built web servers using Java, C#, or PHP, you'll instantly fall in love with the performance and development experience Rust delivers. This book shows you how to work efficiently using pure Rust, along with important Rust libraries such as tokio for async runtimes, warp for web servers and APIs, and reqwest to run external HTTP requests. about the technology Web development languages and libraries can be resource hungry, with poor safety for maintaining vital web services. Rust services perform better and guarantee better safety. Plus, Rust's awesome compiler gives you an amazing developer experience. You'll get the speed of low-level programming languages like C along with the ease-of-use you'd expect from high-level languages Python or Ruby, with a super strong compiler that automatically prevents common mistakes such as null pointers. about the book In Rust Web Development, you'll learn to build server-side web applications using the Rust language and its key libraries. If you know the basics of Rust, you'll quickly pick up some pro tips for setting up your projects and organizing your code. This book gets you hands-on fast, with numerous small and large examples. You'll get up to speed with how Rust streamlines backend development, implements authentication flows, and even makes it easier for your APIs to interact. As you go, you'll build a complete Q&A web service and iterate on your code chapter-by-chapter, just like a real development project. RETAIL SELLING POINTS • Handling the borrow checker in an asynchronous environment • Creating web APIs and using JSON in Rust • Graceful error handling • Testing, tracing, logging, and debugging • Deploying Rust applications • Efficient database access AUDIENCE For experienced web developers familiar with Java, Node, or Go, and the absolute basics of Rust Trade Review'Rust Web Development offers practical advice and strong technical expertise to equip developers with skills to build secure, performant, and type-safe applications.'Christopher Villanueva 'This is an excellent guide to getting started with Rust web development. The author explains new concepts in bite-sized chunks to help the reader become acquainted with how Rust applications are built.'Rodney Weis 'Do you need to write an API endpoint in Rust? This is a good book on that.'Timothy Robert James Langford 'If you want a more streamlined approach to web development using Rust then this is your book.'Jeff Smith 'Unlock not only the possibilities of using Rust in web development but also the inner workings of Rust that may have been hard to understand without the right context.'Dane BaliaTable of Contentstable of contents detailed TOC PART 1: INTRODUCTION TO RUST READ IN LIVEBOOK 1WHY RUST? READ IN LIVEBOOK 2LAYING THE FOUNDATION PART 2: GETTING STARTED READ IN LIVEBOOK 3CREATE YOUR FIRST ROUTE HANDLER READ IN LIVEBOOK 4IMPLEMENT A RESTFUL API READ IN LIVEBOOK 5CLEANUP YOUR CODEBASE READ IN LIVEBOOK 6LOGGING, TRACING AND DEBUGGING READ IN LIVEBOOK 7ADD A DATABASE TO YOUR APPLICATION READ IN LIVEBOOK 8INTEGRATE 3RD-PARTY APIS PART 3: BRING IT IN PRODUCTION READ IN LIVEBOOK 9ADD AUTHENTICATION AND AUTHORIZATION READ IN LIVEBOOK 10DEPLOY YOUR APPLICATION 11 TESTING YOUR RUST APPLICATION
£33.14
John Wiley & Sons Inc CEH v12 Certified Ethical Hacker Study Guide with
Book SynopsisTable of ContentsIntroduction xvii Assessment Test xxv Chapter 1 Ethical Hacking 1 Overview of Ethics 2 Overview of Ethical Hacking 5 Attack Modeling 6 Cyber Kill Chain 7 Attack Lifecycle 8 MITRE ATT&CK Framework 10 Methodology of Ethical Hacking 12 Reconnaissance and Footprinting 12 Scanning and Enumeration 12 Gaining Access 13 Maintaining Access 14 Covering Tracks 14 Summary 15 Chapter 2 Networking Foundations 17 Communications Models 19 Open Systems Interconnection 20 TCP/IP Architecture 23 Topologies 24 Bus Network 24 Star Network 25 Ring Network 26 Mesh Network 27 Hybrid 28 Physical Networking 29 Addressing 29 Switching 30 IP 31 Headers 32 Addressing 34 Subnets 35 TCP 37 UDP 40 Internet Control Message Protocol 41 Network Architectures 42 Network Types 43 Isolation 44 Remote Access 45 Cloud Computing 46 Storage as a Service 47 Infrastructure as a Service 48 Platform as a Service 49 Software as a Service 51 Internet of Things 53 Summary 54 Review Questions 56 Chapter 3 Security Foundations 59 The Triad 61 Confidentiality 61 Integrity 63 Availability 64 Parkerian Hexad 65 Information Assurance and Risk 66 Policies, Standards, and Procedures 69 Security Policies 69 Security Standards 70 Procedures 71 Guidelines 72 Organizing Your Protections 72 Security Technology 75 Firewalls 76 Intrusion Detection Systems 80 Intrusion Prevention Systems 83 Endpoint Detection and Response 84 Security Information and Event Management 86 Being Prepared 87 Defense in Depth 87 Defense in Breadth 89 Defensible Network Architecture 90 Logging 91 Auditing 93 Summary 95 Review Questions 96 Chapter 4 Footprinting and Reconnaissance 101 Open Source Intelligence 103 Companies 103 People 112 Social Networking 115 Domain Name System 129 Name Lookups 130 Zone Transfers 136 Passive DNS 138 Passive Reconnaissance 142 Website Intelligence 145 Technology Intelligence 150 Google Hacking 150 Internet of Things (IoT) 152 Summary 154 Review Questions 157 Chapter 5 Scanning Networks 161 Ping Sweeps 163 Using fping 163 Using MegaPing 165 Port Scanning 167 nmap 168 masscan 184 MegaPing 186 Metasploit 188 Vulnerability Scanning 190 OpenVAS 192 Nessus 203 Looking for Vulnerabilities with Metasploit 209 Packet Crafting and Manipulation 210 hping 211 packETH 214 fragroute 217 Evasion Techniques 218 Evasion with nmap 221 Protecting and Detecting 223 Summary 224 Review Questions 226 Chapter 6 Enumeration 231 Service Enumeration 233 Countermeasures 236 Remote Procedure Calls 236 SunRPC 237 Remote Method Invocation 239 Server Message Block 242 Built- in Utilities 243 nmap Scripts 247 NetBIOS Enumerator 249 Metasploit 250 Other Utilities 254 Countermeasures 257 Simple Network Management Protocol 258 Countermeasures 259 Simple Mail Transfer Protocol 260 Countermeasures 263 Web- Based Enumeration 264 Countermeasures 271 Summary 272 Review Questions 274 Chapter 7 System Hacking 279 Searching for Exploits 281 System Compromise 285 Metasploit Modules 286 Exploit- DB 290 Gathering Passwords 292 Password Cracking 295 John the Ripper 296 Rainbow Tables 298 Kerberoasting 300 Client- Side Vulnerabilities 305 Living Off the Land 307 Fuzzing 308 Post Exploitation 313 Evasion 313 Privilege Escalation 314 Pivoting 319 Persistence 322 Covering Tracks 326 Summary 332 Review Questions 334 Chapter 8 Malware 339 Malware Types 341 Virus 341 Worm 342 Trojan 344 Botnet 344 Ransomware 345 Dropper 347 Fileless Malware 348 Polymorphic Malware 348 Malware Analysis 349 Static Analysis 350 Dynamic Analysis 361 Automated Malware Analysis 370 Creating Malware 371 Writing Your Own 372 Using Metasploit 375 Obfuscating 381 Malware Infrastructure 382 Antivirus Solutions 384 Persistence 385 Summary 386 Review Questions 388 Chapter 9 Sniffing 393 Packet Capture 394 tcpdump 395 tshark 401 Wireshark 403 Berkeley Packet Filter 408 Port Mirroring/Spanning 410 Detecting Sniffers 410 Packet Analysis 412 Spoofing Attacks 417 ARP Spoofing 418 DNS Spoofing 422 DHCP Starvation Attack 424 sslstrip 425 Spoofing Detection 426 Summary 428 Review Questions 430 Chapter 10 Social Engineering 435 Social Engineering 436 Pretexting 438 Social Engineering Vectors 440 Identity Theft 441 Physical Social Engineering 442 Badge Access 442 Man Traps 444 Biometrics 445 Phone Calls 446 Baiting 447 Tailgating 448 Phishing Attacks 448 Contact Spamming 452 Quid Pro Quo 452 Social Engineering for Social Networking 453 Website Attacks 454 Cloning 454 Rogue Attacks 457 Wireless Social Engineering 458 Automating Social Engineering 461 Summary 464 Review Questions 466 Chapter 11 Wireless Security 471 Wi- Fi 472 Wi- Fi Network Types 474 Wi- Fi Authentication 477 Wi- Fi Encryption 478 Bring Your Own Device 483 Wi- Fi Attacks 484 Bluetooth 495 Scanning 496 Bluejacking 498 Bluesnarfing 498 Bluebugging 498 Bluedump 499 Bluesmack 499 Mobile Devices 499 Mobile Device Attacks 500 Summary 504 Review Questions 506 Chapter 12 Attack and Defense 511 Web Application Attacks 512 OWASP Top 10 Vulnerabilities 514 Web Application Protections 524 Denial- of- Service Attacks 526 Bandwidth Attacks 527 Slow Attacks 529 Legacy 531 Application Exploitation 531 Buffer Overflow 532 Heap Spraying 534 Application Protections and Evasions 535 Lateral Movement 536 Defense in Depth/Defense in Breadth 538 Defensible Network Architecture 540 Summary 542 Review Questions 544 Chapter 13 Cryptography 549 Basic Encryption 551 Substitution Ciphers 551 Diffie–Hellman 553 Symmetric Key Cryptography 555 Data Encryption Standard 555 Advanced Encryption Standard 556 Asymmetric Key Cryptography 558 Hybrid Cryptosystem 559 Nonrepudiation 559 Elliptic Curve Cryptography 560 Certificate Authorities and Key Management 562 Certificate Authority 562 Trusted Third Party 565 Self- Signed Certificates 566 Cryptographic Hashing 569 PGP and S/MIME 571 Disk and File Encryption 572 Summary 576 Review Questions 578 Chapter 14 Security Architecture and Design 581 Data Classification 582 Security Models 584 State Machine 584 Biba 585 Bell–LaPadula 586 Clark–Wilson Integrity Model 586 Application Architecture 587 n- tier Application Design 588 Service- Oriented Architecture 591 Cloud- Based Applications 593 Database Considerations 595 Security Architecture 598 Zero- Trust Model 602 Summary 604 Review Questions 606 Chapter 15 Cloud Computing and the Internet of Things 611 Cloud Computing Overview 612 Cloud Services 616 Shared Responsibility Model 621 Public vs. Private Cloud 623 Grid Computing 624 Cloud Architectures and Deployment 625 Responsive Design 629 Cloud- Native Design 629 Deployment 631 Dealing with REST 633 Common Cloud Threats 639 Access Management 639 Data Breach 641 Web Application Compromise 642 Credential Compromise 643 Insider Threat 645 Internet of Things 646 Fog Computing 651 Operational Technology 652 The Purdue Model 654 Summary 655 Review Questions 657 Appendix Answers to Review Questions 661 Chapter 2: Networking Foundations 662 Chapter 3: Security Foundations 663 Chapter 4: Footprinting and Reconnaissance 666 Chapter 5: Scanning Networks 669 Chapter 6: Enumeration 672 Chapter 7: System Hacking 675 Chapter 8: Malware 678 Chapter 9: Sniffing 681 Chapter 10: Social Engineering 683 Chapter 11: Wireless Security 686 Chapter 12: Attack and Defense 688 Chapter 13: Cryptography 691 Chapter 14: Security Architecture and Design 693 Chapter 15: Cloud Computing and the Internet of Things 695 Index 699
£40.38
John Wiley & Sons CISA Certified Information Systems Auditor Study
Book Synopsis
£47.50
McGraw-Hill Education - Europe Hacking Exposed 7
Book SynopsisPublisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.The latest tactics for thwarting digital attacksâœOur new reality is zero-day, APT, and state-sponsored attacks. Today, more than ever, security professionals need to get into the hackerâs mind, methods, and toolbox to successfully deter such relentless assaults. This edition brings readers abreast with the latest attack vectors and arms them for these continually evolving threats.â --Brett Wahlin, CSO, Sony Network EntertainmentâœStop taking punches--letâs change the game; itâs time for a paradigm shift in the way we secure our networks, and Hacking Exposed 7 is the playbook for bringing pain to our adversaries.â --Shawn Henry, former Executive Assistant Director, FBIBolster your systemâs securiTable of Contents1: Footprinting2: Scanning3: Enumeration4. Hacking Windows5. Hacking UNIX6: Remote Connectivity and VoIP Hacking 7. Network Devices (Expanded)8: Wireless Devices (Expanded)9: Embedded Systems (NEW)10: Web Hacking11. Countermeasures Map (NEW)Appendix A: PortsAppendix B: Top 14 Security VulnerabilitiesAppendix C: Denial of Service (DoS) Attacks
£43.99
Elsevier Science & Technology Computer Networks
Book SynopsisTrade Review"In the book, consisting of 9 chapters, individual chapters can be grouped into three functional blocks. In the first one, the authors present the principles of accessing computer networks and the basic issues of connecting and integrating various network solutions along with the principles of datagram communication. In the second segment of the book, the emphasis is placed on the quality of communication, in particular flow and congestion control, allowing to counteract overload phenomena in communication between end users.... The last chapters of the book concern data formatting, network security and the principles of realization of selected network applications.An important supplement to the book are numerous examples and a large number of exercises and tasks for the readers. The authors add sketchy solutions to some of them. The book gives therefore interesting and useful material for people who want to learn the basics of computer networks operation." --zbMath/European Mathematical Society and the Heidelberg Academy of Sciences and HumanitiesTable of Contents1. Foundation 2. Getting Connected 3. Internetworking 4. Advanced Internetworking 5. End-to-End Protocols 6. Congestion Control and Resource Allocation 7. End-to-End Data 8. Network Security 9. Applications
£82.76
Elsevier Science Quantum Communication Quantum Networks and
Book SynopsisTable of Contents1. Introduction 2. Detection theory, information theory, and channel coding fundamentals 3. Quantum information processing fundamentals 4. Quantum information theory 5. Quantum detection and gaussian quantum information theories 6. Quantum key distribution (QKD) 7. Quantum error correction fundamentals 8. Quantum stabilizer codes and beyond 9. Quantum LDPC codes 10. Quantum networks 11. Quantum sensing 12. QIP and machine learning (ML) 13. Fault-tolerant QEC
£103.50
Pearson Education Mathematical Foundations of Computer Networking
Book SynopsisSrinivasan Keshav is a Professor and a Canada Research Chair at the David R. Cheriton School of Computer Science, University of Waterloo, Ontario, Canada.Table of ContentsPreface xv Chapter 1: Probability 1 1.1 Introduction 1 1.2 Joint and Conditional Probability 7 1.3 Random Variables 14 1.4 Moments and Moment Generating Functions 21 1.5 Standard Discrete Distributions 25 1.6 Standard Continuous Distributions 29 1.7 Useful Theorems 35 1.8 Jointly Distributed Random Variables 42 1.8.1 Bayesian Networks 44 1.9 Further Reading 47 1.10 Exercises 47 Chapter 2: Statistics 53 2.1 Sampling a Population 53 2.2 Describing a Sample Parsimoniously 57 2.3 Inferring Population Parameters from Sample Parameters 66 2.4 Testing Hypotheses about Outcomes of Experiments 70 2.5 Independence and Dependence: Regression and Correlation 86 2.6 Comparing Multiple Outcomes Simultaneously: Analysis of Variance 95 2.7 Design of Experiments 99 2.8 Dealing with Large Data Sets 100 2.9 Common Mistakes in Statistical Analysis 103 2.10 Further Reading 105 2.11 Exercises 105 Chapter 3: Linear Algebra 109 3.1 Vectors and Matrices 109 3.2 Vector and Matrix Algebra 111 3.3 Linear Combinations, Independence, Basis, and Dimension 114 3.4 Using Matrix Algebra to Solve Linear Equations 117 3.5 Linear Transformations, Eigenvalues, and Eigenvectors 125 3.6 Stochastic Matrices 138 3.7 Exercises 143 Chapter 4: Optimization 147 4.1 System Modeling and Optimization 147 4.2 Introduction to Optimization 149 4.3 Optimizing Linear Systems 152 4.4 Integer Linear Programming 157 4.5 Dynamic Programming 162 4.6 Nonlinear Constrained Optimization 164 4.7 Heuristic Nonlinear Optimization 167 4.8 Exercises 170 Chapter 5: Signals, Systems, and Transforms 173 5.1 Background 173 5.2 Signals 185 5.3 Systems 188 5.4 Analysis of a Linear Time-Invariant System 189 5.5 Transforms 195 5.6 The Fourier Series 196 5.7 The Fourier Transform and Its Properties 200 5.8 The Laplace Transform 209 5.9 The Discrete Fourier Transform and Fast Fourier Transform 216 5.10 The Z Transform 226 5.11 Further Reading 233 5.12 Exercises 234 Chapter 6: Stochastic Processes and Queueing Theory 237 6.1 Overview 237 6.2 Stochastic Processes 240 6.3 Continuous-Time Markov Chains 252 6.4 Birth-Death Processes 255 6.5 The M/M/1 Queue 262 6.6 Two Variations on the M/M/1 Queue 266 6.7 Other Queueing Systems 270 6.8 Further Reading 272 6.9 Exercises 272 Chapter 7: Game Theory 277 7.1 Concepts and Terminology 278 7.2 Solving a Game 291 7.3 Mechanism Design 301 7.4 Limitations of Game Theory 314 7.5 Further Reading 315 7.6 Exercises 316 Chapter 8: Elements of Control Theory 319 8.1 Overview of a Controlled System 320 8.2 Modeling a System 323 8.3 A First-Order System 329 8.4 A Second-Order System 331 8.5 Basics of Feedback Control 336 8.6 PID Control 341 8.7 Advanced Control Concepts 346 8.8 Stability 350 8.9 State Space–Based Modeling and Control 360 8.10 Digital Control 364 8.11 Partial Fraction Expansion 367 8.12 Further Reading 370 8.13 Exercises 370 Chapter 9: Information Theory 373 9.1 Introduction 373 9.2 A Mathematical Model for Communication 374 9.3 From Messages to Symbols 378 9.4 Source Coding 379 9.5 The Capacity of a Communication Channel 386 9.6 The Gaussian Channel 399 9.7 Further Reading 407 9.8 Exercises 407 Solutions to Exercises 411 Index 457
£56.69
Cengage Learning, Inc Microsoft 365 Modern Desktop Administrator Guide
Book SynopsisWright/Plesniarski's MICROSOFT SPECIALIST GUIDE TO MICROSOFT EXAM MD-100: WINDOWS 10 ensures you are well prepared for the Microsoft exam as well as a successful career in system administration. Completely up to date, this student-friendly guide walks you step by step through all aspects of installing, configuring and maintaining Windows 10 as a client operating system. Engaging exercises throughout enable you to experience the processes involved in Windows 10 configuration and management -- with plenty of troubleshooting tips that offer solutions to common problems. Review Questions help you prepare for the Microsoft certification exam, while Case Projects provide practice in situations that must be managed in a live networking environment. Giving you added flexibility, labs can be completed on physical or virtual machines. Also available: MindTap digital learning solution.Table of Contents1. Introduction to Windows 10. 2. Configuring Windows 10. 3. User Management. 4. Networking. 5. Managing Disks and File Systems. 6. Windows 10 Security Features. 7. User Productivity Tools. 8. Application Support. 9. Performance Tuning and System Recovery. 10. Enterprise Computing. 11. Managing Enterprise Clients. 12. Automating Windows 10 Deployment. Appendix: Exam MD-100. Appendix: Preparing for Exams. Appendix: Client Hyper-V.
