The classic guide to network and Internet security has been thoroughly updated for today's latest security threats. In the second edition of Network Security, this most distinguished of author teams draws on hard-won experience to explain every facet of information security, from the basics to advanced cryptography and authentication; secure Web and email services; and emerging security standards. Highlights of the book's extensive new coverage include Advanced Encryption Standard (AES), IPsec, SSL, PKI Standards, and Web security.
Security Smarts for the Self-Guided IT Professional
Find out how to excel in the field of computer forensics investigations. Learn what it takes to transition from an IT professional to a computer forensic examiner in the private sector. Written by a Certified Information Systems Security Professional, Computer Forensics: InfoSec Pro Guide is filled with real-world case studies that demonstrate the concepts covered in the book.
You’ll learn how to set up a forensics lab, select hardware and software, choose forensic imaging procedures, test your tools, capture evidence from different sources, follow a sound investigative process, safely store evidence, and verify your findings. Best practices for documenting your results, preparing reports, and presenting evidence in court are also covered in this detailed resource.
Computer Forensics: InfoSec Pro Guide features: Lingo—Common security terms defined so that you’re in the know on the job IMHO—Frank and relevant opinions based on the author’s years of industry experience Budget Note—Tips for getting security technologies and processes into your organization’s budget In Actual Practice—Exceptions to the rules of security explained in real-world contexts Your Plan—Customizable checklists you can use on the job now Into Action—Tips on how, why, and when to apply new skills and techniques at work
Hackers Beware starts with a roadmap of the various areas of hacking but quickly delves into the details of how specific attacks work and how to protect against them. Since most attacks we hear about either occur or are perceived to come from hackers, people are very interested "in how they do that" – the techniques hackers use to break into systems. Hackers Beware is unique in that it gives specific exploits, exactly how they work and how to protect against them. This book will help readers understand what security threats they are up against and what they need to do to protect against them. Some books cover this from a high level but do not get into the details of specific exploits and cover it in a case by case fashion. This book will cover the complete picture. It will not only describe how an exploit works but present the signature of the attack, what to look for on a network and how to protect against it.
Many people think of the Smart Grid as a power distribution group built on advanced smart metering-but that’s just one aspect of a much larger and more complex system. The "Smart Grid" requires new technologies throughout energy generation, transmission and distribution, and even the homes and businesses being served by the grid. This also represents new information paths between these new systems and services, all of which represents risk, requiring a more thorough approach to where and how cyber security controls are implemented.
This insight provides a detailed architecture of the entire Smart Grid, with recommended cyber security measures for everything from the supply chain to the consumer.
Continue reading “Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure”
The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!
Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.
Continue reading “Threat Modeling: Designing for Security”