Computer und IT
Security Engineering
The classic book on designing secure systems In this newly revised Third Edition of Security Engineering: A Guide to Building Dependable Distributed Systems, celebrated security expert Ross Anderson updates his best-selling textbook to help you meet the challenges of the coming decade. Security Engineering became a classic because it covers not just the technical basics, such as cryptography, access controls and tamper-resistance, but also how they're used in real life. Real-world case studies – of the security of payment systems, military systems, the phone app ecosystems and now self-driving cars – demonstrate how to use security technology in practice, and what can go wrong. Filled with actionable advice and the latest research, this Third Edition brings a classic book up to date with the modern world of smartphones, cloud computing and AI. As everything gets connected to the Internet, security engineering has come to require inter-disciplinary expertise, ranging from physics to psychology and applied economics. Security Engineering is the only textbook on the market to explain all these aspects of protecting real systems, while still remaining easily accessible. Perfect for computer science students and practicing cybersecurity professionals, as well as systems engineers of all sorts, this latest edition of Security Engineering also belongs on the bookshelves of candidates for professional certification such as CISSP. You'll learn what makes a system secure and reliable and what can render it vulnerable, from phones and laptops through cars and payment terminals to cloud services and corporate networks. You'll find: The basics: cryptography, protocols, access controls and usabilityThe attacks: phishing, software exploits and the cybercrime ecosystemThe responses: biometrics, smartcards, enclaves, app stores and the patch cycleThe psychology of security: what makes security hard for users and engineersThe economics of security: how large systems fail, and what to do about itThe big policy questions: from surveillance through censorship to sustainability Security Engineering is the book that created the discipline. It will continue to define the discipline for the 2020s and beyond. Now that there's software in everything, how can you make anything secure? Understand how to engineer dependable systems with this newly updated classic In Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack. This book became a best-seller in 2001 and helped establish the discipline of security engineering. By the second edition in 2008, underground dark markets had let the bad guys specialize and scale up; attacks were increasingly on users rather than on technology. The book repeated its success by showing how security engineers can focus on usability. Now the third edition brings it up to date for 2020. As people now go online from phones more than laptops, most servers are in the cloud, online advertising drives the Internet and social networks have taken over much human interaction, many patterns of crime and abuse are the same, but the methods have evolved. Ross Anderson explores what security engineering means in 2020, including: How the basic elements of cryptography, protocols, and access control translate to the new world of phones, cloud services, social media and the Internet of ThingsWho the attackers are – from nation states and business competitors through criminal gangs to stalkers and playground bulliesWhat they do – from phishing and carding through SIM swapping and software exploits to DDoS and fake newsSecurity psychology, from privacy through ease-of-use to deceptionThe economics of security and dependability – why companies build vulnerable systems and governments look the other wayHow dozens of industries went online – well or badlyHow to manage security and safety engineering in a world of agile development – from reliability engineering to DevSecOps The third edition of Security Engineering ends with a grand challenge: sustainable security. As we build ever more software and connectivity into safety-critical durable goods like cars and medical devices, how do we design systems we can maintain and defend for decades? Or will everything in the world need monthly software upgrades, and become unsafe once they stop? ROSS ANDERSON is Professor of Security Engineering at Cambridge University in England. He is widely recognized as one of the world's foremost authorities on security. In 2015 he won the Lovelace Medal, Britain's top award in computing. He is a Fellow of the Royal Society and the Royal Academy of Engineering. He is one of the pioneers of the economics of information security, peer-to-peer systems, API analysis and hardware security. Over the past 40 years, he has also worked or consulted for most of the tech majors. Preface to the Third Edition xxxvii Preface to the Second Edition xli Preface to the First Edition xliii Formy daughter, and other lawyers… xlvii Foreword xlix Part I Chapter 1 What Is Security Engineering? 3 1.1 Introduction 3 1.2 A framework 4 1.3 Example 1 – a bank 6 1.4 Example 2 – a military base 7 1.5 Example 3 – a hospital 8 1.6 Example 4 – the home 10 1.7 Definitions 11 1.8 Summary 16 Chapter 2 Who Is the Opponent? 17 2.1 Introduction 17 2.2 Spies 19 2.2.1 The Five Eyes 19 2.2.1.1 Prism 19 2.2.1.2 Tempora 20 2.2.1.3 Muscular 21 2.2.1.4 Special collection 22 2.2.1.5 Bullrun and Edgehill 22 2.2.1.6 Xkeyscore 23 2.2.1.7 Longhaul 24 2.2.1.8 Quantum 25 2.2.1.9 CNE 25 2.2.1.10 The analyst’s viewpoint 27 2.2.1.11 Offensive operations 28 2.2.1.12 Attack scaling 29 2.2.2 China 30 2.2.3 Russia 35 2.2.4 The rest 38 2.2.5 Attribution 40 2.3 Crooks 41 2.3.1 Criminal infrastructure 42 2.3.1.1 Botnet herders 42 2.3.1.2 Malware devs 44 2.3.1.3 Spam senders 45 2.3.1.4 Bulk account compromise 45 2.3.1.5 Targeted attackers 46 2.3.1.6 Cashout gangs 46 2.3.1.7 Ransomware 47 2.3.2 Attacks on banking and payment systems 47 2.3.3 Sectoral cybercrime ecosystems 49 2.3.4 Internal attacks 49 2.3.5 CEO crimes 49 2.3.6 Whistleblowers 50 2.4 Geeks 52 2.5 The swamp 53 2.5.1 Hacktivism and hate campaigns 54 2.5.2 Child sex abuse material 55 2.5.3 School and workplace bullying 57 2.5.4 Intimate relationship abuse 57 2.6 Summary 59 Research problems 60 Further reading 61 Chapter 3 Psychology and Usability 63 3.1 Introduction 63 3.2 Insights from psychology research 64 3.2.1 Cognitive psychology 65 3.2.2 Gender, diversity and interpersonal variation 68 3.2.3 Social psychology 70 3.2.3.1 Authority and its abuse 71 3.2.3.2 The bystander effect 72 3.2.4 The social-brain theory of deception 73 3.2.5 Heuristics, biases and behavioural economics 76 3.2.5.1 Prospect theory and risk misperception 77 3.2.5.2 Present bias and hyperbolic discounting 78 3.2.5.3 Defaults and nudges 79 3.2.5.4 The default to intentionality 79 3.2.5.5 The affect heuristic 80 3.2.5.6 Cognitive dissonance 81 3.2.5.7 The risk thermostat 81 3.3 Deception in practice 81 3.3.1 The salesman and the scamster 82 3.3.2 Social engineering 84 3.3.3 Phishing 86 3.3.4 Opsec 88 3.3.5 Deception research 89 3.4 Passwords 90 3.4.1 Password recovery 92 3.4.2 Password choice 94 3.4.3 Difficulties with reliable password entry 94 3.4.4 Difficulties with remembering the password 95 3.4.4.1 Naïve choice 96 3.4.4.2 User abilities and training 96 3.4.4.3 Design errors 98 3.4.4.4 Operational failures 100 3.4.4.5 Social-engineering attacks 101 3.4.4.6 Customer education 102 3.4.4.7 Phishing warnings 103 3.4.5 System issues 104 3.4.6 Can you deny service? 105 3.4.7 Protecting oneself or others? 105 3.4.8 Attacks on password entry 106 3.4.8.1 Interface design 106 3.4.8.2 Trusted path, and bogus terminals 107 3.4.8.3 Technical defeats of password retry counters 107 3.4.9 Attacks on password storage 108 3.4.9.1 One-way encryption 109 3.4.9.2 Password cracking 109 3.4.9.3 Remote password checking 109 3.4.10 Absolute limits 110 3.4.11 Using a password manager 111 3.4.12 Will we ever get rid of passwords? 113 3.5 CAPTCHAs 115 3.6 Summary 116 Research problems 117 Further reading 118 Chapter 4 Protocols 119 4.1 Introduction 119 4.2 Password eavesdropping risks 120 4.3 Who goes there? – simple authentication 122 4.3.1 Challenge and response 124 4.3.2 Two-factor authentication 128 4.3.3 The MIG-in-the-middle attack 129 4.3.4 Reflection attacks 132 4.4 Manipulating the message 133 4.5 Changing the environment 134 4.6 Chosen protocol attacks 135 4.7 Managing encryption keys 136 4.7.1 The resurrecting duckling 137 4.7.2 Remote key management 137 4.7.3 The Needham-Schroeder protocol 138 4.7.4 Kerberos 139 4.7.5 Practical key management 141 4.8 Design assurance 141 4.9 Summary 143 Research problems 143 Further reading 144 Chapter 5 Cryptography 145 5.1 Introduction 145 5.2 Historical background 146 5.2.1 An early stream cipher – the Vigenère 147 5.2.2 The one-time pad 148 5.2.3 An early block cipher – Playfair 150 5.2.4 Hash functions 152 5.2.5 Asymmetric primitives 154 5.3 Security models 155 5.3.1 Random functions – hash functions 157 5.3.1.1 Properties 157 5.3.1.2 The birthday theorem 158 5.3.2 Random generators – stream ciphers 159 5.3.3 Random permutations – block ciphers 161 5.3.4 Public key encryption and trapdoor one-way permutations 163 5.3.5 Digital signatures 164 5.4 Symmetric crypto algorithms 165 5.4.1 SP-networks 165 5.4.1.1 Block size 166 5.4.1.2 Number of rounds 166 5.4.1.3 Choice of S-boxes 167 5.4.1.4 Linear cryptanalysis 167 5.4.1.5 Differential cryptanalysis 168 5.4.2 The Advanced Encryption Standard (AES) 169 5.4.3 Feistel ciphers 171 5.4.3.1 The Luby-Rackoff result 173 5.4.3.2 DES 173 5.5 Modes of operation 175 5.5.1 How not to use a block cipher 176 5.5.2 Cipher block chaining 177 5.5.3 Counter encryption 178 5.5.4 Legacy stream cipher modes 178 5.5.5 Message authentication code 179 5.5.6 Galois counter mode 180 5.5.7 XTS 180 5.6 Hash functions 181 5.6.1 Common hash functions 181 5.6.2 Hash function applications – HMAC, commitments and updating 183 5.7 Asymmetric crypto primitives 185 5.7.1 Cryptography based on factoring 185 5.7.2 Cryptography based on discrete logarithms 188 5.7.2.1 One-way commutative encryption 189 5.7.2.2 Diffie-Hellman key establishment 190 5.7.2.3 ElGamal digital signature and DSA 192 5.7.3 Elliptic curve cryptography 193 5.7.4 Certification authorities 194 5.7.5 TLS 195 5.7.5.1 TLS uses 196 5.7.5.2 TLS security 196 5.7.5.3 TLS 1.3 197 5.7.6 Other public-key protocols 197 5.7.6.1 Code signing 197 5.7.6.2 PGP/GPG 198 5.7.6.3 QUIC 199 5.7.7 Special-purpose primitives 199 5.7.8 How strong are asymmetric cryptographic primitives? 