Databases / Data management Books

Book SynopsisPrepare for Microsoft Exam 70-764—and help demonstrate your real-world mastery of skills for database administration. This exam is intended for database administrators charged with installation, maintenance, and configuration tasks. Their responsibilities also include setting up database systems, making sure those systems operate efficiently, and regularly storing, backing up, and securing data from unauthorized access. Focus on the expertise measured by these objectives: • Configure data access and auditing • Manage backup and restore of databases • Manage and monitor SQL Server instances • Manage high availability and disaster recovery This Microsoft Exam Ref: • Organizes its coverage by exam objectives • Features strategic, what-if scenarios to challenge you • Assumes you have working knowledge of database installation, configuration, and maintenance tasks. You should also have experience with setting up database systems, ensuring those systems operate efficiently, regularly storing and backing up data, and securing data from unauthorized access. About the Exam Exam 70-764 focuses on skills and knowledge required for database administration. About Microsoft Certification Passing both Exam 70-764 and Exam 70-765 (Provisioning SQL Databases) earns you credit toward an MCSA: SQL 2016 Database Administration certification. See full details at: microsoft.com/learning Table of Contents 1. Configure Data Access and Auditing 2. Manage Backup and Restore of Databases 3. Manage and Monitor SQL Server Instances 4. Manage High Availability and Disaster Recovery

