Allgemein
Java 17 Quick Syntax Reference
Quickly gain the insight necessary to address a multitude of Java coding challenges using this succinct reference guide, Java 17 Quick Syntax Reference, Third Edition. Short, focused code examples will help you learn and master various existing and new Java source code elements.This edition includes the following additions to Java SE and OpenJDK, through Java 17: Pattern matching for switch and instanceof, Sealed classes and interfaces, Switch expressions, Text block multiline strings, Java module system, Private methods in interfaces, and Type inference for local variables.You won’t find any technical jargon, bloated samples, drawn out history lessons or witty stories in this book. What you will find is a language reference that is concise, to the point and highly accessible. The book is packed with useful information and is a must-have for any Java programmer.WHAT YOU WILL LEARN* Run a Java file with a single command* * Learn what a switch expression is and how to use it* Use pattern matching* Code with Java modules* Create text blocks to handle multiline strings* Learn what sealed classes are and how to use these and moreWHO THIS BOOK IS FORThose with prior experience with Java who want a quick and handy reference. Mikael Olsson is a professional web entrepreneur, programmer, and author. He works for an R&D company in Finland where he specializes in software development. In his spare time he writes books and creates websites that summarize various fields of interest. The books he writes are focused on teaching their subject in the most efficient way possible, by explaining only what is relevant and practical without any unnecessary repetition or theory. 1. HelloWorld2. Compile and Run3. Variables4. Operators5. String6. Arrays7. Conditionals8. Loops9. Methods10. Class11. Stack12. Inheritance13. Overriding14. Packages15. Access Levels16. Constants17. Interface18. Abstract19. Enum20. Exception Handling21. Boxing and Unboxing22. Generics23. Modules
Go for Java Programmers
Get an in-depth introduction to the Go programming language and its associated standard runtime libraries. This book is targeted towards programmers that already know the Java programming language and uses that Java knowledge to direct the learning of Go. You will get a deep understanding of the Go language and obtain a good introduction to the extensive Go standard libraries.This book teaches Go through clear descriptions of Go features, contrasting them with similar Java features and via providing extensive code examples. After reading this book you will be knowledgeable enough about Go and its libraries to begin doing effective programming using the Go language.Go for Java Programmers is structured more like a tutorial than a reference document. It covers key features of Go, but not every little detail as a reference might. Its goal is to get you competent enough in Go and its runtime that you can begin to effectively write Go programs.WHAT YOU WILL LEARN* Examine the key Go Runtime libraries and how they compare to Java libraries* See when it is appropriate to use the Go language instead of the Java language* Read and understand programs written in Go* Write many programs in Go* Determine when Go is an appropriate language to develop applications in* Discover how the Go and Java languages and development experience compare and contrastWHO THIS BOOK IS FORPrimarily existing professional Java programmers or students that already know something about Java. A basic understanding of Java is expected. Some basic programming experience with imperative languages is expected.BARRY FEIGENBAUM has decades of software engineering experience. Over his career, he has worked for major industry-leading companies such as IBM and Amazon, and is currently at Dell where he is a Senior Principal Software Engineer. He has worked on mainframe and midrange servers and many applications for personal computers. He has developed software products in many key industry languages, such as assemblers for multiple hardware architectures, C/C++/C#, Python, JavaScript, Java and now Go. He has extensive experience in the full software development lifecycle. Most recently, he has committed himself to leading teams developing mission-critical microservices, most often written in Go, that operate in large clustered environments.He led the early development of the LAN support inside Microsoft Windows (he defined the SMB protocol that is the basis for both the CIFS and the SAMBA technologies). He has served as a software tester, developer and designer as well as a development team lead, architect and manger on multiple occasions. He was a key contributor as a developer, architect and manager to several releases of PC-DOS and OS/2. In these roles, he worked extensively with Microsoft on joint requirements, design, and implementation.Dr. Feigenbaum has a Ph. D. in Computer Engineering with a concentration in OO software design and other degrees in Electrical Engineering. He has published multiple articles in technical magazines and juried journals. He coauthored several books on IBM PC-DOS. He has spoken at numerous technical conferences, such as JavaOne. He has served on industry standard bodies. He taught multiple college level courses on data structures, software engineering and distributed software as an adjunct professor at several universities. He has over twenty issued US patents.He is married, has one son, and lives in Austin, TX.Part I: First look at GoChapter 1: A Brief Look at Go vs. JavaChapter 2: What Java has that Go does notChapter 3: A Deeper Comparison of Go and JavaPart 2: The Go LanguageChapter 4: Key Go AspectsChapter 5: Go Basic FeaturesChapter 6: Go TypesChapter 7: Errors and PanicsChapter 8: Go StatementsChapter 9: Applications for interfacesChapter 10: Go Unit Tests and BenchmarksChapter 11: Going into the FuturePart 3: Go Library SurveyChapter 12: Key Packages ComparisonChapter 13: Key Method/Function ComparisonChapter 14: Go Package SurveyChapter 15: SQL Database AccessChapter 16: Client and Server SupportChapter 17: Go RuntimeAppendix A. Installing GoAppendix B: Some Go FAQsAppendix C: Go Gotchas to look out forAppendix D: Mark-Sweep Pseudo-codeAppendix E: ASCII vs. UTF-8
Beginning Apache Spark 3
Take a journey toward discovering, learning, and using Apache Spark 3.0. In this book, you will gain expertise on the powerful and efficient distributed data processing engine inside of Apache Spark; its user-friendly, comprehensive, and flexible programming model for processing data in batch and streaming; and the scalable machine learning algorithms and practical utilities to build machine learning applications.Beginning Apache Spark 3 begins by explaining different ways of interacting with Apache Spark, such as Spark Concepts and Architecture, and Spark Unified Stack. Next, it offers an overview of Spark SQL before moving on to its advanced features. It covers tips and techniques for dealing with performance issues, followed by an overview of the structured streaming processing engine. It concludes with a demonstration of how to develop machine learning applications using Spark MLlib and how to manage the machine learning development lifecycle. This book is packed with practical examples and code snippets to help you master concepts and features immediately after they are covered in each section.After reading this book, you will have the knowledge required to build your own big data pipelines, applications, and machine learning applications.WHAT YOU WILL LEARN* Master the Spark unified data analytics engine and its various components* Work in tandem to provide a scalable, fault tolerant and performant data processing engine* Leverage the user-friendly and flexible programming model to perform simple to complex data analytics using dataframe and Spark SQL* Develop machine learning applications using Spark MLlib* Manage the machine learning development lifecycle using MLflowWHO THIS BOOK IS FORData scientists, data engineers and software developers.HIEN LUU has extensive experience in designing and building big data applications and machine learning infrastructure. He is particularly passionate about the intersection between big data and machine learning. Hien enjoys working with open source software and has contributed to Apache Pig and Azkaban. Teaching is also one of his passions, and he serves as an instructor at the UCSC Silicon Valley Extension school teaching Apache Spark. He has given presentations at various conferences such as Data+AI Summit, MLOps World, QCon SF, QCon London, Hadoop Summit, and JavaOne.Chapter 1: Introduction to Apache SparkChapter Goal: Provide an overview of Apache SparkNo of pages 15Sub -Topics1. Overview & history2. Spark concepts & architecture3. Spark Unified Stack4. Apache Spark applicationsChapter 2: Working with Apache SparkChapter Goal: Provide details about different ways of interacting with Apache SparkNo of pages: 35Sub - Topics1. Downloading and Installing Apache Spark2. Exploring Apache Spark using Spark shells3. Exploring Apache Spark using Databricks4. Exploring Apache Spark source codeChapter 3: Spark SQL - FoundationChapter Goal: Provide an overview to Spark SQL componentNo of pages: 60Sub - Topics1. Overview & architecture2. Introduction to DataFrames Structured APIs3. Reading & writing data with Spark SQL data sources4. Introduction to datasetsChapter 4: Spark SQL - AdvanceChapter Goal: Go over the advanced features in Spark SQLNo of pages : 50Sub - Topics:1. Working with aggregations2. Joining data3. Working with analytics functions4. Explore Spark SQL catalyst optimizerChapter 5: Optimizing Apache Spark ApplicationsChapter Goal: Go over tips and techniques for dealing with performance issuesNo of pages: 30Sub - Topics:1. Common performance issues2. Speed up performance by leveraging in-memory computation3. Understand the different support joins in Spark4. Leverage Spark UI to diagnose performance issueChapter 6: Structured Streaming - FoundationChapter Goal: Overview of Structured Streaming processing engineNo of pages: 50Sub - Topics:1. General streaming processing concepts2. Structured Streaming programming model3. Working with streaming data sources and sinks4. Understanding output modes and triggersChapter 7: Structured Streaming - AdvancedChapter Goal: Cover complex issues in streaming processingNo of pages: 40Sub - Topics:1. Streaming processing with event time2. Stateful streaming processing3. Handling duplicate data4. Monitoring streaming processing applicationsChapter 8: Machine Learning with Apache SparkChapter Goal: How to developing Machine Learning applications using Spark MLlibNo of pages: 60Sub - Topics:1. Machine learning overview2. Taking a tour of supported machine learning algorithms3. Building machine learning pipelines4. Machine learning tasks in action5. Parameters tuningChapter 9: Machine Learning Application Development w/ MLflowChapter Goal: Using MLflow to manage the Machine Learning development lifecycleNo of pages: 25Sub - Topics:1. Overview of MLflow2. Tracking machine learning development experiments3. Managing & deploying machine learning models4. Leveraging Spark for batch modeling predictions
Corporate Cybersecurity
CORPORATE CYBERSECURITYAN INSIDER’S GUIDE SHOWING COMPANIES HOW TO SPOT AND REMEDY VULNERABILITIES IN THEIR SECURITY PROGRAMSA bug bounty program is offered by organizations for people to receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. Corporate Cybersecurity gives cyber and application security engineers (who may have little or no experience with a bounty program) a hands-on guide for creating or managing an effective bug bounty program. Written by a cyber security expert, the book is filled with the information, guidelines, and tools that engineers can adopt to sharpen their skills and become knowledgeable in researching, configuring, and managing bug bounty programs. This book addresses the technical aspect of tooling and managing a bug bounty program and discusses common issues that engineers may run into on a daily basis. The author includes information on the often-overlooked communication and follow-through approaches of effective management. Corporate Cybersecurity provides a much-needed resource on how companies identify and solve weaknesses in their security program. This important book:* Contains a much-needed guide aimed at cyber and application security engineers * Presents a unique defensive guide for understanding and resolving security vulnerabilities * Encourages research, configuring, and managing programs from the corporate perspective * Topics covered include bug bounty overview; program set-up; vulnerability reports and disclosure; development and application Security Collaboration; understanding safe harbor and SLAWritten for professionals working in the application and cyber security arena, Corporate Cybersecurity offers a comprehensive resource for building and maintaining an effective bug bounty program. JOHN JACKSON is a Cyber Security Professional, Hacker, and the founder of the Hacking Group: Sakura Samurai. He is skilled in the art of configuring, managing, and utilizing Application Security Tools and programs, and an effective leader in the Cyber Security space. His unique perspective as both an Engineer and a Security Researcher provides hands-on experience towards configuring programs in a way that both organizations and researchers can benefit.Foreword xiiiAcknowledgments xvPART 1 BUG BOUNTY OVERVIEW 11 THE EVOLUTION OF BUG BOUNTY PROGRAMS 31.1 Making History 31.2 Conservative Blockers 41.3 Increased Threat Actor Activity 41.4 Security Researcher Scams 51.5 Applications Are a Small Consideration 51.6 Enormous Budgetary Requirements 51.7 Other Security Tooling as a Priority 61.8 Vulnerability Disclosure Programs vs Bug Bounty Programs 61.8.1 Vulnerability Disclosure Programs 61.8.2 Bug Bounty Programs 71.9 Program Managers 71.10 The Law 71.11 Redefining Security Research 81.12 Taking Action 81.12.1 Get to Know Security Researchers 91.12.2 Fair and Just Resolution 91.12.3 Managing Disclosure 91.12.4 Corrections 91.12.5 Specific Community Involvement 9PART 2 EVALUATING PROGRAMS 112 ASSESSING CURRENT VULNERABILITY MANAGEMENT PROCESSES 132.1 Who Runs a Bug Bounty Program? 