200 5.7.9 What else goes wrong 202 5.8 Summary 203 Research problems 204 Further reading 204 Chapter 6 Access Control 207 6.1 Introduction 207 6.2 Operating system access controls 209 6.2.1 Groups and roles 210 6.2.2 Access control lists 211 6.2.3 Unix operating system security 212 6.2.4 Capabilities 214 6.2.5 DAC and MAC 215 6.2.6 Apple’s macOS 217 6.2.7 iOS 217 6.2.8 Android 218 6.2.9 Windows 219 6.2.10 Middleware 222 6.2.10.1 Database access controls 222 6.2.10.2 Browsers 223 6.2.11 Sandboxing 224 6.2.12 Virtualisation 225 6.3 Hardware protection 227 6.3.1 Intel processors 228 6.3.2 Arm processors 230 6.4 What goes wrong 231 6.4.1 Smashing the stack 232 6.4.2 Other technical attacks 234 6.4.3 User interface failures 236 6.4.4 Remedies 237 6.4.5 Environmental creep 238 6.5 Summary 239 Research problems 240 Further reading 240 Chapter 7 Distributed Systems 243 7.1 Introduction 243 7.2 Concurrency 244 7.2.1 Using old data versus paying to propagate state 245 7.2.2 Locking to prevent inconsistent updates 246 7.2.3 The order of updates 247 7.2.4 Deadlock 248 7.2.5 Non-convergent state 249 7.2.6 Secure time 250 7.3 Fault tolerance and failure recovery 251 7.3.1 Failure models 252 7.3.1.1 Byzantine failure 252 7.3.1.2 Interaction with fault tolerance 253 7.3.2 What is resilience for? 254 7.3.3 At what level is the redundancy? 255 7.3.4 Service-denial attacks 257 7.4 Naming 259 7.4.1 The Needham naming principles 260 7.4.2 What else goes wrong 263 7.4.2.1 Naming and identity 264 7.4.2.2 Cultural assumptions 265 7.4.2.3 Semantic content of names 267 7.4.2.4 Uniqueness of names 268 7.4.2.5 Stability of names and addresses 269 7.4.2.6 Restrictions on the use of names 269 7.4.3 Types of name 270 7.5 Summary 271 Research problems 272 Further reading 273 Chapter 8 Economics 275 8.1 Introduction 275 8.2 Classical economics 276 8.2.1 Monopoly 278 8.3 Information economics 281 8.3.1 Why information markets are different 281 8.3.2 The value of lock-in 282 8.3.3 Asymmetric information 284 8.3.4 Public goods 285 8.4 Game theory 286 8.4.1 The prisoners’ dilemma 287 8.4.2 Repeated and evolutionary games 288 8.5 Auction theory 291 8.6 The economics of security and dependability 293 8.6.1 Why is Windows so insecure? 294 8.6.2 Managing the patching cycle 296 8.6.3 Structural models of attack and defence 298 8.6.4 The economics of lock-in, tying and DRM 300 8.6.5 Antitrust law and competition policy 302 8.6.6 Perversely motivated guards 304 8.6.7 Economics of privacy 305 8.6.8 Organisations and human behaviour 307 8.6.9 Economics of cybercrime 308 8.7 Summary 310 Research problems 311 Further reading 311 Part II Chapter 9 Multilevel Security 315 9.1 Introduction 315 9.2 What is a security policy model? 316 9.3 Multilevel security policy 318 9.3.1 The Anderson report 319 9.3.2 The Bell-LaPadula model 320 9.3.3 The standard criticisms of Bell-LaPadula 321 9.3.4 The evolution of MLS policies 323 9.3.5 The Biba model 325 9.4 Historical examples of MLS systems 326 9.4.1 SCOMP 326 9.4.2 Data diodes 327 9.5 MAC: from MLS to IFC and integrity 329 9.5.1 Windows 329 9.5.2 SELinux 330 9.5.3 Embedded systems 330 9.6 What goes wrong 331 9.6.1 Composability 331 9.6.2 The cascade problem 332 9.6.3 Covert channels 333 9.6.4 The threat from malware 333 9.6.5 Polyinstantiation 334 9.6.6 Practical problems with MLS 335 9.7 Summary 337 Research problems 338 Further reading 339 Chapter 10 Boundaries 341 10.1 Introduction 341 10.2 Compartmentation and the lattice model 344 10.3 Privacy for tigers 346 10.4 Health record privacy 349 10.4.1 The threat model 351 10.4.2 The BMA security policy 353 10.4.3 First practical steps 356 10.4.4 What actually goes wrong 357 10.4.4.1 Emergency care 358 10.4.4.2 Resilience 359 10.4.4.3 Secondary uses 359 10.4.5 Confidentiality – the future 362 10.4.6 Ethics 365 10.4.7 Social care and education 367 10.4.8 The Chinese Wall 369 10.5 Summary 371 Research problems 372 Further reading 373 Chapter 11 Inference Control 375 11.1 Introduction 375 11.2 The early history of inference control 377 11.2.1 The basic theory of inference control 378 11.2.1.1 Query set size control 378 11.2.1.2 Trackers 379 11.2.1.3 Cell suppression 379 11.2.1.4 Other statistical disclosure control mechanisms 380 11.2.1.5 More sophisticated query controls 381 11.2.1.6 Randomization 382 11.2.2 Limits of classical statistical security 383 11.2.3 Active attacks 384 11.2.4 Inference control in rich medical data 385 11.2.5 The third wave: preferences and search 388 11.2.6 The fourth wave: location and social 389 11.3 Differential privacy 392 11.4 Mind the gap? 394 11.4.1 Tactical anonymity and its problems 395 11.4.2 Incentives 398 11.4.3 Alternatives 399 11.4.4 The dark side 400 11.5 Summary 401 Research problems 402 Further reading 402 Chapter 12 Banking and Bookkeeping 405 12.1 Introduction 405 12.2 Bookkeeping systems 406 12.2.1 Double-entry bookkeeping 408 12.2.2 Bookkeeping in banks 408 12.2.3 The Clark-Wilson security policy model 410 12.2.4 Designing internal controls 411 12.2.5 Insider frauds 415 12.2.6 Executive frauds 416 12.2.6.1 The post office case 418 12.2.6.2 Other failures 419 12.2.6.3 Ecological validity 420 12.2.6.4 Control tuning and corporate governance 421 12.2.7 Finding the weak spots 422 12.3 Interbank payment systems 424 12.3.1 A telegraphic history of E-commerce 424 12.3.2 SWIFT 425 12.3.3 What goes wrong 427 12.4 Automatic teller machines 430 12.4.1 ATM basics 430 12.4.2 What goes wrong 433 12.4.3 Incentives and injustices 437 12.5 Credit cards 438 12.5.1 Credit card fraud 439 12.5.2 Online card fraud 440 12.5.3 3DS 443 12.5.4 Fraud engines 444 12.6 EMV payment cards 445 12.6.1 Chip cards 445 12.6.1.1 Static data authentication 446 12.6.1.2 ICVVs, DDA and CDA 450 12.6.1.3 The No-PIN attack 451 12.6.2 The preplay attack 452 12.6.3 Contactless 454 12.7 Online banking 457 12.7.1 Phishing 457 12.7.2 CAP 458 12.7.3 Banking malware 459 12.7.4 Phones as second factors 459 12.7.5 Liability 461 12.7.6 Authorised push payment fraud 462 12.8 Nonbank payments 463 12.8.1 M-Pesa 463 12.8.2 Other phone payment systems 464 12.8.3 Sofort, and open banking 465 12.9 Summary 466 Research problems 466 Further reading 468 Chapter 13 Locks and Alarms 471 13.1 Introduction 471 13.2 Threats and barriers 472 13.2.1 Threat model 473 13.2.2 Deterrence 474 13.2.3 Walls and barriers 476 13.2.4 Mechanical locks 478 13.2.5 Electronic locks 482 13.3 Alarms 484 13.3.1 How not to protect a painting 485 13.3.2 Sensor defeats 486 13.3.3 Feature interactions 488 13.3.4 Attacks on communications 489 13.3.5 Lessons learned 493 13.4 Summary 494 Research problems 495 Further reading 495 Chapter 14 Monitoring and Metering 497 14.1 Introduction 497 14.2 Prepayment tokens 498 14.2.1 Utility metering 499 14.2.2 How the STS system works 501 14.2.3 What goes wrong 502 14.2.4 Smart meters and smart grids 504 14.2.5 Ticketing fraud 508 14.3 Taxi meters, tachographs and truck speed limiters 509 14.3.1 The tachograph 509 14.3.2 What goes wrong 511 14.3.2.1 How most tachograph manipulation is done 511 14.3.2.2 Tampering with the supply 512 14.3.2.3 Tampering with the instrument 512 14.3.2.4 High-tech attacks 513 14.3.3 Digital tachographs 514 14.3.3.1 System-level problems 515 14.3.3.2 Other problems 516 14.3.4 Sensor defeats and third-generation devices 518 14.3.5 The fourth generation – smart tachographs 518 14.4 Curfew tags: GPS as policeman 519 14.5 Postage meters 522 14.6 Summary 526 Research problems 527 Further reading 527 Chapter 15 Nuclear Command and Control 529 15.1 Introduction 529 15.2 The evolution of command and control 532 15.2.1 The Kennedy memorandum 532 15.2.2 Authorization, environment, intent 534 15.3 Unconditionally secure authentication 534 15.4 Shared control schemes 536 15.5 Tamper resistance and PALs 538 15.6 Treaty verification 540 15.7 What goes wrong 541 15.7.1 Nuclear accidents 541 15.7.2 Interaction with cyberwar 542 15.7.3 Technical failures 543 15.8 Secrecy or openness? 544 15.9 Summary 545 Research problems 546 Further reading 546 Chapter 16 Security Printing and Seals 549 16.1 Introduction 549 16.2 History 550 16.3 Security printing 551 16.3.1 Threat model 552 16.3.2 Security printing techniques 553 16.4 Packaging and seals 557 16.4.1 Substrate properties 558 16.4.2 The problems of glue 558 16.4.3 PIN mailers 559 16.5 Systemic vulnerabilities 560 16.5.1 Peculiarities of the threat model 562 16.5.2 Anti-gundecking measures 563 16.5.3 The effect of random failure 564 16.5.4 Materials control 564 16.5.5 Not protecting the right things 565 16.5.6 The cost and nature of inspection 566 16.6 Evaluation methodology 567 16.7 Summary 569 Research problems 569 Further reading 570 Chapter 17 Biometrics 571 17.1 Introduction 571 17.2 Handwritten signatures 572 17.3 Face recognition 575 17.4 Fingerprints 579 17.4.1 Verifying positive or negative identity claims 581 17.4.2 Crime scene forensics 584 17.5 Iris codes 588 17.6 Voice recognition and morphing 590 17.7 Other systems 591 17.8 What goes wrong 593 17.9 Summary 596 Research problems 597 Further reading 597 Chapter 18 Tamper Resistance 599 18.1 Introduction 599 18.2 History 601 18.3 Hardware security modules 601 18.4 Evaluation 607 18.5 Smartcards and other security chips 609 18.5.1 History 609 18.5.2 Architecture 610 18.5.3 Security evolution 611 18.5.4 Random number generators and PUFs 621 18.5.5 Larger chips 624 18.5.6 The state of the art 628 18.6 The residual risk 630 18.6.1 The trusted interface problem 630 18.6.2 Conflicts 631 18.6.3 The lemons market, risk dumping and evaluation games 632 18.6.4 Security-by-obscurity 632 18.6.5 Changing environments 633 18.7 So what should one protect? 