The CISM Prep Guide: Mastering the Five Domains of Information Security Management

Book Description

* Prepares readers for the Certified Information Security Manager (CISM) exam, ISACA's new certification that launches in June 2003
* CISM is business-oriented and intended for the individual who must manage, design, oversee, and assess an enterprise's information security
* Essential reading for those who are cramming for this new test and need an authoritative study guide
* Many out-of-work IT professionals are seeking security management certification as a vehicle to re-employment
* CD-ROM includes a Boson-powered test engine with all the questions and answers from the book

Customer Reviews:

Outdated: Better to spend your $$ on the ISACA prep books instead........2006-10-22

I sat through the first of a few local ISACA CISM review sessions for the Dec 2006 exam today. I brought this book along for class (and CISM certified instructors) to see since the sample exam questions within are quite a different focus than those found in the ISACA's 3 prep books. Today's review session had notes provided directly from the CISM sponsoring organization. The ISACA's sample questions provided today didn't delve into the technical level found in this book's sample exam questions. I agree with a previous reviewer, this book seems to have more of a CISSP focus than a CISM focus at this time. I will focus my prep efforts for the Dec 2006 exam on the 3 books from ISACA (Exam guide, Q&A & Explanations, & Q&A and Explanations Supplement.) However, I will keep this book as an additional resource for my next year's prep for the CISSP exam. From what I see, while not set up by the CISSP domains, the technical detail level in this book is better suited for the CISSP exam prep. At the time/date of this posting, the Peltier/Peltier CISM prep book hasn't been released.

Outdated beyond usefulness........2005-08-03

Be advised: this book may have been relevant a couple years ago, but not anymore. ISACA has updated and slightly reorganized the exam. I believe this book actually interferred with my prep. The ISACA study guides and applicable experience are plenty to pass this exam (worked for me). Good luck.

CISSP or CISM?.......2005-06-13

I bought this book because there is no other book available (prep guide) that covers the CISM. As I read through the book there is an explicit sentence that reads "to better prepare you for the CISSP exam"; which test is this preg guide for? If you're going to cut and paste from similar works you've done in the past at least do the readers a favor and use the find/replace all function :). Overall it was a good read and I'll keep it around as a reference.

Question Errata Link.......2004-03-31

Co-author here. It has been brought to Dr. Krutz' and my attention that several errors in the CD questions were not corrected per our instructions prior to publication. Wiley has published a link to the CISM Prep Guide question errata sheet @:

http://www.wiley.com/legacy/compbooks/updates/cismprepgd/index.html

The errata sheet in pdf format can be also found @: www.rdvgroup.com/CISM

As to the reader's response that someone in Wiley stated that we weren't the authors of the questions, Dr. Krutz and I were unable to find who told him (at least no one admitted it). Other than the errors which should have been corrected by the publisher, we are solely responsible for the quality of the questions.

Russell Dean Vines

You can do better.......2004-02-22

The product details are the first giveaway - 456 Pages?
My book finishes at page 433. Anything of substance in the book
finishes where appendix A starts at Page 259. In other words there is a lot less to the book than the stated 456 pages. The CISM is considered to be a rival to the CISSP by some, and Krutz & Vines made a decent job with the CISSP Prep Guide (Gold edition). What happened here ?
The Boson questions are woeful with numerous mistakes. I gave feedback to the publishers and was informed that "The publisher and author have acknowledged that this is an error created by the question writer hired to write the questions for the CD test" Were Mr Krutz and Vines too busy to even QA the questions, let alone write them?

The SSCP Prep Guide: Mastering the Seven Key Areas of System Security

Average customer rating:

Disorganized and Incomplete
I passed the SSCP exam the first time using this book to study for it
Pretty discontent organization
A one star book that cannot stand alone
Nice study start.

