Book picks similar to
CASP Comptia Advanced Security Practitioner Study Guide: Exam CAS-002 by Michael Gregg
epubs
hacking
network-security-cyber
technical
The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age
Adam Segal - 2016
Nation-states wielded military force, financial pressure, and diplomatic persuasion to create “world order.” Even after the end of the Cold War, the elements comprising world order remained essentially unchanged.But 2012 marked a transformation in geopolitics and the tactics of both the established powers and smaller entities looking to challenge the international community. That year, the US government revealed its involvement in Operation “Olympic Games,” a mission aimed at disrupting the Iranian nuclear program through cyberattacks; Russia and China conducted massive cyber-espionage operations; and the world split over the governance of the Internet. Cyberspace became a battlefield.Cyber conflict is hard to track, often delivered by proxies, and has outcomes that are hard to gauge. It demands that the rules of engagement be completely reworked and all the old niceties of diplomacy be recast. Many of the critical resources of statecraft are now in the hands of the private sector, giant technology companies in particular. In this new world order, cybersecurity expert Adam Segal reveals, power has been well and truly hacked.
Hiding from the Internet: Eliminating Personal Online Information
Michael Bazzell - 2012
Author Michael Bazzell has been well known in government circles for his ability to locate personal information about anyone through the internet. In Hiding from the Internet: Eliminating Personal Online Information, he exposes the resources that broadcast your personal details to public view. He has researched each source and identified the best method to have your private details removed from the databases that store profiles on all of us. This book will serve as a reference guide for anyone that values privacy. Each technique is explained in simple steps. It is written in a hands-on style that encourages the reader to execute the tutorials as they go. The author provides personal experiences from his journey to disappear from public view. Much of the content of this book has never been discussed in any publication. Always thinking like a hacker, the author has identified new ways to force companies to remove you from their data collection systems. This book exposes loopholes that create unique opportunities for privacy seekers. Among other techniques, you will learn to: Remove your personal information from public databases and people search sites Create free anonymous mail addresses, email addresses, and telephone numbers Control your privacy settings on social networks and remove sensitive data Provide disinformation to conceal true private details Force data brokers to stop sharing your information with both private and public organizations Prevent marketing companies from monitoring your browsing, searching, and shopping habits Remove your landline and cellular telephone numbers from online websites Use a credit freeze to eliminate the worry of financial identity theft and fraud Change your future habits to promote complete privacy and anonymity Conduct a complete background check to verify proper information removalConfigure a home firewall with VPN Kill-SwitchPurchase a completely invisible home or vehicle
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.
Don Murdoch - 2014
The BTHb includes essential information in a condensed handbook format. Main topics include the incident response process, how attackers work, common tools for incident response, a methodology for network analysis, common indicators of compromise, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, packet headers, and numerous other quick reference topics. The book is designed specifically to share "real life experience," so it is peppered with practical techniques from the authors' extensive career in handling incidents. Whether you are writing up your cases notes, analyzing potentially suspicious traffic, or called in to look over a misbehaving server - this book should help you handle the case and teach you some new techniques along the way.
Practical Cryptography
Niels Ferguson - 2003
The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies. Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI. At CWI he developed the first generation of off-line payment protocols. He has published numerous scientific papers. Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).
A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
Tobias Klein - 2011
In this one-of-a-kind account, you'll see how the developers responsible for these flaws patched the bugs—or failed to respond at all. As you follow Klein on his journey, you'll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting.Along the way you'll learn how to:Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws Develop proof of concept code that verifies the security flaw Report bugs to vendors or third party brokersA Bug Hunter's Diary is packed with real-world examples of vulnerable code and the custom programs used to find and test bugs. Whether you're hunting bugs for fun, for profit, or to make the world a safer place, you'll learn valuable new skills by looking over the shoulder of a professional bug hunter in action.