634 18.8 Summary 636 Research problems 636 Further reading 636 Chapter 19 Side Channels 639 19.1 Introduction 639 19.2 Emission security 640 19.2.1 History 641 19.2.2 Technical surveillance and countermeasures 642 19.3 Passive attacks 645 19.3.1 Leakage through power and signal cables 645 19.3.2 Leakage through RF signals 645 19.3.3 What goes wrong 649 19.4 Attacks between and within computers 650 19.4.1 Timing analysis 651 19.4.2 Power analysis 652 19.4.3 Glitching and differential fault analysis 655 19.4.4 Rowhammer, CLKscrew and Plundervolt 656 19.4.5 Meltdown, Spectre and other enclave side channels 657 19.5 Environmental side channels 659 19.5.1 Acoustic side channels 659 19.5.2 Optical side channels 661 19.5.3 Other side-channels 661 19.6 Social side channels 663 19.7 Summary 663 Research problems 664 Further reading 664 Chapter 20 Advanced Cryptographic Engineering 667 20.1 Introduction 667 20.2 Full-disk encryption 668 20.3 Signal 670 20.4 Tor 674 20.5 HSMs 677 20.5.1 The xor-to-null-key attack 677 20.5.2 Attacks using backwards compatibility and time-memory tradeoffs 678 20.5.3 Differential protocol attacks 679 20.5.4 The EMV attack 681 20.5.5 Hacking the HSMs in CAs and clouds 681 20.5.6 Managing HSM risks 681 20.6 Enclaves 682 20.7 Blockchains 685 20.7.1 Wallets 688 20.7.2 Miners 689 20.7.3 Smart contracts 689 20.7.4 Off-chain payment mechanisms 691 20.7.5 Exchanges, cryptocrime and regulation 692 20.7.6 Permissioned blockchains 695 20.8 Crypto dreams that failed 695 20.9 Summary 696 Research problems 698 Further reading 698 Chapter 21 Network Attack and Defence 699 21.1 Introduction 699 21.2 Network protocols and service denial 701 21.2.1 BGP security 701 21.2.2 DNS security 703 21.2.3 UDP, TCP, SYN floods and SYN reflection 704 21.2.4 Other amplifiers 705 21.2.5 Other denial-of-service attacks 706 21.2.6 Email – from spies to spammers 706 21.3 The malware menagerie – Trojans, worms and RATs 708 21.3.1 Early history of malware 709 21.3.2 The Internet worm 710 21.3.3 Further malware evolution 711 21.3.4 How malware works 713 21.3.5 Countermeasures 714 21.4 Defense against network attack 715 21.4.1 Filtering: firewalls, censorware and wiretaps 717 21.4.1.1 Packet filtering 718 21.4.1.2 Circuit gateways 718 21.4.1.3 Application proxies 719 21.4.1.4 Ingress versus egress filtering 719 21.4.1.5 Architecture 720 21.4.2 Intrusion detection 722 21.4.2.1 Types of intrusion detection 722 21.4.2.2 General limitations of intrusion detection 724 21.4.2.3 Specific problems detecting network attacks 724 21.5 Cryptography: the ragged boundary 725 21.5.1 SSH 726 21.5.2 Wireless networking at the periphery 727 21.5.2.1 WiFi 727 21.5.2.2 Bluetooth 728 21.5.2.3 HomePlug 729 21.5.2.4 VPNs 729 21.6 CAs and PKI 730 21.7 Topology 733 21.8 Summary 734 Research problems 734 Further reading 735 Chapter 22 Phones 737 22.1 Introduction 737 22.2 Attacks on phone networks 738 22.2.1 Attacks on phone-call metering 739 22.2.2 Attacks on signaling 742 22.2.3 Attacks on switching and configuration 743 22.2.4 Insecure end systems 745 22.2.5 Feature interaction 746 22.2.6 VOIP 747 22.2.7 Frauds by phone companies 748 22.2.8 Security economics of telecomms 749 22.3 Going mobile 750 22.3.1 GSM 751 22.3.2 3G 755 22.3.3 4G 757 22.3.4 5G and beyond 758 22.3.5 General MNO failings 760 22.4 Platform security 761 22.4.1 The Android app ecosystem 763 22.4.1.1 App markets and developers 764 22.4.1.2 Bad Android implementations 764 22.4.1.3 Permissions 766 22.4.1.4 Android malware 767 22.4.1.5 Ads and third-party services 768 22.4.1.6 Pre-installed apps 770 22.4.2 Apple’s app ecosystem 770 22.4.3 Cross-cutting issues 774 22.5 Summary 775 Research problems 776 Further reading 776 Chapter 23 Electronic and Information Warfare 777 23.1 Introduction 777 23.2 Basics 778 23.3 Communications systems 779 23.3.1 Signals intelligence techniques 781 23.3.2 Attacks on communications 784 23.3.3 Protection techniques 785 23.3.3.1 Frequency hopping 786 23.3.3.2 DSSS 787 23.3.3.3 Burst communications 788 23.3.3.4 Combining covertness and jam resistance 789 23.3.4 Interaction between civil and military uses 790 23.4 Surveillance and target acquisition 791 23.4.1 Types of radar 792 23.4.2 Jamming techniques 793 23.4.3 Advanced radars and countermeasures 795 23.4.4 Other sensors and multisensor issues 796 23.5 IFF systems 797 23.6 Improvised explosive devices 800 23.7 Directed energy weapons 802 23.8 Information warfare 803 23.8.1 Attacks on control systems 805 23.8.2 Attacks on other infrastructure 808 23.8.3 Attacks on elections and political stability 809 23.8.4 Doctrine 811 23.9 Summary 812 Research problems 813 Further reading 813 Chapter 24 Copyright and DRM 815 24.1 Introduction 815 24.2 Copyright 817 24.2.1 Software 817 24.2.2 Free software, free culture? 823 24.2.3 Books and music 827 24.2.4 Video and pay-TV 828 24.2.4.1 Typical system architecture 829 24.2.4.2 Video scrambling techniques 830 24.2.4.3 Attacks on hybrid scrambling systems 832 24.2.4.4 DVB 836 24.2.5 DVD 837 24.3 DRM on general-purpose computers 838 24.3.1 Windows media rights management 839 24.3.2 FairPlay, HTML5 and other DRM systems 840 24.3.3 Software obfuscation 841 24.3.4 Gaming, cheating, and DRM 843 24.3.5 Peer-to-peer systems 845 24.3.6 Managing hardware design rights 847 24.4 Information hiding 848 24.4.1 Watermarks and copy generation management 849 24.4.2 General information hiding techniques 849 24.4.3 Attacks on copyright marking schemes 851 24.5 Policy 854 24.5.1 The IP lobby 857 24.5.2 Who benefits? 859 24.6 Accessory control 860 24.7 Summary 862 Research problems 862 Further reading 863 Chapter 25 New Directions? 865 25.1 Introduction 865 25.2 Autonomous and remotely-piloted vehicles 866 25.2.1 Drones 866 25.2.2 Self-driving cars 867 25.2.3 The levels and limits of automation 869 25.2.4 How to hack a self-driving car 872 25.3 AI / ML 874 25.3.1 ML and security 875 25.3.2 Attacks on ML systems 876 25.3.3 ML and society 879 25.4 PETS and operational security 882 25.4.1 Anonymous messaging devices 885 25.4.2 Social support 887 25.4.3 Living off the land 890 25.4.4 Putting it all together 891 25.4.5 The name’s Bond. James Bond 893 25.5 Elections 895 25.5.1 The history of voting machines 896 25.5.2 Hanging chads 896 25.5.3 Optical scan 898 25.5.4 Software independence 899 25.5.5 Why electronic elections are hard 900 25.6 Summary 904 Research problems 904 Further reading 905 Part III Chapter 26 Surveillance or Privacy? 909 26.1 Introduction 909 26.2 Surveillance 912 26.2.1 The history of government wiretapping 912 26.2.2 Call data records (CDRs) 916 26.2.3 Search terms and location data 919 26.2.4 Algorithmic processing 920 26.2.5 ISPs and CSPs 921 26.2.6 The Five Eyes’ system of systems 922 26.2.7 The crypto wars 925 26.2.7.1 The back story to crypto policy 926 26.2.7.2 DES and crypto research 927 26.2.7.3 CryptoWar 1 – the Clipper chip 928 26.2.7.4 CryptoWar 2 – going spotty 931 26.2.8 Export control 934 26.3 Terrorism 936 26.3.1 Causes of political violence 936 26.3.2 The psychology of political violence 937 26.3.3 The role of institutions 938 26.3.4 The democratic response 940 26.4 Censorship 941 26.4.1 Censorship by authoritarian regimes 942 26.4.2 Filtering, hate speech and radicalisation 944 26.5 Forensics and rules of evidence 948 26.5.1 Forensics 948 26.5.2 Admissibility of evidence 950 26.5.3 What goes wrong 951 26.6 Privacy and data protection 953 26.6.1 European data protection 953 26.6.2 Privacy regulation in the USA 956 26.6.3 Fragmentation? 958 26.7 Freedom of information 960 26.8 Summary 961 Research problems 962 Further reading 962 Chapter 27 Secure Systems Development 965 27.1 Introduction 965 27.2 Risk management 966 27.3 Lessons from safety-critical systems 969 27.3.1 Safety engineering methodologies 970 27.3.2 Hazard analysis 971 27.3.3 Fault trees and threat trees 971 27.3.4 Failure modes and effects analysis 972 27.3.5 Threat modelling 973 27.3.6 Quantifying risks 975 27.4 Prioritising protection goals 978 27.5 Methodology 980 27.5.1 Top-down design 981 27.5.2 Iterative design: from spiral to agile 983 27.5.3 The secure development lifecycle 985 27.5.4 Gated development 987 27.5.5 Software as a Service 988 27.5.6 From DevOps to DevSecOps 991 27.5.6.1 The Azure ecosystem 991 27.5.6.2 The Google ecosystem 992 27.5.6.3 Creating a learning system 994 27.5.7 The vulnerability cycle 995 27.5.7.1 The CVE system 997 27.5.7.2 Coordinated disclosure 998 27.5.7.3 Security incident and event management 999 27.5.8 Organizational mismanagement of risk 1000 27.6 Managing the team 1004 27.6.1 Elite engineers 1004 27.6.2 Diversity 1005 27.6.3 Nurturing skills and attitudes 1007 27.6.4 Emergent properties 1008 27.6.5 Evolving your workflow 1008 27.6.6 And finally… 1010 27.7 Summary 1010 Research problems 1011 Further reading 1012 Chapter 28 Assurance and Sustainability 1015 28.1 Introduction 1015 28.2 Evaluation 1018 28.2.1 Alarms and locks 1019 28.2.2 Safety evaluation regimes 1019 28.2.3 Medical device safety 1020 28.2.4 Aviation safety 1023 28.2.5 The Orange book 1025 28.2.6 FIPS 140 and HSMs 1026 28.2.7 The common criteria 1026 28.2.7.1 The gory details 1027 28.2.7.2 What goes wrong with the Common Criteria 1029 28.2.7.3 Collaborative protection profiles 1031 28.2.8 The ‘Principle of Maximum Complacency’ 1032 28.2.9 Next steps 1034 28.3 Metrics and dynamics of dependability 1036 28.3.1 Reliability growth models 1036 28.3.2 Hostile review 1039 28.3.3 Free and open-source software 1040 28.3.4 Process assurance 1042 28.4 The entanglement of safety and security 1044 28.4.1 The electronic safety and security of cars 1046 28.4.2 Modernising safety and security regulation 1049 28.4.3 The Cybersecurity Act 2019 1050 28.5 Sustainability 1051 28.5.1 The Sales of goods directive 1052 28.5.2 New research directions 1053 28.6 Summary 1056 Research problems 1057 Further reading 1058 Chapter 29 Beyond “Computer Says No” 1059 Bibliography 1061 Index 1143
Interaktive Datenvisualisierung in Wissenschaft und Unternehmenspraxis
Interaktive Visualisierungen gewinnen in Wissenschaft und Unternehmenspraxis zunehmend an Bedeutung. Neben der Analyse und Darstellung von Unternehmensdaten z.B. mit Hilfe moderner Data Science Methoden werden auch Visualisierungen und Animationen mit Hilfe von 3D und Virtual Reality/Augmented Reality Technologien immer wichtiger, etwa bei der Planung von Industrieanlagen, in der Architektur oder bei der Darstellung naturwissenschaftlicher Prozesse.Das vorliegende praxisorientierte Herausgeberwerk basiert auf Ergebnissen, die im Kontext der Tagung VISUALIZE an der Hochschule Rhein-Waal vorgestellt wurden und umfasst Beiträge unterschiedlicher Visualisierungsdomänen, darunter auch Business Intelligence Lösungen mit Qlik Sense, R, Shiny und Python. Die Visualisierungstechniken und konkreten Methoden aus begleitenden Workshops werden zu anwendungsnahen Handlungsempfehlungen und Best Practices für eigene Visualisierungsvorhaben zusammengefasst.Ein Buch für alle, die auf der Suche nach konkreten Handlungsempfehlungen und Praxisbeispielen zur interaktiven Datenvisualisierung sind.Dr. Timo Kahl ist Professor für Wirtschaftsinformatik an der Hochschule Rhein-Waal und leitet den Studiengang und das Labor für E-Government. Seine fachlichen Schwerpunkte liegen in den Bereichen Prozessmanagement, Verwaltungsmodernisierung, Business Integration und Business Intelligence.Dr. Frank Zimmer ist Professor für Informatik und Mathematik an der Hochschule Rhein-Waal und leitet das Labor für Computational Intelligence und Visualisierung. Seine fachlichen Schwerpunkte sind Maschinelles Lernen, Data Science, Simulationen und Visualisierung.Visualisierungen in 3D Anwendungen.-Visualisierungskonzepte und moderne Werkzeuge (Qlik Sense, R, Shiny, Python, Houdini, Unity, Unreal & Co.).-Prozess- und Datenvisualisierung.-Visualisierung im Kontext von Machine Learning.
