The Benefits and Security Risks of Web Based Applications for Business

The Benefits and Security Risks of Web Based Applications for Business
Author: Kathleen Kotwica
Publsiher: Elsevier
Total Pages: 24
Release: 2013-05-28
ISBN 10: 0124169872
ISBN 13: 9780124169876
Language: EN, FR, DE, ES & NL

The Benefits and Security Risks of Web Based Applications for Business Book Review:

This trend report provides security executives and practitioners with an overview of the benefits of using web-based applications and tools in the workplace and their security risks. Web-based applications are being used by businesses more and more each year for purposes of improved communication with employees and customers, group collaboration, and marketing and publicity outreach. The benefits of web-based applications for business are many, but so too are the risks associated with them. Data leakage, information manipulation, malware, and authentication security are just a few of the cyber threats discussed in this report. It is critical to weigh the pros and cons of implementing a web-based application in the workplace and plan accordingly to mitigate risk. This report is a valuable resource for any security professional who is considering the adoption of a web-based application for corporate use. The Benefits and Security Risks of Web-Based Applications for Business is a part of Elsevier’s Security Executive Council Risk Management Portfolio, a collection of real world solutions and "how-to" guidelines that equip executives, practitioners, and educators with proven information for successful security and risk management programs. Provides security executives and practitioners with an overview of how companies have begun to adopt web-based applications and tools for employee use Describes the benefits of web-based applications and warns of the potential risks associated with their use in the workplace Includes practical recommendations to mitigate the risks of web-based applications

Information Security Management Handbook

Information Security Management Handbook
Author: Harold F. Tipton,Micki Krause
Publsiher: CRC Press
Total Pages: 3280
Release: 2007-05-14
ISBN 10: 1439833036
ISBN 13: 9781439833032
Language: EN, FR, DE, ES & NL

Information Security Management Handbook Book Review:

Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page, 4 volume stand-alone reference is organized under the C

Risk Centric Threat Modeling

Risk Centric Threat Modeling
Author: Tony UcedaVelez,Marco M. Morana
Publsiher: John Wiley & Sons
Total Pages: 696
Release: 2015-05-13
ISBN 10: 1118988361
ISBN 13: 9781118988367
Language: EN, FR, DE, ES & NL

Risk Centric Threat Modeling Book Review:

This book introduces the Process for Attack Simulation &Threat Analysis (PASTA) threat modeling methodology. It provides anintroduction to various types of application threat modeling andintroduces a risk-centric methodology aimed at applying securitycountermeasures that are commensurate to the possible impact thatcould be sustained from defined threat models, vulnerabilities,weaknesses, and attack patterns. This book describes how to apply application threat modeling asan advanced preventive form of security. The authors discuss themethodologies, tools, and case studies of successful applicationthreat modeling techniques. Chapter 1 provides an overview ofthreat modeling, while Chapter 2 describes the objectives andbenefits of threat modeling. Chapter 3 focuses on existing threatmodeling approaches, and Chapter 4 discusses integrating threatmodeling within the different types of Software DevelopmentLifecycles (SDLCs). Threat modeling and risk management is thefocus of Chapter 5. Chapter 6 and Chapter 7 examine Processfor Attack Simulation and Threat Analysis (PASTA). Finally, Chapter8 shows how to use the PASTA risk-centric threat modeling processto analyze the risks of specific threat agents targeting webapplications. This chapter focuses specifically on the webapplication assets that include customer’s confidential dataand business critical functionality that the web applicationprovides. • Provides a detailed walkthrough of the PASTAmethodology alongside software development activities,normally conducted via a standard SDLC process • Offers precise steps to take when combating threats tobusinesses • Examines real-life data breach incidents and lessons forrisk management Risk Centric Threat Modeling: Process for Attack Simulationand Threat Analysis is a resource for software developers,architects, technical risk managers, and seasoned securityprofessionals.