£69.99
Elsevier Science 5G5GAdvanced
Book SynopsisTable of ContentsPreface Acknowledgments Abbreviations and Acronyms 1. What Is 5G? 2. 5G Standardization 3. Spectrum for 5G 4. LTE—An Overview 5. NR Overview 6. Radio-Interface Architecture 7. Overall Transmission Structure 8. Channel Sounding 9. Transport-Channel Processing 10. Physical-Layer Control Signaling 11. Multi-Antenna Transmission 12. Beam Management 13. Retransmission Protocols 14. Scheduling 15. Uplink Power and Timing Control 16. Cell search and system information 17. Random access 18. LTE/NR Interworking and Coexistence 19. Interference handling in TDD networks 20. NR in unlicensed spectrum 21. Industrial IoT and URLLC enhancements 22. RedCap and small data transmission 23. Multicast-Broadcast Services 24. Integrated Access Backhaul 25. Non-terrestrial NR access 26. Sidelink communication 27. Positioning 28. RF Characteristics 29. RF Technologies at mm-Wave Frequencies 30. 5G—Further Evolution References
£80.96
John Wiley & Sons Inc It Disaster Recovery Planning for Dummies
Book SynopsisIf you have a business or a nonprofit organization, or if you're the one responsible for information systems at such an operation, you know that disaster recovery planning is pretty vital. But it's easy to put it off.Table of ContentsForeword xix Introduction 1 About This Book 1 How This Book Is Organized 2 Part I: Getting Started with Disaster Recovery 2 Part II: Building Technology Recovery Plans 2 Part III: Managing Recovery Plans 2 Part IV: The Part of Tens 3 What This Book Is — and What It Isn’t 3 Assumptions about Disasters 3 Icons Used in This Book 4 Where to Go from Here 4 Write to Us! 5 Part I: Getting Started with Disaster Recovery 7 Chapter 1: Understanding Disaster Recovery 9 Disaster Recovery Needs and Benefits 9 The effects of disasters 10 Minor disasters occur more frequently 11 Recovery isn’t accidental 12 Recovery required by regulation 12 The benefits of disaster recovery planning 13 Beginning a Disaster Recovery Plan 13 Starting with an interim plan 14 Beginning the full DR project 15 Managing the DR Project 18 Conducting a Business Impact Analysis 18 Developing recovery procedures 22 Understanding the Entire DR Lifecycle 25 Changes should include DR reviews 26 Periodic review and testing 26 Training response teams 26 Chapter 2: Bootstrapping the DR Plan Effort 29 Starting at Square One 30 How disaster may affect your organization 30 Understanding the role of prevention 31 Understanding the role of planning 31 Resources to Begin Planning 32 Emergency Operations Planning 33 Preparing an Interim DR Plan 34 Staffing your interim DR plan team 35 Looking at an interim DR plan overview 35 Building the Interim Plan 36 Step 1 — Build the Emergency Response Team 37 Step 2 — Define the procedure for declaring a disaster 37 Step 3 — Invoke the interim DR plan 39 Step 4 — Maintain communications during a disaster 39 Step 5 — Identify basic recovery plans 41 Step 6 — Develop processing alternatives 42 Step 7 — Enact preventive measures 44 Step 8 — Document the interim DR plan 46 Step 9 — Train ERT members 48 Testing Interim DR Plans 48 Chapter 3: Developing and Using a Business Impact Analysis 51 Understanding the Purpose of a BIA 52 Scoping the Effort 53 Conducting a BIA: Taking a Common Approach 54 Gathering information through interviews 55 Using consistent forms and worksheets 56 Capturing Data for the BIA 58 Business processes 59 Information systems 60 Assets 61 Personnel 62 Suppliers 62 Statements of impact 62 Criticality assessment 63 Maximum Tolerable Downtime 64 Recovery Time Objective 64 Recovery Point Objective 65 Introducing Threat Modeling and Risk Analysis 66 Disaster scenarios 67 Identifying potential disasters in your region 68 Performing Threat Modeling and Risk Analysis 68 Identifying Critical Components 69 Processes and systems 70 Suppliers 71 Personnel 71 Determining the Maximum Tolerable Downtime 72 Calculating the Recovery Time Objective 72 Calculating the Recovery Point Objective 73 Part II: Building Technology Recovery Plans 75 Chapter 4: Mapping Business Functions to Infrastructure 77 Finding and Using Inventories 78 Using High-Level Architectures 80 Data flow and data storage diagrams 80 Infrastructure diagrams and schematics 84 Identifying Dependencies 90 Inter-system dependencies 91 External dependencies 95 Chapter 5: Planning User Recovery 97 Managing and Recovering End-User Computing 98 Workstations as Web terminals 99 Workstation access to centralized information 102 Workstations as application clients 104 Workstations as local computers 108 Workstation operating systems 113 Managing and Recovering End-User Communications 119 Voice communications 119 E-mail 121 Fax machines 125 Instant messaging 126 Chapter 6: Planning Facilities Protection and Recovery 129 Protecting Processing Facilities 129 Controlling physical access 130 Getting charged up about electric power 140 Detecting and suppressing fire 141 Chemical hazards 144 Keeping your cool 145 Staying dry: Water/flooding detection and prevention 145 Selecting Alternate Processing Sites 146 Hot, cold, and warm sites 147 Other business locations 149 Data center in a box: Mobile sites 150 Colocation facilities 150 Reciprocal facilities 151 Chapter 7: Planning System and Network Recovery 153 Managing and Recovering Server Computing 154 Determining system readiness 154 Server architecture and configuration 155 Developing the ability to build new servers 157 Distributed server computing considerations 159 Application architecture considerations 160 Server consolidation: The double-edged sword 161 Managing and Recovering Network Infrastructure 163 Implementing Standard Interfaces 166 Implementing Server Clustering 167 Understanding cluster modes 168 Geographically distributed clusters 169 Cluster and storage architecture 170 Chapter 8: Planning Data Recovery 173 Protecting and Recovering Application Data 173 Choosing How and Where to Store Data for Recovery 175 Protecting data through backups 176 Protecting data through resilient storage 179 Protecting data through replication and mirroring 180 Protecting data through electronic vaulting 182 Deciding where to keep your recovery data 182 Protecting data in transit 184 Protecting data while in DR mode 185 Protecting and Recovering Applications 185 Application version 186 Application patches and fixes 186 Application configuration 186 Application users and roles 187 Application interfaces 189 Application customizations 189 Applications dependencies with databases,operating systems, and more 190 Applications and client systems 191 Applications and networks 192 Applications and change management 193 Applications and configuration management 193 Off-Site Media and Records Storage 194 Chapter 9: Writing the Disaster Recovery Plan 197 Determining Plan Contents 198 Disaster declaration procedure 198 Emergency contact lists and trees 200 Emergency leadership and role selection 202 Damage assessment procedures 203 System recovery and restart procedures 205 Transition to normal operations 207 Recovery team 209 Structuring the Plan 210 Enterprise-level structure 210 Document-level structure 211 Managing Plan Development 212 Preserving the Plan 213 Taking the Next Steps 213 Part III: Managing Recovery Plans 215 Chapter 10: Testing the Recovery Plan 217 Testing the DR Plan 217 Why test a DR plan? 218 Developing a test strategy 219 Developing and following test procedures 220 Conducting Paper Tests 221 Conducting Walkthrough Tests 222 Walkthrough test participants 223 Walkthrough test procedure 223 Scenarios 224 Walkthrough results 225 Debriefing 225 Next steps 226 Conducting Simulation Testing 226 Conducting Parallel Testing 227 Parallel testing considerations 228 Next steps 229 Conducting Cutover Testing 230 Cutover test procedure 231 Cutover testing considerations 233 Planning Parallel and Cutover Tests 234 Clustering and replication technologies and cutover tests 235 Next steps 236 Establishing Test Frequency 236 Paper test frequency 237 Walkthrough test frequency 238 Parallel test frequency 239 Cutover test frequency 240 Chapter 11: Keeping DR Plans and Staff Current 241 Understanding the Impact of Changes on DR Plans 241 Technology changes 242 Business changes 243 Personnel changes 245 Market changes 247 External changes 248 Changes — some final words 249 Incorporating DR into Business Lifecycle Processes 250 Systems and services acquisition 250 Systems development 251 Business process engineering 252 Establishing DR Requirements and Standards 253 A Multi-Tiered DR Standard Case Study 254 Maintaining DR Documentation 256 Managing DR documents 257 Updating DR documents 258 Publishing and distributing documents 260 Training Response Teams 261 Types of training 261 Indoctrinating new trainees 262 Chapter 12: Understanding the Role of Prevention 263 Preventing Facilities-Related Disasters 264 Site selection 265 Preventing fires 270 HVAC failures 272 Power-related failures 272 Protection from civil unrest and war 273 Avoiding industrial hazards 274 Preventing secondary effects of facilities disasters 275 Preventing Technology-Related Disasters 275 Dealing with system failures 276 Minimizing hardware and software failures 276 Pros and cons of a monoculture 277 Building a resilient architecture 278 Preventing People-Related Disasters 279 Preventing Security Issues and Incidents 280 Prevention Begins at Home 283 Chapter 13: Planning for Various Disaster Scenarios 285 Planning for Natural Disasters 285 Earthquakes 285 Wildfires 287 Volcanoes 288 Floods 289 Wind and ice storms 290 Hurricanes 291 Tornadoes 292 Tsunamis 293 Landslides and avalanches 295 Pandemic 297 Planning for Man-Made Disasters 300 Utility failures 300 Civil disturbances 301 Terrorism and war 302 Security incidents 303 Part IV: The Part of Tens 305 Chapter 14: Ten Disaster Recovery Planning Tools 307 Living Disaster Recovery Planning System (LDRPS) 307 BIA Professional 308 COBRA Risk Analysis 308 BCP Generator 309 DRI Professional Practices Kit 310 Disaster Recovery Plan Template 310 SLA Toolkit 311 LBL ContingencyPro Software 312 Emergency Management Guide for Business and Industry 312 DRJ’s Toolbox 313 Chapter 15: Eleven Disaster Recovery Planning Web Sites 315 DRI International 315 Disaster Recovery Journal 316 Business Continuity Management Institute 316 Disaster Recovery World 317 Disaster Recovery Planning.org 317 The Business Continuity Institute 318 Disaster-Resource.com 319 Computerworld Disaster Recovery 319 CSO Business Continuity and Disaster Recovery 320 Federal Emergency Management Agency (FEMA) 320 Rothstein Associates Inc 321 Chapter 16: Ten Essentials for Disaster Planning Success 323 Executive Sponsorship 323 Well-Defined Scope 324 Committed Resources 325 The Right Experts 325 Time to Develop the Project Plan 326 Support from All Stakeholders 326 Testing, Testing, Testing 327 Full Lifecycle Commitment 327 Integration into Other Processes 328 Luck 329 Chapter 17: Ten Benefits of DR Planning 331 Improved Chances of Surviving “The Big One” 331 A Rung or Two Up the Maturity Ladder 332 Opportunities for Process Improvements 332 Opportunities for Technology Improvements 333 Higher Quality and Availability of Systems 334 Reducing Disruptive Events 334 Reducing Insurance Premiums 335 Finding Out Who Your Leaders Are 336 Complying with Standards and Regulations 336 Competitive Advantage 338 Index 339
£17.84
John Wiley & Sons Inc Computer Networks Principles Technologies and
Book SynopsisA computer network is made up of a group of two or more connected machines. In a Local Area Network (or LAN), computers are connected together within a local area, such as an office or home. In a Wide Area Network (or WAN), computers are farther apart and connected via telephone/communication lines, radio waves, or other means of communication.Table of ContentsPreface. Part I: Networking Basics. Chapter 1: Evolution of Computer Networks. Chapter 2: General Principles of Network Design. Chapter 3: Packet and Circuit Switching. Chapter 4: Network Architecture and Standardization. Chapter 5: Examples of Networks. Chapter 6: Network Characteristics. Chapter 7: Methods of Ensuring Quality of Service. Part II: Physical Layer Technologies. Chapter 8: Transmission Links. Chapter 9: Data Encoding and Multiplexing. Chapter 10: Wireless Transmission. Chapter 11: Transmission Networks. Part III: Local Area Networks. Chapter 12: Ethernet. Chapter 13: High-Speed Ethernet. Chapter 14: Shared Media LANs. Chapter 15: Switched LAN Basics. Chapter 16: Advanced Features of Switched LANs. Part IV: TCP/IP Internet-working. Chapter 17: Addressing in TCP/IP Networks. Chapter 18: Internet Protocol. Chapter 19: Core Protocols of the TCP/IP Stack. Chapter 20: Advanced Features of IP Routers. Part V: Wide-Area Networks. Chapter 21: Virtual Circuit WAN. Chapter 22: IP WANs. Chapter 23: Remote Access. Chapter 24: Secure Transport Services. Summary. Review questions. Problems. Conclusion. References and recommended reading. Index.