Building Versatile Mobile Apps with Python and REST
Develop versatile iOS and Android apps using Python withRESTful web services. Dive into full-stack development with Django, a powerfulPython framework, and React Native, the most in-demand JavaScript library.Begin by building a mobile app using the RESTful APIs andReact Native. Starting from scratch, create a database and serialize the datawith Django REST to serve APIs. Then build the front-end with React and mobileapps for iOS and Android with React Native.By the end of the book, you’ll have developed three appspowered by Django—a desktop React app, an iOS app, and an Android app. Discoverthe whole process of developing apps from inception to distribution of an iOSapp in the Apple store and an Android app in the Google Play store.You will:* Develop using the Model-View-Controller pattern* Facilitate the communications between the back-end andfront-end of web apps with HTTP* Design a robust front-end for an app with React* Create one back-end solution for both iOS and Androiddevices with DjangoART YUDIN is a FinTech enthusiast who has a great passion for coding and teaching. He earned a Master of Science in Banking and Finance from Adelphi University, Garden City, New York. Mr. Yudin previously held asset management positions with international financial institutions such as Merrill Lynch and Allianz Investments. Currently, Art Yudin develops financial services software and leads classes and workshops in Python at Practical Programming in New York and Chicago.CHAPTER 1. STARTING WITH DJANGO- How modern websites work- Python and Virtual environment- Install Django and Django REST- Initial setup- Understanding the MVC pattern in Django- Starting new Django project and creating appsCHAPTER 2. LET’S BUILD OUR WEB API APP- Models- Admin- Views- URLsCHAPTER 3. CREATING RESTFUL API- Serializers- API Views- Browsable APICHAPTER 4. HOW IOS WORKS- Xcode interface- Intro to SwiftCHAPTER 5. DESIGNING OUR FRONT-END IOS APP- Setting up the structure of our App- Designing layoutChapter 6. CONNECTING BACK-END API WITH IOS APP- Creating an API Manager- Displaying data- List View- Detail View- Update ViewCHAPTER 7. ADDITIONAL FEATURES- User authentication- Adding reviews and displaying ratings- Adding places to favoritesChapter 8. LAUNCHING APP- Deploying back-end to a live server- Adding our App to App Store
Tweak Your Mac Terminal
Look beyond the basics of Mac programming and development to become a Mac power user. When most people think about the Mac, they think about the amazing graphical user interface macOS is known for. However, there is a whole world to explore beneath the hood. This book approaches working directly in the terminal with fun projects and ideas to help turn you into an advanced Mac user.You'll work with Brew (HomeBrew), which gives you the ability to install applications from Linux (and Unix) that can make the terminal more useful. This is important, because a lot of applications have been stripped out of macOS or deprecated. For example, Apple's built-in PHP is usually a major release behind. You'll also customize your terminal to change everything about it, making it your own. The whole world is about personalizing. Why put up with the Apple defaults?Once you have your terminal set up and ready to rock, you'll review the basics of programming on the Mac terminal. This will allow you to get a taste of power scripting. You'll discover the power of bash, PHP, and Python. And then you'll apply those tools to web development.Tweak Your Mac Terminal takes you on a journey into a world of the terminal and its hidden applications.WHAT YOU'LL LEARN* Customize the terminal to make it perfect for your needs* Develop web applications using basic coding skills in the terminal* Install HomeBrew and by extension Linux and Unix applicationsWHO THIS BOOK IS FORMac users who are already very familiar with the GUI and want to go further. This book will especially help starting IT professionals and beginning programmers.DANIEL PLATT is a software developer and system admin. Much of his time is spent writing code and setting up computers. He is a Senior Software Engineer at Comparison Technologies Ltd. and has spent a lifetime working with computers keeping on the bleeding edge of technology.Chapter 1: System Setup and Requirements· Introduction· Requirements· Installing XCode· ResourcesChapter 2: Basics of the Terminal· Where is the terminal· What is the terminal· Built-in manual· Text editor· What is a shell?· Moving around· The filesystemo Pwdo Cd· PermissionsChapter 3: Customizing Your Terminal· Customising the look (background/foreground colour)· Aliases· Paths· Ln – Aliases / shortcuts· PromptChapter 4: Built in Commands Provided by macOS· Lsof – Eject a drive with an open file· Which – where is your command?· Open· Say· Sysctl for system state· Compression – gz, zip· Finding content in files· Find a file name· Search and replace - Sed· Spot the difference in text files – Diff· Copy and paste· Built-in Psychotherapist (emacs)· Downloading files· Scheduling with launchd· Running processes· Sudo· Pretending website is somewhere else· Remote shellChapter 5: Brew· What brew is· Why use brew· Installing brew· Finding applications in brew· Installing applications from brew· Brew maintenance· When things go wrongChapter 6: Extra Applications· Tmux· Cowsay· Figlet· Lolcat· Archey· Linux utilities missing from macOS· head, tail· formatting xml, json files· grepChapter 7: Services· Using terminal to access content· Weather· Star WarsChapter 8: Oh My Zsh· What is oh My Zsh· Installation· Themes· PluginsChapter 9: Programming Languages· Bash· PHP· Python· Build a few simple terminal games in different languagesChapter 10: Web Development· Why· Nginx· MySQL· WordPress· Putting it liveChapter 11: Version Control· What is version control· Getting started· Using other repository· Publishing your repository· Using applicationChapter 12: Going Further· Replace terminal with iTerm2· Ideas for customising the terminal· Programming Languages
Getting Started with Containers in Google Cloud Platform
Deploy, manage, and secure containers and containerized applications on Google Cloud Platform (GCP). This book covers each container service in GCP from the ground up and teaches you how to deploy and manage your containers on each service.You will start by setting up and configuring GCP tools and the tenant environment. You then will store and manage Docker container images with GCP Container Registry (ACR). Next, you will deploy containerized applications with GCP Cloud Run and create an automated CI/CD deployment pipeline using Cloud Build. The book covers GCP’s flagship service, Google Kubernetes Service (GKE), and deployment of a Kubernetes cluster using clear steps and considering GCP best practices using the GCP management console and gcloud command-line tool. Also covered is monitoring containers and containerized applications on GCP with Cloud Monitoring, and backup and restore containers and containerized applications on GCP.By the end of the book, you will know how to get started with GCP container services and understand the fundamentals of each service and the supporting services needed to run containers in a production environment. This book also assists you in transferring your skills from AWS and Azure to GCP using the knowledge you have acquired on each platform and leveraging it to gain more skills.WHAT YOU WILL LEARN* Get started with Google Cloud Platform (GCP)* Store Docker images on GCP Container Registry * Deploy Google Kubernetes Engine (GKE) cluster* Secure containerized applications on GCP* Use Cloud Build to deploy containers * Use GCP Batch for batch job processing on KubernetesWHO THIS BOOK IS FORGoogle Cloud administrators, developers, and architects who want to get started and learn more about containers and containerized applications on Google Cloud Platform (GPC)SHIMON IFRAH is an IT professional with 15+ years of experience in the design, management, and deployment of information technology systems and networks. In recent years, he has been specializing in cloud computing and containerized applications on Microsoft Azure, Amazon AWS, and Google Cloud Platform (GCP). He holds more than 20 vendor certificates from Microsoft, AWS, VMware, and Cisco. During his career in the IT industry, he has worked for some of the largest managed services and technology companies in the world, helping them administer systems for the largest enterprises. He is based out of Melbourne, Australia. Chapter 1: Get Started with Google Cloud Platform (GCP)Chapter Goal: Setup and configure GCP tools and tenant environmentNo of pages: 40Sub -Topics1. Set up your Google Cloud Platform (GCP) tenant2. Understanding GCP projects3. Understanding cloud shell4. Secure and manage your GCP account (projects and more)5. GCP Services overviewChapter 2: Store and Manage Docker Container Images with GCP Container Registry (ACR)Chapter Goal: Here we learn how to Store Docker Container images on GCP Container registryNo of pages: 40Sub - Topics1. Setup GCP Container Registry2. Push Docker images to Container Registry3. Pull images from GCP Container Registry4. Manage and secure GCP Container RegistryChapter 3: Deploy Containerized Applications with GCP Cloud RunChapter Goal: This chapter explains how to deploy containers and containerized applications on GCP cloud runNo of pages: 40Sub - Topics:1. Set up GCP cloud run 2. Deploy containers with cloud run3. Use cloud build and git to deploy containers4. Scale containerized applications on cloud run5. Monitor and manage containerized applications on cloud runChapter 4: Deploy Containerized Applications with Google Kubernetes Engine (GKE)Chapter Goal: This chapters explains how to deploy containers and containerized applications with GKENo of pages:Sub - Topics:1. Getting started with GKE2. Setup and configure GKE networking and storage3. Deploy Kubernetes dashboard (Web UI) on GKE4. Manage and secure GKE5. Run Batch jobs on Kubernetes with batch (beta)Chapter 5: Deploy Docker Containers on GCP Compute EngineChapter Goal: This chapter explains how to deploy containers and containerized applications on GCP compute engineNo of pages: 40Sub - Topics:1. Install Docker container host on Ubuntu Linux VM2. Install Docker container host on Windows server 2019 VM3. Deploy containers on GCP compute engine using GCP container-optimized OSChapter 6: Secure your GCP Environment and ContainersChapter Goal: This chanpters explains how to secure and protect containers and containerized applications on GCPNo of pages: 40Sub - Topics:1. Introduction to GCP identify infrastructure2. Setup organization policies3. Roles, service accounts and auditing capabilities4. GCP networking and firewalls configurationChapter 7: Scale Containers and Containerized Applications on GCPChapter Goal: This chapter explains how to scale containers and containerized applications on GCPNo of pages: 40Sub - Topics:1. Scale Google Kubernetes Service (GKE)2. Scale cloud run and cloud build containers3. Scale GCP Container Registry4. Scale compute engine hosts and containersChapter 8: Monitor Containers and Containerized Applications on GCP with Stackdriver MonitoringChapter Goal: Learn how to Monitor Containers and Containerized Applications on GCPNo of pages: 40Sub - Topics:1. Monitor Google Kubernetes Service (GKE)2. Monitor cloud run containers3. Monitor compute engine resources4. GCP cost management and toolsChapter 9: Backup and Restore Containers and Containerized Applications on GCPChapter Goal: This chapter explains how to backup and restore containers and containerized applications on GCPNo of pages: 40Sub - Topics:1. Backup persistent storage disks2. Backup compute engine resources3. Manage cloud storage and file storeChapter 10: Troubleshooting Containers and Containerized Applications on GCPChapter Goal: This chapters explains how to troubleshoot containers and containerized applications issues on GCPNo of pages: 40Sub - Topics:1. Troubleshoot Google Kubernetes Service (GKE)2. Troubleshoot cloud run and cloud build deployments3. Troubleshoot GCP Container Registry5. Troubleshoot compute engine resource
Penetration Testing mit mimikatz
- Penetration Tests mit mimikatz von Pass-the-Hash über Kerberoasting bis hin zu Golden Tickets - Funktionsweise und Schwachstellen der Windows Local Security Authority (LSA) und des Kerberos-Protokolls - Alle Angriffe leicht verständlich und Schritt für Schritt erklärt mimikatz ist ein extrem leistungsstarkes Tool für Angriffe auf das Active Directory. Hacker können damit auf Klartextpasswörter, Passwort-Hashes sowie Kerberos Tickets zugreifen, die dadurch erworbenen Rechte in fremden Systemen ausweiten und so die Kontrolle über ganze Firmennetzwerke übernehmen. Aus diesem Grund ist es wichtig, auf Angriffe mit mimikatz vorbereitet zu sein. Damit Sie die Techniken der Angreifer verstehen und erkennen können, zeigt Ihnen IT-Security-Spezialist Sebastian Brabetz in diesem Buch, wie Sie Penetration Tests mit mimikatz in einer sicheren Testumgebung durchführen. Der Autor beschreibt alle Angriffe Schritt für Schritt und erläutert ihre Funktionsweisen leicht verständlich. Dabei setzt er nur grundlegende IT-Security-Kenntnisse voraus. Sie lernen insbesondere folgende Angriffe kennen: Klartextpasswörter aus dem RAM extrahieren Authentifizierung ohne Klartextpasswort mittels Pass-the-Hash Ausnutzen von Kerberos mittels Overpass-the-Hash, Pass-the-Key und Pass-the-Ticket Dumpen von Active Directory Credentials aus Domänencontrollern Erstellen von Silver Tickets und Golden Tickets Cracken der Passwort-Hashes von Service Accounts mittels Kerberoasting Auslesen und Cracken von Domain Cached Credentials Darüber hinaus erfahren Sie, wie Sie die Ausführung von mimikatz sowie die Spuren von mimikatz-Angriffen erkennen. So sind Sie bestens gerüstet, um Ihre Windows-Domäne mit mimikatz auf Schwachstellen zu testen und entsprechenden Angriffen vorzubeugen. Aus dem Inhalt: Sichere Testumgebung einrichten Grundlagen der Windows Local Security Authority (LSA) Funktionsweise des Kerberos-Protokolls Passwörter und Hashes extrahieren: Klartextpasswörter NTLM-Hashes MS-Cache-2-Hashes Schwachstellen des Kerberos-Protokolls ausnutzen: Ticket Granting Tickets und Service Tickets Encryption Keys Credentials des Active Directorys mimikatz-Angriffe erkennen Invoke-Mimikatz und weiterführende Themen Praktisches Glossar
Excel Portable Genius
