Mark Stamp Information Security. Principles and Practice

Mark Stamp Information Security. Principles and Practice

Now updated—your expert guide to twenty-first century information security Information security is a rapidly evolving field. As businesses and consumers become increasingly dependent on complex multinational information systems, it is more imperative than ever to protect the confidentiality and integrity of data. Featuring a wide array of new information on the most current security issues, this fully updated and revised edition of Information Security: Principles and Practice provides the skills and knowledge readers need to tackle any information security challenge. Taking a practical approach to information security by focusing on real-world examples, this book is organized around four major themes: Cryptography: classic cryptosystems, symmetric key cryptography, public key cryptography, hash functions, random numbers, information hiding, and cryptanalysis Access control: authentication and authorization, password-based security, ACLs and capabilities, multilevel security and compartments, covert channels and inference control, security models such as BLP and Biba's model, firewalls, and intrusion detection systems Protocols: simple authentication protocols, session keys, perfect forward secrecy, timestamps, SSH, SSL, IPSec, Kerberos, WEP, and GSM Software: flaws and malware, buffer overflows, viruses and worms, malware detection, software reverse engineering, digital rights management, secure software development, and operating systems security This Second Edition features new discussions of relevant security topics such as the SSH and WEP protocols, practical RSA timing attacks, botnets, and security certification. New background material has been added, including a section on the Enigma cipher and coverage of the classic «orange book» view of security. Also featured are a greatly expanded and upgraded set of homework problems and many new figures, tables, and graphs to illustrate and clarify complex topics and problems. A comprehensive solutions manual is available to assist in course development. Minimizing theory while providing clear, accessible content, Information Security remains the premier text for students and instructors in information technology, computer science, and engineering, as well as for professionals working in these fields.

Купить за 8358.38 руб. Найти похожий товар
Wil Allsopp Advanced Penetration Testing. Hacking the World's Most Secure Networks

Wil Allsopp Advanced Penetration Testing. Hacking the World's Most Secure Networks

Build a better defense against motivated, organized, professional attacks Advanced Penetration Testing: Hacking the World's Most Secure Networks takes hacking far beyond Kali linux and Metasploit to provide a more complex attack simulation. Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data—even from organizations without a direct Internet connection—this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures. Typical penetration testing consists of low-level hackers attacking a system with a list of known vulnerabilities, and defenders preventing those hacks using an equally well-known list of defensive scans. The professional hackers and nation states on the forefront of today's threats operate at a much more complex level—and this book shows you how to defend your high security network. Use targeted social engineering pretexts to create the initial compromise Leave a command and control structure in place for long-term access Escalate privilege and breach networks, operating systems, and trust structures Infiltrate further using harvested credentials while expanding control Today's threats are organized, professionally-run, and very much for-profit. Financial institutions, health care organizations, law enforcement, government agencies, and other high-value targets need to harden their IT infrastructure and human capital against targeted advanced attacks from motivated professionals. Advanced Penetration Testing goes beyond Kali linux and Metasploit and to provide you advanced pen testing for high security networks.

Купить за 3290.7 руб. Найти похожий товар
Darril Gibson CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide

Darril Gibson CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide

CISSP Study Guide – fully updated for the 2015 CISSP Body of Knowledge CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition has been completely updated for the latest 2015 CISSP Body of Knowledge. This bestselling Sybex study guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions. Along with the book, you also get access to Sybex's superior online interactive learning environment that includes: Four unique 250 question practice exams to help you identify where you need to study more. Get more than 90 percent of the answers correct, and you're ready to take the certification exam. More than 650 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam Coverage of all of the exam topics in the book means you'll be ready for: Security and Risk Management Asset Security Security Engineering Communication and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security

Купить за 4606.98 руб. Найти похожий товар
George Murphy SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

George Murphy SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

Fully updated Study Guide for the SSCP This guide prepares you for the SSCP, Systems Security Certified Practitioner certification examination by focusing on the Common Body of Knowledge (CBK) as determined by ISC2 in seven high level topics. This Sybex Study Guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world practice, access to the Sybex online interactive learning environment and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions. Along with the book you also get access to Sybex's superior online interactive learning environment that includes: 125 question practice exam to help you identify where you need to study more. Get more than 90 percent of the answers correct, you're ready to take the certification exam. More than 100 Electronic Flashcards to reinforce your learning and give you last minute test prep before the exam A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam Appendix of charts, tables, typical applications, and programs Coverage of all of the exam topics in the book means you'll be ready for: Access Controls Security Operations and Administration Risk Identification, Monitoring and Analysis Incident Response and Recovery Cryptography Network and Communications Security Systems and Application Security

Купить за 3948.84 руб. Найти похожий товар
John Voeller G. Cyber Security

John Voeller G. Cyber Security

Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

Купить за 1639.81 руб. Найти похожий товар
Emmett Dulaney CompTIA Security+ Study Guide. SY0-401