The SSCP Prep Guide: Mastering the Seven Key Areas of System Security
Debra S. Isaac , and Michael J. Isaac
Manufacturer: Wiley
ProductGroup: Book
Binding: Paperback

Network Security | Networking | Computers & Internet | Subjects | Books

General | Certification Central | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Look Inside Business Books | Trip | Specialty Stores | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Business & Investing | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books

Engineering | Amazon Upgrade | Stores | Books

Professional & Technical | Amazon Upgrade | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0471273511

Book Description

SSCP (System Security Certified Practitioner) is the companion test to CISSP, appealing to the practitioners who implement the security policies that the CISSP-certified professionals create
Organized exactly like the bestselling The CISSP Prep Guide (0-471-41356-9) by Ronald L. Krutz and Russell Dean Vines, who serve as consulting editors for this book
This study guide greatly enhances the reader's understanding of how to implement security policies, standards, and procedures in order to breeze through the SSCP security certification test
CD-ROM contains a complete interactive self-test using all the questions and answers from the book, powered by the Boson test engine

Customer Reviews:

Disorganized and Incomplete.......2007-07-04

I passed the SSCP exam using this book and an online program, but I am sure glad I had the latter. The material in this guide was presented in a haphazard manner, and had I relied solely on the prep questions in the book and on the accompanying CD I would have been woefully unprepared. This was a good reference book, but hardly the "one-stop source" for the SSCP exam that was described on the back cover.

I passed the SSCP exam the first time using this book to study for it.......2006-01-11

I chose this SSCP certification study guide book out of several other ones. This book is definitely among the best SSCP study guides currently on the market. From my personal experience, I highly recommend it to any IT professional preparing for the SSCP exam and as an IT security reference book.

I used this book as the ONLY preparation material to study for the SSCP exam (nothing else, no "prep course" or anything else) and passed the exam the first time. This is the only book that one will need in order to be prepared for the SSCP exam, as long as one has solid IT security knowledge and work experience and only need to "brush up" on IT security topics that are covered in the exam. If you DO NOT have this prerequisite IT security knowledge and work experience, then I candidly recommend that one uses this book AND other resources (such as other SSCP prep guides, "prep courses", etc.) to adequately prepare for the SSCP exam.

This book definitely is the best SSCP prep guide for the money. It is very well written and the co-authors of this book clearly demonstrate that they are very knowledgeable about the technical aspects of IT Security that are covered in the SSCP exam. This book is very well organized and the chapters are arranged by the 7 core bodies of knowledge (CBK's) that are covered in the SSCP exam, making it easy to prepare for it by CBK and to understand ahead of time exactly what materials will be covered. Besides being an excellent SSCP prep guide, it is also an excellent reference guide, after one is SSCP certified.

Pretty discontent organization.......2005-06-29

This book looks like the first one written by the authors with little care and feed put in.

The contents are organized by the ISC2 domain structure. However the materials presented scatter around in a most ilogical way I can imagine. For example, they present quiz problems of a subject before they touch upon the subject in the context. They provide multiple definitions of subject matter in different locations. Finally they ask questions in the quiz where there is no corresponding guide in the main body at all (e.g. Information Classification).

The book was also edited fairly poorly. Although the layout is pleasing and easy to read, some answers were plain wrong. The Index in the back of the book is literally useless.

jian

A one star book that cannot stand alone.......2004-07-07

After using this book for review and having failed the exam using this book, I can confidently say that this book alone falls dismally short of it purported goal. I have turned to the Shon Harris All in one and the official ISC2 books for reivew of my CISSP exam (sscp is a forgone conclusion) as well as other sources.

My reccomendation is that you don't even bother purchasing this books as it is a total waste of your hard earned money especially in light of a fine book (all in one) that is readily available.

Caveat Emptor

Nice study start........2004-03-16

I used this book as my first and primary study guide. First off the SSCP is not an easy exam. You will need more than this reference. I also used the CISSP passport and a security reference book. I liked the ease of reading this book had, but would have liked a bit more technical content. The constant discussion of a roadmap was confusing but made sense in the end. The study questions seemed a bit easy since I could answer most of them before reading the book. I saw the first review listed and was a bit worried about it, ignore it and you will be fine. I would say, this is a good book to buy if you are planning on sitting for the SSCP exam. Good luck on the test.