YOUR GENIUS-LEVEL GUIDE TO EXCEL EXCELLENCEExcel Portable Genius covers the key features of Microsoft Excel in a concise, fast-paced, portable format that provides the perfect quick and easy-to-follow reference for novices and experienced users alike. Written by seasoned tech expert and trainer Lisa A. Bucki, it answers the nine key questions Excel users are most likely to face in their work and adds some hot tips and advice on this incredibly useful—but sometimes difficult-to-learn—program's lesser-known features.* Build formulas to perform powerful calculations* Format data to make it easy to find interpret and to highlight key results* Sort and filter to organize or display specific information* Chart data to pinpoint changes and identify trends* Communicate results by printing and sharingComplete with a comprehensive index and extensive illustrations complementing straightforward instructions, this is the ideal guide to mastery of the world's most popular spreadsheet program.LISA A. BUCKI is an author, trainer, and content creator who's been educating others about computers and software since 1990. She's written dozens of books, provided marketing and training services to her clients, and written online tutorials. She is the co-founder of 1x1 Media.Fun, hip, and straightforward, the Portable Genius series gives forward-thinking computer users useful information in handy, compact books that are easy to navigate and don't skimp on the essentials. Collect the whole series and make the most of your digital lifestyle.Acknowledgments viiIntroduction xivCHAPTER 1 HOW DO I START USING EXCEL? 2Starting and Exiting Excel 4Taking a Look Around 5Reviewing key screen features 5Workbooks versus worksheets 8Changing views 8Zooming 10Working with Files 11Creating a blank file 11Exploring templates 12Opening an existing file 13Switching to another file 14Making Your First Cell Entries 16Moving around the sheet 16Text and values 17Dates and times 19Number formatting on the fly 20Making Selections 21Understanding cells and ranges 22Selecting a range 22Selecting a row or column 23Working with Sheets 24Adding, renaming, and jumping to a sheet 25Moving or copying a sheet 26Saving and Closing a File 27CHAPTER 2 HOW DO I MAKE CHANGES TO MY SHEET? 30Cell Editing Basics 32Making changes 32Commenting when editing 33Clearing cell contents 33Using Undo and Redo 34Spell-checking your work 35Copying or Moving a Range 35Using Paste Special 37Using Auto Fill and Filling Series 38Inserting and Deleting Rows, Columns, and Cells 41Creating Range Names 44Using the Name box 45Using the New Name dialog box 46Assigning multiple range names at once 47Deleting a range name 48Using Find and Replace 50Freezing Rows and Columns On-Screen 51CHAPTER 3 HOW DO I ADD UP THE NUMBERS WITH FORMULAS? 54Entering a Basic Formula 56Typing the formula 56Cell and range references in formulas 57Using the mouse to save time 58Dealing with minor errors 60Learning More About Operators 60Understanding Order of Precedence 63How order of precedence works 63Using parentheses in formulas 64Making a Cell or Range Reference Absolute Rather Than Relative 66Changing the reference type in a formula 66How referencing works when filling, copying, or moving a formula 67Showing Formulas in Cells 69Using Other Formula Review Techniques 70CHAPTER 4 WHEN DO I NEED TO INCLUDE A FUNCTION? 72Understanding Functions 74Using AutoSum on the Home or Formulas Tab 74Typing a Function in a Formula 77Using the Formulas Tab to Insert a Function 79Choosing from the Function Library 79Using Insert Function to find a function 82Using Range Names in Formulas 83Reviewing Some Essential Functions 84CHAPTER 5 HOW DO I USE FORMATTING TO ENHANCE MY WORKSHEET? 90Changing the Number or Date Format 92Using number formats 94Using date and time formats 96Using special and custom formats 96Changing Cell Formatting 99Applying font formatting 100Applying alignment formatting 103Working with Borders and Shading 105Using Styles 107Clearing Formatting 109Understanding Themes 109Reviewing elements of a theme 109Changing themes 110Changing theme colors, fonts, and effects 111Working with Column Width and Row Height 113Using Conditional Formatting to Highlight Information 115CHAPTER 6 HOW DO I USE GRAPHICS IN EXCEL? 118Inserting Simple Graphics 120Shapes 120Pictures 122Icons 126Selecting and Formatting Graphics 127Adding text to shapes 128Changing styles 129Changing sizing and position 132Working with layering, alignment, and rotation 134Inserting WordArt 136Combining and Creating Your Own Graphics 138Creating and Working with SmartArt 141Adding a SmartArt graphic 141Editing and rearranging shapes 143Changing the graphic type and formatting 144Deleting a Graphic 145Adding a Background Image 146CHAPTER 7 HOW DO I MANAGE LISTS OF INFORMATION? 148Arranging a List in Excel 150Cleaning Up Data 152Using Flash Fill 152Using Text to Columns 155Removing duplicates and consolidating 157Sorting, Filtering, and Subtotaling Lists of Information 159Sorting and filtering a list 160Subtotaling a sorted list 162Understanding Excel’s Table Feature 163Converting a range to a table 164Importing or connecting to a list of data 166Changing table styles 168Resizing a table 169Renaming a table 170Sorting and Filtering a Table 170Using Table Calculations 170Adding a calculated column 171Adding a total row 173Converting a Table Back to a Range of Regular Cells 174CHAPTER 8 HOW DO I PRESENT MY DATA IN CHARTS? 176Charts and Their Role in Your Workbooks 178Chart Types 179Creating a Chart 180Changing the Chart Type and Layout 184Formatting Chart Elements 186Changing the Charted Data 189Moving a Chart to Its Own Sheet and Deleting a Chart 190Using Special Charts: Sparklines, PivotTables, and Maps 192CHAPTER 9 HOW DO I PRINT AND SHARE MY CONTENT? 194Creating Headers and Footers 196Changing Page Settings 199Margins 199Orientation and paper size 200Scaling 201Changing Sheet Settings 201Adding print titles 201Controlling whether gridlines and other features print 203Working with Page Breaks 203Setting a print area 204Viewing and moving breaks 204Previewing a Printout and Printing 206Other Ways to Share Information 207Exporting a PDF 208Using OneDrive 209Index 212
OneNote, Teams und mehr smarte Tools für den vernetzten Alltag mit OneDrive
- Mit OneNote & Teams effizient organisieren und kommunizieren- Programm- und geräteübergreifend arbeiten – Synergien nutzenOb privat oder im Büro, ob für Schüler, Lehrer oder Studenten: Eine Reihe kleiner und meist kostenloser Programme steht bereit, um Ihren Alltag leichter und effizienter zu gestalten. Vom simplen Einkaufszettel über das Organisieren von Besprechungen bis zum komplexen Informationsaustausch erweisen sich diese oft unterschätzten Apps als nützliche Helfer. In diesem Buch lernen Sie mehrere dieser praktischen Werkzeuge kennen und erfahren, wie sie perfekt in Ihren Microsoft-Workflow passen. Anschaulich erklären die Autoren die Einstellungsmöglichkeiten und Varianten der Programme im Detail und zeigen, wie Sie die Tools miteinander verknüpfen, um schlaue Synergien zu nutzen. Organisieren Sie sich mit den Apps auf PC, Laptop, Tablet und Smartphone, um überall und jederzeit produktiv sowie stressfrei arbeiten zu können. Sowohl Einsteiger als auch Fortgeschrittene werden von den zahlreichen Tipps und Tricks rund um OneNote, Teams, OneDrive, Sticky Notes, IFTTT & Co. profitieren. Schneller Erfolg ohne Kopfzerbrechen ist garantiert!Aus dem Inhalt:- Mit OneNote Notizen synchron auf PC, Smartphone und Tablet verwalten – von der simplen Liste bis zu komplexen Wiki-Inhalten- Kommunikation und Datenaustausch mit Microsoft Teams- Aufgaben bzw. Einkaufslisten mit ToDo anlegen- Digitale Post-its mit Sticky Notes nutzen- Schnelle Bildschirmfotos und Sprachaufnahmen erstellen- Mit dem Cloud-Speicher OneDrive immer alle Daten griffbereit haben- Office Lens zum Scannen von Dokumenten verwenden- Maße, Einheiten und Währungen schnell umrechnen - Programmübergreifend arbeiten und dafür alle Tools miteinander verknüpfen - Mit IFTTT auch dort Verbindungen schaffen, wo auf den ersten Blick keine sind- Effizienter Datenaustausch zwischen PC, Tablet und Smartphone - Im Team mit anderen zusammenarbeiten – ob im Büro, in der Schule oder in Ihrer Freizeit
Spiele programmieren mit Unity
* 2D- UND 3D-SPIELE SELBST ENTWICKELN* LANDSCHAFTEN UND GEBÄUDE GESTALTEN SOWIE FIGUREN ANIMIEREN * WICHTIGE C#-PROGRAMMIER-ELEMENTE KENNENLERNEN UND ANWENDENUnity ist eine sehr beliebte Spiele-Engine, mit der du eigene 3D-Spiele entwickeln kannst. Der erfahrene Kids-Autor Hans-Georg Schumann zeigt dir, wie du mit Unity und der Programmiersprache C# schnell zu beeindruckenden Ergebnissen kommst.Schritt für Schritt lernst du, wie du Figuren durch die Welt wandern und auch gegen gefährliche Gegner kämpfen lässt. Du erstellst Landschaften mit Bäumen und Seen, gestaltest und animierst eigene Charaktere, und lernst ganz nebenbei das Programmieren in C#. Das Unity-Partikelsystem erzeugt tolle Effekte mit Licht und Schatten, die dem Spiel das nötige Reality-Gefühl geben. Und alles, was du zum Programmieren deiner Spiele brauchst, findest du auch zum Download.AUS DEM INHALT:* Unity starten und ein erstes kleines Kollisionsspiel erstellen* In die Script-Programmierung mit C# einsteigen* Einen Charakter entwerfen und ihm Eigenschaften geben* Ein Jump & Run-Spiel entwickeln* Das Prinzip von 3D verstehen und die Spielfläche mit Bäumen und Wasser gestalten* Ganze Bauwerke entstehen lassen* Die Figur klettern, schwimmen und sogar tauchen lehren* Eine Fantasie-Kreatur entwerfen und durch Animation lebendig werden lassen* Strahlen, Partikel und Sound einbinden* Künstliche Intelligenz nutzen* Energiekontrolle und andere Features aufrüsten* Installationshilfe und Fehlerbehebung Hans-Georg Schumann war Informatik- und Mathematiklehrer an einer Gesamtschule. Er hat viele erfolgreiche Bücher in der mitp-Buchreihe »... für Kids« geschrieben.
Windows 10 - Leichter Einstieg für Senioren
Nachvollziehbare Erklärungen zu Windows 10 in aktueller Auflage.Windows-Experte Günter Born führt Sie leicht verständlich und anschaulich in das aktuelle Windows ein – inklusive der Neuheiten des aktuellen Herbst-Updates.Schritt für Schritt machen Sie sich mit den Grundlagen des Betriebssystems und weiterer Anwendungen vertraut.Sie schreiben Mails, surfen im Internet, sichern Ihre Daten, hören Musik, verwalten und bearbeiten Fotos und passen die Windows-Einstellungen nach Ihren Wünschen an – auf dem PC, Notebook oder Tablet.Aus dem Inhalt:Die ersten Schritte mit Windows 10Die Neuerungen des Herbst-2020-UpdatesLaufwerke, Ordner und DateienDer Umgang mit ProgrammenMit Texten arbeitenFotos verwalten und bearbeitenSpiele und UnterhaltungInternet und E-MailKontakte, Termine und mehrWindows anpassenInhalt & Leseprobe (PDF-Link)
Beginning Java MVC 1.0
Get started with using the new Java MVC 1.0 framework for model, view, and controller development for building modern Java-based web, native, and microservices applications.Beginning Java MVC teaches you the basics, then dives in to models, views, controllers. Next, you learn data binding, events, application types, view engines, and more. You will be given practical examples along the way to reinforce what you have learned. Furthermore, you'll work with annotations, internationalization, security, and deployment.After reading this book, you'll have the know how to build your first full Java-based MVC application.WHAT YOU WILL LEARN* Discover the Java MVC 1.0 APIs and how to use themMaster the Model, View and Controller design pattern * Carry out data binding * Write events* Work with view enginesWHO THIS BOOK IS FORThose new to Java MVC 1.0. Some prior experience with Java programming recommended, especially with JSF or Struts. Peter Späth graduated in 2002 as a physicist and soon afterwards became an IT consultant, mainly for Java-related projects. In 2016 he decided to concentrate on writing books, with his main focus set on software development. With two books about graphics and sound processing and two books for Android and Kotlin programming, his new book addresses beginning Jakarta EE developers willing to develop enterprise-level Java applications with Java EE 8.1. About MVC - Model, View, Controller* History of MVC* MVC in Web Applications* MVC for Java* Finally, Java MVC (JSR-371)* Why MVC* Where is Hello World?2. Prerequisite - Jakarta EE / Java EE* The Nature of Java for Enterprise Applications* Glassfish, a Free Java Server* Using a Preinstalled Java Server* Learning Java for Enterprise Applications* RESTful Services3. Development Workflow* Using Gradle as a Build Framework* Using Eclipse as an IDE* More About Gradle* Developing Using the Console* Installing MVC4. Hello World for Java MVC* Starting The Hello World Project* The Hello World Model* The Hello World View* The Hello World Controller* Using Gradle to Build Hello World* Starting a Jakarta EE Server* Deploying and Testing Hello World5. Start Working With Java MVC* Handling User Input From Forms* Exception Handling in Java MVC* Non-String Post Parameters6. In-Depth Java MVC* The Model* The View: JSPs* The View: Facelets* The Controller7. In-Depth Java MVC - Part II* Injectable Context* Persisating State* Dealing With Page Fragments* Observers* Configuration8. Internationalization* Language Resources* Adding Localized Messages to the Session* Formatting of Data in the View* Using JSF for Formatting* Localized Data Conversion9. Java MVC and EJBs* About Session EJBs* Defining EJBs* Accessing EJBs* EJB Projects* EJBs with Dependencies* Asynchronous EJB Invocation* Timer EJBs10. Connecting Java MVC to a Database* Abstracting Away Database Access With JPA* Setting up a SQL Database* Creating a DataSource* Preparing the Member Registration Application* Adding EclipseLink as ORM* Controllers* Adding Data Access Objects* Updating the View* Adding Entities* Adding Relations11. Logging Java MVC Applications* System Streams* JDK Logging in Glassfish* Using JDK Standard Logging For Other Servers* Adding Log4j Logging to Your Application12. A Java MVC Example Application* The BooKlubb Database* The BooKlubb Eclipse Project* The BooKlubb Infrastructure Classes* Configure BooKlubb Database Access* The BooKlub Internationalization* The BooKlubb Entity Classes* BooKlubb Database Access Via DAOs* The BooKlubb Model* The BooKlubb Controller* The BooKlubb View* Deploying and Testing BooKlubbAppendix* Solutions to The Exercises
Getting Structured Data from the Internet
Utilize web scraping at scale to quickly get unlimited amounts of free data available on the web into a structured format. This book teaches you to use Python scripts to crawl through websites at scale and scrape data from HTML and JavaScript-enabled pages and convert it into structured data formats such as CSV, Excel, JSON, or load it into a SQL database of your choice.This book goes beyond the basics of web scraping and covers advanced topics such as natural language processing (NLP) and text analytics to extract names of people, places, email addresses, contact details, etc., from a page at production scale using distributed big data techniques on an Amazon Web Services (AWS)-based cloud infrastructure. It book covers developing a robust data processing and ingestion pipeline on the Common Crawl corpus, containing petabytes of data publicly available and a web crawl data set available on AWS's registry of open data.GETTING STRUCTURED DATA FROM THE INTERNET also includes a step-by-step tutorial on deploying your own crawlers using a production web scraping framework (such as Scrapy) and dealing with real-world issues (such as breaking Captcha, proxy IP rotation, and more). Code used in the book is provided to help you understand the concepts in practice and write your own web crawler to power your business ideas.WHAT YOU WILL LEARN* Understand web scraping, its applications/uses, and how to avoid web scraping by hitting publicly available rest API endpoints to directly get data* Develop a web scraper and crawler from scratch using lxml and BeautifulSoup library, and learn about scraping from JavaScript-enabled pages using Selenium* Use AWS-based cloud computing with EC2, S3, Athena, SQS, and SNS to analyze, extract, and store useful insights from crawled pages* Use SQL language on PostgreSQL running on Amazon Relational Database Service (RDS) and SQLite using SQLalchemy* Review sci-kit learn, Gensim, and spaCy to perform NLP tasks on scraped web pages such as name entity recognition, topic clustering (Kmeans, Agglomerative Clustering), topic modeling (LDA, NMF, LSI), topic classification (naive Bayes, Gradient Boosting Classifier) and text similarity (cosine distance-based nearest neighbors)* Handle web archival file formats and explore Common Crawl open data on AWS* Illustrate practical applications for web crawl data by building a similar website tool and a technology profiler similar to builtwith.com* Write scripts to create a backlinks database on a web scale similar to Ahrefs.com, Moz.com, Majestic.com, etc., for search engine optimization (SEO), competitor research, and determining website domain authority and ranking* Use web crawl data to build a news sentiment analysis system or alternative financial analysis covering stock market trading signals* Write a production-ready crawler in Python using Scrapy framework and deal with practical workarounds for Captchas, IP rotation, and moreWHO THIS BOOK IS FORPrimary audience: data analysts and scientists with little to no exposure to real-world data processing challenges, secondary: experienced software developers doing web-heavy data processing who need a primer, tertiary: business owners and startup founders who need to know more about implementation to better direct their technical teamJAY M. PATEL is a software developer with over 10 years of experience in data mining, web crawling/scraping, machine learning, and natural language processing (NLP) projects. He is a co-founder and principal data scientist of Specrom Analytics, providing content, email, social marketing, and social listening products and services using web crawling/scraping and advanced text mining.Jay worked at the US Environmental Protection Agency (EPA) for five years where he designed workflows to crawl and extract useful insights from hundreds of thousands of documents that were parts of regulatory filings from companies. He also led one of the first research teams within the agency to use Apache Spark-based workflows for chem and bioinformatics applications such as chemical similarities and quantitative structure activity relationships. He developed recurrent neural networks and more advanced LSTM models in Tensorflow for chemical SMILES generation.Jay graduated with a bachelor's degree in engineering from the Institute of Chemical Technology, University of Mumbai, India and a master of science degree from the University of Georgia, USA. Jay serves as an editor of a publication titled Web Data Extraction and also blogs about personal projects, open source packages, and experiences as a startup founder on his personal site, jaympatel.com.
