Social Engineering in IT Security: Tools, Tactics, and Techniques Author: Sharon Conheady ISBN-13:

Transcription

1 Social Engineering in IT Security: Tools, Tactics, and Techniques Author: Sharon Conheady ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 1 Previous ISBN: Subject: Computers - Security / General Trim Height: 24 cm Trim Width: 19 cm Pages: 352 Format : Softcover INTRODUCTION Filled with cutting-edge social engineering testing techniques that are legally and ethically sound Social Engineering in IT Security details the roots and rise of social engineering, key legal and ethical aspects to understand before contracting to perform a test, and how and why social engineering works. The book fully explains how to plan for a social engineering test, perform reconnaissance, create scenarios, implement the test, and accurately report the results. Specific measures security managers can take to defend against weaknesses a social engineer could exploit are discussed. Offers a front-row seat with Sharon Conheady, social engineering s rising star and exceedingly in-demand social engineering speaker Includes a legal reference covering both the U.S. and Europe

2 Walks though considerations that go into the social engineer s Client Agreement Letter DESCRIPTION Filled with cutting-edge social engineering testing techniques that are legally and ethically sound Social Engineering in IT Security details the roots and rise of social engineering, key legal and ethical aspects you need to understand before contracting to perform a test, and how and why social engineering works. The book fully explains how to plan for a social engineering test, perform reconnaissance, create scenarios, implement the test, and accurately report the results. Specific measures security managers can take to defend against weaknesses a social engineer could exploit are discussed. Offers a front-row seat with Sharon Conheady, a highly in-demand social engineering speaker and trainer Includes a legal reference covering both the U.S. and Europe Walks though considerations that go into the social engineer s client agreement letter Complete with examples of post-test reports to make your own report writing as solid as possible ABOUT THE AUTHOR Sharon Conheady (London, England) is Director of Social Engineering & Penetration Testing at First Defence Information Security in the UK. She leads social engineering training seminars and has spoken around the world on the topic.

3 Incident Response and Computer Forensics, Third Edition Author: Jason Luttgens, Matthew Pepe, Kevin Mandia ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 3 Previous ISBN: Subject: Comput ers - Security / General Trim Height: 24 cm Trim Width: 19 cm Pages: 544 Format : Softcover INTRODUCTION The all-new edition of the market's top-selling incident response book covers the latest techniques, tools, and case scenarios to help incident responders react quickly and efficiently to data breaches. Incident Response and Computer Forensics, Third Edition is a fully updated edition of the bestselling technical guide that arms information security professionals with the right know-how to get their organizations out of trouble. This new edition is chock-full of updates about tools and techniques as well as new real-world scenarios reflecting today s most common types of incidents. Detailed advice covers all aspects of incident investigation and handling, with an emphasis on forensics--knowing where and how to look into computers for evidence of wrongdoing. New chapters on investigation techniques, indicators of compromise, and remediation

4 New advice on architecting networks from the ground-up to fight intrusions and on streamlining intrusion diagnoses for faster recovery Substantial updates on investigating Windows systems, malware analysis, memory analysis, application analysis, data collection, report writing, and incident management DESCRIPTION The all-new edition of this security bestseller covers the latest techniques, tools, and case scenarios to help incident responders react quickly and efficiently to data breaches. Incident Response and Computer Forensics, Third Edition is a fully updated edition of the bestselling technical guide that arms you with the right know-how to get your organization out of trouble when data breaches occur. This new edition is chock-full of updates about tools and techniques as well as new real-world scenarios reflecting today s most common types of incidents. Detailed advice covers all aspects of incident investigation and handling, with an emphasis on forensics--knowing where and how to look into computers for evidence of wrongdoing. New chapters on investigation techniques, indicators of compromise, and remediation New advice on architecting networks from the ground-up to fight intrusions and on streamlining intrusion diagnoses for faster recovery Substantial updates on investigating Windows systems, malware analysis, memory analysis, application analysis, data collection, report writing, and incident management The most relevant tips and tricks for a forensics-forward approach to handling and protecting sensitive data without compromising systems further New and updated information for managers and business leaders to prepare for and manage an incident ABOUT THE AUTHOR Jason Luttgens is technical director for security consulting firm Mandiant. He served in NASA s OIG Computer Crimes Division as a technical director and as a forensics investigator for the Department of Defense. Matt Pepe has served as technical director for security consulting firm Mandiant for seven years, following his role as principal consultant with Foundstone where he performed forensic analysis in more than 100 Federal investigations. Kevin Mandia is president of security consulting firm Mandiant, which specializes in incident response, computer forensics, and IT security, and provides services, products, and education to commercial and Federal clients.