The CISSP Prep Guide: Mastering the CISSP and ISSEP Exams, Second Edition

Average customer rating:

This is the book that will get you pass the CISSP exam!
Gooddish study guide for this certification
Not bad, but the "Official" study guide is better IMO
Passed my CISSP Test today!!
Another Great Guide

The CISSP Prep Guide: Mastering the CISSP and ISSEP Exams, Second Edition
Ronald L. Krutz , and Russell Dean Vines
Manufacturer: Wiley
ProductGroup: Book
Binding: Paperback

Network Security | Networking | Computers & Internet | Subjects | Books

General | Certification Central | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Look Inside Business Books | Trip | Specialty Stores | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Business & Investing | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
ASIN: 076455915X

Amazon.com

The Certified Information Systems Security Professional (CISSP) rating is difficult to earn and rare in the marketplace, which means you're a valuable commodity if you've proven your skills by passing the exam. The CISSP Prep Guide, one of only a handful of books on its subject, does a good job of giving readers a feel for the scope of the test and the style of its questions. It's ideal for use either as a preliminary survey of the CISSP subject areas (the test's publisher and the authors of this book call them "domains") for relative newcomers to computer security, or as a pure study guide to help more experienced professionals zero in on the weak spots in their knowledge. Don't expect to do well on the CISSP exam having only read this book. You'll want to have some practical experience and some specialized reading under your belt.

Ronald Krutz and Russell Vines are good writers and fine teachers; they explain the wide-ranging CISSP domains (which have to do with everything from cryptographic algorithms to fire-suppression techniques to legal principles). They take care to explain potentially unfamiliar terms--there's a good glossary in the back of this book--and employ conceptual diagrams well. However, the answer keys for the sample questions that conclude each chapter aren't annotated and some readers will wish for more references to specialized sources. --David Wall

Topics covered: The subjects covered by the Certified Information Systems Security Professional (CISSP) exam published by the International Information Systems Security Certification Consortium, including cryptography, access control, security policy, legal matters, and the physical safety of information, equipment, and people.

Book Description

This updated bestseller features new, more focused review material for the leading computer security certification-the Certified Information Systems Security Professional, or CISSP
The first book on the market to offer comprehensive review material for the Information Systems Security Engineering Professional (ISSEP) subject concentration, a new CISSP credential that's now required for employees and contractors of the National Security Agency (NSA) and will likely be adopted soon by the FBI, CIA, Department of Defense, and Homeland Security Department
The number of CISSPs is expected to grow by fifty percent in 2004
The CD-ROM includes the Boson-powered interactive test engine practice sets for CISSP and ISSEP

Customer Reviews:

This is the book that will get you pass the CISSP exam!.......2007-07-11

I used the CISSP for Dummies as a first book to get me in the mode and hit this book hard over and over again. It helped me to pass the test on my first try. It has enough details and excellent test questions. I'm not sure about the ISSEP parts as I did not go through it. At $6.99 when I bought it compared to the $26.99 I paid for the Dummies book, this is the best bang for the buck in studying for the exam, no question about that.

Gooddish study guide for this certification.......2007-01-30

Good points:

+Surveys of all areas of the CISSP exam.
+Each area covered in detail with many examples.
+Well written in the usual sober style of Wiley guides.
+Good layout, easy on the eyes and with lots of margin space for notes. Easier to read than the official (ISC)2 guide.
+CD gives over 300 practice questions.

Bad points:

-Typos, one every ten pages or so.
-Some mistakes, or at least areas where I disagreed. (See below for an example.)
-Out of date. (That's not really the author's fault but that's Reality, accept it, what with revolutions happening every six months...)

One example of a disagreement came in a question where we were asked to choose which of four methods was NOT a good way of wiping data from a diskette. I chose "writing data to the diskette several times" but the book gave the correct answer as "formatting the diskette seven times". I disagree. At my office before disgarding a PC, IT wipes the hard drive. They reformat the drive once then they overwrite the entire hard disk several times with random sequences of bytes. Such software is easy to find on the internet and the method is pretty standard.

While there are many challenging concepts and more than a few insights especially in areas where I don't have much experience, I find much to be just plain wrong or at best naive. One big problem is (ISC)2 itself: what you need to know to get their accreditation is wrong. The above disagreement is one example, but there are more: (ISC)2 thinks software piracy is like stealing anything else, when in fact the status of intellectual property is not yet well defined.