Read more less

Book SynopsisYour Cisco Networking Academy Course Booklet is designed as a study resource you can easily read, highlight, and review on the go, wherever the Internet is not available or practical: · The text is extracted directly, word-for-word, from the online course so you can highlight important points and take notes in the “Your Chapter Notes” section. · Headings with the exact page correlations provide a quick reference to the online course for your classroom discussions and exam preparation. · An icon system directs you to the online curriculum to take full advantage of the images embedded within the Networking Academy online course interface and reminds you to perform the labs, Class Activities, interactive activities, Packet Tracer activities, watch videos, and take the chapter quizzes and exams. The Course Booklet is a basic, economical paper-based resource to help you succeed with the Cisco Networking Academy online course. Table of ContentsChapter 0 Course Introduction 1 0.0 Welcome to CCNA: Cybersecurity Operations 1 0.0.1 Message to the Student 1 Chapter 1 Cybersecurity and the Security Operations Center 5 1.0 Introduction 5 1.1 The Danger 5 1.1.1 War Stories 5 1.1.1.1 Hijacked People 5 1.1.1.2 Ransomed Companies 5 1.1.1.3 Targeted Nations 6 1.1.1.4 Lab - Installing the CyberOps Workstation Virtual Machine 6 1.1.1.5 Lab - Cybersecurity Case Studies 6 1.1.2 Threat Actors 6 1.1.2.1 Amateurs 6 1.1.2.2 Hacktivists 7 1.1.2.3 Financial Gain 7 1.1.2.4 Trade Secrets and Global Politics 7 1.1.2.5 How Secure is the Internet of Things? 7 1.1.2.6 Lab - Learning the Details of Attacks 7 1.1.3 Threat Impact 8 1.1.3.1 PII and PHI 8 1.1.3.2 Lost Competitive Advantage 8 1.1.3.3 Politics and National Security 8 1.1.3.4 Lab - Visualizing the Black Hats 9 1.2 Fighters in the War Against Cybercrime 9 1.2.1 The Modern Security Operations Center 9 1.2.1.1 Elements of a SOC 9 1.2.1.2 People in the SOC 9 1.2.1.3 Process in the SOC 10 1.2.1.4 Technologies in the SOC 10 1.2.1.5 Enterprise and Managed Security 10 1.2.1.6 Security vs. Availability 11 1.2.1.7 Activity - Identify the SOC Terminology 11 1.2.2 Becoming a Defender 11 1.2.2.1 Certifications 11 1.2.2.2 Further Education 12 1.2.2.3 Sources of Career Information 12 1.2.2.4 Getting Experience 13 1.2.2.5 Lab - Becoming a Defender 13 1.3 Summary 13 Chapter 2 Windows Operating System 17 2.0 Introduction 17 2.1 Windows Overview 17 2.1.1 Windows History 17 2.1.1.1 Disk Operating System 17 2.1.1.2 Windows Versions 18 2.1.1.3 Windows GUI 19 2.1.1.4 Operating System Vulnerabilities 19 2.1.2 Windows Architecture and Operations 20 2.1.2.1 Hardware Abstraction Layer 20 2.1.2.2 User Mode and Kernel Mode 21 2.1.2.3 Windows File Systems 21 2.1.2.4 Windows Boot Process 23 2.1.2.5 Windows Startup and Shutdown 24 2.1.2.6 Processes, Threads, and Services 25 2.1.2.7 Memory Allocation and Handles 25 2.1.2.8 The Windows Registry 26 2.1.2.9 Activity - Identify the Windows Registry Hive 27 2.1.2.10 Lab - Exploring Processes, Threads, Handles, and Windows Registry 27 2.2 Windows Administration 27 2.2.1 Windows Configuration and Monitoring 27 2.2.1.1 Run as Administrator 27 2.2.1.2 Local Users and Domains 27 2.2.1.3 CLI and PowerShell 28 2.2.1.4 Windows Management Instrumentation 29 2.2.1.5 The net Command 30 2.2.1.6 Task Manager and Resource Monitor 30 2.2.1.7 Networking 31 2.2.1.8 Accessing Network Resources 33 2.2.1.9 Windows Server 33 2.2.1.10 Lab - Create User Accounts 34 2.2.1.11 Lab - Using Windows PowerShell 34 2.2.1.12 Lab - Windows Task Manager 34 2.2.1.13 Lab - Monitor and Manage System Resources in Windows 34 2.2.2 Windows Security 34 2.2.2.1 The netstat Command 34 2.2.2.2 Event Viewer 35 2.2.2.3 Windows Update Management 35 2.2.2.4 Local Security Policy 35 2.2.2.5 Windows Defender 36 2.2.2.6 Windows Firewall 37 2.2.2.7 Activity - Identify the Windows Command 37 2.2.2.8 Activity - Identify the Windows Tool 37 2.3 Summary 37 Chapter 3 Linux Operating System 41 3.0 Introduction 41 3.1 Linux Overview 41 3.1.1 Linux Basics 41 3.1.1.1 What is Linux? 41 3.1.1.2 The Value of Linux 42 3.1.1.3 Linux in the SOC 42 3.1.1.4 Linux Tools 43 3.1.2 Working in the Linux Shell 43 3.1.2.1 The Linux Shell 43 3.1.2.2 Basic Commands 43 3.1.2.3 File and Directory Commands 44 3.1.2.4 Working with Text Files 44 3.1.2.5 The Importance of Text Files in Linux 44 3.1.2.6 Lab - Working with Text Files in the CLI 45 3.1.2.7 Lab - Getting Familiar with the Linux Shell 45 3.1.3 Linux Servers and Clients 45 3.1.3.1 An Introduction to Client-Server Communications 45 3.1.3.2 Servers, Services, and Their Ports 45 3.1.3.3 Clients 45 3.1.3.4 Lab - Linux Servers 45 3.2 Linux Administration 46 3.2.1 Basic Server Administration 46 3.2.1.1 Service Configuration Files 46 3.2.1.2 Hardening Devices 46 3.2.1.3 Monitoring Service Logs 47 3.2.1.4 Lab - Locating Log Files 48 3.2.2 The Linux File System 48 3.2.2.1 The File System Types in Linux 48 3.2.2.2 Linux Roles and File Permissions 49 3.2.2.3 Hard Links and Symbolic Links 50 3.2.2.4 Lab - Navigating the Linux Filesystem and Permission Settings 50 3.3 Linux Hosts 51 3.3.1 Working with the Linux GUI 51 3.3.1.1 X Window System 51 3.3.1.2 The Linux GUI 51 3.3.2 Working on a Linux Host 52 3.3.2.1 Installing and Running Applications on a Linux Host 52 3.3.2.2 Keeping the System Up To Date 52 3.3.2.3 Processes and Forks 52 3.3.2.4 Malware on a Linux Host 53 3.3.2.5 Rootkit Check 54 3.3.2.6 Piping Commands 54 3.3.2.7 Video Demonstration - Applications, Rootkits, and Piping Commands 55 3.4 Summary 55 Chapter 4 Network Protocols and Services 59 4.0 Introduction 59 4.1 Network Protocols 59 4.1.1 Network Communications Process 59 4.1.1.1 Views of the Network 59 4.1.1.2 Client-Server Communications 60 4.1.1.3 A Typical Session: Student 60 4.1.1.4 A Typical Session: Gamer 61 4.1.1.5 A Typical Session: Surgeon 61 4.1.1.6 Tracing the Path 62 4.1.1.7 Lab - Tracing a Route 62 4.1.2 Communications Protocols 62 4.1.2.1 What are Protocols? 