Аннотация

Full-length practice tests covering all CISSP domains for the ultimate exam prep The (ISC)2 CISSP Official Practice Tests is a major resource for (ISC)2 Certified Information Systems Security Professional (CISSP) candidates, providing 1300 unique practice questions. The first part of the book provides 100 questions per domain. You also have access to four unique 125-question practice exams to help you master the material. As the only official practice tests endorsed by (ISC)2, this book gives you the advantage of full and complete preparation. These practice tests align with the 2021 version of the exam to ensure up-to-date preparation, and are designed to cover what you will see on exam day. Coverage includes: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security. The CISSP credential signifies a body of knowledge and a set of guaranteed skills that put you in demand in the marketplace. This book is your ticket to achieving this prestigious certification, by helping you test what you know against what you need to know. Test your knowledge of the 2021 exam domains Identify areas in need of further study Gauge your progress throughout your exam preparation Practice test taking with Sybex’s online test environment containing the questions from the book The CISSP exam is refreshed every few years to ensure that candidates are up-to-date on the latest security topics and trends. Currently-aligned preparation resources are critical, and periodic practice tests are one of the best ways to truly measure your level of understanding.

Аннотация

Explore the latest and most comprehensive guide to securing your Cloud Native technology stack  Cloud Native Security  delivers a detailed study into minimizing the attack surfaces found on today’s Cloud Native infrastructure. Throughout the work hands-on examples walk through mitigating threats and the areas of concern that need to be addressed. The book contains the information that professionals need in order to build a diverse mix of the niche knowledge required to harden Cloud Native estates.  The book begins with more accessible content about understanding Linux containers and container runtime protection before moving on to more advanced subject matter like advanced attacks on Kubernetes. You’ll also learn about:  Installing and configuring multiple types of DevSecOps tooling in CI/CD pipelines Building a forensic logging system that can provide exceptional levels of detail, suited to busy containerized estates Securing the most popular container orchestrator, Kubernetes Hardening cloud platforms and automating security enforcement in the cloud using sophisticated policies Perfect for DevOps engineers, platform engineers, security professionals and students,  Cloud Native Security  will earn a place in the libraries of all professionals who wish to improve their understanding of modern security challenges.

Аннотация

Аннотация

STRENGTHEN THE WEAKEST LINKS IN YOUR CYBERSECURITY CHAIN Across the world, the networks of hundreds of different world-class organizations have been breached in a seemingly never-ending stream of attacks that targeted the trusted vendors of major brands. From Target to Equifax, Home Depot, and GM, it seems as if no company is safe from a third-party incident or breach, regardless of size. And the advanced threats are now exploiting the intersection of weaknesses in cybersecurity and third-party risk management. In Cybersecurity and Third-Party Risk , veteran cybersecurity specialist Gregory Rasner walks readers through how to lock down the vulnerabilities posed to an organization’s network by third parties. You’ll discover how to move beyond a simple checklist and create an active, effective, and continuous system of third-party cybersecurity risk mitigation. The author discusses how to conduct due diligence on the third parties connected to your company’s networks and how to keep your information about them current and reliable. You’ll learn about the language you need to look for in a third-party data contract whether you’re offshoring or outsourcing data security arrangements. Perfect for professionals and executives responsible for securing their organizations’ systems against external threats, Cybersecurity and Third-Party Risk is an indispensable resource for all business leaders who seek to: Understand the fundamentals of third-party risk managementConduct robust intake and ongoing due diligencePerform on-site due diligence and close vendor risksSecure your software supply chainUtilize cloud and on-premises software securelyContinuously monitor your third-party vendors and prevent breaches

Аннотация

Аннотация

Master one of the most essential skill sets for the contemporary office  As Microsoft Office becomes ever more ubiquitous in modern offices across the world, competence and familiarity with its intricacies is more important than ever. Now you can set yourself apart from the pack and prove your skills with the Microsoft Office Specialist certification.  The MCA Microsoft Office Specialist (Office 365 and Office 2019) Complete Study Guide : Word Associate Exam MO-100, Excel Associate Exam MO-200, and PowerPoint Associate Exam MO-300  delivers a comprehensive roadmap to achieving the certification with easy-to-follow instruction for each of the three required proficiencies: Word, Excel, and PowerPoint. You’ll enjoy access to chapter review questions and Exam Essentials, a feature that identifies critical subject areas.  Discover practical, hands-on exercises that prepare you for real-world roles and jobs, and gain valuable experience as you reinforce key Microsoft Office skills that you’ll be expected to demonstrate in job interviews and your day-to-day professional life. Learn to manage and create text documents in Word, perform operations with formulas in Excel, and create engaging slideshows and presentations in PowerPoint.  This practical book also provides:  Fully updated information for the latest Microsoft Office Specialist certification exams covering Microsoft Office 365 Access to new career opportunities with a professional certification that’s relevant to virtually any office environment Access to the Sybex online study tools, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms  The MCA Microsoft Office Specialist (Office 365 and Office 2019) Complete Study Guide  offers crystal-clear organization, comprehensive coverage, and easy-to-understand instruction. It’s perfect for anyone who hopes to prove their skills with the Microsoft Office Specialist certification or to improve their mastery of Microsoft Office 365.

Аннотация

Mit der zunehmenden Nutzung von Cloud Computing häufen sich Cyberangriffe. Und auch andere Faktoren stellen ein Sicherheitsrisiko für das Cloud Computing dar – angefangen von technischen Störungen über Fehlkonfigurationen, Datenverlust, mangelnde Awareness der Mitarbeiter bis hin zu Compliance-Verletzungen. Mit Veränderung der Bedrohungslage lassen sich klassische Sicherheitskonzepte und -lösungen nicht kurzerhand auf das Cloud-Umfeld übertragen bzw. bieten nicht mehr ausreichenden Schutz. Cloud-Sicherheit erfordert neue Konzepte und hochentwickelte Technologien.
Das sind die Themen des Buches:

– Technologischer und organisatorischer Wandel durch Cloud Computing – Veränderte Bedrohungslage durch Cloud-Nutzung – Verantwortlichkeiten in der Cloud-Nutzung – das Shared-Responsibility-Modell – Vorgehensweise zur Cloud-Migration unter sicherheitsrelevanten Aspekten – Vorgehensmodelle und Umsetzungskonzepte für sichere Hybrid, Public und Multi Clouds – Sicherheitskonzepte und -maßnahmen der Cloud-Anbieter – Datenschutz und DSGVO-konforme Datenverschlüsselung – Umsetzung von Zero-Trust-Architekturen – Kritische Infrastrukturen: Grundlagen, Anforderungen und sicherheitsrelevante Umsetzungskonzepte – Best Practices zur automatischen Identifizierung und Behebung von Sicherheitslücken in AWS und in Microsoft Azure – Branchen- und anwendungsbezogene Beispiele aus der Praxis

Аннотация

This book covers the most essential techniques for designing and building dependable distributed systems, from traditional fault tolerance to the blockchain technology. Topics include checkpointing and logging, recovery-orientated computing, replication, distributed consensus, Byzantine fault tolerance, as well as blockchain. This book intentionally includes traditional fault tolerance techniques so that readers can appreciate better the huge benefits brought by the blockchain technology and why it has been touted as a disruptive technology, some even regard it at the same level of the Internet. This book also expresses a grave concern on using traditional consensus algorithms in blockchain because with the limited scalability of such algorithms, the primary benefits of using blockchain in the first place, such as decentralization and immutability, could be easily lost under cyberattacks.