Lab Manual For Security + Guide To Network Security Fundamentals

Customer Reviews:

Not a bad book at all for a basic overview.......2006-08-15

I purchased this book because it was the text for a Network Security Fundamentals course I took as an elective for my undergrad in Computer Information Systems. I was already somewhat of a network guru, but even so, learned some things I didn't know and refreshed some of the things I knew but had forgotten. It was a solid book, and one that may be used as a reference outside of an academic setting (i.e. a computer technican learning his or her trade). A sound purchase, as long as you are not in need of advanced instruction.

Security+ Guide to Network Security Fundamentals

Average customer rating:

HORRIBLE BOOK - WASTE OF TIME AND MONEY
It cannot sink any lower than this...
Broad coverage of material but just not that good
Failed the S+ Exam
Cheese

Security+ Guide to Network Security Fundamentals
Cisco Learning Institute
Manufacturer: Course Technology
ProductGroup: Book
Binding: Paperback

General | Business & Investing | Subjects | Books

High-Tech | Industries & Professions | Business & Investing | Subjects | Books

General | Certification Central | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General & Reference | Technology | Science | Subjects | Books

General | Arts & Photography | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

Look Inside Science Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Arts & Photography | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0619212942

Book Description

Written to map to CompTIA's Security+ Certification Exam, this text provides a comprehensive overview of network security and covers communication security, infrastructure security, cryptography, operational/organizational security, disaster recovery, business continuity, as well as computer forensics.

Customer Reviews:

HORRIBLE BOOK - WASTE OF TIME AND MONEY.......2006-01-04

I am a network engineer with almost 10 years experience. I have typically shied away from certification tests because I have always found them to be of the "right answer, wrong answer and TEST ANSWER" category. Security+ is absolutely no different but my job required that I take this certification. I signed up for a class at the local college and this was the textbook for that class.

I read the book cover to cover twice, skimmed it twice more, answered the end-of-chapter questions, took the practice exam included on the cd over 20 times and passed everytime with scores 85% and higher. I failed the security+ exam. The difference between the questions on the test and the topics in this book was amazing. DO NOT RELY ON THIS HORRIBLE BOOK TO GET YOU THRU THE TEST. IT IS A COMPLETE WASTE OF TIME AND MONEY.

If I could have given it negative stars, I would.

It cannot sink any lower than this..........2005-12-17

Generally speaking, this have to be by far one of the worst books I have come across for both the content related to the scope of the subject matter, and also extreme inaccuracies due to total lack of comprehension on the material from the author.

The subject matter is general security concepts as it relates to the Security+ exam. In this scope, I expected the material would focus the technologies themselves as they relate to security that is not specific to any one platform, as after all every major OS uses the Internet and E-mail for example. However, this book is overwhelmingly a Windows only book, and reflects a rather narrow vision of Windows-only problems, technologies, and solutions.

In the narrow view of Windows only security, there were so many deficiencies in this book, I could write a tomb on a material. I'll highlight a small sampling of the stuff that really stands out. When covering DNS, there is no mention of secure updates through TSKIP (page 118), nor was there any mention of Active Directory (LDAP) integrated DNS (page 118). These Windows DNS solutions are really important and fairly easy to configure. On UNIX side, one can block zone transfers completely and restrict it through tcpwrappers or xinetd (Exctended Internet Daemon), and Windows can do something using IPSec policy configuration. The book never touches any concept or thinking of this nature for DNS or any other technology for that matter.

On the topic of Windows domains, the author states that "Active Directory is stored in a Security Accounts Manager (SAM) database" (page 120), which oh my, is oh so wrong. Perhaps in older Windows NT this might have been true, but Active Directory uses a distributed database (LDAP) for storing passwords and such, which an extended Jet database stored on each domain controller. The author goes on to proclaim his ignorance of Active Directory noting that a "primary domain controller (PDC) is the name of the server that houses a SAM database. A domain can also have multiple backup domain controllers (BDCs) that are on other servers in the domain" (page 120). Anyone knowing anything about Active Directory is probably rolling on the floor laughing at this moment.

