Your cart is empty
The ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing. This new edition provides complete guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples. All CISA terminology has been revised to reflect the most recent interpretations, including 73 definition and nomenclature changes. Each chapter summary highlights the most important topics on which you'll be tested, and review questions help you gauge your understanding of the material. You also get access to electronic flashcards, practice exams, and the Sybex test engine for comprehensively thorough preparation. For those who audit, control, monitor, and assess enterprise IT and business systems, the CISA certification signals knowledge, skills, experience, and credibility that delivers value to a business. This study guide gives you the advantage of detailed explanations from a real-world perspective, so you can go into the exam fully prepared. * Discover how much you already know by beginning with an assessment test * Understand all content, knowledge, and tasks covered by the CISA exam * Get more in-depths explanation and demonstrations with an all-new training video * Test your knowledge with the electronic test engine, flashcards, review questions, and more The CISA certification has been a globally accepted standard of achievement among information systems audit, control, and security professionals since 1978. If you're looking to acquire one of the top IS security credentials, CISA is the comprehensive study guide you need.
*THE INSTANT NEW YORK TIMES BESTSELLER AND WORLD ECONOMIC FORUM BOOK
GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES provides a thorough guide to perimeter defense fundamentals, including intrusion detection and firewalls. This trusted text also covers more advanced topics such as security policies, network address translation (NAT), packet filtering and analysis, proxy servers, virtual private networks (VPN), and network traffic signatures. Thoroughly updated, the new third edition reflects the latest technology, trends, and techniques including virtualization, VMware, IPv6, and ICMPv6 structure, making it easier for current and aspiring professionals to stay on the cutting edge and one step ahead of potential security threats. A clear writing style and numerous screenshots and illustrations make even complex technical material easier to understand, while tips, activities, and projects throughout the text allow you to hone your skills by applying what you learn. Perfect for students and professionals alike in this high-demand, fast-growing field, GUIDE TO NETWORK DEFENSE AND COUNTERMEASURES, Third Edition, is a must-have resource for success as a network security professional.
For undergraduate and graduate courses in Business Data Communication / Networking (MIS) Clear writing style, job-ready detail, and focus on the technologies used in today's marketplace Business Data Networks and Security guides readers through the details of networking, while helping them train for the workplace. It starts with the basics of security and network design and management; goes beyond the basic topology and switch operation covering topics like VLANs, link aggregation, switch purchasing considerations, and more; and covers the latest in networking techniques, wireless networking, with an emphasis on security. With this text as a guide, readers learn the basic, introductory topics as a firm foundation; get sound training for the marketplace; see the latest advances in wireless networking; and learn the importance and ins and outs of security. Teaching and Learning Experience This textbook will provide a better teaching and learning experience-for you and your students. Here's how: *The basic, introductory topics provide a firm foundation. *Job-level content prepares students with the skills demanded by today's employers. *The latest in networking techniques and wireless networking, including a focus on security, keeps students up to date and aware of what's going on in the field. *The flow of the text guides students through the material. MyMISLab not included. Students, if MyMISLab is a recommended/mandatory component of the course, please ask your instructor for the correct ISBN and course ID. MyMISLab is not a self-paced technology and should only be purchased when required by an instructor. Instructors, contact your Pearson representative for more information. MyMISLab is an online homework, tutorial, and assessment product designed to personalize learning and improve results. With a wide range of interactive, engaging, and assignable activities, students are encouraged to actively learn and retain tough course concepts.
For introductory courses in IT Security. A strong business focus through a solid technical presentation of security tools. Corporate Computer Security provides a strong business focus along with a solid technical understanding of security tools. This text gives students the IT security skills they need for the workplace. This edition is more business focused and contains additional hands-on projects, coverage of wireless and data security, and case studies. This program will provide a better teaching and learning experience-for you and your students. Here's how: *Encourage Student's to Apply Concepts: Each chapter now contains new hands-on projects that use contemporary software. *Business Environment Focus: This edition includes more of a focus on the business applications of the concepts. Emphasis has been placed on securing corporate information systems, rather than just hosts in general. *Keep Your Course Current and Relevant: New examples, exercises, and research findings appear throughout the text.
