Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Help

Security


1. 

Managed Code Rootkits

Managed Code Rootkits

By: Erez Metula

Publisher: Syngress

Publication Date: 25-NOV-2010

Insert Date: 24-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Imagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack—the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable...

2. 

Data Mining and Machine Learning in Cybersecurity

Data Mining and Machine Learning in Cybersecurity

By: Sumeet Dua; Xian Du

Publisher: Auerbach Publications

Publication Date: 25-APR-2011

Insert Date: 23-APR-2014

Slots: 1.0

Table of Contents • Start Reading

From basic concepts in machine learning and data mining to advanced problems in the machine learning domain, this book provides a unified reference for specific machine learning solutions to cybersecurity problems. It supplies a foundation in cybersecurity fundamentals, surveys contemporary challenges, and details cutting-edge machine learning and data mining techniques. This interdisciplinary resource includes technique review tables that allow for speedy access to common cybersecurity problems and associated data mining methods. Numerous illustrative figures and more than 40 case studies...

3. 

FISMA Principles and Best Practices: Beyond Compliance

FISMA Principles and Best Practices: Beyond Compliance

By: Patrick Howard

Publisher: Auerbach Publications

Publication Date: 29-MAR-2011

Insert Date: 23-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Detailing a proven approach for establishing and implementing a comprehensive information security program, this book integrates compliance review, technical monitoring, and remediation efforts to explain how to achieve and maintain compliance with Federal Information Security Management Act (FISMA) requirements. Based on the author’s experience developing, implementing, and maintaining enterprise FISMA-based information technology security programs at three major federal agencies, the book provides workable solutions for establishing and operating an effective security compliance program....

4. 

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS

Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS

By: Tyson Macaulay; Bryan Singer

Publisher: Auerbach Publications

Publication Date: 13-DEC-2011

Insert Date: 22-APR-2014

Slots: 1.0

Table of Contents • Start Reading

As industrial control systems (ICS) become Internet-facing, they expose crucial services to attack. Explaining how to develop and implement an effective cybersecurity program for ICS, this book provides the tools to ensure network security without sacrificing efficiency and functionality. Starting with an introduction to ICS, it discusses business, cost, competitive, and regulatory drivers and the conflicting priorities of convergence. It explains why security requirements differ from IT to ICS and explains when standard IT security solutions can be used and where SCADA practices are...

5. 

Information Security Governance Simplified: From the Boardroom to the Keyboard

Information Security Governance Simplified: From the Boardroom to the Keyboard

By: Todd Fitzgerald

Publisher: CRC Press

Publication Date: 20-DEC-2011

Insert Date: 22-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Security practitioners must be able to build a cost-effective security program while at the same time meet the requirements of government regulations. This book lays out these regulations in simple terms and explains how to use the control frameworks to build an effective information security program and governance structure. It discusses how organizations can best ensure that the information is protected and examines all positions from the board of directors to the end user, delineating the role each plays in protecting the security of the organization. ...

6. 

Information Security Management Handbook, Sixth Edition, Volume 5

Information Security Management Handbook, Sixth Edition, Volume 5

By: Nozaki, Krause; Harold Tipton

Publisher: Auerbach Publications

Publication Date: 13-SEP-2011

Insert Date: 22-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Updated annually to keep up with the increasingly fast pace of change in the field, the <EM>Information Security Management Handbook</EM> is the single most comprehensive and up-to-date resource on information security and assurance. Compiling the fundamental skills, techniques, tools, and understanding required of IT security professionals, the Information Security Management Handbook, <EM>Sixth Edition, Volume 5</EM> reflects the latest changes to information security and the CISSP<SUP>® </SUP>Common Body of Knowledge (CBK<SUP>®</SUP>). This edition updates the benchmark Volume 1 with a...

7. 

Targeted Cyber Attacks

Targeted Cyber Attacks

By: Aditya Sood; Richard Enbody

Publisher: Syngress

Publication Date: 18-APR-2014

Insert Date: 22-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indiscriminately, targeted attacks involve intelligence-gathering and planning to a degree that drastically changes its profile. Individuals, corporations, and even governments are facing new threats from targeted attacks. Targeted Cyber Attacks examines real-world examples of directed...