£56.00
John Wiley & Sons Inc Building the Data Warehouse
Book Synopsis The new edition of the classic bestseller that launched the data warehousing industry covers new approaches and technologies, many of which have been pioneered by Inmon himself In addition to explaining the fundamentals of data warehouse systems, the book covers new topics such as methods for handling unstructured data in a data warehouse and storing data across multiple storage media Discusses the pros and cons of relational versus multidimensional design and how to measure return on investment in planning data warehouse projects Covers advanced topics, including data monitoring and testing Although the book includes an extra 100 pages worth of valuable content, the price has actually been reduced from $65 to $55 Table of ContentsPreface xix Acknowledgments xxvii Chapter 1 Evolution of Decision Support Systems 1 The Evolution 2 The Advent of DASD 4 PC/4GL Technology 4 Enter the Extract Program 5 The Spider Web 6 Problems with the Naturally Evolving Architecture 7 Lack of Data Credibility 7 Problems with Productivity 9 From Data to Information 12 A Change in Approach 14 The Architected Environment 16 Data Integration in the Architected Environment 18 Who Is the User? 20 The Development Life Cycle 20 Patterns of Hardware Utilization 22 Setting the Stage for Re-engineering 23 Monitoring the Data Warehouse Environment 25 Summary 28 Chapter 2 The Data Warehouse Environment 29 The Structure of the Data Warehouse 33 Subject Orientation 34 Day 1 to Day n Phenomenon 39 Granularity 41 The Benefits of Granularity 42 An Example of Granularity 43 Dual Levels of Granularity 46 Exploration and Data Mining 50 Living Sample Database 50 Partitioning as a Design Approach 53 Partitioning of Data 53 Structuring Data in the Data Warehouse 56 Auditing and the Data Warehouse 61 Data Homogeneity and Heterogeneity 61 Purging Warehouse Data 64 Reporting and the Architected Environment 64 The Operational Window of Opportunity 65 Incorrect Data in the Data Warehouse 67 Summary 69 Chapter 3 The Data Warehouse and Design 71 Beginning with Operational Data 71 Process and Data Models and the Architected Environment 78 The Data Warehouse and Data Models 79 The Data Warehouse Data Model 81 The Midlevel Data Model 84 The Physical Data Model 88 The Data Model and Iterative Development 91 Normalization and Denormalization 94 Snapshots in the Data Warehouse 100 Metadata 102 Managing Reference Tables in a Data Warehouse 103 Cyclicity of Data — The Wrinkle of Time 105 Complexity of Transformation and Integration 108 Triggering the Data Warehouse Record 112 Events 112 Components of the Snapshot 113 Some Examples 113 Profile Records 114 Managing Volume 115 Creating Multiple Profile Records 117 Going from the Data Warehouse to the Operational Environment 117 Direct Operational Access of Data Warehouse Data 118 Indirect Access of Data Warehouse Data 119 An Airline Commission Calculation System 119 A Retail Personalization System 121 Credit Scoring 123 Indirect Use of Data Warehouse Data 125 Star Joins 126 Supporting the ODS 133 Requirements and the Zachman Framework 134 Summary 136 Chapter 4 Granularity in the Data Warehouse 139 Raw Estimates 140 Input to the Planning Process 141 Data in Overflow 142 Overflow Storage 144 What the Levels of Granularity Will Be 147 Some Feedback Loop Techniques 148 Levels of Granularity — Banking Environment 150 Feeding the Data Marts 157 Summary 157 Chapter 5 The Data Warehouse and Technology 159 Managing Large Amounts of Data 159 Managing Multiple Media 161 Indexing and Monitoring Data 162 Interfaces to Many Technologies 162 Programmer or Designer Control of Data Placement 163 Parallel Storage and Management of Data 164 Metadata Management 165 Language Interface 166 Efficient Loading of Data 166 Efficient Index Utilization 168 Compaction of Data 169 Compound Keys 169 Variable-Length Data 169 Lock Management 171 Index-Only Processing 171 Fast Restore 171 Other Technological Features 172 DBMS Types and the Data Warehouse 172 Changing DBMS Technology 174 Multidimensional DBMS and the Data Warehouse 175 Data Warehousing across Multiple Storage Media 182 The Role of Metadata in the Data Warehouse Environment 182 Context and Content 185 Three Types of Contextual Information 186 Capturing and Managing Contextual Information 187 Looking at the Past 187 Refreshing the Data Warehouse 188 Testing 190 Summary 191 Chapter 6 The Distributed Data Warehouse 193 Types of Distributed Data Warehouses 193 Local and Global Data Warehouses 194 The Local Data Warehouse 197 The Global Data Warehouse 198 Intersection of Global and Local Data 201 Redundancy 206 Access of Local and Global Data 207 The Technologically Distributed Data Warehouse 211 The Independently Evolving Distributed Data Warehouse 213 The Nature of the Development Efforts 213 Completely Unrelated Warehouses 215 Distributed Data Warehouse Development 217 Coordinating Development across Distributed Locations 218 The Corporate Data Model — Distributed 219 Metadata in the Distributed Warehouse 223 Building the Warehouse on Multiple Levels 223 Multiple Groups Building the Current Level of Detail 226 Different Requirements at Different Levels 228 Other Types of Detailed Data 232 Metadata 234 Multiple Platforms for Common Detail Data 235 Summary 236 Chapter 7 Executive Information Systems and the Data Warehouse 239 EIS — The Promise 240 A Simple Example 240 Drill-Down Analysis 243 Supporting the Drill-Down Process 245 The Data Warehouse as a Basis for EIS 247 Where to Turn 248 Event Mapping 251 Detailed Data and EIS 253 Keeping Only Summary Data in the EIS 254 Summary 255 Chapter 8 External Data and the Data Warehouse 257 External Data in the Data Warehouse 260 Metadata and External Data 261 Storing External Data 263 Different Components of External Data 264 Modeling and External Data 265 Secondary Reports 266 Archiving External Data 267 Comparing Internal Data to External Data 267 Summary 268 Chapter 9 Migration to the Architected Environment 269 A Migration Plan 270 The Feedback Loop 278 Strategic Considerations 280 Methodology and Migration 283 A Data-Driven Development Methodology 283 Data-Driven Methodology 286 System Development Life Cycles 286 A Philosophical Observation 286 Summary 287 Chapter 10 The Data Warehouse and the Web 289 Supporting the eBusiness Environment 299 Moving Data from the Web to the Data Warehouse 300 Moving Data from the Data Warehouse to the Web 301 Web Support 302 Summary 302 Chapter 11 Unstructured Data and the Data Warehouse 305 Integrating the Two Worlds 307 Text — The Common Link 308 A Fundamental Mismatch 310 Matching Text across the Environments 310 A Probabilistic Match 311 Matching All the Information 312 A Themed Match 313 Industrially Recognized Themes 313 Naturally Occurring Themes 316 Linkage through Themes and Themed Words 317 Linkage through Abstraction and Metadata 318 A Two-Tiered Data Warehouse 320 Dividing the Unstructured Data Warehouse 321 Documents in the Unstructured Data Warehouse 322 Visualizing Unstructured Data 323 A Self-Organizing Map (SOM) 324 The Unstructured Data Warehouse 325 Volumes of Data and the Unstructured Data Warehouse 326 Fitting the Two Environments Together 327 Summary 330 Chapter 12 The Really Large Data Warehouse 331 Why the Rapid Growth? 332 The Impact of Large Volumes of Data 333 Basic Data-Management Activities 334 The Cost of Storage 335 The Real Costs of Storage 336 The Usage Pattern of Data in the Face of Large Volumes 336 A Simple Calculation 337 Two Classes of Data 338 Implications of Separating Data into Two Classes 339 Disk Storage in the Face of Data Separation 340 Near-Line Storage 341 Access Speed and Disk Storage 342 Archival Storage 343 Implications of Transparency 345 Moving Data from One Environment to Another 346 The CMSM Approach 347 A Data Warehouse Usage Monitor 348 The Extension of the Data Warehouse across Different Storage Media 349 Inverting the Data Warehouse 350 Total Cost 351 Maximum Capacity 352 Summary 354 Chapter 13 The Relational and the Multidimensional Models as a Basis for Database Design 357 The Relational Model 357 The Multidimensional Model 360 Snowflake Structures 361 Differences between the Models 362 The Roots of the Differences 363 Reshaping Relational Data 364 Indirect Access and Direct Access of Data 365 Servicing Future Unknown Needs 366 Servicing the Need to Change Gracefully 367 Independent Data Marts 370 Building Independent Data Marts 371 Summary 375 Chapter 14 Data Warehouse Advanced Topics 377 End-User Requirements and the Data Warehouse 377 The Data Warehouse and the Data Model 378 The Relational Foundation 378 The Data Warehouse and Statistical Processing 379 Resource Contention in the Data Warehouse 380 The Exploration Warehouse 380 The Data Mining Warehouse 382 Freezing the Exploration Warehouse 383 External Data and the Exploration Warehouse 384 Data Marts and Data Warehouses in the Same Processor 384 The Life Cycle of Data 386 Mapping the Life Cycle to the Data Warehouse Environment 387 Testing and the Data Warehouse 388 Tracing the Flow of Data through the Data Warehouse 390 Data Velocity in the Data Warehouse 391 “Pushing” and “Pulling” Data 393 Data Warehouse and the Web-Based eBusiness Environment 393 The Interface between the Two Environments 394 The Granularity Manager 394 Profile Records 396 The ODS, Profile Records, and Performance 397 The Financial Data Warehouse 397 The System of Record 399 A Brief History of Architecture — Evolving to the Corporate Information Factory 402 Evolving from the CIF 404 Obstacles 406 CIF — Into the Future 406 Analytics 406 Erp/sap 407 Unstructured Data 408 Volumes of Data 409 Summary 410 Chapter 15 Cost-Justification and Return on Investment for a Data Warehouse 413 Copying the Competition 413 The Macro Level of Cost-Justification 414 A Micro Level Cost-Justification 415 Information from the Legacy Environment 418 The Cost of New Information 419 Gathering Information with a Data Warehouse 419 Comparing the Costs 420 Building the Data Warehouse 420 A Complete Picture 421 Information Frustration 422 The Time Value of Data 422 The Speed of Information 423 Integrated Information 424 The Value of Historical Data 425 Historical Data and CRM 426 Summary 426 Chapter 16 The Data Warehouse and the ODS 429 Complementary Structures 430 Updates in the ODS 430 Historical Data and the ODS 431 Profile Records 432 Different Classes of ODS 434 Database Design — A Hybrid Approach 435 Drawn to Proportion 436 Transaction Integrity in the ODS 437 Time Slicing the ODS Day 438 Multiple ODS 439 ODS and the Web Environment 439 An Example of an ODS 440 Summary 441 Chapter 17 Corporate Information Compliance and Data Warehousing 443 Two Basic Activities 445 Financial Compliance 446 The “What” 447 The “Why” 449 Auditing Corporate Communications 452 Summary 454 Chapter 18 The End-User Community 457 The Farmer 458 The Explorer 458 The Miner 459 The Tourist 459 The Community 459 Different Types of Data 460 Cost-Justification and ROI Analysis 461 Summary 462 Chapter 19 Data Warehouse Design Review Checklist 463 When to Do a Design Review 464 Who Should Be in the Design Review? 465 What Should the Agenda Be? 465 The Results 465 Administering the Review 466 A Typical Data Warehouse Design Review 466 Summary 488 Glossary 489 References 507 Articles 507 Books 510 White Papers 512 Index 517
£35.15
CRC Press Curing the Patch Management Headache
a huge range and FREE tracked UK delivery on ALL orders.
£109.25
Taylor & Francis Ltd Mobile and Wireless Communications with Practical
Book SynopsisThe growing popularity of advanced multimedia-rich applications along with the increasing affordability of high-end smart mobile devices has led to a massive growth in mobile data traffic that puts significant pressure on the underlying network technology. However, no single network technology will be equipped to deal with this explosion of mobile data traffic. While wireless technologies had a spectacular evolution over the past years, the present trend is to adopt a global heterogeneous network of shared standards that enables the provisioning of quality of service and quality of experience to the end-user. To this end, enabling technologies like machine learning, Internet of Things and digital twins are seen as promising solutions for next generation networks that will enable an intelligent adaptive interconnected environment with support for prediction and decision making so that the heterogeneous applications and users'' requirements can be highly satisfied. The aim of tTable of ContentsI. Fundamental Aspects of Signals, Analogue and Digital Communication Systems. 1. The Wireless Vision. 1.1 Introduction to wireless communication - evolution and history. 1.2 Applications and Technical Challenges. 1.3 A simplified network model. 2. Wireless Transmission Fundamentals. 2.1 Spectrum and frequencies. 2.2 Signals for conveying information. 2.3 Antennas. 2.4 Multiplexing and modulation. 2.5 Spread Spectrum. 2.6 Medium Access Mechanisms. 2.7 Practical Use-Case Scenario: Antennas using Altair WinProp. 3. Radio Propagation. 3.1 Introduction to Signal Propagation. 3.2 Multi-Path Propagation. 3.3 Fresnel Zone. 3.4 Path Loss and Path Loss Models. 3.5 Free Space Propagation Model. 3.6 Two Ray Ground Model. 3.7 Okumura Model. 3.8 Okumura-Hata Model. 3.9 COST 231 Walfisch Ikegami. 3.10 Intelligent Ray Tracing. 3.11 Dominant Path Model. 3.12 Practical Use-Case Scenario: Radio Propagation using Altair WinProp. 3.13 Practical Use-Case Scenario: Rural/Suburban Study using Altair WinProp.II. Evolution of Mobile and Wireless Systems. 4 The Cellular Concept and Evolution. 4.1 Cellular Systems Fundamentals. 4.2 Traffic Engineering in Cellular Systems – Problem Solving. 4.3 Mobility Management and Handover. 4.4 Evolution from 1G to 5G and Beyond. 4.5 Practical Use-Case Scenario: Network Planning for urban scenarios using LTE with Altair WinProp. 4.6 Practical Use-Case Scenario: 5G Network Planning with Altair WinProp. 5. Satellite Communications. 5.1 The Future of Satellite Communications. 5.2 Satellite Basics. 5.3 Applications of Satellites. 5.4 Routing and Localization. 5.5 Practical Use-Case Scenario: Satellite Communications using Altair WinProp. 6. Wireless Evolution. 6.1 Wireless Technologies Evolution. 6.2 Mobile Ad-Hoc Networks. 6.3 Vehicular Networks. 6.4 Millimeter Wave Multi Gigabit Wireless Networks. 6.5 Use-Case Scenarios: Trends in Heterogeneous Environments Integration. 6.6 Practical Use-Case Scenario: Wireless Indoor Communication using Altair WinProp.III. Paradigms of Intelligent-based Networked Systems. 7. Intelligent Environments and Internet of Things. 7.1 IoT Life-cycle. 7.2 IoT Applications. 7.3 Wireless Access Networks for IoT. 7.4 Introduction to Machine Learning for IoT. 7.5 Digital Twins for Industrial IoT. 7.6 Use-Case Scenario: Technology for Public Health Emergencies. 7.7 Practical Use-Case Scenario: ML for Predictive Maintenance and IoT using Python, Tensorflow, Jupiter. 7.8 Practical Use-Case Scenario: ML for Smart Cities IoT using Python, Tensorflow, Jupiter. List of Acronyms. Index.
£42.99
CRC Press IoT Fundamentals with a Practical Approach
Book SynopsisIoT Fundamentals with a Practical Approach is an insightful book that serves as a comprehensive guide to understanding the foundations and key concepts of Internet of Things (IoT) technologies.The book begins by introducing readers to the concept of IoT, explaining the significance and potential impact on various industries and domains. It covers the underlying principles of IoT, including its architecture, connectivity, and communication protocols, providing readers with a solid understanding of how IoT systems are structured and how devices interact within an IoT ecosystem.This book dives into the crucial components that form the backbone of IoT systems. It explores sensors and actuators, explaining their roles in collecting and transmitting data from the physical environment. The book also covers electronic components used in IoT devices, such as microcontrollers, communication modules, and power management circuits. This comprehensive understanding of the
£44.99
CRC Press The Effects of Cyber Supply Chain Attacks and
Book SynopsisThe world about a week ago witnessed what is probably the largest Cyber Supply Chain Attack ever known to humankind. The magnitude of this attack only merely underscores the sheer level of interconnectivity that exists today. Because of this, the chances of this happening many more times is very high. For instance, all it takes is just one weakness, vulnerability, or a backdoor for the Cyberattacker to exploit, and from there, deploy the malicious payload which will then be sent to thousands of victims worldwide. This book will focus not only upon the two previous Supply Chain Attacks have recently happened, but it will also focus upon the Critical Infrastructure here in the United States. This includes the food supply chain, the water supply system the national power grid, and even the nuclear power facilities. Many of these establishments have been built with technology that was developed in the late 1960s and the early 1970s. Many of the vendors that built these technologies are now, for the most part, no longer in existence. Many of these are ICS and SCADA systems, and as a result, they also have many vulnerabilities from which a Cyberattacker can penetrate into a launch malicious payload, which will result in yet another form of a Cyber Supply Chain Attack. Therefore, this book will focus upon the following: *A Review Of the Critical Infrastructure of the United States *A Review Of the Solar Winds Supply Chain Attack *A Review As To How A Malicious Payload Can Created And Inserted, using SQL Injection Attacks as the primary example. *A Critical Examination As To How Supply Chain Attacks Can Be Mitigated.
£999.99
CRC Press From Web 1.0 to Web 3.0
Book SynopsisFrom Web1 to Web3 is your definitive roadmap through the current digital revolution. Authored by Ollie Bell, Nabil Hadi, and Daniel Strode, this book offers a clear, thoughtful exploration of the internetâs evolution - from its humble, static beginnings to the dynamic, decentralized future that is emerging today.The journey begins with Web1, an era defined by a read-only landscape of information where the internet functioned primarily as a digital library. As time moved on, Web2 brought a seismic shift with its explosion of user-generated content and the rise of social media, fundamentally changing how we communicate and share. However, as centralized platforms increasingly controlled our digital interactions and data, a new need arose - a need for a system that returned control to the individual.Enter Web3. In this new paradigm, blockchain technology, cryptocurrencies, decentralized finance (DeFi), non-fungible tokens (NFTs), and decentralized autonomous organizations (DAOs) converge to empower individuals with true digital ownership and control. Rather than relying on centralized institutions, Web3 leverages transparent, peer-to-peer networks to reimagine how we interact with the digital world.The book provides not only a historical perspective but also practical insights for businesses and individuals alike. Through case studies featuring leading global brands and actionable guides on navigating decentralized applications (dApps), readers gain an understanding of how businesses and individuals are already using Web3 technologies to drive innovation and create value. Whether youâre an entrepreneur, investor, developer, or a digital native keen to reclaim your data and identity, this book offers the knowledge you need to adapt and thrive in this rapidly evolving landscape.Beyond the technical details, From Web1 to Web3 explores the broader cultural and economic shifts brought about by decentralization. It examines how these changes are redefining what it means to be connected and how trust is built in a world where power is shifting from centralized authorities to individual users. This book is a balanced and accessible guide, providing the context, analysis, and practical advice required to understand the present and future of the internet. Your journey into the evolving world of Web3 begins here.
