Computer Softwares

Software Security Testing

Friday, January 27th, 2012 | Computer Softwares | No Comments

software security testing
How to test Kaspersky?

Ive just downloaded kaspersky internet security trial as im going through trialing some internet security software. How can I test it though? I tried the eicar thing but windows defender blocks it first waht else can i try?

Deactivate your Windows Defender and start your test. Once your testing job is complete, you can always activate Windows Defender

Isnt that simple enough ??

The Art of Software Security Testing

Cisco-Linksys Wireless-N Internet Home Monitoring Camera

$139.99

Send live audio and video to a smartphone or web browser anywhere in the world! The Cisco-Linksys wireless-N internet home monitoring camera connects to your network wirelessly, and delivers a live audio/video stream to a smartphone or browser anywhere. Also captures video streams and sends email alerts with video clips upon motion detection….

D-Link DIR-615 Wireless-N Router, 4-Port

$33.00

10/100Base-TX, 10/100Base-TX – IEEE 802.11b/g – Wireless Router…

Cisco WVC2300 Wireless-G Business Internet Security Video Camera w/Audio

$268.99

Linksys WVC2300 Wireless-G Business Internet Video Camera WVC2300 Surveillance & Network Cameras…

EasyCAP USB 2.0 Audio/Video Capture/Surveillance Dongle

$5.05

Dimensions: 3.54 in x 1.06 in x 0.55 in…

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series)

$29.95

The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. Tool coverage will include, Backtrack Linux, Google, Whois, Nmap, Nessus, Metasploit, Netcat, Netbus, and m…

BackTrack 5 Wireless Penetration Testing Beginner’s Guide

$43.87

Written in Packt’s Beginner’s Guide format, you can easily grasp the concepts and understand the techniques to perform wireless attacks in your lab. Every new attack is described in the form of a lab exercise with rich illustrations of all the steps associated. You will practically implement various attacks as you go along. If you are an IT security professional or a security consultant who wants …

Software Engineering: Theory and Practice (4th Edition)

$96.00

KEY BENEFIT: This introduction to software engineering and practice addresses both procedural and object-oriented development. KEY TOPICS: Is thoroughly updated to reflect significant changes in software engineering, including modeling and agile methods. Emphasizes essential role of modeling design in software engineering. Applies concepts consistently to two common examples â a typical info…

Network Assoc INSTI MCAFEE ANTI-SPAM ( SKPYFM-AA-JI )

$114.84

Main FeaturesManufacturer: CanonManufacturer Part Number: 6828A004AAManufacturer Website Address: www.canonusa.comProduct Type: TonerPrint Color: MagentaPrint Yield: 13000 Page Compatibility: Canon imageCLASS C3500 Copier…

Software Engineering for Secure Systems (Hardcover)

$175.28

“This book provides coverage of recent advances in the area of secure software engineering that address the various stages of the development process from requirements to design to testing to implementation”–Provided by publisher.

Gray Hat Python (Paperback)

$23.98

Python has become the preferred programming language for hackers, reverse engineers and software testers, and this guide for security-oriented programmers describes the debuggers, Trojans, fuzzers and emulators that are not clearly explained in existin…

The Software Vulnerability Guide

$29.72

In today`s market, secure software is a must for consumers. Many developers, however, are not familiar with the techniques needed to produce secure code or detect existing vulnerabilities. The Software Vulnerability Guide helps developers and tester

.NET Security

$1.98

When you use .NET to create client-and server-side applications, you have to address a new and large set of security issues. “.NET Security” shows you what you need to know by covering the different aspects of the .NET security model through detailed discussions about the key namespaces. The authors not only demonstrate how to write .NET code that can create secure systems within the .NET Framework, but also discuss ways that someone may try to break the security model in .NET, and how .NET prevents such intrusions.”.NET Security” is a tutorial about how to use the .NET security and cryptographic classes as well as a reference for any developer who wants to understand how security is implemented in the .NET Framework. The .NET Framework requires understanding in many new areas such as managed code, permissions, and evidenceand this book covers them all. About the Authors: Jason Bock is consultant and instructor for Intertech-Inc. (a company devoted to delivering hands-on workshops for enterprise web developers and whose focus is the professional Java(tm), XML, and .NET enterprise developer). He has worked on a number of business applications using a diverse set of substrates and languages such as C#, .NET, and Java. He is also the author of “CIL Programming: Under the Hood of .NET” by Apress and “Visual Basic 6 Win32 API Tutorial”, and has written numerous articles on technical development issues associated with both VB and Java. Jason holds both a B.A. and a Masters degree in Electrical Engineering from Marquette University. Pete Stromquist is a consultant at Magenic Technologies (one of the nation’s premiere Microsoft Gold Certified Partners), specializing in Web-enabled application development using Microsoft tools and technologies. He has spent the last several years architecting and developing the following types of applications: Intranet content management, Web-enabled training and testing software, B2B and B2C e-commerce, and

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

$18.08

“What makes this book so important is that it reflects the experiences of two of the industry’s most experienced hands at getting real-world engineers to understand just what they're being asked for when they’re asked to write secure code. The book reflects Michael Howard’s and David LeBlanc’s experience in the trenches working with developers years after code was long since shipped, informing them of problems.” From the Foreword by Dan Kaminsky, Director of Penetration Testing, IOActiveEradicate the Most Notorious Insecure Designs and Coding VulnerabilitiesFully updated to cover the latest security issues, 24 Deadly Sins of Software Security reveals the most common design and coding errors and explains how to fix each one-or better yet, avoid them from the start. Michael Howard and David LeBlanc, who teach Microsoft employees and the world how to secure code, have partnered again with John Viega, who uncovered the original 19 deadly programming sins. They have completely revised the book to address the most recent vulnerabilities and have added five brand-new sins. This practical guide covers all platforms, languages, and types of applications. Eliminate these security flaws from your code: SQL injection Web server- and client-related vulnerabilitiesUse of magic URLs, predictable cookies, and hidden form fieldsBuffer overrunsFormat string problemsInteger overflowsC++ catastrophesInsecure exception handlingCommand injectionFailure to handle errorsInformation leakageRace conditionsPoor usabilityNot updating easilyExecuting code with too much privilegeFailure to protect stored dataInsecure mobile codeUse of weak password-based systemsWeak random numbersUsing cryptography incorrectlyFailing to protect network trafficImproper use of

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

$49.99

“What makes this book so important is that it reflects the experiences of two of the industry’s most experienced hands at getting real-world engineers to understand just what they're being asked for when they’re asked to write secure code. The book reflects Michael Howard’s and David LeBlanc’s experience in the trenches working with developers years after code was long since shipped, informing them of problems.” From the Foreword by Dan Kaminsky, Director of Penetration Testing, IOActiveEradicate the Most Notorious Insecure Designs and Coding VulnerabilitiesFully updated to cover the latest security issues, 24 Deadly Sins of Software Security reveals the most common design and coding errors and explains how to fix each one-or better yet, avoid them from the start. Michael Howard and David LeBlanc, who teach Microsoft employees and the world how to secure code, have partnered again with John Viega, who uncovered the original 19 deadly programming sins. They have completely revised the book to address the most recent vulnerabilities and have added five brand-new sins. This practical guide covers all platforms, languages, and types of applications. Eliminate these security flaws from your code: SQL injection Web server- and client-related vulnerabilitiesUse of magic URLs, predictable cookies, and hidden form fieldsBuffer overrunsFormat string problemsInteger overflowsC++ catastrophesInsecure exception handlingCommand injectionFailure to handle errorsInformation leakageRace conditionsPoor usabilityNot updating easilyExecuting code with too much privilegeFailure to protect stored dataInsecure mobile codeUse of weak password-based systemsWeak random numbersUsing cryptography incorrectlyFailing to protect network trafficImproper use of

Analysis and Design of Information Systems

$99

In any software design project, the analysis stage – documenting and designing technical requirements for the needs of users – is vital to the success of the project.This third edition of the successful Analysis and Design of Information Systems provides a comprehensive introduction and user-friendly survey to all aspects of business transformation and analysis, and aims to provide the complex set of tools covering all types of systems, including legacy, transactional, database, and web/e-commerce topics. Focusing on the applied aspects of analysis to create systems that meet the needs of their users, (consumers and businesses), this revised text aims to enhance the set of techniques and tools that the analyst/designer requires for success and to organizations to implement business transformation of operations.Topics and features:• Additional chapters on Web interface tools, security and change control, and data warehouse system design• Developments on new designs and technologies, particularly in the area of web analysis and design; a revised Web/Commerce chapter addresses component middleware for complex systems design• New case studies and more examples, providing readers with a deeper understanding of practicalities• Presents modelling tools within a SDLC framework, thereby providing readers with a step-by-step understanding of when and how to use them• More coverage on converting logical models to physical models, how to generate DDL, and testing database functionalities• Expanded scope of analysis and design to include more specific conventions, such as logical to physical design steps, XML, data values, and denormalizationBased on feedback the author received from instructors and practitioners in industry, this enhanced text/reference presents a set of good practices that allow readers to adjust to the constraints and needs of any business. It is a valuable resource and guide for all information

Analysis and Design of Information Systems

$1

In any software design project, the analysis stage – documenting and designing technical requirements for the needs of users – is vital to the success of the project.This third edition of the successful Analysis and Design of Information Systems provides a comprehensive introduction and user-friendly survey to all aspects of business transformation and analysis, and aims to provide the complex set of tools covering all types of systems, including legacy, transactional, database, and web/e-commerce topics. Focusing on the applied aspects of analysis to create systems that meet the needs of their users, (consumers and businesses), this revised text aims to enhance the set of techniques and tools that the analyst/designer requires for success and to organizations to implement business transformation of operations.Topics and features:• Additional chapters on Web interface tools, security and change control, and data warehouse system design• Developments on new designs and technologies, particularly in the area of web analysis and design; a revised Web/Commerce chapter addresses component middleware for complex systems design• New case studies and more examples, providing readers with a deeper understanding of practicalities• Presents modelling tools within a SDLC framework, thereby providing readers with a step-by-step understanding of when and how to use them• More coverage on converting logical models to physical models, how to generate DDL, and testing database functionalities• Expanded scope of analysis and design to include more specific conventions, such as logical to physical design steps, XML, data values, and denormalizationBased on feedback the author received from instructors and practitioners in industry, this enhanced text/reference presents a set of good practices that allow readers to adjust to the constraints and needs of any business. It is a valuable resource and guide for all information

Analysis and Design of Information Systems

$74.95

In any software design project, the analysis stage – documenting and designing technical requirements for the needs of users – is vital to the success of the project.This third edition of the successful Analysis and Design of Information Systems provides a comprehensive introduction and user-friendly survey to all aspects of business transformation and analysis, and aims to provide the complex set of tools covering all types of systems, including legacy, transactional, database, and web/e-commerce topics. Focusing on the applied aspects of analysis to create systems that meet the needs of their users, (consumers and businesses), this revised text aims to enhance the set of techniques and tools that the analyst/designer requires for success and to organizations to implement business transformation of operations.Topics and features:• Additional chapters on Web interface tools, security and change control, and data warehouse system design• Developments on new designs and technologies, particularly in the area of web analysis and design; a revised Web/Commerce chapter addresses component middleware for complex systems design• New case studies and more examples, providing readers with a deeper understanding of practicalities• Presents modelling tools within a SDLC framework, thereby providing readers with a step-by-step understanding of when and how to use them• More coverage on converting logical models to physical models, how to generate DDL, and testing database functionalities• Expanded scope of analysis and design to include more specific conventions, such as logical to physical design steps, XML, data values, and denormalizationBased on feedback the author received from instructors and practitioners in industry, this enhanced text/reference presents a set of good practices that allow readers to adjust to the constraints and needs of any business. It is a valuable resource and guide for all information

Application Lifecycle Management – Activities, Methodologies, Disciplines, Tools, Benefits, Alm Tools And Products

