Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies—such as social media and the huge proliferation of Internet-enabled devices—while minimizing risk. With ApressOpen, content is freely available through multiple online distribution channels and electronic formats with the goal of disseminating professionally edited and technically reviewed content to the worldwide community. Here are some of the responses from reviewers of this exceptional work: “Managing Risk and Information Security is a perceptive, balanced, and often thought-provoking exploration of evolving information risk and security challenges within a business context.  Harkins clearly connects the needed, but often-overlooked linkage and dialog between the business and technical worlds and offers actionable strategies.   The book contains eye-opening security insights that are easily understood, even by the curious layman.” Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel     “As disruptive technology innovations and escalating cyber threats continue to create enormous information security challenges, Managing Risk and Information Security: Protect to Enable provides a much-needed perspective. This book compels information security professionals to think differently about concepts of risk management in order to be more effective. The specific and practical guidance offers a fast-track formula for developing information security strategies which are lock-step with business priorities.” Laura Robinson, Principal, Robinson Insight Chair, Security for Business Innovation Council (SBIC) Program Director, Executive Security Action Forum (ESAF) “The mandate of the information security function is being completely rewritten. Unfortunately most heads of security haven’t picked up on the change, impeding their companies’ agility and ability to innovate. This book makes the case for why security needs to change, and shows how to get started. It will be regarded as marking the turning point in information security for years to come.” Dr. Jeremy Bergsman, Practice Manager, CEB     “The world we are responsible to protect is changing dramatically and at an accelerating pace. Technology is pervasive in virtually every aspect of our lives. Clouds, virtualization and mobile are redefining computing – and they are just the beginning of what is to come. Your security perimeter is defined by wherever your information and people happen to be.

    Why is this open-source tool so popular? Because it automates a tedious task: persisting your Java objects to a relational database. The inevitable mismatch between your object-oriented code and the relational database requires you to write code that maps one to the other. This code is often complex, tedious and costly to develop. Hibernate does the mapping for you.Not only that, Hibernate makes it easy. Positioned as a layer between your application and your database, Hibernate takes care of loading and saving of objects. Hibernate applications are cheaper, more portable, and more resilient to change. And they perform better than anything you are likely to develop yourself."Hibernate in Action" carefully explains the concepts you need, then gets you going. It builds on a single example to show you how to use Hibernate in practice, how to deal with concurrency and transactions, how to efficiently retrieve objects and use caching.The authors created Hibernate and they field questions from the Hibernate community every day-they know how to make Hibernate sing. Knowledge and insight seep out of every pore of this book."What's Inside"- ORM concepts- Getting started- Many real-world tasks- The Hibernate application development process

    Now featuring more than 250 color illustrations throughout, this perennially popular guide is a must for novices who want to work with HTML or XHTML, which continue to be the foundation for any Web site The new edition features nearly 50 percent new and updated content, including expanded coverage of CSS and scripting, new coverage of syndication and podcasting, and new sample HTML projects, including a personal Web page, an eBay auction page, a company Web site, and an online product catalog The companion Web site features an eight-page expanded Cheat Sheet with ready-reference information on commands, syntax, colors, CSS elements, and more Covers planning a Web site, formatting Web pages, using CSS, getting creative with colors and fonts, managing layouts, and integrating scripts

    It supports secure remote logins, secure file transfer between computers, and a unique "tunneling" capability that adds encryption to otherwise insecure network applications. Best of all, SSH is free, with feature-filled commercial versions available as well.SSH: The Secure Shell: The Definitive Guide covers the Secure Shell in detail for both system administrators and end users. It demystifies the SSH man pages and includes thorough coverage of:SSH1, SSH2, OpenSSH, and F-Secure SSH for Unix, plus Windows and Macintosh products: the basics, the internals, and complex applications.Configuring SSH servers and clients, both system-wide and per user, with recommended settings to maximize security.Advanced key management using agents, agent forwarding, and forced commands.Forwarding (tunneling) of TCP and X11 applications in depth, even in the presence of firewalls and network address translation (NAT).Undocumented behaviors of popular SSH implementations.Installing and maintaining SSH systems.Whether you're communicating on a small LAN or across the Internet, SSH can ship your data from "here" to "there" efficiently and securely. So throw away those insecure .rhosts and hosts.equiv files, move up to SSH, and make your network a safe place to live and work.

