Book picks similar to
CASP Comptia Advanced Security Practitioner Study Guide: Exam CAS-002 by Michael Gregg
cybersecurity
epubs
hacking
industry-certifications
Operation Desolation: The Case of the Anonymous Bank Defacement
Mark E. Russinovich - 2012
Challenging Anonymous is like waving a red flag in front of a bull. But the CEO of a major investment firm has done just that, and now cyber security expert Jeff Aiken has to try to protect the company from its leader’s mistakes. The timing couldn’t be worse, as Jeff is scheduled to appear at a conference that has invited an Anonymous representative as well. And Jeff’s about to discover that the hacker outfit plans to bring their fight offline--and into the real world.
Security Engineering: A Guide to Building Dependable Distributed Systems
Ross J. Anderson - 2008
Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy and as they specialize, they get better. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice. Here's straight talk on critical topics such as technical engineering basics, types of attack, specialized protection mechanisms, security psychology, policy, and more.
Getting Started with OAuth 2.0
Ryan Boyd - 2011
This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application.Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.Understand OAuth 2.0’s role in authentication and authorizationLearn how OAuth’s Authorization Code flow helps you integrate data from different business applicationsDiscover why native mobile apps use OAuth differently than mobile web appsUse OpenID Connect and eliminate the need to build your own authentication system
Working with UNIX Processes
Jesse Storimer - 2011
Want to impress your coworkers and write the fastest, most efficient, stable code you ever have? Don't reinvent the wheel. Reuse decades of research into battle-tested, highly optimized, and proven techniques available on any Unix system.This book will teach you what you need to know so that you can write your own servers, debug your entire stack when things go awry, and understand how things are working under the hood.http://www.jstorimer.com/products/wor...
Core JavaServer Faces (Core Series)
David M. Geary - 2004
Now, Core JavaServer™ Faces–the #1 guide to JSF–has been thoroughly updated in this second edition, covering the latest feature enhancements, the powerful Ajax development techniques, and open source innovations that make JSF even more valuable. Authors David Geary and Cay Horstmann delve into all facets of JSF 1.2 development, offering systematic best practices for building robust applications, minimizing handcoding, and maximizing productivity. Drawing on unsurpassed insider knowledge of the Java platform, they present solutions, hints, tips, and “how-tos” for writing superior JSF 1.2 production code, even if you’re new to JSF, JavaServer Pages™, or servlets.The second edition’s extensive new coverage includes: JSF 1.2’s improved alignment with the broader Java EE 5 platform; enhancements to the JSF APIs; controlling Web flow with Shale; and using Facelets to replace JSP with XHTML markup. The authors also introduce Ajax development with JSF–from real-time validation and Direct Web Remoting to wrapping Ajax in JSF components and using the popular Ajax4jsf framework.This book will help you
Automate low-level details and eliminate unnecessary complexity in server-side development
Discover JSF best practices, ranging from effective UI design and style sheets to internationalization
Use JSF with Tiles to build consistent, reusable user interfaces
Leverage external services such as databases, LDAP directories, authentication/authorization, and Webservices
Use JBoss Seam to greatly simplify development of database-backed applications
Implement custom components, converters, and validators
Master the JSF 1.2 tag libararies, and extend JSF with additional tag libraries
Preface Acknowledgments Chapter 1: Getting Started Chapter 2: Managed Beans Chapter 3: Navigation Chapter 4: Standard JSF Tags Chapter 5: Data Tables Chapter 6: Conversion and Validation Chapter 7: Event Handling Chapter 8: Subviews and Tiles Chapter 9: Custom Components, Converters, and Validators Chapter 10: External Services Chapter 11: Ajax Chapter 12: Open Source Chapter 13: How Do I . . . Index
Blue Team Field Manual (BTFM)
Alan J. White - 2017
Blue Team Field Manual (BTFM) is a Cyber Security Incident Response Guide that aligns with the NIST Cybersecurity Framework consisting of the five core functions of Identify, Protect, Detect, Respond, and Recover by providing the tactical steps to follow and commands to use when preparing for, working through and recovering from a Cyber Security Incident.