$19.95

Application Lifecycle Management (ALM) is a continuous process of managing the life of an application through governance, development and maintenance. ALM is the marriage of business management to software engineering made possible by tools that facilitate and integrate requirements management, architecture, coding, testing, tracking, and release management.This Application Lifecycle Management book provides insight to improve business and IT alignment via IT portfolio management systems, software quality metrics, testing and verification tools, software change and configuration, requirements definition and management tools, and agile processes. Application Lifecycle Management also help ensure regulatory compliance and security, address licensing issues (including SaaS and open source), and seek ALM and software asset reuse in a world that encompasses cloud, Web 2.0, SOA, composite apps, virtualization, and complex sourcing.In easy to read chapters, with extensive references and links to get you to know all there is to know about ALM: Software development processes, Requirements analysis, Functional specification, Software architecture, Software design, Computer programming, Software testing, Software deployment, Software maintenance, Agile software development, Cleanroom Software Engineering, Iterative and incremental development, Rapid application development, IBM Rational Unified Process, Spiral model, Waterfall model, Lean software development, V-Model (software development), Test-driven development, Software configuration management, Software documentation, Software quality assurance, Software project management, User experience design, Compiler, Debugger, Performance analysis, Graphical user interface builder, Integrated development environment, Requirements Management, Feature (software design), Model-driven engineering, Project Management, Change management (engineering), Configuration Management, Software build, Software Testing, Release

Architecting Secure Software Systems

$59.23

Traditionally, software engineers have defined security as a non-functional requirement. As such, all too often it is only considered as an afterthought, making software applications and services vulnerable to attacks. With the phenomenal growth in cybercrime, it has become imperative that security be an integral part of software engineering so that all software assets are protected and safe. Architecting Secure Software Systems defines how security should be incorporated into basic software engineering at the requirement analysis phase, continuing this sharp focus into security design, secured programming, security testing, and secured deployment.Outlines Protection Protocols for Numerous ApplicationsThrough the use of examples, this volume defines a myriad of security vulnerabilities and their resultant threats. It details how to do a security requirement analysis and outlines the security development lifecycle. The authors examine security architectures and threat countermeasures for UNIX, .NET, Java, mobile, and Web environments. Finally, they explore the security of telecommunications and other distributed services through Service Oriented Architecture (SOA). The book employs a versatile multi-platform approach that allows users to seamlessly integrate the material into their own programming paradigm regardless of their individual programming backgrounds. The text also provides real-world code snippets for experimentation.Define a Security Methodology from the Initial Phase of DevelopmentAlmost all assets in our lives have a virtual presence and the convergence of computer information and telecommunications makes these assets accessible to everyone in the world. This volume enables developers, engineers, and architects to approach security in a holistic fashion at the beginning of the software development lifecycle. By securing these systems from the project’s inception, the monetary and personal

Biometrics and surveillance: Identification, de-identification, and strategies for protection of personal data.

$49.99

In this thesis, I explore the current needs for and the state of conventionally deployed biometric systems as they relate to the following categories of societal concerns: (1) collection of personal information across domains linked by biometric identifiers, (2) errors that lead to a false accusation, (3) errors that lead to inconvenience, (4) collection/use without consent, and (5) use of biometrics data when not needed for a function or not proportional to potential for loss or risk. In Chapter 1, I examine the errors and use of biometrics as an identifier by reviewing the state of independent testing of common biometric modalities and performing a gap analysis. This gap analysis is then discussed with regard to the requirements of typical applications (personal security, forensic/surveillance applications, watchlists, and large-scale ID systems). A technique (k-Same) to minimize use of biometric data for secondary purposes is proposed and demonstrated in Chapter 2, which is a technical method proposed to begin to address the fourth category of concerns for data with facial images. In the context of sharing video surveillance data, a significant threat to privacy is face recognition software, which can automatically identify known people, such as from a database of drivers' license photos, and thereby track people regardless of suspicion. Chapter 2 introduces an algorithm to protect the privacy of individuals in video surveillance data by de-identifying faces such that many facial characteristics remain but the face cannot be reliably recognized. A trivial solution to de-identifying faces involves blacking out each face. This thwarts any possible face recognition, but because all facial details are obscured, the result is of limited use. Many ad hoc attempts, such as covering eyes, fail to thwart face recognition because of the robustness of face recognition methods. This paper presents a new privacy-enabling algorithm, named k-Same, that guarantees face

Build Your Own Security Lab: A Field Guide for Network Testing

$50

Many books tell you what to do. This one tells you how.If your job is to design or implement IT security solutions, or if you’re studying for any security certification, this is the how-to guide you’ve been looking for. Here’s how to assess your needs, gather the tools, and create a controlled environment in which you can experiment, test, and develop the solutions that work. With liberal examples from real-world scenarios, it tells you exactly how to implement a strategy to secure your systems now and in the future.Collect the necessary hardware and software and assemble your own network labConfigure a bootable Linux CDExplore various methods for gathering information about existing securityIdentify automated attack and penetration toolsUnderstand cryptographic systems and encryption and authentication attacksLearn to find, identify, and defeat malwareAddress the special protection needs of wireless systemsUse Snort® to build an IDS that will help to detect and identify attacks in real timeDVD includes tools for actually building and implementing security solutionsOpen source toolsDemo softwareA bootable version of Linux

CCENT Exam Prep (Exam 640-822)

$23.82

Your Complete Certification SolutionIn this book you’ll learn how to: Understand the foundations of network communication as described in the OSI and TCP/IP models Accurately design and troubleshoot networks using IP subnetting skills Understand the operational components and models of Cisco® routers and switches Perform basic navigation and configurations using Cisco IOS® Software and Cisco Secure Device Manager Apply techniques to secure networks Implement and troubleshoot Distance Vector (RIPv2) routing protocols Implement and troubleshoot NAT, DHCP, and DNS operation on a router Implement and secure wireless LANs (WLANs) Implement and verify basic WAN linksCD Features New Simulation Questions!The CD features innovative testing software powered by MeasureUp, an electronic copy of the book, and 75 minutes of video instruction that highlight five scenarios to help prepare for simlet questions on the new exams. The MeasureUp testing software gives you an effective tool to assess your readiness for the ICND1 exam: Detailed explanations of correct and incorrect answers Multiple test modes Random questions and order of answers Coverage of all CCENT™ ICND1 exam objectivesWRITTEN BY CCENT Experts!Jeremy Cioara (CCIE®, CCVP™, CCSP®) works in many facets of the Cisco networking realm. He is an accomplished instructor, author, and consultant. Jeremy is the CIO of AdTEC Networks and works as a network consultant focusing on Cisco network and voice-over-IP (VoIP) implementations.Dave Minutella (CCNP®, CCDP®, INFOSEC, CISSP, CTP, MCSA, MCDST, Security+, Network+, A+) has been working in the IT and telecom industry for over 14 years. He currently serves as Vice President of Educational Services for Training Camp.Heather Stevenson (CCNP) has more than 7 years of experience in the IT industry and is currently a Senior Network

CCNA Security Study Guide: Exam 640-553

$49.99

Prepare for Cisco’s CCNA Security certification examValidate your ability to secure Cisco networks with Cisco’s CCNA Security certification. This in-depth study guide prepares you for exam 640-553, Implementing Cisco IOS Network Security (IINS). Topics include identifying threats and analyzing risks, creating a security policy, securing Cisco routers, configuring AAA using Cisco Secure ACS, configuring defenses against Layer 2 attacks, implementing a Cisco IOS firewall, and much more. Inside, you’ll find: Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examPractical written and hands-on labs to reinforce critical skillsReal-world scenarios that put what you’ve learned in the contextof actual job rolesChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveLook inside for complete coverage of all exam objectives.SYBEX TEST ENGINE: Test your knowledge with advanced testing software. Includes all chapter review questions and bonus exams.ELECTRONIC FLASHCARDS: Reinforce your understanding with electronic flashcards.Also on CD, you’ll find the entire book in searchable and printable PDF. Study anywhere, any time, and approach the exam with confidence.Includes Real-World Scenarios, Hands-On and Written Labs, and Leading-Edge Exam Prep Software Featuring:Custom Test EngineHundreds of Sample QuestionsElectronic FlashcardsEntire Book in PDF

CCNA Security Study Guide: Exam 640-553

$26.96

Prepare for Cisco’s CCNA Security certification examValidate your ability to secure Cisco networks with Cisco’s CCNA Security certification. This in-depth study guide prepares you for exam 640-553, Implementing Cisco IOS Network Security (IINS). Topics include identifying threats and analyzing risks, creating a security policy, securing Cisco routers, configuring AAA using Cisco Secure ACS, configuring defenses against Layer 2 attacks, implementing a Cisco IOS firewall, and much more. Inside, you’ll find: Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examPractical written and hands-on labs to reinforce critical skillsReal-world scenarios that put what you’ve learned in the contextof actual job rolesChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveLook inside for complete coverage of all exam objectives.SYBEX TEST ENGINE: Test your knowledge with advanced testing software. Includes all chapter review questions and bonus exams.ELECTRONIC FLASHCARDS: Reinforce your understanding with electronic flashcards.Also on CD, you’ll find the entire book in searchable and printable PDF. Study anywhere, any time, and approach the exam with confidence.Includes Real-World Scenarios, Hands-On and Written Labs, and Leading-Edge Exam Prep Software Featuring:Custom Test EngineHundreds of Sample QuestionsElectronic FlashcardsEntire Book in PDF

CEH: Official Certified Ethical Hacker Review Guide

$11.7

Prepare for the CEH certification exam with this official review guideLearn how to identify security risks to networks and computers and get the serious preparation you need for the challenging Certified Ethical Hacker certification exam 312-50. The only review guide officially endorsed by EC-Council, this concise book covers all of the exam objectives and includes a CD with a host of additional study tools.Easy-to-use book is organized by exam objectives for quick reviewFlexible review guide goes hand-in-hand with any learning tool on the market”Exam Essentials” in each chapter helps you zero in on what you need to knowBook includes over 300 review questions and practice toolsLook inside for complete review coverage of all exam objectives for CEH exam 312-50.Featured on the CDSYBEX TEST ENGINE Test your knowledge with advanced testing software. Includes bonus exams and glossary.ELECTRONIC FLASHCARDS Reinforce your understanding with flashcards that can run on your PC, Pocket PC, or Palm handheld.

CISSP: Certified Information Systems Security Professional Study Guide

$33.33

Comprehensive preparation for the 2011 CISSP certification examWith pages of in-depth coverage, real-world scenarios, and detailed explanations of all domains from the Common Body of Knowledge (CBK) for the CISSP certification exam, this complete guide not only thoroughly prepares you for the exam, it also helps you develop practical skills for success on the job. Key topics include access control, business continuity, cryptography, biometrics, and more. You’ll also find helpful advice on how to pass each section of the exam. Inside, find:Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examReal-world scenarios that put what you’ve learned in the context of actual job rolesChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveLook inside for complete coverage of all exam objectives.SYBEX TEST ENGINETest your knowledge with advanced testing software. Includes all chapter review questions and two full-length, 250-question practice exams. ELECTRONIC FLASHCARDSReinforce your understanding with electronic flashcards.Also on CD, you’ll find the entire book in searchable and printable PDF. Study anywhere, any time, and approach the exam with confidence.Includes Real-World Scenarios, Written Labs, and Leading-Edge Exam Prep Software Featuring:Custom Test EngineTwo Full-Length, 250-Question Practice ExamsElectronic FlashcardsEntire Book in PDF

CISSP: Certified Information Systems Security Professional Study Guide

$59.99

Comprehensive preparation for the 2011 CISSP certification examWith pages of in-depth coverage, real-world scenarios, and detailed explanations of all domains from the Common Body of Knowledge (CBK) for the CISSP certification exam, this complete guide not only thoroughly prepares you for the exam, it also helps you develop practical skills for success on the job. Key topics include access control, business continuity, cryptography, biometrics, and more. You’ll also find helpful advice on how to pass each section of the exam. Inside, find:Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examReal-world scenarios that put what you’ve learned in the context of actual job rolesChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveLook inside for complete coverage of all exam objectives.SYBEX TEST ENGINETest your knowledge with advanced testing software. Includes all chapter review questions and two full-length, 250-question practice exams. ELECTRONIC FLASHCARDSReinforce your understanding with electronic flashcards.Also on CD, you’ll find the entire book in searchable and printable PDF. Study anywhere, any time, and approach the exam with confidence.Includes Real-World Scenarios, Written Labs, and Leading-Edge Exam Prep Software Featuring:Custom Test EngineTwo Full-Length, 250-Question Practice ExamsElectronic FlashcardsEntire Book in PDF