5 CHFI Computer Hacking Forensic Investigator Certification All-in-One Exam Guide Author: Charles L. Brooks ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 1 Previous ISBN: Subject: Comput ers - Certification Guides / General Trim Height: cm Trim Width: cm Pages: 656 Format : Hardcover with CDROM INTRODUCTION An all-new exam guide for version 8 of the Computer Hacking Forensic Investigator (CHFI) exam from EC-Council The CHFI exam validates the skills necessary to detect hacking attacks and to properly gather the evidence necessary to prosecute in a court of law. CHFI Computer Hacking Forensic Investigator All-in-One Exam Guide offers 100% coverage of all exam objectives. The book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Beyond exam prep, this definitive guide also serves as an on-the-job reference for forensic investigators. Electronic content includes two practice exams and a PDF ebook CHFI is an international, vendor-neutral certification offered in more than 87 countries

6 worldwide and is the next step after EC-Council's CEH certification DESCRIPTION An all-new exam guide for version 8 of the Computer Hacking Forensic Investigator (CHFI) exam from EC-Council CHFI Computer Hacking Forensic Investigator All-in-One Exam Guide offers 100% coverage of all exam objectives on the CHFI exam which validates the skills necessary to detect hacking attacks and to properly gather the evidence necessary to prosecute in a court of law. The book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and indepth explanations. Beyond exam prep, this definitive guide also serves as an on-the-job reference for forensic investigators. Electronic content includes two practice exams and a PDF ebook An authoritative, cost-effective way to prepare for this challenging exam Includes real-world examples of successful computer forensics investigations ABOUT THE AUTHOR Charles L. Brooks, CHFI, (Watertown, MA) provides network security consulting services to SOHO businesses. He also teaches graduate courses on network and software security at Brandeis University.

7 CompTIA Mobility+ Certification All-in-One Exam Guide (Exam MB0-001) Author: Bobby E. Rogers ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 1 Previous ISBN: Subject: Comput ers - Certification Guides / General Trim Height: cm Trim Width: cm Pages: 512 Format : Hardcover with CDROM INTRODUCTION A new exam guide for the all-new certification on mobile computing technologies from CompTIA CompTIA Mobility+ All-in-One Exam Guide (Exam MB0-001) covers 100% of the exam objectives for this new certification that validates the knowledge and skills required to understand and research capabilities of mobile devices and features of over-the-air technologies. The book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Beyond exam prep, this definitive guide also serves as an on-the-job reference for IT practitioners working in mobile computing environments. Electronic content includes two practice exams and a PDF ebook CompTIA reviewed and approved: CompTIA Approved Quality Content (CAQC)

8 DESCRIPTION A new exam guide for the all-new certification on mobile computing technologies from CompTIA CompTIA Mobility+ All-in-One Exam Guide (Exam MB0-001) covers 100% of the exam objectives for this new certification that validates the knowledge and skills required to understand and research capabilities of mobile devices and features of over-the-air technologies. The book contains learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. This definitive guide also serves as an on-the-job reference for IT practitioners working in mobile computing environments. Electronic content includes two practice exams and a PDF ebook CompTIA reviewed and approved: CompTIA Approved Quality Content (CAQC) Authoritative coverage of enterprise-level mobile computing technologies ABOUT THE AUTHOR Bobby E. Rogers, CompTIA A+, CompTIA Security+, CCNA, CISSP, CHFI, CEH, (Huntsville, AL) is a principal information assurance analyst for Dynetics, Inc.

9 CEH Certified Ethical Hacker Practice Exams, Second Edition Author: Matt Walker ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 2 Previous ISBN: Subject: Comput ers - Certification Guides / General Trim Height: cm Trim Width: cm Pages: 320 Format : Softcover INTRODUCTION More than 500 simulated CEH exam questions covering the latest exam release Fully revised for the new CEH v.8 exam objectives from the EC-Council, CEH Certified Ethical Hacker Practice Exams, Second Edition provides 500+ knowledge- and scenario-based practice exam questions that simulate the actual exam questions in content, style, tone, format, and difficulty. In-depth answer explanations for both the correct and incorrect answers are provided. This practical resource is the perfect companion to CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition. Electronic content includes two complete practice exam simulations and a PDF c opy of the book New coverage includes advanced hacking concepts, mobile platforms, tablet computer

