Eleventh Hour CISSP®, Third Edition: Study Guide

Rating: 
Amazon Price: $29.95 $25.61 You save: $4.34 (14%). (as of July 16, 2018 10:18 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Eleventh Hour CISSP: Study Guide, Third Edition provides readers with a study guide on the most current version of the Certified Information Systems Security Professional exam. This book is streamlined to include only core certification information, and is presented for ease of last-minute studying. Main objectives of the exam are covered concisely with key concepts highlighted.

The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. Over 100,000 professionals are certified worldwide, with many more joining their ranks. This new third edition is aligned to cover all of the material in the most current version of the exam’s Common Body of Knowledge. All domains are covered as completely and concisely as possible, giving users the best possible chance of acing the exam.Completely updated for the most current version of the exam’s Common Body of KnowledgeProvides the only guide you need for last-minute studyingAnswers the toughest questions and highlights core topicsStreamlined for maximum efficiency of study, making it ideal for professionals updating their certification or for those taking the test for the first time

Holistic InfoSec For Web Developers: Physical and People (Fascicle 0)

Amazon Price: N/A (as of July 15, 2018 17:08 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This book begins by taking the reader to the 30,000' view, so you can start to see the entire security landscape. I then attempt to explain a very simple threat modelling approach that I believe Bruce Schneier created, called the Sensible Security Model (SSM). We take the learnings from the first chapter and apply them to lower levels. I detail how to setup a security focussed distribution with all the tools and configuration options required for working through the book. We then walk through the Process and Practises that the attacker often execute, and we take the learnings from that and train the defenders on how they can bring the finding of defects from the most expensive place to the cheapest place, within your Sprint cycles.

The rest of the book focusses on the specific area on the cover of this book.
Continue reading “Holistic InfoSec For Web Developers: Physical and People (Fascicle 0)”

Take Control of 1Password

Amazon Price: N/A (as of unknown date – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Updated May 20, 2014

Speed through Web logins with 1Password 4!
Continue reading “Take Control of 1Password”

Dissecting the Hack: The V3rb0t3n Network

Rating: 
Amazon Price: $39.95 $38.24 You save: $1.71 (4%). (as of July 15, 2018 21:12 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Dissecting the Hack: The V3rb0t3n Network ventures further into cutting-edge techniques and methods than its predecessor, Dissecting the Hack: The F0rb1dd3n Network. It forgoes the basics and delves straight into the action, as our heroes are chased around the world in a global race against the clock. The danger they face will forever reshape their lives and the price they pay for their actions will not only affect themselves, but could possibly shake the foundations of an entire nation.

The book is divided into two parts. The first part, entitled "The V3rb0t3n Network," continues the fictional story of Bob and Leon, two hackers caught up in an adventure in which they learn the deadly consequence of digital actions. The second part, "Security Threats Are Real" (STAR), focuses on these real-world lessons and advanced techniques, as used by characters in the story. This gives the reader not only textbook knowledge, but real-world context around how cyber-attacks may manifest.
Continue reading “Dissecting the Hack: The V3rb0t3n Network”

Cyber-Security Glossary of Building Hacks and Cyber-Attacks

Amazon Price: N/A (as of July 16, 2018 10:05 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The Cyber-Security Glossary of Building Hacks and Cyber-Attacks was developed specifically to help facility and infrastructure engineers and building managers understand vulnerability of SCADA systems and building and industrial control systems to cyber-attack. The book includes definitions of technical terms related to automated equipment controls common to industry, utilities and buildings. Although written for facility engineers, much of the terminology applies to cyber-attacks in general. I define many types of cyber-attacks including:
Dictionary attack
Cinderella attack
Time Bomb attack
Fork Bomb attack
Logic Bomb attack
Bluesnarfing
Smurf attack
Vampire Tap
Water Holing
Pass the Hash attack
Tiny Fragment attack
Protocol Fuzzing attack
Replay attack
Amplification attack
Man in the Middle attack
and many more.

I also include steps to take to prevent a cyber-attack.