* Cryptography is the most effective way to achieve data security and is essential to e-commerce activities such as online shopping, stock trading, and banking
* This invaluable introduction to the basics of encryption covers everything from the terminology used in the field to specific technologies to the pros and cons of different implementations
* Discusses specific technologies that incorporate cryptography in their design, such as authentication methods, wireless encryption, e-commerce, and smart cards
* Based entirely on real-world issues and situations, the material provides instructions for already available technologies that readers can put to work immediately
* Expert author Chey Cobb is retired from the NRO, where she held a Top Secret security clearance, instructed employees of the CIA and NSA on computer security and helped develop the computer security policies used by all U.S. intelligence agencies

Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?

Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.

Despite their myriad manifestations and different targets, nearly all attacks on computer systems have one fundamental cause: the code used to run far too many systems today is not secure. Flaws in its design, implementation, testing, and operations allow attackers all-too-easy access. Secure Coding: Principles & Practices looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and highly readable book explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers.

Most businesses are aware of the danger posed by malicious network intruders and other internal and external security threats. Unfortunately, in many cases the actions they have taken to secure people, information and infrastructure from outside attacks are inefficient or incomplete. Responding to security threats and incidents requires a competent mixture of risk management, security policies and procedures, security auditing, incident response, legal and law enforcement issues, and privacy. Critical Incident Management presents an expert overview of the elements that organizations need to address in order to prepare for and respond to network and information security violations. Written in a concise, practical style that emphasizes key points, this guide focuses on the establishment of policies and actions that prevent the loss of critical information or damage to infrastructure.CTOs, CFOs, Chief Legal Officers, and senior IT managers can rely on this book to develop plans that thwart critical security incidents. And if such incidents do occur, these executives will have a reference to help put the people and procedures in place to contain the damage and get back to business.

The Security+ certification was developed by CompTIA in response to corporate and government requests for a certification that validates foundation-level IT security skills. Topics covered include access control, authentication, intrusion detection, malicious code, cryptography, physical security, disaster recovery, policies and procedures, and more. Sybex is proud to server as a Cornerstone member of the Security+ advisory committee.
The Perfect Preparation and Review Resource
Security+ Fast Pass is the streamlined tool you need to bone up for the Security+ exam [SYO-101]. The enclosed CD lets you practice, practice, practice, and you'll keep the book--packed with concise, objective-focused coverage and review questions--at your side until the minute you sit down to take the test.
Coverage includes:
* Understanding general security concepts
* Assessing risk
* Securing communications
* Implementing wireless security features
* Configuring a firewall
* Detecting intrusions
* Securing your organization's infrastructure
* Understanding the basics of cryptography
* Managing security keys and certificates
* Ensuring operational and organizational security
* Recovering from disasters