Michael Gregg

In this best-of-breed study guide, leading experts Michael Gregg and Omar Santos help you master all the topics you need to know to succeed on your Certified Ethical Hacker exam and advance your career in IT security. The authors' concise, focused approach explains every exam objective from a real-world perspective, helping you quickly identify weaknesses and retain everything you need to know. Every feature of this book supports both efficient exam preparation and long-term mastery:* Opening topics lists identify the topics you need to learn in each chapter and list EC-Council's official exam objectives * Key Topics figures, tables, and lists call attention to the information that's most crucial for exam success * Exam Preparation Tasks enable you to review key topics, define key terms, work through scenarios, and answer review questions...going beyond mere facts to master the concepts that are crucial to passing the exam and enhancing your career Key Terms are listed in each chapter and defined in a complete glossary, explaining all the field's essential terminology This study guide helps you master all the topics on the latest CEH exam, including* Ethical hacking basics * Technical foundations of hacking * Footprinting and scanning * Enumeration and system hacking * Social engineering, malware threats, and vulnerability analysis * Sniffers, session hijacking, and denial of service * Web server hacking, web applications, and database attacks * Wireless technologies, mobile security, and mobile attacks * IDS, firewalls, and honeypots * Cryptographic attacks and defenses * Cloud computing, IoT, and botnets

CISSP Exam Cram, Fifth Edition is the perfect study guide to help you pass the latest update to the eight-domain version of the CISSP exam. It offers knowledge and practice questions for every exam topic, with new coverage of asset retention, secure provisioning, crypto attacks, machine learning tools, threat hunting, risk-based access control, zero trust, SAML, SOAR, CASB, securing microservices, containers, managed services, and more. Covers the critical information you'll need to score higher on your CISSP exam! Understand Security & Risk Management: ethics, security concepts, governance, compliance, law/regulation, policies/procedures, threat models, supply chain risk, awareness training, and moreEnsure Secure Assets: identify/classify information and assets; handling requirements, resource provisioning, data lifecycles, retentionReview Security Architecture & Engineering: secure processes and principles, security models and controls, system capabilities, vulnerability assessment/mitigation, crypto attacks/solutions, site/facility design and controlsImprove Communication & Network Security: secure network architectures, components, and channelsStrengthen Identity & Access Management (IAM): physical/logical access control, identification, authentication, federated identity services, authorization, identity/access provisioningEnhance Security Assessment & Testing: design/validate assessment, test, and audit strategies; test controls; collect process data; evaluate and report test results; conduct or support auditsManage Security Operations: investigations, logs, monitoring, resource protection, incident management, detection/prevention; configuration, patches, vulnerabilities, and changemanagement; DR/BC, physical and personnel security, and more

Comprehensive coverage of the new CASP+ exam, with hands-on practice and interactive study tools The CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-003, Third Edition, offers invaluable preparation for exam CAS-003. Covering 100 percent of the exam objectives, this book provides expert walk-through of essential security concepts and processes to help you tackle this challenging exam with full confidence. Practical examples and real-world insights illustrate critical topics and show what essential practices look like on the ground, while detailed explanations of technical and business concepts give you the background you need to apply identify and implement appropriate security solutions. End-of-chapter reviews help solidify your understanding of each objective, and cutting-edge exam prep software features electronic flashcards, hands-on lab exercises, and hundreds of practice questions to help you test your knowledge in advance of the exam. The next few years will bring a 45-fold increase in digital data, and at least one third of that data will pass through the cloud. The level of risk to data everywhere is growing in parallel, and organizations are in need of qualified data security professionals; the CASP+ certification validates this in-demand skill set, and this book is your ideal resource for passing the exam. Master cryptography, controls, vulnerability analysis, and network securityIdentify risks and execute mitigation planning, strategies, and controlsAnalyze security trends and their impact on your organizationIntegrate business and technical components to achieve a secure enterprise architecture CASP+ meets the ISO 17024 standard, and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is also compliant with government regulations under the Federal Information Security Management Act (FISMA). As such, this career-building credential makes you in demand in the marketplace and shows that you are qualified to address enterprise-level security concerns. The CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-003, Third Edition, is the preparation resource you need to take the next big step for your career and pass with flying colors.