£999.99
John Wiley & Sons Inc Unmasking the Social Engineer
Book SynopsisLearn to identify the social engineer by non-verbal behavior Unmasking the Social Engineer: The Human Element of Security focuses on combining the science of understanding non-verbal communications with the knowledge of how social engineers, scam artists and con men use these skills to build feelings of trust and rapport in their targets.Table of ContentsForeword xv Acknowledgments and Preface xvii Introduction xxi I Building the Foundation 1 1 What Is Nonverbal Communication? 3 The Different Aspects of Nonverbal Communication 8 Kinesics 9 Proxemics 13 Touch 14 Eye Contact 15 Olfactics 16 Adornment 17 Facial Expressions 19 How to Use This Information 20 Summary 23 2 What Is Social Engineering? 25 Information Gathering 28 Pretexting 29 Elicitation 30 Rapport 30 Influence/Manipulation 32 Framing 33 Nonverbal Communications 34 The Three Basic Forms of Social Engineering 34 Become Phishers of Men 35 When The Phone Is More Dangerous Than Malware 39 I Am Not the Social Engineer You Are Looking For 43 Using Social Engineering Skills 45 The Good 46 The Bad 47 The Ugly 48 Summary 48 II Decoding the Language of the Body 51 3 Understanding the Language of the Hands 53 Communicating with Your Hands 55 Origin 57 Coding 57 Usage 58 High-Confidence Hand Displays 66 Low-Confidence and Stress Hand Displays 75 Getting a Handle on the Hands 78 Summary 79 4 The Torso, Legs, and Feet 81 Legs and Feet 83 Torso and Arms 89 Summary 97 5 The Science Behind the Face 99 Just the FACS 103 What Is a Truth Wizard? 105 Emotions versus Feelings 108 Fear 109 Surprise 113 Sadness 116 Contempt 121 Disgust 125 Anger 128 Happiness 132 Perfect Practice Makes Perfect 136 Summary 137 6 Understanding Nonverbal Displays of Comfort and Discomfort 139 Neck and Face Pacifying 143 What to Watch For 144 Mouth Covers 146 What to Watch For 147 Lips 147 What to Watch For 151 Eye Blocking 153 What to Watch For 154 Self-Comforting and Head Tilts 154 What to Watch For 157 Summary 158 III Deciphering the Science 159 7 The Human Emotional Processor 161 Introducing the Amygdala 164 How the Amygdala Processes Information 165 Hijacking the Amygdala 167 Human See, Human Do 169 Reading Other People’s Expressions 170 Your Own Emotional Content 171 Nonverbal Social Proof 171 Using Amygdala Hijacking as a Social Engineer 172 Summary 174 8 The Nonverbal Side of Elicitation 177 Artificial Time Constraints 181 Sympathy/Assistance Themes 182 Ego Suspension 184 Ask How, When, and Why Questions 186 Conversational Signals 187 Action Unit 1: Inner Brow Raiser 188 Action Unit 2: Outer Brow Raiser 188 Action Unit 4: Brow Lowerer 189 Conversational Signals of Emotions 190 Breaking Down Conversational Signals 191 Batons 191 Underliner r 192 Punctuation 192 Question Mark 193 Word Search 193 Nonverbal Conversational Signals 193 Conversational Signals as a Social Engineer 195 Summary 196 IV Putting It All Together 197 9 Nonverbal Communication and the Social Engineer Human Being 199 Applying This Information as a Professional Social Engineer 202 Using This Book to Defend 206 Becoming a Critical Thinker 207 Summary 210 Index 213
£23.80
John Wiley & Sons Inc The Art of Memory Forensics
Book SynopsisMemory forensics provides cutting edge technology to help investigate digital attacks Memory forensics is the art of analyzing computer memory (RAM) to solve digital crimes.Table of ContentsIntroduction xvii I An Introduction to Memory Forensics 1 1 Systems Overview 3 Digital Environment 3 PC Architecture 4 Operating Systems 17 Process Management 18 Memory Management 20 File System 24 I/O Subsystem 25 Summary 26 2 Data Structures 27 Basic Data Types 27 Summary 43 3 The Volatility Framework 45 Why Volatility? 45 What Volatility Is Not 46 Installation 47 The Framework 51 Using Volatility 59 Summary 67 4 Memory Acquisition 69 Preserving the Digital Environment 69 Software Tools 79 Memory Dump Formats 95 Converting Memory Dumps 106 Volatile Memory on Disk 107 Summary 114 II Windows Memory Forensics 115 5 Windows Objects and Pool Allocations 117 Windows Executive Objects 117 Pool-Tag Scanning 129 Limitations of Pool Scanning 140 Big Page Pool 142 Pool-Scanning Alternatives 146 Summary 148 6 Processes, Handles, and Tokens 149 Processes 149 Process Tokens 164 Privileges 170 Process Handles 176 Enumerating Handles in Memory 181 Summary 187 7 Process Memory Internals 189 What’s in Process Memory? 189 Enumerating Process Memory 193 Summary 217 8 Hunting Malware in Process Memory 219 Process Environment Block 219 PE Files in Memory 238 Packing and Compression 245 Code Injection 251 Summary 263 9 Event Logs 265 Event Logs in Memory 265 Real Case Examples 275 Summary 279 10 Registry in Memory 281 Windows Registry Analysis 281 Volatility’s Registry API 292 Parsing Userassist Keys 295 Detecting Malware with the Shimcache 297 Reconstructing Activities with Shellbags 298 Dumping Password Hashes 304 Obtaining LSA Secrets 305 Summary 307 11 Networking 309 Network Artifacts 309 Hidden Connections 323 Raw Sockets and Sniffers 325 Next Generation TCP/IP Stack 327 Internet History 333 DNS Cache Recovery 339 Summary 341 12 Windows Services 343 Service Architecture 343 Installing Services 345 Tricks and Stealth 346 Investigating Service Activity 347 Summary 366 13 Kernel Forensics and Rootkits 367 Kernel Modules 367 Modules in Memory Dumps 372 Threads in Kernel Mode 378 Driver Objects and IRPs 381 Device Trees 386 Auditing the SSDT 390 Kernel Callbacks 396 Kernel Timers 399 Putting It All Together 402 Summary 406 14 Windows GUI Subsystem, Part I 407 The GUI Landscape 407 GUI Memory Forensics 410 The Session Space 410 Window Stations 416 Desktops 422 Atoms and Atom Tables 429 Windows 435 Summary 452 15 Windows GUI Subsystem, Part II 453 Window Message Hooks 453 User Handles 459 Event Hooks 466 Windows Clipboard 468 Case Study: ACCDFISA Ransomware 472 Summary 476 16 Disk Artifacts in Memory 477 Master File Table 477 Extracting Files 493 Defeating TrueCrypt Disk Encryption 503 Summary 510 17 Event Reconstruction 511 Strings 511 Command History 523 Summary 536 18 Timelining 537 Finding Time in Memory 537 Generating Timelines 539 Gh0st in the Enterprise 543 Summary 573 III Linux Memory Forensics 575 19 Linux Memory Acquisition 577 Historical Methods of Acquisition 577 Modern Acquisition 579 Volatility Linux Profiles 583 Summary 589 20 Linux Operating System 591 ELF Files 591 Linux Data Structures 603 Linux Address Translation 607 procfs and sysfs 609 Compressed Swap 610 Summary 610 21 Processes and Process Memory 611 Processes in Memory 611 Enumerating Processes 613 Process Address Space 616 Process Environment Variables 625 Open File Handles 626 Saved Context State 630 Bash Memory Analysis 630 Summary 635 22 Networking Artifacts 637 Network Socket File Descriptors 637 Network Connections 640 Queued Network Packets 643 Network Interfaces 646 The Route Cache 650 ARP Cache 652 Summary655 23 Kernel Memory Artifacts 657 Physical Memory Maps 657 Virtual Memory Maps 661 Kernel Debug Buffer 663 Loaded Kernel Modules 667 Summary 673 24 File Systems in Memory 675 Mounted File Systems 675 Listing Files and Directories 681 Extracting File Metadata 684 Recovering File Contents 691 Summary 695 25 Userland Rootkits 697 Shellcode Injection 698 Process Hollowing 703 Shared Library Injection 705 LD_PRELOAD Rootkits 712 GOT/PLT Overwrites 716 Inline Hooking 718 Summary 719 26 Kernel Mode Rootkits 721 Accessing Kernel Mode 721 Hidden Kernel Modules 722 Hidden Processes 728 Elevating Privileges 730 System Call Handler Hooks 734 Keyboard Notifiers 735 TTY Handlers 739 Network Protocol Structures 742 Netfilter Hooks 745 File Operations 748 Inline Code Hooks 752 Summary754 27 Case Study: Phalanx2 755 Phalanx2 755 Phalanx2 Memory Analysis 757 Reverse Engineering Phalanx2 763 Final Thoughts on Phalanx2 772 Summary 772 IV Mac Memory Forensics 773 28 Mac Acquisition and Internals 775 Mac Design 775 Memory Acquisition 780 Mac Volatility Profiles 784 Mach-O Executable Format 787 Summary 791 29 Mac Memory Overview 793 Mac versus Linux Analysis 793 Process Analysis 794 Address Space Mappings 799 Networking Artifacts 804 SLAB Allocator 808 Recovering File Systems from Memory 811 Loaded Kernel Extensions 815 Other Mac Plugins 818 Mac Live Forensics 819 Summary 821 30 Malicious Code and Rootkits 823 Userland Rootkit Analysis 823 Kernel Rootkit Analysis 828 Common Mac Malware in Memory 838 Summary 844 31 Tracking User Activity 845 Keychain Recovery 845 Mac Application Analysis 849 Summary 858 Index 859
£49.40
John Wiley & Sons Inc VCADCV VMware Certified Associate on vSphere
Book SynopsisUse this expert guide to prepare for the VCA-DCV exam VCA-DCV VMware Certified Associate on vSphere Study Guide: VCAD-510 is a comprehensive study guide for the VMware Certified Associate Data Center Virtualization exam. Hands-on examples, real-world scenarios, and expert review questions cover the full exam blueprint, and the companion website offers a suite of tools to help you prepare for the exam including practice exams, electronic flashcards, and a glossary of key terms. In addition, the website includes videos that demonstrate how to complete the more challenging tasks. Focused on practical skills, this study guide not only prepares you for the certification exam, but also for the duties expected of a VCA. The VMware Certified Associate-Data Center Virtualization certification targets those with limited virtualization and VMware data center technology experience, providing a springboard to the popular VMware Certified Professional-Data Center VirtualizaTable of ContentsIntroduction xv Assessment Test xxi Chapter 1 Intro to Virtualization 1 What Is Data Center Virtualization? 2 Virtualization Then and Now 3 Physical and Virtual Data Center Components 4 Physical Data Center Components 4 Virtual Data Center Components 5 Physical and Virtual Component Differences 7 Benefits of Using Virtualization 9 Online Tools 13 Summary 14 Exam Essentials 15 Review Questions 16 Chapter 2 VMware Solutions 21 Availability Challenges 22 VMware Availability Products and Technologies 23 Management Challenges 27 VMware Management Products and Technologies 27 Scalability Challenges 28 VMware Scalability Products and Technologies 29 Optimization Challenges 31 VMware Optimization Products and Technologies 32 Summary 36 Exam Essentials 37 Review Questions 39 Chapter 3 vSphere Core Components 43 Virtual Machines 44 What Is a Virtual Machine, Anyway? 44 What Can You Do with Virtual Machines? 45 ESXi Hypervisor 47 vCenter Server 47 vMotion 48 Distributed Resource Scheduler 49 Distributed Power Management 49 Storage vMotion 50 Storage DRS 50 Ftoc.indd 03/24/2015 Page xi vSphere Data Protection 51 High‐Availability Configuration 51 Fault Tolerance 52 vSphere Replication 52 Migration 53 High Availability 54 Host HA 55 Virtual Machine HA 56 Applications HA 57 Fault Tolerance 57 Clusters and Resource Pools 58 Clusters 58 Resource Pools 59 Other VMware Data Center Products 61 vCenter Operations Manager 61 vSphere Data Protection 62 Nsx 62 Virtual SAN 62 vCenter Site Recovery Manager 62 Summary 63 Exam Essentials 64 Review Questions 65 Chapter 4 Storage in a VMware Environment 71 Physical vs. Virtual Storage 72 What Is Shared Storage? 73 VMware Storage Types 75 Local Storage 75 Fibre Channel 76 iSCSI 77 Network File System 77 Virtual Machine File System 78 The VMFS vs. the NFS 78 Disk Provisioning 78 Thick Provisioning 79 Thin Provisioning 80 VMware Virtual Storage Technologies 82 Summary 83 Exam Essentials 84 Review Questions 86 Chapter 5 Networking in a VMware Environment 91 Differentiate Physical and Virtual Networking 92 Physical Switches 92 Ftoc.indd 03/24/2015 Page xii Virtual Switches 94 Differences Between Physical and Virtual Switches 97 Differentiate VMware Virtual Switch Technologies 97 Standard Virtual Switches 98 Distributed Virtual Switches 98 Identify VMware Virtual Switch Components 101 Standard Virtual Switch 101 Distributed Virtual Switch 102 Identify Common Virtual Switch Policies 103 Port Group Policies 103 Distributed Virtual Switch Policies 106 Identify Capabilities of Network I/O Control 108 Summary 113 Exam Essentials 113 Review Questions 115 Chapter 6 Business Challenges Meet VMware Solutions 119 Availability Challenges and Solutions 120 vMotion 121 Storage vMotion 121 Virtual Machine Snapshots 122 High Availability 123 Fault Tolerance 123 vSphere Replication 124 vSphere Data Protection 124 Site Recovery Manager 125 Management Challenges and Solutions 126 Virtual Machines/Physical‐to‐Virtual Conversions 126 vCenter Server 126 vCenter Configuration Manager 127 Optimization Challenges and Solutions 128 vCenter Operations Manager 128 Thin Provisioning 129 Distributed Switches with QoS 130 Distributed Power Management 130 Storage I/O Control 131 vFlash 131 VM Storage Profiles 131 Memory Ballooning 132 Transparent Page Sharing 132 Scalability Challenges and Solutions 133 Virtual Machines 133 Virtual Machine Templates 134 Distributed Resource Scheduler 135 Ftoc.indd 03/24/2015 Page xiii Storage DRS 135 vSphere Storage Appliance 136 Hot Add 136 Distributed Virtual Switches 136 The Differences between SMB and Enterprise Challenges and Solutions 137 Summary 138 Exam Essentials 139 Review Questions 140 Appendices 145 Appendix A Answers to Review Questions 147 Appendix B Online Resources 159 Index 165
£24.00
John Wiley & Sons Inc CISA Certified Information Systems Auditor Study
Book SynopsisThe ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing.Table of ContentsIntroduction xix Assessment Test xlii Chapter 1 Secrets of a Successful Auditor 1 Understanding the Demand for IS Audits 2 Executive Misconduct 3 More Regulation Ahead 5 Basic Regulatory Objective 7 Governance is Leadership 8 Three Types of Data Target Different Uses 9 Audit Results Indicate the Truth 10 Understanding Policies, Standards, Guidelines, and Procedures 11 Understanding Professional Ethics 14 Following the ISACA Professional Code 14 Preventing Ethical Conflicts 16 Understanding the Purpose of an Audit 17 Classifying General Types of Audits 18 Determining Differences in Audit Approach 20 Understanding the Auditor’s Responsibility 21 Comparing Audits to Assessments 21 Differentiating between Auditor and Auditee Roles 22 Applying an Independence Test 23 Implementing Audit Standards 24 Where Do Audit Standards Come From? 25 Understanding the Various Auditing Standards 27 Specific Regulations Defining Best Practices 31 Audits to Prove Financial Integrity 34 Auditor is an Executive Position 35 Understanding the Importance of Auditor Confidentiality 35 Working with Lawyers 36 Working with Executives 37 Working with IT Professionals 37 Retaining Audit Documentation 38 Providing Good Communication and Integration 39 Understanding Leadership Duties 39 Planning and Setting Priorities 40 Providing Standard Terms of Reference 41 Dealing with Conflicts and Failures 42 Identifying the Value of Internal and External Auditors 43 Understanding the Evidence Rule 43 Stakeholders: Identifying Whom You Need to Interview 44 Understanding the Corporate Organizational Structure 45 Identifying Roles in a Corporate Organizational Structure 45 Identifying Roles in a Consulting Firm Organizational Structure 47 Summary 49 Exam Essentials 49 Review Questions 52 Chapter 2 Governance 57 Strategy Planning for Organizational Control 61 Overview of the IT Steering Committee 64 Using the Balanced Scorecard 69 IT Subset of the BSC 74 Decoding the IT Strategy 74 Specifying a Policy 77 Project Management 79 Implementation Planning of the IT Strategy 90 Using COBIT 94 Identifying Sourcing Locations 94 Conducting an Executive Performance Review 99 Understanding the Auditor’s Interest in the Strategy 100 Overview of Tactical Management 100 Planning and Performance 100 Management Control Methods 101 Risk Management 105 Implementing Standards 108 Human Resources 109 System Life‐Cycle Management 111 Continuity Planning 111 Insurance 112 Overview of Business Process Reengineering 112 Why Use Business Process Reengineering 113 BPR Methodology 114 Genius or Insanity? 