CIW: Security Professional Study Guide

$59.99

Here’s the book you need to prepare for Exam 1D0-470, CIW Security Professional. This Study Guide provides: In-depth coverage of official exam objectives Practical information on security concepts and practices Hundreds of challenging review questions, in the book and on the CD Leading-edge exam preparation software, including a testing engine and electronic flashcards Authoritative coverage of all exam topics, including: Implementing internetworking encryption and encryption methods Analyzing firewall types and firewall terminology Planning security systems and incorporating multiple levels of protection Securing mechanisms and parameters for Windows and UNIX Analyzing router security, threat containment, and intrusion detection Implementing intrusion-detection systems in an enterprise environment Installing operating system add-ons for personal firewalls and native auditing SSH Featured on the CD The enclosed CD is packed with vital preparation tools and materials, beginning with the Sybex EdgeTest testing engine for the exam. Loaded with hundreds of practice questions, it lets you test yourself according to objective areas. You’ll also find electronic flashcards for your PC and Palm handhelds, along with two bonus exams that will help you prepare for the test. Also included is a complete electronic version of the entire book. About the Authors James Stanger has been working in the IT industry since 1995. A Master CIW Administrator, he has worked for ProsoftTraining as Course Director for the CIW Server Administrator and CIW Security Professional certifications since1999. Patrick T. Lane is the Director of Courseware for ProsoftTraining.com. He assisted in the creation of the CIW program and the i-Accelerate program for Intel, Novell, and Microsoft professionals. Tim Crothers, CCNA, CIW, MCSE, CNE, is the chief security engineer at

CSSLP Certification All-in-One Exam Guide

$60

Leading IT security experts fully cover CSSLP—the secure software certification exam from (ISC)2CSSLP All-in-One Exam Guide offers comprehensive coverage of the Certified Secure Software Lifecycle Professional (CSSLP) exam—the new certification from (ISC)2, creator of the CISSP exam. This authoritative guide covers all of the exam objectives, and includes Exam Tips that highlight actual exam topics, plus technical discussion sidebars. Hands-on examples and exercises reinforce the concepts presented for real-world practice, and sample questions at the end of each chapter test for comprehension and prepare you for each subject area of the exam. CSSLP All-in-One Exam Guide also serves as a valuable on-the-job reference for software development program managers, government employees, and contractors subject to new government security requirements. CSSLP All-in-One Exam Guide Offers 100% coverage of all exam topics Includes a CD-ROM with more than 250 practice questions in a Windows-based test engine, video training from the author, and an ebook Provides a low-cost, self-study training solution from a trusted IT security expert Serves as a valuable on-the-job reference after certificationCovers all CSSLP exam objectives:Secure Software Concepts; Security Concepts; Risk Management; Security Policies and Regulations; Software Development Methodologies; Secure Software Requirements; Policy Decomposition; Identification and Gathering; Secure Software Design; Design Processes; Design Considerations; Architecture; Technologies; Design and Architecture Technical Review; Secure Software Implementation/Coding; Common Software Vulnerabilities and Countermeasures; Defensive Coding Practices; Secure Software Coding Operations; Secure Software Testing; Security Quality Assurance Testing; Security Test Types; Secure Software Acceptance; Secure Software Acceptance; Secure Software Installation, Deployment,

CWSP Certified Wireless Security Professional Official Study Guide: Exam PW0-204

$69.99

The Official Study Guide for Exam PW0-204 from CWNPPrepare for the Certified Wireless Security Professional exam (PW0-204) with this new Official Study Guide from CWNP. This comprehensive resource covers everything you need for the exam, including wireless security basics,risks, and policies; legacy 802.11 security and robust network security (RSN); encryption ciphers and methods; enterprise 802.11 layer 2 authentication methods; fast secure roaming, wireless intrusion prevention; and many other essential WLAN security topics and concepts. Inside you’ll find:Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examPractical hands-on exercises to reinforce critical skillsReal-world scenarios that put what you’ve learned in the context of actual job rolesChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examWhite papers, demo software, practice exams, and over 150 flashcards on the CD to further facilitate your learningA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveLook inside for complete coverage of all exam objectives.SYBEX TEST ENGINE:Test your knowledge with advanced testing software. Includes all chapter review questions and practice exams.ELECTRONIC FLASHCARDS:Reinforce your understanding with electronic flashcards.The CD also includes white papers and demo software.Study anywhere, any time, and approach the exam with confidence.About the CWNP ProgramCWNP is the industry standard for vendor-neutral, enterprise WLAN certifications. The focus is to educate IT professionals in the technology behind all enterprise WLAN products

CWTS: Certified Wireless Technology Specialist Official Study Guide: Exam PW0-070

$49.99

The Official Study Guide for Exam PW0-070 from CWNP®Prepare for the Certified Wireless Technology Specialist (PW0-070) exam with this new official Study Guide from CWNP. This comprehensive resource covers everything you need to know about Wi-Fi technology: standards and certifications, infrastructure and client hardware and software, RF fundamentals,site surveying and installation, applications, support, troubleshooting, security, and compliance. Inside you’ll find: Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examPractical hands-on exercises to reinforce critical skillsReal-world scenarios that put what you’ve learned in the context of actual job rolesChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examCase studies and demo software on the CD to further facilitate your learningA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objective Look inside for complete coverage of all exam objectives.SYBEX TEST ENGINE: Test your knowledge with advanced testing software. Includes all chapter review questions and bonus exams.ELECTRONIC FLASHCARDS: Reinforce your understanding with electronic flashcards.The CD also includes case studies and demo software.Study anywhere, any time, and approach the exam with confidence.About the CWNP ProgramCWNP is the industry standard for vendor-neutral, enterprise WLAN certifications. The focus is to educate IT professionals in the technology behind all enterprise WLAN products and to enable these professionals to manage wireless LAN enterprise infrastructures, regardless of the

Certified Ethical Hacker Exam Prep

$43.99

The CEH certification shows knowledge of network penetration testing skills. The CEH exam takes three hours and 125 questions, requiring a broad and deep knowledge of network security issues. The CEH Exam Prep is the perfect solution for this challenge, giving you the solid, in-depth coverage you'll need to score higher on the exam. Along with the most current CEH content, the book also contains the elements that make Exam Preps such strong study aides: comprehensive coverage of exam topics, end-of-chapter review, practice questions, Exam Alerts, Fast Facts, plus an entire practice exam to test your understanding of the material. The book also features MeasureUp's innovative testing software, to help you drill and practice your way to higher scores.

Certified Ethical Hacker Exam Prep 2

$54.99

The CEH certification shows knowledge of network penetration testing skills. The CEH exam takes three hours and 125 questions, requiring a broad and deep knowledge of network security issues. The CEH Exam Prep is the perfect solution for this challenge, giving you the solid, in-depth coverage you'll need to score higher on the exam.Along with the most current CEH content, the book also contains the elements that make Exam Preps such strong study aides: comprehensive coverage of exam topics, end-of-chapter review, practice questions, Exam Alerts, Fast Facts, plus an entire practice exam to test your understanding of the material. The book also features MeasureUp's innovative testing software, to help you drill and practice your way to higher scores.

Cloud Computing Best Practice Specialist Guide For Storage Management And Platform As A Service (Paas)

$59.95

Platform as a service (PaaS) is the delivery of a computing platform and solution stack as a service. It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers, providing all of the facilities required to support the complete life cycle of building and delivering web applications and services entirely available from the Internet – with no software downloads or installation for developers, IT managers or end-users.PaaS offerings include workflow facilities for application design, application development, testing, deployment and hosting as well as application services such as team collaboration, web service integration and marshalling, database integration, security, scalability, storage, persistence, state management, application versioning, application instrumentation and developer community facilitation. These services are provisioned as an integrated solution over the web.The primary goal of this book is to provide the quality education and support materials needed to enable the understanding and application of PaaS Platform and Storage Management in a wide range of contexts.The PaaS Platform and Storage Management Certification Scheme has been created to support the IT Professional who needs to be a ‘niche generalist’, especially in a rapidly changing area like PaaS Platform and Storage Management.This book Covers:- Platform As A Service: How to Build applications in days or weeks not months. – PaaS Development: How to Develop On-Demand Apps- Cloud Platform for ISVs: How to Create and Sell SaaS Applications- Storage Management: Manage Storage Virtualization and Reduce Costs – Backup and Recovery: How to Improve Backup & Recovery in Your Virtual EnvironmentFilled with thought provoking questions to challenge your thinking and understanding, this book is your Real World Guide to PaaS Platform and Storage Management Skills, with

Combinatorial Designs for Authentication and Secrecy Codes

$75

Authenticity and secrecy are two crucial concepts in cryptography and information security. Although independent in their nature, certain applications require that both aspects hold simultaneously. In the case of unconditional, or information-theoretic, security, authentication and secrecy codes can be used to maximise the likelihood of detecting deception. The construction of such codes is of great importance and has been considered by many researchers over the last few decades.Combinatorial Designs for Authentication and Secrecy Codes describes in depth classical and current interconnections between combinatorial designs and authentication and secrecy codes. Moreover, it provides a tutorial overview on the theory of combinatorial designs. These fundamental discrete structures find applications in fields as diverse as error-correcting codes, statistical design of experiments, cryptography and information security, mobile and wireless communications, group testing algorithms in DNA screening, software and hardware testing, and interconnection networks. In particular, the last few years have witnessed an increasing body of work in the communications and information theory literature that makes substantial use of results in combinatorial design theory.Combinatorial Designs for Authentication and Secrecy Codes is a succinct in-depth review and tutorial of a subject that promises to lead to major advances in computer and communication security.

CompTIA Linux+ Study Guide: Exams LX0-101 and LX0-102

$30.33

Prepare for CompTIA’s Linux+ ExamsAs the Linux server and desktop markets continue to grow, so does the need for qualified Linux administrators. CompTIA’s Linux+ certification (Exams LX0-101 and LX0-102) includes the very latest enhancements to the popular open source operating system. This detailed guide not only covers all key exam topics—such as using Linux command-line tools, understanding the boot process and scripts, managing files and file systems, managing system security, and much more—it also builds your practical Linux skills with real-world examples. Inside, you’ll find:Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examReal-world scenarios that put what you’ve learned into practical contextChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveLook inside for complete coverage of all exam objectives.SYBEX TEST ENGINE Test your knowledge with advanced testing software. Includes all chapter review questions and bonus exams. Runs on both Windows and Linux.ELECTRONIC FLASHCARDS Reinforce your understanding with electronic flashcards.Also on CD, you’ll find the entire book in searchable and printable PDF. Study anywhere, any time, and approach the exam with confidence.Covers All Linux+ Objectives for Exams LX0-101 and LX0-102Includes Real-World Scenarios and Leading-Edge Exam Prep Software Featuring:Linux-Compatible Custom Test EngineHundreds of Sample QuestionsElectronic FlashcardsEntire Book in PDFNote: CD-ROM/DVD and other

CompTIA Network+ Study Guide

$49.99

Networking authority Todd Lammle prepares you for CompTIA’s Network+ certificationBestselling author and top networking authority Todd Lammle covers the first major revision to the CompTIA Network+ exam since 2005 and thoroughly prepares you for certification in this exciting new edition. You’ll get up to speed on essential topics such as network technologies, media and topologies, wireless networking, security, and much more—plus gain valuable insights from the author’s decades of experience. Inside, you’ll find:Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the examPractical written labs to reinforce critical skillsReal-world scenarios that put what you’ve learned in the context of actual job rolesChallenging review questions in each chapter to prepare you for exam dayExam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the examA handy tear card that maps every official exam objective to the corresponding chapter in the book, so you can track your exam prep objective by objectiveFeatured on the CDSYBEX TEST ENGINE:Test your knowledge with advanced testing software. Includes all chapter review questions and bonus exams.ELECTRONIC FLASHCARDS:Reinforce your understanding with flashcards that can run on your PC, Pocket PC, or Palm handheld.Also on CD, you’ll find the entire book in searchable and printable PDF. Study anywhere, any time, and approach the exam with confidence.

Core Impact

$61.99

High Quality Content by WIKIPEDIA articles! CORE IMPACT Pro is a commercial automated penetration testing software solution developed by Core Security Technologies which allows the user to probe for and exploit security vulnerabilities in computer networks, endpoints and web applications. The product’s interface is designed to be usable by individuals both with and without specialized training in penetration testing and vulnerability assessment, and includes functions for generating reports from the gathered information. It is used by over 800 companies and government entities worldwide. Core Impact is designed to attempt to evaluate the whole of the security in an office ecosystem, checking for known exploits, vulnerability to psychological attack, viability of current software and hardware security, as well checking for compliance with government regulation.

