Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.
Collapse
Featured CategoriesCollapse
Information Technology & Software Development
Security
1. |  The Green Agenda: A Business Guide By: Alan Calder Publisher: IT Governance Ltd Publication Date: 05-MAR-2009 Insert Date: 13-JUN-2013 Slots: 1.0 | Overview: The Green Agenda: A Business Guide
Reap the rewards of a Green IT Strategy with this essential guide
Climate change can be an emotive issue. This book takes a cool look at the subject and shows you what makes it relevant to your business. A big part of the answer is energy. Computers consume a lot of energy, and energy costs money. The cost of powering and cooling data servers over three years is currently 1.5 times the cost of purchasing the server hardware. Over the next two decades, global demand for energy is predicted to rise by 50%, which means that your long-term energy costs are also likely to increase....
|
2. |  IT Induction and Information Security Awareness By: Valerie Maddock Publisher: IT Governance Ltd Publication Date: 09-FEB-2010 Insert Date: 13-JUN-2013 Slots: 1.0 | Overview: IT Induction and Information Security Awareness
The only guide on the market to cover IT Induction and Information Security Awareness!
Where your information security is concerned, prevention is better than cure.
If you want to tackle the problem of information security, you cannot rely on the help of technology alone. Information security breaches tend to occur as a result of human, as well as technological, failings. However, the human factor usually receives far less attention.
Training
Computer systems are complex, so people who work with them often need to be trained in how to use...
|
3. |  ISO27001 Assessments Without Tears By: Steve G. Watkins Publisher: IT Governance Ltd Publication Date: 07-MAR-2007 Insert Date: 13-JUN-2013 Slots: 1.0 | Overview: ISO27001 Assessments Without Tears
The audit process can be a daunting one as an auditor can direct questions at any employee within your organisation. Written in a clear plain style, this pocket guide offers a tried and tested briefing, and should be issued to staff in advance of the audit to help them prepare for the experience and be well equipped to answer questions when asked.
This pocket book explains what an ISO 27001 assessment is, why organisations bother with them, and what individual staff should do and, perhaps as importantly, not do if an auditor chooses to question them.
The book covers:
What an...
|
4. |  The Definitive Guide to the C&A Transformation Process By: Dr. Julie Mehan; Waylon Krush Publisher: IT Governance Ltd Publication Date: 06-OCT-2009 Insert Date: 11-JUN-2013 Slots: 1.0 | Overview: The Definitive Guide to the C&A Transformation Process
Learn more about establishing and maintaining a secure information environment...
War is always a product of its age; and information systems are one of the primary drivers of war in the age of information. The tools and tactics used to fight the information war have evolved with advances in technology. So, it is no wonder that the tools and tactics needed to defend critical information systems must also evolve.
Certification and Accreditation Process
One of the tools in the defense toolkit is the process known as Certification and Accreditation (C&A). C&A stretches across the...
|
5. |  Information Security Risk Management for ISO27001/ISO27002 By: Alan Calder; Steve Watkins Publisher: IT Governance Ltd Publication Date: 27-APR-2010 Insert Date: 11-JUN-2013 Slots: 1.0 | Overview: Information Security Risk Management for ISO27001/ISO27002
Plan and carry out a risk assessment to protect your business information.
In the knowledge economy, organisations have to be able to protect their information assets. Information security management has, therefore, become a critical corporate discipline. The international code of practice for an information security management system (ISMS) is ISO27002.
As the code of practice explains, information security management enables organisations to 'ensure business continuity, minimise business risk, and maximise return on investments and business opportunities'.
Information...
|
6. |  By: Paul Kearney Publisher: IT Governance Ltd Publication Date: 16-DEC-2010 Insert Date: 11-JUN-2013 Slots: 1.0 | Overview: Security: The Human Factor
"Deploy information security across the business
Knowing about information security is not enough. You also have to deploy it across the business - which means convincing management of its importance. Learn how with this essential guide!
Information technology plays a fundamental role in the operations of any modern business. While the confidentiality and integrity of your organisation's information have to be protected, a business still needs to have this information readily available in order to be able to function from day to day. If you are an information security practitioner, you...
|
7. |  ISO27001 / ISO27002 A Pocket Guide By: Alan Calder Publisher: IT Governance Ltd Publication Date: 30-OCT-2008 Insert Date: 11-JUN-2013 Slots: 1.0 | Overview: ISO27001 / ISO27002 A Pocket Guide
"
Use ISO27001 to protect your organisation's information assets
This helpful, handy ISO27001/ISO27002 pocket guide gives a useful overview of these two important information security standards.
