In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security.Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely.Discover the shortcomings of cybersecurity's best practices Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing--as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.

    Despite it's name, unit testing is really a coding technique, not a testing technique. Unit testing is done by programmers, for programmers. It's primarily for our benefit: we get improved confidence in our code, better ability to make deadlines, less time spent in the debugger, and less time beating on the code to make it work correctly.This book shows how to write tests, but more importantly, it goes where other books fear to tread and gives you concrete advice and examples of what to test--the common things that go wrong in all of our programs. Discover the tricky hiding places where bugs breed, and how to catch them using the freely available JUnit framework. It's easy to learn how to think of all the things in your code that are likely to break. We'll show you how with helpful mnemonics, summarized in a handy tip sheet (also available from our pragmaticprogrammer.com website) to help you remember all this stuff.With this book you will:Write better code, and take less time to write it Discover the tricky places where bugs breed Learn how to think of all the things that could go wrong Test individual pieces of code without having to include the whole project Test effectively with the whole teamWe'll also cover how to use Mock Objects for testing, how to write high quality test code, and how to use unit testing to improve your design skills. We'll show you frequent "gotchas"--along with the fixes--to save you time when problems come up. We'll show you how with helpful mnemonics, summarized in a handy tip sheet (also available from our pragmaticprogrammer.com website).But the best part is that you don't need a sweeping mandate to change your whole team or your whole company. You don't need to adopt Extreme Programming or Test-Driven Development, or change your development process in order to reap the proven benefits of unit testing. You can start unit testing, the pragmatic way, right away.

    Mitnick claims that this socialengineering tactic was the single-most effective method in hisarsenal. This indispensable book examines a variety of maneuversthat are aimed at deceiving unsuspecting victims, while it alsoaddresses ways to prevent social engineering threats.Examines social engineering, the science of influencing atarget to perform a desired task or divulge informationArms you with invaluable information about the many methods oftrickery that hackers use in order to gather information with theintent of executing identity theft, fraud, or gaining computersystem accessReveals vital steps for preventing social engineeringthreatsSocial Engineering: The Art of Human Hacking does itspart to prepare you against nefarious hackers--now you can doyour part by putting to good use the critical information withinits pages.

    Richard Stevens' classic TCP/IP Illustrated, Volume 1 to gain the detailed understanding of TCP/IP they need to be effective. Now, the world's leading TCP/IP best-seller has been thoroughly updated to reflect a new generation of TCP/IP-based networking technologies. TCP/IP Illustrated, Volume 1, Second Edition doesn't just describe protocols: it enables readers to observe how these protocols operate under different conditions, using publicly available tools, and explains why key design decisions were made. The result: readers gain a deep understanding of how TCP/IP protocols function, and why they function that way. Now thoroughly updated by long-time networking expert Kevin Fall, this brand-new second edition's extensive new coverage includes: " Remote procedure call " Identity management (access control / authentication) " Network and transport layer security (authentication / privacy) " File access protocols, including NFS and SMB/CIFS " Host initialization and DHCP " NAT and firewalls " E-mail " Web and web services " Wireless and wireless security " New tools, including Ethereal, nmap and netcat

    

    The Productive Programmer offers critical timesaving and productivity tools that you can adopt right away, no matter what platform you use. Master developer Neal Ford not only offers advice on the mechanics of productivity-how to work smarter, spurn interruptions, get the most out your computer, and avoid repetition-he also details valuable practices that will help you elude common traps, improve your code, and become more valuable to your team. You'll learn to:Write the test before you write the codeManage the lifecycle of your objects fastidiously Build only what you need now, not what you might need later Apply ancient philosophies to software development Question authority, rather than blindly adhere to standardsMake hard things easier and impossible things possible through meta-programming Be sure all code within a method is at the same level of abstraction Pick the right editor and assemble the best tools for the job This isn't theory, but the fruits of Ford's real-world experience as an Application Architect at the global IT consultancy ThoughtWorks. Whether you're a beginner or a pro with years of experience, you'll improve your work and your career with the simple and straightforward principles in The Productive Programmer.

    That's the philosophy behind ethical hacking, and it's a growing field. Prepare for certification in this important area with this advanced study guide that covers all exam objectives for the challenging CEH Certified Ethical Hackers exam. The book provides full coverage of exam topics, real-world examples, and a CD with additional materials for extra review and practice. Covers ethics and legal issues, footprinting, scanning, enumeration, system hacking, trojans and backdoors, sniffers, denial of service, social engineering, session hijacking, hacking Web servers, Web application vulnerabilities, and more Walks you through exam topics and includes plenty of real-world scenarios to help reinforce concepts Includes a CD with review questions, bonus exams, and more study tools This is the ideal guide to prepare you for the new CEH certification exam. Reviews