132.2 Determining Security Posture 132.3 Management 142.3.1 Software Engineering Teams 142.3.2 Security Departments (Security Operations, Fraud Prevention, Governance/Risk/Compliance, Edge Controls, Vulnerability Management, Endpoint Detection, and Response) 142.3.3 Infrastructure Teams 142.3.4 Legal Department 142.3.5 Communications Team 142.4 Important Questions 152.5 Software Engineering 152.5.1 Which Processes Are in Place for Secure Coding? Do the Software Engineers Understand the Importance of Mitigating the Risks Associated with Vulnerable Code? 152.5.2 How Effective Are Current Communication Processes? Will Vulnerabilities Be Quickly Resolved If Brought to Their Attention? 152.5.3 Is the Breadth of Our Enterprise’s Web and Mobile Applications Immense? Which Processes Are Engineers Using for Development in the Software Development Lifecycle? 162.6 Security Departments 162.6.1 How Does Security Operations Manage Incidents? Will Employee Assistance Be Provided from the Security Operations Team If a Threat Actor Manages to Exploit an Application Vulnerability? Which Tools Do They Have in Place? 162.6.2 What Does the Fraud Prevention Team Do to Prevent Malicious Activities? How Many Occurrences Do They See of Issues such as Account Takeover, and Could They Potentially Create Application Vulnerabilities? 162.6.3 Are There Any Compliance Practices in Place and, If So, How Do They Affect the Vulnerability Management Process? What Does the Application Security Team Have to Do to Assist in Enterprise Compliance? 172.6.4 What Edge Tooling is in Place to Prevent Attacks? Are Any of the Enterprise Applications at Risk of Being Exploited due to an IoT (Internet of Things) Device? 172.6.5 How Often Does Our Vulnerability Management Team Push for Updates? How Does the Vulnerability Management Team Ensure Servers in which Enterprise Applications Reside Are Secure? 172.7 Infrastructure Teams 172.7.1 What Are Infrastructure Teams Doing to Ensure Best Security Practices Are Enabled? How Long Will It Take the Infrastructure Team to Resolve a Serious Issue When a Server-side Web Application is Exploited, or During a Subdomain Takeover Vulnerability? 172.7.2 Is There Effective Communication between Infrastructure, Vulnerability Management, Security Operations, and Endpoint Detection and Response? 182.8 Legal Department 182.8.1 How Well Refined is the Relationship between the Application Security Team and the Legal Department? 182.8.2 What Criteria Are/Will Be Set Out for the Escalation of Issues? 182.8.3 Does the Legal Department Understand the Necessity of Bug Bounty Program Management? 182.9 Communications Team 182.9.1 Has the Communications Team Dealt with Security Researchers Before? is the Importance Understood? 182.9.2 Was the Communications Team Informed of Bug Bounty Program Expectations? 192.10 Engineers 192.11 Program Readiness 193 EVALUATING PROGRAM OPERATIONS 213.1 One Size Does Not Fit All 213.2 Realistic Program Scenarios 213.3 Ad Hoc Program 223.4 Note 243.5 Applied Knowledge 243.5.1 Applied Knowledge #1 243.5.1.1 Private Programs 253.5.2 Applied Knowledge #2 253.5.2.1 Public Programs 253.5.3 Applied Knowledge #3 263.5.3.1 Hybrid Models 263.6 Crowdsourced Platforms 273.7 Platform Pricing and Services 283.8 Managed Services 283.9 Opting Out of Managed Services 293.10 On-demand Penetration Tests 29PART 3 PROGRAM SETUP 314 DEFINING PROGRAM SCOPE AND BOUNTIES 334.1 What is a Bounty? 334.2 Understanding Scope 334.3 How to Create Scope 344.3.1 Models 344.4 Understanding Wildcards 344.4.1 Subdomain 354.4.2 Domain 354.4.3 Specific Domain Path or Specific Subdomain Path 354.5 Determining Asset Allocation 364.6 Asset Risk 374.7 Understanding Out of Scope 374.8 Vulnerability Types 384.8.1 Denial of Service (DOS) or Distributed Denial of Service (DDoS) Attacks 384.8.2 Social Engineering Attacks 384.8.3 Brute Force or Rate Limiting 384.8.4 Account and Email Enumeration 384.8.5 Self-XSS 394.8.6 Clickjacking 394.8.7 Miscellaneous 394.9 When is an Asset Really Out of Scope? 394.10 The House Wins – Or Does It? 404.11 Fair Judgment on Bounties 424.12 Post-mortem 434.13 Awareness and Reputational Damage 434.14 Putting It All Together 444.15 Bug Bounty Payments 444.15.1 Determining Payments 454.15.2 Bonus Payments 464.15.3 Nonmonetary Rewards 465 UNDERSTANDING SAFE HARBOR AND SERVICE LEVEL AGREEMENTS 495.1 What is “Safe Harbor”? 495.1.1 The Reality of Safe Harbor 495.1.2 Fear and Reluctance 495.1.3 Writing Safe Harbor Agreements 505.1.4 Example Safe Harbor Agreement 505.2 Retaliation against a Rogue Researcher (Cybercriminal or Threat/Bad Actor) 515.3 Service Level Agreements (SLAs) 525.3.1 Resolution Times 535.3.2 Triage Times 536 PROGRAM CONFIGURATION 556.1 Understanding Options 556.2 Bugcrowd 556.2.1 Creating the Program 556.2.2 Program Overview 616.2.2.1 The Program Dashboard 616.2.2.2 The Crowd Control Navbar 63Summary 63Submissions 63Researchers 64Rewards 65Insights Dashboard 65Reports 666.2.3 Advanced Program Configuration and Modification 666.2.3.1 Program Brief 666.2.3.2 Scope and Rewards 676.2.3.3 Integrations 726.2.3.4 Announcements 736.2.3.5 Manage Team 746.2.3.6 Submissions 756.2.4 Profile Settings 766.2.4.1 The Profile and Account 786.2.4.2 Security 786.2.4.3 Notification Settings 796.2.4.4 API Credentials 806.2.5 Enterprise “Profile” Settings 816.2.5.1 Management and Configuration 816.2.5.2 Organization Details 816.2.5.3 Team Members 816.2.5.4 Targets 816.2.5.5 Authentication 816.2.5.6 Domains 826.2.5.7 Accounting 836.3 HackerOne 846.3.1 Program Settings 856.3.1.1 General 856.3.1.2 Information 866.3.1.3 Product Edition 866.3.1.4 Authentication 876.3.1.5 Verified Domains 886.3.1.6 Credential Management 896.3.1.7 Group Management 896.3.1.8 User Management 906.3.1.9 Audit Log 916.3.2 Billing 926.3.2.1 Overview 926.3.2.2 Credit Card 926.3.2.3 Prepayment 926.3.3 Program 936.3.3.1 Policy 936.3.3.2 Scope 936.3.3.3 Submit Report Form 956.3.3.4 Response Targets 966.3.3.5 Metrics Display 976.3.3.6 Email Notifications 976.3.3.7 Inbox Views 986.3.3.8 Disclosure 986.3.3.9 Custom Fields 986.3.3.10 Invitations 996.3.3.11 Submission 1006.3.3.12 Message Hackers 1016.3.3.13 Email Forwarding 1026.3.3.14 Embedded Submission Form 1026.3.3.15 Bounties 1036.3.3.16 Swag 1036.3.3.17 Common Responses 1046.3.3.18 Triggers 1066.3.3.19 Integrations 1076.3.3.20 API 1076.3.3.21 Hackbot 1076.3.3.22 Export Reports 1086.3.3.23 Profile Settings 1086.3.4 Inbox 1086.3.4.1 Report Details 1096.3.4.2 Timeline 1096.4 Summary 110PART 4 VULNERABILITY REPORTS AND DISCLOSURE 1117 TRIAGE AND BUG MANAGEMENT 1137.1 Understanding Triage 1137.1.1 Validation 1137.1.2 Lessons Learned 1157.1.3 Vulnerability Mishaps 1157.1.4 Managed Services 1157.1.5 Self-service 1167.2 Bug Management 1167.2.1 Vulnerability Priority 1167.2.2 Vulnerability Examples 1177.2.2.1 Reflected XSS on a login portal 117Report and Triage 117Validation 1177.2.2.2 Open redirect vulnerability 117Report and Triage 117Validation 1187.2.2.3 Leaked internal Structured Query Language (SQL) server credentials 118Report and Triage 118Validation 1187.3 Answers 1187.3.1 Vulnerability Rating-test Summary 1197.3.1.1 Reflected XSS in a login portal 1187.3.1.2 Open redirect vulnerability 1187.3.1.3 Leaked internal SQL server credentials 1187.3.2 Complexity vs Rating 1197.3.3 Projected Ratings 1207.3.4 Ticketing and Internal SLA 1207.3.4.1 Creating Tickets 1208 VULNERABILITY DISCLOSURE INFORMATION 1238.1 Understanding Public Disclosure 1238.1.1 Making the Decision 1238.1.1.1 Private Programs 123The Bottom Line 1248.1.1.2 Public Programs 125The Bottom Line 1268.2 CVE Responsibility 1268.2.1 What are CVEs? 1268.2.2 Program Manager Responsibilities 1268.2.3 Hardware CVEs 1268.2.4 Software and Product CVEs 1288.2.5 Third-party CVEs 1288.3 Submission Options 1308.3.1 In-house Submissions 1308.3.2 Program Managed Submissions and Hands-off Submissions 1308.3.2.1 Program Managed Submissions 1308.3.2.2 Hands-off Submissions 131PART 5 INTERNAL AND EXTERNAL COMMUNICATION 1339 DEVELOPMENT AND APPLICATION SECURITY COLLABORATION 1359.1 Key Role Differences 1359.1.1 Application Security Engineer 1359.1.2 Development 1359.2 Facing a Ticking Clock 1369.3 Meaningful Vulnerability Reporting 1369.4 Communicating Expectations 1379.5 Pushback, Escalations, and Exceptions 1389.5.1 Internal steps 1389.5.2 External steps 1399.5.2 Escalations 1399.5.3 Summary 1409.6 Continuous Accountability 1419.6.1 Tracking 1419.6.2 Missed Deadlines 14110 HACKER AND PROGRAM INTERACTION ESSENTIALS 14310.1 Understanding the Hacker 14310.1.1 Money, Ethics, or Both? 14310.1.2 Case Study Analysis 14510.2 Invalidating False Positives 14510.2.1 Intake Process and Breaking the News 14510.2.2 Dealing with a Toxic Hacker 14710.3 Managed Program Considerations 14710.4 In-house Programs 14810.5 Blackmail or Possible Threat Actor 15110.6 Public Threats or Disclosure 15110.7 Program Warning Messages 15310.8 Threat Actor or Security Researcher? 15310.9 Messaging Researchers 15510.9.1 Security Researcher Interviews 15510.9.2 Bug Bounty Program Manager Interviews 15910.10 Summary 164PART 6 ASSESSMENTS AND EXPANSIONS 16511 INTERNAL ASSESSMENTS 16711.1 Introduction to Internal Assessments 16711.2 Proactive Vs Reactive Testing 16711.3 Passive Assessments 16811.3.1 Shodan 16811.3.1.1 Using Shodan 16811.3.2 Amass/crt.sh 17111.3.2.1 Amass 17211.3.2.2 crt.sh 17311.4 Active Assessments 17311.4.1 nmapAutomator.sh 17311.4.2 Sn1per 17511.4.3 Owasp Zap 17511.4.4 Dalfox 17711.4.5 Dirsearch 17911.5 Passive/Active Summary 18011.6 Additional Considerations: Professional Testing and Third-Party Risk 18012 EXPANDING SCOPE 18112.1 Communicating with the Team 18112.2 Costs of Expansion 18212.3 When to Expand Scope 18212.4 Alternatives to Scope Expansion 18312.5 Managing Expansion 18313 PUBLIC RELEASE 18513.1 Understanding the Public Program 18513.2 The “Right” Time 18513.3 Recommended Release 18613.3.1 Requirements 18613.4 Rolling Backwards 18613.5 Summary 187Index 189
Data Science anwenden
Dieses Buch bietet einen Einstieg in das Thema Data Science auf Basis der visuellen Aufbereitung von Daten. Es hat ethische Betrachtungen in der digitalen Transformation zum Gegenstand und stellt ein Prozessrahmenwerk für die Bewertung von Technologien vor. Außerdem erläutert es Besonderheiten und Erkenntnisse zum Scheitern von Data-Science-Projekten und stellt Empfehlungssysteme unter Berücksichtigung aktueller Entwicklungen vor. Funktionalität zu Machine Learning in Werkzeugen zu Business Analytics wird verglichen und der Einsatz eines Vorgehensmodells für Data Science aufgezeigt.Die Integration erneuerbarer Energien am Beispiel von Photovoltaikanlagen, ein effizienterer Umgang mit Wärmeenergie, wissenschaftliche Literaturauswertung, Kundenzufriedenheit in der Automobilindustrie und ein Framework für die Analyse von Fahrzeugdaten dienen als Anwendungsbeispiele für den konkreten Einsatz von Data Science. Das Buch bietet wichtige Informationen, die für Praktiker ebenso relevant sind wie für Studierende und Lehrende.PROF. DR. THOMAS BARTON ist Professor an der Hochschule Worms. Seine Schwerpunkte liegen in den Bereichen Entwicklung betrieblicher Anwendungen, E-Business, Cloud Computing und Data Science.PROF. DR. CHRISTIAN MÜLLER ist Professor an der Technischen Hochschule Wildau. Seine Schwerpunkte liegen in den Bereichen Operations Research, Simulation von Geschäftsprozessen und Internet-Technologien.Einleitung - Einführung in Data Science - Systeme, Werkzeuge und Methoden - Anwendungen
Artificial Neural Networks with Java
Develop neural network applications using the Java environment. After learning the rules involved in neural network processing, this second edition shows you how to manually process your first neural network example. The book covers the internals of front and back propagation and helps you understand the main principles of neural network processing. You also will learn how to prepare the data to be used in neural network development and you will be able to suggest various techniques of data preparation for many unconventional tasks.This book discusses the practical aspects of using Java for neural network processing. You will know how to use the Encog Java framework for processing large-scale neural network applications. Also covered is the use of neural networks for approximation of non-continuous functions. In addition to using neural networks for regression, this second edition shows you how to use neural networks for computer vision. It focuses on image recognition such as the classification of handwritten digits, input data preparation and conversion, and building the conversion program. And you will learn about topics related to the classification of handwritten digits such as network architecture, program code, programming logic, and execution.The step-by-step approach taken in the book includes plenty of examples, diagrams, and screenshots to help you grasp the concepts quickly and easily.WHAT YOU WILL LEARN* Use Java for the development of neural network applications* Prepare data for many different tasks* Carry out some unusual neural network processing* Use a neural network to process non-continuous functions* Develop a program that recognizes handwritten digitsWHO THIS BOOK IS FORIntermediate machine learning and deep learning developers who are interested in switching to JavaIGOR LIVSHIN is a senior specialist at Dev Technologies Corp, specializing in developing neural network applications. He worked previously as a senior J2EE architect at two large insurance companies: Continental Insurance and Blue Cross & Blue Shield of Illinois, developing large-scale enterprise applications. Igor published his first book, WebSphere