Evifa-Portal

1

Online Resource

Dissecting the hack : the V3rb0ten network (2016)

Street, Jayson E. [VerfasserIn] ; Sims, Kristin [MitwirkendeR] ; Baskin, Brian [MitwirkendeR] ; [et al.]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128042823 , 0128042826

Language: English

Pages: 1 online resource (1 volume) , illustrations

Keywords: Computer crimes ; Hacking ; Hackers ; Cyberterrorism ; Computer networks ; Security measures ; Computer security ; Electronic books ; local ; Electronic books

Abstract: Dissecting the Hack: The V3rb0t3n Network ventures further into cutting-edge techniques and methods than its predecessor, Dissecting the Hack: The F0rb1dd3n Network . It forgoes the basics and delves straight into the action, as our heroes are chased around the world in a global race against the clock. The danger they face will forever reshape their lives and the price they pay for their actions will not only affect themselves, but could possibly shake the foundations of an entire nation. The book is divided into two parts. The first part, entitled "The V3rb0t3n Network," continues the fictional story of Bob and Leon, two hackers caught up in an adventure in which they learn the deadly consequence of digital actions. The second part, "Security Threats Are Real" (STAR), focuses on these real-world lessons and advanced techniques, as used by characters in the story. This gives the reader not only textbook knowledge, but real-world context around how cyber-attacks may manifest. "The V3rb0t3n Network" can be read as a stand-alone story or as an illustration of the issues described in STAR. Scattered throughout "The V3rb0t3n Network" are "Easter eggs"-references, hints, phrases, and more that will lead readers to insights into hacker culture. Drawing on "The V3rb0t3n Network," STAR explains the various aspects of reconnaissance; the scanning phase of an attack; the attacker's search for network weaknesses and vulnerabilities to exploit; the various angles of attack used by the characters in the story; basic methods of erasing information and obscuring an attacker's presence on a computer system; and the underlying hacking culture. All new volume of Dissecting the Hack by Jayson Street, with technical edit by Brian Martin Uses actual hacking and security tools in its story - helps to familiarize readers with the many devices and their code Features cool new hacks and social engineering techniques, in real life context for ease of learning

Note: Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed December 14, 2015)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

2

Online Resource

Google hacking for penetration testers (2016)

Long, Johnny [VerfasserIn] ; Gardner, Bill [MitwirkendeR] ; Brown, Justin [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128029824 , 012802982X

Language: English

Pages: 1 online resource (viii, 225 pages) , illustrations

Edition: Third edition.

Keywords: Google ; Web search engines ; Computer security ; Internet programming ; Internet ; Security measures ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Google is the most popular search engine ever created, but Google's search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web, including social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers, Third Edition, shows you how security professionals and system administratord manipulate Google to find this sensitive information and "self-police" their own organizations. You will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with Facebook, LinkedIn, and more for passive reconnaissance. This third edition includes completely updated content throughout and all new hacks such as Google scripting and using Google hacking with other search engines and APIs. Noted author Johnny Long, founder of Hackers for Charity, gives you all the tools you need to conduct the ultimate open source reconnaissance and penetration testing. Third edition of the seminal work on Google hacking Google hacking continues to be a critical phase of reconnaissance in penetration testing and Open Source Intelligence (OSINT) Features cool new hacks such as finding reports generated by security scanners and back-up files, finding sensitive info in WordPress and SSH configuration, and all new chapters on scripting Google hacks for better searches as well as using Google hacking with other search engines and APIs

Note: Includes index. - Description based on online resource; title from title page (Safari, viewed December 14, 2015)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

3

Online Resource

Practical deployment of Cisco Identity Services Engine (ISE) : real-world examples of AAA deployments (2016)

Richter, Andy [VerfasserIn] ; Wood, Jeremy [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128045046 , 0128045043

Language: English

Pages: 1 online resource (viii, 290 pages) , illustrations

Keywords: Computer networks ; Security measures ; Computers ; Access control ; Electronic books ; local ; Electronic books

Abstract: With the proliferation of mobile devices and bring-your-own-devices (BYOD) within enterprise networks, the boundaries of where the network begins and ends have been blurred. Cisco Identity Services Engine (ISE) is the leading security policy management platform that unifies and automates access control to proactively enforce role-based access to enterprise networks. In Practical Deployment of Cisco Identity Services Engine (ISE) , Andy Richter and Jeremy Wood share their expertise from dozens of real-world implementations of ISE and the methods they have used for optimizing ISE in a wide range of environments. ISE can be difficult, requiring a team of security and network professionals, with the knowledge of many different specialties. Practical Deployment of Cisco Identity Services Engine (ISE) shows you how to deploy ISE with the necessary integration across multiple different technologies required to make ISE work like a system. Andy Richter and Jeremy Wood explain end-to-end how to make the system work in the real world, giving you the benefit of their ISE expertise, as well as all the required ancillary technologies and configurations to make ISE work.

