Network and Data Security for Non-Engineers
Learn network and data security by analyzing the Anthem breach and step-by-step how hackers gain entry, place hidden software, download information, and hide the evidence of their entry. Understand the tools, establishing persistent presence, use of sites as testbeds to determine successful variations of software that elude detection, and reaching out across trusted connections to the entire healthcare system of the nation. Examine the components of technology being diverted, starting with application code and how to protect it with isolation approaches. Dissect forms of infections including viruses, worms, bots, and Trojans; and encryption with RSA algorithm as the working example.
About the Author
Stephan S. Jones, PhD, is the director of the Center for Information and Communication Sciences, where he is also a professor delivering core technology courses in the graduate-only program. His industry experience is as a field engineer and owner of a telecommunications company providing voice and data solutions for business/commercial systems in the Midwest. In academe, he has published or edited numerous books and texts associated with simplifying complex communication technologies for nonengineering students to comprehend. He is actively engaged in supporting broadband technology deployments to underserved and unserved regions of the country and providing technical support for non-profit organizations with student participation. Frank Groom, PhD, is a professor in the Graduate Center for Information and Communication Science at Ball State University. His research is concentrated in the areas of high-bandwidth networking, distributed systems, and the storage of multimedia objects. Dr. Groom is the author of seven books, most recently having finished The Basics of Voice over IP Networking and The Basics of 802.11 Wireless LANs. Among his best known books are The Future of ATM and The ATM Handbook. Dr. Groom earned his PhD from the University of Wisconsin- Milwaukee in information systems. He is the former senior director of information systems for Ameritech.
Out of stock
Understand and implement VMware Virtual SAN: the heart of tomorrow’s Software-Defined Datacenter (SDDC) VMware’s breakthrough Software-Defined Datacenter (SDDC) initiative can help you virtualize your entire datacenter: compute, storage, networks, and associated services. Central to SDDC is VMware Virtual SAN (VSAN): a fully distributed storage architecture seamlessly integrated into the hypervisor and capable of scaling to meet any enterprise storage requirement. Now, the leaders of VMware’s wildly popular Virtual SAN previews have written the first authoritative guide to this pivotal technology. You’ll learn what Virtual SAN is, exactly what it offers, how to implement it, and how to maximize its value. Writing for administrators, consultants, and architects, Cormac Hogan and Duncan Epping show how Virtual SAN implements both object-based storage and a policy platform that simplifies VM storage placement. You’ll learn how Virtual SAN and vSphere work together to dramatically improve resiliency, scale-out storage functionality, and control over QoS. Both an up-to-the-minute reference and hands-on tutorial, Essential Virtual SAN uses realistic examples to demonstrate Virtual SAN’s most powerful capabilities. You’ll learn how to plan, architect, and deploy Virtual SAN successfully, avoid gotchas, and troubleshoot problems once you’re up and running. Coverage includes * Understanding the key goals and concepts of Software-Defined Storage and Virtual SAN technology * Meeting physical and virtual requirements for safe Virtual SAN implementation * Installing and configuring Virtual SAN for your unique environment * Using Storage Policy Based Management to control availability, performance, and reliability * Simplifying deployment with VM Storage Policies * Discovering key Virtual SAN architectural details: caching I/O, VASA, witnesses, pass-through RAID, and more * Ensuring efficient day-to-day Virtual SAN management and maintenance * Interoperating with other VMware features and products * Designing and sizing Virtual SAN clusters * Troubleshooting, monitoring, and performance optimization.
About the Author
Cormac Hogan is a storage architect in the Integration Engineering team at VMware. Cormac was one of the first VMware employees at the EMEA headquarters in Cork, Ireland, back in 2005, and has previously held roles in VMware’s Technical Marketing and Support organizations. Cormac has written a number of storage-related white papers and has given numerous presentations on storage best practices and new features. Cormac is the owner of CormacHogan.com, a blog site dedicated to storage and virtualization. He can be followed on twitter @CormacJHogan. Duncan Epping is a principal architect working for VMware R&D. Duncan is responsible for exploring new possibilities with existing products and features, researching new business opportunities for VMware. Duncan specializes in software-defined storage, hyperconverged platforms, and availability solutions. Duncan was among the first VMware Certified Design Experts (VCDX 007). Duncan is the owner of Yellow-Bricks.com and author of various books, including the VMware vSphere Clustering Technical Deepdive series. He can be followed on twitter @DuncanYB.
Specifically oriented to the needs of information systems students, Principles Of Information Security, 5e delivers the latest technology and developments from the field. Taking a managerial approach, this market-leading introductory book teaches all the aspects of information security – not just the technical control perspective. It provides a broad review of the entire field of information security, background on many related elements, and enough detail to facilitate understanding of the topic. It covers the terminology of the field, the history of the discipline, and an overview of how to manage an information security program. Current and relevant, the fifth edition includes the latest practices, fresh examples, updated material on technical security controls, emerging legislative issues, new coverage of digital forensics, and hands-on application of ethical issues in IS security. It is the ultimate resource for future business decision-makers.