Studio Application Developer 5.0 (Apress), in 2003. He has a master’s degree in computer science from the Institute of Technology in Odessa, Russia/Ukraine.Part One. Getting Started with Neural NetworksChapter 1. Learning Neural NetworkChapter Goal: This chapter introduces you with the Artificial Intelligence Neural NetworksSub-TopicsBiological and artificial neuronsActivation functionsSummaryChapter 2. Internal Mechanism of Neural Network ProcessingChapter Goal: The chapter explores the inner machinery of neural network processingSub-TopicsFunction to be approximatedNetwork architectureForward pass calculationsBack-propagation pass calculationsFunction derivative and function divergentTable of most commonly used function derivativesSummaryChapter 3. Manual Neural Network ProcessingChapter Goal: Manual neural network processingSub-TopicsExample 1. Manual approximation of a function at a single pointBuilding the neural networkForward pass calculationBackward pass calculationCalculating weight adjustments for the output layer neuronsCalculating weight adjustments for the hidden layer neuronsUpdating network biasesBack to the forward passMatrix form of network calculationDigging deeperMini-batches and stochastic gradientSummaryPart Two. Neural Network Java Development EnvironmentChapter 4. Configuring Your Development EnvironmentChapter Goal: Explain how to download and install a set of tools necessary for building, debugging, testing, and executing neural network applications.Sub-TopicsInstalling Java 8 environment on your Windows machineInstalling NetBeans IDEInstalling Encog Java frameworkInstalling XChart PackageSummaryChapter 5. Neural Network Development Using Java EncogFrameworkChapter Goal: Using Java Encog framework.Sub-TopicsExample 2. Function approximation using Java environmentNetwork architectureNormalizing the input datasetsBuilding the Java program that normalizes both datasetsProgram codeDebugging and executing the program Processing results for the training methodTesting the networkTesting resultsDigging deeperSummaryChapter 6. Neural Network Prediction Outside of the Training RangeChapter Goal: Neural network is not a function extrapolation mechanism.Sub-TopicsExample 3a. Approximating periodic functions outside of the training rangeNetwork architecture for example 3aProgram code for example 3aTesting the networkExample 3b. Correct way of approximating periodic functions outside of the training rangePreparing the training dataNetwork architecture for the example 3bProgram code for example 3bTraining results for example 3bTesting results for example 3bSummaryChapter 7. Processing Complex Periodic FunctionsChapter Goal: Approximation of the complex periodic functionSub-TopicsExample 4. Approximation of a complex periodic functionData preparationReflecting function topology in dataNetwork architectureProgram codeTesting the networkDigging deeperSummaryChapter 8. Approximating Non-Continuous FunctionsChapter Goal: This chapter introduced the micro-batch method that is able to approximate any non-continuous function with high precision results.Sub-TopicsExample 5. Approximating non-continuous functionsApproximating non-continuous function using conventional network process . . . . . . .Network architectureProgram codeCode fragments for the training processUnsatisfactory training resultsApproximating the non-continuous function using micro-bach methodProgram code for micro-batch processingProgram Code for the getChart() methodCode fragment 1 of the training methodCode fragment 2 of the training methodTraining results for micro-batch methodTest processing logicTesting results for micro-batch methodDigging deeperSummaryChapter 9. Approximation Continuous Functions with Complex TopologyChapter Goal: Neural network has problem approximating continuous functions with complex topology. It is very difficult to obtain a good quality approximation for such functions. This chapter showed that the micro-batch method is able to approximate such functions with high precision results.Sub-TopicsExample 5a. Approximation of continuous function with complex topologyNetwork architecture for example 5aProgram code for example 5aTraining processing results for example 5aApproximation of continuous function with complex topology using micro-batch methodProgram code for example 5a using micro-batch methodExample 5b. Approximation of spiral-like functionsNetwork architecture for example 5bProgram Code for example 5bApproximation of the same functions using micro-batch methodSummaryChapter 10. Using Neural Network for Classification of ObjectsChapter Goal: Show how to use neural networks for classification of objectsSub-TopicsExample 6. Classification of recordsTraining datasetNetwork architecture Testing datasetProgram code for data normalizationProgram code for classificationTraining resultsTesting resultsSummaryChapter 11. Importance of Selecting the Correct ModelChapter Goal: Explained the importance of selecting a correct working modelSub-TopicsExample 7. Predicting next month stock market priceData preparationIncluding function topology in the datasetBuilding micro-batch filesNetwork architectureProgram codeTraining processTraining resultsTesting processTest processing logicTesting resultsAnalyzing testing results SummaryChapter 12. Approximation of Functions in 3-D SpaceChapter Goal: Using neuron network for approximation of functions in 3-D space.Sub-TopicsExample 8. Approximation of functions in 3-D spaceData preparation Network architectureProgram codeProcessing resultsSummaryPart Three. Introduction to Computer VisionChapter 13. Image RecognitionChapter Goal: introduction to the computer vision - the branch of Artificial IntelligenceSub-TopicsClassification of handwritten digitsInput data preparationInput data conversionBuilding the conversion programSummaryChapter 14. Classification of Handwritten DigitsChapter Goal: Developed a program able to recognize (classify) handwritten digitsSub-TopicsNetwork architectureProgram codeProgramming logicExecutionSummary
Is AI Good for the Planet?
Artificial intelligence (AI) is presented as a solution to the greatest challenges of our time, from global pandemics and chronic diseases to cybersecurity threats and the climate crisis. But AI also contributes to the climate crisis by running on technology that depletes scarce resources and by relying on data centres that demand excessive energy use.Is AI Good for the Planet? brings the climate crisis to the centre of debates around AI, exposing its environmental costs and forcing us to reconsider our understanding of the technology. It reveals why we should no longer ignore the environmental problems generated by AI. Embracing a green agenda for AI that puts the climate crisis at centre stage is our urgent priority.Engaging and passionately written, this book is essential reading for scholars and students of AI, environmental studies, politics, and media studies and for anyone interested in the connections between technology and the environment.BENEDETTA BREVINi is a journalist and Associate Professor in the Department of Media and Communications at the University of Sydney.AcknowledgementsIntroductionChapter One: Defining AI: beyond the HypeChapter Two: Controlling AI: understanding data capitalismChapter Three: Why AI worsens the Climate CrisisConclusion: AI and the Climate Crisis: what we can do about itNotesReferencesIndex
Web Data APIs for Knowledge Graphs
THIS BOOK DESCRIBES A SET OF METHODS, ARCHITECTURES, AND TOOLS TO EXTEND THE DATA PIPELINE AT THE DISPOSAL OF DEVELOPERS WHEN THEY NEED TO PUBLISH AND CONSUME DATA FROM KNOWLEDGE GRAPHS (GRAPH-STRUCTURED KNOWLEDGE BASES THAT DESCRIBE THE ENTITIES AND RELATIONS WITHIN A DOMAIN IN A SEMANTICALLY MEANINGFUL WAY) USING SPARQL, WEB APIS, AND JSON. To do so, it focuses on the paradigmatic cases of two middleware software packages, grlc and SPARQL Transformer, which automatically build and run SPARQL-based REST APIs and allow the specification of JSON schema results, respectively.The authors highlight the underlying principles behind these technologies—query management, declarative languages, new levels of indirection, abstraction layers, and separation of concerns—, explain their practical usage, and describe their penetration in research projects and industry.The book, therefore, serves a double purpose: to provide a sound and technical description of tools and methods at the disposal of publishers and developers to quickly deploy and consume Web Data APIs on top of Knowledge Graphs; and to propose an extensible and heterogeneous Knowledge Graph access infrastructure that accommodates a growing ecosystem of querying paradigms.* Foreword by Tobias Kuhn* Preface* Acknowledgments* Knowledge Graphs of Linked Data* Accessing Knowledge Graphs Programmatically* Shaping JSON Results: SPARQL Transformer* Applications* Conclusion and Future Challenges* Bibliography* Authors' Biographies
Spring Boot with React and AWS
Create and deploy full-stack Spring Boot applications with React and AWS. This practical and authoritative guide teaches you the fundamentals of Amazon Web Services with no prior experience.You will start by learning the fundamentals of AWS, including EC2, S3, IAM, and load balancer. Next, you will learn to deploy a Spring Boot REST API to AWS with Elastic Beanstalk, which will give you the ability to build and deploy a Spring Boot application. You will explore the RDS relational database and create an instance of a MySQL database in AWS with RDS.You will then deploy a Spring Boot application to MySQL in AWS and deploy a full-stack Spring Boot React application to AWS using Elastic Beanstalk and S3. Lastly, you will be introduced to ELB, CloudWatch, and Route 53. By the end of this book you will understand full-stack Spring Boot React applications and their deployment. If you prefer "learning by coding" then Spring Boot with React and AWS is the book for you.WHAT YOU'LL LEARN* Review the fundamentals of Amazon Web Services* Install a Spring Boot REST API with CRUD operation to AWS using AWS Elastic Beanstalk* Deploy a full-stack Spring Boot React application to AWS using AWS Elastic Beanstalk and S3* Work with MySQL as a database in AWS using RDS* Use Spring Boot with React and AWSWHO THIS BOOK IS FORIdeal for readers who have some programming experience with Java, Spring Boot, and React, and who now want to deploy a full-stack Spring Boot React application to AWS using AWS Elastic Beanstalk and S3.Ravi Kant Soni is a Principal Full Stack Engineer with 11+ years of IT experience and is an AWS Certified Solutions Architect. Ravi has worn many hats throughout his tenure, ranging from software development, software design, systems architecture, application programming, and automation testing. Ravi has a Bachelor’s degree in Information Science and Engineering from Reva University, Bangalore; and schooling from Bal Vikash Vidyalaya, Sasaram, and Bihar (India). He is the author of Full Stack AngularJS for Java Developers (Apress, 2018), Spring: Developing Java Applications for the Enterprise (Packt, 2017), and Learning Spring Application Development (Packt, 2015). He is also an Esteemed Member of the BOS (Board of Studies) – School of Computing and IT, at Reva University, Bangalore.Namrata Soni is a self-taught web application developer who has been a Web Application Developer since the early years of 2018, with a passion for beautiful and interactive UIs. She has a degree in Computer Science from SISTEC, Bhopal; and schooling from Bal Vikash Vidyalaya, Sasaram, and Bihar (India). She loves clean and well-tested code. She is a big fan of open-source and always tries to learn something new. Currently, she is working with React and NodeJS, crafting modern JavaScript applications.Chapter 1: An Introduction to Amazon Web ServicesCHAPTER GOAL: An Introduction of Amazon Web Service (AWS). And, then we will be creating a Free AWS Account for Developer. We explore AWS Elastic Beanstalk and will create a server. Then, we create HelloWorld JSP application. We will build a WAR file with Maven and upload WAR to AWS Elastic Beanstalk.NO OF PAGES 35SUB -TOPICS1. Introduction to Amazon Web Service2. Create a Free AWS Account for Developer3. Explore and Create an AWS Elastic Beanstalk Server4. Create HelloWorld JSP App, Build WAR with Maven, and Upload WAR to Elastic Beanstalk5. SummaryChapter 2: Deploying Spring Boot Application as REST API in AWSCHAPTER GOAL: Creation of Java Spring Boot Application as REST API with Swagger in Local. And, then we test REST API in Local. We build jar for Spring Boot Application and deploy JAR in AWS Elastic Beanstalk. Then, we will explore AWS environment logs of Spring Boot Application.NO OF PAGES: 35SUB - TOPICS1. Create a Spring Boot Application as REST API with Swagger in Local2. Test Spring Boot Application as REST API in Local3. Build jar for Spring Boot Application as REST API4. Deploy Spring Boot Application as REST API in AWS Elastic Beanstalk5. Explore Logs from AWS Beanstalk6. SummaryChapter 3: Deploying MySQL as Database in AWS with RDSCHAPTER GOAL: In this chapter, we introduce Relational Database Service in AWS with RDS. Then, we create an Instance of MySQL Database in AWS, and configure Database. We create tables inside MySQL DatabaseNO OF PAGES : 25Sub - Topics:1. Overview of MySQL Relational Database Service in AWS with RDS2. Create an Instance of RDS Database in AWS3. Configure Database4. Create tables inside Database5. SummaryChapter 4: Deploying Spring Boot Application Talking to MySQL in AWSCHAPTER GOAL: An overview of CRUD operation in Spring Boot Application. We create RDS profile for Spring Boot Application talking to MySQL. We setup Spring Boot Application to connect to RDS relational Database. We deploy WAR to AWS Elastic Beanstalk and test AWS deployment of Spring Boot application to perform CRUD operation. And, we explore AWS environment logs of Spring Boot Application.NO OF PAGES: 40SUB - TOPICS:1. An Overview of CRUD operation in Spring Boot Application2. Create RDS profile for Spring Boot Application3. Code Review of Spring Boot Application talking to MySQL4. Setting up Spring Boot Application to connect to RDS Database5. Deploy Spring Boot CRUD Application WAR to AWS Elastic Beanstalk6. Testing Spring Boot Application AWS Deployment7. Exploring Environment logs of Spring Boot Application in AWS8. SummaryChapter 5: Deploying Full Stack Spring Boot React Application in AWS and S3CHAPTER GOAL: Explore Full Stack Spring Boot React Application. We develop and Run React as Frontend application in local. First we deploy Spring Boot REST API as Backend application to AWS Elastic Beanstalk. Then we build React Code as Frontend application for AWS deployment. Also, we introduce S3 as Simple Storage Service in AWS.NO OF PAGES: 35SUB - TOPICS:1. Explore Full Stack Spring Boot React Application2. Develop and Run React as Frontend Application in Local3. Deploy Spring Boot REST API as Backend Application to AWS Elastic Beanstalk4. Build React Code as Frontend Application for AWS Deployment5. Introduction to S3 – Simple Storage Service in AWS6. Deploy React Frontend to AWS S3 – Hosting Static Website7. SummaryAppendix A: Installing MySQL Workbench on WindowsNO OF PAGES: 10Appendix B: AWS Command Line Interface CLICHAPTER GOAL:NO OF PAGES: 10