Note: Includes index. - Description based on online resource; title from title page (viewed December 14, 2015)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

4

Online Resource

Hacking web intelligence : open source intelligence and web reconnaissance concepts and techniques (2015)

Chauhan, Sudhanshu [VerfasserIn] ; Panda, Nutan Kumar [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128019122 , 0128019123

Language: English

Pages: 1 online resource (1 volume) , illustrations

Keywords: World Wide Web ; Open source intelligence ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment-that is, reconnaissance-is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data. Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods. Hacking Web Intelligence is an in-depth technical reference covering the methods and techniques you need to unearth open source information from the Internet and utilize it for the purpose of targeted attack during a security assessment. This book will introduce you to many new and leading-edge reconnaissance, information gathering, and open source intelligence methods and techniques, including metadata extraction tools, advanced search engines, advanced browsers, power searching methods, online anonymity tools such as TOR and i2p, OSINT tools such as Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, Social Network Analysis (SNA), Darkweb/Deepweb, data visualization, and much more. Provides a holistic approach to OSINT and Web recon, showing you how to fit all the data together into actionable intelligence Focuses on hands-on tools such as TOR, i2p, Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, FOCA, EXIF, Metagoofil, MAT, and many more Covers key technical topics such as metadata searching, advanced browsers and power searching, online anonymity, Darkweb / Deepweb, Social Network Analysis (SNA), and how to manage, analyze, and visualize the data you gather Includes hands-on technical examples and case studies, as well as a Python chapter that shows you how to create your own information-gathering tools and modify existing APIs

Note: Includes index. - Description based on online resource; title from title page (Safari, viewed May 8, 2015)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

5

Online Resource

How to attack and defend your website (2015)

Dalziel, Henry [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128027547 , 0128027541

Language: English

Pages: 1 online resource (1 volume) , illustrations

Keywords: Computer security ; Web sites ; Security measures ; Computer networks ; Security measures ; Web sites ; Design ; Web site development ; Electronic books ; Electronic books ; local

Abstract: How to Attack and Defend Your Website is a concise introduction to web security that includes hands-on web hacking tutorials. The book has three primary objectives: to help readers develop a deep understanding of what is happening behind the scenes in a web application, with a focus on the HTTP protocol and other underlying web technologies; to teach readers how to use the industry standard in free web application vulnerability discovery and exploitation tools - most notably Burp Suite, a fully featured web application testing tool; and finally, to gain knowledge of finding and exploiting the most common web security vulnerabilities. This book is for information security professionals and those looking to learn general penetration testing methodology and how to use the various phases of penetration testing to identify and exploit common web protocols. How to Attack and Defend Your Website is be the first book to combine the methodology behind using penetration testing tools such as Burp Suite and Damn Vulnerable Web Application (DVWA), with practical exercises that show readers how to (and therefore, how to prevent) pwning with SQLMap and using stored XSS to deface web pages. Learn the basics of penetration testing so that you can test your own website's integrity and security Discover useful tools such as Burp Suite, DVWA, and SQLMap Gain a deeper understanding of how your website works and how best to protect it

Note: Description based on online resource; title from title page (Safari, viewed January 21, 2015)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

6

Online Resource

How to defeat advanced malware : new tools for protection and forensics (2015)

Dalziel, Henry [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128027530 , 0128027533

Language: English

Pages: 1 online resource (1 volume) , illustrations

Keywords: Computer networks ; Security measures ; Malware (Computer software) ; Electronic books ; local ; Electronic books

Abstract: How to Defeat Advanced Malware is a concise introduction to the concept of micro-virtualization. The book provides current facts and figures that prove detection- based security products have become ineffective. A simple strategy is then presented that both leverages the opportunities presented by Bring Your Own Device (BYOD) and protects enterprise end users against advanced malware. The book concludes with case studies demonstrating how hardware- isolated micro-VMs are helping Fortune 500 financial service providers defeat advanced malware. This book is primarily designed for infosec professionals, consultants, network administrators, CIO's, CTO's, CISO's and senior executives who work within the financial industry and are responsible for their company's endpoint protection. How to Defeat Advanced Malware: New Tools for Protection and Forensics is the first book to compare and contrast current endpoint security products, while making a case for encouraging and facilitating the growth of BYOD and social media by adopting micro-virtualization. Learn the basics of protecting your company's online-accessible assets Discover strategies that take advantage of micro-virtualization and BYOD Become adept at comparing and utilizing different endpoint security products and strategies

Note: Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed January 21, 2015)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

7

Online Resource

Python passive network mapping : P2NMAP (2015)

Hosmer, Chet [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128027424 , 0128027428

Language: English

Pages: 1 online resource (1 volume) , illustrations

Keywords: Computer networks ; Security measures ; Python (Computer program language) ; Peer-to-peer architecture (Computer networks) ; Electronic books ; local ; Electronic books