Verdict: if you need to take the CISSP accreditation get this book along with the official (ISC)2 study guide, otherwise don't.

Vincent Poirier, Tokyo

Afterword: I underwent the exam last March and passed. I can't talk about the exam's content (as part of the agreement one signs upon taking the exam) but I will make one positive comment: the questions were more relevant and less naive than the study material had led me to expect.

VP, Dublin

Not bad, but the "Official" study guide is better IMO.......2006-11-23

This book is ok, but I think the book sold by ISC2 is much better. I only used this as a "supplement" to the official guide.

There are so many CISSP products on the market and I think most of them are BS (i.e. Shon Harris' $1000 review product). Maybe if you know nothing about security and have the choice of a $4,000 boot camp and the Shon Harris $1,000 package, otherwise, get the official guide (about $60) and spend some time reading it. It comes with practice tests in the back and a small test per chapter (most certification books are like this).

Passed my CISSP Test today!!.......2006-10-12

I received notice today that I passed the CISSP test, and this book was the main source I used for studying. It is thorough without giving you extraneous information you don't need for the test. The writing style is adequately pleasant to get through for a technical book. Having the book in PDF form as well was a really helpful plus.

Thanks, Ron Krutz! I will add that reading one or two other books at the same time will greatly increase your overall comprehension of the material. This test is not about technical details, but showing that you grasp the underlying big concepts in security. I would study a domain by reading three study guides' chapters on that one domain before moving on to another domain. This gave me a great perspective.

Strat

Another Great Guide.......2006-04-27

This is another great guide from Krutz and Vines. I have my CISSP and purchased this one for the ISSEP guide and as a reference.

The first 10 Chapters are for the CISSP with some ISSEP tidbits.
Chapters 11-14 are on the ISSEP. Granted some of it is from the IATF but the IATF is what the ISSEP uses as a reference.

These guys are always a step above and beyond Harris.

Mastering Windows Network Forensics and Investigation (Mastering)

Average customer rating:

Good but could be better...
Windows Netowork Forensic
Must have for your library!
A must have for network security administrators and computer/network crime investigators.
It's refreshing to finally be part of the "target audience"

Mastering Windows Network Forensics and Investigation (Mastering)
Steven Anson , and Steve Bunting
Manufacturer: Sybex
ProductGroup: Book
Binding: Paperback

General | Certification Central | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

Forensics | Security & Encryption | Computers & Internet | Subjects | Books

Windows Security | Security & Encryption | Computers & Internet | Subjects | Books

Criminology | Crime & Criminals | Nonfiction | Subjects | Books

ASIN: 0470097620

Book Description

This comprehensive guide provides you with the training you need to arm yourself against phishing, bank fraud, unlawful hacking, and other computer crimes. Two seasoned law enforcement professionals discuss everything from recognizing high-tech criminal activity and collecting evidence to presenting it in a way that judges and juries can understand. They cover the range of skwills, standards, and step-by-step procedures you’ll need to conduct a criminal investigation in a Windows environment and make your evidence stand up in court.

Customer Reviews:

Good but could be better..........2007-08-31

The book is about the daunting task to get evidence from computers suited with the Windows Operating System. This book is split in three parts. The first part is to get a basic understanding of how things work and what kind of vulnerabilities there are on a typical windows machine. Rootkits are touched lightly although there is some information to get a basic understanding of this complex and threatening technology there could be expected more.

The second part is about analysing a Windows Computer. Tools and techniques are discussed here and some explanation about the various filesystems. There could be less focus on the "EnCase" suite in my opinion.

The last, and in my opinion best part, is about about analysing logs, logparser and how to make your job much easier in gathering information and evidence from a windows machine. A great part with a wealth of useful tips and tricks. Even if you're not directly involved with forensics.

So the authors of this book discussed the basics of foresic investigation and security techniques and also the reasoning behind them. Overall they did a good job. They are not afraid to point out some other interesting booktitles to get even more knowledge about a specific topic. However there could be less focus on "EnCase" and more detailed information about certain topics such as rootkits.