Encyclopedia of Information Assurance 4 Volume Set Print

Encyclopedia of Information Assurance   4 Volume Set  Print
Author: Rebecca Herold,Marcus K. Rogers
Publsiher: CRC Press
Total Pages: 3860
Release: 2010-12-22
ISBN 10: 1351235796
ISBN 13: 9781351235792
Language: EN, FR, DE, ES & NL

Encyclopedia of Information Assurance 4 Volume Set Print Book Review:

Charged with ensuring the confidentiality, integrity, availability, and delivery of all forms of an entity's information, Information Assurance (IA) professionals require a fundamental understanding of a wide range of specializations, including digital forensics, fraud examination, systems engineering, security risk management, privacy, and compliance. Establishing this understanding and keeping it up to date requires a resource with coverage as diverse as the field it covers. Filling this need, the Encyclopedia of Information Assurance presents an up-to-date collection of peer-reviewed articles and references written by authorities in their fields. From risk management and privacy to auditing and compliance, the encyclopedia’s four volumes provide comprehensive coverage of the key topics related to information assurance. This complete IA resource: Supplies the understanding needed to help prevent the misuse of sensitive information Explains how to maintain the integrity of critical systems Details effective tools, techniques, and methods for protecting personal and corporate data against the latest threats Provides valuable examples, case studies, and discussions on how to address common and emerging IA challenges Placing the wisdom of leading researchers and practitioners at your fingertips, this authoritative reference provides the knowledge and insight needed to avoid common pitfalls and stay one step ahead of evolving threats. Also Available Online This Taylor & Francis encyclopedia is also available through online subscription, offering a variety of extra benefits for researchers, students, and librarians, including:  Citation tracking and alerts  Active reference linking  Saved searches and marked lists  HTML and PDF format options Contact Taylor and Francis for more information or to inquire about subscription options and print/online combination packages. US: (Tel) 1.888.318.2367; (E-mail) [email protected] International: (Tel) +44 (0) 20 7017 6062; (E-mail) [email protected]

Information Security Management Handbook Fifth Edition

Information Security Management Handbook  Fifth Edition
Author: Harold F. Tipton,Micki Krause
Publsiher: CRC Press
Total Pages: 2036
Release: 2003-12-30
ISBN 10: 1135492336
ISBN 13: 9781135492335
Language: EN, FR, DE, ES & NL

Information Security Management Handbook Fifth Edition Book Review:

This handbook covers the ten domains of the Information Security Common Body of Knowledge. It is designed to empower the security professional and the chief information officer with information such that they can do their duty, protect the information assets of their organizations.

DEVELOPING WEB APPLICATIONS USING ASP NET AND ORACLE

DEVELOPING WEB APPLICATIONS USING ASP NET AND ORACLE
Author: PRANAB KUMAR DAS GUPTA,RAMPROSAD MONDAL
Publsiher: PHI Learning Pvt. Ltd.
Total Pages: 464
Release: 2013-03-04
ISBN 10: 8120347323
ISBN 13: 9788120347328
Language: EN, FR, DE, ES & NL

DEVELOPING WEB APPLICATIONS USING ASP NET AND ORACLE Book Review:

This thoroughly revised and updated Second Edition provides an in-depth information that readers need to fully exploit the functionality of Microsoft’s ASP.NET framework and Oracle’s Database Server to build dynamic and interactive web applications that can handle a large number of simultaneous users. The book provides readers with information pertaining to ASP.NET 4.0 architecture; its installation, web controls, master pages, themes, state management, AJAX and deployment of web applications. It includes the Hypertext Markup Language (HTML) and the Cascading Style Sheet (CSS), which are used for designing the web pages. In order to facilitate an easy learning of intricate concepts involved in the development of data-driven dynamic web applications, the book provides a detailed treatment on the Oracle Structured Query Language (SQL) and Oracle PL/SQL. It also introduces the distributed architecture and discusses how ASP.NET framework, Oracle database and Internet Information Services (IIS) can be used to develop and deploy the solutions for distributed environment. After going through this book, the students/professionals will be able to: • Develop data-driven web applications using Oracle as back-end. • Present data through data-bound controls. • Manage consistent look and fill using master pages and themes. • Develop stateful e-commerce applications. • Develop rich interactive web applications using AJAX. • Embed Microsoft Reports to produce dynamic printable output. • Debug, deploy and secure web applications. The book is intended to serve as a guide for the undergraduate and postgraduate students of Computer Science, Computer Applications and Information Technology. Besides, it would also be useful to IT professionals to enhance their technical skills. Key Features More than 100 worked-out examples and 20 assignments. Around 200 objective and subjective type questions. Two real-world case studies with solutions. Project development work following the complete SDLC process model. Three appendices, namely Integrating Microsoft Reports in ASP.NET, Installation of Visual Studio 2010, and Answers to Chapter-end Practice Questions. New to the Second Edition Provides information for designing and developing the web applications using Visual Studio. Includes two new chapters—one on Master Pages, Themes and State Manage-ment and the other on AJAX in ASP.NET and Web Deployment of Application. Includes the new features of ASP.NET 4.0. Gives additional questions in each chapter. Includes a CD-ROM, which contains programs (tested with ASP.NET 4.0 and compatible with Oracle 10g) corresponding to all the examples, assignments, case studies and the project included in the book. The installation processes of programs are described in the relevant chapters of the book.