Cryptographic Engineering

$129

Cryptographic Engineering covers the theory and practice of engineering of cryptographic systems, including encryption and decryption engines, digital signature and authentication systems, true random number generators, and the design, implementation, testing, and validation of cryptographic systems. This book also addresses cryptanalysis of security systems for the purpose of checking their robustness and their strength against attacks, and building countermeasures in order to thwart such attacks by reducing their probability of success.The material includes four important features:ASIC and FPGA hardware design for cryptography,Principles and practice of true random number generators,Detailed algorithmic treatment of public-key cryptographic systems and emphasis on the engineering of systems, andSide-channel attacks on cryptographic systems and countermeasure designs.Cryptographic Engineering is a comprehensive text that is suitable as a handbook for hardware and software engineers who are interested in building secure systems using cryptographic techniques.

Defunct Companies Based in Utah: Deseret Manufacturing Company, Zions Cooperative Mercantile Institution, Conoco Inc., Dee’s Drive-In, Usdtv

$10.55

Purchase includes free access to book updates online and a free trial membership in the publisher’s book club where you can select from more than a million books without charge. Chapters: Deseret Manufacturing Company, Zions Cooperative Mercantile Institution, Conoco Inc., Dee’s Drive-In, Usdtv, Altiris, Challenger Airlines, Snelgrove’s Ice Cream, Transwestern Airlines, Beehive Medical Electronics, Fountain Fresh International, Kiddie Kandids, Grand Central. Excerpt: Altiris Inc. is a subsidiary of Symantec specializing in service-oriented management software which allows organizations to manage IT assets. They also provide software for web services, security, and systems management products. Established in 1998, Altiris is headquartered in Lindon, Utah , United States. Altiris has over 20,000 customers managing more than 3 million servers and 60 million desktops and laptops. On January 29, 2007, Symantec announced plans to acquire Altiris and on April 6th, 2007 the acquisition was completed. Corporate history Altiris was started in 1998 when Jan Newman and Kevin Turpin spun off the software arm of KeyLabs. KeyLabs was, and remains, a third party testing facility. The Altiris Software had been created at KeyLabs to manage the computers at KeyLabs and that software became the start of what is now Altiris. Altiris continues to develop software designed to help IT departments manage their networks and computers more efficiently. Altiris continued to grow. In early 2000, Jan Newman who was then President and CEO brought in Greg Butterfield to take over the role of President and CEO. Under Mr. Butterfield’s leadership, Altiris acquired Computing Edge in September 2000. Computing Edge’s founder, Dwain Kinghorn, had come from Microsoft and helped to develop Microsoft’s original Systems Management Server product (SMS). Computing Edge specialized in extending and enhancing with functionality that SMS lacked. Altiris continued its market expansion by acquiring

EVALUATION AND EFFICIENCY OF E-LEARNING SYSTEMS

$73

E-learning is a complex issue, not only because of its success, but also because of its evaluation. Reliable ways to measure the success and effectiveness of the e-learning systems are required for e-learning applications to be used efficiently. The book aims to provide a prototype to evaluate e-learning systems’ success and effectiveness. E-learning systems and testing tools used in the study were selected from non-commercial and open source software. For a successful e-learning system assessment, different dimensions of the system, such as standards, quality attributes and several other criteria, should be taken into consideration. In this work, some automated software testing tools were examined and then selected to execute testing of the e-learning systems’ software. Assessment of e-learning system success was focused on software testing. The whole e-learning process was not considered. It is assumed that performance, accessibility, security, standard compliance and functionality comparisons of the systems can be indicators of the whole e-learning system success. The study should be useful to individuals who deal with e-learning systems’ effectiveness.

Effective Methods for Software Testing

$75

Stop looking for needles in haystacks.There’s a better way.The Sarbanes-Oxley Act has made quality testing crucial to the software development process. William Perry’s Quality Assurance Institute has developed a proven set of guidelines and checklists to help you filter out defects and produce software that works effectively, saving you time, money, and hassle. The tools are provided on the CD-ROM, and this comprehensive manual shows you how to use them.Instead of a generalized what-to-do format, you’ll find clear how-to directions for building an effective testing system and procedure. You’ll learn to establish baseline assessments, create an effective testing environment, set up a seven-step testing process, and make it serve your needs.Use self-assessment tools to evaluate your organization’s current level of performanceDefine the software testing system your organization needsSet up a plan for getting from where you are to where you want to beDevelop a testing process, select tools, and build the competency of your testersDiscover how to adapt your testing to the developmental methodology used to build the softwareIncorporate agile methods into the testing processEnsure the security of your testing proceduresWhat’s on the CD-ROMThe CD contains work papers and quality control checklists your organization needs to implement an effective software testing process.

Embedded Software and Systems: Second International Conference, ICESS 2005, Xi’an, China, December 16-18, 2005, Proceedings

$109

This book constitutes the refereed proceedings of the Second International Conference on Embedded Software and Systems, ICESS 2005, held in Xi’an, China, in December 2005. The 63 revised full papers presented together with the abstracts of 3 keynote speeches were thoroughly reviewed and selected from 361 submissions. The papers are organized in topical sections on embedded hardware, embedded software, real-time systems, power aware computing, hardware/software co-design and system-on-chip, testing and verification, reconfigurable computing, agent and distributed computing, wireless communications, mobile computing, pervasive/ubiquitous computing and intelligence, multimedia and human-computer interaction, network protocol, security and fault-tolerance, and abstracts of eight selected workshop papers.

Enterprise Recipes with Ruby and Rails

$1.99

Enterprise Recipes with Ruby and Rails helps you to overcome typical obstacles hidden in every enterprise’s infrastructure. It doesn’t matter if your Rails application needs to access your company’s message-oriented middleware or if it has to scan through tons of huge XML documents to get a missing piece of data. Ruby and Rails enable you to create solutions that are both elegant and efficient.With more than 50 concise, targeted recipes, this book shows you how to use existing infrastructure to develop effectively for the enterprise. For example, Ruby is an excellent language for manipulating both textual and binary data. This is enormously useful, because typical enterprise software is about storing and processing huge amounts of data. You’ll learn how to process data in various popular data formats such as XML, CSV, fixed length records, and JSON.This book covers the whole spectrum of distributed application technologies, ranging from simple socket-based servers to full-blown Service Oriented Architectures. In addition, Ruby is a perfect ally when you have to integrate with RESTful and SOAP services, or when you have to access message-oriented middleware. It even helps you to reuse your existing C/C++, Java, or .NET code with ease.Since the advent of the Web, many enterprises have opened their internal services to the outside world to participate in the rapidly growing world of e-commerce. As an enterprise programmer you’d better learn how to use existing payment gateways and how to implement security mechanisms to protect your company’s data and your customers’ privacy, and this book shows you how.Enterprise programming is not only about developing huge software projects but also about maintaining and operating them. You’ll save a lot of valuable time if you document your software (of course, automatically) and automate tedious and recurring tasks, such as monitoring your servers and testing your programs. Enterprise Recipes with Ruby

Formal Methods and Software Engineering: 9th International Conference on Formal Engineering Methods, ICFEM 2007, Boca Raton, Florida, USA, November 14-15, 2007, Proceedings

$36.87

This book constitutes the refereed proceedings of the 9th International Conference on Formal Engineering Methods, ICFEM 2007, held in Boca Raton, Florida, USA, November 14-15, 2007.The 19 revised full papers together with 2 invited talks presented were carefully reviewed and selected from 38 submissions. The papers address all current issues in formal methods and their applications in software engineering. They are organized in topical sections on security and knowledge, embedded systems, testing, automated analysis, hardware and concurrency.

Formal Methods for Distributed System Development

$160

This book addresses Formal Methods (FMs) applicable to the specification, verification, implementation, and testing of complex distributed systems and communication prools. The early, pioneering phases in the development of Formal Methods, with their conflicts between evangelistic and skeptical attitudes, are essentially over. Many Fms have reached maturity, and a number of papers in this book report on successful experiences in specifying and verifying real distributed systems and prools. The main topics covered are: model checking theory and applications; verification and theorem proving; testing theory and applications; multicast prool analysis and simulation; hardware specification, implementation, and testing; FMs for security. £/LIST£ Formal Methods for Distributed System Development compiles the proceedings of the Joint International Conference on Formal Description Techniques for Distributed Systems and Communication Prools (FORTE XIII) and Prool Specification, Testing, and Verification (PSTV XX), which was sponsored by the International Federation for Information Processing (IFIP) and held in Pisa, Italy, in October 2000. This volume is suitable as a secondary text for graduate-level courses on software engineering, distributed systems, and communications, and as a reference both for researchers and for industry practitioners.

Foundations of Software Testing

$53.75

Basic ApproachFoundations of Software Testing is the premiere example-based text and reference for establishing sound engineering practices in test generation, selection, minimization and enhancement, for software projects ranging from the most simple to the highly complex, to those used by government agencies such as the FAA. Foundations of Software Testing also covers data-flow based adequacy and mutation-based adequacy, which are the most powerful of the available test adequacy criteria. It distills knowledge developed by hundreds of testing researchers and practitioners from all over the world and brings it to readers in an easy to understand form.Test generation, selection, priortization and assessment lie at the foundation of all technical activities that arise in a test process. Appropriate deployment of the elements of this strong foundation enables the testing of different types of software applications, including Object Oriented systems, Web services, graphical user interfaces, embedded systems, as well as properties relating to security, performance, and reliability. With over 200 examples and exercises of mathematical, step-by-step approaches, Foundations describes a wide variety of testing techniqes, including finite state models, combinatorial designs, and minimization for regression testing.Table of ContentsPart I: PRELIMINARIES1. Basics of Software TestingPart II: TEST GENERATION2. Test Generation from Requirements3. Test Generation from Finite-State Models4. Test Generation from Combinatorial Designs5. Test Selection, Minimization and Prioritization for Regression TestingPart III: TEST ADEQUACY ASSESSMENT AND ENHANCEMENT6. Test-Adequacy: Assessment Using Control Flow and Data Flow7. Test Adequacy Assessment Using Program MutationAbout the AuthorAditya P. Mathur is Professor and Head, Department of Computer Science, at Purdue

Foundations of Software Testing

$74.99

Basic ApproachFoundations of Software Testing is the premiere example-based text and reference for establishing sound engineering practices in test generation, selection, minimization and enhancement, for software projects ranging from the most simple to the highly complex, to those used by government agencies such as the FAA. Foundations of Software Testing also covers data-flow based adequacy and mutation-based adequacy, which are the most powerful of the available test adequacy criteria. It distills knowledge developed by hundreds of testing researchers and practitioners from all over the world and brings it to readers in an easy to understand form.Test generation, selection, priortization and assessment lie at the foundation of all technical activities that arise in a test process. Appropriate deployment of the elements of this strong foundation enables the testing of different types of software applications, including Object Oriented systems, Web services, graphical user interfaces, embedded systems, as well as properties relating to security, performance, and reliability. With over 200 examples and exercises of mathematical, step-by-step approaches, Foundations describes a wide variety of testing techniqes, including finite state models, combinatorial designs, and minimization for regression testing.Table of ContentsPart I: PRELIMINARIES1. Basics of Software TestingPart II: TEST GENERATION2. Test Generation from Requirements3. Test Generation from Finite-State Models4. Test Generation from Combinatorial Designs5. Test Selection, Minimization and Prioritization for Regression TestingPart III: TEST ADEQUACY ASSESSMENT AND ENHANCEMENT6. Test-Adequacy: Assessment Using Control Flow and Data Flow7. Test Adequacy Assessment Using Program MutationAbout the AuthorAditya P. Mathur is Professor and Head, Department of Computer Science, at Purdue

Fundamental Approaches to Software Engineering: 12th International Conference, FASE 2009, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009, York, UK, March 22-29, 2009, Proceedings

$73.66

This book constitutes the refereed proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering, FASE 2009, held in York, UK, in March 2009, as part of ETAPS 2009, the European Joint Conferences on Theory and Practice of Software. The 30 revised full papers presented together with 2 tool demonstrations were carefully reviewed and selected from 123 regluar and 9 tool paper submissions. The topics addressed are model-driven development, synthesis and adaptation, modeling, testing and debugging, model analysis, patterns, security, queries and error handling, and tools (demos) and program analysis.