Pro Data Visualization Using R and JavaScript
Use R 4, RStudio, Tidyverse, and Shiny to interrogate and analyze your data, and then use the D3 JavaScript library to format and display that data in an elegant, informative, and interactive way. You will learn how to gather data effectively, and also how to understand the philosophy and implementation of each type of chart, so as to be able to represent the results visually.With the popularity of the R language, the art and practice of creating data visualizations is no longer the preserve of mathematicians, statisticians, or cartographers. As technology leaders, we can gather metrics around what we do and use data visualizations to communicate that information. Pro Data Visualization Using R and JavaScript combines the power of the R language with the simplicity and familiarity of JavaScript to display clear and informative data visualizations.Gathering and analyzing empirical data is the key to truly understanding anything. We can track operational metrics to quantify the health of our products in production. We can track quality metrics of our projects, and even use our data to identify bad code. Visualizing this data allows anyone to read our analysis and easily get a deep understanding of the story the data tells. This book makes the R language approachable, and promotes the idea of data gathering and analysis mostly using web interfaces.WHAT YOU WILL LEARN* Carry out data visualization using R and JavaScript* Use RStudio for data visualization * Harness Tidyverse data pipelinesApply D3 and R Notebooks towards your data * Work with the R Plumber API generator, Shiny, and moreWHO THIS BOOK IS FORProgrammers and data scientists/analysts who have some prior experience with R and JavaScript.Tom Barker is an engineer, a professor and an author. Currently he is Sr Manager of Web Development at Comcast, and an instructor at Philadelphia University. He has authored several books on web development including Pro JavaScript Performance: Monitoring and Visualization, and Pro Data Visualization with JavaScript and R.Matthew Campbell has worked on data visualization and dashboards with a data science team using RStudio. He got his start with technology after college when he learned SAS to do statistical programming at the Educational Testing Service (ETS). Learning this programming language kicked off a lifelong obsession with technology.1. Exploring Data Visualization2. RStudio3. Tidyverse Data Pipelines4. Data Visualization with D35. Comparing Groups with Bar Charts6. Correlation Analysis with Scatter Plots7. Datetime Trend Data with Line Charts8. Visual Presentations with D3 and R Notebooks9. Interactive Dashboards with D3 and Shiny10. Visualization on the Web with D3 and R Plumber API Generator
Practical Svelte
Learn to leverage the power of Svelte to produce web applications that are efficient and fast. This project-oriented book simplifies creating sites using Svelte from start to finish, with little more than a text editor and familiar languages such as HTML, CSS, and JavaScript. It equips you with a starting toolset that you can use to develop future projects, incorporate into your existing workflow, and allow you to take your websites to the next level.Practical Svelte is an excellent resource for getting acquainted with creating and manipulating websites or online applications using a component framework approach. It takes the view that we don’t have to create something complex and unwieldy. We can build something quickly, using less code than some of its competitors, and extend it using the power of the API and plugins over time, without sacrificing speed or features.You will learn how to use the Svelte framework to rapidly create and deploy websites or online applications that are performant, with the minimum of fuss and using existing tools already available in the browser, get up to speed with individual features of the Svelte framework, and work through a series of small projects that will combine to produce a finished site at the end of the book – this to help consolidate skills from day one and create something that you can use as a basis for future projects.WHAT YOU WILL LEARN* Understand why Svelte’s popularity makes it the go-to framework for constructing applications* Learn how to scaffold and implement web sites or online applications using Svelte* Create reusable components using Svelte that are interoperable with other frameworks and can solve real-world problems* Perform automated testing and deployment using tools such as CI/CD testing * Work through some mini projects from start to finish, understanding what we can achieve using Svelte and where we may need to bring other tools into playWHO THIS BOOK IS FORWebsite developers who are already familiar with JavaScript, CSS, and HTML and are keen to learn how to leverage the Svelte component framework to quickly create web sites or online applications with little more than a text editor. It’s perfect for development teams who do not want to follow the mold and use a credible alternative to React or Angular.Alex Libby is a frontend engineer and seasoned computer book author who hails from England. His passion for all things Open Source dates back to the days of his degree studies, where he first came across web development and has been hooked ever since. His daily work involves extensive use of React, NodeJS, JavaScript, HTML, and CSS; Alex enjoys tinkering with different open source libraries to see how they work. He has spent a stint maintaining the jQuery Tools library and enjoys writing about Open Source technologies, principally for front end UI development.INTRODUCTION (2 PAGES)CHAPTER 1: GETTING STARTED – 20 PAGES1. Setting up our development environment – Git, Git repository, Svelte, editor, etc2. Exploring the basic principles of using Svelte – a primer only: enough to give beginners something to work on3. Setting up the starting site for the book4. Reviewing the changes made5. Setting the background for this bookCHAPTER 2: CREATING COMPONENTS – 30 PAGES1. Understanding the makeup of components2. Creating some examples3. Publishing examples4. X5. Adding functionality to the frontend demoCHAPTER 3: MANAGING STATE AND DATA – 30 PAGES1. Passing and setting values in code2. Exploring the world of props3. Creating and maintaining Svelte stores4. X5. Adding functionality to the frontend demoCHAPTER 4: CONTROLLING LOGIC – 30 PAGES1. Creating if-else conditions2. Working through some examples3. X4. X5. Adding functionality to the frontend demoCHAPTER 5: MANAGING EVENTS – 35 PAGES1. The theory of reactivity – updating the DOM2. Different event types – which to choose?3. X4. X5. Adding functionality to the frontend demoCHAPTER 6: BINDING ELEMENTS – 30 PAGES1. Creating forms in Svelte2. Binding and managing events3. Catering for different form elements4. Managing context5. Adding functionality to the frontend demoCHAPTER 7: ADDING STYLES – 20 PAGES1. Understanding styling in Svelte2. Inlining or external?3. Taking it further – using a style preprocessor4. Applying themes – using a plugin or manually5. Adding functionality to the frontend demoCHAPTER 8: UNIT TESTING AND SVELTE – 30 PAGES1. Deciding our strategy2. Setting up testing environment3. Creating example tests4. Assessing the outcome5. Applying principles to our projectCHAPTER 9: DEPLOYING SVELTE – 30 PAGES1. Debugging Svelte2. Understanding the deployment process3. Setting up the hosting provider4. Deploying content to production5. Bonus – applying a domain nameCHAPTER 10: WORKING WITH EXTERNAL LIBRARIES – 30 PAGES1. Exploring example libraries2. Working client-side v. server-side – watch out!3. Adding Stripe to our frontend site project4. Reviewing the changes made5. What about React?CHAPTER 11: ANIMATING SVELTE – 30 PAGES1. Auditing the site – how could we use animation?2. A quick review of types of animation options3. Working through some examples4. Creating custom animations5. Using Svelte libraries6. Applying animation to our frontend projectCHAPTER 12: ADAPTING FOR SAPPER – 20 PAGES1. Introducing Sapper2. Setting up a Sapper site3. Exploring the structure of a Sapper site4. Migrating our frontend project to SapperAPPENDIX: API REFERENCE (15 PAGES) – ITS INCLUSION TO BE CONFIRMEDThis section will cover guidance on where to seek help when using Svelte if needed and how to debug Svelte
Java Programmieren für Einsteiger
Wie Sie als Einsteiger praxisnah und einfach Java programmieren lernen!- inkl. kostenfreien Zugang zur E-Book Version (PDF) –Egal ob für Ihr Studium, Ihren Beruf, bessere Jobmöglichkeiten und Karrierechancen, oder Ihr Hobby: Mithilfe dieses Buches werden Sie auch ohne Vorkenntnisse alle wichtigen Programmiergrundlagen Schritt für Schritt erlernen und Ihr Wissen in Java vertiefen. Somit erschaffen Sie sich ein solides Fundament und sammeln erste wichtige Erfahrungen für die Praxis, um im Anschluss Ihre eigenen Programme, Anwendungen, Apps und Spiele mit Java programmieren zu können.Da die Programmiersprache Java sich bereits seit langer Zeit als eine zentrale Programmiersprache etabliert hat, werden damit Smartphone-Apps für Android, Computerprogramme und Spiele programmiert. Somit lernen Sie mit diesem Buch eine sehr beliebte Allrounder-Sprache, die Ihnen viele Möglichkeiten liefert und dabei trotzdem relativ leicht zu erlernen ist.Von Datenstrukturen, mathematischen und logischen Operatoren über Kontrollstrukturen, Textverarbeitung bis hin zur rekursiven und objektorientierten Programmierung erwartet Sie alles Notwendige in diesem Buch, damit Sie erfolgreich programmieren lernen und Ihre eigenen Anwendungen mit Java schreiben können!Im Detail erwarten Sie folgende Inhalte:-Schritt für Schritt Anleitungen, damit Sie direkt mit dem Programmieren starten können-alle Grundlagen, damit Sie auch ohne Vorerfahrung erfolgreich programmieren lernen-objektorientierte Programmierung mit Java, damit Sie eigene Anwendungen schreiben können-Exception Handling, damit Sie Fehlerquellen schnell erkennen und so reibungslos programmieren können-Übungen nach jedem Kapitel, damit Sie Ihr Wissen optimal für die Praxis vorbereiten können-zahlreiche Beispiele, Tipps und Tricks, damit Ihnen programmieren noch einfacher fälltIch freue mich darauf, mich mit Ihnen gemeinsam auf die spannende Reise in die Programmierwelt mit Java zu begeben und wünsche Ihnen viel Spaß und Erfolg beim Programmieren lernen!Simon Flaig Neben exzellenten Leistungen im Programmieren im Schulunterricht, eignete sich Simon Flaig in seiner Freizeit selbstständig verschiedene Programmierkenntnisse an. Nach einem sehr guten Abschluss seines Informatikstudiums, konnte Simon reichlich praktische Erfahrung im Bereich der Softwareentwicklung in etablierten Unternehmen im In- und Ausland sammeln. Nun vermittelt Simon sein Know-How im Bereich der Programmierung mithilfe seiner praxisnahen Lehrbücher.
Snowflake Security