Computer Security Handbook Set

Computer Security Handbook  Set
Author: Seymour Bosworth,M. E. Kabay,Eric Whyne
Publsiher: John Wiley & Sons
Total Pages: 1856
Release: 2012-07-18
ISBN 10: 0470413743
ISBN 13: 9780470413746
Language: EN, FR, DE, ES & NL

Computer Security Handbook Set Book Review:

The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapters contributed by a panel of renowned industry professionals, the new edition has increased coverage in both breadth and depth of all ten domains of the Common Body of Knowledge defined by the International Information Systems Security Certification Consortium (ISC). Of the seventy-seven chapters in the fifth edition, twenty-five chapters are completely new, including: 1. Hardware Elements of Security 2. Fundamentals of Cryptography and Steganography 3. Mathematical models of information security 4. Insider threats 5. Social engineering and low-tech attacks 6. Spam, phishing, and Trojans: attacks meant to fool 7. Biometric authentication 8. VPNs and secure remote access 9. Securing Peer2Peer, IM, SMS, and collaboration tools 10. U.S. legal and regulatory security issues, such as GLBA and SOX Whether you are in charge of many computers or just one important one, there are immediate steps you can take to safeguard your computer system and its contents. Computer Security Handbook, Fifth Edition equips you to protect the information and networks that are vital to your organization.

Electronic Commerce Concepts Methodologies Tools and Applications

Electronic Commerce  Concepts  Methodologies  Tools  and Applications
Author: Becker, Annie
Publsiher: IGI Global
Total Pages: 2522
Release: 2007-12-31
ISBN 10: 1599049449
ISBN 13: 9781599049441
Language: EN, FR, DE, ES & NL

Electronic Commerce Concepts Methodologies Tools and Applications Book Review:

Compiles top research from the world's leading experts on many topics related to electronic commerce. Covers topics including mobile commerce, virtual enterprises, business-to-business applications, Web services, and enterprise methodologies.

Information Security and Ethics Concepts Methodologies Tools and Applications

Information Security and Ethics  Concepts  Methodologies  Tools  and Applications
Author: Nemati, Hamid
Publsiher: IGI Global
Total Pages: 4478
Release: 2007-09-30
ISBN 10: 1599049384
ISBN 13: 9781599049380
Language: EN, FR, DE, ES & NL

Information Security and Ethics Concepts Methodologies Tools and Applications Book Review:

Presents theories and models associated with information privacy and safeguard practices to help anchor and guide the development of technologies, standards, and best practices. Provides recent, comprehensive coverage of all issues related to information security and ethics, as well as the opportunities, future challenges, and emerging trends related to this subject.

Developing Business Objects

Developing Business Objects
Author: Andy Carmichael
Publsiher: CUP Archive
Total Pages: 315
Release: 1998
ISBN 10: 9780521648257
ISBN 13: 0521648254
Language: EN, FR, DE, ES & NL

Developing Business Objects Book Review:

Presents the successes and failures of the pioneers who used object-oriented methods and languages in commercial applications.

Web Based Services Concepts Methodologies Tools and Applications

Web Based Services  Concepts  Methodologies  Tools  and Applications
Author: Management Association, Information Resources
Publsiher: IGI Global
Total Pages: 2418
Release: 2015-11-09
ISBN 10: 146669467X
ISBN 13: 9781466694675
Language: EN, FR, DE, ES & NL

Web Based Services Concepts Methodologies Tools and Applications Book Review:

The recent explosion of digital media, online networking, and e-commerce has generated great new opportunities for those Internet-savvy individuals who see potential in new technologies and can turn those possibilities into reality. It is vital for such forward-thinking innovators to stay abreast of all the latest technologies. Web-Based Services: Concepts, Methodologies, Tools, and Applications provides readers with comprehensive coverage of some of the latest tools and technologies in the digital industry. The chapters in this multi-volume book describe a diverse range of applications and methodologies made possible in a world connected by the global network, providing researchers, computer scientists, web developers, and digital experts with the latest knowledge and developments in Internet technologies.