In the topic of databases, the author only discusses Microsoft SQL Server specific issues, and ignores general database security issues and solutions. In the extremely narrow scope of SQL Server, the author recommends installing a personal firewall to block the virus Slammer. However, if the author understood how Slammer works or read any technical articles published by Microsoft on the issue, he would understand that to stop slammer all one needs to do is have a password for SQL Server. What the author doesn't do is note that MSDE, a limited SQL Server database bundled with many Microsoft and third-party applications, doesn't have any password configured by default. However, a password can be added through use of a command-line tool.

For e-mail technologies, the author dissuades using POP3 with completely inaccurate statements about the protocol (page 192). The problem also being with his arguments besides being flat wrong, is that it is his personal opinion on which technology to use and doesn't use any arguments in regards to security. Additionally the author doesn't even cover how to secure either POP or IMAP using SSL or TLS. In the scope of Microsoft Exchange POP and IMAP, there's no mention of the extreme dangers of using un-encrypted POP or IMAP, where passwords fly across the wire in clear naked text. Exchange is integrated into Active Directory, and as such, passwords for these facilities are passwords into their account. Using insecure IMAP or POP traffic is broadcasting the keys to the fort as the expression goes. This situation is not shared by Unix solutions (as they can be configured differently), but as Exchange forces you to use domain accounts, securing the traffic is extremely, repeat extremely, vital and important for security. The author misses the boat with this concept, like other concepts.

In regards to web technologies, this has to be perhaps the most laughable area. The author confuses JavaScript with Java, and even goes so far as to state that JavaScript is a virtual machine and that JavaScript is based on Java (Page 201). Those laughing right now might know that JavaScript was originally called LiveScript and had nothing to do with Java. It was renamed to JavaScript for marketing purposes to popularize JavaScript in created an illusion that it was related to Java. The author goes on to cover only Internet Explorer on only Windows platform, and states that all browsers suffer from the same security weaknesses as ALL other browsers (page 202). If the author had any inkling about browser technology, he would know that the scripting engine in IE is from embedded solution (OLE) sometimes referred to ActiveScripting. This engine has access to all other OLE libraries including saving viruses, um files, on your computer without any sort of authentication. Thus, even if this engine was rock solid secure, it's base features allow hackers to bad things to your computer. This ActiveScripting is embedded into WSH (Windows Scripting Shell), and also IIS (ASP), which is a cause for many exploits in those systems. Internet Explorer itself is packaged up and is embedded into other applications like Outlook, Outlook Express, Windows Media Player, Windows Messenger, MSN Messenger, etc. As some might know, those applications have had many exploits in the past, especially Outlook. Of course all of this is well beyond the ken of the author.

For wi-fi solutions, this has to be the weakest section in the book. On the coverage of specifically WPA/802.11i, the author doesn't cover enterprise WPA or things like a RADIUS server used to authenticate VPN, dial-up, and WPA. He also doesn't even mention AES or EAP security with WPA.

This book is one of the most appalling books I have come across, and cannot even recommend the book even if only for a good laugh. The quality of books sometimes is concern for many in the industry, and this book sets an all new low standard to shoot for.

(I apologize for being unusually harsh, but I have rarely come across a book so regrettable.)

Broad coverage of material but just not that good.......2004-09-20

I'm using this book for a class. We're up to chapter 6 now, and while I'm learning a lot of basic concepts, I've stumbled several times on the writing. It's terribly unclear in places, and clarity is essential in some of these places -- to be short, it's poorly written.

The scope of the book is so wide that it necessarily is shallow. The illustrations are a bit silly and are not a great improvement to clarifying the concept. I am reminded of manuals that go into overwhelming detail as to what mouse-clicks or menu items to select, but don't explain why you want to do this to begin with.

I haven't taken any certification exams as yet, but I would only recommend this book as a brief introduction to subjects that are covered more thoroughly and competently in other books.