8. 

Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud

Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud

By: Frank Siepmann

Publisher: Auerbach Publications

Publication Date: 09-DEC-2013

Insert Date: 19-APR-2014

Slots: 1.0

Table of Contents • Start Reading

This book explains how to address the risks that can arise from outsourcing or adopting cloud technology. Providing you with an understanding of the fundamentals, it supplies authoritative guidance and examples on how to tailor the right risk approach for your organization. Covering onshore, offshore, and cloud services, it provides concrete examples and illustrative case studies that describe the specifics of what to do and what not to do across a variety of implementation scenarios. This book provides the fundamental understanding and guidance readers need to keep information, processes,...

9. 

Security De-Engineering: Solving the Problems in Information Risk Management

Security De-Engineering: Solving the Problems in Information Risk Management

By: Ian Tibble

Publisher: Auerbach Publications

Publication Date: 13-DEC-2011

Insert Date: 19-APR-2014

Slots: 1.0

Table of Contents • Start Reading

With organizations facing growing security challenges from both automated and manual attacks, these incidents now represent more of a threat to the bottom line than ever before. This book explains the problems in corporate information security and how to solve them. Based on more than a decade of global experience, the author explains how the industry has faltered and how a gradual decline in analytical skills has led the corporate world on a disastrous collision course with automated malware attacks and manual intrusions. ...

10. 

Managing Trust in Cyberspace

Managing Trust in Cyberspace

By: Sabu Thampi; Bharat Bhargava; Pradeep Atrey

Publisher: Chapman and Hall/CRC

Publication Date: 14-DEC-2013

Insert Date: 18-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Bringing together cross-disciplinary expertise, this illustrated, tutorial-style text addresses fundamentals underpinning computational trust models and covers trust management processes for dynamic open systems and applications. Topics include trust in autonomic and self-organized networks, cloud computing, embedded computing, multi-agent systems, digital rights management, security and quality issues in trusting e-government service delivery, and context-aware e-commerce applications. The book walks through online identity management, examines using trust and argumentation in recommender...

11. 

The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Second Edition

The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Second Edition

By: Douglas Landoll

Publisher: CRC Press

Publication Date: 20-MAY-2011

Insert Date: 18-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Picking up where the bestselling first edition left off, this second edition explains how to conduct an effective risk assessment. Supplying wide-ranging coverage that includes security risk analysis, mitigation, and risk assessment reporting, it provides the tools needed to solicit and review the scope and rigor of risk assessment proposals with competence and confidence. Trusted to assess security for leading organizations and government agencies, including the CIA, NSA, and NATO, Douglas Landoll unveils the little-known tips, tricks, and techniques used by savvy security professionals...

12. 

Kali Linux – Assuring Security by Penetration Testing

Kali Linux – Assuring Security by Penetration Testing

By: Tedi Heriyanto; Lee Allen; Shakeel Ali

Publisher: Packt Publishing

Publication Date: 07-APR-2014

Insert Date: 10-APR-2014

Slots: 1.0

Table of Contents • Start Reading

Master the art of penetration testing Learn penetration testing techniques with an in-depth coverage of Kali Linux distribution Explore the insights and importance of testing your corporate network systems before the hackers strike Understand the practical spectrum of security tools by their exemplary usage, configuration, and benefits In Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing...

13. 

Cyberwar and Information Warfare

Cyberwar and Information Warfare

By: Daniel Ventre

Publisher: John Wiley & Sons

Publication Date: 15-AUG-2011

Insert Date: 28-MAR-2014

Slots: 1.0

Table of Contents • Start Reading

Integrating empirical, conceptual, and theoretical approaches, this book presents the thinking of researchers and experts in the fields of cybersecurity, cyberdefense, and information warfare. The aim of this book is to analyze the processes of information warfare and cyberwarfare through the historical, operational and strategic perspectives of cyberattacks. Cyberwar and Information Warfare is of extreme use to experts in security studies and intelligence studies, defense universities, ministries of defense and security, and anyone studying political sciences, international relations,...

14. 