    The pytest testing framework helps you write tests quickly and keep them readable and maintainable - with no boilerplate code. Using a robust yet simple fixture model, it's just as easy to write small tests with pytest as it is to scale up to complex functional testing for applications, packages, and libraries. This book shows you how.For Python-based projects, pytest is the undeniable choice to test your code if you're looking for a full-featured, API-independent, flexible, and extensible testing framework. With a full-bodied fixture model that is unmatched in any other tool, the pytest framework gives you powerful features such as assert rewriting and plug-in capability - with no boilerplate code.With simple step-by-step instructions and sample code, this book gets you up to speed quickly on this easy-to-learn and robust tool. Write short, maintainable tests that elegantly express what you're testing. Add powerful testing features and still speed up test times by distributing tests across multiple processors and running tests in parallel. Use the built-in assert statements to reduce false test failures by separating setup and test failures. Test error conditions and corner cases with expected exception testing, and use one test to run many test cases with parameterized testing. Extend pytest with plugins, connect it to continuous integration systems, and use it in tandem with tox, mock, coverage, unittest, and doctest.Write simple, maintainable tests that elegantly express what you're testing and why.What You Need: The examples in this book are written using Python 3.6 and pytest 3.0. However, pytest 3.0 supports Python 2.6, 2.7, and Python 3.3-3.6.

    Updated and revised for iPhone SDK 3, many of the discussions in the original book have been clarified to make some of the more complex topics easier to understand. In addition, all of the projects have been rebuilt from scratch using the SDK 3 templates.Assuming only a minimal working knowledge of Objective-C, and written in a friendly, easy-to-follow style, this book offers a complete soup-to-nuts course in iPhone and iPod touch programming. The book starts with the basics, walking you through the process of downloading and installing Apple's free iPhone SDK, and then stepping you though the creation of your first simple iPhone application. From there, you'll learn to integrate all the interface elements iPhone users have come to know and love, such as buttons, switches, pickers, toolbars, and sliders. You'll master a variety of design patterns, from the simplest single view to complex hierarchical drill-downs. The confusing art of table building will be demystified, and you'll see how to save your data using the iPhone file system. You'll also learn how to save and retrieve your data using SQLite, iPhone's built-in database management system. In addition, you'll also learn about Core Data, an important persistence mechanism that has just been added with SDK 3.And there's much more! You'll learn to draw using Quartz 2D and OpenGL ES, add multitouch gestural support (pinches and swipes) to your applications, and work with the camera, photo library, accelerometer, and built-in GPS. You'll discover the fine points of application preferences and learn how to localize your apps for multiple languages. You can discover more about this book, download source code, and find support forums at the book's companion site, at www.iphonedevbook.com.The iPhone 3 update to the best-selling and most recommended book for iPhone developers Packed full of tricks, techniques, and enthusiasm for the new SDK from a developer perspective The most complete, useful, and up-to-date guide to all things having to do with Apple's iPhone SDK

    This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against." -From the Foreword by Tim O'Reilly, founder of O'Reilly Media "This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems' history but doesn't bloviate. It's just straightfoward information delivered in colorful and memorable fashion." -Jason A. Nunnelley"This is a comprehensive guide to the care and feeding of UNIX and Linux systems. The authors present the facts along with seasoned advice and real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility." -Pat Parseghian The twentieth anniversary edition of the world's best-selling UNIX system administration book has been made even better by adding coverage of the leading Linux distributions: Ubuntu, openSUSE, and RHEL. This book approaches system administration in a practical way and is an invaluable reference for both new administrators and experienced professionals. It details best practices for every facet of system administration, including storage management, network design and administration, email, web hosting, scripting, software configuration management, performance analysis, Windows interoperability, virtualization, DNS, security, management of IT service organizations, and much more. UNIX(R) and Linux(R) System Administration Handbook, Fourth Edition, reflects the current versions of these operating systems: Ubuntu(R) LinuxopenSUSE(R) LinuxRed Hat(R) Enterprise Linux(R)Oracle America(R) Solaris(TM) (formerly Sun Solaris)HP HP-UX(R)IBM AIX(R)

    This book describes BEAM✲, an agile approach to dimensional modeling, for improving communication between data warehouse designers, BI stakeholders and the whole DW/BI development team. BEAM✲ provides tools and techniques that will encourage DW/BI designers and developers to move away from their keyboards and entity relationship based tools and model interactively with their colleagues. The result is everyone thinks dimensionally from the outset! Developers understand how to efficiently implement dimensional modeling solutions. Business stakeholders feel ownership of the data warehouse they have created, and can already imagine how they will use it to answer their business questions. Within this book, you will learn: ✲ Agile dimensional modeling using Business Event Analysis & Modeling (BEAM✲) ✲ Modelstorming: data modeling that is quicker, more inclusive, more productive, and frankly more fun! ✲ Telling dimensional data stories using the 7Ws (who, what, when, where, how many, why and how) ✲ Modeling by example not abstraction; using data story themes, not crow's feet, to describe detail ✲ Storyboarding the data warehouse to discover conformed dimensions and plan iterative development ✲ Visual modeling: sketching timelines, charts and grids to model complex process measurement - simply ✲ Agile design documentation: enhancing star schemas with BEAM✲ dimensional shorthand notation ✲ Solving difficult DW/BI performance and usability problems with proven dimensional design patterns Lawrence Corr is a data warehouse designer and educator. As Principal of DecisionOne Consulting, he helps clients to review and simplify their data warehouse designs, and advises vendors on visual data modeling techniques. He regularly teaches agile dimensional modeling courses worldwide and has taught dimensional DW/BI skills to thousands of students. Jim Stagnitto is a data warehouse and master data management architect specializing in the healthcare, financial services, and information service industries. He is the founder of the data warehousing and data mining consulting firm Llumino.