Abstract: Python Passive Network Mapping: P2NMAP is the first book to reveal a revolutionary and open source method for exposing nefarious network activity. The "Heartbleed" vulnerability has revealed significant weaknesses within enterprise environments related to the lack of a definitive mapping of network assets. In Python Passive Network Mapping , Chet Hosmer shows you how to effectively and definitively passively map networks. Active or probing methods to network mapping have traditionally been used, but they have many drawbacks - they can disrupt operations, crash systems, and - most importantly - miss critical nefarious activity. You require an accurate picture of the environments you protect and operate in order to rapidly investigate, mitigate, and then recover from these new attack vectors. This book gives you a deep understanding of new innovations to passive network mapping, while delivering open source Python-based tools that can be put into practice immediately. Python Passive Network Mapping is for practitioners, forensic investigators, IT teams, and individuals who work together when performing incident response and investigating potential damage, or are examining the impacts of new malware threats. Those defending critical infrastructures will have a special interest in this book, as active or probing methods of network mapping are rarely used within these environments as any resulting impacts can be disastrous. Python Passive Network Mapping is ideally suited for use as a text in a variety of academic programs to expose and engage students in the art of passively mapping enterprise networks, with the added benefit of providing exposure to open source Python solutions. First book to show you how to use open source Python to conduct passive network mapping Provides a new method for conducting incident response and investigating the extent of potential damage to your systems Python code forensics toolkit for network mapping included on the companion website

Note: Description based on online resource; title from title page (Safari, viewed September 17, 2015)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

8

Online Resource

The basics of digital privacy : simple tools to protect your personal information and your identity online (2014)

Cherry, Denny [VerfasserIn] ; LaRock, Thomas [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128001523 , 0128001526

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Computers ; Access control ; Computer security ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Who's watching you online? These days, it's hard to be sure. But the recent Edward Snowden revelations of NSA data mining and the constant threat of identity theft from criminals mean your privacy is in jeopardy. The Basics of Digital Privacy teaches you how to protect the privacy of your data and your identity while surfing, searching, and interacting with others in a virtual world. Author Denny Cherry teaches professionals how to keep huge databases secure, and he will introduce you to the basic concepts of protecting your identity, your financial data, and your personal information from prying eyes while using your computer and smartphone. You'll learn how to stay connected and conduct business online, while protecting your privacy with every keystroke and click. The Basics of Digital Privacy gives you clear, non-technical explanations of how to safely store personal information online, create secure usernames and passwords for websites, and participate in social media without compromising your privacy. Learn how to find out who's watching you online, and what the law has to say about your privacy rights. A great resource for anyone who ventures into the online world on a daily basis! The most straightforward and up-to-date guide to privacy for anyone who goes online for work, school, or personal use Real-world examples show you how cyber criminals commit their crimes, and what you can do to keep your identity and your data safe Written by author Denny Cherry, who teaches top security professionals how to protect huge databases of information Learn the best ways to create secure passwords, chat, text, email and conduct business online without compromising your identity and your personal data

Note: Includes index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

9

Online Resource

Windows forensic analysis toolkit : advanced analysis techniques for Windows 8 (2014)

Carvey, Harlan A [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124171749 , 0124171745

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 4th ed.

Parallel Title: Erscheint auch als

Keywords: Microsoft Windows (Computer file) ; Computer crimes ; Investigation ; Methodology ; Computer networks ; Security measures ; Internet ; Security measures ; Computer security ; Electronic books ; local ; Electronic books

Abstract: Harlan Carvey has updated Windows Forensic Analysis Toolkit , now in its fourth edition, to cover Windows 8 systems. The primary focus of this edition is on analyzing Windows 8 systems and processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. Harlan Carvey presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. The companion and toolkit materials are hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, Second Edition , which focuses primarily on XP, and Windows Forensic Analysis Toolkit, Third Edition , which focuses primarily on Windows 7. This new fourth edition provides expanded coverage of many topics beyond Windows 8 as well, including new cradle-to-grave case examples, USB device analysis, hacking and intrusion cases, and "how would I do this" from Harlan's personal case files and questions he has received from readers. The fourth edition also includes an all-new chapter on reporting. Complete coverage and examples of Windows 8 systems Contains lessons from the field, case studies, and war stories Companion online toolkit material, including electronic printable checklists, cheat sheets, custom tools, and walk-throughs

Note: Includes index. - Description based on print version record

URL: lizenzpflichtig

URL: Inhaltsverzeichnis

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

10

Online Resource

Cyber warfare : techniques, tactics and tools for security practitioners (2014)

Andress, Jason [VerfasserIn] ; Winterfeld, Steve [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124166332 , 0124166334

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 2nd ed.

Parallel Title: Erscheint auch als

Keywords: Information warfare ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Cyber Warfare, Second Edition, takes a comprehensive look at how and why digital warfare is waged. The book explores the participants, battlefields, and the tools and techniques used in today's digital conflicts. The concepts discussed gives students of information security a better idea of how cyber conflicts are carried out now, how they will change in the future, and how to detect and defend against espionage, hacktivism, insider threats and non-state actors such as organized criminals and terrorists. This book provides concrete examples and real-world guidance on how to identify and defend a network against malicious attacks. It probes relevant technical and factual information from an insider's point of view, as well as the ethics, laws and consequences of cyber war and how computer criminal law may change as a result. Logical, physical, and psychological weapons used in cyber warfare are discussed. This text will appeal to information security practitioners, network security administrators, computer system administrators, and security analysts. Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks Dives deeply into relevant technical and factual information from an insider's point of view Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

11

Online Resource

Hacking with Kali : practical penetration testing techniques (2014)

Broad, James [VerfasserIn] ; Bindner, Andrew [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124078833 , 0124078834

Language: English

Pages: 1 online resource (ix, 227 p.) , ill.

