Skip to main content
Elsevier

Syngress

  • Cyber Security and IT Infrastructure Protection

    • 1st Edition
    • John Vacca
    • English
    This book serves as a security practitioner’s guide to today’s most crucial issues in cyber security and IT infrastructure. It offers in-depth coverage of theory, technology, and practice as they relate to established technologies as well as recent advancements. It explores practical solutions to a wide range of cyber-physical and IT infrastructure protection issues. Composed of 11 chapters contributed by leading experts in their fields, this highly useful book covers disaster recovery, biometrics, homeland security, cyber warfare, cyber security, national infrastructure security, access controls, vulnerability assessments and audits, cryptography, and operational and organizational security, as well as an extensive glossary of security terms and acronyms. Written with instructors and students in mind, this book includes methods of analysis and problem-solving techniques through hands-on exercises and worked examples as well as questions and answers and the ability to implement practical solutions through real-life case studies. For example, the new format includes the following pedagogical elements:• Checklists throughout each chapter to gauge understanding• Chapter Review Questions/Exercises and Case Studies• Ancillaries: Solutions Manual; slide package; figure files This format will be attractive to universities and career schools as well as federal and state agencies, corporate security training programs, ASIS certification, etc.

  • Managing Information Security

    • 2nd Edition
    • John Vacca
    • English
    Managing Information Security offers focused coverage of how to protect mission critical systems, and how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vulnerability assessment, and more. It offers in-depth coverage of the current technology and practice as it relates to information security management solutions. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors’ respective areas of expertise.

  • FISMA Compliance Handbook

    Second Edition
    • 1st Edition
    • Laura P. Taylor
    • English
    This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook Second Edition explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of Certification and Accreditation is discussed. This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FISMA compliant security assessment. Various topics discussed in this book include the NIST Risk Management Framework, how to characterize the sensitivity level of your system, contingency plan, system security plan development, security awareness training, privacy impact assessments, security assessments and more. Readers will learn how to obtain an Authority to Operate for an information system and what actions to take in regards to vulnerabilities and audit findings. FISMA Compliance Handbook Second Edition, also includes all-new coverage of federal cloud computing compliance from author Laura Taylor, the federal government’s technical lead for FedRAMP, the government program used to assess and authorize cloud products and services.

  • X-Ways Forensics Practitioner’s Guide

    • 1st Edition
    • Brett Shavers + 1 more
    • English
    The X-Ways Forensics Practitioner's Guide is more than a manual-it's a complete reference guide to the full use of one of the most powerful forensic applications available, software that is used by a wide array of law enforcement agencies and private forensic examiners on a daily basis. In the X-Ways Forensics Practitioner's Guide, the authors provide you with complete coverage of this powerful tool, walking you through configuration and X-Ways fundamentals, and then moving through case flow, creating and importing hash databases, digging into OS artifacts, and conducting searches. With X-Ways Forensics Practitioner's Guide, you will be able to use X-Ways Forensics to its fullest potential without any additional training. The book takes you from installation to the most advanced features of the software. Once you are familiar with the basic components of X-Ways, the authors demonstrate never-before-documen... features using real life examples and information on how to present investigation results. The book culminates with chapters on reporting, triage and preview methods, as well as electronic discovery and cool X-Ways apps.

  • Practical Anonymity

    Hiding in Plain Sight Online
    • 1st Edition
    • Peter Loshin
    • English
    For those with legitimate reason to use the Internet anonymously--diploma... military and other government agencies, journalists, political activists, IT professionals, law enforcement personnel, political refugees and others--anonymous networking provides an invaluable tool, and many good reasons that anonymity can serve a very important purpose. Anonymous use of the Internet is made difficult by the many websites that know everything about us, by the cookies and ad networks, IP-logging ISPs, even nosy officials may get involved. It is no longer possible to turn off browser cookies to be left alone in your online life. Practical Anonymity: Hiding in Plain Sight Online shows you how to use the most effective and widely-used anonymity tools--the ones that protect diplomats, military and other government agencies to become invisible online. This practical guide skips the theoretical and technical details and focuses on getting from zero to anonymous as fast as possible. For many, using any of the open-source, peer-reviewed tools for connecting to the Internet via an anonymous network may be (or seem to be) too difficult because most of the information about these tools is burdened with discussions of how they work and how to maximize security. Even tech-savvy users may find the burden too great--but actually using the tools can be pretty simple. The primary market for this book consists of IT professionals who need/want tools for anonymity to test/work around corporate firewalls and router filtering as well as provide anonymity tools to their customers. Simple, step-by-step instructions for configuring and using anonymous networking software Simple, step-by-step instructions for configuring and using anonymous networking software Use of open source, time-proven and peer-reviewed tools for anonymity Plain-language discussion of actual threats and concrete suggestions for appropriate responses Easy-to-follow tips for safer computing

