Authors: Greg Abelar.
Paperback, 288 pages
Publisher: Cisco Press
Publication Date: 2005-06-06


Reviews :

   

Protect critical data and maintain uptime with Cisco ASDM and Cisco Security Agent 

• Understand how attacks can impact your business and the different ways attacks can occur
• Learn about the defense-in-depth model for deploying firewall and host protection
• Examine navigation methods and features of Cisco ASDM
• Set up Cisco ASA, PIX Firewall, and ASDM hardware and software
• Use the Cisco ASDM startup wizard to safely connect your network to the Internet and securely add public devices such as mail and web servers to your network
• Authenticate firewall users and users of public web servers
• Filter traffic and protect your network from perimeter attacks
• Deploy Cisco Intrusion Prevention System (IPS) to provide more granular traffic inspection and proactive threat response
• Stop attacks launched at the desktop by deploying Cisco Security Agent
• Extend the defense-in-depth model to remote users through IPSec virtual private networks (VPN)
• Enhance your security posture through proper security management
• Understand the advanced features available in the Cisco PIX version 7 operating system
• Recover from software failure with Cisco PIX version 7

Many people view security as a “black-box-voodoo” technology that is very sophisticated and intimidating. While that might have been true a few years ago, vendors have been successful in reducing the complexity and bringing security to a point where almost anyone with a good understanding of technology can deploy network security.

 

Securing Your Business with Cisco ASA and PIX Firewalls is an extension of the work to simplify security deployment. This easy-to-use guide helps you craft and deploy a defense-in-depth solution featuring the newly released Cisco® ASA and PIX® version 7 as well as Cisco Security Agent host intrusion prevention software. The book simplifies configuration and management of these powerful security devices by discussing how to use Cisco Adaptive Security Device Manager (ASDM), which provides security management and monitoring services through an intuitive GUI with integrated online help and intelligent wizards to simplify setup and ongoing management. In addition, informative, real-time, and historical reports provide critical insight into usage trends, performance baselines, and security events. Complete with real-world security design and implementation advice, this book contains everything you need to know to deploy the latest security technology in your network.

 

Securing Your Business with Cisco ASA and PIX Firewalls provides you with complete step-by-step processes for using Cisco ASDM in conjunction with Cisco Security Agent to ensure that your security posture is strong enough to stand up against any network or host attack whether sourced from the Internet or from inside your own network.

 

"Firewalls are a critical part of any integrated network security strategy, and books such as this will help raise awareness of both the threats inherent in today’s open, heterogeneous internetworking environments and the solutions that can be applied to make the Internet a safer place."

—Martin E. Hellman, professor emeritus of Electrical Engineering,

Stanford University and co-inventor of public key cryptography

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks. 

...

Authors: Kathy Ivens.
Paperback, 1008 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2003-05-12
Edition: 1

Reviews :

    Understand the architecture of operating systems including Windows NT, Windows 2000, and Windows Server 2003. Configure computers, manage users, and design your Active Directory. Implement group policies, enterprise services, and disaster planning and recovery processes....

Authors: David Yack. Joe Mayo. Scott Hanselman. Fredrik Normén. Dan Wahlin. J. Ambrose Little. Jonathan Goodyear.
Paperback, 432 pages
Publisher: Wrox
Publication Date: 2006-05-30


Reviews :

   

• This unique book offers readers invaluable information from the cream of the crop-Microsoft MVPs-who are now sharing undocumented hacks for the first time
• Packed with superlative advice on ASP, Microsoft's popular technology for Web sites, this book will help readers become more productive developers, find solutions to problems they thought unsolvable, and develop better applications
• During their many years of working with ASP.NET, Microsoft MVPs have answered thousands of questions, putting them in the distinctive position of knowing exactly what readers need to know
• Many of the hacks will apply to multiple versions of ASP.NET, not just 2.0 but 1.0 and 1.1 as well

This book is also available as part of the 5-book ASP.NET 2.0 Wrox Box (ISBN: 0-470-11757-5). This 5-book set includes:

• Professional ASP.NET 2.0 Special Edition (ISBN: 0-470-04178-1)
• ASP.NET 2.0 Website Programming: Problem - Design - Solution (ISBN: 0764584642 )
• Professional ASP.NET 2.0 Security, Membership, and Role Management (ISBN: 0764596985)
• Professional ASP.NET 2.0 Server Control and Component Development (ISBN: 0471793507)
• ASP.NET 2.0 MVP Hacks and Tips (ISBN: 0764597663)
• CD-ROM with more than 1000 pages of bonus chapters from 15 other .NET 2.0 and SQL Server(TM) 2005 Wrox books
• DVD with 180-day trial version of Microsoft(r) Visual Studio(r) 2005 Professional Edition

...

Authors: Laura Taylor.
Paperback, 504 pages
Publisher: Syngress
Publication Date: 2006-11-01
Edition: 1

Reviews :

    Certification and Accreditation is growing area of security concern, and is currently mandated by a law known as the Federal Information Security Management Act of 2002 (FISMA). All U.S. federal agencies must certify and accredit all systems and applications prior to putting them into operation. The only book that instructs IT Managers to adhere to federally mandated certification and accreditation requirements. This book explains what is meant by Certification and Accreditation and why the process is mandated by federal law.

The different Certification and Accreditation laws are cited and discussed including the three leading types of C&A: NIST, NIAP, and DITSCAP. Next, the book explains how to prepare for, perform, and document a C&A project. The next section to the book illustrates addressing security awareness, end-user rules of behavior, and incident response requirements. Once this phase of the C&A project is complete, the reader will learn to perform the security tests and evaluations, business impact assessments system risk assessments, business risk assessments, contingency plans, business impact assessments, and system security plans. Finally the reader learns to audit their entire C&A project and correct any failures.