    Banks, telecommunications companies, and critical government networks (including the British Parliament and the French and German military) were infected. No one had ever seen anything like it. By January 2009 the worm lay hidden in at least eight million computers and the botnet of linked computers that it had created was big enough that an attack might crash the world. This is the gripping tale of the group of hackers, researches, millionaire Internet entrepreneurs, and computer security experts who united to defend the Internet from the Conficker worm: the story of the first digital world war.

    Rather than being a sideline participant, leverage the valuable insights Hacking Exposed 6 provides to help yourself, your company, and your country fight cyber-crime." —From the Foreword by Dave DeWalt, President and CEO, McAfee, Inc."For security to be successful in any company, you must ‘think evil' and be attuned to your ‘real risk'...Hacking Expose 6 defines both." —Patrick Heim, CISO, Kaiser Permanente"The definitive resource to understanding the hacking mindset and the defenses against it." —Vince Rossi, CEO & President, St. Bernard Software"Identity theft costs billions every year and unless you understand the threat, you will be destined to be a victim of it. Hacking Exposed 6 gives you the tools you need to prevent being a victim." —Bill Loesch, CTO, Guard ID Systems"This book is current, comprehensive, thoughtful, backed by experience, and appropriately free of vendor-bias-prized features for any security practitioner in need of information." —Kip Boyle, CISO, PEMCO Mutual Insurance Company"The Hacking Exposed series has become the definitive reference for security professionals from the moment it was first released, and the 6th edition maintains its place on my bookshelf," —Jeff Moss, Founder of the popular Black Hat Security ConferenceMeet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal.New and updated material: New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits New wireless and RFID security tools, including multilayered encryption and gateways All-new tracerouting and eavesdropping techniques used to target network hardware and Cisco devices Updated DoS, man-in-the-middle, DNS poisoning, and buffer overflow coverage VPN and VoIP exploits, including Google and TFTP tricks, SIP flooding, and IPsec hacking Fully updated chapters on hacking the Internet user, web hacking, and securing code

    This book offers an excellent foundation in ethical decision-making for current and future business managers and IT professionals.

    Today, Intel and other semiconductor firms are abandoning the single fast processor model in favor of multi-core microprocessors--chips that combine two or more processors in a single package. In the fourth edition of "Computer Architecture," the authors focus on this historic shift, increasing their coverage of multiprocessors and exploring the most effective ways of achieving parallelism as the key to unlocking the power of multiple processor architectures. Additionally, the new edition has expanded and updated coverage of design topics beyond processor performance, including power, reliability, availability, and dependability. CD System Requirements"PDF Viewer"The CD material includes PDF documents that you can read with a PDF viewer such as Adobe, Acrobat or Adobe Reader. Recent versions of Adobe Reader for some platforms are included on the CD. "HTML Browser"The navigation framework on this CD is delivered in HTML and JavaScript. It is recommended that you install the latest version of your favorite HTML browser to view this CD. The content has been verified under Windows XP with the following browsers: Internet Explorer 6.0, Firefox 1.5; under Mac OS X (Panther) with the following browsers: Internet Explorer 5.2, Firefox 1.0.6, Safari 1.3; and under Mandriva Linux 2006 with the following browsers: Firefox 1.0.6, Konqueror 3.4.2, Mozilla 1.7.11. The content is designed to be viewed in a browser window that is at least 720 pixels wide. You may find the content does not display well if your display is not set to at least 1024x768 pixel resolution. "Operating System"This CD can be used under any operating system that includes an HTML browser and a PDF viewer. This includes Windows, Mac OS, and most Linux and Unix systems. Increased coverage on achieving parallelism with multiprocessors. Case studies of latest technology from industry including the Sun Niagara Multiprocessor, AMD Opteron, and Pentium 4. Three review appendices, included in the printed volume, review the basic and intermediate principles the main text relies upon. Eight reference appendices, collected on the CD, cover a range of topics including specific architectures, embedded systems, application specific processors--some guest authored by subject experts.

