Book Description

The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. No prior hacking experience is needed. You learn how to properly utilize and interpret the results of modern day hacking tools, which are required to complete a penetration test. Tool coverage includes Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, Hacker Defender rootkit, and more. A simple and clean explanation of how to effectively utilize these tools as well as the introduction to a four-step methodology for conducting a penetration test or hack, will provide you with know-how required to jump start your career or gain a better understanding of offensive security. The book serves as an introduction to penetration testing and hacking and will provide you with a solid foundation of knowledge. After completing the book readers will be prepared to take on in-depth and advanced topics in hacking and penetration testing. The book walks through each of the steps and tools in a structured, orderly manner allowing readers to understand how the output from each tool can be fully utilized in the subsequent phases of the penetration test. This process allows readers to clearly see how the tools and phases relate.

• Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases
• Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking Download Now »

Book Description

“Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime.”
–Felix ‘FX’ Lindner

Seemingly simple bugs can have drastic consequences, allowing attackers to compromise systems, escalate local privileges, and otherwise wreak havoc on a system.

A Bug Hunter’s Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world’s most popular software, like Apple’s iOS, the VLC media player, web browsers, and even the Mac OS X kernel. In this one-of-a-kind account, you’ll see how the developers responsible for these flaws patched the bugs—or failed to respond at all. As you follow Klein on his journey, you’ll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting.

Along the way you’ll learn how to:

• Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering
• Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws
• Develop proof of concept code that verifies the security flaw
• Report bugs to vendors or third party brokers

A Bug Hunter’s Diary is packed with real-world examples of vulnerable code Download Now »

Book Description

CCNP Security FIREWALL 642-617 Official Cert Guide is a best of breed Cisco exam study guide that focuses specifically on the objectives for the CCNP Security FIREWALL exam. Senior security consultants and instructors David Hucaby, Dave Garneau, and Anthony Sequeira share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

CCNP Security FIREWALL 642-617 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

The companion CD-ROM contains the powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take a complete, timed exam. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.

Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. Download Now »

Book Description

Windows security concepts and technologies for IT beginners

IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built.

This straightforward guide begins each chapter by laying out a list of topics to be discussed, followed by a concise discussion of the core networking skills you need to have to gain a strong handle on the subject matter. Chapters conclude with review questions and suggested labs so you can measure your level of understanding of the chapter’s content.

• Serves as an ideal resource for gaining a solid understanding of fundamental security concepts and skills
• Offers a straightforward and direct approach to security basics and covers anti-malware software products, firewalls, network topologies and devices, network ports, and more
• Reviews all the topics you need to know for taking the MTA 98-367 exam
• Provides an overview of security components, looks at securing access with permissions, addresses audit policies and network auditing, and examines protecting clients and servers

If you’re new to IT and interested in entering the IT workforce Download Now »

Book Description

A step-by-step guide to the tasks involved in security administration

If you aspire to a career in security administration, one of your greatest challenges will be gaining hands-on experience. This book takes you through the most common security admin tasks step by step, showing you the way around many of the roadblocks you can expect on the job. It offers a variety of scenarios in each phase of the security administrator’s job, giving you the confidence of first-hand experience.

In addition, this is an ideal complement to the brand-new, bestselling CompTIA Security+ Study Guide, 5th Edition or the CompTIA Security+ Deluxe Study Guide, 2nd Edition, the latest offerings from Sybex for CompTIA’s Security+ SY0-301 exam.

• Targets security administrators who confront a wide assortment of challenging tasks and those seeking a career in security administration who are hampered by a lack of actual experience
• Walks you through a variety of common tasks, demonstrating step by step how to perform them and how to circumvent roadblocks you may encounter
• Features tasks that are arranged according to four phases of the security administrator’s role: designing a secure network, creating and implementing standard security policies, identifying insecure systems in an existing environment, and training both onsite and remote users
• Ideal hands-on for those preparing for CompTIA’s Security+ exam (SY0-301)

Download Now »

Book Description

Information security is the act of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This book discusses why information security is needed and how security problems can have widespread impacts. It covers the complete security lifecycle of products and services, starting with requirements and policy development and progressing through development, deployment, and operations, and concluding with decommissioning. Professionals in the sciences, engineering, and communications fields will turn to this resource to understand the many legal, technical, competitive, criminal and consumer forces and influences that are rapidly changing our information dependent society.

From the Back Cover
From design to deployment to decommissioning: a systems engineering approach to information security

With this book as a guide, readers learn to apply a tested and proven methodology to address the information security concerns of any organization, ensuring that specific classes of information are only accessible to designated users. The methodology is based on systems engineering, a set of concepts that enable the systematic documentation of objectives and set forth the functional and performance capabilities needed to achieve those objectives. Because the book considers the complete life cycle of security systems, it also guides readers through deployment, operations, and eventual decommissioning. Moreover, the book goes well beyond technical requirements, enabling the full account of all aspects of an organization’s needs, including: Download Now »