62 4.1.2.2 Network Protocol Suites 63 4.1.2.3 The TCP/IP Protocol Suite 63 4.1.2.4 Format, Size, and Timing 64 4.1.2.5 Unicast, Multicast, and Broadcast 64 4.1.2.6 Reference Models 65 4.1.2.7 Three Addresses 65 4.1.2.8 Encapsulation 65 4.1.2.9 Scenario: Sending and Receiving a Web Page 66 4.1.2.10 Lab - Introduction to Wireshark 67 4.2 Ethernet and Internet Protocol (IP) 67 4.2.1 Ethernet 67 4.2.1.1 The Ethernet Protocol 67 4.2.1.2 The Ethernet Frame 68 4.2.1.3 MAC Address Format 68 4.2.1.4 Activity - Ethernet Frame Fields 68 4.2.2 IPv4 68 4.2.2.1 IPv4 Encapsulation 68 4.2.2.2 IPv4 Characteristics 69 4.2.2.3 Activity - IPv4 Characteristics 70 4.2.2.4 The IPv4 Packet 70 4.2.2.5 Video Demonstration - Sample IPv4 Headers in Wireshark 70 4.2.3 IPv4 Addressing Basics 70 4.2.3.1 IPv4 Address Notation 70 4.2.3.2 IPv4 Host Address Structure 70 4.2.3.3 IPv4 Subnet Mask and Network Address 71 4.2.3.4 Subnetting Broadcast Domains 71 4.2.3.5 Video Demonstration - Network, Host, and Broadcast Addresses 72 4.2.4 Types of IPv4 Addresses 72 4.2.4.1 IPv4 Address Classes and Default Subnet Masks 72 4.2.4.2 Reserved Private Addresses 73 4.2.5 The Default Gateway 73 4.2.5.1 Host Forwarding Decision 73 4.2.5.2 Default Gateway 74 4.2.5.3 Using the Default Gateway 74 4.2.6 IPv6 75 4.2.6.1 Need for IPv6 75 4.2.6.2 IPv6 Size and Representation 75 4.2.6.3 IPv6 Address Formatting 75 4.2.6.4 IPv6 Prefix Length 76 4.2.6.5 Activity - IPv6 Address Notation 76 4.2.6.6 Video Tutorial - Layer 2 and Layer 3 Addressing 76 4.3 Connectivity Verification 76 4.3.1 ICMP 76 4.3.1.1 ICMPv4 Messages 76 4.3.1.2 ICMPv6 RS and RA Messages 77 4.3.2 Ping and Traceroute Utilities 78 4.3.2.1 Ping - Testing the Local Stack 78 4.3.2.2 Ping - Testing Connectivity to the Local LAN 79 4.3.2.3 Ping - Testing Connectivity to Remote Host 79 4.3.2.4 Traceroute - Testing the Path 80 4.3.2.5 ICMP Packet Format 80 4.4 Address Resolution Protocol 81 4.4.1 MAC and IP 81 4.4.1.1 Destination on Same Network 81 4.4.1.2 Destination on Remote Network 82 4.4.2 ARP 82 4.4.2.1 Introduction to ARP 82 4.4.2.2 ARP Functions 82 4.4.2.3 Video - ARP Operation - ARP Request 83 4.4.2.4 Video - ARP Operation - ARP Reply 84 4.4.2.5 Video - ARP Role in Remote Communication 84 4.4.2.6 Removing Entries from an ARP Table 85 4.4.2.7 ARP Tables on Networking Devices 85 4.4.2.8 Lab - Using Wireshark to Examine Ethernet Frames 85 4.4.3 ARP Issues 85 4.4.3.1 ARP Broadcasts 85 4.4.3.2 ARP Spoofing 86 4.5 The Transport Layer 86 4.5.1 Transport Layer Characteristics 86 4.5.1.1 Transport Layer Protocol Role in Network Communication 86 4.5.1.2 Transport Layer Mechanisms 87 4.5.1.3 TCP Local and Remote Ports 87 4.5.1.4 Socket Pairs 88 4.5.1.5 TCP vs UDP 88 4.5.1.6 TCP and UDP Headers 89 4.5.1.7 Activity - Compare TCP and UDP Characteristics 90 4.5.2 Transport Layer Operation 90 4.5.2.1 TCP Port Allocation 90 4.5.2.2 A TCP Session Part I: Connection Establishment and Termination 91 4.5.2.3 Video Demonstration - TCP 3-Way Handshake 92 4.5.2.4 Lab - Using Wireshark to Observe the TCP 3-Way Handshake 92 4.5.2.5 Activity - TCP Connection and Termination Process 92 4.5.2.6 A TCP Session Part II: Data Transfer 92 4.5.2.7 Video Demonstration - Sequence Numbers and Acknowledgments 94 4.5.2.8 Video Demonstration - Data Loss and Retransmission 94 4.5.2.9 A UDP Session 94 4.5.2.10 Lab - Exploring Nmap 95 4.6 Network Services 95 4.6.1 DHCP 95 4.6.1.1 DHCP Overview 95 4.6.1.2 DHCPv4 Message Format 96 4.6.2 DNS 97 4.6.2.1 DNS Overview 97 4.6.2.2 The DNS Domain Hierarchy 97 4.6.2.3 The DNS Lookup Process 97 4.6.2.4 DNS Message Format 98 4.6.2.5 Dynamic DNS 99 4.6.2.6 The WHOIS Protocol 99 4.6.2.7 Lab - Using Wireshark to Examine a UDP DNS Capture 100 4.6.3 NAT 100 4.6.3.1 NAT Overview 100 4.6.3.2 NAT-Enabled Routers 100 4.6.3.3 Port Address Translation 100 4.6.4 File Transfer and Sharing Services 101 4.6.4.1 FTP and TFTP 101 4.6.4.2 SMB 102 4.6.4.3 Lab - Using Wireshark to Examine TCP and UDP Captures 102 4.6.5 Email 102 4.6.5.1 Email Overview 102 4.6.5.2 SMTP 102 4.6.5.3 POP3 103 4.6.5.4 IMAP 103 4.6.6 HTTP 103 4.6.6.1 HTTP Overview 103 4.6.6.2 The HTTP URL 104 4.6.6.3 The HTTP Protocol 104 4.6.6.4 HTTP Status Codes 105 4.6.6.5 Lab - Using Wireshark to Examine HTTP and HTTPS Traffic 105 4.7 Summary 105 Chapter 5 Network Infrastructure 109 5.0 Introduction 109 5.1 Network Communication Devices 109 5.1.1 Network Devices 109 5.1.1.1 End Devices 109 5.1.1.2 Video Tutorial - End Devices 109 5.1.1.3 Routers 110 5.1.1.4 Activity - Match Layer 2 and Layer 3 Addressing 110 5.1.1.5 Router Operation 110 5.1.1.6 Routing Information 111 5.1.1.7 Video Tutorial - Static and Dynamic Routing 112 5.1.1.8 Hubs, Bridges, LAN Switches 112 5.1.1.9 Switching Operation 113 5.1.1.10 Video Tutorial - MAC Address Tables on Connected Switches 114 5.1.1.11 VLANs 114 5.1.1.12 STP 114 5.1.1.13 Multilayer Switching 115 5.1.2 