This book is your complete guide to Snowflake security, covering account security, authentication, data access control, logging and monitoring, and more. It will help you make sure that you are using the security controls in a right way, are on top of access control, and making the most of the security features in Snowflake.Snowflake is the fastest growing cloud data warehouse in the world, and having the right methodology to protect the data is important both to data engineers and security teams. It allows for faster data enablement for organizations, as well as reducing security risks, meeting compliance requirements, and solving data privacy challenges.There are currently tens of thousands of people who are either data engineers/data ops in Snowflake-using organizations, or security people in such organizations. This book provides guidance when you want to apply certain capabilities, such as data masking, row-level security, column-level security, tackling role hierarchy, building monitoring dashboards, etc., to your organizations.WHAT YOU WILL LEARN* Implement security best practices for Snowflake* Set up user provisioning, MFA, OAuth, and SSO* Set up a Snowflake security model* Design roles architecture* Use advanced access control such as row-based security and dynamic masking* Audit and monitor your Snowflake Data CloudWHO THIS BOOK IS FORData engineers, data privacy professionals, and security teams either with security knowledge (preferably some data security knowledge) or with data engineering knowledge; in other words, either “Snowflake people” or “data people” who want to get security right, or “security people” who want to make sure that Snowflake gets handled right in terms of securityBEN HERZBERG is an experienced hacker and developer with years of experience in endpoint security, behavioral analytics, application security, and data security. His professional experience in development, research, and security includes roles such as the CTO of Cynet and leading the threat research group at Imperva. Ben is now the Chief Scientist for Satori, streamlining data access and security with DataSecOps. Ben also loves to write, speak at conferences, travel, and meet new people.YOAV COHEN is the Co-Founder and Chief Technology Officer of Satori Cyber. At Satori, Yoav is building the company’s technology vision and leading the research and engineering teams. Before founding Satori Cyber, Yoav was the Senior Vice President of Product Development for Imperva, which he joined as part of the acquisition of Incapsula, a cloud-based web applications security and acceleration company, where he was the Vice President of Engineering. Before joining Incapsula, Yoav held several technology leadership positions at SAP. When he isn’t glued to his laptop or on a whiteboard, Yoav can be found traveling with his wife and four kids in an RV, playing electric guitar, or doing laps at the pool. He is still dreaming about building his own operating system. Yoav holds an MSc in computer science from Tel-Aviv University and a BSc in computer science and biology from Tel-Aviv University.CHAPTER 1. INTRODUCTION TO SNOWFLAKEWhat’s happening to dataWhere Snowflake fits inBuilding your first Snowflake Data WarehouseCHAPTER 2. ACCOUNT SECURITYSecurity Best Practices for SnowflakePrivate Link ConnectionCHAPTER 3. AUTHENTICATIONAuthentication in Snowflake overviewSetting Up MFASetting Up OAuthSetting Up SSOConnecting through a 3rd party SSOConnecting through a custom OAuth Authentication ServiceNetwork Access ControlManaging Roles Through SCIMCHAPTER 4. DATA ACCESS CONTROLIntroduction to Data Access ControlsSnowflake Security ModelDesigning roles architectureCustom Data Access ControlColumn Based Access ControlUsing AbstractionUsing Dynamic MaskingRow Based Access ControlUsing AbstractionUsing Row Based PoliciesCustom Access ControlCHAPTER 5. LOGGING & MONITORINGIntroductionSnowflake MetadataAccount Usage vs Information SchemaMain Views for SecurityLimitationsSnowAlertBuilding a Custom Security DashboardSetting Things UpDashboardIncident ResponseCHAPTER 6. EPILOGUERecapWhat’s Coming Up
Computation in BioInformatics
COMPUTATION IN BIOINFORMATICS1 BIOINFOMATICS AS A TOOL IN DRUG DESIGNING 1Rene Barbie Browne, Shiny C. Thomas and Jayanti Datta Roy1.1 Introduction 11.2 Steps Involved in Drug Designing 31.2.1 Identification of the Target Protein/Enzyme 51.2.2 Detection of Molecular Site (Active Site) in the Target Protein 61.2.3 Molecular Modeling 61.2.4 Virtual Screening 91.2.5 Molecular Docking 101.2.6 QSAR (Quantitative Structure-Activity Relationship) 121.2.7 Pharmacophore Modeling 141.2.8 Solubility of Molecule 141.2.9 Molecular Dynamic Simulation 141.2.10 ADME Prediction 151.3 Various Softwares Used in the Steps of Drug Designing 161.4 Applications 181.5 Conclusion 20References 202 NEW STRATEGIES IN DRUG DISCOVERY 25Vivek Chavda, Yogita Thalkari and Swati Marwadi2.1 Introduction 262.2 Road Toward Advancement 272.3 Methodology 302.3.1 Target Identification 302.3.2 Docking-Based Virtual Screening 322.3.3 Conformation Sampling 332.3.4 Scoring Function 342.3.5 Molecular Similarity Methods 352.3.6 Virtual Library Construction 372.3.7 Sequence-Based Drug Design 372.4 Role of OMICS Technology 382.5 High-Throughput Screening and Its Tools 402.6 Chemoinformatic 442.6.1 Exploratory Data Analysis 452.6.2 Example Discovery 462.6.3 Pattern Explanation 462.6.4 New Technologies 462.7 Concluding Remarks and Future Prospects 46References 483 ROLE OF BIOINFORMATICS IN EARLY DRUG DISCOVERY: AN OVERVIEW AND PERSPECTIVE 49Shasank S. Swain and Tahziba Hussain3.1 Introduction 503.2 Bioinformatics and Drug Discovery 513.2.1 Structure-Based Drug Design (SBDD) 523.2.2 Ligand-Based Drug Design (LBDD) 533.3 Bioinformatics Tools in Early Drug Discovery 543.3.1 Possible Biological Activity Prediction Tools 553.3.2 Possible Physicochemical and Drug-Likeness Properties Verification Tools 583.3.3 Possible Toxicity and ADME/T Profile Prediction Tools 603.4 Future Directions With Bioinformatics Tool 613.5 Conclusion 63Acknowledgements 64References 644 ROLE OF DATA MINING IN BIOINFORMATICS 69Vivek P. Chavda, Amit Sorathiya, Disha Valu and Swati Marwadi4.1 Introduction 704.2 Data Mining Methods/Techniques 714.2.1 Classification 714.2.1.1 Statistical Techniques 714.2.1.2 Clustering Technique 734.2.1.3 Visualization 744.2.1.4 Induction Decision Tree Technique 744.2.1.5 Neural Network 754.2.1.6 Association Rule Technique 754.2.1.7 Classification 754.3 DNA Data Analysis 774.4 RNA Data Analysis 794.5 Protein Data Analysis 794.6 Biomedical Data Analysis 804.7 Conclusion and Future Prospects 81References 815 IN SILICO PROTEIN DESIGN AND VIRTUAL SCREENING 85Vivek P. Chavda, Zeel Patel, Yashti Parmar and Disha Chavda5.1 Introduction 865.2 Virtual Screening Process 885.2.1 Before Virtual Screening 905.2.2 General Process of Virtual Screening 905.2.2.1 Step 1 (The Establishment of the Receptor Model) 915.2.2.2 Step 2 (The Generation of Small-Molecule Libraries) 925.2.2.3 Step 3 (Molecular Docking) 925.2.2.4 Step 4 (Selection of Lead Protein Compounds) 945.3 Machine Learning and Scoring Functions 945.4 Conclusion and Future Prospects 95References 966 NEW BIOINFORMATICS PLATFORM-BASED APPROACH FOR DRUG DESIGN 101Vivek Chavda, Soham Sheta, Divyesh Changani and Disha Chavda6.1 Introduction 1026.2 Platform-Based Approach and Regulatory Perspective 1046.3 Bioinformatics Tools and Computer-Aided Drug Design 1076.4 Target Identification 1096.5 Target Validation 1106.6 Lead Identification and Optimization 1116.7 High-Throughput Methods (HTM) 1126.8 Conclusion and Future Prospects 114References 1157 BIOINFORMATICS AND ITS APPLICATION AREAS 121Ragini Bhardwaj, Mohit Sharma and Nikhil Agrawal7.1 Introduction 1217.2 Review of Bioinformatics 1247.3 Bioinformatics Applications in Different Areas 1267.3.1 Microbial Genome Application 1267.3.2 Molecular Medicine 1297.3.3 Agriculture 1307.4 Conclusion 131References 1318 DNA MICROARRAY ANALYSIS: FROM AFFYMETRIX CEL FILES TO COMPARATIVE GENE EXPRESSION 139Sandeep Kumar, Shruti Shandilya, Suman Kapila, Mohit Sharma and Nikhil Agrawal8.1 Introduction 1408.2 Data Processing 1408.2.1 Installation of Workflow 1408.2.2 Importing the Raw Data for Processing 1418.2.3 Retrieving Sample Annotation of the Data 1428.2.4 Quality Control 1438.2.4.1 Boxplot 1448.2.4.2 Density Histogram 1458.2.4.3 MA Plot 1458.2.4.4 NUSE Plot 1458.2.4.5 RLE Plot 1458.2.4.6 RNA Degradation Plot 1458.2.4.7 QCstat 1488.3 Normalization of Microarray Data Using the RMA Method 1488.3.1 Background Correction 1488.3.2 Normalization 1498.3.3 Summarization 1498.4 Statistical Analysis for Differential Gene Expression 1518.5 Conclusion 153References 1539 MACHINE LEARNING IN BIOINFORMATICS 155Rahul Yadav, Mohit Sharma and Nikhil Agrawal9.1 Introduction and Background 1569.1.1 Bioinformatics 1589.1.2 Text Mining 1599.1.3 IoT Devices 1599.2 Machine Learning Applications in Bioinformatics 1599.3 Machine Learning Approaches 1619.4 Conclusion and Closing Remarks 162References 16210 DNA-RNA BARCODING AND GENE SEQUENCING 165Gifty Sawhney, Mohit Sharma and Nikhil Agrawal10.1 Introduction 16610.2 RNA 16910.3 DNA Barcoding 17210.3.1 Introduction 17210.3.2 DNA Barcoding and Molecular Phylogeny 17710.3.3 Ribosomal DNA (rDNA) of the Nuclear Genome (nuDNA)—ITS 17810.3.4 Chloroplast DNA 18010.3.5 Mitochondrial DNA 18110.3.6 Molecular Phylogenetic Analysis 18110.3.7 Metabarcoding 18910.3.8 Materials for DNA Barcoding 19010.4 Main Reasons of DNA Barcoding 19110.5 Limitations/Restrictions of DNA Barcoding 19210.6 RNA Barcoding 19210.6.1 Overview of the Method 19310.7 Methodology 19410.7.1 Materials Required 19510.7.2 Barcoded RNA Sequencing High-Level Mapping of Single-Neuron Projections 19610.7.3 Using RNA to Trace Neurons 19610.7.4 A Life Conservation Barcoder 19810.7.5 Gene Sequencing 19910.7.5.1 DNA Sequencing Methods 20010.7.5.2 First-Generation Sequencing Techniques 20410.7.5.3 Maxam’s and Gilbert’s Chemical Method 20410.7.5.4 Sanger Sequencing 20510.7.5.5 Automation in DNA Sequencing 20610.7.5.6 Use of Fluorescent-Marked Primers and ddNTPs 20610.7.5.7 Dye Terminator Sequencing 20710.7.5.8 Using Capillary Electrophoresis 20710.7.6 Developments and High-Throughput Methodsin DNA Sequencing 20810.7.7 Pyrosequencing Method 20910.7.8 The Genome Sequencer 454 FLX System 21010.7.9 Illumina/Solexa Genome Analyzer 21010.7.10 Transition Sequencing Techniques 21110.7.11 Ion-Torrent’s Semiconductor Sequencing 21110.7.12 Helico’s Genetic Analysis Platform 21110.7.13 Third-Generation Sequencing Techniques 21210.8 Conclusion 212Abbreviations 213Acknowledgement 214References 21411 BIOINFORMATICS IN CANCER DETECTION 229Mohit Sharma, Umme Abiha, Parul Chugh, Balakumar Chandrasekaran and Nikhil Agrawal11.1 Introduction 23011.2 The Era of Bioinformatics in Cancer 23011.3 Aid in Cancer Research via NCI 23211.4 Application of Big Data in Developing Precision Medicine 23311.5 Historical Perspective and Development 23511.6 Bioinformatics-Based Approaches in the Study of Cancer 23711.6.1 SLAMS 23711.6.2 Module Maps 23811.6.3 COPA 23911.7 Conclusion and Future Challenges 240References 24012 GENOMIC ASSOCIATION OF POLYCYSTIC OVARIAN SYNDROME: SINGLE-NUCLEOTIDE POLYMORPHISMS AND THEIR ROLE IN DISEASE PROGRESSION 245Gowtham Kumar Subbaraj and Sindhu Varghese12.1 Introduction 24612.2 FSHR Gene 25212.3 IL-10 Gene 25212.4 IRS-1 Gene 25312.5 PCR Primers Used 25412.6 Statistical Analysis 25512.7 Conclusion 258References 25913 AN INSIGHT OF PROTEIN STRUCTURE PREDICTIONS USING HOMOLOGY MODELING 265S. Muthumanickam, P. Boomi, R. Subashkumar, S. Palanisamy, A. Sudha, K. Anand, C. Balakumar, M. Saravanan, G. Poorani, Yao Wang, K. Vijayakumar and M. Syed Ali13.1 Introduction 26613.2 Homology Modeling Approach 26813.2.1 Strategies for Homology Modeling 26913.2.2 Procedure 26913.3 Steps Involved in Homology Modeling 27013.3.1 Template Identification 27013.3.2 Sequence Alignment 27113.3.3 Backbone Generation 27113.3.4 Loop Modeling 27113.3.5 Side Chain Modeling 27213.3.6 Model Optimization 27213.3.6.1 Model Validation 27213.4 Tools Used for Homology Modeling 27313.4.1 Robetta 27313.4.2 M4T (Multiple Templates) 27313.4.3 I-Tasser (Iterative Implementation of the Threading Assembly Refinement) 27313.4.4 ModBase 27413.4.5 Swiss Model 27413.4.6 PHYRE2 (Protein Homology/Analogy Recognition Engine 2) 27413.4.7 Modeller 27413.4.8 Conclusion 275Acknowledgement 275References 27514 BASIC CONCEPTS IN PROTEOMICS AND APPLICATIONS 279Jesudass Joseph Sahayarayan, A.S. Enogochitra and Murugesan Chandrasekaran14.1 Introduction 28014.2 Challenges on Proteomics 28114.3 Proteomics Based on Gel 28314.4 Non-Gel–Based Electrophoresis Method 28414.5 Chromatography 28414.6 Proteomics Based on Peptides 28514.7 Stable Isotopic Labeling 28614.8 Data Mining and Informatics 28714.9 Applications of Proteomics 28914.10 Future Scope 29014.11 Conclusion 291References 29215 PROSPECTS OF COVALENT APPROACHES IN DRUG DISCOVERY: AN OVERVIEW 295Balajee Ramachandran, Saravanan Muthupandian and Jeyakanthan Jeyaraman15.1 Introduction 29615.2 Covalent Inhibitors Against the Biological Target 29715.3 Application of Physical Chemistry Concepts in Drug Designing 29915.4 Docking Methodologies—An Overview 30115.5 Importance of Covalent Targets 30215.6 Recent Framework on the Existing Docking Protocols 30315.7 SN2 Reactions in the Computational Approaches 30415.8 Other Crucial Factors to Consider in the Covalent Docking 30515.8.1 Role of Ionizable Residues 30515.8.2 Charge Regulation 30615.8.3 Charge-Charge Interactions 30615.9 QM/MM Approaches 30915.10 Conclusion and Remarks 310Acknowledgements 311References 311Index 321
CompTIA PenTest+ Study Guide