Learn Windows PowerShell 3 in a Month of Lunches
Don Jones - 2011
Just set aside one hour a day—lunchtime would be perfect—for a month, and you'll be automating Windows tasks faster than you ever thought possible. You'll start with the basics—what is PowerShell and what can you do with it. Then, you'll move systematically through the techniques and features you'll use to make your job easier and your day shorter. This totally revised second edition covers new PowerShell 3 features designed for Windows 8 and Windows Server 2012.Purchase of the print book comes with an offer of a free PDF, ePub, and Kindle eBook from Manning. Also available is all code from the book.What's InsideLearn PowerShell from the beginning—no experience required! Covers PowerShell 3, Windows 8, and Windows Server 2012 Each lesson should take you one hour or lessAbout the TechnologyPowerShell is both a language and an administrative shell with which you can control and automate nearly every aspect of Windows. It accepts and executes commands immediately, and you can write scripts to manage most Windows servers like Exchange, IIS, and SharePoint.Experience with Windows administration is helpful. No programming experience is assumed.Table of ContentsBefore you begin Meet PowerShell Using the help system Running commands Working with providers The pipeline: connecting commands Adding commands Objects: data by another name The pipeline, deeper Formatting—and why it's done on the right Filtering and comparisons A practical interlude Remote control: one to one, and one to many Using Windows Management Instrumentation Multitasking with background jobs Working with many objects, one at a time Security alert! Variables: a place to store your stuff Input and output Sessions: remote control with less work You call this scripting? Improving your parameterized script Advanced remoting configuration Using regular expressions to parse text files Additional random tips, tricks, and techniques Using someone else's script Never the end PowerShell cheat sheet
HTML Fixes for Kindle: Advanced Self Publishing for Kindle Books, or Tips on Tweaking Your App's HTML So Your Ebooks Look Their Best
Aaron Shepard - 2013
Have you ever opened a Kindle book to find that the font started out way too small or way too large? Have you tried to change to a different font while reading and discovered you couldn't? Have you jumped to a new chapter in a Kindle book and seen that the chapter heading lost its formatting? Has a Kindle completely ignored formatting you knew was in the book? According to Amazon, the simplest way to publish your Kindle book is to upload an HTML file you've saved from Microsoft Word or another app. By itself, that method can bring you maybe 80% of the way to a well-formatted, trouble-free ebook. But what about the other 20%? In this follow-up to his bestselling -From Word to Kindle, - Aaron Shepard takes your saved HTML as a starting point and tells how to quickly tweak and tune it to avoid common problems. Assuming no knowledge of HTML, he introduces the basics of the language, then reveals how to use find-and-replace and macros to touch up an entire book in seconds! If you're serious about Kindle publishing and you're technically inclined -- but not a full-fledged geek -- Aaron provides the tips you need to bring your Kindle book to the next level, making it something truly to be proud of. ///////////////////////////////////////////////// Aaron Shepard is a foremost proponent of the new business of profitable self publishing, which he has practiced and helped develop since 1998. He is the author of -Aiming at Amazon, - -POD for Profit, - -Perfect Pages, - and Amazon's #1 and #2 bestselling paid books on Kindle formatting, -From Word to Kindle- and -Pictures on Kindle.- ///////////////////////////////////////////////// CONTENTS Getting Started 1 WORKING WITH HTML HTML and Kindle HTML Export HTML Editing HTML Processing HTML Basics HTML Checking HTML Cleanup HTML Testing 2 HTML FIXES Fixes for Fonts Fixes for Paragraphs Fixes for Headings Fixes for Line Breaking Fixes for Pictures Fixes for Navigation ///////////////////////////////////////////////// SAMPLE Here are some of the things you can accomplish through changes in HTML. * Adjust bookmarks so headings retain proper formatting when jumped to. * Remove settings that stop the user from choosing their own. * Keep fonts from appearing much too small or much too large when the book is opened. * Make sure indents and other spacing stays relative to larger and smaller font sizes. * Avoid line breaks that leave short words dangling at the ends of lines or paragraphs. * Make up for features lost in translation from your word processor, like nonbreaking hyphens. * Stop -ghost hyphens- from appearing in the middle of words. * Keep pages of text from disappearing for some users. * Prevent the Kindle from applying its own defaults in place of your settings.
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Andrew Jaquith - 2007
Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making-Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Inc., a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured in CIO, CSO, InformationWeek, IEEE Security and Privacy, and The Economist. Foreword Preface Acknowledgments About the Author Chapter 1 Introduction: Escaping the Hamster Wheel of Pain Chapter 2 Defining Security Metrics Chapter 3 Diagnosing Problems and Measuring Technical Security Chapter 4 Measuring Program Effectiveness Chapter 5 Analysis Techniques Chapter 6 Visualization Chapter 7 Automating Metrics Calculations Chapter 8 Designing Security Scorecards Index
Hacking the Xbox: An Introduction to Reverse Engineering
Andrew Huang - 2003
The book progresses into a discussion of the Xbox security mechanisms and other advanced hacking topics, with an emphasis on educating the readers on the important subjects of computer security and reverse engineering. Hacking the Xbox includes numerous practical guides, such as where to get hacking gear, soldering techniques, debugging tips and an Xbox hardware reference guide.Hacking the Xbox also confronts the social and political issues facing today's hacker by looking forward and discussing the impact of today's legal challenges on legitimate reverse engineering activities. The book includes a chapter written by the Electronic Frontier Foundation (EFF) about the rights and responsibilities of hackers, and concludes by discussing the latest trends and vulnerabilities in secure PC platforms.