Edition: 1st ed.

Parallel Title: Erscheint auch als

Keywords: Kali Linux ; Penetration testing (Computer security) ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Hacking with Kali introduces you the most current distribution of the de facto standard tool for Linux pen testing. Starting with use of the Kali live CD and progressing through installation on hard drives, thumb drives and SD cards, author James Broad walks you through creating a custom version of the Kali live distribution. You'll learn how to configure networking components, storage devices and system services such as DHCP and web services. Once you're familiar with the basic components of the software, you'll learn how to use Kali through the phases of the penetration testing lifecycle; one major tool from each phase is explained. The book culminates with a chapter on reporting that will provide examples of documents used prior to, during and after the pen test. This guide will benefit information security professionals of all levels, hackers, systems administrators, network administrators, and beginning and intermediate professional pen testers, as well as students majoring in information security. Provides detailed explanations of the complete penetration testing lifecycle Complete linkage of the Kali information, resources and distribution downloads Hands-on exercises reinforce topics

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

12

Online Resource

The basics of IT audit : purposes, processes, and practical information (2014)

Gantz, Stephen D [VerfasserIn] ; Maske, Steve [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124171763 , 0124171761

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Information technology ; Auditing ; Computer security ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: The Basics of IT Audit: Purposes, Processes, and Practical Information provides you with a thorough, yet concise overview of IT auditing. Packed with specific examples, this book gives insight into the auditing process and explains regulations and standards such as the ISO-27000, series program, CoBIT, ITIL, Sarbanes-Oxley, and HIPPA. IT auditing occurs in some form in virtually every organization, private or public, large or small. The large number and wide variety of laws, regulations, policies, and industry standards that call for IT auditing make it hard for organizations to consistently and effectively prepare for, conduct, and respond to the results of audits, or to comply with audit requirements. This guide provides you with all the necessary information if you're preparing for an IT audit, participating in an IT audit or responding to an IT audit. Provides a concise treatment of IT auditing, allowing you to prepare for, participate in, and respond to the results Discusses the pros and cons of doing internal and external IT audits, including the benefits and potential drawbacks of each Covers the basics of complex regulations and standards, such as Sarbanes-Oxley, SEC (public companies), HIPAA, and FFIEC Includes most methods and frameworks, including GAAS, COSO, COBIT, ITIL, ISO (27000), and FISCAM

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

13

Online Resource

Network and system security (2014)

Vacca, John R [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124166950 , 0124166954

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 2nd ed.

Keywords: Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Network and System Security provides focused coverage of network and system security technologies. It explores practical solutions to a wide range of network and systems security issues. Chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. Coverage includes building a secure organization, cryptography, system intrusion, UNIX and Linux security, Internet security, intranet security, LAN security; wireless network security, cellular network security, RFID security, and more. Chapters contributed by leaders in the field covering foundational and practical aspects of system and network security, providing a new level of technical expertise not found elsewhere Comprehensive and updated coverage of the subject area allows the reader to put current technologies to work Presents methods of analysis and problem solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions

Note: Includes bibliographical references and index. - Description based on online resource; title from title page (Safari, viewed Dec. 5, 2013)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

14

Online Resource

Identity and access management : business performance through connected intelligence (2014)

Osmanoglu, T. Ertem [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124104334 , 0124104339

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Computer security ; Computers ; Access control ; Computer networks ; Security measures ; False personation ; Prevention ; Electronic books ; Electronic books ; local

Abstract: Identity and Access Management: Business Performance Through Connected Intelligence provides you with a practical, in-depth walkthrough of how to plan, assess, design, and deploy IAM solutions. This book breaks down IAM into manageable components to ease systemwide implementation. The hands-on, end-to-end approach includes a proven step-by-step method for deploying IAM that has been used successfully in over 200 deployments. The book also provides reusable templates and source code examples in Java, XML, and SPML. Focuses on real-word implementations Provides end-to-end coverage of IAM from business drivers, requirements, design, and development to implementation Presents a proven, step-by-step method for deploying IAM that has been successfully used in over 200 cases Includes companion website with source code examples in Java, XML, and SPML as well as reusable templates

Note: Includes bibliographical references and index. - Description based on print version record

URL: https://learning.oreilly.com/library/view/-/9780124081406/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

15

Online Resource

The basics of information security : understanding the fundamentals of InfoSec in theory and practice (2014)

Andress, Jason [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128008126 , 0128008121

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 2nd ed.