Emmett Dulaney CompTIA Security+ Study Guide. SY0-401

Join over 250,000 IT professionals who've earned Security+ certification If you're an IT professional hoping to progress in your career, then you know that the CompTIA Security+ exam is one of the most valuable certifications available. Since its introduction in 2002, over a quarter million professionals have achieved Security+ certification, itself a springboard to prestigious certifications like the CASP, CISSP, and CISA. The CompTIA Security+ Study Guide: SY0-401 covers 100% of the Security+ exam objectives, with clear and concise information on crucial security topics. You'll find everything you need to prepare for the 2014 version of the Security+ certification exam, including insight from industry experts on a wide range of IT security topics. Readers also get access to a robust set of learning tools, featuring electronic flashcards, assessment tests, robust practice test environment, with hundreds of practice questions, and electronic flashcards. CompTIA authorized and endorsed Includes updates covering the latest changes to the exam, including better preparation for real-world applications Covers key topics like network security, compliance and operational security, threats and vulnerabilities, access control and identity management, and cryptography Employs practical examples and insights to provide real-world context from two leading certification experts Provides the necessary tools to take that first important step toward advanced security certs like CASP, CISSP, and CISA, in addition to satisfying the DoD's 8570 directive If you're serious about jump-starting your security career, you need the kind of thorough preparation included in the CompTIA Security+ Study Guide: SY0-401.

Купить за 3290.04 руб. Найти похожий товар
James M. Stewart CompTIA Security+ Review Guide. Exam SY0-401

James M. Stewart CompTIA Security+ Review Guide. Exam SY0-401

Focused review for the CompTIA Security+ certification exam The CompTIA Security+ certification offers tremendous opportunities for IT professionals. For those who want to take their careers to the next level, CompTIA Security+ Review Guide: Exam SY0-401 is here to serve as a great resource for certification preparation. This concise, focused guide is easy to use and is organized by each exam objective for quick review and reinforcement of key topics. You'll find information on network security, compliance and operational security, and threats and vulnerabilities. Additionally, this indispensable resource delves into application, data, and host security, access control and identity management, and cryptography. Whether you're looking to achieve Security+ certification or simply get up to speed on key IT security concepts, this review guide brings together lessons on the most essential topics. In addition to the content in the book, you'll have access to more than 100 practice exam questions, electronic flashcards, and a searchable glossary of key terms. Serves as an essential review guide for Security+ certification exam Split into six sections that cover the most essential topics for professionals interested in Security+ certification and other certifications Features additional resources featured on companion website, including practice exam questions, electronic flashcards, and a glossary of key terms More than 250,000 IT professionals have earned their Security+ certification since it was founded. Join the thousands who are excelling in their IT careers and get a head start on reviewing for one of the field's most sought after certifications.

Купить за 1971.06 руб. Найти похожий товар
Rudis Bob Data-Driven Security. Analysis, Visualization and Dashboards

Rudis Bob Data-Driven Security. Analysis, Visualization and Dashboards

Uncover hidden patterns of data and respond with countermeasures Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful ? data analysis and visualization. You'll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions. Everything in this book will have practical application for information security professionals. Helps IT and security professionals understand and use data, so they can thwart attacks and understand and visualize vulnerabilities in their networks Includes more than a dozen real-world examples and hands-on exercises that demonstrate how to analyze security data and intelligence and translate that information into visualizations that make plain how to prevent attacks Covers topics such as how to acquire and prepare security data, use simple statistical methods to detect malware, predict rogue behavior, correlate security events, and more Written by a team of well-known experts in the field of security and data analysis Lock down your networks, prevent hacks, and thwart malware by improving visibility into the environment, all through the power of data and Security Using Data Analysis, Visualization, and Dashboards.

Купить за 3290.7 руб. Найти похожий товар
Wil Allsopp Unauthorised Access. Physical Penetration Testing For IT Security Teams

Wil Allsopp Unauthorised Access. Physical Penetration Testing For IT Security Teams

The first guide to planning and performing a physical penetration test on your computer's security Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside-but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration tests, but there is little available in terms of training. The goal of the test is to demonstrate any deficiencies in operating procedures concerning physical security. Featuring a Foreword written by world-renowned hacker Kevin D. Mitnick and lead author of The Art of Intrusion and The Art of Deception, this book is the first guide to planning and performing a physical penetration test. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data. Teaches IT security teams how to break into their own facility in order to defend against such attacks, which is often overlooked by IT security teams but is of critical importance Deals with intelligence gathering, such as getting access building blueprints and satellite imagery, hacking security cameras, planting bugs, and eavesdropping on security channels Includes safeguards for consultants paid to probe facilities unbeknown to staff Covers preparing the report and presenting it to management In order to defend data, you need to think like a thief-let Unauthorised Access show you how to get inside.

Купить за 2961.63 руб. Найти похожий товар
1 2 3 4 5 6 7