PREPARE FOR SUCCESS ON THE NEW PENTEST+ CERTIFICATION EXAM AND AN EXCITING CAREER IN PENETRATION TESTINGIn the revamped Second Edition of CompTIA PenTest+ Study Guide: Exam PT0-002, veteran information security experts Dr. Mike Chapple and David Seidl deliver a comprehensive roadmap to the foundational and advanced skills every pentester (penetration tester) needs to secure their CompTIA PenTest+ certification, ace their next interview, and succeed in an exciting new career in a growing field.You’ll learn to perform security assessments of traditional servers, desktop and mobile operating systems, cloud installations, Internet-of-Things devices, and industrial or embedded systems. You’ll plan and scope a penetration testing engagement including vulnerability scanning, understand legal and regulatory compliance requirements, analyze test results, and produce a written report with remediation techniques.This book will:* Prepare you for success on the newly introduced CompTIA PenTest+ PT0-002 Exam * Multiply your career opportunities with a certification that complies with ISO 17024 standards and meets Department of Defense Directive 8140/8570.01-M requirements * Allow access to the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms Perfect for anyone preparing for the updated CompTIA PenTest+ certification exam, CompTIA PenTest+ Study Guide: Exam PT0-002 is also a must-read resource for aspiring penetration testers and IT security professionals seeking to expand and improve their skillset.MIKE CHAPPLE, SECURITY+, CYSA+, CISSP, is Teaching Professor of IT, Analytics, and Operations at the University of Notre Dame. He's a cybersecurity professional and educator with over 20 years of experience. Mike provides cybersecurity certification resources at his website, CertMike.com.DAVID SEIDL, SECURITY+, CYSA+, CISSP, PENTEST+, is Vice President for Information Technology and CIO at Miami University. David co-led Notre Dame's move to the cloud, and has written multiple cybersecurity certification books.Introduction xxvAssessment Test xxxixCHAPTER 1 PENETRATION TESTING 1What Is Penetration Testing? 2Cybersecurity Goals 2Adopting the Hacker Mindset 4Ethical Hacking 5Reasons for Penetration Testing 5Benefits of Penetration Testing 6Regulatory Requirements for Penetration Testing 7Who Performs Penetration Tests? 8Internal Penetration Testing Teams 8External Penetration Testing Teams 9Selecting Penetration Testing Teams 10The CompTIA Penetration Testing Process 10Planning and Scoping 11Information Gathering and Vulnerability Scanning 11Attacks and Exploits 12Reporting and Communication 13Tools and Code Analysis 13The Cyber Kill Chain 14Reconnaissance 15Weaponization 16Delivery 16Exploitation 16Installation 16Command and Control 16Actions on Objectives 17Tools of the Trade 17Reconnaissance 20Vulnerability Scanners 21Social Engineering 21Credential Testing Tools 22Debuggers and Software Testing Tools 22Network Testing 23Remote Access 23Exploitation 24Steganography 24Cloud Tools 25Summary 25Exam Essentials 25Lab Exercises 26Activity 1.1: Adopting the Hacker Mindset 26Activity 1.2: Using the Cyber Kill Chain 26Review Questions 27CHAPTER 2 PLANNING AND SCOPING PENETRATION TESTS 31Scoping and Planning Engagements 34Assessment Types 35Known Environments and Unknown Environments 35The Rules of Engagement 37Scoping Considerations—A Deeper Dive 39Support Resources for Penetration Tests 42Penetration Testing Standards and Methodologies 44Key Legal Concepts for Penetration Tests 46Contracts 46Data Ownership and Retention 47Permission to Attack (Authorization) 47Environmental Differences and Location Restrictions 48Regulatory Compliance Considerations 49Summary 51Exam Essentials 52Lab Exercises 53Review Questions 54CHAPTER 3 INFORMATION GATHERING 59Footprinting and Enumeration 63OSINT 64Location and Organizational Data 65Infrastructure and Networks 68Security Search Engines 74Google Dorks and Search Engine Techniques 77Password Dumps and Other Breach Data 77Source Code Repositories 78Passive Enumeration and Cloud Services 78Active Reconnaissance and Enumeration 78Hosts 79Services 79Networks, Topologies, and Network Traffic 85Packet Crafting and Inspection 88Enumeration 90Information Gathering and Code 97Avoiding Detection 99Information Gathering and Defenses 99Defenses Against Active Reconnaissance 100Preventing Passive Information Gathering 100Summary 100Exam Essentials 101Lab Exercises 102Activity 3.1: Manual OSINT Gathering 102Activity 3.2: Exploring Shodan 102Activity 3.3: Running an Nmap Scan 103Review Questions 104CHAPTER 4 VULNERABILITY SCANNING 109Identifying Vulnerability Management Requirements 112Regulatory Environment 112Corporate Policy 116Support for Penetration Testing 116Identifying Scan Targets 117Determining Scan Frequency 118Active vs. Passive Scanning 120Configuring and Executing Vulnerability Scans 121Scoping Vulnerability Scans 121Configuring Vulnerability Scans 122Scanner Maintenance 129Software Security Testing 131Analyzing and Testing Code 131Web Application Vulnerability Scanning 133Developing a Remediation Workflow 138Prioritizing Remediation 140Testing and Implementing Fixes 141Overcoming Barriers to Vulnerability Scanning 141Summary 143Exam Essentials 143Lab Exercises 144Activity 4.1: Installing a Vulnerability Scanner 144Activity 4.2: Running a Vulnerability Scan 145Activity 4.3: Developing a Penetration Test Vulnerability Scanning Plan 145Review Questions 146CHAPTER 5 ANALYZING VULNERABILITY SCANS 151Reviewing and Interpreting Scan Reports 152Understanding CVSS 156Validating Scan Results 162False Positives 162Documented Exceptions 162Understanding Informational Results 163Reconciling Scan Results with Other Data Sources 164Trend Analysis 164Common Vulnerabilities 165Server and Endpoint Vulnerabilities 166Network Vulnerabilities 175Virtualization Vulnerabilities 181Internet of Things (IoT) 183Web Application Vulnerabilities 184Summary 186Exam Essentials 187Lab Exercises 188Activity 5.1: Interpreting a Vulnerability Scan 188Activity 5.2: Analyzing a CVSS Vector 188Activity 5.3: Developing a Penetration Testing Plan 189Review Questions 190CHAPTER 6 EXPLOITING AND PIVOTING 195Exploits and Attacks 198Choosing Targets 198Enumeration 199Identifying the Right Exploit 201Exploit Resources 204Exploitation Toolkits 206Metasploit 206PowerSploit 212BloodHound 213Exploit Specifics 213RPC/DCOM 213PsExec 214PS Remoting/WinRM 214WMI 214Fileless Malware and Living Off the Land 215Scheduled Tasks and cron Jobs 216SMB 217DNS 219RDP 220Apple Remote Desktop 220VNC 220SSH 220Network Segmentation Testing and Exploits 221Leaked Keys 222Leveraging Exploits 222Common Post-Exploit Attacks 222Cross Compiling 225Privilege Escalation 226Social Engineering 226Escaping and Upgrading Limited Shells 227Persistence and Evasion 228Scheduled Jobs and Scheduled Tasks 228Inetd Modification 228Daemons and Services 229Backdoors and Trojans 229Data Exfiltration and Covert Channels 230New Users 230Pivoting 231Covering Your Tracks 232Summary 233Exam Essentials 234Lab Exercises 235Activity 6.1: Exploit 235Activity 6.2: Discovery 235Activity 6.3: Pivot 236Review Questions 237CHAPTER 7 EXPLOITING NETWORK VULNERABILITIES 243Identifying Exploits 247Conducting Network Exploits 247VLAN Hopping 247DNS Cache Poisoning 249On-Path Attacks 251NAC Bypass 254DoS Attacks and Stress Testing 255Exploit Chaining 257Exploiting Windows Services 257NetBIOS Name Resolution Exploits 257SMB Exploits 261Identifying and Exploiting Common Services 261Identifying and Attacking Service Targets 262SNMP Exploits 263SMTP Exploits 264FTP Exploits 265Kerberoasting 266Samba Exploits 267Password Attacks 268Stress Testing for Availability 269Wireless Exploits 269Attack Methods 269Finding Targets 270Attacking Captive Portals 270Eavesdropping, Evil Twins, and Wireless On-Path Attacks 271Other Wireless Protocols and Systems 275RFID Cloning 276Jamming 277Repeating 277Summary 278Exam Essentials 279Lab Exercises 279Activity 7.1: Capturing Hashes 279Activity 7.2: Brute-ForcingServices 280Activity 7.3: Wireless Testing 281Review Questions 282CHAPTER 8 EXPLOITING PHYSICAL AND SOCIAL VULNERABILITIES 287Physical Facility Penetration Testing 290Entering Facilities 290Information Gathering 294Social Engineering 294In-Person Social Engineering 295Phishing Attacks 297Website-BasedAttacks 298Using Social Engineering Tools 298Summary 302Exam Essentials 303Lab Exercises 303Activity 8.1: Designing a Physical Penetration Test 303Activity 8.2: Brute-Forcing Services 304Activity 8.3: Using BeEF 305Review Questions 306CHAPTER 9 EXPLOITING APPLICATION VULNERABILITIES 311Exploiting Injection Vulnerabilities 314Input Validation 314Web Application Firewalls 315SQL Injection Attacks 316Code Injection Attacks 319Command Injection Attacks 319LDAP Injection Attacks 320Exploiting Authentication Vulnerabilities 320Password Authentication 321Session Attacks 322Kerberos Exploits 326Exploiting Authorization Vulnerabilities 327Insecure Direct Object References 327Directory Traversal 328File Inclusion 330Privilege Escalation 331Exploiting Web Application Vulnerabilities 331Cross-Site Scripting (XSS) 331Request Forgery 334Clickjacking 335Unsecure Coding Practices 335Source Code Comments 335Error Handling 336Hard-Coded Credentials 336Race Conditions 337Unprotected APIs 337Unsigned Code 338Steganography 340Application Testing Tools 341Static Application Security Testing (SAST) 341Dynamic Application Security Testing (DAST) 342Mobile Tools 346Summary 346Exam Essentials 347Lab Exercises 347Activity 9.1: Application Security Testing Techniques 347Activity 9.2: Using the ZAP Proxy 348Activity 9.3: Creating a Cross-Site Scripting Vulnerability 348Review Questions 349CHAPTER 10 ATTACKING HOSTS, CLOUD TECHNOLOGIES, AND SPECIALIZED SYSTEMS 355Attacking Hosts 360Linux 361Windows 365Cross-Platform Exploits 367Credential Attacks and Testing Tools 368Credential Acquisition 368Offline Password Cracking 369Credential Testing and Brute-Forcing Tools 371Wordlists and Dictionaries 371Remote Access 372SSH 372NETCAT and Ncat 373Metasploit and Remote Access 373Proxies and Proxychains 374Attacking Virtual Machines and Containers 374Virtual Machine Attacks 375Containerization Attacks 377Attacking Cloud Technologies 379Attacking Cloud Accounts 379Attacking and Using Misconfigured Cloud Assets 380Other Cloud Attacks 382Tools for Cloud Technology Attacks 383Attacking Mobile Devices 384Attacking IoT, ICS, Embedded Systems, and SCADA Devices 389Attacking Data Storage 392Summary 393Exam Essentials 395Lab Exercises 396Activity 10.1: Dumping and Cracking the Windows SAM and Other Credentials 396Activity 10.2: Cracking Passwords Using Hashcat 397Activity 10.3: Setting Up a Reverse Shell and a Bind Shell 398Review Questions 400CHAPTER 11 REPORTING AND COMMUNICATION 405The Importance of Communication 409Defining a Communication Path 409Communication Triggers 410Goal Reprioritization 410Recommending Mitigation Strategies 411Finding: Shared Local Administrator Credentials 412Finding: Weak Password Complexity 413Finding: Plaintext Passwords 414Finding: No Multifactor Authentication 414Finding: SQL Injection 416Finding: Unnecessary Open Services 416Writing a Penetration Testing Report 416Structuring the Written Report 417Secure Handling and Disposition of Reports 420Wrapping Up the Engagement 421Post-Engagement Cleanup 421Client Acceptance 421Lessons Learned 421Follow-UpActions/Retesting 422Attestation of Findings 422Retention and Destruction of Data 422Summary 423Exam Essentials 423Lab Exercises 424Activity 11.1: Remediation Strategies 424Activity 11.2: Report Writing 424Review Questions 425CHAPTER 12 SCRIPTING FOR PENETRATION TESTING 429Scripting and Penetration Testing 431Bash 432PowerShell 433Ruby 434Python 435Perl 435JavaScript 436Variables, Arrays, and Substitutions 438Bash 439PowerShell 440Ruby 441Python 441Perl 442JavaScript 442Comparison Operations 444String Operations 445Bash 446PowerShell 447Ruby 448Python 449Perl 450JavaScript 451Flow Control 452Conditional Execution 453for Loops 458while Loops 465Input and Output (I/O) 471Redirecting Standard Input and Output 471Comma-SeparatedValues (CSV) 472Error Handling 472Bash 472PowerShell 473Ruby 473Python 473Advanced Data Structures 474JavaScript Object Notation (JSON) 474Trees 475Reusing Code 475The Role of Coding in Penetration Testing 476Analyzing Exploit Code 476Automating Penetration Tests 477Summary 477Exam Essentials 477Lab Exercises 478Activity 12.1: Reverse DNS Lookups 478Activity 12.2: Nmap Scan 479Review Questions 480APPENDIX A ANSWERS TO REVIEW QUESTIONS 485Chapter 1: Penetration Testing 486Chapter 2: Planning and Scoping Penetration Tests 487Chapter 3: Information Gathering 489Chapter 4: Vulnerability Scanning 491Chapter 5: Analyzing Vulnerability Scans 493Chapter 6: Exploiting and Pivoting 495Chapter 7: Exploiting Network Vulnerabilities 497Chapter 8: Exploiting Physical and Social Vulnerabilities 499Chapter 9: Exploiting Application Vulnerabilities 501Chapter 10: Attacking Hosts, Cloud Technologies, and Specialized Systems 503Chapter 11: Reporting and Communication 505Chapter 12: Scripting for Penetration Testing 506APPENDIX B SOLUTION TO LAB EXERCISE 509Solution to Activity 5.2: Analyzing a CVSS Vector 510Index 511
Wahrheit und Fake im postfaktisch-digitalen Zeitalter
Die Zunahme von Fake News, die stärker werdende Beeinflussung von Wahlen, zunehmende Falschmeldungen und gezielte Desinformationskampagnen sind nicht zuletzt eine Folge der fortschreitenden Digitalisierung. Um diesen Fehlentwicklungen Einhalt zu gebieten, ist die Informationstechnik gefragt. Mit intelligenten Algorithmen und einer verfeinerten Datenanalyse müssen zukünftig Fakes schneller erkannt und deren Verbreitung verhindert werden. Um jedoch Fakes mittels künstlicher Intelligenz sinnvoll zu erkennen und zu filtern, muss es möglich sein, Fakes von Fakten, Fakten von Fiktionen und Fiktionen von Fakes zu unterscheiden.In diesem Buch werden daher auch Fragen nach den Distinktionen von Fake, Faktizität und Fiktionalität gestellt. Es wird auf die dahinter liegenden Wahrheitstheorien eingegangen und es werden praktisch-technische Möglichkeiten aufgezeigt, um Wahrheit von Falschheit zu differenzieren. Mit der Berücksichtigung des Fiktionalen sowie der Annahme, dass informationstechnische Weiterentwicklung von geisteswissenschaftlichen Erkenntnissen profitieren kann, hoffen die Autorinnen und Autoren, dass inhaltliche, technische und methodische Herausforderungen der Gegenwart und Zukunft bewältigt werden können.PETER KLIMCZAK (Dr. phil. et Dr. rer. nat. habil.) lehrt als Privatdozent Medien-, Kultur- und Technikwissenschaften an der Brandenburgischen Technischen Universität und forscht im Rahmen eines Feodor Lynen Research Fellowship an der University of Wroclaw. Er ist Autor zahlreicher Publikationen zum Einsatz künstlicher Sprachen in den Medien- und Kulturwissenschaften, zu digitalen und sozialen Medien sowie zu kognitiven Systemen und künstlicher Intelligenz.THOMAS ZOGLAUER (Dr. phil. habil.) lehrt als außerplanmäßiger Professor Philosophie an der Brandenburgischen Technischen Universität und als Lehrbeauftragter an den Universitäten Freiburg und Stuttgart. Er ist Autor zahlreicher Bücher zur Technikphilosophie, Logik und angewandten Ethik. Einleitung - Wahrheitsrelativismus, Wissenschaftsskeptizismus und die politischen Folgen - Von Fakes und Frauds: Können wissenschaftliche „Hoaxes“ ein legitimes Erkenntnisinstrument sein? - Fiction, Fake and Fact - Stranger than Fiction - Die marxistisch-leninistische Faschismusdefinition und der Mauerbau - Vorsicht: mögliche „Fake News“ – ein technischer Ansatz zur frühen Erkennung - Fake News technisch begegnen – Detektions- und Behandlungsansätze zur Unterstützung von NutzerInnen - NewsDeps: Visualizing the Origin of Information in News Articles
Modeling and Optimization in Software-Defined Networks