Parallel Title: Erscheint auch als

Keywords: Computer security ; Computer networks ; Security measures ; Information technology ; Security measures ; Information resources management ; Computer science ; Electronic books ; local ; Electronic books

Abstract: As part of the Syngress Basics series, The Basics of Information Security provides you with fundamental knowledge of information security in both theoretical and practical aspects. Author Jason Andress gives you the basic knowledge needed to understand the key concepts of confidentiality, integrity, and availability, and then dives into practical applications of these ideas in the areas of operational, physical, network, application, and operating system security. The Basics of Information Security gives you clear-non-technical explanations of how infosec works and how to apply these principles whether you're in the IT field or want to understand how it affects your career and business. The new Second Edition has been updated for the latest trends and threats, including new material on many infosec subjects. Learn about information security without wading through a huge textbook Covers both theoretical and practical aspects of information security Provides a broad view of the information security field in a concise manner All-new Second Edition updated for the latest information security trends and threats, including material on incident response, social engineering, security awareness, risk management, and legal/regulatory issues

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

16

Online Resource

Targeted cyber attacks : multi-staged attacks driven by exploits and malware (2014)

Sood, Aditya K [VerfasserIn] ; Enbody, Richard J [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780128006191 , 0128006196

Language: English

Pages: 1 online resource (1 v.) , ill.

Keywords: Computer networks ; Security measures ; Cyberspace ; Security measures ; Computer crimes ; Prevention ; Electronic books ; local ; Electronic books

Abstract: Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indiscriminately, targeted attacks involve intelligence-gathering and planning to a degree that drastically changes its profile. Individuals, corporations, and even governments are facing new threats from targeted attacks. Targeted Cyber Attacks examines real-world examples of directed attacks and provides insight into what techniques and resources are used to stage these attacks so that you can counter them more effectively. A well-structured introduction into the world of targeted cyber-attacks Includes analysis of real-world attacks Written by cyber-security researchers and experts

Note: Includes bibliographical references. - Description based on online resource; title from title page (Safari, viewed May 6, 2014)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

17

Online Resource

Business continuity and disaster recovery planning for IT professionals (2014)

Snedaker, Susan [VerfasserIn] ; Rima, Chris [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124114517 , 0124114512

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 2nd ed.

Parallel Title: Erscheint auch als

DDC: 658.4/78

Keywords: Business ; Data processing ; Security measures ; Electronic data processing departments ; Security measures ; Crisis management ; Computer networks ; Security measures ; Management information systems ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Isaac Makes Landfall in the Gulf Coast. Wildfires Burn Hundreds of Houses and Businesses in Colorado. Tornado Touches Down in Missouri. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well. The new 2nd Edition of Business Continuity and Disaster Recovery for IT Professionals gives you the most up-to-date planning and risk management techniques for business continuity and disaster recovery (BCDR). With distributed networks, increasing demands for confidentiality, integrity and availability of data, and the widespread risks to the security of personal, confidential and sensitive data, no organization can afford to ignore the need for disaster planning. Author Susan Snedaker shares her expertise with you, including the most current options for disaster recovery and communication, BCDR for mobile devices, and the latest infrastructure considerations including cloud, virtualization, clustering, and more. Snedaker also provides you with new case studies in several business areas, along with a review of high availability and information security in healthcare IT. Don't be caught off guard- Business Continuity and Disaster Recovery for IT Professionals, 2nd Edition , is required reading for anyone in the IT field charged with keeping information secure and systems up and running. Complete coverage of the 3 categories of disaster: natural hazards, human-caused hazards, and accidental / technical hazards Extensive disaster planning and readiness checklists for IT infrastructure, enterprise applications, servers and desktops Clear guidance on developing alternate work and computing sites and emergency facilities Actionable advice on emergency readiness and response Up-to-date information on the legal implications of data loss following a security breach or disaster

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

18

Online Resource

Advanced persistent threat : understanding the danger and how to protect your organization (2013)

Cole, Eric [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499552 , 1597499552

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Computer networks ; Security measures ; Computer security ; Data protection ; Computer crimes ; Prevention ; Electronic books ; local ; Electronic books

Abstract: The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The APT bypasses most of an organization's current security devices, and is typically carried out by an organized group, such as a foreign nation state or rogue group with both the capability and the intent to persistently and effectively target a specific entity and wreak havoc. Most organizations do not understand how to deal with it and what is needed to protect their network from compromise. In Advanced Persistent Threat: Understanding the Danger and How to Protect your Organization Eric Cole discusses the critical information that readers need to know about APT and how to avoid being a victim. Advanced Persistent Threat is the first comprehensive manual that discusses how attackers are breaking into systems and what to do to protect and defend against these intrusions. How and why organizations are being attacked How to develop a "Risk based Approach to Security" Tools for protecting data and preventing attacks Critical information on how to respond and recover from an intrusion The emerging threat to Cloud based networks

Note: Includes index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

19

Online Resource

The basics of cyber warfare : understanding the fundamentals of cyber warfare in theory and practice (2013)

Winterfeld, Steve [VerfasserIn] ; Andress, Jason [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9780124051812 , 0124051812

Language: English

Pages: 1 online resource (1 v.) , ill., map.

