Securing the Smart Grid discusses the features of the smart grid, particularly its strengths and weaknesses, to better understand threats and attacks, and to prevent insecure deployments of smart grid technologies. A smart grid is a modernized electric grid that uses information and communications technology to be able to process information, such as the behaviors of suppliers and consumers. The book discusses different infrastructures in a smart grid, such as the automatic metering infrastructure (AMI). It also discusses the controls that consumers, device manufacturers, and utility companies can use to minimize the risk associated with the smart grid. It explains the smart grid components in detail so readers can understand how the confidentiality, integrity, and availability of these components can be secured or compromised. This book will be a valuable reference for readers who secure the networks of smart grid deployments, as well as consumers who use smart grid devices.
Security for Microsoft Windows System is a handy guide that features security information for Windows beginners and professional admin. It provides information on security basics and tools for advanced protection against network failures and attacks. The text is divided into six chapters that cover details about network attacks, system failures, audits, and social networking. The book introduces general security concepts including the principles of information security, standards, regulation, and compliance; authentication, authorization, and accounting; and access control. It also covers the cryptography and the principles of network, system, and organizational and operational security, including risk analysis and disaster recovery. The last part of the book presents assessments and audits of information security, which involve methods of testing, monitoring, logging, and auditing. This handy guide offers IT practitioners, systems and network administrators, and graduate and undergraduate students in information technology the details they need about security concepts and issues. Non-experts or beginners in Windows systems security will also find this book helpful.
Every major enterprise has a significant installed base of existing software systems that reflect the tangled IT architectures that result from decades of patches and failed replacements. Most of these systems were designed to support business architectures that have changed dramatically. At best, these systems hinder agility and competitiveness and, at worst, can bring critical business functions to a halt. Architecture-Driven Modernization (ADM) restores the value of entrenched systems by capturing and retooling various aspects of existing application environments, allowing old infrastructures to deliver renewed value and align effectively with enterprise strategies and business architectures. Information Systems Transformation provides a practical guide to organizations seeking ways to understand and leverage existing systems as part of their information management strategies. It includes an introduction to ADM disciplines, tools, and standards as well as a series of scenarios outlining how ADM is applied to various initiatives. Drawing upon lessons learned from real modernization projects, it distills the theory and explains principles, processes, and best practices for every industry.
IT Manager’s Handbook: The Business Edition is a MUST-HAVE guide for the advancing technology professional who is looking to move up into a supervisory role, and is ideal for newly-promoted IT managers who needs to quickly understand their positions. It uses IT–related examples to discuss business topics and recognizes the ever-changing and growing demands of IT in today’s world as well as how these demands impact those who work in the field. Specific attention is paid to the latest issues, including the challenges of dealing with a mobile and virtual workforce, managing Gen-X/Yers, and running an IT organization in a troubled economy. Rich with external references and written in-easy-to-read sections, IT Manager’s Handbook: The Business Edition is the definitive manual to managing an IT department in today’s corporate environment.
Writing Security Tools and Exploits will be the foremost authority on vulnerability and security code and will serve as the premier educational reference for security professionals and software developers. The book will have over 600 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, this book will dive right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques will be included in both the Local and Remote Code sections of the book. The book will be accompanied with a companion Web site containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD will also contain a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library will include multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions will simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.
A highly portable, easily digestible road-map to configuring, maintaining and troubleshooting essential IIS 6.0 features.The book is organized around the 15 "MMCs" (Microsoft Management Consoles) that contain the configuration menus for the essential features. The options within each menu are explained clearly, potential problems are identified up-front, and configurations are subsequently presented in the aptly named "By the Book" section for that MMC. Readers will also appreciate the "Reality Check" sidebars througout, which present valuable cost/benefit analyses of situations where there is no single "right" answer.
Written by two INFOSEC experts, this book provides a systematic and practical approach for establishing, managing and operating a comprehensive Information Assurance program. It is designed to provide ISSO managers, security managers, and INFOSEC professionals with an understanding of the essential issues required to develop and apply a targeted information security posture to both public and private corporations and government run agencies.There is a growing concern among all corporations and within the security industry to come up with new approaches to measure an organization's information security risks and posture. Information Assurance explains and defines the theories and processes that will help a company protect its proprietary information including: * The need to assess the current level of risk.* The need to determine what can impact the risk.* The need to determine how risk can be reduced.The authors lay out a detailed strategy for defining information security, establishing IA goals, providing training for security awareness, and conducting airtight incident response to system compromise. Such topics as defense in depth, configuration management, IA legal issues, and the importance of establishing an IT baseline are covered in-depth from an organizational and managerial decision-making perspective.
Managing Systems Migrations and Upgrades is the perfect book for technology managers who want a rational guide to evaluating the business aspects of various possible technical solutions. Enterprises today are in the middle of the R&D race for technology leadership, with providers who increasingly need to create markets for new technologies while shortening development, implementation, and life cycles. The cost for the current tempo of technology life cycles is endless change-management controls, organizational chaos, production use of high-risk beta products, and greater potential for failure of existing systems during migration.Burkey and Breakfield help you answer questions such as, "Is the only solution open to me spending more that the industry average in order to succeed?" and "What are the warning signs that tell me to pass on a particular product offering?" as well as "How can my organization avoid the 'technical death marches' typical of the industry?" This book will take the confusion out of when to make shifts in your systems and help you evaluate the value proposition of these technology changes.
Protecting computer networks and their client computers against willful (or accidental) attacks is a growing concern for organizations and their information technology managers. This book draws upon the author's years of experience in computer security to describe a set of over 200 "rules" designed to enhance the security of a computer network (and its data) and to allow quick detection of an attack and development of effective defensive responses to attacks. Both novice and experienced network administrators will find this book an essential part of their professional "tool kit." It is also essential reading for a corporate or organization manager who needs a solid understanding of the issues involved in computer security.Much literature is available on network and data security that describes security concepts, but offers so many different solutions to information security problems that it typically overwhelms both the novice and the experienced network administrator. This book presents a simple set of rules important in maintaining good information security. These rules or best practices are intended to be a recipe for setting up network and information security. This manual will take the mystery out of configuring an information security solution and provide a framework which the novice as well as experienced network administrator can follow and adapt to their network and data environment.
The only way to stop a hacker is to think like one! Wireless technology is a new and rapidly growing field of concentration for network engineers and administrators. Innovative technology is now making the communication between computers a cordless affair. Wireless devices and networks are vulnerable to additional security risks because of their presence in the mobile environment. Hack Proofing Your Wireless Network is the only book written specifically for architects, engineers, and administrators responsible for securing their wireless networks. From making sense of the various acronyms (WAP, WEP, SSL, PKE, PKI, SSL, SSH, IPSEC) to the implementation of security policies, plans, and recovery protocols, this book will help users secure their wireless network before its security is compromised. The only way to stop a hacker is to think like one...this book details the multiple ways a hacker can attack a wireless network - and then provides users with the knowledge they need to prevent said attacks.