About the Author
Herbert Mattord, Ph.D., CISM, CISSP completed 24 years of IT industry experience as an application developer, database administrator, project manager, and information security practitioner before joining the faculty at Kennesaw State University, where he is Assistant Chair of the Department of Information Systems and Associate Professor of Information Security and Assurance program. Dr. Mattord currently teaches graduate and undergraduate courses in Information Security & Assurance as well as Information Systems. He and Michael Whitman are the authors of Principles of Information Security, 5th Ed, Management of Information Security, 5th Ed, Readings and Cases in the Management of Information Security, Principles of Incident Response and Disaster Recovery, 2nd Ed, The Guide to Network Security, and The Hands-On Information Security Lab Manual, 4th Ed all from Cengage Learning. Dr. Mattord is an active researcher and author in Information Security Management and related topics. He has published articles in the Information Resources Management Journal, Journal of Information Security Education, the Journal of Executive Education, and the International Journal of Interdisciplinary Telecommunications and Networking. Dr. Mattord is a member of the Information Systems Security Association, ISACA, and the Association for Information Systems. During his career as an IT practitioner, Dr. Mattord was an adjunct professor at Kennesaw State University, Southern Polytechnic State University in Marietta, Georgia, Austin Community College in Austin, Texas, and Texas State University: San Marcos. He was formerly the Manager of Corporate Information Technology Security at Georgia-Pacific Corporation, where much of the practical knowledge found in this and other textbooks was acquired. Michael Whitman, Ph.D., CISM, CISSP is a Professor of Information Security at Kennesaw State University, Kennesaw, Georgia, where he is also the Executive Director of the KSU/Coles College of Business Center for Information Security Education. In 2004, 2007, 2012 and 2015, under his direction the Center for Information Security Education spearheaded KSU’s successful bid for the prestigious National Center of Academic Excellence recognitions (CAE/IAE and CAE IA/CD) awarded by the Department of Homeland Security and the National Security Agency. Dr. Whitman is also the Editor-in-Chief of the Information Security Education Journal, and Director of the Southeast Collegiate Cyber Defense Competition. Dr. Whitman is an active researcher and author in Information Security Policy, Threats, and Curriculum Development, as well as Ethical Computing. He currently teaches graduate and undergraduate courses in Information Security. Dr. Whitman has several information security textbooks currently in print – Principles of Information Security, 5th Ed., Management of Information Security, 5th Ed., Readings and Cases in the Management of Information Security, Volumes I and II, The Hands-On Information Security Lab Manual, 4th Ed., Principles of Incident Response and Disaster Recovery, 2nd Ed., The Guide to Network Security and The Guide to Firewalls and Network Security, 3rd Ed. all from Cengage Learning. He has published articles in Information Systems Research, the Communications of the ACM, the Journal of International Business Studies, Information and Management, and the Journal of Computer Information Systems. Dr. Whitman is a member of the Association for Computing Machinery, the Information Systems Security Association, ISACA and the Association for Information Systems. Prior to coming to academia, Dr. Whitman was an officer in the U.S. Army, where he had the responsibilities of ADPSSO (Automated Data Processing System Security Officer).
Analyzing how hacks are done, so as to stop them in the future Reverse engineering is the process of analyzing hardware or software and understanding it, without having access to the source code or design documents. Hackers are able to reverse engineer systems and exploit what they find with scary results. Now the good guys can use the same tools to thwart these threats. Practical Reverse Engineering goes under the hood of reverse engineering for security analysts, security engineers, and system programmers, so they can learn how to use these same processes to stop hackers in their tracks. The book covers x86, x64, and ARM (the first book to cover all three); Windows kernel-mode code rootkits and drivers; virtual machine protection techniques; and much more. Best of all, it offers a systematic approach to the material, with plenty of hands-on exercises and real-world examples. Offers a systematic approach to understanding reverse engineering, with hands-on exercises and real-world examples Covers x86, x64, and advanced RISC machine (ARM) architectures as well as deobfuscation and virtual machine protection techniques Provides special coverage of Windows kernel-mode code (rootkits/drivers), a topic not often covered elsewhere, and explains how to analyze drivers step by step Demystifies topics that have a steep learning curve Includes a bonus chapter on reverse engineering tools Practical Reverse Engineering: Using x86, x64, ARM, Windows Kernel, and Reversing Tools provides crucial, up-to-date guidance for a broad range of IT professionals.
About the Author
Bruce Dang is a senior security development engineering lead at Microsoft focusing on Windows kernel and reverse engineering. Alexandre Gazet is a senior security researcher at QuarksLab focusing on reverse engineering and software protection. Elias Bachaalany is a software security engineer at Microsoft.
Presents the concepts of ICT audit and control
Shows how to create a verifiable audit-based control structure that will ensure comprehensive security for systems and data
Explains how to establish systematic control and reporting procedures within a standard organizational framework and build auditable trust into the security of ICT operations
Defines a complete and correct set of control objectives along with monitoring and reporting systems
Discusses a formally defined and implemented infrastructure of best practices aimed specifically at optimizing the coordination and control of the security function
The Complete Guide to Cybersecurity Risks and Controls presents the fundamental concepts of information and communication technology (ICT) governance and control. In this book, you will learn how to create a working, practical control structure that will ensure the ongoing, day-to-day trustworthiness of ICT systems and data. The book explains how to establish systematic control functions and timely reporting procedures within a standard organizational framework and how to build auditable trust into the routine assurance of ICT operations.
The book is based on the belief that ICT operation is a strategic governance issue rather than a technical concern. With the exponential growth of security breaches and the increasing dependency on external business partners to achieve organizational success, the effective use of ICT governance and enterprise-wide frameworks to guide the implementation of integrated security controls are critical in order to mitigate data theft. Surprisingly, many organizations do not have formal processes or policies to protect their assets from internal or external threats.
The ICT governance and control process establishes a complete and correct set of managerial and technical control behaviors that ensures reliable monitoring and control of ICT operations. The body of knowledge for doing that is explained in this text. This body of knowledge process applies to all operational aspects of ICT responsibilities ranging from upper management policy making and planning, all the way down to basic technology operation.