Read this pocket guide to learn about:
The ISO/IEC 27000
Family of Information Security Standards
Background to the Standards Certification process
The ISMS and ISO27001
Overview of ISO/IEC 27001:2005
Specification vs Code of Practice
Documentation Records
Management Responsibility
Policy Scope
Risk...
|
8. |  Managing Information Security Breaches: Studies from Real Life By: Michael Krausz Publisher: IT Governance Ltd Publication Date: 25-NOV-2010 Insert Date: 11-JUN-2013 Slots: 1.0 | Overview: Managing Information Security Breaches: Studies from Real Life
Even when organisations take precautions, they may still be at risk of a data breach. Information security incidents do not just affect small businesses; major companies and government departments suffer from them as well.
A strategic framework
Managing Information Security Breaches sets out a strategic framework for handling this kind of emergency. It focuses on the treatment of severe breaches and on how to re-establish safety and security once the breach has occurred. These recommendations support the controls for the treatment of breaches specified under ISO27001:2005....
|
9. |  Managing Information Risk: A Director's Guide By: Stewart Mitchell Publisher: IT Governance Ltd Publication Date: 28-JUL-2009 Insert Date: 11-JUN-2013 Slots: 1.0 | Overview: Managing Information Risk: A Director's Guide
"Information Security is the board's responsibility – read this book before you get into trouble!
Information risk is endemic in any modern organisation. From the potential for losing sensitive information to a full-system crash that incapacitates the company, the consequences can be disastrous. Information risk management is a method of assessing information threats and taking actions to minimise the chances of risks becoming a reality. With properly implemented security controls based on risk assessment, you could stop your company from having to suffer huge financial or reputational...
|
10. |  Securing the Virtual Environment: How to Defend the Enterprise Against Attack, Included DVD By: Davi Ottenheimer; Matthew Wallace Publisher: John Wiley & Sons Publication Date: 08-MAY-2012 Insert Date: 14-MAY-2013 Slots: 1.0 | Overview: Securing the Virtual Environment: How to Defend the Enterprise Against Attack, Included DVD
A step-by-step guide to identifying and defending against attacks on the virtual environment
As more and more data is moved into virtual environments the need to secure them becomes increasingly important. Useful for service providers as well as enterprise and small business IT professionals the book offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities unique to virtual environments. A companion DVD is included with recipes and testing scripts.
Examines the difference in a virtual model versus traditional computing models...
|
11. |  By: XYPRO Technology Corp Publisher: Digital Press Publication Date: 17-OCT-2003 Insert Date: 08-MAY-2013 Slots: 1.0 | Overview: HP NonStop Server Security
Since the last publication of the Ernst and Young book on Tandem security in the early 90's, there has been no such book on the subject. We've taken on the task of supplying a new Handbook whose content provides current, generic information about securing HP NonStop servers. Emphasis is placed on explaining security risks and best practices relevant to NonStop environments, and how to deploy native security tools (Guardian and Safeguard). All third party vendors who supply security solutions relevant to NonStop servers are listed, along with contact information for each vendor. The...
|
12. |  By: Susan Loepp; William K. Wootters Publisher: Cambridge University Press Publication Date: 10-JUL-2006 Insert Date: 07-MAY-2013 Slots: 1.0 | Overview: Protecting Information
For many everyday transmissions, it is essential to protect digital information from noise or eavesdropping. This undergraduate introduction to error correction and cryptography is unique in devoting several chapters to quantum cryptography and quantum computing, thus providing a context in which ideas from mathematics and physics meet. By covering such topics as Shor's quantum factoring algorithm, this text informs the reader about current thinking in quantum information theory and encourages an appreciation of the connections between mathematics and science.Of particular interest are the...
|
13. |  Computer Security and Cryptography By: Alan G. Konheim Publisher: Wiley-Interscience Publication Date: 29-JAN-2007 Insert Date: 06-MAY-2013 Slots: 1.0 | Overview: Computer Security and Cryptography
Gain the skills and knowledge needed to create effective data security systems
This book updates readers with all the tools, techniques, and concepts needed to understand and implement data security systems. It presents a wide range of topics for a thorough understanding of the factors that affect the efficiency of secrecy, authentication, and digital signature schema. Most importantly, readers gain hands-on experience in cryptanalysis and learn how to create effective cryptographic systems.
