The tools, or hacks in this book reveal techniques that go well beyond basic management tasks found in most handbooks. Hacks range from those that deal with general administration to more esoteric hacks in the areas of network deployment, patch management, performance, security, and backup and recovery. No matter which Windows Server you use–NT, IIS, 2000, or 2003–Windows Server Hacks will put the knowledge and expertise of veteran system administrators to work for you.

For some time now, Microsoft Windows (in all its incarnations) has been the dominant desktop operating system for businesses small and large. But in recent years, the platform has also made significant inroads into the server side of the equation. In the late 1990s, for example, the now-legacy Windows NT 4.0 Server platform became popular for running web servers using IIS and largely displaced Novell NetWare in the file/print server arena. Other server applications that ran on top of NT, such as Microsoft Exchange and Microsoft SQL Server, also made Windows a top platform for messaging/collaboration and database servers.

(more…)

Afew years ago, Microsoft released the 1.0 Framework of ADO.NET and revolutionized the way we access data. It was a drastic change that took some getting used to, but for the most part, developers who made the switch love it. It’s now over three years later, and ADO.NET 2.0 is here. It provides all the same features that we’ve come to love in ADO.NET 1.0 and adds some new ones to provide even more functionality and make repetitive, mundane tasks much simpler. Throughout this book, we dig deeply into many of these new features.

As you start reading, you’ll notice that several chapters go beyond ADO.NET, focusing more on Microsoft SQL Server 2005. This is because the two are very tightly related. Many of the new features in ADO.NET 2.0 are designed to be used with Microsoft SQL Server 2005, and many of the new features found in SQL 2005 require ADO.NET 2.0 to get the most benefit from them. It wouldn’t be practical to speak strictly about ADO.NET without providing some basic working knowledge about what’s new in SQL 2005. Most people will likely move to both technologies around the same time, so this additional information should be very beneficial.

(more…)

Security Metrics is the first comprehensive best-practice guide to defining, creating, and utilizing security metrics in the enterprise.

Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization’s unique requirements. You’ll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management.

Security Metrics successfully bridges management’s quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith’s extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You’ll learn how to

• Replace nonstop crisis response with a systematic approach to security improvement
• Understand the differences between “good” and “bad” metrics
• Measure coverage and control, vulnerability management password quality, patch latency, benchmark scoring, and business-adjusted risk
• Quantify the effectiveness of security acquisition, implementation, and other program activities
• Organize, aggregate, and analyze your data to bring out key insights
• Use visualization to understand and communicate security issues more clearly
• Capture valuable data from firewall and antivirus logs, third-party auditor reports, and other resources
• Implement balanced scorecards that present compact, holistic views of organizational security effectiveness

Whether you’re an engineer or consultant who must ensure security and report to management about it—or an executive who needs better information for decision-making—Security Metrics is the resource you have been searching for.

(more…)

Readers will quickly find details on 104 training and education programs that can be completed in two years or less. Descriptions also include information on related jobs, earnings, typical courses, essential skills and knowledge needed, and recommended high school and postsecondary courses. Plus, there are direct cross-references to other career information resources.

Key Features:

* Self-assessment worksheets for determining which training programs to investigate based on the reader’s interests, skills, favorite classes, and work-related values. * Two-page spreads on each of the 104 hottest training and education programs that require two years or less. * Extensive indexes by job titles, related specialties and careers, training programs, high school courses, interest areas, skills, and GOE work groups.

Guide provides information for identifying education and training programs that are most likely to match your interests, skills, and career preferences. Includes worksheets to help you explore career and learning options based on your interests, skills, favorite school subjects, and work-related values. Softcover.

(more…)

Leadership coaching has become vitally important to todays most successful businesses. The Art and Practice of Leadership Coaching is a landmark resource that presents a variety of perspectives and best practices from todays top executive coaches. It provides valuable guidance on exactly what the best coaches are now doing to get the most out of leaders, for now and into the future. Revealing core philosophies, critical capabilities, and the secrets of coaching success, this one-of-a-kind guide includes essays from fifty top coaches, including Ken Blanchard and Frances Hesselbein. Packed with cutting-edge ideas and proven best practices, this is the definitive source of information for anyone dealing with coaching.