Rough Cuts
Information Security: Principles and Practices, Second Edition

Information Security: Principles and Practices, Second Edition

By: Mark S. Merkow; Jim Breithaupt

Publisher: Pearson Certification

Publication Date: 05-JUN-2014

Insert Date: 28-MAR-2014

Table of Contents • Start Reading

This is the Rough Cut version of the printed book. Fully updated for today's technologies and best practices, Information Security: Principles and Practices, Second Edition thoroughly covers all 10 domains of today's Information Security Common Body of Knowledge. Authored by two of the world's most experienced IT security practitioners, it brings together foundational knowledge that prepares readers for real-world environments, making it ideal for introductory courses in information security, and for anyone interested in entering the field. This edition addresses today's newest trends,...

15. 

Analyzing Security, Trust, and Crime in the Digital World

Analyzing Security, Trust, and Crime in the Digital World

By: Hamid Nemati

Publisher: IGI Global

Publication Date: 31-DEC-2013

Insert Date: 26-MAR-2014

Slots: 1.0

Table of Contents • Start Reading

In the digital era, information is the most valuable resource, and protecting one’s assets is a constant struggle for both individuals and organizations. Analyzing Security, Trust, and Crime in the Digital World explores techniques and technologies used to secure data and prevent intrusion in virtual environments. Within these pages, computer scientists, programmers, engineers, and practitioners will find meaningful research on intrusion detection and authentication techniques in order to further defend their own systems and protect the information therein....

16. 

Cyber Conflict: Competing National Perspectives

Cyber Conflict: Competing National Perspectives

By: Daniel Ventre

Publisher: John Wiley & Sons

Publication Date: 14-MAY-2012

Insert Date: 21-MAR-2014

Slots: 1.0

Table of Contents • Start Reading

Today, cyber security, cyber defense, information warfare and cyber warfare issues are among the most relevant topics both at the national and international level. All the major states of the world are facing cyber threats and trying to understand how cyberspace could be used to increase power. Through an empirical, conceptual and theoretical approach, Cyber Conflict has been written by researchers and experts in the fields of cyber security, cyber defense and information warfare. It aims to analyze the processes of information warfare and cyber warfare through historical, operational...

17. 

Threat Modeling: Designing for Security

Threat Modeling: Designing for Security

By: 

Publisher: John Wiley & Sons

Publication Date: 17-FEB-2014

Insert Date: 21-MAR-2014

Slots: 1.0

Table of Contents • Start Reading

Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies. Systems...

18. 

Analyzing how hacks are done, so as to stop them in the future Reverse engineering is the process of analyzing hardware or software and understanding it, without having access to the source code or design documents. Hackers are able to reverse engineer systems and exploit what they find with scary results. Now the good guys can use the same tools to thwart these threats. Practical Reverse Engineering goes under the hood of reverse engineering for security analysts, security engineers, and system programmers, so they can learn how to use these same processes to stop hackers in their...

19. 

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions

By: 

Publisher: John Wiley & Sons

Publication Date: 04-NOV-2013

Insert Date: 21-MAR-2014

Slots: 1.0

Table of Contents • Start Reading

A must-have, hands-on guide for working in the cybersecurity profession Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This essential book addresses cybersecurity strategies that include identity management, risk management, and incident management, and also serves as a detailed guide for anyone looking to enter the security profession. Doubling as the text for a cybersecurity course, it is also a...

20. 

Unmasking the Social Engineer: The Human Element of Security

Unmasking the Social Engineer: The Human Element of Security

By: 

Publisher: John Wiley & Sons

Publication Date: 17-FEB-2014

Insert Date: 19-MAR-2014

Slots: 1.0

Table of Contents • Start Reading

Learn to identify the social engineer by non-verbal behavior Unmasking the Social Engineer: The Human Element of Security focuses on combining the science of understanding non-verbal communications with the knowledge of how social engineers, scam artists and con men use these skills to build feelings of trust and rapport in their targets. The author helps readers understand how to identify and detect social engineers and scammers by analyzing their non-verbal behavior. Unmasking the Social Engineer shows how attacks work, explains nonverbal communications, and demonstrates with visuals...