Wireless Communications 116 5.1.2.1 Video Tutorial - Wireless Communications 116 5.1.2.2 Protocols and Features 116 5.1.2.3 Wireless Network Operations 117 5.1.2.4 The Client to AP Association Process 118 5.1.2.5 Activity - Order the Steps in the Client and AP Association Process 119 5.1.2.6 Wireless Devices - AP, LWAP, WLC 119 5.1.2.7 Activity - Identify the LAN Device 119 5.2 Network Security Infrastructure 120 5.2.1 Security Devices 120 5.2.1.1 Video Tutorial - Security Devices 120 5.2.1.2 Firewalls 120 5.2.1.3 Firewall Type Descriptions 120 5.2.1.4 Packet Filtering Firewalls 121 5.2.1.5 Stateful Firewalls 121 5.2.1.6 Next-Generation Firewalls 121 5.2.1.7 Activity - Identify the Type of Firewall 122 5.2.1.8 Intrusion Protection and Detection Devices 122 5.2.1.9 Advantages and Disadvantages of IDS and IPS 122 5.2.1.10 Types of IPS 123 5.2.1.11 Specialized Security Appliances 124 5.2.1.12 Activity - Compare IDS and IPS Characteristics 125 5.2.2 Security Services 125 5.2.2.1 Video Tutorial - Security Services 125 5.2.2.2 Traffic Control with ACLs 125 5.2.2.3 ACLs: Important Features 126 5.2.2.4 Packet Tracer - ACL Demonstration 126 5.2.2.5 SNMP 126 5.2.2.6 NetFlow 127 5.2.2.7 Port Mirroring 127 5.2.2.8 Syslog Servers 128 5.2.2.9 NTP 128 5.2.2.10 AAA Servers 129 5.2.2.11 VPN 130 5.2.2.12 Activity - Identify the Network Security Device or Service 130 5.3 Network Representations 130 5.3.1 Network Topologies 130 5.3.1.1 Overview of Network Components 130 5.3.1.2 Physical and Logical Topologies 131 5.3.1.3 WAN Topologies 131 5.3.1.4 LAN Topologies 131 5.3.1.5 The Three-Layer Network Design Model 132 5.3.1.6 Video Tutorial - Three-Layer Network Design 132 5.3.1.7 Common Security Architectures 133 5.3.1.8 Activity - Identify the Network Topology 134 5.3.1.9 Activity - Identify the Network Design Terminology 134 5.3.1.10 Packet Tracer - Identify Packet Flow 134 5.4 Summary 134 Chapter 6 Principles of Network Security 137 6.0 Introduction 137 6.1 Attackers and Their Tools 137 6.1.1 Who is Attacking Our Network? 137 6.1.1.1 Threat, Vulnerability, and Risk 137 6.1.1.2 Hacker vs. Threat Actor 138 6.1.1.3 Evolution of Threat Actors 138 6.1.1.4 Cybercriminals 139 6.1.1.5 Cybersecurity Tasks 139 6.1.1.6 Cyber Threat Indicators 139 6.1.1.7 Activity - What Color is my Hat? 140 6.1.2 Threat Actor Tools 140 6.1.2.1 Introduction of Attack Tools 140 6.1.2.2 Evolution of Security Tools 140 6.1.2.3 Categories of Attacks 141 6.1.2.4 Activity - Classify Hacking Tools 141 6.2 Common Threats and Attacks 141 6.2.1 Malware 141 6.2.1.1 Types of Malware 141 6.2.1.2 Viruses 141 6.2.1.3 Trojan Horses 141 6.2.1.4 Trojan Horse Classification 142 6.2.1.5 Worms 142 6.2.1.6 Worm Components 143 6.2.1.7 Ransomware 143 6.2.1.8 Other Malware 144 6.2.1.9 Common Malware Behaviors 144 6.2.1.10 Activity - Identify the Malware Type 145 6.2.1.11 Lab - Anatomy of Malware 145 6.2.2 Common Network Attacks 145 6.2.2.1 Types of Network Attacks 145 6.2.2.2 Reconnaissance Attacks 145 6.2.2.3 Sample Reconnaissance Attacks 146 6.2.2.4 Access Attacks 146 6.2.2.5 Types of Access Attacks 147 6.2.2.6 Social Engineering Attacks 147 6.2.2.7 Phishing Social Engineering Attacks 148 6.2.2.8 Strengthening the Weakest Link 149 6.2.2.9 Lab - Social Engineering 149 6.2.2.10 Denial of Service Attacks 149 6.2.2.11 DDoS Attacks 149 6.2.2.12 Example DDoS Attack 150 6.2.2.13 Buffer Overflow Attack 150 6.2.2.14 Evasion Methods 151 6.2.2.15 Activity - Identify the Types of Network Attack 151 6.2.2.16 Activity - Components of a DDoS Attack 151 6.3 Summary 152 Chapter 7 Network Attacks: A Deeper Look 155 7.0 Introduction 155 7.1 Attackers and Their Tools 155 7.1.1 Who is Attacking Our Network? 155 7.1.1.1 Network Security Topology 155 7.1.1.2 Monitoring the Network 156 7.1.1.3 Network Taps 156 7.1.1.4 Traffic Mirroring and SPAN 156 7.1.2 Introduction to Network Monitoring Tools 157 7.1.2.1 Network Security Monitoring Tools 157 7.1.2.2 Network Protocol Analyzers 157 7.1.2.3 NetFlow 158 7.1.2.4 SIEM 159 7.1.2.5 SIEM Systems 159 7.1.2.6 Activity - Identify the Network Monitoring Tool 159 7.1.2.7 Packet Tracer - Logging Network Activity 159 7.2 Attacking the Foundation 160 7.2.1 IP Vulnerabilities and Threats 160 7.2.1.1 IPv4 and IPv6 160 7.2.1.2 The IPv4 Packet Header 160 7.2.1.3 The IPv6 Packet Header 161 7.2.1.4 IP Vulnerabilities 161 7.2.1.5 ICMP Attacks 162 7.2.1.6 DoS Attacks 163 7.2.1.7 Amplification and Reflection Attacks 163 7.2.1.8 DDoS Attacks 163 7.2.1.9 Address Spoofing Attacks 164 7.2.1.10 Activity - Identify the IP Vulnerability 164 7.2.1.11 Lab - Observing a DDoS Attack 164 7.2.2 TCP and UDP Vulnerabilities 165 7.2.2.1 TCP 165 7.2.2.2 TCP Attacks 165 7.2.2.3 UDP and UDP Attacks 166 7.2.2.4 Lab - Observing TCP Anomalies 166 7.3 Attacking What We Do 167 7.3.1 IP Services 167 7.3.1.1 ARP Vulnerabilities 167 7.3.1.2 ARP Cache Poisoning 167 7.3.1.3 DNS Attacks 168 7.3.1.4 DNS Tunneling 169 7.3.1.5 DHCP 169 7.3.1.6 Lab - Exploring DNS Traffic 170 7.3.2 Enterprise Services 170 7.3.2.1 HTTP and HTTPS 170 7.3.2.2 Email 173 7.3.2.3 Web-Exposed Databases 174 7.3.2.4 Lab - Attacking a MySQL Database 176 7.3.2.5 Lab - Reading Server Logs 176 7.3.2.6 Lab - Reading Server Logs 176 7.4 Summary 176 Chapter 8 Protecting the Network 179 8.0 Introduction 179 8.1 Understanding Defense 179 8.1.1 Defense-in-Depth 179 8.1.1.1 Assets, Vulnerabilities, Threats 179 8.1.1.2 Identify Assets 179 8.1.1.3 Identify Vulnerabilities 