Mastering Vmware Vsphere 5
Scott Lowe - 2011
You'll learn how to install, configure, operate, manage, and secure the latest release.Covers all the new features and capabilities of the much-anticipated new release of VMware vSphere Discusses the planning, installation, operation, and management for the latest release Reviews migration to the latest vSphere software Offers hands-on instruction and clear explanations with real-world examples Mastering VMware vSphere is the strategic guide you need to maximize the opportunities of virtualization.
The Swift Programming Language
Apple Inc. - 2014
Swift builds on the best of C and Objective-C, without the constraints of C compatibility. Swift adopts safe programming patterns and adds modern features to make programming easier, more flexible, and more fun. Swift’s clean slate, backed by the mature and much-loved Cocoa and Cocoa Touch frameworks, is an opportunity to reimagine how software development works.
CompTIA A+ Certification All-in-One Exam Guide (A+ Certification All in One Exam)
Mike Meyers - 2006
Mike Meyers, the leading authority on CompTIA A+ certification and training, has helped hundreds of thousands of people pass the CompTIA A+ exams-and now he can help you too. Inside, you'll find detailed coverage of the exam format, helpful exam tips, end-of-chapter practice questions, and hundreds of photographs and illustrations. After you ace the exams, this comprehensive guide will serve as an essential on-the-job reference.Full details on all exam objectives, including how to:
Work with CPUs, RAM, and motherboards
Install, partition, and format hard drives
Work with portable PCs, PDAs, and wireless technologies
Install, upgrade, and troubleshoot Windows 2000 Professional and Windows XP
Install sound and video cards
Manage printers and connect to networks
Implement security measures
Understand safety and environmental issues
Establish good communication skills and adhere to privacy policies
The CD-ROM features:
Eight full practice exams covering CompTIA A+ Essentials and Exams 220-602, 220-603, & 220-604
One hour of LearnKey video training featuring Mike Meyers teaching key A+ topics
Electronic copy of the book
Complete exam objective map for all four exams
List of official CompTIA A+ acronyms
Useful tools and utilities for PC technicians
Principles of Information Security
Michael E. Whitman - 2002
Principles of Information Security, Third Edition builds on internationally recognized standards and bodies of knowledge to provide the knowledge and skills that information systems students need for their future roles as business decision-makers. Coverage includes key knowledge areas of the CISSP (Certified Information Systems Security Professional), as well as risk management, cryptography, physical security, and more. The third edition has retained the real-world examples and scenarios that made previous editions so successful, but has updated the content to reflect technology's latest capabilities and trends. With this emphasis on currency and comprehensive coverage, readers can feel confident that they are using a standards-based, content-driven resource to prepare them for their work in the field.
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
Patrick Engebretson - 2011
No prior hacking experience is needed. You learn how to properly utilize and interpret the results of modern day hacking tools, which are required to complete a penetration test. Tool coverage includes Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, Hacker Defender rootkit, and more. A simple and clean explanation of how to effectively utilize these tools as well as the introduction to a four-step methodology for conducting a penetration test or hack, will provide you with know-how required to jump start your career or gain a better understanding of offensive security. The book serves as an introduction to penetration testing and hacking and will provide you with a solid foundation of knowledge. After completing the book readers will be prepared to take on in-depth and advanced topics in hacking and penetration testing. The book walks through each of the steps and tools in a structured, orderly manner allowing readers to understand how the output from each tool can be fully utilized in the subsequent phases of the penetration test. This process allows readers to clearly see how the tools and phases relate.Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phasesWritten by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State UniversityUtilizes the Backtrack Linux distribution and focuses on the seminal tools required to complete a penetration test
Microsoft Project 2010 Step by Step
Carl Chatfield - 2010
With Step By Step, you set the pace-building and practicing the skills you need, just when you need them! Topics include building a project plan and fine-tuning the details; scheduling tasks, assigning resources, and managing dependencies; monitoring progress and costs; keeping projects on track; communicating project data through Gantt charts and other views.
Threat Modeling: Designing for Security
Adam Shostack - 2014
Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
T.J. O'Connor - 2012
Instead of relying on another attacker's tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.
Assembly Language: Step-By-Step
Jeff Duntemann - 1992
It then builds systematically to cover all the steps involved in writing, testing, and debugging assembly programs. It also provides valuable how-to information on using procedures and macros. The only guide to assembly programming covering both DOS and Linux, the book presents working example programs for both operating system, and introduces Conditional Assembly -- a technique for assembling for both DOS and Linux systems from a single source file.