This title is also available as a free eBook. Take control—and put the built-in security and privacy features in Microsoft Office to work! Whether downloading documents, publishing a presentation, or collaborating online—this guide offers concise, how-to guidance and best practices to help protect your documents and your ideas.Get practical, proactive guidance for using the security and privacy management features in Office 2010 and Office 365 Walk through everyday scenarios, and discover everyday techniques that help you take charge Understand common risks and learn best practices you can apply right away

How to Disappear is the authoritative and comprehensive guide for people who seek to protect their privacy as well as for anyone who’s ever entertained the fantasy of disappearing—whether actually dropping out of sight or by eliminating the traceable evidence of their existence.

"The best guide to the Metasploit Framework." —HD Moore, Founder of the Metasploit ProjectThe Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.Learn how to: Find and exploit unmaintained, misconfigured, and unpatched systems Perform reconnaissance and find valuable information about your target Bypass anti-virus technologies and circumvent security controls Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery Use the Meterpreter shell to launch further attacks from inside the network Harness standalone Metasploit utilities, third-party tools, and plug-ins Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

The highly successful security book returns with a new edition, completely updatedWeb applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side.Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous editionDiscusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and moreFeatures a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasksFocusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws.

From cyberspace to crawl spaces, new innovations in information gathering have left the private life of the average person open to scrutiny, and worse, exploitation. In this thoroughly revised update of his immensely popular guide How to Be Invisible, J.J. Luna shows you how to protect yourself from these information predators by securing your vehicle and real estate ownership, your bank accounts, your business dealings, your computer files, your home address, and more.J.J. Luna, a highly trained and experienced security consultant, shows you how to achieve the privacy you crave and deserve, whether you just want to shield yourself from casual scrutiny or take your life savings with you and disappearing without a trace. Whatever your needs, Luna reveals the shocking secrets that private detectives and other seekers of personal information use to uncover information and then shows how to make a serious commitment to safeguarding yourself.There is a prevailing sense in our society that true privacy is a thing of the past. Filled with vivid real life stories drawn from the headlines and from Luna's own consulting experience, How to Be Invisible, Revised Edition is a critical antidote to the privacy concerns that continue only to grow in magnitude as new and more efficient ways of undermining our personal security are made available. Privacy is a commonly-lamented casualty of the Information Age and of the world's changing climate-but that doesn't mean you have to stand for it.

Get complete coverage of the latest release of the Certified Information Systems Security Professional (CISSP) exam inside this comprehensive, fully updated resource. Written by the leading expert in IT security certification and training, this authoritative guide covers all 10 CISSP exam domains developed by the International Information Systems Security Certification Consortium (ISC2). You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CISSP exam with ease, this definitive volume also serves as an essential on-the-job reference. COVERS ALL 10 CISSP DOMAINS: Information security and risk management Access control Security architecture and design Physical and environmental security Telecommunications and network security Cryptography Business continuity and disaster recovery planning Legal regulations, compliance, and investigations Application security Operations security THE CD-ROM FEATURES: Hundreds of practice exam questions Video training excerpt from the author E-book Shon Harris, CISSP, is a security consultant, a former member of the Information Warfare unit in the Air Force, and a contributing writer to Information Security Magazine and Windows 2000 Magazine. She is the author of the previous editions of this book.

From the author of Black Hawk Down comes the story of the battle between those determined to exploit the internet and those committed to protect it—the ongoing war taking place literally beneath our fingertips.The Conficker worm infected its first computer in November 2008 and within a month had infiltrated 1.5 million computers in 195 countries. Banks, telecommunications companies, and critical government networks (including the British Parliament and the French and German military) were infected. No one had ever seen anything like it. By January 2009 the worm lay hidden in at least eight million computers and the botnet of linked computers that it had created was big enough that an attack might crash the world. This is the gripping tale of the group of hackers, researches, millionaire Internet entrepreneurs, and computer security experts who united to defend the Internet from the Conficker worm: the story of the first digital world war.

Get complete coverage of all the objectives included on the EC-Council's Certified Ethical Hacker exam inside this comprehensive resource. Written by an IT security expert, this authoritative guide covers the vendor-neutral CEH exam in full detail. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this definitive volume also serves as an essential on-the-job reference. COVERS ALL EXAM TOPICS, INCLUDING: Introduction to ethical hacking Cryptography Reconnaissance and footprinting Network scanning Enumeration System hacking Evasion techniques Social engineering and physical security Hacking web servers and applications SQL injection Viruses, trojans, and other attacks Wireless hacking Penetration testing CD-ROM FEATURES: Two practice exams PDF copy of the book Bonus appendix with author's recommended tools, sites, and references Matt Walker, CEHv7, CPTS, CNDA, CCNA, MCSE, has held a wide variety of IT security teaching, writing, and leadership roles, including director of the Network Training Center on Ramstein AB, Germany, and IT security manager for Lockheed Martin at Kennedy Space Center. He is currently a security engineer for Hewlett-Packard.

A money-saving CISSP boxed set from the #1 name in IT security certification and training CISSP Boxed Set bundles Shon Harris’ bestselling CISSP All-in-One Exam Guide, Fifth Edition and CISSP Practice Exams with a bonus, second CD-ROM featuring all-new training material—all at a discount of 12% off MSRP. CISSP All-in-One Exam Guide, Fifth Edition provides a comprehensive and in-depth exam review and self-study system covering all ten CISSP domains. The book includes exam tips that highlight actual exam topics, technical discussion sidebars, and hands-on examples and exercises that support practical learning for real-world situations. The CD-ROM contains practice exam questions, a video training excerpt, and an e-book. CISSP Practice Exams reinforces what is taught in the Exam Guide with questions for review organized by exam domain and more than 1000 additional questions available online. A bonus CD-ROM available only with this Boxed Set features two additional practice exams as well as all-new audio and video training led by Shon Harris. Covers all 10 CISSP domains: Information security and risk management; Access control; Security architecture and design; Physical and environmental security; Telecommunications and network security; Cryptography; Business continuity and disaster recovery planning; Legal regulations, compliance, and investigations; Application security; Operations security Total CD-ROM content for the boxed set includes: 1200+ practice exam questions covering all 10 CISSP domains Practice exam questions hosted in practice testing engines complete with in-depth answer explanations 3+ hours of audio and video training Audio training features Shon Harris reviewing access control concepts Video training features Shon Harris teaching core cryptography concepts E-book version of CISSP All-in-One Exam Guide, Fifth Edition Additional training content! 1000+ practice exam questions and 30+ hours of audio training available online!

Reflecting the latest developments from the information security field, best-selling Security+ Guide to Network Security Fundamentals, 4e provides the most current coverage available while thoroughly preparing readers for the CompTIA Security+ SY0-301 certification exam. Its comprehensive introduction to practical network and computer security covers all of the the new CompTIA Security+ exam objectives. Cutting-edge coverage of the new edition includes virtualization, mobile devices, and other trends, as well as new topics such as psychological approaches to social engineering attacks, Web application attacks, penetration testing, data loss prevention, cloud computing security, and application programming development security.