...

Authors: Ben Jackson. Champ Clark.
Paperback, 275 pages
Publisher: Syngress
Publication Date: 2007-06-29


Reviews :

    Asterisk hacking shows readers about a hacking technique they may not be aware of. It teaches the secrets the bad guys already know about stealing personal information through the most common, seemingly innocuous, highway into computer networks: the phone system. The book also comes with an Asterisk Live CD (SLAST) containing all the tools discussed in the book and ready to boot!

This book shows readers what they can do to protect themselves, their families, their clients, and their network from this invisible threat. Power tips show how to make the most out of the phone system and turn it into a samurai sword - for defense or attack!

*Asterisk Live CD (SLAST) containing all the tools discussed in the book and ready to boot!
*Contains original code to perform previously unthought of tasks like changing caller id, narrowing a phone number down to a specific geographic location, and more!
*See through the eyes of the attacker and learn WHY they are motivated, something not touched upon in most other titles...

Authors: Thomas M. Thomas.
Paperback, 480 pages
Publisher: Cisco Press
Publication Date: 2004-05-31


Reviews :

   

Your first step into the world of network security

• No security experience required
• Includes clear and easily understood explanations
• Makes learning easy

Your first step to network security begins here!

• Learn about hackers and their attacks
• Understand security tools and technologies
• Defend your network with firewalls, routers, and other devices
• Explore security for wireless networks
• Learn how to prepare for security incidents

Welcome to the world of network security!

Computer networks are indispensable-but they're also not secure. With the proliferation of Internet viruses and worms, many people and companies are considering increasing their network security. But first, you need to make sense of this complex world of hackers, viruses, and the tools to combat them.

No security experience needed!

Network Security First-Step explains the basics of network security in easy-to-grasp language that all of us can understand. This book takes you on a guided tour of the core technologies that make up and control network security. Whether you are looking to take your first step into a career in network security or are interested in simply gaining knowledge of the technology, this book is for you!

...

Authors: Whitfield Diffie. Susan Landau.
Hardcover, 400 pages
Publisher: The MIT Press
Publication Date: 2007-05-31
Edition: 2

Reviews :

    Awarded the 1998 Donald McGannon Award for Social and Ethical Relevance in Communication Policy Research. and Received the IEEE-USA Award for Distinguished Literary Contributions Furthering Public Understanding of the Profession.

Telecommunication has never been perfectly secure. The Cold War culture of recording devices in telephone receivers and bugged embassy offices has been succeeded by a post-9/11 world of NSA wiretaps and demands for data retention. Although the 1990s battle for individual and commercial freedom to use cryptography was won, growth in the use of cryptography has been slow. Meanwhile, regulations requiring that the computer and communication industries build spying into their systems for government convenience have increased rapidly. The application of the 1994 Communications Assistance for Law Enforcement Act has expanded beyond the intent of Congress to apply to voice over Internet Protocol (VoIP) and other modern data services; attempts are being made to require ISPs to retain their data for years in case the government wants it; and data mining techniques developed for commercial marketing applications are being applied to widespread surveillance of the population.

In Privacy on the Line, Whitfield Diffie and Susan Landau strip away the hype surrounding the policy debate over privacy to examine the national security, law enforcement, commercial, and civil liberties issues. They discuss the social function of privacy, how it underlies a democratic society, and what happens when it is lost. This updated and expanded edition revises their original—and prescient—discussions of both policy and technology in light of recent controversies over NSA spying and other government threats to communications privacy....

Authors: Seth Fogie. Jeremiah Grossman. Robert Hansen. Anton Rager. Petko D. Petkov.
Paperback, 480 pages
Publisher: Syngress
Publication Date: 2007-05-15


Reviews :

    Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.

*XSS Vulnerabilities exist in 8 out of 10 Web sites
*The authors of this book are the undisputed industry leading authorities
*Contains independent, bleeding edge research, code listings and exploits that can not be found anywhere else...

Authors: Pawan Bhardwaj.
Paperback, 812 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2007-03-27


Reviews :

    If you're preparing for the new CompTIA 2006 certification in A , or the current Network and Security certifications, you'll find this book invaluable. It provides all the information you need to get ready for these exams, including the four new A exams -- the required Essentials exam and three elective exams that pertain to your area of specialization.

As with other O'Reilly Nutshell books for certification exams, A , Network and Security in a Nutshell follows a proven style and approach. It reviews all of the topics needed to master each exam in a remarkably concise format, with required knowledge boiled down to the core. Instead of plowing through 500 to 700 pages to prepare for each exam, this book covers each one in approximately 150 pages. And because the objectives for the three elective A exams are redundant, and the book covers them in one section.

The exams covered include:

• A Essentials: Required for A 2006 certification
• EXAM 220-602: For the A IT Technician specialization
• EXAM 220-603: For the A Remote Support Technician specialization
• EXAM 220-604: For the A IT Depot specialization
• EXAM N10-003: For Network Certification
• EXAM SYO-101: For Security Certification

Each exam is covered in three parts: Exam Overview, Study Guide and Prep and Practice. Plenty of detailed tables and screen shots are included, along with study notes and practice questions. Once you have completed the exams successfully, you will find this all-in-one book to be a valuable reference to core administration and security skills....

Authors: Jon Edney. William A. Arbaugh.
Paperback, 480 pages
Publisher: Addison-Wesley Professional
Publication Date: 2003-07-25


Reviews :

    Real 802.11 Security describes an entirely new approach to wireless LAN security based on the latest developments in Wi-Fi technology. The author team addresses the theory, implementations, and reality of Wi-Fi security. It provides an overview of security issues, explains how security works in Wi-Fi networks, and explores various security and authentication protocols. The book concludes with an in-depth discussion of real-world security issues and attack tools....