Rob Faber CISSP, CEH, MCSE
Infrastructure architect / Sr. Security consultant
The Netherlands

Windows Netowork Forensic.......2007-07-25

This book is well worth the price. Much information regarding network configuration and network logs examination, which is highly needed in performing investigations in todays complicated syndicate

Must have for your library!.......2007-07-08

Very good resource for network forensics. Easy to read and full of good nuggets of information. Worth the price of admission!

A must have for network security administrators and computer/network crime investigators. .......2007-04-22

This book skillfully combines real world network security with law enforcement investigative techniques to deliver a text which will enable you to make the right decisions based on the unique circumstances and facts of each event you are called on to investigate.

I consider this book a must have for anyone in network administration, network security or on a computer emergency response team. The techniques and information contained within are, without a doubt, missing from almost all other books and training you have received.

It's refreshing to finally be part of the "target audience".......2007-04-17

As a law enforcement officer, I've often found myself frustrated by books that cover incident response, but never discuss law enforcement involvement, except as an afterthought. While I understand that it's important for corporate and internal investigators to have this type of information, it's refreshing to find a book that talks about the law enforcement response to an computer crime incident.

I've had the privilege of attending classes instructed by both of these authors. One of the things that impressed me about their classes is that they were able to break down complicated technical concepts into terms that cops can understand. They continue to do that in this book.

Computer crime investigators need to add this book to their libraries. I'd say it's a must have.

Average customer rating:

A good place to start working on security fundamentals.
Almost Master Network Security
Network Security for the Intermediate Admin
Awesome Book
"Mastery" not possible, but a strong volume nonetheless

Mastering Network Security
Chris Brenton , and Cameron Hunt
Manufacturer: Sybex
ProductGroup: Book
Binding: Paperback

General | Certification Central | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

All Deals | Blowout Books | Stores | Books

Business & Investing | Blowout Books | Stores | Books

Computers & Internet | Blowout Books | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0782141420

Amazon.com

In Mastering Network Security, Chris Brenton presents a complete portrait of all the things that can go wrong with a computer network and provides a thorough discussion of the tools available to counteract them. This book proceeds to explain how malicious software, external attackers, angry insiders, software bugs, and other evil entities can bring down a system. Most of the focus here, however, is on system attacks from the outside. Brenton devotes much attention to the tools you can use to thwart attackers.

This book walks the reader through a security audit and the process of developing an effective security policy. While some of the author's advice in this area may seem like common sense, it's helpful to have the many related issues summarized. Then, on the theory that it's easier to secure territory you know well, Brenton provides an overview of internetworking technologies--notably, Virtual Private Networks (VPNs)--and their inherent security characteristics.

Mastering Network Security shows how to implement security measures--including logging, encryption, and packet filtering--on your existing network infrastructure. (He provides specifics for Unix, Windows NT, Cisco IOS, and NetWare). The author also writes at length about supplementary security measures such as firewalls (especially Firewall-1), intrusion detection systems (focusing on RealSecure), and RAID data redundancy (with emphasis on OctopusHA+). --David Wall

Book Description

The Technology You Need is Out There. The Expertise You Need is in Here.

Expertise is what makes hackers effective. It's what will make you effective, too, as you fight to keep them at bay. Mastering Network Security has been fully updated to reflect the latest developments in security technology, but it does much more than bring you up to date. More importantly, it gives you a comprehensive understanding of the threats to your organization's network and teaches you a systematic approach in which you make optimal use of the technologies available to you. Coverage includes:

Understanding security from a topological perspective
Configuring Cisco router security features
Selecting and configuring a firewall
Configuring Cisco's PIX firewall
Configuring an intrusion detection system
Providing data redundancy
Configuring a Virtual Private Network
Securing your wireless network
Implementing authentication and encryption solutions
Recognizing hacker attacks
Detecting and eradicating viruses
Getting up-to-date security information
Locking down Windows NT/2000/XP servers
Securing UNIX, Linux, and FreBSD systems

Customer Reviews:

A good place to start working on security fundamentals........2002-12-27

With the need for network security ever increasing daily and the need for security specialist on the rise in the industry, it is nice to see Sybex releasing an update to this manual. While I found this book to more for the foundational concepts rather than the more experienced technician, this is still a great book to work with.