QuickBooks 2021 All-in-One For Dummies
DO THE NUMBERS IN DOUBLE-QUICK TIME WITH THIS TRUSTED QUICKBOOKS BESTSELLER!Running your own business can be cool, but some of the financial side—accounting and payroll, for instance—is not always so cool! That's why millions of small business owners around the world bank on QuickBooks to easily manage accounting and financial tasks and save big-time on shelling out for an expensive professional. QuickBooks 2021 All-in-One For Dummies contains eight information-rich mini-books that account for all your financial line-item asks, showing you step-by-step how to plan your perfect budget, simplify tax returns, manage inventory, create invoices, track costs, generate reports, and accurately check off every other accounting and financial-management task that comes across your desk!* Get the most out of QuickBooks 2021* Sharpen up on the basics with an accounting primer* Craft a world-class business plan* Process taxes and payroll in double-quick timeWritten by expert CPA and small business advisor Stephen L. Nelson, QuickBooks All-in-One 2021 For Dummies is the best-selling blue-chip go-to that will save you time and money—and will allow you to enjoy the fruits of your labors!STEPHEN L. NELSON, MBA, CPA, holds an MS in Taxation and provides accounting, business advisory, and tax planning and preparation services to small businesses as a CPA. He has written more than 100 books on computers and financial management.INTRODUCTION 1About This Book 1Foolish Assumptions 2Icons Used in This Book 3Beyond the Book 4Where to Go from Here 4BOOK 1: AN ACCOUNTING PRIMER 7CHAPTER 1: PRINCIPLES OF ACCOUNTING 9The Purpose of Accounting 10The big picture 10Managers, investors, and entrepreneurs 10External creditors 11Government agencies 11Business form generation 12Reviewing the Common Financial Statements 12The income statement 13Balance sheet 16Statement of cash flows 19Other accounting statements 22Putting it all together 23The Philosophy of Accounting 25Revenue principle 25Expense principle 26Matching principle 26Cost principle 26Objectivity principle 27Continuity assumption 27Unit-of-measure assumption 27Separate-entity assumption 28A Few Words about Tax Accounting 28CHAPTER 2: DOUBLE-ENTRY BOOKKEEPING 29The Fiddle-Faddle Method of Accounting 30How Double-Entry Bookkeeping Works 33The accounting model 33Talking mechanics 35Almost a Real-Life Example 38Recording rent expense 39Recording wages expense 39Recording supplies expense 40Recording sales revenue 40Recording cost of goods sold 41Recording the payoff of accounts payable 41Recording the payoff of a loan 42Calculating account balance 42Using T-account analysis results 44A Few Words about How QuickBooks Works 46CHAPTER 3: SPECIAL ACCOUNTING PROBLEMS 49Working with Accounts Receivable 50Recording a sale 50Recording a payment 50Estimating bad-debt expense 51Removing uncollectible accounts receivable 52Recording Accounts Payable Transactions 53Recording a bill 54Paying a bill 54Taking some other accounts payable pointers 55Inventory Accounting 56Dealing with obsolete inventory 56Disposing of obsolete inventory 57Dealing with inventory shrinkage 58Accounting for Fixed Assets 60Purchasing a fixed asset 60Dealing with depreciation 60Disposing of a fixed asset 61Recognizing Liabilities 63Borrowing money 64Making a loan payment 64Accruing liabilities 65Closing Out Revenue and Expense Accounts 68The traditional close 68The QuickBooks close 70One More Thing 71BOOK 2: GETTING READY TO USE QUICKBOOKS 73CHAPTER 1: SETTING UP QUICKBOOKS 75Planning Your New QuickBooks System 75What accounting does 75What accounting systems do 76What QuickBooks does 76And now for the bad news 77Installing QuickBooks 78Dealing with the Presetup Jitters 79Preparing for setup 79Seeing what happens during setup 80Running the QuickBooks Setup Wizard 81Getting the big welcome 81Supplying company information 82Customizing QuickBooks 83Setting your start date 84Reviewing the suggested chart of accounts 86Adding your information to the company file 87Identifying the Starting Trial Balance 89A simple example to start 89A real-life example to finish 91CHAPTER 2: LOADING THE MASTER FILE LISTS 93Setting Up the Chart of Accounts List 94Setting Up the Item List 98Working with the Price Level List 99Using Sales Tax Codes 99Setting Up a Payroll Item List 100Setting Up Classes 101Setting Up a Customer List 103Setting Up the Vendor List 107Setting Up a Fixed Assets List 110Setting Up a Price Level List 112Setting Up a Billing Rate Level List 112Setting Up Your Employees 113Setting Up an Other Names List 113Setting Up the Profile Lists 113CHAPTER 3: FINE-TUNING QUICKBOOKS 115Accessing the Preferences Settings 116Setting the Accounting Preferences 117Using account numbers 118Setting general accounting options 119Setting the Bills Preferences 121Setting the Calendar Preferences 121Setting the Checking Preferences 121Changing the Desktop View 123Setting Finance Charge Calculation Rules 125Setting General Preferences 126Controlling Integrated Applications 128Controlling Inventory 129Controlling How Jobs and Estimates Work 130Dealing with Multiple Currencies 131Starting Integrated Payment Processing 132Controlling How Payroll Works 132Telling QuickBooks How Reminders Should Work 134Specifying Reports & Graphs Preferences 135Setting Sales & Customers Preferences 138Specifying How Sales Are Taxed 140Setting the Search Preferences 141Setting the Send Forms Preferences 141Fine-Tuning the Service Connection 142Controlling Spell Checking 143Controlling How 1099 Tax Reporting Works 144Setting Time & Expenses Preferences 145BOOK 3: BOOKKEEPING CHORES 147CHAPTER 1: INVOICING CUSTOMERS 149Choosing an Invoice Form 149Customizing an Invoice Form 150Choosing a template to customize 150Reviewing the Additional Customization options 150Moving on to Basic Customization 155Working with the Layout Designer tool 157Working with the web-based Forms Customization tool 160Invoicing a Customer 160Billing for Time 166Using a weekly time sheet 166Timing single activities 167Including billable time on an invoice 168Printing Invoices 170Emailing Invoices 171Recording Sales Receipts 172Recording Credit Memos 174Receiving Customer Payments 176Assessing Finance Charges 179Setting up finance-charge rules 179Calculating finance charges 180Using Odds and Ends on the Customers Menu 181CHAPTER 2: PAYING VENDORS 183Creating a Purchase Order 183Creating a real purchase order 184Using some purchase order tips and tricks 187Recording the Receipt of Items 187Simultaneously Recording the Receipt and the Bill 191Entering a Bill 192If you haven’t previously recorded an item receipt 192If you have previously recorded an item receipt 194Paying Bills 196Reviewing the Other Vendor Menu Commands 199Vendor Center 199Sales Tax menu commands 200Inventory Activities menu commands 201Print/E-file 1099s 201Item List 202CHAPTER 3: TRACKING INVENTORY AND ITEMS 203Looking at Your Item List 204Using the Item Code column 204Using the Item List window 205Using inventory reports 206Adding Items to the Item List 206Adding an item: Basic steps 207Adding a service item 208Adding an inventory part 209Adding a noninventory part 211Adding an other-charge item 212Adding a subtotal item 213Adding a group item 214Adding a discount item 215Adding a payment item 216Adding a sales tax item 217Setting up a sales tax group 217Adding custom fields to items 218Editing Items 220Adjusting physical counts and inventory values 220Adjusting prices and price levels 223Using the Change Item Prices command 223Using price levels 224Enabling advanced pricing 226Managing Inventory in a Manufacturing Firm 227Handling manufactured inventory the simple way 227Performing inventory accounting in QuickBooks 228Managing multiple inventory locations 231CHAPTER 4: MANAGING CASH AND BANK ACCOUNTS 233Writing Checks 234Recording and printing a check 234Customizing the check form 239Making Bank Deposits 241Transferring Money between Bank Accounts 244Working with the Register 245Recording register transactions 246Using Register window commands and buttons 249Using Edit Menu Commands 252Reconciling the Bank Account 256Reviewing the Other Banking Commands 260Order Checks & Envelopes command 260Enter Credit Card Charges command 260Bank Feeds command 261Loan Manager command 262Other Names list 262CHAPTER 5: PAYING EMPLOYEES 263Setting Up Basic Payroll 264Signing up for a payroll service 265Setting up employees 265Setting up year-to-date amounts 269Checking your payroll setup data 270Scheduling Payroll Runs 270Paying Employees 270Editing and Voiding Paychecks 272Paying Payroll Liabilities 273BOOK 4: ACCOUNTING CHORES 275CHAPTER 1: FOR ACCOUNTANTS ONLY 277Working with QuickBooks Journal Entries 277Recording a journal entry 278Reversing a journal entry 279Editing journal entries 280Updating Company Information 280Working with Memorized Transactions 280Reviewing the Accountant & Taxes Reports 281Creating an Accountant’s Copy of the QuickBooks Data File 283Using an accountant’s copy 288Reusing an accountant’s copy 288Exporting client changes 288Importing accountant’s changes 289Canceling accountant’s changes 290Troubleshooting accountant’s copy transfers 291Using the Client Data Review Commands 291CHAPTER 2: PREPARING FINANCIAL STATEMENTS AND REPORTS 293Some Wise Words Up Front 293Producing a Report 294Working with the Report Window 295Working with Report window buttons 295Using the Report window boxes 302Modifying a Report 304Using the Display tab 304Using the Filters tab 306Using the Header/Footer tab 308Formatting fonts and numbers 309Processing Multiple Reports 311A Few Words about Document Retention 312CHAPTER 3: PREPARING A BUDGET 315Reviewing Common Budgeting Tactics 315Top-line budgeting 316Zero-based budgeting 316Benchmarking 317Putting it all together 318Taking a Practical Approach to Budgeting 319Using the Set Up Budgets Window 319Creating a new budget 319Working with an existing budget 321Managing with a Budget 323Some Wrap-Up Comments on Budgeting 325CHAPTER 4: USING ACTIVITY-BASED COSTING 327Reviewing Traditional Overhead Allocation 328Understanding How ABC Works 330The ABC product-line income statement 330ABC in a small firm 334Implementing a Simple ABC System 335Seeing How QuickBooks Supports ABC 337Turning On Class Tracking 337Using Classes for ABC 338Setting up your classes 338Classifying revenue amounts 339Classifying expense amounts 339After-the-fact classifications 341Producing ABC reports 342CHAPTER 5: SETTING UP PROJECT AND JOB COSTING SYSTEMS 343Setting Up a QuickBooks Job 343Tracking Job or Project Costs 346Job Cost Reporting 350Using Job Estimates 350Progress Billing 352BOOK 5: FINANCIAL MANAGEMENT 355CHAPTER 1: RATIO ANALYSIS 357Some Caveats about Ratio Analysis 358Liquidity Ratios 359Current ratio 359Acid-test ratio 360Leverage Ratios 361Debt ratio 361Debt equity ratio 362Times interest earned ratio 363Fixed-charges coverage ratio 364Activity Ratios 365Inventory turnover ratio 366Days of inventory ratio 367Average collection period ratio 367Fixed-asset turnover ratio 368Total-assets turnover ratio 369Profitability Ratios 369Gross margin percentage 370Operating income/sales 370Profit margin percentage 371Return on assets 371Return on equity 372CHAPTER 2: ECONOMIC VALUE ADDED ANALYSIS 375Introducing the Logic of EVA 375Seeing EVA in Action 376An example of EVA 378Another example of EVA 378Reviewing Some Important Points about EVA 379Using EVA When Your Business Has Debt 381The first example of the modified EVA formula 381Another EVA with debt example 383Presenting Two Final Pointers 385And Now, a Word to My Critics 386CHAPTER 3: CAPITAL BUDGETING IN A NUTSHELL 389Introducing the Theory of Capital Budgeting 389The big thing is the return 390One little thing is maturity 390Another little thing is risk 391The bottom line 391Calculating the Rate of Return on Capital 392Calculating the investment amount 393Estimating the net cash flows 393Calculating the return 397Measuring Liquidity 402Thinking about Risk 402What Does All of This Have to Do with QuickBooks? 404BOOK 6: BUSINESS PLANS 405CHAPTER 1: PROFIT-VOLUME-COST ANALYSIS 407Seeing How Profit-Volume-Cost Analysis Works 408Calculating Break-Even Points 410Using Real QuickBooks Data for Profit-Volume-Cost Analysis 412Sales revenue 412Gross margin percentage 412Fixed costs 414Recognizing the Downside of the Profit-Volume-Cost Model 414Using the Profit-Volume-Cost Analysis Workbook 416Collecting your inputs 416Understanding the Break-Even Analysis Forecast 419Understanding the Profit-Volume Forecast 421Looking at the profit-volume-cost charts 422CHAPTER 2: CREATING A BUSINESS PLAN FORECAST 427Reviewing Financial Statements and Ratios 428Using the Business Plan Workbook 429Understanding the Workbook Calculations 436Forecasting inputs 437Balance Sheet 437Common Size Balance Sheet 445Income Statement 446Common Size Income Statement 450Cash Flow Statement 451Financial Ratios Table 457Customizing the Starter Workbook 463Changing the number of periods 463Performing ratio analysis on existing financial statements 463Calculating taxes for a current net loss before taxes 464Combining this workbook with other workbooks 464CHAPTER 3: WRITING A BUSINESS PLAN 465What the Term “Business Plan” Means 465A Few Words about Strategic Plans 466Cost strategies 466Differentiated products and services strategies 467Focus strategies 467Look, Ma: No Strategy 468Two comments about tactics 469Six final strategy pointers 469A White-Paper Business Plan 470A New-Venture Plan 473Is the new venture’s product or service feasible? 473Does the market want the product or service? 474Can the product or service be profitably sold? 475Is the return on the venture adequate for prospective investors? 475Can existing management run the business? 