Failed the S+ Exam.......2004-08-07

I studied the text - all 17 chapters and the Appendix, then I took every one of The included study CD-based CertBlaster "Subject matter drills", then all 4 of the exams (passing every one on the first pass, and coming very close to perfection on the 2nd pass on any given test.)

I took AND FAILED the S+ exam today. ANY SIMILARITY BETWEEN THE STUDY TOOLS, THE TEXT BOOK, AND THE PRACTICE TEST WITH THE REAL TEST WERE RARE!!!! I basically wasted a week and several hundred dollars.

BTW. The Comptia S+ Exam was probably one of the worst knowledge measurement tools (e.g. exam) that I have EVER taken - and I have taken a huge number of them....
Just FYI
Will Harper, MCSE (NT 3,51/NT 4/W2K/XP), MCT, CCNA, A+, N+, CTT+ (and a bunch of other certs) AAS(IT/Networking), BSEE(computers), MBA.

Cheese.......2004-05-09

This textbook does not cover the material in the Security+ Exam. Entire test subjects are not included, and the lab exercises are terrible. The lab manual only includes a few useful labs and some of them are so outdated they are irrelevant. Authors contradict each other, and the chapters do not hold together well. If you're looking for a lightweight topical introduction, this may work for you, but it won't help you pass the certification exam. This is a very weak introduction to network security, and there are better books available that do cover the content you need to pass the exam. Consider instead "Principles of Computer Security: Security+ and Beyond" ISBN: 0072255099

Computer Viruses: from theory to applications (Collection IRIS)

Average customer rating:

ab initio approach to viruses

Computer Viruses: from theory to applications (Collection IRIS)
Éric Filiol
Manufacturer: Springer
ProductGroup: Book
Binding: Paperback

Information Theory | Computer Science | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

Look Inside Science Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

The Art of Computer Virus Research and Defense (Symantec Press)

ASIN: 2287239391

Book Description

This book deals with computer viruses envisaged from three different points of view, namely the theoretical fundamentals of computer virology, algorithmic and practical aspects of viruses and their potential applications to various areas. The theoretical formalization by means of Turing machines, self-reproducing automata and recursive functions enable a precise and exhaustive description of the different types of malware. It follows that the main stakes of computer defense and antiviral fighting are easily highlighted. Detailed analysis of the source code for representative members of each virus/worm family allows the reader to grasp the basic algorithmic aspects involved in self-reproducing codes. The C programming language has been systematically used for a better understanding of the considered codes.

Customer Reviews:

ab initio approach to viruses.......2006-01-25

Filiol takes an ab initio approach to computer viruses. He gives a description rooted in the use of a Turing machine. But also using ideas from cellular automata research. The idea is to give a rigorous understanding of viruses, that is independent of any given hardware or software. A key theme is that the code be somehow able to reproduce.

But the book is not just for a theorist. He also directs it towards the user who has to devise an antivirus detector. So source code for several different types of viruses are given (in C). This lets you get a hands-on approach to tackling the problem. Of course, not all possible viruses are covered. This may be a theoretical impossibility. But enough examples are given that you can confidently understanding much that is out there.

LabSim for Security+ Guide to Networking Security Fundamentals

Average customer rating:

LabSim for Security+ Guide to Networking Security Fundamentals
Testout!
Manufacturer: Course Technology Ptr (Sd)
ProductGroup: Book
Binding: Hardcover

General | Certification Central | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0619217162

Schaum's Outline of Fundamentals of Relational Databases

Average customer rating:

A very broad & not very useful overview
It will not worth to buy..
Typos and omissions
Concise and thorough intro to relational database concepts

Schaum's Outline of Fundamentals of Relational Databases
Ramon Mata-Toledo , and Pauline Cushman
Manufacturer: McGraw-Hill
ProductGroup: Book
Binding: Paperback

Relational Databases | Databases | Computers & Internet | Subjects | Books

Database Design | Databases | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

Reference | Mathematics | Science | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 007136188X

Book Description

• More than 200 completely solved problems and an equal number of supplementary problems facilitate the understanding of database technology
• Complete scripts allow students to create and populate all databases used in the book
• Syntax and database technology employed by the most important database developers are featured, including Oracle, Microsoft Access, and DB2
• Lab and practice tests similar to the tests currently used in the database certification exams for database developers are included to help students master database problems

Download Description

Syntax and database technology employed by the most important database developers are featured, including Oracle, Microsoft Access, and DB2.