Series Statement: The basics

Parallel Title: Erscheint auch als

Keywords: Information warfare ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: The Basics of Cyber Warfare provides readers with fundamental knowledge of cyber war in both theoretical and practical aspects. This book explores the principles of cyber warfare, including military and cyber doctrine, social engineering, and offensive and defensive tools, tactics and procedures, including computer network exploitation (CNE), attack (CNA) and defense (CND). Readers learn the basics of how to defend against espionage, hacking, insider threats, state-sponsored attacks, and non-state actors (such as organized criminals and terrorists). Finally, the book looks ahead to emerging aspects of cyber security technology and trends, including cloud computing, mobile devices, biometrics and nanotechnology. The Basics of Cyber Warfare gives readers a concise overview of these threats and outlines the ethics, laws and consequences of cyber warfare. It is a valuable resource for policy makers, CEOs and CIOs, penetration testers, security administrators, and students and instructors in information security. Provides a sound understanding of the tools and tactics used in cyber warfare. Describes both offensive and defensive tactics from an insider's point of view. Presents doctrine and hands-on techniques to understand as cyber warfare evolves with technology.

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

20

Online Resource

Windows 2012 server network security : securing your Windows network systems and infrastructure (2013)

Rountree, Derrick [VerfasserIn] ; Hicks, Richard [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499651 , 159749965X

Language: English

Pages: 1 online resource (xix, 239 p.) , ill.

Parallel Title: Erscheint auch als

Keywords: Microsoft Windows server ; Microsoft Windows (Computer file) ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall Remote desktop services Internet connection sharing Network diagnostics and troubleshooting Windows network security is of primary importance due to the sheer volume of data residing on Windows networks. Windows 2012 Server Network Security provides network administrators with the most focused and in-depth coverage of Windows network security threats along with methods and techniques for securing important mission-critical networks and assets. The book also covers Windows 8. Provides practical examples of how to secure your Windows network. Focuses specifically on Windows network security rather than general concepts. One of the first books to cover Windows Server 2012 network security.

Note: Includes index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

21

Online Resource

UTM security with Fortinet : mastering FortiOS (2013)

Tam, Kenneth [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499774 , 1597499773

Language: English

Pages: 1 online resource (1 v.) , ill.

Keywords: Computer networks ; Security measures ; Computer networks ; Access control ; Electronic books ; local ; Electronic books

Abstract: Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. Unified Threat Management (UTM) makes network security less complex, cheaper, and more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet's FortiGate in the enterprise. Provides tips, tricks, and proven suggestions and guidelines to set up FortiGate implementations Presents topics that are not covered (or are not covered in detail) by Fortinet's documentation Discusses hands-on troubleshooting techniques at both the project deployment level and technical implementation area

Note: Includes bibliographical references and index. - Description based on online resource; title from PDF title page (Safari, viewed May 2, 2013)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

22

Online Resource

Violent Python : a cookbook for hackers, forensic analysts, penetration testers and security engineers (2013)

O'Connor, T. J [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499644 , 1597499641

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

DDC: 005.13/3

RVK:

ST 250

Keywords: Python (Computer program language) ; Computer security ; Computer networks ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker's tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus. Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices Data-mine popular social media websites and evade modern anti-virus

Note: Includes bibliographical references and index. - Description based on online resource; title from PDF title page (Safari, viewed Jan. 24, 2013)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

23

Online Resource

Windows forensic analysis toolkit (2012)

Carvey, Harlan A [VerfasserIn] ; Kolde, Jennifer [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597497275

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 3rd ed.

Parallel Title: Erscheint auch als

Keywords: Microsoft Windows (Computer file) ; Security measures ; Computer crimes ; Investigation ; United States ; Methodology ; Computer networks ; Security measures ; Internet ; Security measures ; Computer security ; Electronic books ; local ; Electronic books

Abstract: Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems. Timely 3e of a Syngress digital forensic bestseller Updated to cover Windows 7 systems, the newest Windows version New online companion website houses checklists, cheat sheets, free tools, and demos

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

24

Online Resource

SQL injection attacks and defense (2012)

Clarke, Justin [VerfasserIn]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499736 , 1597499730

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 2nd ed.

Parallel Title: Erscheint auch als

Keywords: Computer security ; Computer networks ; Security measures ; Application software ; Security measures ; SQL (Computer program language) ; Electronic books ; local ; Electronic books

Abstract: SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award " SQL injection is probably the number one problem for any server-side application, and this book unequaled in its coverage." -Richard Bejtlich, Tao Security blog SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help. SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack. SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about: Understanding SQL Injection - Understand what it is and how it works Find, confirm and automate SQL injection discovery Tips and tricks for finding SQL injection within code Create exploits for using SQL injection Design apps to avoid the dangers these attacks SQL injection on different databases SQL injection on different technologies SQL injection testing techniques Case Studies Securing SQL Server, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures. Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL---including new developments for Microsoft SQL Server 2012 (Denali). Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials.

