Skip to main content
Elsevier
View Cart

Syngress

    • Cybercrime and Espionage

      • 1st Edition
      • January 7, 2011
      • Will Gragido + 1 more
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 6 1 3 1
      • eBook
        9 7 8 1 5 9 7 4 9 6 1 4 8
      Cybercrime and Espionage provides a comprehensive analysis of the sophisticated patterns and subversive multi-vector threats (SMTs) associated with modern cybercrime, cyber terrorism, cyber warfare and cyber espionage. Whether the goal is to acquire and subsequently sell intellectual property from one organization to a competitor or the international black markets, to compromise financial data and systems, or undermine the security posture of a nation state by another nation state or sub-national entity, SMTs are real and growing at an alarming pace. This book contains a wealth of knowledge related to the realities seen in the execution of advanced attacks, their success from the perspective of exploitation and their presence within all industry. It will educate readers on the realities of advanced, next generation threats, which take form in a variety ways. This book consists of 12 chapters covering a variety of topics such as the maturity of communications systems and the emergence of advanced web technology; how regulatory compliance has worsened the state of information security; the convergence of physical and logical security; asymmetric forms of gathering information; seven commonalities of SMTs; examples of compromise and presence of SMTs; next generation techniques and tools for avoidance and obfuscation; and next generation techniques and tools for detection, identification and analysis. This book will appeal to information and physical security professionals as well as those in the intelligence community and federal and municipal law enforcement, auditors, forensic analysts, and CIO/CSO/CISO.

    • XBOX 360 Forensics

      • 1st Edition
      • January 6, 2011
      • Steven Bolt
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 6 2 3 0
      • eBook
        9 7 8 1 5 9 7 4 9 6 2 4 7
      XBOX 360 Forensics is a complete investigation guide for the XBOX game console. Because the XBOX 360 is no longer just a video game console — it streams movies, connects with social networking sites and chatrooms, transfer files, and more — it just may contain evidence to assist in your next criminal investigation. The digital forensics community has already begun to receive game consoles for examination, but there is currently no map for you to follow as there may be with other digital media. XBOX 360 Forensics provides that map and presents the information in an easy-to-read, easy-to-reference format.This book is organized into 11 chapters that cover topics such as Xbox 360 hardware; XBOX LIVE; configuration of the console; initial forensic acquisition and examination; specific file types for Xbox 360; Xbox 360 hard drive; post-system update drive artifacts; and XBOX Live redemption code and Facebook.This book will appeal to computer forensic and incident response professionals, including those in federal government, commercial/private sector contractors, and consultants.

    • Windows Registry Forensics

      • 1st Edition
      • January 3, 2011
      • Harlan Carvey
      • English
      • eBook
        9 7 8 1 5 9 7 4 9 5 8 1 3
      Windows Registry Forensics provides the background of the Windows Registry to help develop an understanding of the binary structure of Registry hive files. Approaches to live response and analysis are included, and tools and techniques for postmortem analysis are discussed at length. Tools and techniques are presented that take the student and analyst beyond the current use of viewers and into real analysis of data contained in the Registry, demonstrating the forensic value of the Registry. Named a 2011 Best Digital Forensics Book by InfoSec Reviews, this book is packed with real-world examples using freely available open source tools. It also includes case studies and a CD containing code and author-created tools discussed in the book. This book will appeal to computer forensic and incident response professionals, including federal government and commercial/private sector contractors, consultants, etc.

    • Securing SQL Server

      • 1st Edition
      • December 27, 2010
      • Denny Cherry
      • English
      • eBook
        9 7 8 1 5 9 7 4 9 6 2 6 1
      Securing SQL Server: Protecting Your Database from Attackers provides readers with the necessary tools and techniques to help maintain the security of databases within their environment. It begins with a discussion of network security issues, including public versus private IP addresses; accessing an SQL server from home; physical security; and testing network security. The remaining chapters cover database encryption; SQL password security; SQL injection attacks; database backup security; security auditing; and server rights. The Appendix features checklists that database administrators can use to pass external audits.

    • Web Application Obfuscation

      • 1st Edition
      • December 10, 2010
      • Mario Heiderich + 3 more
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 6 0 4 9
      • eBook
        9 7 8 1 5 9 7 4 9 6 0 5 6
      Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take one attack and create hundreds-if not millions-of variants that can evade your security measures. Web Application Obfuscation takes a look at common Web infrastructure and security controls from an attacker's perspective, allowing the reader to understand the shortcomings of their security systems. Find out how an attacker would bypass different types of security controls, how these very security controls introduce new types of vulnerabilities, and how to avoid common pitfalls in order to strengthen your defenses.