Information Security Management Handbook on CD ROM 2006 Edition

Information Security Management Handbook on CD ROM  2006 Edition
Author: Micki Krause
Publsiher: CRC Press
Total Pages: 2036
Release: 2006-04-06
ISBN 10: 0849385857
ISBN 13: 9780849385858
Language: EN, FR, DE, ES & NL

Information Security Management Handbook on CD ROM 2006 Edition Book Review:

The need for information security management has never been greater. With constantly changing technology, external intrusions, and internal thefts of data, information security officers face threats at every turn. The Information Security Management Handbook on CD-ROM, 2006 Edition is now available. Containing the complete contents of the Information Security Management Handbook, this is a resource that is portable, linked and searchable by keyword. In addition to an electronic version of the most comprehensive resource for information security management, this CD-ROM contains an extra volume's worth of information that is not found anywhere else, including chapters from other security and networking books that have never appeared in the print editions. Exportable text and hard copies are available at the click of a mouse. The Handbook's numerous authors present the ten domains of the Information Security Common Body of Knowledge (CBK) ®. The CD-ROM serves as an everyday reference for information security practitioners and an important tool for any one preparing for the Certified Information System Security Professional (CISSP) ® examination. New content to this Edition: Sensitive/Critical Data Access Controls Role-Based Access Control Smartcards A Guide to Evaluating Tokens Identity Management-Benefits and Challenges An Examination of Firewall Architectures The Five "W's" and Designing a Secure Identity Based Self-Defending Network Maintaining Network Security-Availability via Intelligent Agents PBX Firewalls: Closing the Back Door Voice over WLAN Spam Wars: How to Deal with Junk E-Mail Auditing the Telephony System: Defenses against Communications Security Breaches and Toll Fraud The "Controls" Matrix Information Security Governance

Information Privacy Engineering and Privacy by Design

Information Privacy Engineering and Privacy by Design
Author: William Stallings
Publsiher: Addison-Wesley Professional
Total Pages: 135
Release: 2019-12-16
ISBN 10: 0135278376
ISBN 13: 9780135278376
Language: EN, FR, DE, ES & NL

Information Privacy Engineering and Privacy by Design Book Review:

Organizations of all kinds are recognizing the crucial importance of protecting privacy. Their customers, employees, and other stakeholders demand it. Today, failures to safeguard privacy can destroy organizational reputations – and even the organizations themselves. But implementing effective privacy protection is difficult, and there are few comprehensive resources for those tasked with doing so. In Information Privacy Engineering and Privacy by Design, renowned information technology author William Stallings brings together the comprehensive and practical guidance you need to succeed. Stallings shows how to apply today’s consensus best practices and widely-accepted standards documents in your environment, leveraging policy, procedures, and technology to meet legal and regulatory requirements and protect everyone who depends on you. Like Stallings’ other award-winning texts, this guide is designed to help readers quickly find the information and gain the mastery needed to implement effective privacy. Coverage includes: Planning for privacy: Approaches for managing and controlling the privacy control function; how to define your IT environment’s requirements; and how to develop appropriate policies and procedures for it Privacy threats: Understanding and identifying the full range of threats to privacy in information collection, storage, processing, access, and dissemination Information privacy technology: Satisfying the privacy requirements you’ve defined by using technical controls, privacy policies, employee awareness, acceptable use policies, and other techniques Legal and regulatory requirements: Understanding GDPR as well as the current spectrum of U.S. privacy regulations, with insight for mapping regulatory requirements to IT actions

Computer Security Handbook

Computer Security Handbook
Author: Seymour Bosworth,M. E. Kabay
Publsiher: John Wiley & Sons
Total Pages: 1224
Release: 2002-10-16
ISBN 10: 0471269751
ISBN 13: 9780471269755
Language: EN, FR, DE, ES & NL

Computer Security Handbook Book Review:

This is the most comprehensive book on computer security on themarket, with 23 chapters and 29 Appendices covering virtually allaspects of computer security. Chapters are contributed by recognized experts in theindustry. This title has come to be known as "Big Blue" in industrycircles and has a reputation for being the reference for computersecurity issues.