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

25

Online Resource

Network intrusion analysis : methodologies, tools, and techniques for incident analysis and response (2012)

Fichera, Joe [VerfasserIn] 1966- ; Bolt, Steven [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499712 , 1597499714

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Computer crimes ; Investigation ; United States ; Intrusion detection systems (Computer security) ; Computer security ; Computer networks ; Security measures ; Internet ; Security measures ; Electronic books ; local ; Electronic books

Abstract: Nearly every business depends on its network to provide information services to carry out essential activities, and network intrusion attacks have been growing increasingly frequent and severe. When network intrusions do occur, it's imperative that a thorough and systematic analysis and investigation of the attack is conducted to determine the nature of the threat and the extent of information lost, stolen, or damaged during the attack. A thorough and timely investigation and response can serve to minimize network downtime and ensure that critical business systems are maintained in full operation. Network Intrusion Analysis teaches the reader about the various tools and techniques to use during a network intrusion investigation. The book focuses on the methodology of an attack as well as the investigative methodology, challenges, and concerns. This is the first book that provides such a thorough analysis of network intrusion investigation and response. Network Intrusion Analysis addresses the entire process of investigating a network intrusion by: *Providing a step-by-step guide to the tools and techniques used in the analysis and investigation of a network intrusion. *Providing real-world examples of network intrusions, along with associated workarounds. *Walking you through the methodology and practical steps needed to conduct a thorough intrusion investigation and incident response, including a wealth of practical, hands-on tools for incident assessment and mitigation. Network Intrusion Analysis addresses the entire process of investigating a network intrusion Provides a step-by-step guide to the tools and techniques used in the analysis and investigation of a network intrusion Provides real-world examples of network intrusions, along with associated workarounds Walks readers through the methodology and practical steps needed to conduct a thorough intrusion investigation and incident response, including a wealth of practical, hands-on tools for incident assessment and mitigation

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

26

Online Resource

Client-side attacks and defense (2012)

Shimonski, Robert [VerfasserIn] ; Oriyano, Sean-Philip [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597495912 , 1597495913

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

Keywords: Computer networks ; Security measures ; Computer networks ; Access control ; Electronic books ; local ; Electronic books

Abstract: Client-Side Attacks and Defense offers background networks against its attackers. The book examines the forms of client-side attacks and discusses different kinds of attacks along with delivery methods including, but not limited to, browser exploitation, use of rich internet applications, and file format vulnerabilities. It also covers defenses, such as antivirus and anti-spyware, intrusion detection systems, and end-user education. The book explains how to secure Web browsers, such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, and Opera. It discusses advanced Web attacks and advanced defenses against them. Moreover, it explores attacks on messaging, Web applications, and mobiles. The book concludes with a discussion on security measures against client-side attacks, starting from the planning of security. This book will be of great value to penetration testers, security consultants, system and network administrators, and IT auditors. Design and implement your own attack, and test methodologies derived from the approach and framework presented by the authors Learn how to strengthen your network's host- and network-based defense against attackers' number one remote exploit-the client-side attack Defend your network against attacks that target your company's most vulnerable asset-the end user

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

27

Online Resource

PCI compliance : understand and implement effective PCI data security standard compliance (2012)

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499538 , 1597499536

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 3rd ed.

Keywords: Data protection ; Standards ; Computer networks ; Security measures ; Credit cards ; Liability for credit information ; Electronic books ; local ; Electronic books

Abstract: The credit card industry established the PCI Data Security Standards to provide a minimum standard for how vendors should protect data to ensure it is not stolen by fraudsters. PCI Compliance, 3e, provides the information readers need to understand the current PCI Data Security standards, which have recently been updated to version 2.0, and how to effectively implement security within your company to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. Security breaches continue to occur on a regular basis, affecting millions of customers and costing companies millions of dollars in fines and reparations. That doesn't include the effects such security breaches have on the reputation of the companies that suffer attacks. PCI Compliance, 3e, helps readers avoid costly breaches and inefficient compliance initiatives to keep their infrastructure secure. Provides a clear explanation of PCI Provides practical case studies, fraud studies, and analysis of PCI The first book to address version 2.0 updates to the PCI DSS, security strategy to keep your infrastructure PCI compliant

Note: Includes index. - Description based on online resource; title from PDF title page (Safari, viewed May 2, 2013)

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

28

Online Resource

Hacking web apps : detecting and preventing web application security problems (2012)

Shema, Mike [VerfasserIn] ; Alcover, Jorge Blanco [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597499569 , 1597499560

Language: English

Pages: 1 online resource (1 v.) , ill.

Parallel Title: Erscheint auch als

DDC: 005.8

Keywords: Computer networks ; Security measures ; Web applications ; Security measures ; Web site development ; Security measures ; Computer security ; Computer crimes ; Prevention ; Electronic books ; local ; Electronic books

Abstract: How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps . The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include: • SQL Injection • Cross Site Scripting • Logic Attacks • Server Misconfigurations • Predictable Pages • Web of Distrust • Breaking Authentication Schemes • HTML5 Security Breaches • Attacks on Mobile Apps Even if you don't develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked-as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser - sometimes your last line of defense - more secure. More and more data, from finances to photos, is moving into web applications. How much can you trust that data to be accessible from a web browser anywhere and safe at the same time? Some of the most damaging hacks to a web site can be executed with nothing more than a web browser and a little knowledge of HTML. Learn about the most common threats and how to stop them, including HTML Injection, XSS, Cross Site Request Forgery, SQL Injection, Breaking Authentication Schemes, Logic Attacks, Web of Distrust, Browser Hacks and many more.

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

29

Online Resource

Industrial network security : securing critical infrastructure networks for Smart Grid, SCADA , and other industrial control systems (2011)

Knapp, Eric [VerfasserIn] ; Broad, James [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597496452

Language: English

Pages: 1 online resource (xvii, 341 p.) , ill.