10 hacking techniques, and real-time case studies DESCRIPTION Test yourself with 500+ simulated CEH exam questions covering the latest exam release--v.8 Fully revised for the new CEH v.8 exam objectives from the EC-Council, CEH Certified Ethical Hacker Practice Exams, Second Edition provides 500+ knowledge- and scenario-based practice exam questions that simulate the actual exam questions in content, style, tone, format, and difficulty. In-depth answer explanations for both the correct and incorrect answers are provided. This practical resource is the perfect companion to CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition. Electronic content includes two complete practice exam simulations and a PDF copy of the book New coverage includes advanced hacking concepts, mobile platforms, tablet computer hacking techniques, and real-time case studies Covers DOD 8570 requirements and US-CERT s EBK and Certified Computer Security Incident Handler (CSIH) standards ABOUT THE AUTHOR Matt Walker, CCNA, CCNP, MCSE, CEH, CNDA, CPTS (Satellite Beach, FL) is an IT Security Architect for HP at Kennedy Space Center. He has held a variety of networking and IT Security positions, most recently the IT Security Manager positions at Marshal Space Flight Center (SAIC contract).

11 OCM Java EE 6 Enterprise Architect Exam Guide (Exams 1Z0-807, 1Z0-865 & 1Z0-866) Author: Paul Allen, Joseph Bambara ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 3 Previous ISBN: Subject: Comput ers - Certification Guides / General Trim Height: cm Trim Width: cm Pages: 672 Format : Softcover with CDROM INTRODUCTION The only exam guide for all three exams required to achieve the elite Oracle Certified Master Java Enterprise Edition 6 Enterprise Architect certification The Oracle Certified Master Java EE 6 Enterprise Architect examination track consists of three exams: a knowledge-based multiple-choice exam, a programming assignment, and an essay exam. OCM Java EE 6 Enterprise Architect Exam Guide (Exams 1Z0-807, 1Z0-865 & 1Z0-866) covers 100% of the exam objectives and addresses the three exams and their formats. The book's end of chapter multiple-choice questions are accompanied by in-depth answer explanations. A sample case study with essay questions helps readers prepare for both the programming assignment and the essay exam. Electronic content includes two multiple-choice practice exams and a PDF ebook Written by industry experts Joseph J. Bambara and Paul R. Allen and crafted from

12 hundreds of hours of experience teaching Java technologies to students DESCRIPTION From Oracle Press--the only exam guide for all three exams required to achieve the Oracle Certified Master Java Enterprise Edition 6 Enterprise Architect certification The Oracle Certified Master Java EE 6 Enterprise Architect examination track consists of three exams: a knowledge-based multiple-choice exam, a programming assignment, and an essay exam. OCM Java EE 6 Enterprise Architect Exam Guide (Exams 1Z0-807, 1Z0-865 & 1Z0-866) covers 100% of the exam objectives and addresses the three exams and their formats. The book's end-of-chapter multiple-choice questions are accompanied by in-depth answer explanations. A sample case study with essay questions helps you prepare for both the programming assignment and the essay exam. Electronic content includes two multiple-choice practice exams and a PDF ebook Authoritative exam prep from Oracle Press Written by industry experts Joseph J. Bambara and Paul R. Allen and crafted from hundreds of hours of experience teaching Java technologies to students ABOUT THE AUTHOR Paul R. Allen (New York, NY) is a principal of UCNY, Inc., an international consulting firm that helps Fortune 500 companies improve operations through the use of web, database, and object technology. Joseph J. Bambara (New York, NY) is a principal of UCNY, Inc. He has been developing application systems for more than 30 years and is also an attorney specializing in intellec tual property.

13 Predictive Analytics Using Oracle Data Miner: Develop & Use Data Mining Models in ODM, SQL & PL/SQL Author: Brendan Tierney ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 1 Previous ISBN: Subject: Comput ers - Databases / Data Mining Trim Height: 24 cm Trim Width: 19 cm Pages: 448 Format : Softcover INTRODUCTION The only Oracle Press guide to developing next-generation predictive analytics applications with Oracle Data Miner Predictive analytics is the most technically sophisticated approach to staying ahead of competitors using advanced techniques to find patterns in enterprise data. Written by an Oracle ACE Director, Predictive Analytics Using Oracle Data Miner shows how to use this powerful tool to build and apply advanced data mining models and perform data mining tasks in SQL and PL/SQL. Guidance on how to migrate the data mining models from a test environment to a production environment is included. Best practices for creating predictive models that help target key customers, develop detailed customer profiles, find and prevent fraud, stay ahead of the competition, and realize greater profits