Customer Reviews:

A very broad & not very useful overview.......2007-01-13

This outline is to broad and too shallow to be that useful. The outline tries to cover SQL, database theory, functional dependencies, normalization, database security, the entity relationship model, and throw in an MS Access example screen every now and then - all in just 250 brief pages. I hate to give the book two stars, because that usually indicates a book is pretty useless, but I feel I'd be a little too kind in giving it three stars too. My advice is to go with an introductory book like "Databases Demystified", and then get a book dedicated to SQL and learn that language separately. I prefer "Learning SQL", published by O'Reilly and Associates. If you want more advanced material on database theory after that, C.J. Date's book, "An Introduction to Database Systems", is a good one.

It will not worth to buy.........2004-12-26

It is cheap so you can buy it in any case. But still I think it will not worth to buy.

Typos and omissions.......2004-07-22

This text is littered with typos. The narrative is dry and difficult to read; the authors seem to walk all over themselves trying to over-explain things rather than just taking the time to find the most concise and understandable way to say them. They use nonstandard symbols in their technical descriptions, and some symbols are simply not explained at all.

I am not very impressed with this book. I am basically skimming through it to pick up the basic concepts and I will explore them on my own without the help of this book.

Concise and thorough intro to relational database concepts.......2001-05-05

This book is ideal for those of us who need to refresh knowledge and skills of relational databases that may have been unused for a few years, or for people who need to understand relational database concepts in a hurry.

It starts with concepts that are essential to understanding relational databases, then introduces you to SQL. If you are working with Oracle you will find that standard SQL and Oracle's SQL*Plus are quite different in that SQL*Plus has a richer set of verbs. Regardless, the intro to SQL is valuable and it provides you with the ability to write queries for real world needs. The examples will work with DB2, Oracle of any other database that will understand standard SQL, making this book product-independent and invaluable.

The sections that I especially liked covered normalization and entity-relationship models. These are basic knowledge factors that are essential to understanding relational databases, and are the heart and soul of the book.

Book Description

Tutorial in style, this volume provides a comprehensive survey of the state-of-the-art of the entire field of computer security. First covers the threats to computer systems (which motivate the field of computer security); then discusses all the models, techniques, and mechanisms designed to thwart those threats as well as known methods for exploiting vulnerabilities; and closes with an exploration of security evaluation of computer systems--the science and art that attempts to grade a particular implementation of computer security. For engineers and scientists interested in computer security.

Customer Reviews:

For someone looking to get started, start here........1998-08-28

I read the book, mainly because I was a student in one of Dr. Amoroso's courses at Stevens Institute of Technology. If you think that all he did was read from the book, you're wrong. The book provided a great background for the upcoming classes. It introduced concepts and terms, providing the information necessary to have a basic understanding of the concept or term. It's worth having around, especially if you want or need to know theories behind computer security.