Resources designed to support learners of the 2010 BTEC Level 3 National IT specification*. Extensive unit coverage: Student Book 1 covers 14 units including all the mandatory units, giving learners the breadth to tailor the course to their needs and interests, when combined with Student Book 2. Functional Skills and Personal Learning and Thinking Skills are embedded in activities throughout the book. WorkSpace case studies take learners into the real world of work, showing them how they can apply their knowledge in a real-life context.
The transfer of information over the world wide web depends critically on secure communications. The need to protect the material we send and receive from cyberspace, from the largest of business transactions to the simplest of personal web-pages, is crucial in ensuring we can continue to use this incredible resource safely. Cryptology provides the most reliable tools for storing or transmitting digital information and is the gold standard for attaining the levels of security our online interactions demand. Taking a step-by-step approach, P. K. Yuen demonstrates how to master web-based security skills including: protecting websites from hackers and viruses; encrypting email; building a secure web-database; performing secure business transactions over the web. Working from a problem-solving perspective, he shows how to implement security solutions and looks from the attacker's point of view at possible challenges to that security. In short, Practical Cryptology and Web Security offers a practical and comprehensive guide to all aspects of web security. This book features over 120 worked examples, many from industry, demonstrate the key considerations in implementing web security. AES, this book examines the latest web technologies in terms of security, including XML Signatures and XML Digital Contracts. PK Yuen is a well known expert on Communications, Internet and the World Wide Web. He has over 13 years' experience working on web technologies including large scale application developments, engineer training and project leadership and working on the security system of the Shanghai Pu Dong airport, China. He also co-authored Practical Web Technologies, published by Addison-Wesley in 2003.
The cyber domain is undergoing extraordinary changes that present both exceptional opportunities to and major challenges for users of cyberspace. The challenges arise from the malevolent actors who use cyberspace and the many security vulnerabilities that plague this sphere. Exploiting opportunities and overcoming challenges will require a balanced body of knowledge on the cyber domain. "Cyberpower and National Security" assembles a group of experts and discusses pertinent issues in five areas.The first section provides a broad foundation and overview of the subject by identifying key policy issues, establishing a common vocabulary, and proposing an initial version of a theory of cyberpower. The second section identifies and explores possible changes in cyberspace over the next fifteen years by assessing cyber infrastructure and security challenges. The third section analyzes the potential impact of changes in cyberspace on the military and informational levers of power. The fourth section addresses the extent to which changes in cyberspace serve to empower key entities such as transnational criminals, terrorists, and nation-states. The final section examines key institutional factors, which include issues concerning governance, legal dimensions, critical infrastructure protection, and organization."Cyberpower and National Security" frames the key issues concerned and identifies the important questions involved in building the human capacity to address cyber issues, balancing civil liberties with national security considerations, and developing the international partnerships needed to address cyber challenges. With more than two dozen contributors, "Cyberpower and National Security" covers it all.
In a world of accelerating unending change, perpetual surveillance, and increasing connectivity, conflict has become ever more complex. Wars are no longer limited to the traditional military conflict domains-land, sea, air; even space and cyber space. The new battlefield will be the cognitive domain and the new conflict a larger contest for power; a contest for cognitive superiority. Written by experts in military operations research and neuropsychology, this book introduces the concept of cognitive superiority and provides the keys to succeeding within a complex matrix where the only rules are the laws of physics, access to information, and the boundaries of cognition. The book describes the adversarial environment and how it interacts with the ongoing, accelerating change that we are experiencing, irrespective of adversaries. It talks about the ascendant power of information access, pervasive surveillance, personalized persuasion, and emerging new forms of cognition. It profiles salient technologies and science, including persuasion science, artificial intelligence and machine learning (AI/ML), surveillance technologies, complex adaptive systems, network science, directed human modification, and biosecurity. Readers will learn about human and machine cognition, what makes it tick, and why and how we and our technologies are vulnerable. Following in the tradition of Sun-Tsu and von Clausewitz, this book writes a new chapter in the study of warfare and strategy. It is written for those who lead, aspire to leadership, and those who teach or persuade, especially in the fields of political science, military science, computer science, and business.
The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side. * Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition * Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more * Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws. Also available as a set with, CEHv8: Certified Hacker Version 8 Study Guide, Ethical Hacking and Web Hacking Set, 9781119072171.