Fuzzing for Software Security Testing and Quality Assurance: Robustness Testing for Quality Assurance and Vulnerability

$144

Fuzzing for Software Security Testing and Quality Assurance gives software developers a powerful new tool to build secure, high-quality software, and takes a weapon from the malicious hackers’ arsenal. This practical resource helps developers think like a software cracker, so they can find and patch flaws in software before harmful viruses, worms, and Trojans can use these vulnerabilities to rampage systems. Traditional software programmers and testers learn how to make fuzzing a standard practice that integrates seamlessly with all development activities. The book progresses through each phase of software development and points out where testing and auditing can tighten security. It surveys all popular commercial fuzzing tools and explains how to select the right one for a software development project. The book also covers those cases where commercial tools fall short and developers need to build their own custom fuzzing tools.

Fuzzing: Brute Force Vulnerability Discovery

$43.99

FUZZINGMaster One of Today’s Most Powerful Techniques for Revealing Security Flaws!Fuzzing has evolved into one of today’s most effective approaches to test software security. To “fuzz,” you attach a program’s inputs to a source of random data, and then systematically identify the failures that arise. Hackers haverelied on fuzzing for years: Now, it’s your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does. Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work. Coverage includes:• Why fuzzing simplifies test design and catches flaws other methods miss• The fuzzing process: from identifying inputs to assessing “exploitability”• Understanding the requirements for effective fuzzing• Comparing mutation-based and generation-based fuzzers• Using and automating environment variable and argument fuzzing• Mastering in-memory fuzzing techniques• Constructing custom fuzzing frameworks and tools• Implementing intelligent fault detectionAttackers are already using fuzzing. You should, too. Whether you’re a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software.Foreword xixPreface xxiAcknowledgments xxvAbout the Author xxviiPARTI BACKGROUND 1Chapter 1 Vulnerability Discovery

Fuzzing: Brute Force Vulnerability Discovery

$27.4

FUZZINGMaster One of Today’s Most Powerful Techniques for Revealing Security Flaws!Fuzzing has evolved into one of today’s most effective approaches to test software security. To “fuzz,” you attach a program’s inputs to a source of random data, and then systematically identify the failures that arise. Hackers haverelied on fuzzing for years: Now, it’s your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does. Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work. Coverage includes:• Why fuzzing simplifies test design and catches flaws other methods miss• The fuzzing process: from identifying inputs to assessing “exploitability”• Understanding the requirements for effective fuzzing• Comparing mutation-based and generation-based fuzzers• Using and automating environment variable and argument fuzzing• Mastering in-memory fuzzing techniques• Constructing custom fuzzing frameworks and tools• Implementing intelligent fault detectionAttackers are already using fuzzing. You should, too. Whether you’re a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software.Foreword xixPreface xxiAcknowledgments xxvAbout the Author xxviiPARTI BACKGROUND 1Chapter 1 Vulnerability Discovery

Gray Hat Hacking The Ethical Hackers Handbook

$60

THE LATEST STRATEGIES FOR UNCOVERING TODAY’S MOST DEVASTATING ATTACKSThwart malicious network intrusion by using cutting-edge techniques for finding and fixing security flaws. Fully updated and expanded with nine new chapters, Gray Hat Hacking: The Ethical Hacker’s Handbook, Third Edition details the most recent vulnerabilities and remedies along with legal disclosure methods. Learn from the experts how hackers target systems, defeat production schemes, write malicious code, and exploit flaws in Windows and Linux systems. Malware analysis, penetration testing, SCADA, VoIP, and Web security are also covered in this comprehensive resource. Develop and launch exploits using BackTrack and Metasploit Employ physical, social engineering, and insider attack techniques Build Perl, Python, and Ruby scripts that initiate stack buffer overflows Understand and prevent malicious content in Adobe, Office, and multimedia files Detect and block client-side, Web server, VoIP, and SCADA attacks Reverse engineer, fuzz, and decompile Windows and Linux software Develop SQL injection, cross-site scripting, and forgery exploits Trap malware and rootkits using honeypots and SandBoxes

Host Integrity Monitoring Using Osiris And Samhain

$6.49

This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments.Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.

How to Break Software Security: Effective Techniques for Security Testing

$24.24

James A. Whittaker, Herbert Thompson, Herbert H. Thompson,Paperback – New Edition, Edition: 1, English-language edition,Pub by Addison Wesley

How to Break Web Software: Functional and Security Testing of Web Applications and Web Services

$43.99

“The techniques in this book are not an option for testers–they are mandatory and these are the guys to tell you how to apply them!”–HarryRobinson, Google.Rigorously test and improve the security of all your Web software! It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software. In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes · Client vulnerabilities, including attacks on client-side validation· State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking· Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal· Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks· Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting· Cryptography, privacy, and attacks on Web servicesYour Web software is mission-critical–it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software–systematically.Companion CD contains full source code for one testing tool you can modify

How to Break Web Software: Functional and Security Testing of Web Applications and Web Services

$49.99

Mike Andrews, James A. Whittaker,Other Format, English-language edition,Pub by Addison-Wesley

How to Break Web Software: Functional and Security Testing of Web Applications and Web Services, e-Reader

$43.99

“The techniques in this book are not an option for testers—they are mandatory and these are the guys to tell you how to apply them!”—HarryRobinson, Google.Rigorously test and improve the security of all your Web software! It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software. In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes · Client vulnerabilities, including attacks on client-side validation · State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking · Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal · Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks · Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting · Cryptography, privacy, and attacks on Web servicesYour Web software is mission-critical—it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software—systematically.

How to Do Everything Windows XP

$1.99

Get the most out of all the powerful and versatile features available in Windows XP with help from this step-by-step guide. Learn to customize settings, operate and maintain hardware, use all the software properly, connect to the Internet, set up a home network, play games, and much more. Get full details on Service Pack 2which provides increased protection against viruses, hackers, and wormsand find out how it affects security, email, home networking, and firewalls. You’ll also get coverage of Windows Media Player 10, which makes downloading, playing, and organizing music and videos easier than ever. Manage your computer with the Control Panel Install hardware and software Use printers, fax machines, scanners, and digital cameras Connect to the Internet via dial-up or broadband Use Windows Firewall and Security Center Play games and use XP Plus! packs and PowerToys Set up a home network and manage user and group accounts Play and record music and watch DVDs with Windows Media Player 10 Create your own movies with Windows Movie Maker 2.1 Manage, store, and print digital photos Optimize, manage, and troubleshoot Windows XPAbout the author: Curt Simmons is a technology expert and trainer who has been working with Windows XP since its early testing days. He is the best-selling author of more than 50 computer books, including Windows XP Headaches: How to Fix Common [and Not So Common] Problems in a Hurry, Second Edition and How to Do Everything with Your Blackberry, Second Edition.Curt Simmons (Saint Jo, TX) is a freelance author and technical trainer. He’s written more than thirty computing and technology books since 1998, including How To Do Everything with Windows XP, Windows XP Headaches, and Mac OS X Headaches. He also teaches several Internet courses on computing and digital photography which are distributed through the Education To Go

Hunting Security Bugs

$3

In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help find, classify, and assess security bugs before software is released.

Hunting Security Bugs

$39.99

Finding security flaws is now a fundamental development task, yet there has not been adequate documentation of the process used to find security bugs-until now. Before the Internet, computers were deployed in trusted environments and software development and testing practices emphasized functionality over security. As networking technologies emerged, though, times changed and people began to connect their computers together, instead of deploying in silos. However, development and testing practices did not account for attacks that could be mounted over networks.The material currently available does not provide much practical guidance and the instructions given often fail to cultivate the right mindset and approach to enable people to successfully identify security issues before the software is published. This in-depth, technical reference highlights up-to-date tools, technologies, and techniques for helping find and eliminate vulnerabilities in software. Written for testers by testers, it delivers practical, hands-on guidance on how to find, classify, and assess bugs. In addition, this book covers the thought process behind security testing, use of source code to help in testing, and ways to spot security design flaws.

IT Best Practices for Financial Managers

$78.95

With the tremendous amount of change in the systems world over the last several years, it is incredibly challenging to stay abreast of the latest system trends and best practices for finance. A comprehensive guide CFOs and controllers will rely on to radically improve organizational productivity, increase revenue, and decrease spending, IT Best Practices for Financial Managers defines clear action plans for the specific phases of IT implementation, including scoping, planning, designing, building, testing, and deploying, and looks at the roles and responsibilities of the CFO to enhance security, controls, and privacy.Thorough and thoughtful, IT Best Practices for Financial Managers highlights one of the most important aspects of the CFO’s job—ensuring that financially related systems are implemented on time and on budget, with secure and reliable systems.Its practical coverage offers timely discussion of:IFRS and its relevance to the CFOThe IT technology planning processERP software selectionThe software implementation processCritical success factors for IT implementationsSteering clear of “people pitfalls”Shared services and financial systemsGlobalization trends in offshore ITThe impact of Sarbanes-Oxley on financial systems implementationsThe phenomenon of software as a serviceeCommerceMergers, acquisitions, divestitures, and ITThe only constant about information technology is it is constantly changing. IT Best Practices for Financial Managers focuses on providing financial executives with an understanding of some of the most important system-related areas that can impact the finance function. Filled with best practices for selecting, implementing, and maintaining systems, this jargon-free, insightful guide helps financial executives in every field to add value to their organizations via the IT function.

IT Best Practices for Financial Managers

$61.74

With the tremendous amount of change in the systems world over the last several years, it is incredibly challenging to stay abreast of the latest system trends and best practices for finance. A comprehensive guide CFOs and controllers will rely on to radically improve organizational productivity, increase revenue, and decrease spending, IT Best Practices for Financial Managers defines clear action plans for the specific phases of IT implementation, including scoping, planning, designing, building, testing, and deploying, and looks at the roles and responsibilities of the CFO to enhance security, controls, and privacy.Thorough and thoughtful, IT Best Practices for Financial Managers highlights one of the most important aspects of the CFO’s job—ensuring that financially related systems are implemented on time and on budget, with secure and reliable systems.Its practical coverage offers timely discussion of:IFRS and its relevance to the CFOThe IT technology planning processERP software selectionThe software implementation processCritical success factors for IT implementationsSteering clear of “people pitfalls”Shared services and financial systemsGlobalization trends in offshore ITThe impact of Sarbanes-Oxley on financial systems implementationsThe phenomenon of software as a serviceeCommerceMergers, acquisitions, divestitures, and ITThe only constant about information technology is it is constantly changing. IT Best Practices for Financial Managers focuses on providing financial executives with an understanding of some of the most important system-related areas that can impact the finance function. Filled with best practices for selecting, implementing, and maintaining systems, this jargon-free, insightful guide helps financial executives in every field to add value to their organizations via the IT function.

Ieee Transactions On Computers

$39.99

High Quality Content by WIKIPEDIA articles! The IEEE Transactions on Computers (TC) is a monthly journal published by the IEEE Computer Society. It contains peer-reviewed articles and other contributions in the area of computer design by electrical and computer engineers. It is intended for researchers, developers, educators, and technical managers in the computer field. It is widely considered to be one of the leading journals in the area. Areas of interest for the journal include, but are not limited to: computer organizations and architectures; operating systems, software systems, and communication protocols; real-time systems and embedded systems; digital devices, computer components, and interconnection networks; specification, design, prototyping, and testing methods and tools; performance, fault tolerance, reliability, security, and testability; case studies and experimental and theoretical evaluations; and new and important applications and trends.

Implementing A Digital Asset Management System

$75.95

In situations where quality, shorter time to market and staying within budget are basic project requirements, you cannot afford to overlook digital asset management (DAM). Anyone who has felt the pain of a poorly organized production, knows that a great DAM system isn’t just desirable, it’s critical.Learn how the top CG film, computer game and web development companies have saved significant time and money on their projects by optimizing a digital asset management systems and streamlining production processes. Success stories of Sony Pictures Imageworks, Lionhead and other big players illustrate the way of working in big companies. Success stories of several small but very agile companies show the reader how the techniques are applied when the budget is small.Implementing a Digital Asset Management System teaches you that DAM is more than just technology, and covers all the essentials including workflow, teamwork, testing, quality assurance, demo version production, and versioning. Product neutral, this book is for computer-based media productions large and small, with hardware and software selection and configuration recommendations for a wide variety of project types.• A must read for anyone who wants to run a profitable and successful computer-based media production• Teaches how to improve workflow, digital content security, speed-to-market and profit margin for projects large and small• Written by the team that created the DAM system for such hits as Monsters Inc. and the video game Medal of Honor

Implementing and Developing Cloud Computing Applications

$70.89

From small start-ups to major corporations, companies of all sizes have embraced cloud computing for the scalability, reliability, and cost benefits it can provide. It has even been said that cloud computing may have a greater effect on our lives than the PC and dot-com revolutions combined.Filled with comparative charts and decision trees, Implementing and Developing Cloud Computing Applications explains exactly what it takes to build robust and highly scalable cloud computing applications in any organization. Covering the major commercial offerings available, it provides authoritative guidance through the implementation process. It puts cloud computing into historical context and considers how cloud computing affects project management, budgeting, and lifecycle management in your organization. It also explains how to:Choose the best combination of platforms, tools, and servicesDevelop new cloud applications from scratch Migrate legacy software Prevent lock-in to a single vendorEstimate costs and benefitsAddress reliability, availability, and security concernsUse interclouding, Cloud Brokers, and other techniques for safe deployment in public, private, and hybrid cloudsTake advantage of the latest developments, including OpenStack From software and testing tools to best practices and service providers, this book considers the entire cloud application environment. It details the platforms available, tools that facilitate development, as well as the costs involved. Designed for software developers and their managers, this complete resource includes case studies that illustrate the latest cloud computing technologies, implementation issues, and solutions. It also provides access to a blog to keep you current on the latest developments.