Cyber Security and Threats Concepts Methodologies Tools and Applications

Cyber Security and Threats  Concepts  Methodologies  Tools  and Applications
Author: Management Association, Information Resources
Publsiher: IGI Global
Total Pages: 1711
Release: 2018-05-04
ISBN 10: 1522556354
ISBN 13: 9781522556350
Language: EN, FR, DE, ES & NL

Cyber Security and Threats Concepts Methodologies Tools and Applications Book Review:

Cyber security has become a topic of concern over the past decade as private industry, public administration, commerce, and communication have gained a greater online presence. As many individual and organizational activities continue to evolve in the digital sphere, new vulnerabilities arise. Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications contains a compendium of the latest academic material on new methodologies and applications in the areas of digital security and threats. Including innovative studies on cloud security, online threat protection, and cryptography, this multi-volume book is an ideal source for IT specialists, administrators, researchers, and students interested in uncovering new ways to thwart cyber breaches and protect sensitive digital information.

CompTIA Security Certification Study Guide

CompTIA Security  Certification Study Guide
Author: Ido Dubrawsky
Publsiher: Syngress
Total Pages: 784
Release: 2009-08-17
ISBN 10: 9781597495400
ISBN 13: 1597495409
Language: EN, FR, DE, ES & NL

CompTIA Security Certification Study Guide Book Review:

CompTIA Security+ Certification Study Guide: Exam SYO-201, Third Edition, offers a practical guide for those interested in pursuing CompTIA Security+ certification. The book is organized into six parts. Part 1 deals with general security issues including security threats; hardware and peripheral security risks; the fundamentals of operating system (OS) hardening; implementing system security applications; and concepts of virtualization. Part 2 discusses the fundamentals of network security. Part 3 focuses on network access and network authentication. Part 4 explains the importance of risk assessments and risk mitigation, and how to conduct them. Part 5 reviews general cryptographic concepts and addresses the complex issues involved in planning a certificate-based public key infrastructure (PKI). Part 6 on organizational security discusses redundancy planning; environmental controls; implementing disaster recovery and incident response procedures; and the policies, procedures, and documentation upon which organizational computer security is based. Each chapter begins with Exam Objectives and concludes with Self-Test questions along with their corresponding answers. *Complete exam-prep package includes full coverage of new Security+ objectives, flash cards, cram sheets, MP3s for exam-day study, PPT presentations, two complete practice exams, and certification e-book library *Authored by a leading Microsoft security expert *A good reference for both beginning security professionals and seasoned IT professionals

Application Performance Management APM in the Digital Enterprise

Application Performance Management  APM  in the Digital Enterprise
Author: Rick Sturm,Carol Pollard,Julie Craig
Publsiher: Morgan Kaufmann
Total Pages: 302
Release: 2017-02-11
ISBN 10: 0128040815
ISBN 13: 9780128040812
Language: EN, FR, DE, ES & NL

Application Performance Management APM in the Digital Enterprise Book Review:

Application Performance Management (APM) in the Digital Enterprise enables IT professionals to be more successful in managing their company’s applications. It explores the fundamentals of application management, examines how the latest technological trends impact application management, and provides best practices for responding to these changes. The recent surge in the use of containers as a way to simplify management and deploy applications has created new challenges, and the convergence of containerization, cloud, mobile, virtualization, analytics, and automation is reshaping the requirements for application management. This book serves as a guide for understanding these dramatic changes and how they impact the management of applications, showing how to create a management strategy, define the underlying processes and standards, and how to select the appropriate tools to enable management processes. Offers a complete framework for implementing effective application management using clear tips and solutions for those responsible for application management Draws upon primary research to give technologists a current understanding of the latest technologies and processes needed to more effectively manage large-scale applications Includes real-world case studies and business justifications that support application management investments

Encyclopedia of Information Systems and Technology Two Volume Set

Encyclopedia of Information Systems and Technology   Two Volume Set
Author: Phillip A. Laplante
Publsiher: CRC Press
Total Pages: 1242
Release: 2015-12-29
ISBN 10: 1000031748
ISBN 13: 9781000031744
Language: EN, FR, DE, ES & NL