    You’ll learn how each of these platform-agnostic patterns work, when they might be useful in the cloud, and what impact they’ll have on your application architecture. You’ll also see an example of each pattern applied to an application built with Windows Azure.The patterns are organized into four major topics, such as scalability and handling failure, and primer chapters provide background on each topic. With the information in this book, you’ll be able to make informed decisions for designing effective cloud-native applications that maximize the value of cloud services, while also paying attention to user experience and operational efficiency.Learn about architectural patterns for:Scalability. Discover the advantages of horizontal scaling. Patterns covered include Horizontally Scaling Compute, Queue-Centric Workflow, and Auto-Scaling.Big data. Learn how to handle large amounts of data across a distributed system. Eventual consistency is explained, along with the MapReduce and Database Sharding patterns.Handling failure. Understand how multitenant cloud services and commodity hardware influence your applications. Patterns covered include Busy Signal and Node Failure.Distributed users. Learn how to overcome delays due to network latency when building applications for a geographically distributed user base. Patterns covered include Colocation, Valet Key, CDN, and Multi-Site Deployment.

    The Web is awash in Ruby code that is now virtually impossible to change or extend. This text helps you solve that problem by using powerful real-world object-oriented design techniques, which it thoroughly explains using simple and practical Ruby examples. Sandi Metz has distilled a lifetime of conversations and presentations about object-oriented design into a set of Ruby-focused practices for crafting manageable, extensible, and pleasing code. She shows you how to build new applications that can survive success and repair existing applications that have become impossible to change. Each technique is illustrated with extended examples, all downloadable from the companion Web site, poodr.info. The first title to focus squarely on object-oriented Ruby application design, Practical Object-Oriented Design in Ruby will guide you to superior outcomes, whatever your previous Ruby experience. Novice Ruby programmers will find specific rules to live by; intermediate Ruby programmers will find valuable principles they can flexibly interpret and apply; and advanced Ruby programmers will find a common language they can use to lead development and guide their colleagues. This guide will help you Understand how object-oriented programming can help you craft Ruby code that is easier to maintain and upgrade Decide what belongs in a single Ruby class Avoid entangling objects that should be kept separate Define flexible interfaces among objects Reduce programming overhead costs with duck typing Successfully apply inheritance Build objects via composition Design cost-effective tests Solve common problems associated with poorly designed Ruby code

    The widespread adoption of agile methods has brought the need for effective testing into the limelight, and agile projects have transformed the role of testers. Much of a tester's function, however, remains largely misunderstood. What is the true role of a tester? Do agile teams actually need members with QA backgrounds? What does it really mean to be an "agile tester?"Two of the industry's most experienced agile testing practitioners and consultants, Lisa Crispin and Janet Gregory, have teamed up to bring you the definitive answers to these questions and many others. In Agile Testing, Crispin and Gregory define agile testing and illustrate the tester's role with examples from real agile teams. They teach you how to use the agile testing quadrants to identify what testing is needed, who should do it, and what tools might help. The book chronicles an agile software development iteration from the viewpoint of a tester and explains the seven key success factors of agile testing.Readers will come away from this book understanding- How to get testers engaged in agile development- Where testers and QA managers fit on an agile team- What to look for when hiring an agile tester- How to transition from a traditional cycle to agile development- How to complete testing activities in short iterations- How to use tests to successfully guide development- How to overcome barriers to test automationThis book is a must for agile testers, agile teams, their managers, and their customers.

    Whether you're new to Linux or need a reliable update and reference, this is an excellent resource. Veteran bestselling author Christopher Negus provides a complete tutorial packed with major updates, revisions, and hands-on exercises so that you can confidently start using Linux today. Offers a complete restructure, complete with exercises, to make the book a better learning tool Places a strong focus on the Linux command line tools and can be used with all distributions and versions of Linux Features in-depth coverage of the tools that a power user and a Linux administrator need to get startedThis practical learning tool is ideal for anyone eager to set up a new Linux desktop system at home or curious to learn how to manage Linux server systems at work.