180 8.1.1.4 Identify Threats 181 8.1.1.5 Security Onion and Security Artichoke Approaches 181 8.1.2 Security Policies 182 8.1.2.1 Business Policies 182 8.1.2.2 Security Policy 182 8.1.2.3 BYOD Policies 183 8.1.2.4 Regulatory and Standard Compliance 184 8.2 Access Control 184 8.2.1 Access Control Concepts 184 8.2.1.1 Communications Security: CIA 184 8.2.1.2 Access Control Models 185 8.2.1.3 Activity - Identify the Access Control Model 185 8.2.2 AAA Usage and Operation 185 8.2.2.1 AAA Operation 185 8.2.2.2 AAA Authentication 186 8.2.2.3 AAA Accounting Logs 187 8.2.2.4 Activity - Identify the Characteristic of AAA 187 8.3 Threat Intelligence 187 8.3.1 Information Sources 187 8.3.1.1 Network Intelligence Communities 187 8.3.1.2 Cisco Cybersecurity Reports 188 8.3.1.3 Security Blogs and Podcasts 188 8.3.2 Threat Intelligence Services 188 8.3.2.1 Cisco Talos 188 8.3.2.2 FireEye 189 8.3.2.3 Automated Indicator Sharing 189 8.3.2.4 Common Vulnerabilities and Exposures Database 189 8.3.2.5 Threat Intelligence Communication Standards 189 8.3.2.6 Activity - Identify the Threat Intelligence Information Source 190 8.4 Summary 190 Chapter 9 Cryptography and the Public Key Infrastructure 193 9.0 Introduction 193 9.1 Cryptography 193 9.1.1 What is Cryptography? 193 9.1.1.1 Securing Communications 193 9.1.1.2 Cryptology 194 9.1.1.3 Cryptography - Ciphers 195 9.1.1.4 Cryptanalysis - Code Breaking 195 9.1.1.5 Keys 196 9.1.1.6 Lab - Encrypting and Decrypting Data Using OpenSSL 197 9.1.1.7 Lab - Encrypting and Decrypting Data Using a Hacker Tool 197 9.1.1.8 Lab - Examining Telnet and SSH in Wireshark 197 9.1.2 Integrity and Authenticity 197 9.1.2.1 Cryptographic Hash Functions 197 9.1.2.2 Cryptographic Hash Operation 198 9.1.2.3 MD5 and SHA 198 9.1.2.4 Hash Message Authentication Code 199 9.1.2.5 Lab - Hashing Things Out 200 9.1.3 Confidentiality 200 9.1.3.1 Encryption 200 9.1.3.2 Symmetric Encryption 200 9.1.3.3 Symmetric Encryption Algorithms 201 9.1.3.4 Asymmetric Encryption Algorithms 202 9.1.3.5 Asymmetric Encryption - Confidentiality 202 9.1.3.6 Asymmetric Encryption - Authentication 203 9.1.3.7 Asymmetric Encryption - Integrity 203 9.1.3.8 Diffie-Hellman 204 9.1.3.9 Activity - Classify the Encryption Algorithms 204 9.2 Public Key Infrastructure 204 9.2.1 Public Key Cryptography 204 9.2.1.1 Using Digital Signatures 204 9.2.1.2 Digital Signatures for Code Signing 206 9.2.1.3 Digital Signatures for Digital Certificates 206 9.2.1.4 Lab - Create a Linux Playground 206 9.2.2 Authorities and the PKI Trust System 206 9.2.2.1 Public Key Management 206 9.2.2.2 The Public Key Infrastructure 207 9.2.2.3 The PKI Authorities System 207 9.2.2.4 The PKI Trust System 208 9.2.2.5 Interoperability of Different PKI Vendors 208 9.2.2.6 Certificate Enrollment, Authentication, and Revocation 209 9.2.2.7 Lab - Certificate Authority Stores 209 9.2.3 Applications and Impacts of Cryptography 210 9.2.3.1 PKI Applications 210 9.2.3.2 Encrypting Network Transactions 210 9.2.3.3 Encryption and Security Monitoring 211 9.3 Summary 212 Chapter 10 Endpoint Security and Analysis 215 10.0 Introduction 215 10.1 Endpoint Protection 215 10.1.1 Antimalware Protection 215 10.1.1.1 Endpoint Threats 215 10.1.1.2 Endpoint Security 216 10.1.1.3 Host-Based Malware Protection 216 10.1.1.4 Network-Based Malware Protection 217 10.1.1.5 Cisco Advanced Malware Protection (AMP) 218 10.1.1.6 Activity - Identify Antimalware Terms and Concepts 218 10.1.2 Host-Based Intrusion Protection 218 10.1.2.1 Host-Based Firewalls 218 10.1.2.2 Host-Based Intrusion Detection 219 10.1.2.3 HIDS Operation 220 10.1.2.4 HIDS Products 220 10.1.2.5 Activity - Identify the Host-Based Intrusion Protection Terminology 220 10.1.3 Application Security 221 10.1.3.1 Attack Surface 221 10.1.3.2 Application Blacklisting and Whitelisting 221 10.1.3.3 System-Based Sandboxing 222 10.1.3.4 Video Demonstration - Using a Sandbox to Launch Malware 222 10.2 Endpoint Vulnerability Assessment 222 10.2.1 Network and Server Profiling 222 10.2.1.1 Network Profiling 222 10.2.1.2 Server Profiling 223 10.2.1.3 Network Anomaly Detection 223 10.2.1.4 Network Vulnerability Testing 224 10.2.1.5 Activity - Identify the Elements of Network Profiling 225 10.2.2 Common Vulnerability Scoring System (CVSS) 225 10.2.2.1 CVSS Overview 225 10.2.2.2 CVSS Metric Groups 225 10.2.2.3 CVSS Base Metric Group 226 10.2.2.4 The CVSS Process 226 10.2.2.5 CVSS Reports 227 10.2.2.6 Other Vulnerability Information Sources 227 10.2.2.7 Activity - Identify CVSS Metrics 228 10.2.3 Compliance Frameworks 228 10.2.3.1 Compliance Regulations 228 10.2.3.2 Overview of Regulatory Standards 228 10.2.3.3 Activity - Identify Regulatory Standards 229 10.2.4 Secure Device Management 230 10.2.4.1 Risk Management 230 10.2.4.2 Activity - Identify the Risk Response 231 10.2.4.3 Vulnerability Management 231 10.2.4.4 Asset Management 231 10.2.4.5 Mobile Device Management 232 10.2.4.6 Configuration Management 232 10.2.4.7 Enterprise Patch Management 233 10.2.4.8 Patch Management Techniques 233 10.2.4.9 Activity - Identify Device Management Activities 234 10.2.5 Information Security Management Systems 234 10.2.5.1 Security Management Systems 234 10.2.5.2 ISO-27001 234 10.2.5.3 NIST Cybersecurity Framework 234 10.2.5.4 Activity - Identify the ISO 27001 Activity Cycle 235 10.2.5.5 Activity - Identify the Stages in the NIST Cybersecurity Framework 235 10.3 Summary 235 Chapter 11 Security