Juniper Networks Field Guide and Reference

$48.01

Juniper Networks® creates and deploys high-performance routing platforms used by many of the world’s largest service providers. Written by the leading experts and technical writers at Juniper Networks, the Juniper Networks® Field Guide and Reference is the definitive practical guide and reference to Juniper Networks hardware and software. This comprehensive book culls and condenses nearly six thousand pages of technical documentation, field alerts, technical FAQs, and more into a single convenient and accessible resource. It provides essential information for anyone designing, building, installing, configuring, and operating scalable IP networks.You will find in-depth information about JUNOS software, Juniper Networks routers, system management, interfaces, security, and VPNs. All the latest Juniper Networks technologies and releases are covered, including JUNOS 5.4, the T640 routing node and the T320 router, and all M-series routers. Other topics covered include: Router architecture and hardware components, including the T-series routing platforms and M-series routersCLI configuration and system management with SNMPRouter interfaces, including Ethernet, SONET/SDH, tunnel, and channelized interfacesClass of service (CoS) IP Security (IPSec)Routing policy and firewall filtersRouting protocols, including IS-IS, OSPF, RIP, BGP, PIM, DVMRP, IGMP, SAP, SDP, MSDP, and multicast scopingIPv6, including IPv4-to-IPv6 transition mechanismsVarious MPLS applicationsVirtual Private Networks, covering Layer 2 and Layer 3 VPNs In addition, this pragmatic guide features sample configurations that come directly from the Juniper Networks testing labs, as well as a summary of all the critical JUNOS software monitoring commands.Whether you work with Juniper Networks products as a network engineer, administrator, or operator—or if you

Linux+ Study Guide (Exam XK0-002)

$1.99

Here’s the book you need to prepare for CompTIA’s updated Linux+ exam, #XK0-002. This Study Guide was developed to meet the exacting requirements of today’s certification candidates. In addition to the consistent and accessible instructional approach that has earned Sybex the reputation as the leading publisher for certification self-study guides, this book provides:Clear and concise information on setting up and administering a Linux systemPractical examples and insights drawn from real-world experienceLeading-edge exam preparation software, including a Windows- and Linux-compatible testing engine and electronic flashcardsYou’ll also find authoritative coverage of key exam topics, including:Determining hardware requirementsConfiguring client network servicesManaging storage devices and file systemsEstablishing security requirementsMonitoring and troubleshooting problemsCreating procedures and documentationLook to Sybex for the knowledge and skills needed to succeed in today’s competitive IT marketplace.This book has been reviewed and approved as CompTIA Authorized Quality Curriculum (CAQC). Students derive a number of important study advantages with CAQC materials, including coverage of all exam objectives, implementation of important instructional design principles, and instructional reviews that help students assess their learning comprehension and readiness for the exam.

MCDST Self-Paced Training Kit (Exam 70-272): Supporting Users and Troubleshooting Desktop Applications on Microsoft Windows XP

$59.99

Ace your preparation for the skills measured by MCDST Exam 70-272—and on the job—with this official Microsoft study guide, fully updated for Windows XP Service Pack 2. Work at your own pace through a system of lessons, hands-on exercises, troubleshooting labs, and review questions.The Readiness Review Suite on CD, featuring advanced technology from MeasureUp, provides 425 challenging questions for in-depth self-assessment and practice. You can choose timed or untimed testing mode, generate random tests, or focus on specific objectives. You get expert exam tips and detailed explanations for right and wrong answers—including a customized learning path that describes how and where to focus your studies. Maximize your performance on the exam by learning how to: Configure, customize, and support Microsoft Office applications, including Microsoft Office Outlook NEW—Configure and support Microsoft Internet Explorer, including Pop-up Blocker and other new features Troubleshoot usability, customization, and connectivity issues Manage application security permissions and settings UPDATED—Set up and troubleshoot Windows Firewall and monitor antivirus software NEW—Keep your applications current with Microsoft Update and Automatic Updates Your kit includes: 15% exam discount from Microsoft. Offer expires 12/31/10. Details inside. Fully reengineered self-paced study guide with expert exam tips. Readiness Review Suite featuring 425 questions and multiple testing options. Case scenarios and troubleshooting labs for real-world expertise. NEW—120-day evaluation version of Microsoft Windows XP Professional Edition with Service Pack 2. Fully searchable eBook. Microsoft Encyclopedia of Security eBook. Microsoft Encyclopedia of Networking, Second Edition, eBook.

MCSA/MCSE: Exchange Server 2003 Implementation and Management Study Guide (70-284)

$1

Here’s the book you need to prepare for the Implementing and ManagingMicrosoft Exchange Server 2003 exam (70-284). This Study Guide was developedto meet the exacting requirements of today’s certification candidates. Inaddition to the consistent and accessible instructional approach that earnedSybex the "Best Study Guide" designation in the 2003 CertCitiesReaders’ Choice Awards, this book provides:Clear andconcise information on managing an Exchange network environmentPracticalexamples and insights drawn from real-world experienceLeading-edge exampreparation software, including a testing engine and electronic flashcards foryour PalmYou’ll also find authoritative coverage of key exam topics,including:Installing, Configuring, and TroubleshootingExchange Server 2003Managing, Monitoring, and Troubleshooting ExchangeServer ComputersManaging, Monitoring, and Troubleshooting the ExchangeOrganizationManaging Security in the Exchange Environment ManagingRecipient Objects and Address ListsManaging and Monitoring Technologies that Support Exchange Server 2003

MCSA/MCSE: Windows 2000 Network Security Administration Study Guide (Exam# 70-214)

$1.99

Here’s the book you need to prepare for Exam 70-214, Implementing andAdministering Security in a Microsoft Windows 2000 Network. This Study Guideprovides:In-depth coverage of every examobjectivePractical information on managing a secure Windows 2000networkHundreds of challenging practice questions, in the book and on theCDLeading-edge exam preparation software, including a testing engine andelectronic flashcardsAuthoritative coverage of all exam objectives,including:Implementing, Managing, and TroubleshootingBaseline Security Implementing, Managing, and Troubleshooting Service Packsand Security UpdatesImplementing, Managing, and Troubleshooting SecureCommunication ChannelsConfiguring, Managing, and TroubleshootingAuthentication and Remote Access SecurityImplementing and Managing a PublicKey Infrastructure (PKI) and Encrypting File System (EFS) Monitoring and Responding to Security Incidents

MCSA/MCSE: Windows XP Professional Study Guide (70-270)

$1.15

Here’s the book you need to prepare for the Installing, Configuring, and Administering Microsoft Windows XP Professional exam (70-270). This Study Guide was developed to meet the exacting requirements of today’s certification candidates. In addition to the consistent and accessible instructional approach that made Sybex the preferred choice for certification exam candidates, this book provides:Practical information on installing, configuring, and administering Windows XP ProfessionalUpdated and expanded information on key exam topics, including new Service Pack 2 enhancementsLeading-edge exam preparation software, including a testing engine, electronic flashcards, and simulation softwareAuthoritative coverage of all exam objectives, including: Installing Windows XP ProfessionalImplementing and conducting administration of resourcesImplementing, managing, and troubleshooting hardware devices and driversMonitoring and optimizing system performance and reliabilityConfiguring and troubleshooting the desktop environmentImplementing, managing, and troubleshooting network protocols and servicesImplementing, monitoring, and troubleshooting security

MCSD: Designing and Implementing Web Sites Using Microsoft FrontPage 98

$0.99

Don’t Just Read It! Included FREE on the CD-ROM is a complete FrontPage 98 computer-based training course chosen especially for this book – from CBT Systems, the #1 provider of interactive training software for IT professionals! Covers every key exam objective – in-depth! Extensive advanced-level coverage. Planning, design, and delivery of user services. Incorporating Java applets, Activex, DHTML/CSS, and more. Publishing, testing, and maintenance. Includes exam strategy discussions, working examples, sample tests, end-of-chapter Q&As, and more! Pass Microsoft’s FrontPage 98 exam – with flying colors! FrontPage is hot — and Microsoft’s FrontPage 98 exam 70-055 offers exceptional bang for the buck! Pass this exam and achieve Microsoft Certified Professional status, earn credit toward MCP + Site Building certification, and earn elective credit toward MCSD certification all at once. If you want to pass it, you’ll need to understand FrontPage in depth — especially the advanced topics many books skip. That’s why you need MCSD: Designing and Implementing Web Sites Using Microsoft FrontPage 98! Top FrontPage trainer, author, and Microsoft MCP David Karlins has written the most complete FrontPage exam prep guide you can find — with comprehensive coverage of advanced Web development and deployment. Karlins covers the entire Web lifecycle, from analyzing business requirements through deployment, security, and beyond. Learn how to define the technical architecture and conceptual design for your site; design and build user services; and more. Deploy Java, Activex, DHTML, CSS, templates, andanimation; publish, maintain, and secure your site; even evolve it to reflect new browsers. This isn’t just a great FrontPage exam preparation package: it’s the best advanced-level FrontPage 98 tutorial and reference you can buy! A TOTAL Learning Solution! Includes these EXCLUSIVE

MCSE Exchange 2000 Administration Exam Cram Personal Test Center (Retail)

$13.11

MCSE Exchange 2000 Administration Exam Cram Personal Test Center is an intense, software-based practice test program for IT professionals serious about passing the popular MCSE Windows 2000 elective exam “Installing, Configuring, and Administering Microsoft Exchange 2000 Server” (70-224). The 250 practice test questions cover key exam objectives such as installing and upgrading Exchange 2000 Server, managing recipient objects, monitoring and managing messaging connectivity, troubleshooting, configuring, optimizing security, restoring system functionality and user data, and much more. The test questions are in Microsoft’s new testing formats such as multiple choice, drag and drop, and list and tree prioritization. The Personal Test Center also includes a graphical analysis of your test results, which clearly indicate your strengths and weaknesses.

MCSE/MCSA Managing and Maintaining a Windows Server 2003 Environment Study Guide (Exam 70-290)

$49.99

Get the book that shows you not only whatbut howto study 100% complete coverage of all official objectives for exam 70-290 Exam Readiness checklist at the front of the bookyou’re ready for the exam when all objectives on the list are checked off Step-by-step exercises are linked to MasterSims and CertCams on the CD-ROMso you can watch, listen, and try the exercises live Inside the Exam sections in every chapter highlight key exam topics covered Simulated exam questions match the format, tone, topics, and difficulty of the real exam Covers all Exam 70-290 topics, including: Installation Users, Groups, and Computers Active Directory Server Hardware File System Security Shared Folders Printers and Print Queues Terminal Services Disk Management Tool Backup and Disaster Recovery Software Licensing IIS Web Server System Monitor The best fully integrated study system availableCD-ROM includes: Complete MasterExam practice testing engine, featuring: One full practice exam Detailed answers with explanations Score Report performance assessment tool MasterSim interactive task simulation software CertCam videos of key exercises from the Study Guide One hour LearnKey video training session Flash card quick study program for your PC or Pocket PC Electronic book for studying on-the-go Bonus downloadable MasterExam practice test (with free online registration)

MCSE: Windows Server 2003 Network Infrastructure Planning and Maintenance Study Guide, Second Edition (70-293)

$1.99

If you’re seeking MCSE certification, here’s the book you need to prepare for Exam 70-293, Planning and Maintaining a Microsoft Server 2003 Network Infrastructure. This updated second edition thoroughly covers the exam, including key new information on Windows Server 2003 R2. Inside you’ll find:Practical information on planning and maintaining a Windows Server 2003 network infrastructureIn-depth coverage of every exam objectiveReal-world scenarios and case studiesHundreds of challenging practice exam questionsNew information on the SP2 version of XP ProfessionalEnhanced troubleshooting coverageCD with advanced test engine and bonus examsAuthoritative coverage of all exam objectives, includingPlanning and implementing server roles and server securityPlanning, implementing, and maintaining a network infrastructurePlanning, implementing, and maintaining routing and remote accessPlanning, implementing, and maintaining server availabilityPlanning and maintaining network securityPlanning, implementing, and maintaining security infrastructureFeatured on the CDSYBEX TEST ENGINE: Test your knowledge with advanced testing software. Includes all chapter review questions plus two bonus exams.ELECTRONIC FLASHCARDS: Reinforce your understanding with flashcards that can run off your PC, Pocket PC, or Palm device.WINSIM 2003 OS SIMULATOR: Gain crucial insights into Windows Server 2003 with cutting-edge OS simulation program.Also on the CD you’ll find the entire book in searchable and printable PDF. Study anywhere, any time, and approach the exam with confidence.