The author contributed to the design and analysis of the Data Encryption Standard (DES), a...
|
14. |  Expert Oracle Application Express Security By: Scott Spendolini Publisher: Apress Publication Date: 24-APR-2013 Insert Date: 30-APR-2013 Slots: 1.0 | Overview: Expert Oracle Application Express Security
Expert Oracle Application Express Security covers all facets of security related to Oracle Application Express (APEX) development. From basic settings that can enhance security, to preventing SQL Injection and Cross Site Scripting attacks, Expert Oracle Application Express Security shows how to secure your APEX applictions and defend them from intrusion.
Security is a process, not an event. Expert Oracle Application Express Security is written with that theme in mind. Scott Spendolini, one of the original creators of the product, offers not only examples of security best practices, but...
|
15. |  Cisco ISE for BYOD and Secure Unified Access By: Jamey Heary; Aaron Woland Publisher: Cisco Press Publication Date: 10-JUN-2013 Insert Date: 12-APR-2013 Slots: 1.0 | Overview: Cisco ISE for BYOD and Secure Unified Access Plan and deploy identity-based secure access
for BYOD and borderless networks
Using Cisco Secure Unified Access
Architecture and Cisco Identity Services Engine, you can secure and
regain control of borderless networks in a Bring Your Own Device
(BYOD) world. This book covers the complete lifecycle of protecting
a modern borderless network using these advanced solutions, from
planning an architecture through deployment, management, and
troubleshooting.
Cisco ISE for BYOD and Secure Unified Access
begins by reviewing the business case for an identity solution.
Next, you’ll walk through...
|
16. |  Pro ASP.NET Web API Security: Securing ASP.NET Web API By: Badrinarayanan Lakshmiraghavan Publisher: Apress Publication Date: 27-MAR-2013 Insert Date: 10-APR-2013 Slots: 1.0 | Overview: Pro ASP.NET Web API Security: Securing ASP.NET Web API
ASP.NET Web API is a key part of ASP.NET MVC 4 and the platform of choice for building RESTful services that can be accessed by a wide range of devices. Everything from JavaScript libraries to RIA plugins, RFID readers to smart phones can consume your services using platform-agnostic HTTP.
With such wide accessibility, securingyour code effectively needs to be a top priority. You will quickly find that the WCF security protocols you're familiar with from .NET (WS-* and similar)are less suitable than they once were in this new environment; proving themselves cumbersome and limited in...
|
17. |  Secure Coding in C and C++, Second Edition By: Robert C. Seacord Publisher: Addison-Wesley Professional Publication Date: 02-APR-2013 Insert Date: 01-APR-2013 Slots: 1.0 | Overview: Secure Coding in C and C++, Second Edition Learn the Root Causes of Software Vulnerabilities and How to
Avoid Them
Commonly exploited software vulnerabilities
are usually caused by avoidable software defects. Having analyzed
tens of thousands of vulnerability reports since 1988, CERT has
determined that a relatively small number of root causes account
for most of the vulnerabilities.
Secure Coding in C and C++, Second
Edition, identifies and explains these root causes and
shows the steps that can be taken to prevent exploitation.
Moreover, this book encourages programmers to adopt security best
practices and to develop a security...
|
18. |  By: Brian Anderson; Barbara Anderson Publisher: Syngress Publication Date: 03-JUN-2010 Insert Date: 28-MAR-2013 Slots: 1.0 | Overview: Seven Deadliest USB Attacks
Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device...
|
19. |  Applied Cyber Security and the Smart Grid By: Eric D. Knapp; Raj Samani Publisher: Syngress Publication Date: 26-FEB-2013 Insert Date: 21-MAR-2013 Slots: 1.0 | Overview: Applied Cyber Security and the Smart Grid
Many people think of the Smart Grid as a power distribution group built on advanced smart metering-but that’s just one aspect of a much larger and more complex system. The "Smart Grid" requires new technologies throughout energy generation, transmission and distribution, and even the homes and businesses being served by the grid. This also represents new information paths between these new systems and services, all of which represents risk, requiring a more thorough approach to where and how cyber security controls are implemented. This insight provides a detailed architecture of the...
|
20. |  Advanced Security and Privacy for RFID Technologies By: Ali Miri Publisher: IGI Global Publication Date: 31-MAR-2013 Insert Date: 19-MAR-2013 Slots: 1.0 | Overview: Advanced Security and Privacy for RFID Technologies While there are many positive aspects in which RFID devices are useful, there have also been increased concerns over the privacy and security of personal information. Advanced Security and Privacy for RFID Technologies addresses these concerns with its comprehensive coverage on current issues with security models and everyday threats and vulnerabilities. This informative publication not only addresses the security risks involved with RFID technologies, but also gives insight on some possible solutions and preventions. Researchers, professionals, and practitioners aiming to better understand...
|
©2013 Safari Books Online