114 Goal of BPR 114 Guiding Principles for BPR 115 Knowledge Requirements for BPR 116 BPR Techniques 116 BPR Application Steps 117 Role of IS in BPR 119 Business Process Documentation 119 BPR Data Management Techniques 120 Benchmarking as a BPR Tool 120 Using a Business Impact Analysis 121 BPR Project Risk Assessment 123 Practical Application of BPR 125 Practical Selection Methods for BPR 127 Troubleshooting BPR Problems 128 Understanding the Auditor’s Interest in Tactical Management 129 Operations Management 129 Sustaining Operations 130 Tracking Actual Performance 130 Controlling Change 131 Understanding the Auditor’s Interest in Operational Delivery 131 Summary 132 Exam Essentials 132 Review Questions 134 Chapter 3 Audit Process 139 Understanding the Audit Program 140 Audit Program Objectives and Scope 141 Audit Program Extent 143 Audit Program Responsibilities 144 Audit Program Resources 144 Audit Program Procedures 145 Audit Program Implementation 146 Audit Program Records 146 Audit Program Monitoring and Review 147 Planning Individual Audits 148 Establishing and Approving an Audit Charter 151 Role of the Audit Committee 151 Preplanning Specific Audits 153 Understanding the Variety of Audits 154 Identifying Restrictions on Scope 156 Gathering Detailed Audit Requirements 158 Using a Systematic Approach to Planning 159 Comparing Traditional Audits to Assessments and Self‐Assessments 161 Performing an Audit Risk Assessment 162 Determining Whether an Audit is Possible 163 Identifying the Risk Management Strategy 165 Determining Feasibility of Audit 167 Performing the Audit 167 Selecting the Audit Team 167 Determining Competence and Evaluating Auditors 168 Ensuring Audit Quality Control 170 Establishing Contact with the Auditee 171 Making Initial Contact with the Auditee 172 Using Data Collection Techniques 174 Conducting Document Review 176 Understanding the Hierarchy of Internal Controls 177 Reviewing Existing Controls 179 Preparing the Audit Plan 182 Assigning Work to the Audit Team 183 Preparing Working Documents 184 Conducting Onsite Audit Activities 185 Gathering Audit Evidence 186 Using Evidence to Prove a Point 186 Understanding Types of Evidence 187 Selecting Audit Samples 187 Recognizing Typical Evidence for IS Audits 188 Using Computer‐Assisted Audit Tools 189 Understanding Electronic Discovery 191 Grading of Evidence 193 Timing of Evidence 195 Following the Evidence Life Cycle 195 Conducting Audit Evidence Testing 198 Compliance Testing 198 Substantive Testing 199 Tolerable Error Rate 200 Recording Test Results 200 Generating Audit Findings 201 Detecting Irregularities and Illegal Acts 201 Indicators of Illegal or Irregular Activity 202 Responding to Irregular or Illegal Activity 202 Findings Outside of Audit Scope 203 Report Findings 203 Approving and Distributing the Audit Report 205 Identifying Omitted Procedures 205 Conducting Follow‐up (Closing Meeting) 205 Summary 206 Exam Essentials 207 Review Questions 210 Chapter 4 Networking Technology Basics 215 Understanding the Differences in Computer Architecture 217 Selecting the Best System 221 Identifying Various Operating Systems 221 Determining the Best Computer Class 224 Comparing Computer Capabilities 227 Ensuring System Control 228 Dealing with Data Storage 230 Using Interfaces and Ports 235 Introducing the Open Systems Interconnection Model 237 Layer 1: Physical Layer 240 Layer 2: Data‐Link Layer 240 Layer 3: Network Layer 242 Layer 4: Transport Layer 248 Layer 5: Session Layer 249 Layer 6: Presentation Layer 250 Layer 7: Application Layer 250 Understanding How Computers Communicate 251 Understanding Physical Network Design 252 Understanding Network Cable Topologies 253 Bus Topologies 254 Star Topologies 254 Ring Topologies 255 Meshed Networks 256 Differentiating Network Cable Types 258 Coaxial Cable 258 Unshielded Twisted‐Pair (UTP) Cable 259 Fiber‐Optic Cable 260 Connecting Network Devices 260 Using Network Services 263 Domain Name System 263 Dynamic Host Configuration Protocol 265 Expanding the Network 266 Using Telephone Circuits 268 Network Firewalls 271 Remote VPN Access 276 Using Wireless Access Solutions 280 Firewall Protection for Wireless Networks 284 Remote Dial‐Up Access 284 WLAN Transmission Security 284 Achieving 802.11i RSN Wireless Security 287 Intrusion Detection Systems 288 Summarizing the Various Area Networks 291 Using Software as a Service (SaaS) 292 Advantages 292 Disadvantages 293 Cloud Computing 294 The Basics of Managing the Network 295 Automated LAN Cable Tester 295 Protocol Analyzers 295 Remote Monitoring Protocol Version 2 297 Summary 298 Exam Essentials 298 Review Questions 301 Chapter 5 Information Systems Life Cycle 307 Governance in Software Development 308 Management of Software Quality 310 Capability Maturity Model 310 International Organization for Standardization 312 Typical Commercial Records Classification Method 316 Overview of the Executive Steering Committee 317 Identifying Critical Success Factors 318 Using the Scenario Approach 318 Aligning Software to Business Needs 319 Change Management 323 Management of the Software Project 323 Choosing an Approach 323 Using Traditional Project Management 324 Overview of the System Development Life Cycle 327 Phase 1: Feasibility Study 331 Phase 2: Requirements Definition 334 Phase 3: System Design 339 Phase 4: Development 343 Phase 5: Implementation 354 Phase 6: Postimplementation 361 Phase 7: Disposal 363 Overview of Data Architecture 364 Databases 364 Database Transaction Integrity 368 Decision Support Systems 369 Presenting Decision Support Data 370 Using Artificial Intelligence 370 Program Architecture 371 Centralization vs. Decentralization 372 Electronic Commerce 372 Summary 374 Exam Essentials 374 Review Questions 376 Chapter 6 System Implementation and Operations 381 Understanding the Nature of IT Services 383 Performing IT Operations Management 385 Meeting IT Functional Objectives 385 Using the IT Infrastructure Library 387 Supporting IT Goals 389 Understanding Personnel Roles and Responsibilities 389 Using Metrics 394 Evaluating the Help Desk 396 Performing Service‐Level Management 397 Outsourcing IT Functions 398 Performing Capacity Management 399 Using Administrative Protection 400 Information Security Management 401 IT Security Governance 401 Authority Roles over Data 402 Data Retention Requirements 403 Document Physical Access Paths 404 Personnel Management 405 Physical Asset Management 406 Compensating Controls 408 Performing Problem Management 409 Incident Handling 410 Digital Forensics 412 Monitoring the Status of Controls 414 System Monitoring 415 Document Logical Access Paths 416 System Access Controls 417 Data File Controls 420 Application Processing Controls 421 Log Management 423 Antivirus Software 424 Active Content and Mobile Software Code 424 Maintenance Controls 427 Implementing Physical Protection 430 Data Processing Locations 432 Environmental Controls 432 Safe Media Storage 440 Summary 442 Exam Essentials 442 Review Questions 444 Chapter 7 Protecting Information Assets 449 Understanding the Threat 450 Recognizing Types of Threats and Computer Crimes 452 Identifying the Perpetrators 454 Understanding Attack Methods 458 Implementing Administrative Protection 469 Using Technical Protection 472 Technical Control Classification 472 Application Software Controls 474 Authentication Methods 475 Network Access Protection 488 Encryption Methods 489 Public‐Key Infrastructure 496 Network Security Protocols 502 Telephone Security 507 Technical Security Testing 507 Summary 509 Exam Essentials 509 Review Questions 511 Chapter 8 Business Continuity and Disaster Recovery 517 Debunking the Myths 518 Myth 1: Facility Matters 519 Myth 2: IT Systems Matter 519 From Myth to Reality 519 Understanding the Five Conflicting Disciplines Called Business Continuity 520 Defining Disaster Recovery 521 Surviving Financial Challenges 522 Valuing Brand Names 522 Rebuilding after a Disaster 523 Defining the Purpose of Business Continuity 524 Uniting Other Plans with Business Continuity 527 Identifying Business Continuity Practices 527 Identifying the Management Approach 529 Following a Program Management Approach 531 Understanding the Five Phases of a Business Continuity Program 532 Phase 1: Setting Up the BC Program 532 Phase 2: The Discovery Process 535 Phase 4: Plan Implementation 560 Phase 5: Maintenance and Integration 562 Understanding the Auditor Interests in BC/DR Plans 563 Summary 564 Exam Essentials 564 Review Questions 566 Appendix Answers to Review Questions 571 Index 591
£46.40
John Wiley & Sons Inc Penetration Testing For Dummies
Book SynopsisTarget, test, analyze, and report on security vulnerabilities with pen testing Pen Testing is necessary for companies looking to target, test, analyze, and patch the security vulnerabilities from hackers attempting to break into and compromise their organizations data. It takes a person with hacking skills to look for the weaknesses that make an organization susceptible to hacking. Pen Testing For Dummies aims to equip IT enthusiasts at various levels with the basic knowledge of pen testing. It is the go-to book for those who have some IT experience but desire more knowledge of how to gather intelligence on a target, learn the steps for mapping out a test, and discover best practices for analyzing, solving, and reporting on vulnerabilities. The different phases of a pen test from pre-engagement to completionThreat modeling and understanding riskWhen to apply vulnerability management vs penetration testingWays to keep your pen testing skills sharp, relevant, and at the top of the gam
£19.54
John Wiley & Sons Inc Hacking Multifactor Authentication
Book SynopsisProtect your organization from scandalously easy-to-hack MFA security solutions Multi-Factor Authentication (MFA) isspreading like wildfire across digital environments.However, hundreds of millions of dollars have been stolen from MFA-protected online accounts.How?Mostpeoplewho usemultifactor authentication (MFA)have been told thatitis far less hackablethan other types of authentication, or eventhat it isunhackable. You might beshocked to learnthatall MFA solutions areactuallyeasyto hack.That's right: there is noperfectlysafe MFA solution.In fact, most can be hacked at leastfivedifferent ways.Hacking Multifactor Authenticationwillshow youhow MFA works behind the scenes and how poorlylinkedmulti-stepauthentication steps allowsMFA to be hacked and compromised. Thisbook coversovertwodozenwaysthatvarious MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions.You'll learn about thevarious types of MFA solutions, their strengthens and weaknesses, andhowTable of ContentsIntroduction xxv Who This Book is For xxvii What is Covered in This Book? xxvii MFA is Good xxx How to Contact Wiley or the Author xxxi Part I Introduction 1 1 Logon Problems 3 It’s Bad Out There 3 The Problem with Passwords 5 Password Basics 9 Identity 9 The Password 10 Password Registration 11 Password Complexity 11 Password Storage 12 Password Authentication 13 Password Policies 15 Passwords Will Be with Us for a While 18 Password Problems and Attacks 18 Password Guessing 19 Password Hash Cracking 23 Password Stealing 27 Passwords in Plain View 28 Just Ask for It 29 Password Hacking Defenses 30 MFA Riding to the Rescue? 31 Summary 32 2 Authentication Basics 33 Authentication Life Cycle 34 Identity 35 Authentication 46 Authorization 54 Accounting/Auditing 54 Standards 56 Laws of Identity 56 Authentication Problems in the Real World 57 Summary 58 3 Types of Authentication 59 Personal Recognition 59 Knowledge-Based Authentication 60 Passwords 60 PINS 62 Solving Puzzles 64 Password Managers 69 Single Sign-Ons and Proxies 71 Cryptography 72 Encryption 73 Public Key Infrastructure 76 Hashing 79 Hardware Tokens 81 One-Time Password Devices 81 Physical Connection Devices 83 Wireless 87 Phone-Based 89 Voice Authentication 89 Phone Apps 89 SMS 92 Biometrics 92 FIDO 93 Federated Identities and APIs 94 OAuth 94 APIs 96 Contextual/Adaptive 96 Less Popular Methods 97 Voiceover Radio 97 Paper-Based 98 Summary 99 4 Usability vs Security 101 What Does Usability Mean? 101 We Don’t Really Want the Best Security 103 Security Isn’t Usually Binary 105 Too Secure 106 Seven-Factor MFA 106 Moving ATM Keypad Numbers 108 Not as Worried as You Think About Hacking 109 Unhackable Fallacy 110 Unbreakable Oracle 113 DJB 113 Unhackable Quantum Cryptography 114 We are Reactive Sheep 115 Security Theater r 116 Security by Obscurity 117 MFA Will Cause Slowdowns 117 MFA Will Cause Downtime 118 No MFA Solution Works Everywhere 118 Summary 119 Part II Hacking MFA 121 5 Hacking MFA in General 123 MFA Dependency Components 124 Enrollment 125 User 127 Devices/Hardware 127 Software 128 API 129 Authentication Factors 129 Authentication Secrets Store 129 Cryptography 130 Technology 130 Transmission/Network Channel 131 Namespace 131 Supporting Infrastructure 131 Relying Party 132 Federation/Proxies 132 Alternate Authentication Methods/Recovery 132 Migrations 133 Deprovision 133 MFA Component Conclusion 134 Main Hacking Methods 134 Technical Attacks 134 Human Element 135 Physical 137 Two or More Hacking Methods Used 137 “You Didn’t Hack the MFA!” 137 How MFA Vulnerabilities are Found 138 Threat Modeling 138 Code Review 138 Fuzz Testing 138 Penetration Testing 139 Vulnerability Scanning 139 Human Testing 139 Accidents 140 Summary 140 6 Access Control Token Tricks 141 Access Token Basics 141 Access Control Token General Hacks142 Token Reproduction/Guessing 142 Token Theft 145 Reproducing Token Hack Examples 146 Network Session Hijacking Techniques and Examples 149 Firesheep 149 MitM Attacks 150 Access Control Token Attack Defenses 157 Generate Random, Unguessable Session IDs 157 Use Industry-Accepted Cryptography and Key Sizes 158 Developers Should Follow Secure Coding Practices 159 Use Secure Transmission Channels 159 Include Timeout Protections 159 Tie the Token to Specifi c Devices or Sites 159 Summary 161 7 Endpoint Attacks 163 Endpoint Attack Risks 163 General Endpoint Attacks 165 Programming Attacks 165 Physical Access Attacks 165 What Can an Endpoint Attacker Do? 166 Specifi c Endpoint Attack Examples 169 Bancos Trojans 169 Transaction Attacks 171 Mobile Attacks 172 Compromised MFA Keys 173 Endpoint Attack Defenses 174 MFA Developer Defenses 174 End-User Defenses 177 Summary 179 8 SMS Attacks 181 Introduction to SMS 181 SS7 184 Biggest SMS Weaknesses 186 Example SMS Attacks 187 SIM Swap Attacks 187 SMS Impersonation 191 SMS Buffer Overflow 194 Cell Phone User Account Hijacking 195 Attacks Against the Underlying Supporting Infrastructure 196 Other SMS-Based Attacks 196 SIM/SMS Attack Method Summary 197 NIST Digital Identity Guidelines Warning 198 Defenses to SMS-Based MFA Attacks 199 Developer Defenses 199 User Defenses 201 Is RCS Here to Save Mobile Messaging? 202 Is SMS-Based MFA Still Better than Passwords? 202 Summary 203 9 One-Time Password Attacks 205 Introduction to OTP 205 Seed Value-Based OTPs 208 HMAC-Based OTP 209 Event-Based OTP 211 TOTP 212 Example OTP Attacks 217 Phishing OTP Codes 217 Poor OTP Creation 219 OTP Theft, Re-Creation, and Reuse 219 Stolen Seed Database 220 Defenses to OTP Attacks 222 Developer Defenses 222 Use Reliable and Trusted and Tested OTP Algorithms 223 OTP Setup Code Must Expire 223 OTP Result Code Must Expire 223 Prevent OTP Replay 224 Make Sure Your RNG is NIST-Certified or Quantum 224 Increase Security by Requiring Additional Entry Beyond OTP Code 224 Stop Brute-Forcing Attacks224 Secure Seed Value Database 225 User Defenses 225 Summary 226 10 Subject Hijack Attacks 227 Introduction 227 Example Attacks 228 Active Directory and Smartcards 228 Simulated Demo Environment 231 Subject Hijack Demo Attack 234 The Broader Issue 240 Dynamic Access Control Example 240 ADFS MFA Bypass 241 Defenses to Component Attacks 242 Threat Model Dependency Abuse Scenarios 242 Secure Critical Dependencies 242 Educate About Dependency Abuses 243 Prevent One to Many Mappings 244 Monitor Critical Dependencies 244 Summary 244 11 Fake Authentication Attacks 245 Learning About Fake Authentication Through UAC 245 Example Fake Authentication Attacks 251 Look-Alike Websites 251 Fake Office 365 Logons 252 Using an MFA-Incompatible Service or Protocol 253 Defenses to Fake Authentication Attacks 254 Developer Defenses 254 User Defenses 256 Summary 257 12 Social Engineering Attacks 259 Introduction 259 Social Engineering Commonalities 261 Unauthenticated Communication 261 Nonphysical 262 Usually Involves Well-Known Brands 263 Often Based on Notable Current Events and Interests 264 Uses Stressors 264 Advanced: Pretexting 265 Third-Party Reliances 266 Example Social Engineering Attacks on MFA 266 Fake Bank Alert 267 Crying Babies 267 Hacking Building Access Cards 268 Defenses to Social Engineering Attacks on MFA 270 Developer Defenses to MFA 270 User Defenses to Social Engineering Attacks 271 Summary 273 13 Downgrade/Recovery Attacks 275 Introduction 275 Example Downgrade/Recovery Attacks 276 Alternate Email Address Recovery 276 Abusing Master Codes 280 Guessing Personal-Knowledge Questions 281 Defenses to Downgrade/Recovery Attacks 287 Developer Defenses to Downgrade/Recovery Attacks 287 User Defenses to Downgrade/Recovery Attacks 292 Summary 294 14 Brute-Force Attacks 295 Introduction 295 Birthday Attack Method 296 Brute-Force Attack Methods 297 Example of Brute-Force Attacks 298 OTP Bypass Brute-Force Test 298 Instagram MFA Brute-Force 299 Slack MFA Brute-Force Bypass 299 UAA MFA Brute-Force Bug 300 Grab Android MFA Brute-Force 300 Unlimited Biometric Brute-Forcing 300 Defenses Against Brute-Force Attacks 301 Developer Defenses Against Brute-Force Attacks 301 User Defenses Against Brute-Force Attacks 305 Summary 306 15 Buggy Software 307 Introduction 307 Common Types of Vulnerabilities 308 Vulnerability Outcomes 316 Examples of Vulnerability Attacks 317 Uber MFA Vulnerability 317 Google Authenticator Vulnerability 318 YubiKey Vulnerability 318 Multiple RSA Vulnerabilities 318 SafeNet Vulnerability 319 Login gov 319 ROCA Vulnerability 320 Defenses to Vulnerability Attacks 321 Developer Defenses Against Vulnerability Attacks 321 User Defenses Against Vulnerability Attacks 322 Summary 323 16 Attacks Against Biometrics 325 Introduction 325 Biometrics 326 Common Biometric Authentication Factors 327 How Biometrics Work 337 Problems with Biometric Authentication 339 High False Error Rates 340 Privacy Issues 344 Disease Transmission 345 Example Biometric Attacks 345 Fingerprint Attacks345 Hand Vein Attack 348 Eye Biometric Spoof Attacks 348 Facial Recognition Attacks 349 Defenses Against Biometric Attacks 352 Developer Defenses Against Biometric Attacks 352 User/Admin Defenses Against Biometric Attacks 354 Summary 355 17 Physical Attacks 357 Introduction 357 Types of Physical Attacks 357 Example Physical Attacks 362 Smartcard Side-Channel Attack 362 Electron Microscope Attack 364 Cold-Boot Attacks 365 Snooping On RFID-Enabled Credit Cards 367 EMV Credit Card Tricks 370 Defenses Against Physical Attacks 370 Developer Defenses Against Physical Attacks 371 User Defenses Against Physical Attacks 372 Summary 375 18 DNS Hijacking 377 Introduction 377 DNS 378 DNS Record Types 382 Common DNS Hacks 382 Example Namespace Hijacking Attacks 388 DNS Hijacking Attacks 388 MX Record Hijacks 388 Dangling CDN Hijack 389 Registrar Takeover 390 DNS Character Set Tricks 390 ASN 1 Tricks 392 BGP Hijacks 392 Defenses Against Namespace Hijacking Attacks 393 Developer Defenses 394 User Defenses 395 Summary 397 19 API Abuses 399 Introduction 399 Common Authentication Standards and Protocols Involving APIs 402 Other Common API Standards and Components 411 Examples of API Abuse 414 Compromised API Keys 414 Bypassing PayPal 2FA Using an API 415 AuthO MFA Bypass 416 Authy API Format Injection 417 Duo API As-Designed MFA Bypass 417 Microsoft OAuth Attack 419 Sign In with Apple MFA Bypass 419 Token TOTP BLOB Future Attack 420 Defenses Against API Abuses 420 Developer Defenses Against API Abuses 420 User Defenses Against API Abuses 422 Summary 423 20 Miscellaneous MFA Hacks 425 Amazon Mystery Device MFA Bypass 425 Obtaining Old Phone Numbers 426 Auto-Logon MFA Bypass 427 Password Reset MFA Bypass 427 Hidden Cameras 427 Keyboard Acoustic Eavesdropping 428 Password Hints 428 HP MFA DoS 429 Trojan TOTP 429 Hackers Turn MFA to Defeat You 430 Summary 430 21 Test: Can You Spot the Vulnerabilities? 