THIS BOOK PROVIDES A QUICK REFERENCE AND INSIGHTS INTO MODELING AND OPTIMIZATION OF SOFTWARE-DEFINED NETWORKS (SDNS). It covers various algorithms and approaches that have been developed for optimizations related to the control plane, the considerable research related to data plane optimization, and topics that have significant potential for research and advances to the state-of-the-art in SDN.Over the past ten years, network programmability has transitioned from research concepts to more mainstream technology through the advent of technologies amenable to programmability such as service chaining, virtual network functions, and programmability of the data plane. However, the rapid development in SDN technologies has been the key driver behind its evolution.The logically centralized abstraction of network states enabled by SDN facilitates programmability and use of sophisticated optimization and control algorithms for enhancing network performance, policy management, and security.Furthermore, the centralized aggregation of network telemetry facilitates use of data-driven machine learning-based methods. To fully unleash the power of this new SDN paradigm, though, various architectural design, deployment, and operations questions need to be addressed. Associated with these are various modeling, resource allocation, and optimization opportunities.The book covers these opportunities and associated challenges, which represent a ``call to arms'' for the SDN community to develop new modeling and optimization methods that will complement or improve on the current norms.* Preface* Acknowledgments* Introduction* SDN Control Plane Optimization* SDN Data Plane Optimization* Future Research Directions* Bibliography* Authors' Biographies
Cloud Defense Strategies with Azure Sentinel
Use various defense strategies with Azure Sentinel to enhance your cloud security. This book will help you get hands-on experience, including threat hunting inside Azure cloud logs and metrics from services such as Azure Platform, Azure Active Directory, Azure Monitor, Azure Security Center, and others such as Azure Defender's many security layers.This book is divided into three parts. Part I helps you gain a clear understanding of Azure Sentinel and its features along with Azure Security Services, including Azure Monitor, Azure Security Center, and Azure Defender. Part II covers integration with third-party security appliances and you learn configuration support, including AWS. You will go through multi-Azure Tenant deployment best practices and its challenges. In Part III you learn how to improve cyber security threat hunting skills while increasing your ability to defend against attacks, stop data loss, prevent business disruption, and expose hidden malware. You will get an overview of the MITRE Attack Matrix and its usage, followed by Azure Sentinel operations and how to continue Azure Sentinel skill improvement.After reading this book, you will be able to protect Azure resources from cyberattacks and support XDR (Extend, Detect, Respond), an industry threat strategy through Azure Sentinel.WHAT YOU WILL LEARN* Understand Azure Sentinel technical benefits and functionality* Configure to support incident response* Integrate with Azure Security standards* Be aware of challenges and costs for the Azure log analytics workspaceWHO THIS BOOK IS FORSecurity consultants, solution architects, cloud security architects, and IT security engineersMARSHALL COPELAND is a Senior Consultant focused on Cyber Security in Azure public cloud defensive deployments using Azure cloud native and third-party cyber solutions. His work focuses on security in customers hybrid cloud deployments, Secure DevOps and security partner cloud integrations that enhance “blue team hunting” efficiencies. Marshall currently works at Microsoft Corporation supporting enterprise customers security teams using Azure security services for hybrid network security management and data protection. He previously worked in cloud security roles at Optiv Security, and Salesforce. PART I (PAGE COUNT 100)GOALS: Introduction to Azure Sentinel es with technical featurthat benefit the business. Initial configuration using Azure subscription data connectors, discuss 3rd party integration and alignment with other Azure Security Services. XDR introduction, why it is an industry standard and how to use it in Sentinel.SUB-TOPICS1. Overview of Technical Features2. Benefit and cost support for the business, initial configuration3. Azure Defender support into Azure Sentinel4. Azure Security Center support into Azure SentinelCHAPTER 1 AZURE SENTINEL OVERVIEWPlatform benefits, SOC security reference, alignment to Cyber framework, Log Analytics planning, cost structureCHAPTER 2 OTHER AZURE SECURITY SERVICESAzure Monitor, Azure Security Center, Azure Defender, working together to support Azure SentinelCHAPTER 3 AZURE SENTINEL XDR CAPABILITIESIntegration with Azure Security standards, protection for additional Azure workloads, guidance for XDR and how it should be used to modernize security operations.PART II (PAGE COUNT 100)GOALS: Deployment best practices, platform integration and support for AWSSUB - TOPICS1. Enable integration with 3rd party security appliances2. Configure support for AWS3. Multi-Azure Tenant deployment best practicesCHAPTER 4 DATA CONNECTIONSingle Tenant: Data connectors native, Log Analytics storage options, 3rd party data, KQL validation processes, AWS connection, Service NOW integrationCHAPTER 5 THREAT INTELLIGENCE (TI)TI connectors and feeds, Sentinel Workbooks introduction, Sentinel Notebook usage, Python integrationCHAPTER 6 MULTI-TENANT ARCHITECTUREChallenges and cost of Azure log analytics workspace, KQL modification requirements, SOC alignment neededPART III (PAGE COUNT 100)GOALS: Improve Cyber Security Threat Hunting TechniquesSUB - TOPICS:1. Threat Hunting with KQL Language deep dive with examples2. Integration with MITRE attack Matrix and support for TAXII3. Data flow examples: User logon, track and validate. Stop network connection to China, etc.4. Configuration changes needed for multiple Sentinel deploymentsCHAPTER 7 THREAT HUNTING WITH AZURE SENTINELKQL Hunting introduction, custom queries, Sentinel bookmarks, Sentinel notebooksCHAPTER 8 INTRODUCTION TO MITRE MATRIXMITRE Attack Matrix overview and usage, STIX defined, TAXII defined, free TI -vs- service SLACHAPTER 9 AZURE SENTINEL OPERATIONSDaily, Weekly, Monthly tasks, SOC engineer alignment, Continued SOC operations support from official Microsoft supported forumCHAPTER APPENDIX:CHAPTER GOAL: WHERE TO GAIN ADDITIONAL KNOWLEDGE FOR AZURE SENTINELNO OF PAGES: 20SUB - TOPICS:1. Guidance to continue Azure Sentinel skill improvement2. Relating information to Cyber Security standards
A Greater Foundation for Machine Learning Engineering
This research scholarly illustrated book has more than 250 illustrations. The simple models of supervised machine learning with Gaussian Naïve Bayes, Naïve Bayes, decision trees, classification rule learners, linear regression, logistic regression, local polynomial regression, regression trees, model trees, K-nearest neighbors, and support vector machines lay a more excellent foundation for statistics. The author of the book Dr. Ganapathi Pulipaka, a top influencer of machine learning in the US, has created this as a reference book for universities. This book contains an incredible foundation for machine learning and engineering beyond a compact manual. The author goes to extraordinary lengths to make academic machine learning and deep learning literature comprehensible to create a new body of knowledge. The book aims at readership from university students, enterprises, data science beginners, machine learning and deep learning engineers at scale for high-performance computing environments. A Greater Foundation of Machine Learning Engineering covers a broad range of classical linear algebra and calculus with program implementations in PyTorch, TensorFlow, R, and Python with in-depth coverage. The author does not hesitate to go into math equations for each algorithm at length that usually many foundational machine learning books lack leveraging the JupyterLab environment. Newcomers can leverage the book from University or people from all walks of data science or software lives to the advanced practitioners of machine learning and deep learning. Though the book title suggests machine learning, there are several implementations of deep learning algorithms, including deep reinforcement learning.The book's mission is to help build a strong foundation for machine learning and deep learning engineers with all the algorithms, processors to train and deploy into production for enterprise-wide machine learning implementations. This book also introduces all the concepts of natural language processing required for machine learning algorithms in Python. The book covers Bayesian statistics without assuming high-level mathematics or statistics experience from the readers. It delivers the core concepts and implementations required with R code with open datasets. The book also covers unsupervised machine learning algorithms with association rules and k-means clustering, metal-learning algorithms, bagging, boosting, random forests, and ensemble methods.The book delves into the origins of deep learning in a scholarly way covering neural networks, restricted Boltzmann machines, deep belief networks, autoencoders, deep Boltzmann machines, LSTM, and natural language processing techniques with deep learning algorithms and math equations. It leverages the NLTK library of Python with PyTorch, Python, and TensorFlow's installation steps, then demonstrates how to build neural networks with TensorFlow. Deploying machine learning algorithms require a blend of cloud computing platforms, SQL databases, and NoSQL databases. Any data scientist with a statistics background that looks to transition into a machine learning engineer role requires an in-depth understanding of machine learning project implementations on Amazon, Google, or Microsoft Azure cloud computing platforms. The book provides real-world client projects for understanding the complete implementation of machine learning algorithms.This book is a marvel that does not leave any application of machine learning and deep learning algorithms. It sets a more excellent foundation for newcomers and expands the horizons for experienced deep learning practitioners. It is almost inevitable that there will be a series of more advanced algorithms follow-up books from the author in some shape or form after setting such a perfect foundation for machine learning engineering.
Beginning IoT Projects
Experiment with building IoT projects without the demanding time or patience required to learn about electronics. This book thoroughly introduces readers of all ages to the world of IoT devices and electronics without getting bogged down by the overly technical aspects or being tied to a specific platform. You'll learn IoT, Arduino, Raspberry Pi from the ground up using the Qwiic and Grove components systems.The book begins with a brief overview of IoT followed by primers for the two most popular platforms; Arduino and Raspberry Pi. There is also a short tutorial on programming each host; Arduino C-like sketches and Python scripts respectfully. Thus, the book also helps you get started with your choice of platform. Next, you’ll learn the basics for the Qwiic and Grove component systems.The rest of the book presents a number of projects organized into easy-to-follow chapters that details the goal for the project, the components used, a walk-through of the code, and a challenge section that provides suggestions on how to improve or augment the project. Projects are presented for both the Arduino and Raspberry Pi where possible making each project as versatile as possible.WHAT YOU'LL LEARN* Write Arduino sketches* Create Python scripts for the Raspberry Pi* Build IoT projects with Arduino and Raspberry Pi* Use the Qwiic and Grove component systems* Join the electronics and IoT hobby world with almost no experience* Host projects data in the cloud using ThingSpeakWHO THIS BOOK IS FORThose interested in building or experimenting with IoT solutions but have little or no experience working with electronics. This includes those with little or no programming experience. A secondary target would include readers interested in teaching the basics of working with Arduino and Raspberry Pi to others.Charles Bell conducts research in emerging technologies. He is a member of the Oracle MySQL Development team and is a Principal Developer for the MySQL Cloud Services team. He lives in a small town in rural Virginia with his loving wife. He received his Doctor of Philosophy in Engineering from Virginia Commonwealth University in 2005. Dr. Bell is an expert in the database field and has extensive knowledge and experience in software development and systems engineering. His research interests include 3D printers, microcontrollers, three-dimensional printing, database systems, software engineering, and sensor networks. He spends his limited free time as a practicing Maker focusing on microcontroller projects and refinement of three-dimensional printers.Part 1 - Getting Started with IoT.- Chapter 1. Introduction to IoT.- Chapter 2. Introducing the Arduino.- Chapter 3. Arduino Programming .- Chapter 4. Introducing the Raspberry Pi.- Chapter 5. Python Programming for the Raspberry Pi.- Part 2 - The Qwiic Component System.- Chapter 6. Introducing Qwiic, STEMMA, and QT.- Chapter 7. Qwiic Example: Keep your distance!.- Chapter 8. Qwiic Example: Weather Station.- Chapter 9. Qwiic Example: Digital Compass.- Chapter 10. STEMMA and Qwiic Example: Plant Monitoring.- Chapter 11. STEMMA and Qwiic Example: Balancing Act.- Part 3 - The Grove Component System.- Chapter 12. Introducing Grove.- Chapter 13. Example: Knock-Knock!.- Chapter 14. Example: Mood Lighting.- Chapter 15. Example: Monitoring your Environment.- Chapter 16. Example: Simon Game.- Part 4: Going Further: IoT and the Cloud.- Chapter 17. Introducing IoT for the Cloud.- Chapter 18. Using ThingSpeak.- Appendix.