    • Eleventh Hour CISSP

      • 1st Edition
      • November 10, 2010
      • Eric Conrad + 2 more
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 6 6 0
      • eBook
        9 7 8 1 5 9 7 4 9 5 6 7 7
      Eleventh Hour CISSP Study Guide serves as a guide for those who want to be information security professionals. The main job of an information security professional is to evaluate the risks involved in securing assets and to find ways to mitigate those risks. Information security jobs include firewall engineers, penetration testers, auditors, and the like. The book is composed of 10 domains of the Common Body of Knowledge. In each section, it defines each domain. The first domain provides information about risk analysis and mitigation, and it discusses security governance. The second domain discusses techniques of access control, which is the basis for all security disciplines. The third domain explains the concepts behind cryptography, which is a secure way of communicating that is understood only by certain recipients. Domain 5 discusses security system design, which is fundamental in operating the system and software security components. Domain 6 is one of the critical domains in the Common Body of Knowledge, the Business Continuity Planning and Disaster Recovery Planning. It is the final control against extreme events such as injury, loss of life, or failure of an organization. Domain 7, Domain 8 and Domain 9 discuss telecommunications and network security, application development security, and the operations domain, respectively. Domain 10 focuses on the major legal systems that provide a framework for determining laws about information system.

    • Managed Code Rootkits

      • 1st Edition
      • October 28, 2010
      • Erez Metula
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 7 4 5
      • eBook
        9 7 8 1 5 9 7 4 9 5 7 5 2
      Managed Code Rootkits is the first book to cover application-level rootkits and other types of malware inside the application VM, which runs a platform-independent programming environment for processes. The book, divided into four parts, points out high-level attacks, which are developed in intermediate language. The initial part of the book offers an overview of managed code rootkits. It explores environment models of managed code and the relationship of managed code to rootkits by studying how they use application VMs. It also discusses attackers of managed code rootkits and various attack scenarios. The second part of the book covers the development of managed code rootkits, starting with the tools used in producing managed code rootkits through their deployment. The next part focuses on countermeasures that can possibly be used against managed code rootkits, including technical solutions, prevention, detection, and response tactics. The book concludes by presenting techniques that are somehow similar to managed code rootkits, which can be used in solving problems.

    • Citrix XenDesktop Implementation

      • 1st Edition
      • September 27, 2010
      • Gareth R. James
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 8 2 0
      • eBook
        9 7 8 1 5 9 7 4 9 5 8 3 7
      Citrix XenDesktop Implementation explores the implementation of Citrix XenDesktop, a virtual desktop infrastructure solution. After introducing the desktop virtualization, the book discusses the installation of a desktop delivery controller through advanced XenDesktop Client Settings. This book briefly discusses the work of desktop delivery controller mechanisms followed by its installation process, integration process of XenDesktop with Microsoft Active Directory, and the configuration of the desktop delivery controller. It then examines the process of installing the virtual desktop onto the server infrastructure, and it follows the installation and integration onto Xen Server, Hyper-V, and VMware hypervisors. Furthermore, it discusses the advanced configuration settings. The book covers the installation of the Citrix Provisioning Server and its fundamental configuration. It also explores the configuration of Citrix XenApp for Application provisioning, the integration of virtual applications, and the implementation of virtual profiles into the virtual desktop. The book concludes by explaining the advanced XenDesktop client settings on audio, video, and peripherals.

    • Securing the Smart Grid

      • 1st Edition
      • September 23, 2010
      • Tony Flick + 1 more
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 7 0 7
      • eBook
        9 7 8 1 5 9 7 4 9 5 7 1 4
      Securing the Smart Grid discusses the features of the smart grid, particularly its strengths and weaknesses, to better understand threats and attacks, and to prevent insecure deployments of smart grid technologies. A smart grid is a modernized electric grid that uses information and communications technology to be able to process information, such as the behaviors of suppliers and consumers. The book discusses different infrastructures in a smart grid, such as the automatic metering infrastructure (AMI). It also discusses the controls that consumers, device manufacturers, and utility companies can use to minimize the risk associated with the smart grid. It explains the smart grid components in detail so readers can understand how the confidentiality, integrity, and availability of these components can be secured or compromised. This book will be a valuable reference for readers who secure the networks of smart grid deployments, as well as consumers who use smart grid devices.

    • Security for Microsoft Windows System Administrators

      • 1st Edition
      • September 23, 2010
      • Derrick Rountree
      • English
      • Paperback
        9 7 8 1 5 9 7 4 9 5 9 4 3
      • eBook
        9 7 8 1 5 9 7 4 9 5 9 5 0
      Security for Microsoft Windows System is a handy guide that features security information for Windows beginners and professional admin. It provides information on security basics and tools for advanced protection against network failures and attacks. The text is divided into six chapters that cover details about network attacks, system failures, audits, and social networking. The book introduces general security concepts including the principles of information security, standards, regulation, and compliance; authentication, authorization, and accounting; and access control. It also covers the cryptography and the principles of network, system, and organizational and operational security, including risk analysis and disaster recovery. The last part of the book presents assessments and audits of information security, which involve methods of testing, monitoring, logging, and auditing. This handy guide offers IT practitioners, systems and network administrators, and graduate and undergraduate students in information technology the details they need about security concepts and issues. Non-experts or beginners in Windows systems security will also find this book helpful.

Browse by Publisher

Academic Press

Butterworth-Heinemann

Chandos

Elsevier

Morgan Kaufmann

Newnes