431 Threat Modeling MFA Solutions 431 Document and Diagram the Components 432 Brainstorm Potential Attacks 432 Estimate Risk and Potential Losses 434 Create and Test Mitigations 436 Do Security Reviews 436 Introducing the Bloomberg MFA Device 436 Bloomberg, L P and the Bloomberg Terminal 437 New User B-Unit Registration and Use 438 Threat-Modeling the Bloomberg MFA Device 439 Threat-Modeling the B-Unit in a General Example 440 Specific Possible Attacks 441 Multi-Factor Authentication Security Assessment Tool 450 Summary 451 Part III Looking Forward 453 22 Designing a Secure Solution 455 Introduction 455 Exercise: Secure Remote Online Electronic Voting 457 Use Case Scenario 457 Threat Modeling 458 SDL Design 460 Physical Design and Defenses 461 Cryptography 462 Provisioning/Registration 463 Authentication and Operations 464 Verifiable/Auditable Vote 466 Communications 467 Backend Blockchain Ledger 467 Migration and Deprovisioning 470 API 470 Operational Training 470 Security Awareness Training 470 Miscellaneous 471 Summary 471 23 Selecting the Right MFA Solution 473 Introduction 473 The Process for Selecting the Right MFA Solution 476 Create a Project Team 477 Create a Project Plan 478 Educate 479 Determine What Needs to Be Protected 479 Choose Required and Desired Features 480 Research/Select Vendor Solutions 488 Conduct a Pilot Project 490 Select a Winner 491 Deploy to Production 491 Summary 491 24 The Future of Authentication 493 Cyber Crime is Here to Stay 493 Future Attacks 494 Increasing Sophisticated Automation 495 Increased Nation-State Attacks 496 Cloud-Based Threats 497 Automated Attacks Against MFA 497 What is Likely Staying 498 Passwords 498 Proactive Alerts 498 Preregistration of Sites and Devices 499 Phones as MFA Devices 500 Wireless 501 Changing/Morphing Standards 501 The Future 501 Zero Trust 502 Continuous, Adaptive, Risk-Based 503 Quantum-Resistant Cryptography 506 Interesting Newer Authentication Ideas 506 Summary 507 25 Takeaway Lessons 509 Broader Lessons 509 MFA Works 509 MFA is Not Unhackable 510 Education is Key 510 Security Isn’t Everything 511 Every MFA Solution Has Trade-Offs 511 Authentication Does Not Exist in a Vacuum 512 There is No Single Best MFA Solution for Everyone 515 There are Better MFA Solutions 515 MFA Defensive Recap 516 Developer Defense Summary 516 User Defense Summary 518 Appendix: List of MFA Vendors 521 Index 527
£24.79
John Wiley & Sons Inc Kali Linux Penetration Testing Bible
Book SynopsisTable of ContentsIntroduction xx Chapter 1 Mastering the Terminal Window 1 Kali Linux File System 2 Terminal Window Basic Commands 3 Tmux Terminal Window 6 Starting Tmux 6 Tmux Key Bindings 7 Tmux Session Management 7 Navigating Inside Tmux 9 Tmux Commands Reference 9 Managing Users and Groups in Kali 10 Users Commands 10 Groups Commands 14 Managing Passwords in Kali 14 Files and Folders Management in Kali Linux 15 Displaying Files and Folders 15 Permissions 16 Manipulating Files in Kali 19 Searching for Files 20 Files Compression 21 Manipulating Directories in Kali 23 Mounting a Directory 23 Managing Text Files in Kali Linux 24 Vim vs. Nano 26 Searching and Filtering Text 27 Remote Connections in Kali 29 Remote Desktop Protocol 29 Secure Shell 30 SSH with Credentials 30 Passwordless SSH 32 Kali Linux System Management 34 Linux Host Information 36 Linux OS Information 36 Linux Hardware Information 36 Managing Running Services 38 Package Management 39 Process Management 41 Networking in Kali Linux 42 Network Interface 42 IPv4 Private Address Ranges 42 Static IP Addressing 43 DNS 45 Established Connections 46 File Transfers 47 Summary 48 Chapter 2 Bash Scripting 49 Basic Bash Scripting 50 Printing to the Screen in Bash 50 Variables 52 Commands Variable 54 Script Parameters 54 User Input 56 Functions 56 Conditions and Loops 57 Conditions 58 Loops 60 File Iteration 61 Summary 63 Chapter 3 Network Hosts Scanning 65 Basics of Networking 65 Networking Protocols 66 TCP 66 UDP 67 Other Networking Protocols 67 IP Addressing 69 IPv4 69 Subnets and CIDR 69 IPv6 70 Port Numbers 71 Network Scanning 72 Identifying Live Hosts 72 Ping 73 ARP 73 Nmap 73 Port Scanning and Services Enumeration 74 TCP Port SYN Scan 75 UDP 75 Basics of Using Nmap Scans 76 Services Enumeration 77 Operating System Fingerprinting 79 Nmap Scripting Engine 80 NSE Category Scan 82 NSE Arguments 84 DNS Enumeration 84 DNS Brute-Force 85 DNS Zone Transfer 86 DNS Subdomains Tools 87 Fierce 87 Summary 88 Chapter 4 Internet Information Gathering 89 Passive Footprinting and Reconnaissance 90 Internet Search Engines 90 Shodan 91 Google Queries 92 Information Gathering Using Kali Linux 94 Whois Database 95 TheHarvester 97 DMitry 99 Maltego 99 Summary 103 Chapter 5 Social Engineering Attacks 105 Spear Phishing Attacks 105 Sending an E-mail 106 The Social Engineer Toolkit 106 Sending an E-mail Using Python 108 Stealing Credentials 109 Payloads and Listeners 110 Bind Shell vs. Reverse Shell 111 Bind Shell 111 Reverse Shell 112 Reverse Shell Using SET 113 Social Engineering with the USB Rubber Ducky 115 A Practical Reverse Shell Using USB Rubber Ducky and PowerShell 117 Generating a PowerShell Script 118 Starting a Listener 118 Hosting the PowerShell Script 119 Running PowerShell 120 Download and Execute the PS Script 120 Reverse Shell 121 Replicating the Attack Using the USB Rubber Ducky 122 Summary 122 Chapter 6 Advanced Enumeration Phase 125 Transfer Protocols 126 FTP (Port 21) 126 Exploitation Scenarios for an FTP Server 126 Enumeration Workflow 127 Service Scan 127 Advanced Scripting Scan with Nmap 128 More Brute-Forcing Techniques 129 SSH (Port 22) 130 Exploitation Scenarios for an SSH Server 130 Advanced Scripting Scan with Nmap 131 Brute-Forcing SSH with Hydra 132 Advanced Brute-Forcing Techniques 133 Telnet (Port 23) 134 Exploitation Scenarios for Telnet Server 135 Enumeration Workflow 135 Service Scan 135 Advanced Scripting Scan 136 Brute-Forcing with Hydra 136 E-mail Protocols 136 SMTP (Port 25) 137 Nmap Basic Enumeration 137 Nmap Advanced Enumeration 137 Enumerating Users 138 POP3 (Port 110) and IMAP4 (Port 143) 141 Brute-Forcing POP3 E-mail Accounts 141 Database Protocols 142 Microsoft SQL Server (Port 1433) 142 Oracle Database Server (Port 1521) 143 MySQL (Port 3306) 143 CI/CD Protocols 143 Docker (Port 2375) 144 Jenkins (Port 8080/50000) 145 Brute-Forcing a Web Portal Using Hydra 147 Step 1: Enable a Proxy 148 Step 2: Intercept the Form Request 149 Step 3: Extracting Form Data and Brute-Forcing with Hydra 150 Web Protocols 80/443 151 Graphical Remoting Protocols 152 RDP (Port 3389) 152 RDP Brute-Force 152 VNC (Port 5900) 153 File Sharing Protocols 154 SMB (Port 445) 154 Brute-Forcing SMB 156 SNMP (Port UDP 161) 157 SNMP Enumeration 157 Summary 159 Chapter 7 Exploitation Phase 161 Vulnerabilities Assessment 162 Vulnerability Assessment Workflow 162 Vulnerability Scanning with OpenVAS 164 Installing OpenVAS 164 Scanning with OpenVAS 165 Exploits Research 169 SearchSploit 171 Services Exploitation 173 Exploiting FTP Service 173 FTP Login 173 Remote Code Execution 174 Spawning a Shell 177 Exploiting SSH Service 178 SSH Login 178 Telnet Service Exploitation 179 Telnet Login 179 Sniffing for Cleartext Information 180 E-mail Server Exploitation 183 Docker Exploitation 185 Testing the Docker Connection 185 Creating a New Remote Kali Container 186 Getting a Shell into the Kali Container 187 Docker Host Exploitation 188 Exploiting Jenkins 190 Reverse Shells 193 Using Shells with Metasploit 194 Exploiting the SMB Protocol 196 Connecting to SMB Shares 196 SMB Eternal Blue Exploit 197 Summary 198 Chapter 8 Web Application Vulnerabilities 199 Web Application Vulnerabilities 200 Mutillidae Installation 200 Apache Web Server Installation 200 Firewall Setup 201 Installing PHP 201 Database Installation and Setup 201 Mutillidae Installation 202 Cross-Site Scripting 203 Reflected XSS 203 Stored XSS 204 Exploiting XSS Using the Header 205 Bypassing JavaScript Validation 207 SQL Injection 208 Querying the Database 208 Bypassing the Login Page 211 Execute Database Commands Using SQLi 211 SQL Injection Automation with SQLMap 215 Testing for SQL Injection 216 Command Injection 217 File Inclusion 217 Local File Inclusion 218 Remote File Inclusion 219 Cross-Site Request Forgery 220 The Attacker Scenario 221 The Victim Scenario 222 File Upload 223 Simple File Upload 223 Bypassing Validation 225 Encoding 227 OWASP Top 10 228 Summary 229 Chapter 9 Web Penetration Testing and Secure Software Development Lifecycle 231 Web Enumeration and Exploitation 231 Burp Suite Pro 232 Web Pentest Using Burp Suite 232 More Enumeration 245 Nmap 246 Crawling 246 Vulnerability Assessment 247 Manual Web Penetration Testing Checklist 247 Common Checklist 248 Special Pages Checklist 248 Secure Software Development Lifecycle 250 Analysis/Architecture Phase 251 Application Threat Modeling 251 Assets 251 Entry Points 252 Third Parties 252 Trust Levels 252 Data Flow Diagram 252 Development Phase 252 Testing Phase 255 Production Environment (Final Deployment) 255 Summary 255 Chapter 10 Linux Privilege Escalation 257 Introduction to Kernel Exploits and Missing Configurations 258 Kernel Exploits 258 Kernel Exploit: Dirty Cow 258 SUID Exploitation 261 Overriding the Passwd Users File 263 CRON Jobs Privilege Escalation 264 CRON Basics 265 Crontab 265 Anacrontab 266 Enumerating and Exploiting CRON 266 sudoers 268 sudo Privilege Escalation 268 Exploiting the Find Command 268 Editing the sudoers File 269 Exploiting Running Services 270 Automated Scripts 270 Summary 271 Chapter 11 Windows Privilege Escalation 273 Windows System Enumeration 273 System Information 274 Windows Architecture 275 Listing the Disk Drives 276 Installed Patches 276 Who Am I? 276 List Users and Groups 277 Networking Information 279 Showing Weak Permissions 282 Listing Installed Programs 283 Listing Tasks and Processes 283 File Transfers 284 Windows Host Destination 284 Linux Host Destination 285 Windows System Exploitation 286 Windows Kernel Exploits 287 Getting the OS Version 287 Find a Matching Exploit 288 Executing the Payload and Getting a Root Shell 289 The Metasploit PrivEsc Magic 289 Exploiting Windows Applications 293 Running As in Windows 295 PSExec Tool 296 Exploiting Services in Windows 297 Interacting with Windows Services 297 Misconfigured Service Permissions 297 Overriding the Service Executable 299 Unquoted Service Path 299 Weak Registry Permissions 301 Exploiting the Scheduled Tasks 302 Windows PrivEsc Automated Tools 302 PowerUp 302 WinPEAS 303 Summary 304 Chapter 12 Pivoting and Lateral Movement 305 Dumping Windows Hashes 306 Windows NTLM Hashes 306 SAM File and Hash Dump 307 Using the Hash 308 Mimikatz 308 Dumping Active Directory Hashes 310 Reusing Passwords and Hashes 310 Pass the Hash 311 Pivoting with Port Redirection 312 Port Forwarding Concepts 312 SSH Tunneling and Local Port Forwarding 314 Remote Port Forwarding Using SSH 315 Dynamic Port Forwarding 316 Dynamic Port Forwarding Using SSH 316 Summary 317 Chapter 13 Cryptography and Hash Cracking 319 Basics of Cryptography 319 Hashing Basics 320 One-Way Hash Function 320 Hashing Scenarios 321 Hashing Algorithms 321 Message Digest 5 321 Secure Hash Algorithm 323 Hashing Passwords 323 Securing Passwords with Hash 324 Hash-Based Message Authenticated Code 325 Encryption Basics 326 Symmetric Encryption 326 Advanced Encryption Standard 326 Asymmetric Encryption 328 Rivest Shamir Adleman 329 Cracking Secrets with Hashcat 331 Benchmark Testing 332 Cracking Hashes in Action 334 Attack Modes 336 Straight Mode 336 Combinator 337 Mask and Brute-Force Attacks 339 Brute-Force Attack 342 Hybrid Attacks 342 Cracking Workflow 343 Summary 344 Chapter 14 Reporting 345 Overview of Reports in Penetration Testing 345 Scoring Severities 346 Common Vulnerability Scoring System Version 3.1 346 Report Presentation 349 Cover Page 350 History Logs 350 Report Summary 350 Vulnerabilities Section 350 Summary 351 Chapter 15 Assembly Language and Reverse Engineering 353 CPU Registers 353 General CPU Registers 354 Index Registers 355 Pointer Registers 355 Segment Registers 355 Flag Registers 357 Assembly Instructions 358 Little Endian 360 Data Types 360 Memory Segments 361 Addressing Modes 361 Reverse Engineering Example 361 Visual Studio Code for C/C++ 362 Immunity Debugger for Reverse Engineering 363 Summary 368 Chapter 16 Buffer/Stack Overflow 369 Basics of Stack Overflow 369 Stack Overview 370 PUSH Instruction 370 POP Instruction 371 C Program Example 371 Buffer Analysis with Immunity Debugger 372 Stack Overflow 376 Stack Overflow Mechanism 377 Stack Overflow Exploitation 378 Lab Overview 379 Vulnerable Application 379 Phase 1: Testing 379 Testing the Happy Path 379 Testing the Crash 381 Phase 2: Buffer Size 382 Pattern Creation 382 Offset Location 382 Phase 3: Controlling EIP 383 Adding the JMP Instruction 384 Phase 4: Injecting the Payload and Getting a Remote Shell 386 Payload Generation 386 Bad Characters 386 Shellcode Python Script 387 Summary 388 Chapter 17 Programming with Python 389 Basics of Python 389 Running Python Scripts 390 Debugging Python Scripts 391 Installing VS Code on Kali 391 Practicing Python 392 Python Basic Syntaxes 393 Python Shebang 393 Comments in Python 393 Line Indentation and Importing Modules 394 Input and Output 394 Printing CLI Arguments 395 Variables 395 Numbers 395 Arithmetic Operators 397 Strings 397 String Formatting 397 String Functions 398 Lists 399 Reading Values in a List 399 Updating List Items 399 Removing a list item 400 Tuples 400 Dictionary 400 More Techniques in Python 400 Functions 400 Returning Values 401 Optional Arguments 401 Global Variables 402 Changing Global Variables 402 Conditions 403 if/else Statement 403 Comparison Operators 403 Loop Iterations 404 while Loop 404 for Loop 405 Managing Files 406 Exception Handling 407 Text Escape Characters 407 Custom Objects in Python 408 Summary 409 Chapter 18 Pentest Automation with Python 411 Penetration Test Robot 411 Application Workflow 412 Python Packages 414 Application Start 414 Input Validation 415 Code Refactoring 417 Scanning for Live Hosts 418 Ports and Services Scanning 420 Attacking Credentials and Saving the Results 423 Summary 426 Appendix A Kali Linux Desktop at a Glance 427 Downloading and Running a VM of Kali Linux 428 Virtual Machine First Boot 428 Kali Xfce Desktop 429 Kali Xfce Menu 430 Search Bar 430 Favorites Menu Item 430 Usual Applications 432 Other Menu Items 433 Kali Xfce Settings Manager 433 Advanced Network Configuration 435 Appearance 436 Desktop 439 Display 441 File Manager 442 Keyboard 445 MIME Type Editor 447 Mouse and Touchpad 448 Panel 449 Workspaces 450 Window Manager 451 Practical Example of Desktop Customization 454 Edit the Top Panel 454 Adding a New Bottom Panel 454 Changing the Desktop Look 457 Installing Kali Linux from Scratch 458 Summary 466 Appendix B Building a Lab Environment Using Docker 467 Docker Technology 468 Docker Basics 468 Docker Installation 468 Images and Registries 469 Containers 470 Dockerfile 472 Volumes 472 Networking 473 Mutillidae Docker Container 474 Summary 475 Index 477
£25.60
John Wiley & Sons Inc CompTIA Network Practice Tests
Book SynopsisAssessand improve your networking skillset with provenSybexpracticetests In the freshlyrevisedSecond Edition ofCompTIA Network+ Practice Tests Exam N10-008, IT expert and author CraigZackerdeliversa set ofaccessibleand useful practice tests for the updated Network+ Exam N10-008.You'llprepare for the exam, learn the information you need in an industry interview, and get ready to excel in your first networking role. These practice tests will gauge your skills in deploying wired and wireless devices;understanding network documentation and the purpose of network services;work with datacenter, cloud, and virtual networking concepts;monitor networkactivity;and more. Further, this book offers: Comprehensive coverage of all five domain areas of the updated Network+ exam, including networking fundamentals, implementations, operations, security, andtroubleshooting Practical and efficient preparation for the Network+ exam with hundreds of domain-by-domain questions Access to theSybexinteractive learning environment and online test bank Perfect for anyone preparing for the CompTIA Network+ Exam N10-008, theCompTIA Network+ Practice Tests Exam N10-008is also an indispensable resource fornetwork administrators seeking to enhance their skillset with new, foundational skills in a certification endorsed by industry leaders around the world.Table of ContentsIntroduction xi Chapter 1 Networking Fundamentals 1 Chapter 2 Network Implementations 69 Chapter 3 Network Operations 111 Chapter 4 Network Security 147 Chapter 5 Network Troubleshooting 191 Chapter 6 Practice Exam 1 255 Chapter 7 Practice Exam 2 283 Appendix Answers to Review Questions 311 Chapter 1: Networking Fundamentals 312 Chapter 2: Network Implementations 346 Chapter 3: Network Operations 371 Chapter 4: Network Security 391 Chapter 5: Network Troubleshooting 418 Chapter 6: Practice Exam 1 448 Chapter 7: Practice Exam 2 462 Index 477
