Book Description

A unified treatment of the vulnerabilities that exist in real-world network systems—with tools to identify synergies for mergers and acquisitionsFragile Networks: Identifying Vulnerabilities and Synergies in an Uncertain World presents a comprehensive study of network systems and the roles these systems play in our everyday lives. This book successfully conceptualizes, defines, and constructs mathematically rigorous, computer-based tools for the assessment of network performance and efficiency, along with robustness and vulnerability analysis. The result is a thorough exploration that promotes an understanding of the critical infrastructure of today’s network systems, from congested urban transportation networks and supply chain networks under disruption to financial networks and the Internet.

The authors approach the analyses by abstracting not only topological structures of networks, but also the behavior of network users, the demand for resources, the resulting flows, and the associated costs. Following an introduction to the fundamental methodologies and tools required for network analysis and network vulnerability, the book is organized into three self-contained parts:

Part I—Network Fundamentals, Efficiency Measurement, and Vulnerability Analysis explores the theoretical and practical foundations for a new network efficiency measure in order to assess the importance of network components in various network systems. Methodologies for distinct decision-making behaviors are outlined, along with the tools for qualitative analysis, the algorithms for the computation of solutions, and a thorough discussion of the unified network efficient measure and network robustness with the unified measure. Download Now »

Book Description

Ever thought of using the time-tested tactics and techniques of the ancient ninja to understand the mind of today’s ninja, the hacker? As a penetration tester or security consultant you no doubt perform tests both externally and internally for your clients that include both physical and technical tests. Throw traditional pen testing methods out the window for now and see how thinking and acting like a ninja can actually grant you quicker and more complete access to a company’s assets. Get in before the hacker does with these unorthodox techniques. Use all of the tools that the ninja has: disguise, espionage, stealth, and concealment. Learn how to benefit from these tools by laying your plans, impersonating employees, infiltrating via alarm system evasion, discovering weak points and timing, spyware and keylogging software, and log manipulation and logic bombs. And, really, don’t you want to be a ninja for a day just because they’re cool? Let this book be your excuse!

• Discusses techniques used by malicious attackers in real-world situations
• Details unorthodox penetration testing techniques by getting inside the mind of a ninja
• Expands upon current penetration testing methodologies including new tactics for hardware and physical attacks

Review
“The hacking community is fraught with Eastern military comparisons. Like the ninja, we are continuing to come out of the shadows of our communal origins and grow into respected members of a larger society. Download Now »

Book Description

Identity theft and other confidential information theft have now topped the charts as the #1 cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? Now in its second edition, PCI Compliance has been revised to follow the new PCI DSS standard 1.2.1. Also new to this edition: Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need to understand the current PCI Data Security standards and how to effectively implement security on the network infrastructure in order to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information.

• Completely updated to follow the PCI DSS standard 1.2.1
• Packed with help to develop and implement an effective security strategy to keep infrastructure compliant and secure
• Both authors have broad information security backgrounds, including extensive PCI DSS experience

Table of Contents
Foreword
Acknowledgments
Chapter 1: About PCI and This Book Download Now »

Book Description

What do information security and the art of war have in common?
The answer, this book argues, is a great deal. Although the authors have an expert technical knowledge of information security, they strongly believe that technical and procedural measures cannot offer a solution on their own.

The human factor
Information security is not painting by numbers. You can tick all the right boxes and acquire the latest technology, and you may fail all the same. This is because information security is ultimately a human problem, not a technical one. In the end, the threats to your information security come from human beings, not from machines. Although one problem you will face is simple human error, the major threat to your business information is from the criminal.

Fight Cybercrime
Cybercrime is on the move. It is in a state of constant evolution, capable of adapting both to developments in technology and to whatever security measures its targets have already put in place. It will seek out your weak points in order to exploit them for its own advantage. However, although the people who want to harm your business will try to take you by surprise, they are also bound to have weaknesses of their own. Because the activity of the cybercriminal is both deliberate and hostile, they can be compared to a military adversary. So if you want to defend yourself from cybercrime you can learn from military strategy. Download Now »

Book Description

For the first time, Deviant Ollam, one of the security industry’s best-known lockpicking teachers, has assembled an instructional manual geared specifically toward penetration testers. Unlike other texts on the subject (which tend to be either massive volumes detailing every conceivable style of lock or brief “spy manuals” that only skim the surface) this book is for INFOSEC professionals that need essential, core knowledge of lockpicking and seek the ability to open most locks with relative ease. Deviant’s material is presented with rich, detailed diagrams and is offered in easy-to-follow lessons which allow even beginners to acquire the knowledge very quickly. Everything from straightforward lockpicking to quick-entry techniques like shimming, bumping, and bypassing is explained and shown.Whether you’re being hired to penetrate security or simply trying to harden your own defenses, this book is essential.

• Detailed photos make learning as easy as picking a lock
• DVD is filled with indispensible lock picking videos and color photos
• Extensive appendix details tools and toolkits currently available for all your lock picking needs

Review
“Practical Lock Picking (PLP) is an awesome book. I don’t provide physical testing services, but as a security professional familiar with Deviant’s reputation I was curious to read PLP. Not only is PLP an incredible resource, it should also serve as a model text for others who want to write a good book. Download Now »

Book Description

Get complete coverage of the latest release of the Certified Information Systems Security Professional (CISSP) exam inside this comprehensive, fully updated resource. Written by the leading expert in IT security certification and training, this authoritative guide covers all 10 CISSP exam domains developed by the International Information Systems Security Certification Consortium (ISC2). You’ll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CISSP exam with ease, this definitive volume also serves as an essential on-the-job reference.COVERS ALL 10 CISSP DOMAINS:

• Information security and risk management
• Access control
• Security architecture and design
• Physical and environmental security
• Telecommunications and network security
• Cryptography
• Business continuity and disaster recovery planning Download Now »