Welcome to Certified Ethical Hacker (CEH) Version 9 Pearson uCertify Course and Labs Certified Ethical Hacker (CEH) Version 9 uCertify Course and Labs is an easy-to-use online course that allows you to assess your readiness and teaches you what you need to know to pass the Certified Ethical Hacker (CEH) Version 9 exam. Master all of the Certified Ethical Hacker (CEH) Version 9 exam objectives in the framework of Certified Ethical Hacker (CEH) Version 9 Cert Guide, Second Edition interactive eBook. The interactive eBook includes informative text, tables, step-by-step lists, images, video instruction, interactive exercises, glossary flash cards, and review activities. The course comes complete with extensive pre- and post-assessment tests. In total there are over 440 practice questions. The award-winning uCertify Labs help bridge the gap between conceptual knowledge and real-world application by providing competency-based, interactive, online, 24x7 training. uCertify Labs simulate the tools, techniques, and command line tools used by ethical hackers. The 60+ labs are supplemented with videos demonstrating lab solutions. Students can feel safe working in this virtual environment resolving real-world operating system and hardware problems. All of the content–the complete Cert Guide, the video instruction, the practice questions, the exercises, and the labs–is focused around the official Certified Ethical Hacker (CEH) Version 9 exam objectives.

Welcome to Certified Ethical Hacker (CEH) Version 9 Pearson uCertify Course Certified Ethical Hacker (CEH) Version 9 uCertify Course is an easy-to-use online course that allows you to assess your readiness and teaches you what you need to know to pass the Certified Ethical Hacker (CEH) Version 9 exam. Master all of the Certified Ethical Hacker (CEH) Version 9 exam objectives in the framework of C ertified Ethical Hacker (CEH) Version 9 Cert Guide, Second Edition interactive eBook. The interactive eBook includes informative text, tables, step-by-step lists, images, video, interactive exercises, glossary flash cards, and review activities. Gauge your readiness with a pre-assessment exam with questions specifically designed to identify your deficiencies. Then after you have worked through the course material practice use the two practice exams and the post assessment to see if you are ready or where you need to study more. In total there are over 440 practice questions. All of the content—the complete Cert Guide, the practice questions, and the exercises—is focused around the official Certified Ethical Hacker (CEH) Version 9 exam objectives.

The ultimate hands-on guide to IT security and proactive defense The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills. Security technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. The Network Security Test Lab is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers. Get acquainted with your hardware, gear, and test platformLearn how attackers penetrate existing security systemsDetect malicious activity and build effective defensesInvestigate and analyze attacks to inform defense strategy The Network Security Test Lab is your complete, essential guide.

This book is the definitive guide to field epidemiology - the application of epidemiologic methods to unexpected health problems (e.g. bioterrorist attacks, natural disasters, industrial accidents) where rapid, on-site investigation is necessary. The third edition includes new chapters on environmental investigations and immunization strategies and evaluation. Existing chapters on bioterrorism, surveillance, and operations have been completely rewritten. The rest of the chapters have been revised and updated with new case studies and examples.

An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking. Each threat is fully defined, likely vulnerabilities are identified, and detection and prevention strategies are considered. Wherever possible, real-world examples are used to illustrate the threats and tools for specific solutions.

The Perfect Reference for the Multitasked SysAdmin This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter. * Take Inventory See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate. * Use Nmap Learn how Nmap has more features and options than any other free scanner. * Implement Firewalls Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable. * Perform Basic Hardening Put an IT security policy in place so that you have a concrete set of standards against which to measure. * Install and Configure Snort and Wireshark Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations. * Explore Snort Add-Ons Use tools like Oinkmaster to automatically keep Snort signature files current. * Troubleshoot Network Problems See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP. * Learn Defensive Monitoring Considerations See how to define your wireless network boundaries, and monitor to know if they’re being exceeded and watch for unauthorized traffic on your network.