Docs for Developers
Learn to integrate programming with good documentation. This book teaches you the craft of documentation for each step in the software development lifecycle, from understanding your users’ needs to publishing, measuring, and maintaining useful developer documentation.Well-documented projects save time for both developers on the project and users of the software. Projects without adequate documentation suffer from poor developer productivity, project scalability, user adoption, and accessibility. In short: bad documentation kills projects.Docs for Developers demystifies the process of creating great developer documentation, following a team of software developers as they work to launch a new product. At each step along the way, you learn through examples, templates, and principles how to create, measure, and maintain documentation—tools you can adapt to the needs of your own organization.WHAT YOU'LL LEARN* Create friction logs and perform user research to understand your users’ frustrations* Research, draft, and write different kinds of documentation, including READMEs, API documentation, tutorials, conceptual content, and release notes* Publish and maintain documentation alongside regular code releases* Measure the success of the content you create through analytics and user feedback* Organize larger sets of documentation to help users find the right information at the right timeWHO THIS BOOK IS FORIdeal for software developers who need to create documentation alongside code, or for technical writers, developer advocates, product managers, and other technical roles that create and contribute to documentation for their products and services.Jared BhattiJared is a Staff Technical Writer at Alphabet, and the co-founder of Google’s Cloud documentation team. He’s worked for the past 14 years documenting an array of projects at Alphabet, including Kubernetes, App Engine, Adsense, Google’s data centers, and Google’s environmental sustainability efforts. He currently leads technical documentation at Waymo and mentors several junior writers in the industry.Zachary Sarah CorleissenZach began this book as the Lead Technical Writer for the Linux Foundation and ended it as Stripe’s first Staff Technical Writer. Zach served as co-chair for Kubernetes documentation from 2017 until 2021, and has worked on developer docs previously at GitHub, Rackspace, and several startups. They enjoy speaking at conferences and love to mentor writers and speakers of all abilities and backgrounds.Heidi WaterhouseHeidi spent a couple decades at Microsoft, Dell Software, and many, many startups learning to communicate with and for developers. She currently works as a principal developer advocate at LaunchDarkly, but was reassured to find that technical communication is universal across all roles.David NunezDavid heads up the technical writing organization at Stripe, where he founded the internal documentation team and wrote for Increment magazine. Before Stripe, he founded and led the technical writing organization at Uber and held a documentation leadership role at Salesforce. Having led teams that have written about cloud, homegrown infrastructure, self-driving trucks, and economic infrastructure, he’s studied the many ways that technical documentation can shape the user experience. David also acts as an advisor for several startups in the knowledge platform space.Jen LambourneJen leads the technical writing and knowledge management discipline at Monzo Bank. Before her foray into fintech, she led a community of documentarians across the UK government as Head of Technical Writing at the Government Digital Service (GDS). Having moved from government to finance, she recognizes she’s drawn to creating inclusive and user-centred content in traditionally unfriendly industries. She likes using developer tools to manage docs, demystifying the writing process for engineers, mentoring junior writers, and presenting her adventures in documentation at conferences.* Getting Started* Researching documentation* Understanding your users* Cultivating empathy* Understanding user desires, user needs, and company needs* Recruiting users for research* Research methods* Reading code comments* Trying it outFriction logs* Running diverse and inclusive focus groups and interviews* User journey mapping* Identifying and working with stakeholders* Finding your experts* Collaborative documentation development* Learning from existing content* The value of design documents* Finding examples in industry* Designing documentation* Defining your initial set of content* Deciding your minimum viable documentation* Drafting test and acceptance criteria* Understanding content types* Concepts, tutorials and reference documentation* Code comments* API specificationsREADMEs* Guides* Release notes* Drafting documentation* Setting yourself up for writing success* Who is this for? Personas, requirements, content types* Definition of done* How to iterateTools and tips for writing rough drafts* Understanding your needs* Choosing your writing tools (handwriting, text-only, productivity/measurement writing tools)* “Hacks” to get started drafting content* Mechanics* Headings* Paragraphs* ListsNotes and warnings* Conclusions/tests* Using templates to form drafts* Purpose of a template* How to derive a template from existing docsHow to take templates into text* Gathering initial feedback* Feedback methods* Integrating feedback* Getting feedback from difficult contributorsEditing content for publication* Determine destination* Editing tools (Grammarly, linters, etc)* Declaring good enough* Recap, strategies, and reassuranceStructuring sets of documentation* Where content types live* Concepts, tutorials and reference documentation* Code comments* API specificationsREADMEs* Guides* Release notes* Designing your information architecture* Content information architecture styles* Designing for search* Creating clear, well-lit paths through content* User testing and maintenance* Planning for document automation* Integrating code samples and visual content* Integrating code samples* When and why to use code samples* Creating concise, usable, maintainable samples* Standardising your samples* Using visual content: Screenshots, diagrams, and videos* When your documentation may need visual content* Making your visual content accessible* Integrating screenshots, diagrams* Videos* Measuring documentation success* How documentation succeeds* Measuring different types of documentation quality* Structural Quality* Functional Quality* Process Quality* Measuring what you want to changeDrawing conclusions from document metrics* Working with contributors* Defining how decisions are made* Deciding on a governance structure* Writing an effective Code of Conduct* Choosing a content licence* Code licenses* Content licencesBuilding and enforcing a style guide* Editing submitted content and giving feedback* Setting acceptability criteria* Editing for accessibility and inclusion* Editing for internationalization and translation* Giving actionable feedback* Planning and running a document sprint* Maintaining documentation* Creating a content review processes* Assigning document owners* Performing freshness checks on contentResponding to documentation issues* Separating documentation issues from product issues* Responding to users* Automating document maintenance* Automating API and reference content* Using doc linters* Deleting and archiving content* Wrapping up
Cloud Native Architecture and Design
Build enterprise-grade cloud-native systems and learn all about cloud-native architecture and design. This book provides extensive in-depth details of patterns, tools, techniques, and processes with plenty of examples.Cloud Native Architecture and Design begins by explaining the fundamentals of cloud-native architecture and services, what cloud principles and patterns to use, and details of designing a cloud-native element.The book progresses to cover the details of how IT systems can modernize to embrace cloud-native architecture, and also provides details of various enterprise assessment techniques to decide what systems can move and cannot move into the cloud.Architecting and designing a cloud-native system isn’t possible without modernized software engineering principles, the culture of automation, and the culture of innovation. As such, this book covers the details of cloud-native software engineering methodologies, and process, and how to adopt an automated governance approach across enterprises with the adoption of artificial intelligence.Finally, you need your cloud-native applications to run efficiently; this section covers the details of containerization, orchestration, and virtualization in the public, private, and hybrid clouds.After reading this book, you will have familiarity with the many concepts related to cloud-native and understand how to design and develop a successful cloud-native application. Technologies and practices may change over time, but the book lays a strong foundation on which you can build successful cloud-native systems.WHAT YOU WILL LEARNDiscover cloud-native principles and patterns, and how you can leverage them to solve your business problems * Gain the techniques and concepts you need to adapt to design a cloud-native applicationUse assessment techniques and tools for IT modernization * Apply cloud-native engineering principles to the culture of automation and culture of innovationHarness the techniques and tools to run your cloud-native applications and automate infrastructure* Operate your cloud-native applications by using AI techniques and zero operation techniques WHO THIS BOOK IS FORSoftware architects, leaders, developers, engineers, project managers, and students.SHIVAKUMAR R GONIWADA is an enterprise architect, technology leader, and inventor with more than 23 years of experience in architecting enterprise architecture with cloud-native, event-driven systems. He currently works at Accenture and leads a highly experienced technology enterprise and cloud architects. In his 23 years of experience, he led many highly complex projects across industries and the globe. He has ten software patents to his name in the areas of cloud, polyglot and polylithic architecture, software engineering, and IoT. He is a speaker at multiple global and in-house conferences. He holds Master Technology Architecture Accenture, Google Professional, AWS, and data science certifications. He completed an executive MBA at MIT Sloan School of Management.PART I: CLOUD NATIVE JOURNEY, PRINCIPLES & PATTERNS1. Introduction to Cloud Native Architecture2. Cloud Native Services3. Cloud Native Architecture Principles4. Cloud Native Architecture & Design PatternsPART II: ELEMENTS OF CLOUD NATIVE ARCHITECTURE & DESIGN5. Microservices Architecture & Design6. Event Driven Architecture7. Serverless Architecture8. Cloud Native Data Architecture9. Designing for “-ilities”PART III: MODERNIZING AN ENTERPRISE IT SYSTEMS10. Modernize Monolithic Application to Cloud Native11. Enterprise IT Systems Assessment to Decide Cloud Native Journey12. Cloud Native Architecture Fitness CheckPART IV: CLOUD NATIVE SOFTWARE ENGINEERING13. Developing an Enterprise Systems for Cloud Native14. Automation in an Enterprise Cloud-Native Journey15. AI Driven DevelopmentPART V: CLOUD NATIVE INFRASTRUCTURE16. Containerization and Virtualization17. Automation in InfrastructurePART VI: CLOUD NATIVE OPERATION18. Intelligent Operation19. ObservabilityPART VII: CLOUD NATIVE FEATURE20. Cloud Native Supported Future Technologies
Pro Exchange 2019 and 2016 Administration
__Use this one-stop resource for both basic and advanced administration of Exchange Server 2019 and 2016. It will help you in running an Exchange environment, whether it be 100% on-premises or a hybrid configuration with Exchange Online (as part of Office 365).This revised version is divided into four parts, describing Exchange infrastructure, upgrading Exchange server, integration with Office 365, and security and compliance. In the first part, you will go through a short introduction of Exchange server followed by its installation and configuration. You will learn client access along with Exchange mailbox and managing Exchange recipients. In the second part, you will learn how to upgrade from Exchange 2010 to 2016 and from 2013 to Exchange 2019. The third part is dedicated to the Exchange integration with Office 365, followed by the last part that teaches you how to secure your Exchange environment and its compliance.After reading this book, you will understand best practices, do’s and don’ts, and notes from the field to migrate and work on Exchange 2016 and 2019.WHAT YOU WILL LEARN* Create a highly available and redundant Exchange environment* Understand security, message hygiene (CEO fraud, for example), and compliance* Know the infrastructure changes in Exchange 2019* Integrate and manage hybrid recipientsWHO THIS BOOK IS FORIT pros who are responsible for building and maintaining an Exchange environment, both on-premises and in a hybrid configuration with Exchange OnlineMICHEL DE ROOIJ is a consultant and Microsoft MVP since 2013. He lives in The Netherlands, and has been working in the IT industry for over 20 years. Michel helps customers with their journeys related to Microsoft 365, with a focus on Exchange and Identity, but also related technologies such as Microsoft Teams or e-mail in general. Michel has a developer background, but after some long-term dedicated Exchange-related work for a large multinational switched to Exchange and never looked back. Michel is also a big fan of automating processes and procedures related to infrastructure, being either supporting projects or automating administrator tasks. Michel is also active in online communities, such as Tech Community, or on social media such as Twitter (@mderooij). He runs an Exchange-related blog at eightwone.com, guest authors for several other sites, and speaks at international events.JAAP WESSELIUS is an independent consultant based in The Netherlands. As a consultant, Jaap has been working with Exchange server since Exchange 5.0 in 1997. After working for Microsoft, he became an independent consultant in 2006. For his work in the (Exchange) community, Jaap has received a Microsoft MVP award 2007, an award he still holds in 2021. The first MVP category was Exchange server, but over the years that has changed to Office Apps and Services. Besides working with Exchange, Jaap also works with Office 365, identity management, privacy, and security. Jaap is 54 years old, married, has three (almost) grown-up sons, and likes to ride his motorcycle, when possible.SECTION 1 - EXCHANGE INFRASTRUCTURE1. INTRODUCTION1.1. History of Exchange server1.2. Exchange 2016 or Exchange 2019?1.3. Exchange Admin Center1.4. PowerShell1.5. Exchange and Active Directory2. INSTALLING AND CONFIGURING EXCHANGE2.1. Designing the Exchange environment2.2. Testing the Exchange environment2.3. Building the Exchange environment2.4. Exchange Edge Transport Server2.5. Cumulative Updates3. EXCHANGE AND CLIENT ACCESS3.1. Clients3.2. Outlook on the Web3.3. Outlook3.4. Autodiscover3.5. Exchange Web Services3.6. ActiveSync3.7. Namespaces3.8. Virtual Directories3.9. Certificates3.10. Client Access High Availability4. EXCHANGE MAILBOX AND MAILBOX SERVER4.1. Mailbox databases4.2. Backup and Restore4.3. High Availability4.4. Mailbox database High Availability5. MANAGING EXCHANGE RECIPIENTS5.1. Managing Recipients5.2. Mailboxes5.3. Distribution Groups5.4. Contacts5.5. Public Folders5.6. Address Lists5.7. Global Address List5.8. Custom Address List5.9. Offline Address Books5.10. Address Book Policies6. Exchange Transport6.1. Transport pipeline6.2. Send and Receive Connectors6.3. SMTP Relay6.4. Edge Transport server6.5. Load balancing transportSECTION 2 - UPGRADING EXCHANGE SERVER7. Upgrading from Exchange 2010 to Exchange 20167.1. Preparing Active Directory7.2. Installing the Exchange servers7.3. Change client access7.4. Move Mailboxes7.5. Move Public Folders7.6. Decommission Exchange 20108. Upgrading from Exchange 2013 to Exchange 20198.1. Preparing AD en Installing Exchange is identical to 7.1 and 7.28.2. Client access in 2013/2019 coexistence8.3. Move Mailboxes and Public Folders8.4. Decommission Exchange 2013SECTION 3 - INTEGRATION WITH OFFICE 3659. Exchange Hybrid9.1. Identities and source of authority9.2. Managing Hybrid Recipients9.3. Federation9.4. Federation with other organizations9.5. Organizational relationships9.6. Sharing policies9.7. Directory Synchronization9.8. Exchange Hybrid Configuration Wizard9.9. Autodiscover continued9.10. Mailflow in coexistence9.11. Exchange Online Protection9.12. Modern Authentication9.13. Bulk EmailSECTION 4 - SECURITY AND COMPLIANCE10. Securing your Exchange environment10.1. Hybrid Modern Authentication10.2. Message hygiene10.3. Multi Factor Authentication10.4. Role Based Access Control11. Compliance11.1. Archiving11.2. Journaling11.3. In-place hold11.4. In-place eDiscovery11.5. Messaging Records management11.6. Data Loss Prevention11.7. Auditing11.8. Reporting
Person Re-Identification with Limited Supervision
PERSON RE-IDENTIFICATION IS THE PROBLEM OF ASSOCIATING OBSERVATIONS OF TARGETS IN DIFFERENT NON-OVERLAPPING CAMERAS. Most of the existing learning-based methods have resulted in improved performance on standard re-identification benchmarks, but at the cost of time-consuming and tediously labeled data. Motivated by this, learning person re-identification models with limited to no supervision has drawn a great deal of attention in recent years.In this book, we provide an overview of some of the literature in person re-identification, and then move on to focus on some specific problems in the context of person re-identification with limited supervision in multi-camera environments. We expect this to lead to interesting problems for researchers to consider in the future, beyond the conventional fully supervised setup that has been the framework for a lot of work in person re-identification.Chapter 1 starts with an overview of the problems in person re-identification and the major research directions. We provide an overview of the prior works that align most closely with the limited supervision theme of this book. Chapter 2 demonstrates how global camera network constraints in the form of consistency can be utilized for improving the accuracy of camera pair-wise person re-identification models and also selecting a minimal subset of image pairs for labeling without compromising accuracy. Chapter 3 presents two methods that hold the potential for developing highly scalable systems for video person re-identification with limited supervision. In the one-shot setting where only one tracklet per identity is labeled, the objective is to utilize this small labeled set along with a larger unlabeled set of tracklets to obtain a re-identification model. Another setting is completely unsupervised without requiring any identity labels. The temporal consistency in the videos allows us to infer about matching objects across the cameras with higher confidence, even with limited to no supervision. Chapter 4 investigates person re-identification in dynamic camera networks. Specifically, we consider a novel problem that has received very little attention in the community but is critically important for many applications where a new camera is added to an existing group observing a set of targets. We propose two possible solutions for on-boarding new camera(s) dynamically to an existing network using transfer learning with limited additional supervision. Finally, Chapter 5 concludes the book by highlighting the major directions for future research.* Preface* Person Re-identification: An Overview* Supervised Re-identification: Optimizing the Annotation Effort* Towards Unsupervised Person Re-identification* Re-identification in Dynamic Camera Networks* Future Research Directions* Bibliography* Authors' Biographies