476Some final thoughts 477BOOK 7: CARE AND MAINTENANCE 479CHAPTER 1: ADMINISTERING QUICKBOOKS 481Keeping Your Data Confidential 481Using Windows security 482Using QuickBooks security 482Using QuickBooks in a Multiuser Environment 483Setting up additional QuickBooks users 484Changing user rights in Enterprise Solutions 490Changing user rights in QuickBooks Pro and Premier 491Using Audit Trails 493Enabling Simultaneous Multiuser Access 494Maintaining Good Accounting Controls 495CHAPTER 2: PROTECTING YOUR DATA 499Backing Up the QuickBooks Data File 499Backing-up basics 500What about online backup? 503Some backup tactics 504Restoring a QuickBooks Data File 505Condensing the QuickBooks Company Files 509Cleanup basics 510Some cleanup and archiving strategies 515CHAPTER 3: TROUBLESHOOTING 517Using the QuickBooks Help File and This Book 517Browsing Intuit’s Product-Support Website 519Checking Another Vendor’s Product-Support Website 521Tapping into Intuit’s Online and Expert Communities 521When All Else Fails 522BOOK 8: APPENDIXES 523APPENDIX A: A CRASH COURSE IN EXCEL 525Starting Excel 525Stopping Excel 526Explaining Excel’s Workbooks 526Putting Text, Numbers, and Formulas in Cells 527Writing Formulas 528Scrolling through Big Workbooks 529Copying and Cutting Cell Contents 530Copying cell contents 530Moving cell contents 531Moving and copying formulas 531Formatting Cell Contents 532Recognizing That Functions Are Simply Formulas 534Saving and Opening Workbooks 537Saving a workbook 537Opening a workbook 538Printing Excel Workbooks 539One Other Thing to Know 540APPENDIX B: GOVERNMENT WEB RESOURCES FOR BUSINESSES 541Bureau of Economic Analysis 541Finding information at the BEA website 542Downloading a BEA publication 542Uncompressing a BEA publication 543Using a BEA publication 544Bureau of Labor Statistics 544Finding information at the BLS website 545Using BLS information 545Census Bureau 548Finding information at the Census Bureau website 549Using the Census Bureau’s publications 550Using the Census Bureau search engine 550Using the Census Bureau Subjects index 551Securities and Exchange Commission 551Finding information through EDGAR 552Searching the EDGAR database 552Federal Reserve 553Finding information at the Federal Reserve website 554Using the Federal Reserve website’s information 555Government Publishing Office 555Information available at the GPO website 556Searching the GPO database 556Internal Revenue Service 557APPENDIX C: GLOSSARY OF ACCOUNTING AND FINANCIAL TERMS 559Index 589
JavaScript für Kids
Ganz nebenbei lernst du die Bestandteile von JavaScript kennen, so dass Bedingungen, Konstanten, Schleifen und Funktionen deinen Programmierer-Wortschatz im Nu erweitern. Dort, wo es nötig ist, wird auch HTML zur Unterstützung gerufen. Hans-Georg Schumann verrät dir viele Kniffe, um zum guten Programmierer zu werden: Hättest du zum Beispiel gedacht, dass Vererbung im Programm-Code eine Rolle spielt?
Die Kunst des Game Designs (3. Auflage)
Jeder kann die Grundlagen des Game Designs meistern - dazu bedarf es keines technischen Fachwissens. Dabei zeigt sich, dass die gleichen psychologischen Grundprinzipien, die für Brett-, Karten- und Sportspiele funktionieren, ebenso der Schlüssel für die Entwicklung qualitativ hochwertiger Videospiele sind.Mit dem Buch lernen Sie, wie Sie im Prozess der Spielekonzeption und -entwicklung vorgehen, um bessere Games zu kreieren. Jesse Schell zeigt, wie Sie Ihr Game durch eine strukturierte methodische Vorgehensweise Schritt für Schritt deutlich verbessern. Mehr als 100 gezielte Fragestellungen eröffnen Ihnen dabei neue Perspektiven auf Ihr Game, so dass Sie die Features finden, die es erfolgreich machen. Hierzu gehören z.B. Fragen wie: Welche Herausforderungen stellt mein Spiel an die Spieler? Fördert es den Wettbewerb unter den Spielern? Werden sie dazu motiviert, gewinnen zu wollen? So werden über hundert entscheidende Charakteristika für ein gut konzipiertes Spiel untersucht.
Inkscape (2. Auflage)
Die beliebte und kostenlose Alternative für die Arbeit mit Vektorgrafiken zur neuen Version Schritt für Schritt erklärt: Von der Installation und den richtigen Einstellungen bis hin zu fachmännischen Publikationen mit vielen praxisnahen Beispielen und kleinen Projekten zum Nachmachen. Inkscape ist der meistgenutzte Open-Source-Editor für Vektorgrafiken. Von der Inkscape-Gemeinschaft als freie Software entwickelt, lassen sich damit ebenso professionelle Grafiken erstellen wie mit kommerziellen Programmen. Sie können Ihrer Kreativität freien Lauf lassen und beispielsweise Visitenkarten, Logos oder Poster entwerfen. Dieses Handbuch führt Sie systematisch in die Software ein und erklärt alle wichtigen Funktionen. Sie lernen an praktischen Beispielen die umfangreichen Möglichkeiten und zahlreichen Werkzeuge von Inkscape kennen. Dabei hilft Ihnen der Autor mit zunächst einfachen Formen, das Prinzip hinter dem Programm zu verstehen, und führt Sie dann an die Arbeit mit Pfaden, Grafik- und Textobjekten heran. Wenn Sie die Grundlagen beherrschen, demonstriert Ihnen Winfried Seimert, wie Sie die gezeichneten Objekte durch Attribute anpassen und z.B. mit Farben, Füllmustern oder Transparenzen gestalten. Sie erfahren, wie Sie Objekte transformieren, klonen oder gruppieren können und lernen, auch kompliziertere Aufgaben zu meistern. So erhalten Sie – auch mithilfe der abschließenden Workshops – grundlegendes Wissen, das Sie zu weiteren Schritten und eigenständigem Arbeiten mit Inkscape bemächtigt.
Designing Digital Products for Kids
Childhood learning is now more screen-based than ever before, and app developers are flocking in droves to this lucrative and exciting market. The younger generation deserves the best, and growing up in a digital world has made them discerning and demanding customers. Creating a valuable user experience for a child is as complex and involved as when designing a typical app for an adult, if not more, and Designing Digital Products for Kids is here to be your guide.Author and designer Rubens Cantuni recognizes the societal importance of a high-quality and ethical app experience for children. There is room for significant improvement in this space, and Cantuni helps you optimize it. Designing Digital Products for Kids walks hopeful developers through digital product design—including research, concept, design, release, marketing, testing, analyzing, and iterating—all while aiming to build specifically for children.Industry experts and their real-world advice are showcased in this book, along with careful advice for the ethics that go along with this unique market. These tips include complex needs regarding mental development, accessibility, conscious screen time limits, and content sensitivity. Children, parents, and teachers alike are hungry for more thoughtful players in the kids’ app space, and Designing Digital Products for Kids is your ticket to successfully developing and educating for the future.WHAT YOU WILL LEARN* Design platforms specifically for children, to entertain and educate them* Work with a complex audience of parents, teachers and kids* Understand how different monetization strategies work in this industry and why WHO THIS BOOK IS FORUser experience designers, UI designers, product owners, teachers and educators, startup founders. The range of topics is so wide that anyone interested or involved in digital products could find something interesting to learn.RUBENS CANTUNI is an Italian digital product designer with 15 years of experience across two continents. Winner of an EMMY AWARD in the “Outstanding Interactive” category, a WEBBY AWARD nomination, and several PARENTS' CHOICE AWARDS and TEACHERS’ CHOICE AWARDS with his work on digital products for children. His experience spans from agencies to startups to big corporations, covering multiple design roles for a wide variety of clients in different industries. He also writes about design on Medium and Builtin.com and has past experience as a character designer and illustrator, freelancing for many companies worldwide.1. Why Design Apps for Kids?2. Before You Start, Know the Industry3. Know Your Target Audience4. Concept5. Gamification6. Safety Measures.7. Interaction Design8. UI Design9. User Testing with Kids10. Market Your Product11. Beyond the Screen12. Conclusion
Evaluation of Some SMS Verification Services and Virtual Credit Cards Services for Online Accounts Verifications
Today a lot of sites require SMS verification code for registration account. If you do not want to use your personal phone number to verify or activate account, use virtual phone number. Thus, there is no need for a SIM card in your mobile phone, only need access to the Internet. You can receive text messages via WEB interface or API. There are a lot of websites that offer temporary free, as well as private numbers from around the world to receive activation codes and SMS confirmations online.Their private numbers are intended for two types of SMS reception: disposable virtual numbers and numbers for rent. You can receive SMS online and use the numbers to sign up or verify for any services like Telegram, Facebook, Google, Gmail, WhatsApp, Viber, Line, WeChat, KakaoTalk etc.In the first part of the book I will mention the best websites that offer virtual phone numbers from around the world to receive activation codes and SMS confirmations online..The VCC is a short form of Virtual Credit Card that can be used for online verification, PayPal, EBay, Amazon and Google Adwords account verification. The second part of the book will guide you to how to obtain virtual debit/credit cards for sake of online accounts verification. There are bulk numbers of banks and debit/credit cards issuers that offer virtual or physical debit/credit card. But I will not go through any of them as I covered them in a book I published previously. I will only concentrate on some quick methods to obtain debit/credit cards for sake of online account verification. I will briefly talk about generating virtual debit/credit cards namso gold CC BIN generator for verification of some online services. Then I will talk about paypalvccs.com website that offers Virtual Visa Card for sake of online accounts verification. At the end I will mention how to get USA shipment address through Viabox.com website, and I will list some of the free VPN Services I commonly useThe book consists from the following parts:1. Some free websites that can be used to receive SMS online using numbers from some countries.2. Some paid (not free) websites that can be used to receive SMS online using numbers from some countries.3. Getting free phone number in US or Canada and Other Countries:4. Best websites that offer SMS verification, sending SMS and renting number services.5. Generating some virtual debit/credit cards through BIN Codes for verification of some online services.6. Paypalvccs.com website that offer Virtual Visa Card for sake of account verifications.7. Getting USA shipment address through Viabox.com.8. Some of the free VPN Services I commonly use.I am Dr. Hidaia Mahmoud Mohamed Alassouli. I completed my PhD degree in Electrical Engineering from Czech Technical University by February 2003, and my M. Sc. degree in Electrical Engineering from Bahrain University by June 1995. I completed also one study year of most important courses in telecommunication and computer engineering courses in Islamic university in Gaza. So, I covered most important subjects in Electrical Engineering, Computer Engineering and Telecommunications Engineering during my study. My nationality is Palestinian from gaza strip.I obtained a lot of certified courses in MCSE, SPSS, Cisco (CCNA), A+, Linux.I worked as Electrical, Telecommunicating and Computer Engineer in a lot of institutions. I worked also as a computer networking administrator. I had considerable undergraduate teaching experience in several types of courses in many universities. I handled teaching the most important subjects in Electrical and Telecommunication and Computer Engineering. I could publish a lot of papers a top-tier journals and conference proceedings, besides I published a lot of books in Publishing and Distribution houses.I wrote a lot of important Arabic articles on online news websites. I also have my own magazine website that I publish on it all my articles: http:// www.anticorruption.000space.comMy personal website: www.hidaia-alassouli.000space.comEmail: hidaia_alassouli@hotmail.com
Projektmanagement mit Excel
• Projekte planen und steuern mit Excel• Mit Praxisbeispiel, Schritt für Schritt aufgebaut• Termine, Kosten und Ressourcen im Griff• Nützliche VBA-Makros für Projektmanager• Business Intelligence-Berichte mit PowerQuery und Power BI DesktopProjekte planen, überwachen und steuern – das geht auch mit Excel in Microsoft 365. Ignatz Schels und Prof. Dr. Uwe M. Seidel sind erfahrene Projektmanager und Projektcontroller. Sie zeigen Ihnen, wie Sie das Kalkulationsprogramm von Microsoft für effizientes Projektmanagement nutzen können.Hier üben Sie an einem realen Projekt: Sie erstellen Checklisten, Projektstrukturen und Kostenpläne, überwachen Termine und Budgets und dokumentieren mit Infografiken und Diagrammen. Sie lernen mit den beiden Autoren die besten Funktionen und die wichtigsten Analysewerkzeuge von Excel kennen und programmieren Ihre ersten Makros mit der Makrosprache VBA. Projektmanagement mit Excel – probieren Sie es aus, es funktioniert!In der Neuauflage finden Sie praxisnahe Beispiele zu den BI-Tools PowerQuery, Power Pivot und Power BI sowie Tipps zu den aktuellsten Excel-Funktionen und -werkzeugen wie dynamische Arrays.Alle Beispiele, Tools und VBA-Makros stehen zum Download unter plus.hanser-fachbuch.de bereit. Ignatz Schels ist Technik-Informatiker, zertifizierter Projektfachmann (GPM / IPMA) und Excel-Experte derSpitzenklasse. Er programmiert Praxislösungen mit VBA und erstellt Access-Datenbanken. Viele seiner zahlreichen Fachbücher für Controller und Projektmanager sind Bestseller.Uwe M. Seidel ist Professor für Betriebswirtschaft an der OTH Regensburg und Berater für Unternehmen und öffentliche Institutionen in den Bereichen Rechnungswesen, Controlling und Projektmanagement. Außerdemist er freiberuflicher Trainer der Controller Akademie AG und leitet den AK Süd I des Internationalen Controllervereins ( ICV ).
