Dr. Gerald L. Kovacich has more than 40 years of experience in industrial, business and government security, investigations, information systems security, and information warfare, both in the U.S. Government as a special agent, in international corporations, and subsequently as an international consultant and lecturer. He retired as the Information Warfare Technologist, Northrop Grumman Corporation to pursue a career as an international consultant, lecturer and writer.
The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. Over 100,000 professionals are certified worldwide, with many more joining their ranks. This new third edition is aligned to cover all of the material in the most current version of the exam’s Common Body of Knowledge. All domains are covered as completely and concisely as possible, giving users the best possible chance of acing the exam.Completely updated for the most current version of the exam’s Common Body of KnowledgeProvides the only guide you need for last-minute studyingAnswers the toughest questions and highlights core topicsStreamlined for maximum efficiency of study, making it ideal for professionals updating their certification or for those taking the test for the first time
Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. Tool coverage includes: Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. This is complemented by PowerPoint slides for use in class.
This book is an ideal resource for security consultants, beginning InfoSec professionals, and students.Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.Utilizes the Kali Linux distribution and focuses on the seminal tools required to complete a penetration test.
The author’s intent is to provide the reader with a practitioner’s guide (a “how-to book), augmented by some background information to put it all in perspective. The approach used should enable the readers to immediately put in place a useful anti-fraud program under the leadership of the corporate security officer (CSO), or other corporate professional.Shows professionals how to save their companies moneyProvides a roadmap for developing an anti-fraud programAllows security professionals to tailor their anti-fraud program to their own corporate environmentExplains how fraud is costing corporations a competitive edge in the global marketplace
The book outlines how to implement a new plan or evaluate an existing one, and is especially targeted to those who are new to the topic. It is the definitive resource for learning the key characteristics of an effective information systems security officer (ISSO), and paints a comprehensive portrait of an ISSO's duties, their challenges, and working environments, from handling new technologies and threats, to performing information security duties in a national security environment.Provides updated chapters that reflect the latest technological changes and advances in countering the latest information security threats and risks and how they relate to corporate security and crime investigationIncludes new topics, such as forensics labs and information warfare, as well as how to liaison with attorneys, law enforcement, and other agencies others outside the organizationWritten in an accessible, easy-to-read style
This fully updated guide is the go-to reference for managing an asset protection program and related security functions through the use of metrics. It supports the security professional’s position on budget matters, helping to justify the cost-effectiveness of security-related decisions to senior management and other key decision-makers.
The book is designed to provide easy-to-follow guidance, allowing security professionals to confidently measure the costs of their assets protection program - their security program - as well as its successes and failures. It includes a discussion of how to use the metrics to brief management, build budgets, and provide trend analyses to develop a more efficient and effective asset protection program.Examines the latest techniques in both generating and evaluating security metrics, with guidance for creating a new metrics program or improving an existing oneFeatures an easy-to-read, comprehensive implementation plan for establishing an asset protection programOutlines detailed strategies for creating metrics that measure the effectiveness and efficiency of an asset protection programOffers increased emphasis through metrics to justify security professionals as integral assets to the corporationProvides a detailed example of a corporation briefing for security directors to provide to executive management