14 Reveals how to unlock the power of native SQL functions within the Oracle Database DESCRIPTION The only Oracle Press guide to developing next-generation predictive analytics applications with Oracle Data Miner Predictive analytics is the most technically sophisticated approach to staying ahead of competitors using advanced techniques to find patterns in enterprise data. This is an essential how-to guide for data scientists, data miners, data analysts, Oracle developers, and DBAs. Written by an Oracle ACE Director, Predictive Analytics Using Oracle Data Miner shows you how to use this powerful tool to build and apply advanced data mining models and perform data mining tasks in SQL and PL/SQL. Guidance on how to migrate the data mining models from a test environment to a production environment is included. Best practices for creating predictive models that help target key customers, develop detailed customer profiles, find and prevent fraud, stay ahead of the competition, and realize greater profits Reveals how to unlock the power of native SQL functions within the Oracle Database ABOUT THE AUTHOR Brendan Tierney, Oracle ACE Director (Dublin, Ireland), an independent consultant, lectures on data mining and advanced databases at the Dublin Institute of Technology.

15 Oracle PL/SQL Performance Tuning Tips & Techniques Author: Michael Rosenblum, Paul Dorsey ISBN-13: Pub Date: AUGUST 2014 Price: $ AUD $ NZD Edition: 1 Previous ISBN: Subject: Computers - Programming Languages / SQL Trim Height: 24 cm Trim Width: 19 cm Pages: 320 Format : Softcover INTRODUCTION Best practices for improving overall speed, reliability, and security An intermediate guide for developers and programmers wanting to become problemsolving experts Includes all changes and updates for Oracle Database 12c Filled with real-world examples, scenarios, and solutions, plus code samples online DESCRIPTION Proven PL/SQL optimization solutions from Oracle Press Oracle PL/SQL Performance Tuning Tips & Techniques presents a hands-on approach to enabling better, faster, and safer results from PL/SQL. This is an intermediate guide for developers and programmers wanting to achieve profound results by deploying the latest and best methods for improving overall speed, reliability, and security. You will learn expert performance tuning

16 methods that draw on decades of professional experience. A wide array of real-world examples are included. Coverage includes: The role of PL/SQL in contemporary development; The concept of performance tuning; DBA/developer borderline: tools/features/setup; Performance measuring techniques; Tuner's toolkit; Thinking in SETs; Pulling a trigger; Doing more; Do more with LESS; Keeping the cache; Shooting moving target; Effective utilization of PL/SQL in the web environment; Version control and editions; Tips, tricks and ideas ABOUT THE AUTHOR Michael Rosenblum is a Software Architect/Senior DBA at Dulcian, Inc., where he is responsible for system tuning and application architecture. Michael supports Dulcian developers by writing complex PL/SQL routines and researching new features. He is an Oracle ACE, a frequent presenter at various Oracle user group conferences (Oracle OpenWorld, ODTUG, IOUG Collaborate, RMOUG, NYOUG), and winner of the ODTUG Kaleidoscope 2009 Best Speaker Award. In his native Ukraine, Michael received the scholarship of the president of Ukraine, a master of science degree in information systems, and a diploma with honors from the Kiev National University of Economics. Dr. Paul Dorsey is the founder and president of Dulcian, Inc., an Oracle consulting firm specializing in business rules and web-based application development. He is the chief architect of Dulcian's Business Rules Information Manager (BRIM ) tool. Dr. Dorsey is the co-author of seven Oracle Press books on Designer, Database Design, Developer, and JDeveloper, which have been translated into nine languages. He is an Oracle Fusion Middleware Regional Director. Paul is President Emeritus of NYOUG and the Associate Editor of the International Oracle User Group's SELECT Journal. In 2003, Dr. Dorsey was honored by ODTUG as volunteer of the year, in 2001 by IOUG as volunteer of the year, and by Oracle as one of the six initial honorary Oracle 9i Certified Masters. Dr. Dorsey is also the founder and Chairperson of the ODTUG Symposium, currently in its eighth year. His submission of a Survey Generator built to collect data for The Preeclampsia Foundation was the winner of the 2007 Oracle Fusion Middleware Developer Challenge.