£24.00
John Wiley & Sons Inc ISC2 SSCP Systems Security Certified Practitioner
Book SynopsisTable of ContentsIntroduction xi Chapter 1 Security Operations and Administration (Domain 1) 1 Chapter 2 Access Controls (Domain 2) 21 Chapter 3 Risk Identification, Monitoring, and Analysis (Domain 3) 37 Chapter 4 Incident Response and Recovery (Domain 4) 61 Chapter 5 Cryptography (Domain 5) 79 Chapter 6 Network and Communications Security (Domain 6) 95 Chapter 7 Systems and Application Security (Domain 7) 119 Chapter 8 Practice Test 1 141 Chapter 9 Practice Test 2 169 Appendix Answers to Review Questions 197 Chapter 1: Security Operations and Administration (Domain 1) 198 Chapter 2: Access Controls (Domain 2) 204 Chapter 3: Risk Identification, Monitoring, and Analysis (Domain 3) 212 Chapter 4: Incident Response and Recovery (Domain 4) 221 Chapter 5: Cryptography (Domain 5) 229 Chapter 6: Network and Communications Security (Domain 6) 235 Chapter 7: Systems and Application Security (Domain 7) 246 Chapter 8: Practice Test 1 255 Chapter 9: Practice Test 2 269 Index 283
£25.60
John Wiley & Sons Inc Fight Fire with Fire
Book SynopsisOrganizations around the world are in a struggle for survival, racing to transform themselves in a herculean effort to adapt to the digital age, all while protecting themselves from headline-grabbing cybersecurity threats. As organizations succeed or fail, the centrality and importance of cybersecurity and the role of the CISOChief Information Security Officerbecomes ever more apparent. It''s becoming clear that the CISO, which began as a largely technical role, has become nuanced, strategic, and a cross-functional leadership position. Fight Fire with Fire: Proactive Cybersecurity Strategies for Today''s Leaders explores the evolution of the CISO''s responsibilities and delivers a blueprint to effectively improve cybersecurity across an organization. Fight Fire with Fire draws on the deep experience of its many all-star contributors. For example: Learn how to talk effectively with the Board from engineer-turned-executive Marianne Bailey, a toTable of ContentsIntroduction 1 Part One People 3 Chapter 1 From Technologist to Strategist 9Sanju Misra Chapter 2 Communicating with the Board 21Marianne Bailey Chapter 3 Building a Culture of Security 29Susan Koski Chapter 4 Who Is Behind the Evolving Threat Landscape? 43Jenny Menna Chapter 5 Addressing the Skills and Diversity Gap 59Lisa Donnan Part Two Process 69 Chapter 6 Effective Cyber Risk Management Requires Broad Collaboration 75Suzanne Hartin and Maria S Thompson Chapter 7 Blending NOC and SOC 91Mel T Migriño Chapter 8 Security by Design: Strategies for a Shift-Left Culture 103Anne Marie Zettlemoyer Chapter 9 From Enforcer to Strategic Partner: The Changing Role of Governance, Risk, and Compliance 117Beth-Anne Bygum Chapter 10 Don’t Let Cyber Supply Chain Security Be Your Weakest Link 135Terry Roberts Part Three Technology 155 Chapter 11 Cybersecurity in the Cloud 161Fatima Boolani Chapter 12 The Convergence of Cyber and Physical: IoT and Edge Security 169Sonia E Arista Chapter 13 Security-Driven Networking 181Laura Deaner Chapter 14 Achieving End-to-End Security 193Renee Tarun Glossary 205 Resources We Rely On 215 Index 223
£17.24
John Wiley & Sons Inc CASP Certification Kit Exam CAS004
Book Synopsis
£48.75
John Wiley & Sons Inc The Official Isc2 Sscp Cbk Reference
Book SynopsisThe only official body of knowledge for SSCP(ISC)2's popular credential for hands-on security professionalsfully revised and updated 2021 SSCP Exam Outline. Systems Security Certified Practitioner (SSCP) is an elite, hands-on cybersecurity certification that validates the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures. SSCP certificationfully compliant with U.S. Department of Defense Directive 8140 and 8570 requirementsis valued throughout the IT security industry. The Official (ISC)2 SSCP CBK Reference is the only official Common Body of Knowledge (CBK) available for SSCP-level practitioners, exclusively from (ISC)2, the global leader in cybersecurity certification and training. This authoritative volume contains essential knowledge practitioners require on a regular basis. Accurate, up-to-date chapters provide in-depth coverage of the seven SSCP domains: Security Operations and AdministraTable of ContentsForeword xxiii Introduction xxv Chapter 1: Security Operations and Administration 1 Comply with Codes of Ethics 2 Understand, Adhere to, and Promote Professional Ethics 3 (ISC)2 Code of Ethics 4 Organizational Code of Ethics 5 Understand Security Concepts 6 Conceptual Models for Information Security 7 Confidentiality 8 Integrity 15 Availability 17 Accountability 18 Privacy 18 Nonrepudiation 26 Authentication 27 Safety 28 Fundamental Security Control Principles 29 Access Control and Need-to-Know 34 Job Rotation and Privilege Creep 35 Document, Implement, and Maintain Functional Security Controls 37 Deterrent Controls 37 Preventative Controls 39 Detective Controls 39 Corrective Controls 40 Compensating Controls 41 The Lifecycle of a Control 42 Participate in Asset Management 43 Asset Inventory 44 Lifecycle (Hardware, Software, and Data) 47 Hardware Inventory 48 Software Inventory and Licensing 49 Data Storage 50 Implement Security Controls and Assess Compliance 56 Technical Controls 57 Physical Controls 58 Administrative Controls 61 Periodic Audit and Review 64 Participate in Change Management 66 Execute Change Management Process 68 Identify Security Impact 70 Testing/Implementing Patches, Fixes, and Updates 70 Participate in Security Awareness and Training 71 Security Awareness Overview 72 Competency as the Criterion 73 Build a Security Culture, One Awareness Step at a Time 73 Participate in Physical Security Operations 74 Physical Access Control 74 The Data Center 78 Service Level Agreements 79 Summary 82 Chapter 2: Access Controls 83 Access Control Concepts 85 Subjects and Objects 86 Privileges: What Subjects Can Do with Objects 88 Data Classification, Categorization, and Access Control 89 Access Control via Formal Security Models 91 Implement and Maintain Authentication Methods 94 Single-Factor/Multifactor Authentication 95 Accountability 114 Single Sign-On 116 Device Authentication 117 Federated Access 118 Support Internetwork Trust Architectures 120 Trust Relationships (One-Way, Two-Way, Transitive) 121 Extranet 122 Third-Party Connections 123 Zero Trust Architectures 124 Participate in the Identity Management Lifecycle 125 Authorization 126 Proofing 127 Provisioning/Deprovisioning 128 Identity and Access Maintenance 130 Entitlement 134 Identity and Access Management Systems 137 Implement Access Controls 140 Mandatory vs. Discretionary Access Control 141 Role-Based 142 Attribute-Based 143 Subject-Based 144 Object-Based 144 Summary 145 Chapter 3: Risk Identification, Monitoring, And Analysis 147 Defeating the Kill Chain One Skirmish at a Time 148 Kill Chains: Reviewing the Basics 151 Events vs. Incidents 155 Understand the Risk Management Process 156 Risk Visibility and Reporting 159 Risk Management Concepts 165 Risk Management Frameworks 185 Risk Treatment 195 Perform Security Assessment Activities 203 Security Assessment Workflow Management 204 Participate in Security Testing 206 Interpretation and Reporting of Scanning and Testing Results 215 Remediation Validation 216 Audit Finding Remediation 217 Manage the Architectures: Asset Management and Configuration Control 218 Operate and Maintain Monitoring Systems 220 Events of Interest 222 Logging 229 Source Systems 230 Legal and Regulatory Concerns 236 Analyze Monitoring Results 238 Security Baselines and Anomalies 240 Visualizations, Metrics, and Trends 243 Event Data Analysis 244 Document and Communicate Findings 245 Summary 246 Chapter 4: Incident Response and Recovery 247 Support the Incident Lifecycle 249 Think like a Responder 253 Physical, Logical, and Administrative Surfaces 254 Incident Response: Measures of Merit 254 The Lifecycle of a Security Incident 255 Preparation 257 Detection, Analysis, and Escalation 264 Containment 275 Eradication 277 Recovery 279 Lessons Learned; Implementation of New Countermeasures 283 Third-Party Considerations 284 Understand and Support Forensic Investigations 287 Legal and Ethical Principles 289 Logistics Support to Investigations 291 Evidence Handling 292 Evidence Collection 297 Understand and Support Business Continuity Plan and Disaster Recovery Plan Activities 306 Emergency Response Plans and Procedures 307 Interim or Alternate Processing Strategies 310 Restoration Planning 313 Backup and Redundancy Implementation 315 Data Recovery and Restoration 319 Training and Awareness 321 Testing and Drills 322 CIANA+PS at Layer 8 and Above 328 It Is a Dangerous World Out There 329 People Power and Business Continuity 333 Summary 333 Chapter 5: Cryptography 335 Understand Fundamental Concepts of Cryptography 336 Building Blocks of Digital Cryptographic Systems 339 Hashing 347 Salting 351 Symmetric Block and Stream Ciphers 353 Stream Ciphers 365 Eu Ecrypt 371 Asymmetric Encryption 371 Elliptical Curve Cryptography 380 Nonrepudiation 383 Digital Certificates 388 Encryption Algorithms 392 Key Strength 393 Cryptographic Attacks, Cryptanalysis, and Countermeasures 395 Cryptologic Hygiene as Countermeasures 396 Common Attack Patterns and Methods 401 Secure Cryptoprocessors, Hardware Security Modules, and Trusted Platform Modules 409 Understand the Reasons and Requirements for Cryptography 414 Confidentiality 414 Integrity and Authenticity 415 Data Sensitivity 417 Availability 418 Nonrepudiation 418 Authentication 420 Privacy 421 Safety 422 Regulatory and Compliance 423 Transparency and Auditability 423 Competitive Edge 424 Understand and Support Secure Protocols 424 Services and Protocols 425 Common Use Cases 437 Deploying Cryptography: Some Challenging Scenarios 442 Limitations and Vulnerabilities 444 Understand Public Key Infrastructure Systems 446 Fundamental Key Management Concepts 447 Hierarchies of Trust 459 Web of Trust 462 Summary 464 Chapter 6: Network and Communications Security 467 Understand and Apply Fundamental Concepts of Networking 468 Complementary, Not Competing, Frameworks 470 OSI and TCP/IP Models 471 OSI Reference Model 486 TCP/IP Reference Model 501 Converged Protocols 508 Software-Defined Networks 509 IPv4 Addresses, DHCP, and Subnets 510 IPv4 Address Classes 510 Subnetting in IPv4 512 Running Out of Addresses? 513 IPv4 vs. IPv6: Key Differences and Options 514 Network Topographies 516 Network Relationships 521 Transmission Media Types 525 Commonly Used Ports and Protocols 530 Understand Network Attacks and Countermeasures 536 CIANA+PS Layer by Layer 538 Common Network Attack Types 553 SCADA, IoT, and the Implications of Multilayer Protocols 562 Manage Network Access Controls 565 Network Access Control and Monitoring 568 Network Access Control Standards and Protocols 573 Remote Access Operation and Configuration 575 Manage Network Security 583 Logical and Physical Placement of Network Devices 586 Segmentation 587 Secure Device Management 591 Operate and Configure Network-Based Security Devices 593 Network Address Translation 594 Additional Security Device Considerations 596 Firewalls and Proxies 598 Network Intrusion Detection/Prevention Systems 605 Security Information and Event Management Systems 607 Routers and Switches 609 Network Security from Other Hardware Devices 610 Traffic-Shaping Devices 613 Operate and Configure Wireless Technologies 615 Wireless: Common Characteristics 616 Wi-Fi 624 Bluetooth 637 Near-Field Communications 638 Cellular/Mobile Phone Networks 639 Ad Hoc Wireless Networks 640 Transmission Security 642 Wireless Security Devices 645 Summary 646 Chapter 7: Systems and Application Security 649 Systems and Software Insecurity 650 Software Vulnerabilities Across the Lifecycle 654 Risks of Poorly Merged Systems 663 Hard to Design It Right, Easy to Fix It? 664 Hardware and Software Supply Chain Security 667 Positive and Negative Models for Software Security 668 Is Blocked Listing Dead? Or Dying? 669 Information Security = Information Quality + Information Integrity 670 Data Modeling 671 Preserving Data Across the Lifecycle 674 Identify and Analyze Malicious Code and Activity 678 Malware 679 Malicious Code Countermeasures 682 Malicious Activity 684 Malicious Activity Countermeasures 688 Implement and Operate Endpoint Device Security 689 HIDS 691 Host-Based Firewalls 692 Allowed Lists: Positive Control for App Execution 693 Endpoint Encryption 694 Trusted Platform Module 695 Mobile Device Management 696 Secure Browsing 697 IoT Endpoint Security 700 Endpoint Security: EDR, MDR, XDR, UEM, and Others 701 Operate and Configure Cloud Security 701 Deployment Models 702 Service Models 703 Virtualization 706 Legal and Regulatory Concerns 709 Data Storage and Transmission 716 Third-Party/Outsourcing Requirements 716 Lifecycles in the Cloud 717 Shared Responsibility Model 718 Layered Redundancy as a Survival Strategy 719 Operate and Secure Virtual Environments 720 Software-Defined Networking 723 Hypervisor 725 Virtual Appliances 726 Continuity and Resilience 727 Attacks and Countermeasures 727 Shared Storage 729 Summary 730 Appendix: Cross-Domain Challenges 731 Paradigm Shifts in Information Security? 732 Pivot 1: Turn the Attackers’ Playbooks Against Them 734 ATT&CK: Pivoting Threat Intelligence 734 Analysis: Real-Time and Retrospective 735 The SOC as a Fusion Center 737 All-Source, Proactive Intelligence: Part of the Fusion Center 738 Pivot 2: Cybersecurity Hygiene: Think Small, Act Small 739 CIS IG 1 for the SMB and SME 740 Hardening Individual Cybersecurity 740 Assume the Breach 742 Pivot 3: Flip the “Data-Driven Value Function” 743 Data-Centric Defense and Resiliency 744 Ransomware as a Service 745 Supply Chains, Security, and the SSCP 746 ICS, IoT, and SCADA: More Than SUNBURST 747 Extending Physical Security: More Than Just Badges and Locks 749 The IoRT: Robots Learning via the Net 750 Pivot 4: Operationalize Security Across the Immediate and Longer Term 751 Continuous Assessment and Continuous Compliance 752 SDNs and SDS 753 SOAR: Strategies for Focused Security Effort 755 A “DevSecOps” Culture: SOAR for Software Development 756 Pivot 5: Zero-Trust Architectures and Operations 757 FIDO and Passwordless Authentication 760 Threat Hunting, Indicators, and Signature Dependence 761 Other Dangers on the Web and Net 763 Surface, Deep, and Dark Webs 763 Deep and Dark: Risks and Countermeasures 764 DNS and Namespace Exploit Risks 765 Cloud Security: Edgier and Foggier 766 Curiosity as Countermeasure 766 Index 769
£48.75
John Wiley & Sons Inc Project Zero Trust
Book SynopsisTable of ContentsAbout the Author xi Acknowledgments xiii Foreword xv Introduction xxi Chapter 1: The Case for Zero Trust 1 Key Takeaways 10 Chapter 2: Zero Trust Is a Strategy 13 Key Takeaways 26 The Four Zero Trust Design Principles 27 The Five-Step Zero Trust Design Methodology 27 The Zero Trust Implementation Curve 27 Chapter 3: Trust Is a Vulnerability 29 Key Takeaways 39 Chapter 4: The Crown Jewels 43 Key Takeaways 54 Chapter 5: The Identity Cornerstone 57 Key Takeaways 71 Chapter 6: Zero Trust DevOps 73 Key Takeaways 83 Chapter 7: Zero Trust SOC 87 Key Takeaways 100 Chapter 8: Cloudy with a Chance of Trust 103 Key Takeaways 113 Chapter 9: A Sustainable Culture 117 Key Takeaways 129 Chapter 10: The Tabletop Exercise 133 Key Takeaways 147 Chapter 11: Every Step Matters 151 Key Takeaways 159 Appendix A: Zero Trust Design Principles and Methodology 165 The Four Zero Trust Design Principles 165 The Five-Step Zero Trust Design Methodology 166 Appendix B: Zero Trust Maturity Model 167 Appendix C: Sample Zero Trust Master Scenario Events List 171 Appendix D: For Further Reading 179 Standards, Frameworks, and Other Resources 179 Case Studies 180 Google BeyondCorp Papers 180 Books 181 Hardening Guides 181 Glossary 183 Index 191
£18.69
Taylor & Francis The Psychology of Social Media
Book SynopsisAre we really being ourselves on social media? Can we benefit from connecting with people we barely know online? Why do some people overshare on social networking sites?The Psychology of Social Media explores how so much of our everyday lives is played out online, and how this can impact our identity, wellbeing and relationships. It looks at how our online profiles, connections, status updates and sharing of photographs can be a way to express ourselves and form connections, but also highlights the pitfalls of social media including privacy issues. From FOMO to fraping, and from subtweeting to selfies, The Psychology of Social Media shows how social media has developed a whole new world of communication, and for better or worse is likely to continue to be an essential part of how we understand our selves.Table of Contents1. Introduction 2. Profiles 3. Connections 4. Updates 5. Media 6. Messaging 7. Values
£15.58
John Wiley & Sons Inc AWS Certified Advanced Networking Study Guide