Monitoring 239 11.0 Introduction 239 11.1 Technologies and Protocols 239 11.1.1 Monitoring Common Protocols 239 11.1.1.1 Syslog and NTP 239 11.1.1.2 NTP 240 11.1.1.3 DNS 240 11.1.1.4 HTTP and HTTPS 241 11.1.1.5 Email Protocols 241 11.1.1.6 ICMP 242 11.1.1.7 Activity - Identify the Monitored Protocol 242 11.1.2 Security Technologies 242 11.1.2.1 ACLs 242 11.1.2.2 NAT and PAT 242 11.1.2.3 Encryption, Encapsulation, and Tunneling 243 11.1.2.4 Peer-to-Peer Networking and Tor 243 11.1.2.5 Load Balancing 244 11.1.2.6 Activity - Identify the Impact of the Technology on Security and Monitoring 244 11.2 Log Files 244 11.2.1 Types of Security Data 244 11.2.1.1 Alert Data 244 11.2.1.2 Session and Transaction Data 245 11.2.1.3 Full Packet Captures 245 11.2.1.4 Statistical Data 246 11.2.1.5 Activity - Identify Types of Network Monitoring Data 246 11.2.2 End Device Logs 246 11.2.2.1 Host Logs 246 11.2.2.2 Syslog 247 11.2.2.3 Server Logs 248 11.2.2.4 Apache Webserver Access Logs 248 11.2.2.5 IIS Access Logs 249 11.2.2.6 SIEM and Log Collection 249 11.2.2.7 Activity - Identify Information in Logged Events 250 11.2.3 Network Logs 250 11.2.3.1 Tcpdump 250 11.2.3.2 NetFlow 250 11.2.3.3 Application Visibility and Control 251 11.2.3.4 Content Filter Logs 251 11.2.3.5 Logging from Cisco Devices 252 11.2.3.6 Proxy Logs 252 11.2.3.7 NextGen IPS 253 11.2.3.8 Activity - Identify the Security Technology from the Data Description 254 11.2.3.9 Activity - Identify the NextGen IPS Event Type 254 11.2.3.10 Packet Tracer - Explore a NetFlow Implementation 254 11.2.3.11 Packet Tracer - Logging from Multiple Sources 254 11.3 Summary 254 Chapter 12 Intrusion Data Analysis 257 12.0 Introduction 257 12.1 Evaluating Alerts 257 12.1.1 Sources of Alerts 257 12.1.1.1 Security Onion 257 12.1.1.2 Detection Tools for Collecting Alert Data 257 12.1.1.3 Analysis Tools 258 12.1.1.4 Alert Generation 259 12.1.1.5 Rules and Alerts 260 12.1.1.6 Snort Rule Structure 260 12.1.1.7 Lab - Snort and Firewall Rules 261 12.1.2 Overview of Alert Evaluation 262 12.1.2.1 The Need for Alert Evaluation 262 12.1.2.2 Evaluating Alerts 262 12.1.2.3 Deterministic Analysis and Probabilistic Analysis 263 12.1.2.4 Activity - Identify Deterministic and Probabilistic Scenarios 264 12.1.2.5 Activity - Identify the Alert Classification 264 12.2 Working with Network Security Data 264 12.2.1 A Common Data Platform 264 12.2.1.1 ELSA 264 12.2.1.2 Data Reduction 264 12.2.1.3 Data Normalization 265 12.2.1.4 Data Archiving 265 12.2.1.5 Lab - Convert Data into a Universal Format 266 12.2.1.6 Investigating Process or API Calls 266 12.2.2 Investigating Network Data 266 12.2.2.1 Working in Sguil 266 12.2.2.2 Sguil Queries 267 12.2.2.3 Pivoting from Sguil 267 12.2.2.4 Event Handling in Sguil 268 12.2.2.5 Working in ELSA 268 12.2.2.6 Queries in ELSA 269 12.2.2.7 Investigating Process or API Calls 269 12.2.2.8 Investigating File Details 270 12.2.2.9 Lab - Regular Expression Tutorial 270 12.2.2.10 Lab - Extract an Executable from a PCAP 270 12.2.3 Enhancing the Work of the Cybersecurity Analyst 270 12.2.3.1 Dashboards and Visualizations 270 12.2.3.2 Workflow Management 271 12.3 Digital Forensics 271 12.3.1 Evidence Handling and Attack Attribution 271 12.3.1.1 Digital Forensics 271 12.3.1.2 The Digital Forensics Process 272 12.3.1.3 Types of Evidence 272 12.3.1.4 Evidence Collection Order 273 12.3.1.5 Chain of Custody 273 12.3.1.6 Data Integrity and Preservation 274 12.3.1.7 Attack Attribution 274 12.3.1.8 Activity - Identify the Type of Evidence 275 12.3.1.9 Activity - Identify the Forensic Technique Terminology 275 12.4 Summary 275 Chapter 13 Incident Response and Handling 277 13.0 Introduction 277 13.1 Incident Response Models 277 13.1.1 The Cyber Kill Chain 277 13.1.1.1 Steps of the Cyber Kill Chain 277 13.1.1.2 Reconnaissance 278 13.1.1.3 Weaponization 278 13.1.1.4 Delivery 278 13.1.1.5 Exploitation 279 13.1.1.6 Installation 279 13.1.1.7 Command and Control 279 13.1.1.8 Actions on Objectives 279 13.1.1.9 Activity - Identify the Kill Chain Step 279 13.1.2 The Diamond Model of Intrusion 280 13.1.2.1 Diamond Model Overview 280 13.1.2.2 Pivoting Across the Diamond Model 280 13.1.2.3 The Diamond Model and the Cyber Kill Chain 281 13.1.2.4 Activity - Identify the Diamond Model Features 282 13.1.3 The VERIS Schema 282 13.1.3.1 What is the VERIS Schema? 282 13.1.3.2 Create a VERIS Record 282 13.1.3.3 Top-Level and Second-Level Elements 283 13.1.3.4 The VERIS Community Database 285 13.1.3.5 Activity - Apply the VERIS Schema to an Incident 285 13.2 Incident Handling 285 13.2.1 CSIRTs 285 13.2.1.1 CSIRT Overview 285 13.2.1.2 Types of CSIRTs 286 13.2.1.3 CERT 286 13.2.1.4 Activity - Match the CSIRT with the CSIRT Goal 287 13.2.2 NIST 800-61r2 287 13.2.2.1 Establishing an Incident Response Capability 287 13.2.2.2 Incident Response Stakeholders 288 13.2.2.3 NIST Incident Response Life Cycle 288 13.2.2.4 Preparation 289 13.2.2.5 Detection and Analysis 290 13.2.2.6 Containment, Eradication, and Recovery 291 13.2.2.7 Post-Incident Activities 293 13.2.2.8 Incident Data Collection and Retention 294 13.2.2.9 Reporting Requirements and Information Sharing 295 13.2.2.10 Activity - Identify the Incident Response Plan Elements 296 13.2.2.11 Activity - Identify the Incident Handling Term 296 13.2.2.12 Activity - Identify the Incident Handling Step 296 13.2.2.13 Lab - Incident Handling 296 13.3 Summary 296 9781587134371 TOC 3/7/2018