MCSE: Windows Server 2003 Network Security Design Study Guide (70-298)

$59.99

Here’s the book you need to prepare for the Designing Security fora Microsoft Windows Server 2003 Network exam (70-298). This StudyGuide was developed to meet the exacting requirements of today’s certificationcandidates. In addition to the consistent and accessible instructional approachthat earned Sybex the "Best Study Guide" designation in the 2003CertCities Readers Choice Awards, this book provides:Clear and concise information on designing a secure Windowsbased networkPractical examples and insights drawn from real-worldexperienceLeading-edge exam preparation software, including a testing engineand electronic flashcards for your PalmYou’ll also find authoritativecoverage of key exam topics, including:Creating theConceptual Design for Network Infrastructure Security by Gathering and AnalyzingBusiness and Technical RequirementsCreating the Logical Design for NetworkInfrastructure SecurityCreating the Physical Design for NetworkInfrastructure SecurityDesigning an Access Control Strategy for DataCreating the Physical Design for Client Infrastructure Security

MCTS Self-Paced Training Kit (Exam 70-502): Microsoft .NET Framework 3.5 Windows Presentation Foundation

$55.99

Announcing an all-new Self-Paced Training Kit designed to help maximize your performance on 70-502, the required exam for the new Microsoft Certified Technology Specialist (MCTS) certification for Microsoft .NET Framework 3.5Windows Presentation Foundation.This 2-in-1 kit includes the official Microsoft study guide, plus practice tests on CD to help assess your skills. It comes packed with the tools and features exam candidates want mostincluding in-depth, self-paced training based on final exam content; rigorous, objective-by-objective review; exam tips from expert, exam-certified authors; and customizable testing options. It also provides real-world scenarios, case study examples, and troubleshooting labs for the skills and expertise you can apply to the job.Focusing on the Windows Presentation Foundation (WPF), this official study guide covers creating, configuring, and deploying WPF applications; integrating Windows Forms controls; adding multimedia content; using triggers and animation; binding to data sources; and configuring security settings. Work at your own pace through the lessons and lab exercises. Then assess yourself using 300+ practice questions on the CD, featuring multiple, customizable testing options. Choose timed or untimed testing mode, generate random tests, or focus on discrete objectives. You get detailed explanations for right and wrong answersincluding pointers back to the book for further study. You also get an evaluation version of Microsoft Visual Studio® 2008 software and an exam discount vouchermaking this kit an exceptional value and a great career investment.

Mashup Patterns: Designs and Examples for the Modern Enterprise

$14.93

Indispensable Patterns and Insights for Putting Mashups to Work in Enterprise EnvironmentsUsing new mashup tools and technologies, enterprise developers can impose their own APIs on everything from Web sites and RSS feeds to Excel and PDF files–transforming a world of content into their own customized informationsource. In Mashup Patterns, Michael Ogrinz applies the concept of software development patterns to mashups, systematically revealing the right ways to build enterprise mashups and providing useful insights to help organizations avoid the mistakes that cause mashups to fail.Drawing on extensive experience building business-critical mashups, Ogrinz offers patterns and realistic guidance for every stage of the mashup development lifecycle and addresses the key issues developers, architects, and managers will face. Each pattern is documented with a practical description, specific use cases, and crucial insights into the stability of mashups built with it. Ogrinz concludes by presenting twelve start-to-finish case studies demonstrating mashup patterns at work in actual enterprise settings.Coverage includes: Understanding the relationships among mashups, portals, SOA, EAI/EII, and SaaS Exploring core mashup activities such as data management, surveillance, clipping, transformation, enrichment, publication, and promotion Optimizing security, privacy, accessibility, usability, and performance Managing mashup development, from planning and governance through integration, testing, and deployment Enhancing basic mashups with search, language translation, workflow support, and other improvements Performing effective load and regression testing Avoiding “anti-patterns” that cause enterprise mashups to failAlso of interest: The companion book, Mashups: Strategies for the Modern Enterprise by J. Jeffrey Hanson (Addison-Wesley), is an indispensable guide to designing,

Mashup Patterns: Designs and Examples for the Modern Enterprise

$31.99

Indispensable Patterns and Insights for Putting Mashups to Work in Enterprise EnvironmentsUsing new mashup tools and technologies, enterprise developers can impose their own APIs on everything from Web sites and RSS feeds to Excel and PDF files–transforming a world of content into their own customized informationsource. In Mashup Patterns, Michael Ogrinz applies the concept of software development patterns to mashups, systematically revealing the right ways to build enterprise mashups and providing useful insights to help organizations avoid the mistakes that cause mashups to fail.Drawing on extensive experience building business-critical mashups, Ogrinz offers patterns and realistic guidance for every stage of the mashup development lifecycle and addresses the key issues developers, architects, and managers will face. Each pattern is documented with a practical description, specific use cases, and crucial insights into the stability of mashups built with it. Ogrinz concludes by presenting twelve start-to-finish case studies demonstrating mashup patterns at work in actual enterprise settings.Coverage includes: Understanding the relationships among mashups, portals, SOA, EAI/EII, and SaaS Exploring core mashup activities such as data management, surveillance, clipping, transformation, enrichment, publication, and promotion Optimizing security, privacy, accessibility, usability, and performance Managing mashup development, from planning and governance through integration, testing, and deployment Enhancing basic mashups with search, language translation, workflow support, and other improvements Performing effective load and regression testing Avoiding “anti-patterns” that cause enterprise mashups to failAlso of interest: The companion book, Mashups: Strategies for the Modern Enterprise by J. Jeffrey Hanson (Addison-Wesley), is an indispensable guide to designing,

Mastering Network Security

$1.29

Now that most companies are networked, security is the topic that keeps network administrators awake at night. With up to the minute information on the latest technologies, including Virtual Private Networks and intrusion detection, this book covers all major network operating systems. CD-ROM includes evaluation and demonstration versions of commercial firewalls, intrusion detection software, a variety of hacker tools for testing user’s own networks, and much more.

Multiagent System Technologies

$79.95

This book constitutes the refereed proceedings of the Second German Conference on Multiagent Systems Technologies, MATES 2004, held in Erfurt, Germany, in September 2004.The 22 revised full papers presented together with 2 invited papers were carefully reviewed and selected from 60 submissions. The papers are organized in topical sections on learning and social agents, analysis and security, negotiation and control, agents and software engineering, simulation and agents, and policies and testing.

Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

$22.95

Ever thought of using the time-tested tactics and techniques of the ancient ninja to understand the mind of today’s ninja, the hacker? Penetration testers and security consultants perform tests both externally and internally for clients that include both physical and technical tests. Throw traditional pen testing methods out the window for now, and see how thinking and acting like a ninja could actually grant you quicker and more complete access to a company’s assets. Get in before the hacker does with these unorthodox techniques  using all of the tools that the ninja has: disguise, espionage, stealth, and concealment. Learn how to benefit from these tools by laying your plans, impersonating employees, infiltrating via alarm system evasion, discovering weak points and timing, spyware and keylogging software, and log manipulation and logic bombs. And, really, don’t you want to be a ninja for a day just because they’re cool? Let this book be your excuse!

Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

$49.95

Ever thought of using the time-tested tactics and techniques of the ancient ninja to understand the mind of today’s ninja, the hacker? Penetration testers and security consultants perform tests both externally and internally for clients that include both physical and technical tests. Throw traditional pen testing methods out the window for now, and see how thinking and acting like a ninja could actually grant you quicker and more complete access to a company’s assets. Get in before the hacker does with these unorthodox techniques  using all of the tools that the ninja has: disguise, espionage, stealth, and concealment. Learn how to benefit from these tools by laying your plans, impersonating employees, infiltrating via alarm system evasion, discovering weak points and timing, spyware and keylogging software, and log manipulation and logic bombs. And, really, don’t you want to be a ninja for a day just because they’re cool? Let this book be your excuse!

Number Theory for Computing

$8.25

There are many surprising connections between the theory of numbers, which is one of the oldest branches of mathematics, and computing and information theory. Number theory has important applications in computer organization and security, coding and cryptography, random number generation, hash functions, and graphics. Conversely, number theorists use computers in factoring large integers, determining primes, testing conjectures, and solving other problems. This book takes the reader from elementary number theory, via algorithmic number theory, to applied number theory in computer science. It introduces basic concepts, results, and methods, and discusses their applications in the design of hardware and software, cryptography, and security. It is aimed at undergraduates in computing and information technology, including electrical and electronic engineering, but will also be valuable to mathematics students interested in applications. It presupposes only high-shool math.In this 2nd edition proofs of many theorems are added and some corrections are made.

Number Theory for Computing

$20.73

There are many surprising connections between the theory of numbers, which is one of the oldest branches of mathematics, and computing and information theory. Number theory has important applications in computer organization and security, coding and cryptography, random number generation, hash functions, and graphics. Conversely, number theorists use computers in factoring large integers, determining primes, testing conjectures, and solving other problems. This book takes the reader from elementary number theory, via algorithmic number theory, to applied number theory in computer science. It introduces basic concepts, results, and methods, and discusses their applications in the design of hardware and software, cryptography, and security. It is aimed at undergraduates in computing and information technology, including electrical and electronic engineering, but will also be valuable to mathematics students interested in applications. It presupposes only high-shool math.In this 2nd edition proofs of many theorems are added and some corrections are made.

OS X for Hackers at Heart

$4.26

This book demonstrates how the best and brightest use OS X to do cutting-edge research, development, and just plain fooling around. It teaches hackers of all types from software developers to security professionals to hobbyists, how to use the most powerful (and often obscure) features of OS X for wireless networking, WarDriving, software development, penetration testing, scripting administrative tasks, and more.