Using a well-conceived incident response plan in the aftermath of an online security breach enables your team to identify attackers and learn how they operate. But, only when you approach incident response with a cyber threat intelligence mindset will you truly understand the value of that information. With this practical guide, you'll learn the fundamentals of intelligence analysis, as well as the best ways to incorporate these techniques into your incident response process. Each method reinforces the other: threat intelligence supports and augments incident response, while incident response generates useful threat intelligence. This book helps incident managers, malware analysts, reverse engineers, digital forensics specialists, and intelligence analysts understand, implement, and benefit from this relationship. In three parts, this in-depth book includes: The fundamentals: get an introduction to cyber threat intelligence, the intelligence process, the incident-response process, and how they all work together Practical application: walk through the intelligence-driven incident response (IDIR) process using the F3EAD process-Find, Fix Finish, Exploit, Analyze, and Disseminate The way forward: explore big-picture aspects of IDIR that go beyond individual incident-response investigations, including intelligence team building
This well-balanced text touches on theoretical and applied aspects of protecting digital data. The reader is provided with the basic theory and is then shown deeper fascinating detail, including the current state of the art. Readers will soon become familiar with methods of protecting digital data while it is transmitted, as well as while the data is being stored. Both basic and advanced error-correcting codes are introduced together with numerous results on their parameters and properties. The authors explain how to apply these codes to symmetric and public key cryptosystems and secret sharing. Interesting approaches based on polynomial systems solving are applied to cryptography and decoding codes. Computer algebra systems are also used to provide an understanding of how objects introduced in the book are constructed, and how their properties can be examined. This book is designed for Masters-level students studying mathematics, computer science, electrical engineering or physics.
Written by leading researchers, this complete introduction brings together all the theory and tools needed for building robust machine learning in adversarial environments. Discover how machine learning systems can adapt when an adversary actively poisons data to manipulate statistical inference, learn the latest practical techniques for investigating system security and performing robust data analysis, and gain insight into new approaches for designing effective countermeasures against the latest wave of cyber-attacks. Privacy-preserving mechanisms and the near-optimal evasion of classifiers are discussed in detail, and in-depth case studies on email spam and network security highlight successful attacks on traditional machine learning algorithms. Providing a thorough overview of the current state of the art in the field, and possible future directions, this groundbreaking work is essential reading for researchers, practitioners and students in computer security and machine learning, and those wanting to learn about the next stage of the cybersecurity arms race.
Harden the human firewall against the most current threats Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker's repertoire--why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly-used techniques that fool even the most robust security personnel, and shows you how these techniques have been used in the past. The way that we make decisions as humans affects everything from our emotions to our security. Hackers, since the beginning of time, have figured out ways to exploit that decision making process and get you to take an action not in your best interest. This new Second Edition has been updated with the most current methods used by sharing stories, examples, and scientific study behind how those decisions are exploited. Networks and systems can be hacked, but they can also be protected; when the "system" in question is a human being, there is no software to fall back on, no hardware upgrade, no code that can lock information down indefinitely. Human nature and emotion is the secret weapon of the malicious social engineering, and this book shows you how to recognize, predict, and prevent this type of manipulation by taking you inside the social engineer's bag of tricks. Examine the most common social engineering tricks used to gain access Discover which popular techniques generally don't work in the real world Examine how our understanding of the science behind emotions and decisions can be used by social engineers Learn how social engineering factors into some of the biggest recent headlines Learn how to use these skills as a professional social engineer and secure your company Adopt effective counter-measures to keep hackers at bay By working from the social engineer's playbook, you gain the advantage of foresight that can help you protect yourself and others from even their best efforts. Social Engineering gives you the inside information you need to mount an unshakeable defense.
Learn how to attack and defend the world s most popular web server platform Linux Server Security: Hack and Defend presents a detailed guide for experienced admins, aspiring hackers and other IT professionals seeking a more advanced understanding of Linux security. Written by a 20-year veteran of Linux server deployment this book provides the insight of experience along with highly practical instruction. The topics range from the theory of past, current, and future attacks, to the mitigation of a variety of online attacks, all the way to empowering you to perform numerous malicious attacks yourself (in the hope that you will learn how to defend against them). By increasing your understanding of a hacker s tools and mindset you're less likely to be confronted by the all-too-common reality faced by many admins these days: someone else has control of your systems. * Master hacking tools and launch sophisticated attacks: perform SQL injections, deploy multiple server exploits and crack complex passwords. * Defend systems and networks: make your servers invisible, be confident of your security with penetration testing and repel unwelcome attackers. * Increase your background knowledge of attacks on systems and networks and improve all-important practical skills required to secure any Linux server. The techniques presented apply to almost all Linux distributions including the many Debian and Red Hat derivatives and some other Unix-type systems. Further your career with this intriguing, deeply insightful, must-have technical book. Diverse, broadly-applicable and hands-on practical, Linux Server Security: Hack and Defend is an essential resource which will sit proudly on any techie's bookshelf.