What attracted me to this book was the author Chris Brenton, of whom I read his Mastering Cisco Routers and found it an invaluable resource to my job. I also found his knowledge of this subject matter to be just as impressive, making this a first rate resource. I wished I had read this before the router book and certain concepts would have been easier to understand.

The chapters for firewalls and particular PIX Firewalls, I thought was well documented and explained. The one thing I found most impressive by the text was the fact that the authors made or make no assumption of knowledge level, thereby ensuring the reader have an explanation that will make sense and be comprehendible at the same time.

Another thing I found was that while this book is Network Security and does not conform to any Security Certification objectives, it would be useful for Security+ exam as well as some others. I also liked the exercises included, but I always want more, which is something to add to the next edition.

Overall for those trying to crack the security barrier you have a great place to get started. The authors did a terrific job and Sybex has a winner in this book.

Almost Master Network Security.......2001-08-03

Overall this text is slightly better than good. After reading almost the whole book I found that for someone interested in theory and not so much in technique, this is a good read. It does go over some good points about planning your security model and gives good advice on how to approach security in your organization. It even goes through a basic install of CheckPoint FW-1 for NT. Topics including policy, legal issues and the user's ability to comply with policy are interesting but not why I bought this book. I thought Chris put some good information in this text but the title doesn't accurately match the content.

Network Security for the Intermediate Admin.......2001-05-08

I am learning to be a Network Security Auditor. I have basic to intermediate knowledge of network administration and security. This book propels you well into the intermediate to advanced knowledge of network security. This book is easy to understand, but a working knowledge of TCP/IP, Firewalls and Network Administration is a must. Combine this book with the Hacking Exposed book and you are set.

Awesome Book.......2000-09-08

Technical books tend to bore me to death but I managed to worked my way through this one. The author didn't write it in typical egghead-ese that one might see with any book focused on a such a complex arena of computing. I learned quite a few concepts with this one.

I purchased the book primarily based on the ratings here and want to thank the other reviewers. They were right on with their reviews. This one is a must-read if you're even remotely interested in network security.

"Mastery" not possible, but a strong volume nonetheless.......2000-06-15

I imagine Chris didn't choose the exact title of this book, as it is another of Sybex's "Mastering..." series. He would probably agree that no single book or combination of books will produce a security "expert." Regardless, I was surprised at the scope of material and Chris' ability to explain it well. I am trying to broaden my security horizons beyond intrusion detection, and I found this book well organized, logical, and amazingly pertinent almost two years since it was written. I found what I believe are very minor errors (e.g., details of a FIN scan), but I can't fault anyone who attempts to capture so much information in one volume. I will recommend my intrusion detection analysts add this book to their reading lists. Thanks Chris!

Average customer rating:

A little outdated in fast paced evolving market

Mastering Direct Access Fundamentals
Jonathan Reed Aspatore , and Dan Bress
Manufacturer: McGraw-Hill Companies
ProductGroup: Book
Binding: Hardcover

General | Popular Economics | Business & Investing | Subjects | Books

General | Business & Investing | Subjects | Books

General | Investing | Business & Investing | Subjects | Books

Introduction | Investing | Business & Investing | Subjects | Books

General | Personal Finance | Business & Investing | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Self-Help | Health, Mind & Body | Subjects | Books
Similar Items:

ASIN: 0071362495

Book Description

Mastering Direct Access Fundamentals walks the reader through the terms, resources, and skills required to excel as an E-DAT trader. Covering the basics simply--yet with sufficient detail to eliminate confusion--it explains how to use the keyboard; techniques to understand and interpret the colors, number, blips, and symbols flashing across the screen; strategies to analyze a position at the end of the trading day, and more. A key addition to The Direct Access Trader Series, it is the essential resource for becoming an E-DAT success story.

Download Description

Mastering Direct Access Fundamentals walks the reader through the terms, resources, and skills required to excel as an E-DAT trader.

Customer Reviews:

A little outdated in fast paced evolving market.......2005-02-14

but still worthy information that applies.. I know that some of the ECNs have changed so some of the information might be a flawed.. Other than that this is a good book for a serious trader.. I was supprised to see that nobody reviewed this book so I will..