Encyclopedia of Information Systems and Technology Two Volume Set Book Review:

Spanning the multi-disciplinary scope of information technology, the Encyclopedia of Information Systems and Technology draws together comprehensive coverage of the inter-related aspects of information systems and technology. The topics covered in this encyclopedia encompass internationally recognized bodies of knowledge, including those of The IT BOK, the Chartered Information Technology Professionals Program, the International IT Professional Practice Program (British Computer Society), the Core Body of Knowledge for IT Professionals (Australian Computer Society), the International Computer Driving License Foundation (European Computer Driving License Foundation), and the Guide to the Software Engineering Body of Knowledge. Using the universally recognized definitions of IT and information systems from these recognized bodies of knowledge, the encyclopedia brings together the information that students, practicing professionals, researchers, and academicians need to keep their knowledge up to date. Also Available Online This Taylor & Francis encyclopedia is also available through online subscription, offering a variety of extra benefits for researchers, students, and librarians, including:  Citation tracking and alerts  Active reference linking  Saved searches and marked lists  HTML and PDF format options Contact Taylor and Francis for more information or to inquire about subscription options and print/online combination packages. US: (Tel) 1.888.318.2367; (E-mail) [email protected] International: (Tel) +44 (0) 20 7017 6062; (E-mail) [email protected]

Security Software Development

Security Software Development
Author: Douglas A. Ashbaugh, CISSP
Publsiher: CRC Press
Total Pages: 321
Release: 2008-10-23
ISBN 10: 9781420063813
ISBN 13: 1420063812
Language: EN, FR, DE, ES & NL

Security Software Development Book Review:

Threats to application security continue to evolve just as quickly as the systems that protect against cyber-threats. In many instances, traditional firewalls and other conventional controls can no longer get the job done. The latest line of defense is to build security features into software as it is being developed. Drawing from the author’s extensive experience as a developer, Secure Software Development: Assessing and Managing Security Risks illustrates how software application security can be best, and most cost-effectively, achieved when developers monitor and regulate risks early on, integrating assessment and management into the development life cycle. This book identifies the two primary reasons for inadequate security safeguards: Development teams are not sufficiently trained to identify risks; and developers falsely believe that pre-existing perimeter security controls are adequate to protect newer software. Examining current trends, as well as problems that have plagued software security for more than a decade, this useful guide: Outlines and compares various techniques to assess, identify, and manage security risks and vulnerabilities, with step-by-step instruction on how to execute each approach Explains the fundamental terms related to the security process Elaborates on the pros and cons of each method, phase by phase, to help readers select the one that best suits their needs Despite decades of extraordinary growth in software development, many open-source, government, regulatory, and industry organizations have been slow to adopt new application safety controls, hesitant to take on the added expense. This book improves understanding of the security environment and the need for safety measures. It shows readers how to analyze relevant threats to their applications and then implement time- and money-saving techniques to safeguard them.

Cloud Computing Security

Cloud Computing Security
Author: John R. Vacca
Publsiher: CRC Press
Total Pages: 530
Release: 2020-11-05
ISBN 10: 0429619642
ISBN 13: 9780429619649
Language: EN, FR, DE, ES & NL

Cloud Computing Security Book Review:

This handbook offers a comprehensive overview of cloud computing security technology and implementation while exploring practical solutions to a wide range of cloud computing security issues. As more organizations use cloud computing and cloud providers for data operations, the need for proper security in these and other potentially vulnerable areas has become a global priority for organizations of all sizes. Research efforts from academia and industry as conducted and reported by experts in all aspects of security related to cloud computing are gathered within one reference guide. Features • Covers patching and configuration vulnerabilities of a cloud server • Evaluates methods for data encryption and long-term storage in a cloud server • Demonstrates how to verify identity using a certificate chain and how to detect inappropriate changes to data or system configurations John R. Vacca is an information technology consultant and internationally known author of more than 600 articles in the areas of advanced storage, computer security, and aerospace technology. John was also a configuration management specialist, computer specialist, and the computer security official (CSO) for NASA’s space station program (Freedom) and the International Space Station Program from 1988 until his 1995 retirement from NASA.