Book SynopsisThe latest edition of the official study guide for the AWS Advanced Networking certification specialty exam The newly revised second edition of the AWS Certified Advanced Networking Study Guide: Specialty (ANS-C01) Exam delivers an expert review of Amazon Web Services Networking fundamentals as they relate to the ANS-C01 exam. You'll find detailed explanations of critical exam topics combined with real-world scenarios that will help you build the robust knowledge base you need for the testand to succeed in the field as an AWS Certified Networking specialist. Learn about the design, implementation and deployment of AWS cloud-based Networking solutions, core services implementation, AWS service architecture design and maintenance (including architectural best practices), monitoring, Hybrid networks, security, compliance, governance, and network automation. The book also offers one year of free access to Sybex's online interactive learning environment and expert stuTable of ContentsIntroduction xxvii Assessment Test xxxi Part I Network Design 1 Chapter 1 Edge Networking 3 Content Distribution Networking 4 CloudFront 4 CloudFront Implementation 6 Caching and Object Retention 6 Invalidations 8 Protocol Support 9 CloudFront Encryption Using SSL/TLS and SNI 10 CloudFront Security 11 Billing 12 Lambda@edge 13 Geo- restriction and Geolocation 13 Global Accelerator 15 Global Accelerator Architecture 17 Custom Routing Accelerator 18 AWS Global Accelerator Pricing 18 Elastic Load Balancers 19 Load Balancer Architectures 19 Listeners 19 Target Groups 20 Health Checking 20 Sticky Connections 20 Proxy Connections 21 Load Balancing Across Different Availability Zones 22 Connection Draining 22 AWS Load Balancer Offerings 23 Application Load Balancers 27 Gateway Load Balancers 29 Network Load Balancer 31 Classic Load Balancers 32 Configuring Elastic Load Balancers 32 API Gateway 33 Rest Api 33 Http Api 34 WebSocket Protocol 34 API Gateway Configuration 34 API Gateway Caching 35 Endpoint Types 35 Security 37 Authentication and Authorization 37 CloudFront Design Considerations 38 Summary 39 Exam Essentials 39 Exercises 40 Written Lab 41 Written Lab 1.1: Create an HTTP API by Using the AWS Management Console 41 Review Questions 42 Chapter 2 Domain Name Services 47 DNS and Route 53 48 DNS Overview 49 Architecture 50 DNS Hierarchy 50 Zones 51 DNS Resolution Process 51 Resource Records 52 Timers 54 Delegations 54 DNSSEC Overview 54 DNS Logging and Monitoring 55 CloudTrail 55 CloudWatch 57 Artificial Intelligence and Machine Learning 57 Redshift 58 Route 53 Advanced Features and Policies 58 Alias Records 58 Resolvers 59 Route 53 Resolver DNS Firewall 60 Health Checks 60 Traffic Routing Policies 61 Simple Routing 61 Multivalue Responses 63 Latency- Based Routing 63 Failover Routing 65 Round- Robin Routing 65 Weighted Routing 66 Geo location 67 Geo- proximity 68 Route 53 Service Integrations 68 Vpc 69 CloudFront 69 Load Balancers 69 Route 53 Application Recovery Controller 70 Hybrid Route 53 70 Multi- account Route 53 71 Multi-Region Route 53 72 Using Route 53 Public Hosted Zones 72 Using Route 53 Private Hosted Zones 73 Using Route 53 Resolver Endpoints in Hybrid and AWS Architectures 73 Using Route 53 for Global Traffic Management 74 Route 53 Failover 75 Domain Registration 75 Required Information to Register a Domain 76 Privacy Protection 78 Route 53 Registration Information 78 Renewing Your Domain 78 Summary 79 Exam Essentials 79 Exercises 80 Review Questions 82 Chapter 3 Hybrid and Multi- account DNS 87 Implementing Hybrid and Multi- account DNS Architectures 88 Route 53 Hosted Zones 88 Private Hosted Zones 89 Public Hosted Zones 89 Traffic Management 90 Latency 93 Geo location 94 Weighted 95 Failover 96 Multivalue 97 Health Checking 97 Domain Delegation and Forwarding 99 Delegating Domains 99 Forwarding Rules 100 Configuring Records in Route 53 100 A Record 101 AAAA Record 102 Cname 102 mx Record 104 SOA Record 104 TXT Record 106 PTR Record 106 Alias Record 106 SRV Record 107 SPF Record 107 NAPTR Record 109 CAA Record 109 Configuring DNSSEC 109 Multi- account Route 53 110 DNS Endpoints 111 Outbound Endpoints 112 Inbound Endpoints 113 Configuring Route 53 Monitoring and Logging 114 CloudTrail API Logging 115 CloudWatch Logging 116 DNS Query Logging 116 Resolver Query Logging 117 Hosted Zone Monitoring 117 Resolver Endpoints Monitoring 117 Domain Registration Monitoring 118 Summary 118 Exam Essentials 119 Written Labs 119 Written Lab 3.1: Configure Logging for DNS Queries 119 Written Lab 3.2: View DNS Query Metrics for a Public Hosted Zone in the CloudWatch Console 120 Review Questions 121 Elastic Load Balancing 128 Network Load Balancing 129 Application Load Balancing 130 Gateway Load Balancing 131 Classic Load Balancing 132 Network Design 132 High Availability 133 Security 133 ELB Connectivity Patterns 134 Internal Load Balancers 134 External Load Balancers 135 Autoscaling 136 AWS Service Integrations 136 Config 137 Global Accelerator 137 CloudFront 138 Traffic Mirroring 138 VPC Endpoint Services (PrivateLink) 139 Web Application Firewall 139 Route 53 139 Amazon Elastic Kubernetes Service 139 AWS Certificate Manager 140 ELB Configuration Options 141 Proxy Protocol 141 X- Forwarded- For Protocol 142 Cross- Zone Load Balancing 142 Session Affinity and Sticky Sessions 143 Target Groups 145 Routing 146 Target Types 146 IP Address Type 146 Protocol Version 146 Registered Targets 147 Routing Algorithms 147 Deregistration and Connection Draining 147 Deletion Protection 147 Health Checking 149 Slow Start 149 The GENEVE Protocol 149 Encryption and Authentication 151 SSL/TLS Offload 151 TLS Passthrough 151 Summary 152 Exam Essentials 153 Exercises 154 Written Labs 154 Written Lab 4.1: Create a Network Load Balancer 154 Written Lab 4.2: Use the Console to Enable Deletion Protection 155 Written Lab 4.3: Use the Console to Disable Deletion Protection 156 Written Lab 4.4: Enable Application- Based Stickiness 156 Review Questions 157 Chapter 5 Logging and Monitoring 163 CloudWatch 164 Metrics 164 Monitoring Categories 165 Agents 166 Logging 167 Alarms 168 Metric Insights 170 Dashboards 170 Transit Gateway Network Manager 171 VPC Reachability Analyzer 171 Access Logs 173 Elastic Load Balancing 174 Route 53 Logs 175 CloudFront Logs 175 CloudTrail Logs 175 X- Ray 176 X- Ray Traces 176 X- Ray Insights 177 Flow Logs 178 Baseline Network Performance 180 Inspector 180 Application Insights 181 Config 181 Summary 182 Exam Essentials 183 Written Labs 184 Written Lab 5.1: Enable CloudWatch Detailed Monitoring for an Instance That Has Already Been Enabled 184 Written Lab 5.2: Enable CloudWatch Logging from the Web Console 185 Written Lab 5.3: Enable CloudWatch Alarms from the Web Console 185 Written Lab 5.4: Create a VPC Reachability Analyzer from the Web Console 186 Review Questions 187 Part II Network Implementation 191 Chapter 6 Hybrid Networking 193 Hybrid Connectivity 194 OSI Layer 1 194 Optics 196 OSI Layer 2 197 VLANs 198 Link Aggregation 199 Jumbo Frames 200 Encapsulation and Encryption 200 Overlay and Underlay Networks 200 VxLan 201 Generic Routing Encapsulation 202 IPSec 203 Geneve 205 Routing Fundamentals 205 Static Routing 206 Dynamic Routing 206 The BGP Routing Protocol 206 Direct Connect 211 Direct Connect Gateway 217 Virtual Private Gateway 219 Site- to- Site VPN 220 VPN CloudHub 221 AWS Account Resource Sharing 222 Summary 222 Exam Essentials 223 Exercises 223 Written Labs 224 Written Lab 6.1: Simulate Creating a Direct Connection 224 Written Lab 6.2: Simulate Creating a Site- to- Site VPN Connection 224 Review Questions 226 Chapter 7 Connecting On- Premises Networks 231 On- Premises Network Connectivity 232 VPNs 232 VPN Security 232 Accelerated Site- to- Site VPN Connections 233 Layer 1 and Types of Hardware to Use 235 Direct Connect 235 Direct Connect Locations 235 Letter of Authorization Documents 236 Layer 2 and Layer 3 236 Switching 236 Routing 237 Gateways 238 Software- Defined Networking 239 Transit Gateway 241 PrivateLink 241 Resource Access Manager 241 Testing and Validating Connectivity Between Environments 243 Route Analyzer 243 Reachability Analyzer 243 ICMP ping 243 traceroute 245 Summary 246 Exam Essentials 247 Written Labs 248 Written Lab 7.1: Create a VPN Attachment on a Transit Gateway Using the Console 248 Written Lab 7.2: Perform a traceroute 250 Written Lab 7.3: Use ping 250 Review Questions 251 Chapter 8 Inter- VPC and Multi- account Networking 255 Networking Services of VPCs 256 VPC Sharing 256 VPC Peering 257 Multi- account VPC Sharing 260 PrivateLink 260 Hub- and- Spoke VPC Architectures 261 Transit Gateway 262 Transit Gateway Connect 265 transit VPCs 266 Wide- Area Networking 266 Software- Defined Wide Area Networking 267 Multi Protocol Label Switching 268 Expanding AWS Networking Connectivity 270 Organizations 271 Resource Access Manager 273 Authentication and Authorization 274 Security Association Markup Language 275 Active Directory 275 Summary 278 Exam Essentials 279 Exercises 280 Review Questions 281 Chapter 9 Hybrid Network Routing and Connectivity 287 Industry- Standard Routing Protocols Used in AWS Hybrid Networks 288 Optimizing Routing 288 Optimizing Dynamic Routing 289 Optimizing Static Routing 290 Route Priorities and Administrative Distance 290 Route Summarization 291 Route Propagation 292 Overlapping Routes 292 BGP Over Direct Connect 294 Connectivity Methods for AWS and Hybrid Networks 294 Direct Connect and Direct Connect Gateway 295 Direct Connect Virtual Interfaces 295 Site- to- Site VPN 296 App Mesh 296 AWS Networking Limits and Quotas 297 Available Private and Public Access Methods for Custom Services 304 PrivateLink 305 VPC Peering 305 Available Inter- Regional and Intra- Regional Communication Patterns 306 Summary 307 Exam Essentials 307 Written Lab 308 Written Lab 9.1: Enable Route Propagation in a VPC 308 Exercises 308 Review Questions 309 Part III Network Management and Operations 315 Chapter 10 Network Automation 317 Network Automation 318 Infrastructure as Code 318 AWS Cloud Development Kit 319 AWS CloudFormation 320 EventBridge 322 AWS Command- Line Interface 322 AWS Software Development Kit 323 Application Programming Interfaces 326 Integrating Network Automation Using Infrastructure as Code 327 Event- Driven Network Automation 328 Automating the Process of Optimizing Cloud Network Resources with IaC 329 Common Problems When Using Hard- Coded Instructions in IaC Templates 330 Creating and Managing Repeatable Network Configurations 330 Integrating Event- Driven Networking Functions 331 Integrating Hybrid Network Automation Options with AWS Native IaC 332 Eliminating Risk and Achieving Efficiency in a Cloud Networking Environment 333 Summary 334 Exam Essentials 335 Exercises 336 Review Questions 337 Chapter 11 Monitor, Analyze, and Optimize Network Traffic 341 Monitoring, Analyzing, and Optimizing AWS Networks 342 Monitor and Analyze Network Traffic to Troubleshoot and Optimize Connectivity Patterns 342 Network Performance Metrics and Reachability Constraints 344 Appropriate Logs and Metrics to Assess Network Performance and Reachability Issues 345 AWS Tools to Collect and Analyze Logs and Metrics 345 AWS Tools to Analyze Routing Patterns and Issues 346 Analyzing Logging Output to Assess Network Performance and Troubleshoot Connectivity 347 Network Topology Mapping 348 Analyzing Packets to Identify Issues 349 Using the Reachability Analyzer for Troubleshooting, Validating, and Automating Connectivity Issues 350 Optimize AWS Networks for Performance, Reliability, and Cost- Effectiveness 351 VPC Peering vs. Transit Gateways 351 Reducing Bandwidth Utilization with Multicast 352 Implementing Multicast Capability Within a VPC and On- Premises Environments 352 Optimizing Route 53 354 Frame Size Optimization Across Different Connection Types 355 Jumbo Frame Support Across Different Connection Types 356 Optimizing Network Throughput 357 Selecting a Network Interface for Best Performance 357 Select Network Connectivity Services That Meet Requirements 358 VPC Subnet Optimization 359 Updating and Optimizing Subnets to Prevent the Depletion of Available IP Addresses in a VPC 360 Updating and Optimizing Subnets for Autoscaling 361 Optimizing Network Performance and Availability Using Caching and Compression 361 Summary 363 Exam Essentials 365 Written Labs 367 Written Lab 11.1: Create a VPC Flow Log 367 Written Lab 11.2: Add a New Subnet to a VPC 367 Written Lab 11.3: Change the MTU on a Linux EC 2 Interface 368 Exercises 368 Review Questions 370 Part IV Network Security, Compliance, and Governance 375 Chapter 12 Security, Compliance and Governance 377 Security, Compliance, and Governance 378 Threat Models 380 Common Security Threats 384 Securing Application Flows 385 Network Architectures That Meet Security and Compliance Requirements 386 Securing Inbound Traffic Flows 388 Web Application Firewall 388 Network Firewall 389 Shield 390 Security Groups 391 Network Access Control Lists 391 Securing Outbound Traffic Flows 392 Network Firewall 393 Proxies 393 Gateway Load Balancers 394 Route 53 Resolvers 394 Virtual Private Networks 395 VPC Endpoint Services: PrivateLink 395 Securing Inter- VPC Traffic 396 Network ACLs 396 VPC Endpoint Policies 396 Security Groups 396 Transit Gateway 397 VPC Peering 397 Implementing an AWS Network Architecture to Meet Security and Compliance Requirements 397 Untrusted Networks 397 Perimeter VPC 398 Three- Tier Architecture 399 Hub- and- Spoke Architecture 399 Develop a Threat Model and Identify Mitigation Strategies 399 Compliance Testing 401 Automating Security Incident Reporting and Alerting 402 Summary 403 Exam Essentials 407 Exercises 408 Written Labs 409 Written Lab 12.1: Download an Artifact Report 409 Written Lab 12.2: Request a Public SSL/TLS Certificate from the AWS Console 409 Written Lab 12.3: Review a Security Group Configuration from the AWS Console 410 Review Questions 411 Chapter 13 Network Monitoring and Logging 417 Network Monitoring and Logging Services in AWS 418 AWS CloudTrail 419 VPC Traffic Mirroring 420 VPC Flow Logs 421 Transit Gateway Logging 423 Alerting Mechanisms 426 CloudWatch Alarms 426 Simple Notification Service 427 Log Creation with Different AWS Services 428 Load Balancer Access Logs 429 CloudFront Access Logs 430 Log Delivery Mechanisms 431 Kinesis 432 Route 53 433 CloudWatch 434 Mechanisms to Audit Network Security Configurations 435 Security Groups 436 Firewall Manager 437 Trusted Advisor 437 Traffic Mirroring and Flow Logs 438 Creating and Analyzing VPC Flow Logs 439 Creating and Analyzing Network Traffic Mirroring 441 CloudWatch 441 Implementing Automated Alarms Using CloudWatch 442 Implementing Customized Metrics Using CloudWatch 443 Correlating and Analyzing Information Across Single or Multiple AWS Log Sources 444 Implementing Log Delivery Solutions 445 Implementing a Network Audit Strategy 446 Summary 447 Exam Essentials 448 Exercises 450 Review Questions 452 Chapter 14 Confidentiality and Encryption 457 Confidentiality and Encryption 458 Network Encryption Options Available on AWS 459 VPN Connectivity Over Direct Connect 460 Encryption Methods for Data in Transit 461 Network Encryption and the AWS Shared Responsibility Model 462 Security Methods for DNS Communications 464 Implementing Network Encryption Methods to Meet Application Compliance Requirements 465 IPSec 466 Tls 468 Implementing Encryption Solutions to Secure Data in Transit 470 CloudFront 471 Application Load Balancers and Network Load Balancers 472 Securing AWS Managed Databases 472 Securing Amazon S3 Buckets 475 Securing EC2 Instances 476 Transit Gateway 477 Certificate Management Using a Certificate Authority 479 AWS Certificate Manager and Private Certificate Authority 480 Summary 481 Exam Essentials 483 Exercises 484 Review Questions 485 Appendix Answers to Review Questions 491 Chapter 1: Edge Networking 492 Chapter 2: Domain Name Services 494 Chapter 3: Hybrid and Multi- account DNS 497 Chapter 4: Load Balancing 499 Chapter 5: Logging and Monitoring 502 Chapter 6: Hybrid Networking 505 Chapter 7: Connecting On- Premises Networks 507 Chapter 8: Inter- VPC and Multi- account Networking 509 Chapter 9: Hybrid Network Routing and Connectivity 512 Chapter 10: Network Automation 515 Chapter 11: Monitor, Analyze, and Optimize Network Traffic 518 Chapter 12: Security, Compliance and Governance 520 Chapter 13: Network Monitoring and Logging 524 Chapter 14: Confidentiality and Encryption 527 Index 531
£47.50
John Wiley & Sons Inc Pen Testing from Contract to Report
Book SynopsisProtect your system or web application with this accessible guide Penetration tests, also known as pen tests', are a means of assessing the security of a computer system by simulating a cyber-attack. These tests can be an essential tool in detecting exploitable vulnerabilities in a computer system or web application, averting potential user data breaches, privacy violations, losses of system function, and more. With system security an increasingly fundamental part of a connected world, it has never been more important that cyber professionals understand the pen test and its potential applications. Pen Testing from Contract to Report offers a step-by-step overview of the subject. Built around a new concept called the Penetration Testing Life Cycle, it breaks the process into phases, guiding the reader through each phase and its potential to expose and address system vulnerabilities. The result is an essential tool in the ongoing fight against harmful system intrusions. In Pen Testing frTable of ContentsForeword viii Preface ix Acknowledgement x List of Abbreviations xi Companion Website xiii 1 Introduction to Penetration Testing 1 2 The Contract 19 3 Law and Legislation 39 4 Footprinting and Reconnaissance 53 5 Scanning Networks 81 6 Enumeration 111 7 Vulnerability Analysis 137 8 System Hacking 183 9 Malware Threats 239 10 Sniffing 265 11 Social Engineering 283 12 Denial of Service 315 13 Session Hijacking 343 14 Evading IDS, Firewalls, and Honeypots 363 15 Web Servers 389 16 Web Application Hacking 413 17 SQL Injection 481 18 Hacking Wireless Networks 517 19 Mobile Platforms 549 20 Internet of Things (IoT) 581 21 Cloud Computing 601 22 The Report 623 Index 639
£67.46