Parallel Title: Erscheint auch als

Keywords: Process control ; Security measures ; Computer networks ; Security measures ; Computer security ; Electronic books ; local ; Electronic books

Abstract: Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems covers implementation guidelines for security measures of critical infrastructure. The book describes an approach to ensure the security of industrial networks by taking into account the unique network, protocol, and application characteristics of an industrial control system, along with various compliance controls. It offers guidance on deployment and configuration, and it explains why, where, and how security controls should be implemented. It also discusses common pitfalls and mistakes and how to avoid them. After reading this book, students will understand and address the unique security concerns that face the world's most important networks. This book examines the unique protocols and applications that are the foundation of industrial control systems and provides comprehensive guidelines for their protection. Divided into 11 chapters, it explains the basics of Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP) networking communications and the SCADA and field bus protocols. It also explores industrial networks as they relate to "critical infrastructure" and cyber security; potential risks and consequences of a cyber attack against an industrial control system; compliance controls in relation to network security practices; industrial network protocols such as Modbus and DNP3; assessment of vulnerabilities and risk; how to secure enclaves; regulatory compliance standards applicable to industrial network security; and common pitfalls and mistakes, like complacency and deployment errors. This book is a valuable resource for plant operators and information security analysts, as well as compliance officers who want to pass an audit with minimal penalties and/or fines. It will also appeal to IT and security professionals working on networks and control systems operations. Covers implementation guidelines for security measures of critical infrastructure Applies the security measures for system-specific compliance Discusses common pitfalls and mistakes and how to avoid them

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

30

Online Resource

Securing the cloud : cloud computer security techniques and tactics (2011)

Winkler, J. R [VerfasserIn] ; Meine, Bill [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597495936 , 159749593X

Language: English

Pages: 1 online resource (xxiv, 290 p.) , ill.

Parallel Title: Erscheint auch als

Keywords: Cloud computing ; Security measures ; Computer networks ; Security measures ; Computer security ; Electronic books ; lcgft ; Electronic books ; local ; Electronic books

Abstract: Securing the Cloud is the first book that helps you secure your information while taking part in the time and cost savings of cloud computing. As companies turn to burgeoning cloud computing technology to streamline and save money, security is a fundamental concern. The cloud offers flexibility, adaptability, scalability, and in the case of security - resilience. Securing the Cloud explains how to make the move to the cloud, detailing the strengths and weaknesses of securing a company's information with different cloud approaches. It offers a clear and concise framework to secure a business' assets while making the most of this new technology. This book considers alternate approaches for securing a piece of the cloud, such as private vs. public clouds, SaaS vs. IaaS, and loss of control and lack of trust. It discusses the cloud's impact on security roles, highlighting security as a service, data backup, and disaster recovery. It also describes the benefits of moving to the cloud - solving for limited availability of space, power, and storage. This book will appeal to network and security IT staff and management responsible for design, implementation and management of IT structures from admins to CSOs, CTOs, CIOs and CISOs. Named The 2011 Best Identity Management Book by InfoSec Reviews Provides a sturdy and stable framework to secure your piece of the cloud, considering alternate approaches such as private vs. public clouds, SaaS vs. IaaS, and loss of control and lack of trust Discusses the cloud's impact on security roles, highlighting security as a service, data backup, and disaster recovery Details the benefits of moving to the cloud-solving for limited availability of space, power, and storage

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

31

Online Resource

PCI compliance : understand and implement effective PCI data security standard compliance (2010)

Chuvakin, Anton [VerfasserIn] ; Williams, Branden R [MitwirkendeR] ; Spangenberg, Ward [MitwirkendeR]

Waltham, MA : Syngress

add to mindlist on the mindlist

Details

ISBN: 9781597495394 , 1597495395

Language: English

Pages: 1 online resource (1 v.) , ill.

Edition: 2nd ed.

Parallel Title: Erscheint auch als

Keywords: Data protection ; Standards ; Computer networks ; Security measures ; Credit cards ; Liability for credit information ; Electronic books ; local ; Electronic books

Abstract: PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance, Second Edition, discusses not only how to apply PCI in a practical and cost-effective way but more importantly why. The book explains what the Payment Card Industry Data Security Standard (PCI DSS) is and why it is here to stay; how it applies to information technology (IT) and information security professionals and their organization; how to deal with PCI assessors; and how to plan and manage PCI DSS project. It also describes the technologies referenced by PCI DSS and how PCI DSS relates to laws, frameworks, and regulations. This book is for IT managers and company managers who need to understand how PCI DSS applies to their organizations. It is for the small- and medium-size businesses that do not have an IT department to delegate to. It is for large organizations whose PCI DSS project scope is immense. It is also for all organizations that need to grasp the concepts of PCI DSS and how to implement an effective security framework that is also compliant. Completely updated to follow the PCI DSS standard 1.2.1 Packed with help to develop and implement an effective security strategy to keep infrastructure compliant and secure Both authors have broad information security backgrounds, including extensive PCI DSS experience

Note: Includes bibliographical references and index. - Description based on print version record

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.