Red Team Field Manual
Ben Clark - 2014
The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.
Professional Android 2 Application Development
Reto Meier - 2010
This update to the bestselling first edition dives in to cover the exciting new features of the latest release of the Android mobile platform.Providing in-depth coverage of how to build mobile applications using the next major release of the Android SDK, this invaluable resource takes a hands-on approach to discussing Android with a series of projects, each of which introduces a new feature and highlights techniques and best practices to get the most out of Android.The Android SDK is a powerful, flexible, open source platform for mobile devices Shares helpful techniques and best practices to maximize the capabilities of Android Explains the possibilities of Android through the use of a series of detailed projects Demonstrates how to create real-world mobile applications for Android phones Includes coverage of the latest version of Android Providing concise and compelling examples, Professional Android Application Development is an updated guide aimed at helping you create mobile applications for mobile devices running the latest version of Android.
CCNA Portable Command Guide
Scott D. Empson - 2005
The 'CCNA Portable Command Guide' is a supplementary guide to assist network administrators in the proper use of the Cisco IOS and of the commands needed to pass the CCNA vendor exam.
Technical Communication: English Skills for Engineers. Meenakshi Raman and Sangeeta Sharma
Meenakshi Raman - 2008
In addition to the language skills of listening, speaking, reading, and writing, it covers the basics of English grammer. It also includes key topics such as technical reports, business correspondence, group discussions, interviews, and presentation strategies. With its up-to-date coverage and practical orientation, the book would prove to be an extremely useful text for students, while also serving as a ready reference for day-to-day communication.
Network Warrior
Gary A. Donahue - 2007
What you need to learn to pass a Cisco certification exam such as CCNA and what you need to know to survive in the real world are two very different things. The strategies that this book offers weren 't on the exam, but they 're exactly what you need to do your job well.Network Warrior takes you step by step through the world of hubs, switches, firewalls, and more, including ways to troubleshoot a congested network, and when to upgrade and why. Along the way, you 'll gain an historical perspective of various networking features, such as the way Ethernet evolved. Based on the author 's own experience as well as those he worked for and with, Network Warrior is a Cisco-centric book, focused primarily on the TCP/IP protocol and Ethernet networks -- the realm that Cisco Systems now dominates. The book covers: The type of networks now in use, from LANs, WANs and MANs to CANsThe OSI Model and the layers involved in sending data Hubs, repeaters, switches, and trunks in practice Auto negotiation and why it 's a common problem in network slowdowns Route maps, routing protocols, and switching algorithms in Cisco routers The resilient Ethernet -- how to make things truly redundant Cisco 6500 multi-layer switches and the Catalyst 3750 switch Telecom nomenclature -- why it 's different from the data world T1 and DS3 Firewall theory, designing access lists, authentication in Cisco devices Server load balancing technology Content switch module in action Designing QOS and what QOS does not do IP design and subnetting made easy The book also explains how to sell your ideas to management, how networks become a mess as a company grows, and why change control is your friend. Network Warrior will help network administrators and engineers win the complex battles they face every day.
A Whirlwind Tour of Python
Jake Vanderplas - 2016
This report provides a brief yet comprehensive introduction to Python for engineers, researchers, and data scientists who are already familiar with another programming language.Author Jake VanderPlas, an interdisciplinary research director at the University of Washington, explains Python’s essential syntax and semantics, built-in data types and structures, function definitions, control flow statements, and more, using Python 3 syntax.You’ll explore:- Python syntax basics and running Python codeBasic semantics of Python variables, objects, and operators- Built-in simple types and data structures- Control flow statements for executing code blocks conditionally- Methods for creating and using reusable functionsIterators, list comprehensions, and generators- String manipulation and regular expressions- Python’s standard library and third-party modules- Python’s core data science tools- Recommended resources to help you learn more