  • Risk Management Framework

    A Lab-Based Approach to Securing Information Systems
    • 1st Edition
    • James Broad
    • English
    The RMF allows an organization to develop an organization-wide risk framework that reduces the resources required to authorize a systems operation. Use of the RMF will help organizations maintain compliance with not only FISMA and OMB requirements but can also be tailored to meet other compliance requirements such as Payment Card Industry (PCI) or Sarbanes Oxley (SOX). With the publishing of NIST SP 800-37 in 2010 and the move of the Intelligence Community and Department of Defense to modified versions of this process, clear implementation guidance is needed to help individuals correctly implement this process. No other publication covers this topic in the detail provided in this book or provides hands-on exercises that will enforce the topics. Examples in the book follow a fictitious organization through the RMF, allowing the reader to follow the development of proper compliance measures. Templates provided in the book allow readers to quickly implement the RMF in their organization. The need for this book continues to expand as government and non-governmental organizations build their security programs around the RMF. The companion website provides access to all of the documents, templates and examples needed to not only understand the RMF but also implement this process in the reader’s own organization.

  • Professional Penetration Testing

    Creating and Learning in a Hacking Lab
    • 2nd Edition
    • Thomas Wilhelm
    • English
    Professional Penetration Testing walks you through the entire process of setting up and running a pen test lab. Penetration testing—the act of testing a computer network to find security vulnerabilities before they are maliciously exploited—is a crucial component of information security in any organization. With this book, you will find out how to turn hacking skills into a professional career. Chapters cover planning, metrics, and methodologies; the details of running a pen test, including identifying and verifying vulnerabilities; and archiving, reporting and management practices. Author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book, you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios. All disc-based content for this title is now available on the Web.

  • The Basics of Hacking and Penetration Testing

    Ethical Hacking and Penetration Testing Made Easy
    • 2nd Edition
    • Patrick Engebretson
    • English
    The Basics of Hacking and Penetration Testing, Second Edition, serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. The book teaches students how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. It provides a simple and clean explanation of how to effectively utilize these tools, along with a four-step methodology for conducting a penetration test or hack, thus equipping students with the know-how required to jump start their careers and gain a better understanding of offensive security.Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. Tool coverage includes: Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. This is complemented by PowerPoint slides for use in class.This book is an ideal resource for security consultants, beginning InfoSec professionals, and students.

  • The Basics of Web Hacking

    Tools and Techniques to Attack the Web
    • 1st Edition
    • Josh Pauli
    • English
    The Basics of Web Hacking introduces you to a tool-driven process to identify the most widespread vulnerabilities in Web applications. No prior experience is needed. Web apps are a "path of least resistance" that can be exploited to cause the most damage to a system, with the lowest hurdles to overcome. This is a perfect storm for beginning hackers. The process set forth in this book introduces not only the theory and practical information related to these vulnerabilities, but also the detailed configuration and usage of widely available tools necessary to exploit these vulnerabilities. The Basics of Web Hacking provides a simple and clean explanation of how to utilize tools such as Burp Suite, sqlmap, and Zed Attack Proxy (ZAP), as well as basic network scanning tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more. Dr. Josh Pauli teaches software security at Dakota State University and has presented on this topic to the U.S. Department of Homeland Security, the NSA, BlackHat Briefings, and Defcon. He will lead you through a focused, three-part approach to Web security, including hacking the server, hacking the Web app, and hacking the Web user. With Dr. Pauli’s approach, you will fully understand the what/where/why/how of the most widespread Web vulnerabilities and how easily they can be exploited with the correct tools. You will learn how to set up a safe environment to conduct these attacks, including an attacker Virtual Machine (VM) with all necessary tools and several known-vulnerable Web application VMs that are widely available and maintained for this very purpose. Once you complete the entire process, not only will you be prepared to test for the most damaging Web exploits, you will also be prepared to conduct more advanced Web hacks that mandate a strong base of knowledge.

  • Introduction to Cyber-Warfare

    A Multidisciplinary Approach
    • 1st Edition
    • Paulo Shakarian + 2 more
    • English
    Introduction to Cyber-Warfare: A Multidisciplinary Approach, written by experts on the front lines, gives you an insider's look into the world of cyber-warfare through the use of recent case studies. The book examines the issues related to cyber warfare not only from a computer science perspective but from military, sociological, and scientific perspectives as well. You'll learn how cyber-warfare has been performed in the past as well as why various actors rely on this new means of warfare and what steps can be taken to prevent it.

Browse by Publisher