Though often invisible, cryptography plays a critical role in our everyday lives. Broadly defined as a set of tools for establishing security in cyberspace, cryptography enables us to protect our information and share it securely. It underpins the security of mobile phone calls, card payments, web connections, internet messaging, Bitcoin transactions-in short, everything we do online. Clearly and concisely, Keith Martin reveals the many crucial ways we all rely on cryptographic technology and demystifies its controversial applications and the nuances behind alarming headlines about data breaches or Edward Snowden. Essential reading for anyone with a password, Cryptography offers a profound perspective on personal security, online and off.
Gain a solid understanding of how information theoretic approaches can inform the design of more secure information systems and networks with this authoritative text. With a particular focus on theoretical models and analytical results, leading researchers show how techniques derived from the principles of source and channel coding can provide new ways of addressing issues of data security, embedded security, privacy, and authentication in modern information systems. A wide range of wireless and cyber-physical systems is considered, including 5G cellular networks, the Tactile Internet, biometric identification systems, online data repositories, and smart electricity grids. This is an invaluable guide for both researchers and graduate students working in communications engineering, and industry practitioners and regulators interested in improving security in the next generation of information systems.
Incorporate offense and defense for a more effective network security strategy Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals. Assaults and manipulation of computer networks are rampant around the world. One of the biggest challenges is fitting the ever-increasing amount of information into a whole plan or framework to develop the right strategies to thwart these attacks. This book clears the confusion by outlining the approaches that work, the tools that work, and resources needed to apply them. * Understand the fundamental concepts of computer network exploitation * Learn the nature and tools of systematic attacks * Examine offensive strategy and how attackers will seek to maintain their advantage * Understand defensive strategy, and how current approaches fail to change the strategic balance Governments, criminals, companies, and individuals are all operating in a world without boundaries, where the laws, customs, and norms previously established over centuries are only beginning to take shape. Meanwhile computer espionage continues to grow in both frequency and impact. This book will help you mount a robust offense or a strategically sound defense against attacks and exploitation. For a clear roadmap to better network security, Network Attacks and Exploitation is your complete and practical guide.
This value-packed packed set for the serious CISSP certification candidate combines the bestselling (ISC)(2) CISSP Certified Information Systems Security Professional Official Study Guide, 8th Edition with an all new collection of Practice Exams to give you the best preparation ever for the high-stakes CISSP Exam. (ISC)(2) CISSP Study Guide, 8th Edition has been completely updated for the latest 2018 CISSP Body of Knowledge. This bestselling Sybex study guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions. Along with the book, you also get access to Sybex's superior online interactive learning environment that includes four unique 250 question practice exams to help you identify where you need to study more, more than 650 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam, a searchable glossary in PDF to give you instant access to the key terms you need to know for the exam. Add to that the all-new (ISC)(2) CISSP Certified Information Systems Security Professional Official Practice Tests, 2nd edition with 2 more complete 250-question exams and another 100 questions for each of the 8 domains and you'll be as ready as you can be for the CISSP exam. Coverage of all of the exam topics in each book means you'll be ready for: Security and Risk Management Asset Security Security Engineering Communication and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security
You may like...
CompTIA Security+ Get Certified Get…
Darril Gibson Paperback R803 Discovery Miles 8 030
RTFM - Red Team Field Manual
Ben Clark Paperback R197 Discovery Miles 1 970
70 Tips and Tricks for Mastering the…
R. Sarma Danturthi Paperback
Password Logbook - Keep your usernames…
Dorothy J Hall Paperback R123 Discovery Miles 1 230
Paul Day Hardcover
Introduction to Computer Security…
Michael Goodrich, Roberto Tamassia Paperback R1,499 Discovery Miles 14 990
CompTIA CySA+ Practice Tests - Exam…
Mike Chapple, David Seidl Paperback
#deleted - Big Tech's Battle to Erase…
Allum Bokhari CD
SAP HANA 2.0 Security Guide
Jonathan Haun Hardcover
Charles J. Brooks, Christopher Grow, … Paperback