    Big Blue, as the company is known, tends to rely for its success on magical thinking but that magic ran out a long time ago. The company got in trouble back in the 1990s and had to hire for the first time an outside CEO, Lou Gerstner, to save the day. Gerstner pushed IBM into services with spectacular results but this hurt the company, too. As services have became commoditized IBM could only compete by offshoring the work and quality suffered. The other negative impact of Gerstner was his compensation which was for the first time in IBM history very high. Only the Watson family had become rich running IBM with later CEOs like John Opel and John Akers living comfortable lives with lots of perks, but they never got BIG RICH. That changed with Gerstner. Sam Palmisano an IBM lifer followed Gerstner as CEO and followed, too, the Gerstner playbook. Palmisano retired three years ago with a retirement package worth $241 million, replaced by IBM's first woman CEO, Ginni Rometty, who certainly expects a comparable golden parachute. In order to achieve these numbers, though, IBM has essentially sacrificed both its customers and employees. In order to have ever growing earnings per share the company has cut labor to the bone, off-shored everything it can, dropped quality, deliberately underbid contracts to win them then not performed. IBM's acquisition policy is one of buying companies to get their sales then cutting costs to the bone and under-delivering. This and share buybacks have kept earnings growing until this house of cards recently began to fall. Ginni Rometty, who will end up taking the fall for Palmisano's flawed strategy, has stated a very specific earnings goal for 2015 that she will destroy the company to achieve if she must. This book how IBM fell from grace, where it is headed, and what specifically can be done to save the company before it is too late.

    It discusses cloud concepts and highlights various design patterns and best practices. This documentation is offered for free here as a Kindle book, or you can read it in PDF format at https://aws.amazon.com/whitepapers/.

    It provides students with skills that will enable them to make productive use of computational techniques, including some of the tools and techniques of "data science" for using computation to model and interpret data. The book is based on an MIT course (which became the most popular course offered through MIT's OpenCourseWare) and was developed for use not only in a conventional classroom but in in a massive open online course (or MOOC) offered by the pioneering MIT--Harvard collaboration edX.Students are introduced to Python and the basics of programming in the context of such computational concepts and techniques as exhaustive enumeration, bisection search, and efficient approximation algorithms. The book does not require knowledge of mathematics beyond high school algebra, but does assume that readers are comfortable with rigorous thinking and not intimidated by mathematical concepts. Although it covers such traditional topics as computational complexity and simple algorithms, the book focuses on a wide range of topics not found in most introductory texts, including information visualization, simulations to model randomness, computational techniques to understand data, and statistical techniques that inform (and misinform) as well as two related but relatively advanced topics: optimization problems and dynamic programming.Introduction to Computation and Programming Using Python can serve as a stepping-stone to more advanced computer science courses, or as a basic grounding in computational problem solving for students in other disciplines.

    It details the core protocols that make TCP/IP internetworks function, and the most important classical TCP/IP applications. Its personal, easy-going writing style lets anyone understand the dozens of protocols and technologies that run the Internet, with full coverage of PPP, ARP, IP, IPv6, IP NAT, IPSec, Mobile IP, ICMP, RIP, BGP, TCP, UDP, DNS, DHCP, SNMP, FTP, SMTP, NNTP, HTTP, Telnet and much more. The author offers not only a detailed view of the TCP/IP protocol suite, but also describes networking fundamentals and the important OSI Reference Model.

    Restructured into six parts, this new edition covers a wide spectrum of software processes from initial requirements solicitation through design and development.

    Max 'Vision' Butler was a white-hat hacker and a celebrity throughout the programming world, even serving as a consultant to the FBI. But there was another side to Max. As the black-hat 'Iceman', he'd seen the fraudsters around him squabble, their ranks riddled with infiltrators, their methods inefficient, and in their dysfunction was the ultimate challenge: he would stage a coup and steal their ill-gotten gains from right under their noses.Through the story of Max Butler's remarkable rise, KINGPIN lays bare the workings of a silent crime wave affecting millions worldwide. It exposes vast online-fraud supermarkets stocked with credit card numbers, counterfeit cheques, hacked bank accounts and fake passports. Thanks to Kevin Poulsen's remarkable access to both cops and criminals, we step inside the quiet,desperate battle that law enforcement fights against these scammers. And learn that the boy next door may not be all he seems.

    It's used to create and maintain database objects, place data into those objects, query the data, modify the data, and, finally, delete data that is no longer needed. Databases lie at the heart of many, if not most business applications. Chances are very good that if you're involved with software development, you're using SQL to some degree. And if you're using SQL, you should own a good reference or two.Now available in an updated second edition, our very popular "SQL Pocket Guide" is a major help to programmers, database administrators, and everyone who uses SQL in their day-to-day work. The "SQL Pocket Guide" is a concise reference to frequently used SQL statements and commonly used SQL functions. Not just an endless collection of syntax diagrams, this portable guide addresses the language's complexity head on and leads by example. The information in this edition has been updated to reflect the latest versions of the most commonly used SQL variants including: Oracle Database 10g, Release 2 (includingthe free Oracle Database 10g Express Edition (XE))Microsoft SQL Server 2005MySQL 5IBM DB2 8.2PostreSQL 8.1 database