(more…)

Statistical Tools in Finance and Insurance presents ready-to-use solutions, theoretical developments and method construction for many practical problems in quantitative finance and insurance. Written by practitioners and leading academics in the field, this book offers a unique combination of topics from which every market analyst and risk manager will benefit.

Covering topics such as heavy tailed distributions, implied trinomial trees, support vector machines, valuation of mortgage-backed securities, pricing of CAT bonds, simulation of risk processes and ruin probability approximation, the book does not only offer practitioners insight into new methods for their applications, but it also gives theoreticians insight into the applicability of the stochastic technology. Additionally, the book provides the tools, instruments and (online) algorithms for recent techniques in quantitative finance and modern treatments in insurance calculations.

Written in an accessible and engaging style, this self-instructional book makes a good use of extensive examples and full explanations. The design of the text links theory and computational tools in an innovative way. All Quantlets for the calculation of examples given in the text are supported by the academic edition of XploRe and may be executed via XploRe Quantlet Server (XQS). The downloadable electronic edition of the book enables one to run, modify, and enhance all Quantlets on the spot.

(more…)

"Dr. Stamatis has tackled an area that is just learning the tremendous value of the Six Sigma methodology and how to use it. The financial community is proving that Six Sigma can and will reduce errors and prevent mistakes from occurring. Dr. Stamatis lays out the formula for success by starting with the foundations of Six Sigma and then moving into its application in financial arenas. He has given numerous examples and references that will assist in developing this methodology into a reality for your organization."

(more…)

Scores of methods—previously known only to card experts—include passes, palming, false shuffles, false cuts, changes, crimps, jogs, reverses, rear palms and more. Altogether, 341 sleights and tricks. 318 illustrations show exact position of fingers and hands. (more…)

Can you guard against Google Hacking? Google’s advanced search capabilities are being used on an increasing basis by some to harvest information from the Web. Sensitive documents, stolen credit card information, even servers behind corporate firewalls can be found using Google searches.

Are you the type of person who needs to know how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more – all without sending a single packet to the target! Then Google Hacking for Penetration Testers is for you. By reverse engineering the techniques of malicious "Google hackers," this book shows security practitioners how to properly protect their servers from this often overlooked and dangerous form of information leakage.

(more…)

This book shows you how to write programs that run under M'zoft Windows. There are a number of ways to write such programs. In this book. I Use the new object-oriented programing language C#(pronounced "C sharp") and a moderm class library called Windows Forms. The Windows Forms class library is part of the M'zoft .NET("dot new") Framework unveriled in the summer of 2000 and intreduced about a year and a half later.

The M'zoft .Net Framework is an extensive collection of classes that provides programmers with much of what they need to write internet, Web, and Windows applications. Much of the media coverage of .NET has focused on the Web programming. This book discusses the other part of .NET.You use Windows Forms to write traditional stand-alone Windows applications (what are now somietimes called client applications) or front ends for distributed applications.

(more…)

In your hands is a book that is an essential companion safeguarding the increasingly critical Web sites and e-commerce systems that are the cornerstone of global e-businesses. Web Hacking: Attacks and Defense offers the distilled experience of leading security consultants that will help level the playing field for the beleaguered security and IT staff challenged with fending off the hacker onslaught—those who see the Internet as a faster and more efficient mechanism for stealing from and abusing others. If you read and apply the lessons offered here, some of the most disreputable people on the Internet are going to be severely disappointed, as some of their most effective tricks will be useless against your sites. They will have to be much more creative and work a lot harder to compromise the security of your applications. These pages are filled with the knowledge and distilled experience of some of the world's best white-hat hackers, the stalwart consultants of Foundstone.

(more…)

Webmaster in a Nutshell is a concise and portable quick reference guide that distills an immense amount of information on several languages and technologies into one compact book. It puts a fast-paced introduction, detailed reference section, and quick reference guide to each technology all within easy reach and is packed full of the genuinely useful information a webmaster needs daily, whatever the technology. This one-stop resource for HTML, CSS, XML, CGI, JavaScript, HTTP, PHP, and Apache, is the book you'll turn to again and again. (more…)