Open Source Fuzzing Tools

$50.99

Fuzzing is often described as a “black box” software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.•Learn How Fuzzing Finds Vulnerabilities Eliminate buffer overflows, format strings and other potential flaws •Find Coverage of Available Fuzzing Tools Complete coverage of open source and commercial tools and their uses•Build Your Own Fuzzer Automate the process of vulnerability research by building your own tools•Understand How Fuzzing Works within the Development Process Learn how fuzzing serves as a quality assurance tool for your own and third-party software

Open Source Systems Security Certification

$99

Open Source Advances in Computer Applications book series provides timely technological and business information for:Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies;Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems;Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopter.The first attempt to create a standard for security certification of software dates back to 1985 with the creation of the TCSEC standard, commonly referred to as Orange Book (USDoD 1985) in the US. In the following years, the need of such a certification also emerged in other countries, leading to the creation of similar local security certification such as ITSEC in Europe (ITSEC 1991) and CTCPEC in Canada (CSE 1993). Since these certifications are totally independent from each other, the cost of certifying software at an international level was obviously high. This was one of the key factors that led to the creation of an international standard for software security certification.Open Source Systems Security Certification discusses Security Certification Standards and establishes the need to certify open source tools and applications. This includes the international standard for the certification of IT products (software, firmware and hardware) Common Criteria (ISO/IEC 15408) (CC 2006), a certification officially adopted by the governments of 18 nations, including United States, Germany, France, UK and Italy.Without security certification, open source tools and applications are neither secure nor trustworthy. Open Source Systems Security

Open Source Systems Security Certification

$76.59

Open Source Advances in Computer Applications book series provides timely technological and business information for:Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies;Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems;Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopter.The first attempt to create a standard for security certification of software dates back to 1985 with the creation of the TCSEC standard, commonly referred to as Orange Book (USDoD 1985) in the US. In the following years, the need of such a certification also emerged in other countries, leading to the creation of similar local security certification such as ITSEC in Europe (ITSEC 1991) and CTCPEC in Canada (CSE 1993). Since these certifications are totally independent from each other, the cost of certifying software at an international level was obviously high. This was one of the key factors that led to the creation of an international standard for software security certification.Open Source Systems Security Certification discusses Security Certification Standards and establishes the need to certify open source tools and applications. This includes the international standard for the certification of IT products (software, firmware and hardware) Common Criteria (ISO/IEC 15408) (CC 2006), a certification officially adopted by the governments of 18 nations, including United States, Germany, France, UK and Italy.Without security certification, open source tools and applications are neither secure nor trustworthy. Open Source Systems Security

Paas Platform And Storage Management Specialist Level Complete Certification Kit – Platform As A Service Study Guide Book And Online Course Leading To Cloud Computing Certification Specialist

$59.95

Platform as a service (PaaS) is the delivery of a computing platform and solution stack as a service. It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers, providing all of the facilities required to support the complete life cycle of building and delivering web applications and services entirely available from the Internet – with no software downloads or installation for developers, IT managers or end-users. PaaS offerings include workflow facilities for application design, application development, testing, deployment and hosting as well as application services such as team collaboration, web service integration and marshalling, database integration, security, scalability, storage, persistence, state management, application versioning, application instrumentation and developer community facilitation. These services are provisioned as an integrated solution over the web.As the leading education and training organization within the IT Service Management (ITSM) industry, we have watched with enthusiasm as cloud computing, Platform as a Service (PaaS) and Storage Management have evolved over the years. The opportunities provided through PaaS and Storage Management have allowed for significant growth within an industry that continues to mature and develop at a rapid pace. The primary goal of this book and its accompanying online course is to provide the quality education and support materials needed to enable the understanding and application of PaaS Platform and Storage Management in a wide-range of contexts.This comprehensive book is designed to complement the in-depth eLearn PaaS and Storage Management Specialist program provided by The Art of Service. The interactive eLearn course uses a combination of narrated PowerPoint presentations with supplements and multiple choice assessments which will ultimately prepare you for the PaaS and Storage Management Specialist

Packet Generator

$39.99

High Quality Content by WIKIPEDIA articles! A packet generator or packet builder is a type of software that generates random packets or allows the user to construct detailed custom packets. Packet generators utilize raw sockets.This is useful for testing implementations of IP stacks for bugs and security vulnerabilities.In information technology, a packet is a formatted unit of data carried by a packet mode computer network. Computer communications links that do not support packets, such as traditional point-to-point telecommunications links, simply transmit data as a series of bytes, characters, or bits alone.

Payment Card Industry Data Security Standard Handbook

$73.95

Payment Card Industry Data Security Standard HandbookWith the significant increase of pay-ment card use and rapid advances in technology, today’s organizations enjoy a tremendous amount of benefits brought about by the widespread use of payment cards. However, despite the significant benefits, organizations must address the specific challenges associated with protecting their cardholder data and cardholder data environments.Holding the Payment Card Industry Data Security Standard (PCI DSS) up to the light of day, Payment Card Industry Data Security Standard Handbook helps organizations proactively protect customer account data, providing a one-stop resource for PCI compliance, including coverage of requirements for security management, policies, procedures, network architecture, software design, and other protective measures.Written by industry expert Timothy Virtue, this timely book guides, mentors, and assists organizations along their journey to compliance with the PCI DSS and can be used as an initial primer on PCI compliance as well as a reference to support the maintenance and ongoing commitment to PCI compliance. It offers suggested strategies and coverage of topics, including: An overall view of the essential components and best practices of a successful information security programThe network requirements, including configuration, documentation, and testing requirements that must be in place in order to properly secure cardholder dataThe requirements necessary to ensure cardholders are properly protected in the event of a breach or other unauthorized disclosureThe use of anti-virus software and security patches in order to minimize the overall vulnerability of the cardholder data environment Guidelines for developing PCI DSS compliant Web-based applicationsHow organizations should manage access control to the sensitive cardholder data How networks must be monitored

Pentoo

$58.65

Please note that the content of this book primarily consists of articles available from Wikipedia or other free sources online. High Quality Content by WIKIPEDIA articles! Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit livecd. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The user interface is the Enlightenment window manager. Pentoo is tuned for Prescott processor. It supports package modularity in the same fashion that Slax does. Pentoo 2009.0 final was released on December 5, 2009; with 32 and 64 bit versions.

Performance by Design: Computer Capacity Planning by Example

$59.99

Practical systems modeling: planning performance, availability, security, and moreComputing systems must meet increasingly strict Quality of Service (QoS) requirements for performance, availability, security, and maintainability. To achieve these goals, designers, analysts, and capacity planners need a far more thorough understanding of QoS issues, and the implications of their decisions. Now, three leading experts present a complete, application-driven framework for understanding and estimating performance. You’ll learn exactly how to map real-life systems to accurate performance models, and use those models to make better decisionsboth up front and throughout the entire system lifecycle. Coverage includes: State-of-the-art quantitative analysis techniques, supported by extensive numerical examples and exercisesQoS issues in requirements analysis, specification, design, development, testing, deployment, operation, and system evolution Specific scenarios, including e-Business and database services, servers, clusters, and data centersTechniques for identifying potential congestion at both software and hardware levelsPerformance Engineering concepts and toolsDetailed solution techniques including exact and approximate MVA and Markov ChainsModeling of software contention, fork-and-join, service rate variability, and priorityAbout the Web SiteThe accompanying Web site provides companion Excel workbooks that implement many of the book’s algorithms and numerical examples.

Predicting attack-prone components with source code static analyzers.

$49.99

No single vulnerability detection technique can identify all vulnerabilities in a software system. However, the vulnerabilities that are identified from a detection technique may be predictive of the residuals. We focus on creating and evaluating statistical models that predict the components that contain the highest risk residual vulnerabilities.;The cost to find and fix faults grows with time in the software life cycle (SLC). A challenge with our statistical models is to make the predictions available early in the SLC to afford for cost-effective fortifications. Source code static analyzers (SCSA) are available during coding phase and are also capable of detecting code-level vulnerabilities. We use the code-level vulnerabilities identified by these tools to predict the presence of additional coding vulnerabilities and vulnerabilities associated with the design and operation of the software. The goal of this research is to reduce vulnerabilities from escaping into the field by incorporating source code static analysis warnings into statistical models that predict which components are most susceptible to attack.;The independent variable for our statistical model is the count of security-related source SCSA warnings. We also include the following metrics as independent variables in our models to determine if additional metrics are required to increase the accuracy of the model: non-security SCSA warnings, code churn and size, the count of faults found manually during development, and the measure of coupling between components. The dependent variable is the count of vulnerabilities reported by testing and those found in the field.;We evaluated our model on three commercial telecommunications software systems. Two case studies were performed at an anonymous vendor and the third case study was performed at Cisco Systems. Each system is a different technology and consists of over one million source lines of C/C++ code. The results show positive and statistically

Pro Spring Batch

$39.99

Since its release, Spring Framework has transformed virtually every aspect of Java development including web applications, security, aspect-oriented programming, persistence, and messaging. Spring Batch, one of its newer additions, now brings the same familiar Spring idioms to batch processing. Spring Batch addresses the needs of any batch process, from the complex calculations performed in the biggest financial institutions to simple data migrations that occur with many software development projects.Pro Spring Batch is intended to answer three questions: What? What is batch processing? What does it entail? What makes it different from the other applications we are developing? What are the challenges inherent in the development of a batch process? Why? Why do batch processing? Why can’t we just process things as we get them? Why do we do batch processing differently than the web applications that we currently work on? How? How to implement a robust, scalable, distributed batch processing system using open-source frameworks Pro Spring Batchgives concrete examples of how each piece of functionality is used and why it would be used in a real-world application. This includes providing tips that the “school of hard knocks” has taught author Michael Minelladuring his experience with Spring Batch. Pro Spring Batch includes examples of I/O options that are not mentioned in the official user’s guide, as well as performance tips on things like how to limit the impact of maintaining the state of your jobs. The author also walksyou through, from end to end, the design and implementation of a batch process based upon a theoretical real-world example. This includes basic project setup, implementation, testing, tuning and scaling for large volumes. What you’ll learn Batch concepts and how

Pro Spring Batch

$40.85

Since its release, Spring Framework has transformed virtually every aspect of Java development including web applications, security, aspect-oriented programming, persistence, and messaging. Spring Batch, one of its newer additions, now brings the same familiar Spring idioms to batch processing. Spring Batch addresses the needs of any batch process, from the complex calculations performed in the biggest financial institutions to simple data migrations that occur with many software development projects.Pro Spring Batch is intended to answer three questions: What? What is batch processing? What does it entail? What makes it different from the other applications we are developing? What are the challenges inherent in the development of a batch process? Why? Why do batch processing? Why can’t we just process things as we get them? Why do we do batch processing differently than the web applications that we currently work on? How? How to implement a robust, scalable, distributed batch processing system using open-source frameworks Pro Spring Batchgives concrete examples of how each piece of functionality is used and why it would be used in a real-world application. This includes providing tips that the “school of hard knocks” has taught author Michael Minelladuring his experience with Spring Batch. Pro Spring Batch includes examples of I/O options that are not mentioned in the official user’s guide, as well as performance tips on things like how to limit the impact of maintaining the state of your jobs. The author also walksyou through, from end to end, the design and implementation of a batch process based upon a theoretical real-world example. This includes basic project setup, implementation, testing, tuning and scaling for large volumes. What you’ll learn Batch concepts and how

Professional Rootkits

$49.99

Whether you want to learn how to develop a robust, full-featured rootkit or you’re looking for effective ways to prevent one from being installed on your network, this hands-on resource provides you with the tools you’ll need. Expert developer Ric Vieler walks you through all of the capabilities of rootkits, the technology they use, steps for developing and testing them, and the detection methods to impede their distribution.This book provides the detailed, step-by-step instructions and examples required to produce full-featured, robust rootkits. Presented in modular sections, source code from each chapter can be used separately or together to produce highlyspecific functionality. In addition, Vieler details the loading, configuration, and control techniques used to deploy rootkits. All ancillary software is fully detailed with supporting source code and links to the compilers, utilities, and scripts necessary to build and run every example provided.What you will learn from this bookComplete coverage of all major rootkit technologies: kernel hooks, process injection, I/O filtering, I/O control, memory management, process synchronization, TDI communication, network filtering, email filtering, key logging, process hiding, device driver hiding, registry key hiding, directory hiding and moreComplete coverage of the compilers, kits, utilities, and tools required to develop robust rootkitsTechniques for protecting your system by detecting a rootkit before it’s installedWays to create modular, commercial grade softwareWho this book is forThis book is for anyone who is involved in software development or computer security.Wrox Professional guides are planned and written by working programmers to meet the real-world needs of programmers, developers, and IT professionals. Focused and relevant, they address the issues technology professionals face every day. They provide examples, practical solutions, and

Project Management for Healthcare Information Technology

$70

A Proven, Integrated Healthcare Information Technology Management SolutionCo-written by a certified Project Management Professional and an M.D., Project Management for Healthcare Information Technology presents an effective methodology that encompasses standards and best practices from project management, information technology management, and change management for a streamlined transition to digital medicine.Each management discipline is examined in detail and defined as a set of knowledge areas. The book then describes the core processes that take place within each knowledge area in the initiating, planning, executing, controlling, and closing stages of a project. Real-world examples from healthcare information technology project leaders identify how the integrated approach presented in this book leads to successful project implementations.Coverage Includes: Integrating project, information technology, and change management methodologies PMBOK Guide process groupsinitiating, planning, executing, controlling, and closing Project management knowledge areasintegration, scope, time, cost, quality, human resource, communication, risk, and procurement management IT management knowledge areasuser requirements, infrastructure, conversion, software configuration, workflow, security, interface, testing, cutover, and support management Change management knowledge areasrealization, sponsorship, transformation, training, and optimization management

« Previous posts Back to top

Computer Softwares

PC softwares, Antivirus,Windows etc

Software Security Testing

Search

Categories

Recent Posts