Read more less

Book Synopsis

Read more less

Book SynopsisElectronic health records (EHRs) play an important role in optimizing the health care provided to active duty servicemembers and veterans. When a servicemember leaves military service by way of discharge, separation, or retirement he or she may become eligible for VA benefits and services including VA health care. Transitioning their health care information from one large health care system (Department of Defense; DOD) to the other (Department of Veterans Affairs; VA) involves coordination of data and information between DOD and VA. Longstanding concern that this exchange be effective has been expressed in many quarters, including Congress. The purpose of this book is to provide a background on the long-standing efforts in sharing health information between DOD and VA. The book also describes changes to the integrated electronic health record system and evaluates the departments'' current plans; and determines whether the departments are effectively collaborating on management of the program.

Read more less

Book SynopsisThis book is composed of thirteen chapters. Chapter 1 provides a short overview of the Air Transport System, from both the micro- and macro-level structure. It covers the descriptions and definitions of the main system elements: air carriers, airports and air navigation service providers, as well as personnel, equipment, procedures and the environment. Chapter 2 introduces the reader to the basic concepts in air transport risk and safety. This chapter covers the definitions of safety, hazards, risk, incidents and accidents. It further explains safety criteria, safety barriers, safety regulatory requirements, and finally it compares Safety I and Safety II concepts. Chapter 3 covers the field of Air Transport Safety Metrics and Records. Here safety metrics, accident statistics and safety records are explained and illustrated. Finally, a safety comparison of transport modes is made. Chapter 4 presents Sources of Accident/Incident Information. Explained here is how safety-related events (incidents and accidents) are investigated and what the phases of the investigation process are, as well as how safety information is collected. Chapter 5 describes the main safety issues in contemporary air transport. They are grouped into three sets: airport, air navigation service providers and air carriers'' safety issues.

Read more less

Book SynopsisText in Spanish.

Read more less

Book SynopsisAre you struggling to understand the data you need to support your business activities? Are you frustrated over data that do not answer your questions or provide the wrong answers to your questions? Are you worried that your organisation is not adequately supporting its citizens or customers? Are you concerned over civil or criminal liability for the quality and use of your data? If the answer to any of these questions is Yes, they you need to read "Data Resource Understanding" to help you and everyone in your organisation thoroughly understand the data they need to support the business activities. Most public and private sector organisations have no formal method for thoroughly understanding the data needed to support their business activities. They seldom have a method that begins with the organisation''s perception of the business world and continues through a formal Data Resource Development Cycle to produce a high quality, thoroughly understood data resource that fully supports the organisation''s current and future business information demand. Data Resource Data provided the complete detailed data resource model for understanding and managing data as a critical resource of the organisation. Data Resource Understanding is the companion book to Data Resource Data. It provides a detailed explanation of how to thoroughly understand an organisation''s data resource and to document that understanding with Data Resource Data. Together they provide an organisation with the foundation for properly managing their data as a critical resource. Like in "Data Resource Simplexity", Michael Brackett draws on over half a century of data management experience, in a wide variety of different public and private sector organisations, to understand and document an organisation''s data resource. He leverages theories, concepts, principles, and techniques from many different and varied disciplines, such as human dynamics, mathematics, physics, chemistry, philosophy, and biology, and applies them to the process of formally documenting an organisation''s data resource.