[even though I gave it 5 stars] With all that said their are better books out their on DAT trading but I do appriciate the authors no nonsence style but yet still yields the necessary verbatim.. I hope to see the next edition so I can be one of the first in line to get the newer version...

What you could learn:
*Levels of trading
*About Market Makers & ECNs
*Real time trading stategies

gl

Average customer rating:

Good Perspective on Securing Web Services Apps
good for developers of complex secure WS applications
Quadrasis EASI Web services security - user guide !
Good Basics - Not a 'Mastering' Security book
An EASI read, with some gaps

Mastering Web Services Security
Bret Hartman , Donald J. Flinn , Konstantin Beznosov , and Shirley Kawamoto
Manufacturer: Wiley
ProductGroup: Book
Binding: Paperback

Web Services | Web Development | Computers & Internet | Subjects | Books

Privacy | Business & Culture | Computers & Internet | Subjects | Books

Distributed Databases | Databases | Computers & Internet | Subjects | Books

Network Security | Networking | Computers & Internet | Subjects | Books

General | Programming | Computers & Internet | Subjects | Books

General | Computers & Internet | Subjects | Books

General | Software | Computers & Internet | Subjects | Books

Look Inside Computer Books | Trip | Specialty Stores | Books

All Amazon Upgrade | Amazon Upgrade | Stores | Books

Business & Investing | Amazon Upgrade | Stores | Books

Computers & Internet | Amazon Upgrade | Stores | Books

Professional & Technical | Amazon Upgrade | Stores | Books

All Titles | Qualifying Textbooks - Fall 2007 | Stores | Books

Business & Investing | Qualifying Textbooks - Fall 2007 | Stores | Books

Computers & Internet | Qualifying Textbooks - Fall 2007 | Stores | Books

Professional | Qualifying Textbooks - Fall 2007 | Stores | Books
Similar Items:

ASIN: 0471267163

Book Description

Uncovers the steps software architects and developers will need to take in order to plan and build a real-world, secure Web services system
Authors are leading security experts involved in developing the standards for XML and Web services security
Focuses on XML-based security and presents code examples based on popular EJB and .NET application servers
Explains how to handle difficult-to-solve problems such as passing user credentials and controlling delegation of those credentials across multiple applications
Companion Web site includes the source code from the book as well as additional examples and product information

Customer Reviews:

Good Perspective on Securing Web Services Apps.......2003-04-30

Mastering Web Services Security provides a valuable enterprise perspective on building secure Web Services applications. Rather than focusing on a single technology like .NET or Java, the book provides useful real-world guidelines for building Web Service based systems that use many different products.

Some previous reviews of this book thought that EASI was exclusively a description of the product from the authors' company. I didn't see it that way -- in fact, I didn't see any specific details describing vendor products based on EASI. I viewed EASI more as an architectural technique that can be applied to many vendor products. Different Web Services vendors of Service Oriented Architectures (SOAs) offer frameworks that look like EASI, which makes this book useful when evaluating those alternatives.

good for developers of complex secure WS applications.......2003-04-20

The book does a great job explaining how to build non-trivial WS systems that are secure from end to end. Instead of limiting the material to descriptions of SOAP-related technologies and their security (this is what the other books I've read on WS security do), the authors first explain how to secure quickly a simple homogenous (M$-based) WS application, then point out the problems with such a simple-minded approach, and then devote the rest of the book to the question of securing complex heterogeneous WS applications by putting all necessary pieces together.

The first part also has a good introduction into the building blocks for WS security solutions, including not only SOAP and XML security, but also security of the underlying middleware technologies. Here, they could do a better job on going into more details about WS-Security spec and its friends. In the second part, they show how to use those building blocks together. Again, chapters on security of Java-based WS and the security interoperability lack a good structure and some times are just confusing.

From reading the book, it became clear to me that WS security is yet another instance of the old problem of enterprise security integration, although with a SOAP twist. Therefore, many methods from middleware security can be used for securing WS applications. I would recommend reading this book only to those who build complex heterogeneous WS applications.