Geschäftsrisiko Cyber-Security
Nicht erst seit Corona warnen Beobachter und Behörden vor einem zu erwartenden rasanten Anstieg von Cyberkriminalität im privaten sowie beruflichen Umfeld. Die Digitalisierung von Geschäftsmodellen, intensivere Vernetzung von Prozessen, Produkten und Geräten und die zuletzt stärkere Nutzung von Netzwerken und Geräten im Homeoffice sind die Treiber im Kampf für mehr IT-Sicherheit. Das essential wendet sich insbesondere an Geschäftsführer von kleinen und mittelständischen Unternehmen, für die der Aufbau einer wirksamen und nachhaltigen Cyber-Security mit hohem Aufwand verbunden ist. Das Buch ermöglicht ein grundlegendes Verständnis zu potenziellen Bedrohungen der Cyber-Security sowie den Auswirkungen und bietet einen Leitfaden für die Entwicklung eines resilienten Sicherheits-Ökosystems.
Learn Microservices with Spring Boot
Build Java-based microservices architecture using the Spring Boot framework by evolving an application from a small monolith to an event-driven architecture composed of several services. This revised book follows an incremental approach in teaching the structure of microservices, test-driven development, and common patterns in distributed systems such as service discovery, load balancing, routing, centralized logs, per-environment configuration, and containerization.This updated book now covers what's been added to the latest Spring Boot release, including support for the latest Java SE; more deep-dive knowledge on how Spring Boot works; testing with JUnit 5; changes in the Spring Cloud tools used for service discovery and load balancing; building Docker images using cloud-native buildpacks; a basic centralized logging solution; E2E traceability with Sleuth; centralized configuration with Consul; many dependency upgrades; support for Spring Data Neumann; and more.Author Moises Macero uses a pragmatic approach to explain the benefits of using this type of software architecture, instead of keeping you distracted with theoretical concepts. He covers some of the state-of-the-art techniques in computer programming, from a practical point of view. You’ll focus on what's important, starting with the minimum viable product but keeping the flexibility to evolve it.WHAT YOU WILL LEARN* Build microservices with Spring Boot* Discover architecture patterns for distributed systems such as asynchronous processing, eventual consistency, resilience, scalability, and more* Use event-driven architecture and messaging with RabbitMQ* Master service discovery with Consul and load balancing with Spring Cloud Load Balancer* Route requests with Spring Cloud Gateway* Keep flexible configurations per environment with Spring Cloud Consul* Trace every request from beginning to end with Sleuth and centralized logging* Deploy your microservices anywhere as Docker containers* Start all the components in the microservice architecture with Docker ComposeWHO THIS BOOK IS FORThose with at least some prior experience with Java programming. Some prior exposure to Spring Boot recommended but not required.MOISÉS MACERO GARCÍA has been a software developer since he was a kid, when he started playing around with BASIC on his ZX Spectrum. During his career, Moisés has most often worked in development and architecture for small and large projects, and for his own startups as well. He enjoys making software problems simple, and he likes working in teams where he can not only coach others, but also learn from them.Moisés is the author of the blog thepracticaldeveloper.com, where he shares solutions for technical challenges, guides, and his view on different ways of working in IT companies. He also organizes workshops for companies that need a practical approach to software engineering. In his free time, he enjoys traveling and hiking.* Introduction* Core concepts* A basic Spring Boot app* A minimal frontend with React* The data layer* Starting with Microservices* Event-Driven Architecture* Cloud native patterns* End-to-End tests with Cucumber
Pro Google Kubernetes Engine
Discover methodologies and best practices for getting started with Google Kubernetes Engine (GKE). This book helps you understand how GKE provides a fully managed environment to deploy and operate containerized applications on Google Cloud infrastructure.You will see how Kubernetes makes it easier for users to manage clusters and the container ecosystem. And you will get detailed guidance on deploying and managing applications, handling administration of container clusters, managing policies, and monitoring cluster resources. You will learn how to operate the GKE environment through the GUI-based Google Cloud console and the "gcloud" command line interface.The book starts with an introduction to GKE and associated services. The authors provide hands-on examples to set up Container Registry and GKE Cluster, and you will follow through an application deployment on GKE. Later chapters focus on securing your GCP GKE environment, GKE monitoring and dashboarding, and CI/CD automation. All of the code presented in the book is provided in the form of scripts, which allow you to try out the examples and extend them in interesting ways.WHAT YOU WILL LEARN* Understand the main container services in GCP (Google Container Registry, Google Kubernetes Engine, Kubernetes Engine, Management Services)* Perform hands-on steps to deploy, secure, scale, monitor, and automate your containerized environment* Deploy a sample microservices application on GKE* Deploy monitoring for your GKE environment* Use DevOps automation in the CI/CD pipeline and integrate it with GKEWHO THIS BOOK IS FORArchitects, developers, and DevOps engineers who want to learn Google Kubernetes EngineNAVIN SABHARWAL has more than 20 years of industry experience and is an innovator, thought leader, patent holder, and author in the areas of cloud computing, artificial intelligence and machine learning, public cloud, DevOps, AIOPS, infrastructure services, monitoring and management platforms, big data analytics, and software product development. He works at HCL Technologies and is responsible for DevOps, artificial intelligence, cloud life cycle management, service management, monitoring and management, IT Ops Analytics, AIOPs and machine learning, automation, operational efficiency of scaled delivery through Lean Ops, strategy, and delivery.PIYUSH PANDEY has more than 10 years of industry experience. He is currently working at HCL Technologies as Automation Architect, delivering solutions catering to hybrid cloud using cloud-native and third-party solutions. The automation solutions cover use cases such as Enterprise Observability, Infra as Code, Server Automation, Runbook Automation, Cloud Management Platform, Cloud Native Automation, and Dashboard/Visibility. He is responsible for designing end-to-end solutions and architecture for enterprise automation adoption. Ch01 - Getting Started with Containers on Google GKE• Introduction to Docker• Sign up for Google Cloud• Setting up environment for Google GKE• Support services for ContainersCh02-Container Image Management with Google Container Registry• Introduction to Google Container Registry• Setting up Google Container Registry• Push Docker image to Google container registryCh03 - Deploy Containerized applications with Google GKE• Setup Google GKE• Create, manage and scale GKE Cluster• Deploy Containers on GKE• Deleting a ClusterCh04-Secure your Containerized Environment• Protect your Containers and Container host on GKE• Protect your code and deploymentsCh05- Scale GKE Containerized environment• Autoscaling a Cluster• Vertical autoscaling a pod• Cluster upgrade and resizingCh06- Monitor your Containerized environment• Monitoring approaches for GKE• Using Stackdriver for GKE Monitoring• Using Prometheus for GKE MonitoringCh07- Automate your Containerized environment• Using Infra as Code solution for Automation• Continuous integration and delivery Automation
Python Testing with Selenium
Implement different testing techniques using Selenium WebDriver with the Python programming language. This quick reference provides simple functional test cases with a syntax-based approach for Selenium WebDriver.You’ll begin by reviewing the basics of Selenium WebDriver and its architectural design history and then move on to the configuration and installation of Selenium library for different web browsers, including the basic commands needed to start test scripts in various browsers. You’ll review action commands of keyboard and mouse for testing user interactions in a web page and see how hyperlinks are tested.The book also examines various web elements using eight different locators provided by Selenium to help you choose the one best suited to your needs. All Python scripts are ready to test real examples, all of which are explained thoroughly with problem statements. You’ll use different Python design patterns to automate test scripts that can be incorporated with Selenium.In the end, Python Testing with Selenium will provide you with the expertise to write your own test cases in future.WHAT YOU’LL LEARN* Install and configure Selenium WebDriver with Python for different web-browsers * Review basic commands of Selenium* Locate web elements * Work with UI based web elements* Assert web elements and handle exceptions* Write test scripts in Page Object Model * Write test cases with Unittest framework WHO THIS BOOK IS FORPython developers/testers who want to test their web applicationsSujay Raghavendra works mainly in the field of data science, machine/deep learning, and artificial intelligence and is currently Executive Director of Raghavendra Training & Consultancy (RTC), a start up company based in Dharwad, Karnataka, India. RTC was co-founded with his brother Sumedh Raghavendra in 2014.He also plans and evaluates new technological projects for research and product development to various companies at RTC. Some of his projects include analyzing pap smear filter for microscopic medical images, thermal heat sensing in hospitals, ocr for handwritten characters, satellite image analysis, network automation for maps, forecasting model, text analytics & predictions, etc.Raghavendra has been a consultant for helping and building research centers for technical universities and colleges and his recent interest includes automating testing cases using machine learning. He has published numerous research articles in international journals and was part of a reviewer committee in various journals and conferences.PYTHON TESTING WITH SELENIUMChapter 1: Introduction to SeleniumChapter 2: Getting StartedChapter 3: Mouse & Keyboard ActionsChapter 4: Web ElementsChapter 5: NavigationChapter 6: Buttons, Checkbox & Select ListChapter 7: Frames and Text BoxesChapter 8: AssertionsChapter 9: Exception HandlingChapter 10: WaitsChapter 11: Page ObjectsChapter 12: Using Test Cases with a Screenshot
Erfolgreicher Online-Handel für Dummies
Erfolgreicher Online-Handel: ein Fachbuch aus der bekannten "... für Dummies"-Reihe. Als ePub im heise Shop erhältlich.Sie möchten Produkte über das Internet verkaufen? Dann sollten Sie Ihre Online-Strategie sorgfältig planen. Dieses Buch verschafft Ihnen einen guten Überblick über die gängigen Verkaufs- und Marketingkanäle. Vom eigenen Shop über Amazon und andere Marktplätze bis hin zu Social Media. Damit erleichtert Ihnen das Buch die Auswahl der richtigen Kanäle. Gleichzeitig verrät es Ihnen wichtige Tipps, Tricks und Tools, um auf den jeweiligen Kanälen erfolgreich zu sein. Profitieren Sie vom Praxiswissen zweier sehr erfahrener Autoren!►►► Für dieses ePub E-Book hat der herausgebende Verlag Wiley einen DRM-Schutz verfügt. Wie Sie E-Books mit DRM-Schutz öffnen können, erfahren Sie in unseren heise Shop-FAQ.Über die Autoren:GIL LANG ist ein gefragter Speaker und E-Commerce-Experte. Viel Herzblut steckt er in seine Direct-to-Consumer-Health-Marke InnoNature.STEFFEN OTTEN hat sich nach seiner Zeit als Unternehmensberater auf den Onlinehandel spezialisiert. Steffen ist Gründer der Sportmarke runamics.Zum Inhalt: Einführung: 27 Teil I E-Commerce – das Ökosystem verstehen: 33 Teil II Vertriebskanäle: 63 Teil III Marketing-Kanäle: 89 Teil IV Hybride Kanäle: 227 Teil V Strategie und Controlling: 263 Teil VI Operatives Geschäft – schlauer verkaufen: 291 Teil VII Die Zukunft des E-Commerce: 345 Teil VIII Der Top-Ten-Teil: 357 Leseprobe (PDF-Link)Inhaltsverzeichnis (PDF-Link)Index (PDF-Link)