Read more less

Book SynopsisBuild a working knowledge of data modeling concepts and best practices, along with how to apply these principles with ER/Studio. This second edition includes numerous updates and new sections including an overview of ER/Studio''s support for agile development, as well as a description of some of ER/Studio''s newer features for NoSQL, such as MongoDB''s containment structure. You will build many ER/Studio data models along the way, applying best practices to master these ten objectives: 1. Know why a data model is needed and which ER/Studio models are the most appropriate for each situation. 2. Understand each component on the data model and how to represent and create them in ER/Studio. 3. Know how to leverage ER/Studio''s latest features including those assisting agile teams and forward and reverse engineering of NoSQL databases. 4. Know how to apply all the foundational features of ER/Studio. 5. Be able to build relational and dimensional conceptual, logical, and physical data models in ER/Studio. 6. Be able to apply techniques such as indexing, transforms, and forward engineering to turn a logical data model into an efficient physical design. 7. Improve data model quality and impact analysis results by leveraging ER/Studio''s lineage functionality and compare/merge utility. 8. Be able to apply ER/Studio''s data dictionary features 9. Learn ways of sharing the data model through reporting and through exporting the model in a variety of formats. 10.Leverage ER/Studio''s naming functionality to improve naming consistency, including the new Automatic Naming Translation feature. This book contains four sections: Section I introduces data modeling and the ER/Studio landscape. Learn why data modeling is so critical to software development and even more importantly, why data modeling is so critical to understanding the business. You will learn about the newest features in ER/Studio (including features on big data and agile), and the ER/Studio environment. By the end of this section, you will have created and saved your first data model in ER/Studio and be ready to start modeling in Section II! Section II explains all of the symbols and text on a data model, including entities, attributes, relationships, domains, and keys. By the time you finish this section, you will be able to read'' a data model of any size or complexity, and create a complete data model in ER/Studio. Section III explores the three different levels of models: conceptual, logical, and physical. A conceptual data model (CDM) represents a business need within a defined scope. The logical data model (LDM) represents a detailed business solution, capturing the business requirements without complicating the model with implementation concerns such as software and hardware. The physical data model (PDM) represents a detailed technical solution. The PDM is the logical data model compromised often to improve performance or usability. The PDM makes up for deficiencies in our technology. By the end of this section you will be able to create conceptual, logical, and physical data models in ER/Studio. Section IV discusses additional features of ER/Studio. These features include data dictionary, data lineage, automating tasks, repository and portal, exporting and reporting, naming standards, and compare and merge functionality.

Read more less

Book Synopsis

Read more less

Book SynopsisA glossary of over 2,000 terms which provides a common data management vocabulary for IT and Business professionals, and is a companion to the DAMA Data Management Body of Knowledge (DAMA-DMBOK). Topics include: Analytics & Data Mining; Architecture; Artificial Intelligence; Business Analysis; DAMA & Professional Development; Databases & Database Design; Database Administration; Data Governance & Stewardship; Data Management; Data Modeling; Data Movement & Integration; Data Quality Management; Data Security Management; Data Warehousing & Business Intelligence; Document, Record & Content Management; Finance & Accounting; Geospatial Data; Knowledge Management; Marketing & Customer Relationship Management; Meta-Data Management; Multi-dimensional & OLAP; Normalization; Object-Orientation; Parallel Database Processing; Planning; Process Management; Project Management; Reference & Master Data Management; Semantic Modeling; Software Development; Standards Organizations; Structured Query Language (SQL); XML Development.

Read more less

Book SynopsisText in Portuguese. Written by over 120 data management practitioners, the ''DAMA Guide to the Data Management Body of Knowledge'' (DAMA-DMBOK) is the most impressive compilation of data management principals and best practices, ever assembled. It provides data management and IT professionals, executives, knowledge workers, educators, and researchers with a framework to manage their data and mature their information infrastructure.

Read more less

Book SynopsisDo you enjoy completing puzzles? Perhaps one of the most challenging (yet rewarding) puzzles is delivering a successful data warehouse suitable for data mining and analytics. The Analytical Puzzle describes an unbiased, practical, and comprehensive approach to building a data warehouse which will lead to an increased level of business intelligence within your organisation. New technologies continuously impact this approach and therefore this book explains how to leverage big data, cloud computing, data warehouse appliances, data mining, predictive analytics, data visualisation and mobile devices. This book describes an unbiased, practical, and comprehensive approach to building a data warehouse which will lead to an increased level of business intelligence within your organisation. New technologies continuously impact this approach and therefore this book explains how to leverage big data, cloud computing, data warehouse appliances, data mining, predictive analytics, data visualisation and mobile devices.

Read more less

Book Synopsis

Read more less

Book Synopsis

Read more less

Book Synopsis

Read more less

Book SynopsisSalient features: Ideal for undergraduate courses on Data Science and Analytics; Provides step-by-step instructions for setting up the Python environment and executing various libraries and packages;

Read more less

Book SynopsisBig Data Analytics is intended for use as a textbook for third- and fourth-year students of B.E., B.Tech., B.Sc., BCA, MCA, and M.Tech. courses in IT, Software, and Computer Science Engineering. The book has been written to help students who enter the software industry to gain a broad understanding of Big Data and the nuances of handling it to extract useful information. Spread across 21 chapters, it elucidates the concept of Big Data and walks the reader through popular frameworks such as Hadoop, MongoDB, Pig and Hive that are used for processing Big Data.

Read more less

Book SynopsisWritten for those with Acrobat experience, and seeking to take advantage of the feature enhancements of either the Standard or Professional version of Acrobat 6.0. This work teaches the techniques for creating professional PDFs for print, the web, or CD. The author produces the Adobe-supported PDF Conference.Table of ContentsPart I: PDF Standards for Everyone 1 What's New in the Acrobat and PDF Universe 2 Why Quality Matters 3 Creating the Best PDF for the Job 4 Making Onscreen PDFs 5 Making a PDF Everyone Can Read Part II: In Business with Acrobat 6 Putting Acrobat to Work 7 Working Together: Acrobat Collaboration 8 PDF from Corel WordPerfect 9 Working with Acrobat Security and Digital Signatures 10 The Wide World of Acrobat 11 Moving Beyond One-Document-at-a-Time Creation 12 PDF Forms 13 Introduction to Adobe Acrobat JavaScript 14 A Short Course for System Administrators Part III: Acrobat for Creative Professionals 15 Adobe Products 16 Corel Applications 17 PDF from QuarkXPress 18 Preflighting and Color Printing

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less

a huge range and FREE tracked UK delivery on ALL orders.

Read more less