Quadrasis EASI Web services security - user guide !.......2003-02-03

This book covers the basics and fundamentals of Web services security and industry specs to an extent and quite good.

This book promotes Quadrasis EASI security kit (like a UserGuide) which made me so annoying! It does not provide practical examples from industry leading security vendors like Netegity TransactionMinder, SunONE Identity server etc.

If you are looking for implementing XML Security using Netegrity TransactionMinder, Microsoft Passport, SunONE Identity server..then this book is a WRONG CHOICE. You may find this book more appropriate if you are a Quadrasis user.

Good Basics - Not a 'Mastering' Security book.......2003-01-30

If you are looking to compare this book with "Mastering EJB" by Ed Roman then you are making a big mistake! This books is very focussed on Quadrasis EASI implementation ( I never heard off).
(+) Good high level book for concepts.
(+) This book covers well all emerging Web services security specs including WS-Security, SAML, .NET Security etc.
(-) Only address Proprietory technologies from Netegrity and Quadrasis (Quite upsetting).
(-) Not enough examples to cover all the security specs.

(-) No discussion on implementing Liberty and Passport technologies.

An EASI read, with some gaps.......2003-01-27

This was the first Web services security book which I've read. Overall my impression on this book is pretty positive. Here are my thoughts on this book:

- The writing and examples are clear. The glossary is a nice touch. The book avoids spending much time on a "101 of Web services" section, and that's probably a good thing, since plenty of books cover that already. Plus, anyone who buys this book will know the basics of Web services already.

- Much of the book focuses on applying the Quadrasis "EASI" security framework to Web services, unsurprisingly I guess since the four authors all work for Quadrasis. Some of the code examples require an instance of the EASI framework to work, which is limiting to people who are not using Quadrasis software (I don't think there is anyone else with product which implements the EASI framework). For examples of authentication and authorization in Java, i'd prefer to have seen JAAS used. I think the book would have been more accurately named "Mastering Web Services Security using the EASI Framework".

- Any book on Web services security right now is going to be a picture of a moment in time, because of the evolving standards in this area, e.g. information about timestamps and nonces in WS-Security isn't included, so probably the book was written before the WS-Security Addendum was released. Ditto WS-SecureConversation, WS-Policy, and WS-Trust - most likely published after this book was written. I'd like to have seen this information, plus concrete information about SAML assertions in SOAP messages, in the book.

- XKMS is missing from the book. This was a big surprise, since like most people, I'd see XKMS as a fundamental Web services security technology. Also, XACML only gets a half a page.

- The sections on the IIS web server are very strong.

- Netegrity SiteMinder is covered, but Netegrity TransactionMinder is not. This was a surprise.

Book Description

Offering readers a program and an approach to Internet investing that covers the basics within the framework of Internet tools and resources, Mastering Online Investing is the conscientious investor's answer to the inflated claims and rampant speculation that occupies so much space on the Internet. Smart, well-informed decision making that encompasses setting goals, defining acceptable risks, selecting stocks or other instruments, and avoiding problems, remains the bottom line to making

profitable investments. Ideally suited to analysis, the Internet is a powerful tool when used with the kinds of insight and knowledge that Thomsett outlines. He answers the needs of every serious investor who asks, How can I use the Internet to make more money investing? In clear concise language, supplemented with checklists, action steps, key points,worksheets, graphs, charts and examples, the book offers investors intelligent online investing strategies.

Customer Reviews:

For making diverse, timely investments.......2001-06-09

The use of the Internet for investing in stocks, bonds, and other financial instruments is rapidly coming of age. Michael Thomsett's Mastering Online Investing is a complete, "user friendly", instruction manual for making diverse, timely investments through online resources. Thomsett draws upon his considerable and impressive expertise to explain why and how online investing differs from online trading; how the rules for sound financial investing practices have and have not changed with reference to online investing; how to effectively utilize the Internet to study a company's fundamentals; how to avoid speculation fever; how to find the right information for personally identified investing needs; and how to protect both self and investments when investing online. If you are considering online investing, begin with a thorough and careful reading of Michael Thomsett's Mastering Online Investing!

Books:

Books Index

Books Home

Recommended Books