Fundamentals of Information Theory and Coding Design (Discrete Mathematics and Its Applications)

Average customer rating:

Good but with some errors

Fundamentals of Information Theory and Coding Design (Discrete Mathematics and Its Applications)
Roberto Togneri , and Christopher J.S deSilva
Manufacturer: Chapman & Hall/CRC
ProductGroup: Book
Binding: Hardcover

Chaos & Systems | Physics | Science | Subjects | Books

General | Science | Subjects | Books

General | Mathematics | Science | Subjects | Books

Systems Analysis & Design | Computer Science | Computers & Internet | Subjects | Books

Information Theory | Computer Science | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
ASIN: 1584883103

Book Description

Books on information theory and coding have proliferated over the last few years, but few succeed in covering the fundamentals without losing students in mathematical abstraction. Even fewer build the essential theoretical framework when presenting algorithms and implementation details of modern coding systems. Without abandoning the theoretical foundations, Fundamentals of Information Theory and Coding Design presents working algorithms and implementations that can be used to design and create real systems. The emphasis is on the underlying concepts governing information theory and the mathematical basis for modern coding systems, but the authors also provide the practical details of important codes like Reed-Solomon, BCH, and Turbo codes. Also setting this text apart are discussions on the cascading of information channels and the additivity of information, the details of arithmetic coding, and the connection between coding of extensions and Markov modelling. Complete, balanced coverage, an outstanding format, and a wealth of examples and exercises make this an outstanding text for upper-level students in computer science, mathematics, and engineering and a valuable reference for telecommunications engineers and coding theory researchers.

Customer Reviews:

Good but with some errors.......2006-10-20

Is an integral and good book, but there are some mistakes like this:

In page 32 the stationary distribution is wrong,
by example w1=28/46=0.6087 in that page, but w1=0.5854 !

Average customer rating:

Fundamentals of Computer Security
Josef Pieprzyk , Thomas Hardjono , and Jennifer Seberry
Manufacturer: Springer
ProductGroup: Book
Binding: Hardcover

Network Security | Networking | Computers & Internet | Subjects | Books

General | Programming | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Databases | Computers & Internet | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Business & Investing | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books

Professional & Technical | Amazon Upgrade | Stores | Books

Science | Amazon Upgrade | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books

Science | Qualifying Textbooks - Fall 2007 | Stores | Books
ASIN: 3540431012

Book Description

This book presents modern concepts of computer security. It introduces the basic mathematical background necessary to follow computer security concepts. Modern developments in cryptography are examined, starting from private-key and public-key encryption, going through hashing, digital signatures, authentication, secret sharing, group-oriented cryptography, pseudorandomness, key establishment protocols, zero-knowledge protocols, and identification, and finishing with an introduction to modern e-business systems based on digital cash. Intrusion detection and access control provide examples of security systems implemented as a part of operating system. Database and network security is also discussed.

Biometric User Authentication for IT Security: From Fundamentals to Handwriting (Advances in Information Security)

Average customer rating:

Biometric User Authentication for IT Security: From Fundamentals to Handwriting (Advances in Information Security)
Claus Vielhauer
Manufacturer: Springer
ProductGroup: Book
Binding: Hardcover

General | Computers & Internet | Subjects | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
ASIN: 038726194X

Book Description

Biometric user authentication techniques evoke an enormous interest by science, industry and society. Scientists and developers constantly pursue technology for automated determination or confirmation of the identity of subjects based on measurements of physiological or behavioral traits of humans. Biometric User Authentication for IT Security: From Fundamentals to Handwriting conveys general principals of passive (physiological traits such as fingerprint, iris, face) and active (learned and trained behavior such as voice, handwriting and gait) biometric recognition techniques to the reader. Unlike other publications in this area that concentrate on passive schemes, this professional book reflects a more comprehensive analysis of one particular active biometric technique: handwriting. Aspects that are thoroughly discussed include sensor characteristic dependency, attack scenarios, and the generation of cryptographic keys from handwriting.

Financial Economics: Making Sense of Market Information (FT Market Fundamentals)

Average customer rating:

Financial Economics: Making Sense of Market Information (FT Market Fundamentals)
Brian Kettell
Manufacturer: Financial Times Management
ProductGroup: Book
Binding: Paperback

General | Popular Economics | Business & Investing | Subjects | Books

Theory | Economics | Business & Investing | Subjects | Books

General | Business & Investing | Subjects | Books

Books:

Books Index

Books Home

Recommended Books