Security
Das Internet gehört uns allen!
Protokolle, Datenschutz, Zensur und Internet Governance anschaulich illustriert. Erstauflage, November 2021.Das Internet hat die zwischenmenschliche Kommunikation tiefgreifend verändert, aber die meisten von uns verstehen nicht wirklich, wie es funktioniert. Wie können Informationen durch das Internet reisen? Können wir online wirklich anonym und privat sein? Wer kontrolliert das Internet, und warum ist das wichtig? Und... was hat es mit den ganzen Katzen auf sich?»Das Internet gehört uns allen!« beantwortet diese Fragen und mehr. In klarer Sprache und mit skurrilen Illustrationen übersetzt das Autorenteam hochtechnische Themen in verständliche Sprache, die das komplizierteste Computernetzwerk der Welt entmystifiziert.Mit der Comic-Katze Catnip erfahren Sie mehr über:das »Wie-Was-Warum« von Knoten, Paketen und Internet-Protokollen;kryptografische Techniken, die die Geheimhaltung und Integrität Ihrer Daten zu gewährleisten;Zensur und Möglichkeiten der Überwachung und wie Sie diese umgehen könnenKybernetik, Algorithmen und darüber wie Computer Entscheidungen treffenDie Zentralisierung der Macht im Internet, ihre Auswirkungen auf die Demokratie und wie sie die Menschenrechte beeinträchtigtInternet-Governance und Möglichkeiten, sich zu engagierenDieses Buch ist auch ein Aufruf zum Handeln, indem es einen Fahrplan aufstellt, wie Sie Ihr neu erworbenes Wissen nutzen können, um die Entwicklung digitaler, inklusiver und die Rechte achtender Internet-Gesetze und -Politik zu beeinflussen.Egal, ob Sie sich um die Sicherheit im Internet sorgen, ein Anwalt sind, der sich mit Fragen der weltweiten Meinungsfreiheit befasst, oder einfach jemand mit einer katzenhaften Neugier auf die Netzwerkinfrastruktur, Sie werden begeistert sein – und aufgeklärt – von Catnips unterhaltsamen Leitfaden zum Verständnis, wie das Internet wirklich funktioniert!Leseproben (PDF-Links):VorwortInhaltsverzeichnisKapitel 1Kapitel 3Kapitel 7Kapitel 10Zu den Herausgebenden:ARTICLE 19 ist eine internationale Non-Profit-Organisation, die das Recht auf freie Meinungsäußerung, einschließlich des Zugangs zu Informationen, fördern, entwickeln und schützen will. Mit Hauptsitz in London und Büros in Bangladesch, Brasilien, Kenia, Mexiko, Senegal, Tunesien, Myanmar und den USA arbeitet ARTICLE 19 daran, die Wissenslücke über die Internet-Infrastruktur und deren Bedeutung für die Menschen zu schließen.
AWS Certified Machine Learning Study Guide
SUCCEED ON THE AWS MACHINE LEARNING EXAM OR IN YOUR NEXT JOB AS A MACHINE LEARNING SPECIALIST ON THE AWS CLOUD PLATFORM WITH THIS HANDS-ON GUIDEAs the most popular cloud service in the world today, Amazon Web Services offers a wide range of opportunities for those interested in the development and deployment of artificial intelligence and machine learning business solutions.The AWS Certified Machine Learning Study Guide: Specialty (MLS-CO1) Exam delivers hyper-focused, authoritative instruction for anyone considering the pursuit of the prestigious Amazon Web Services Machine Learning certification or a new career as a machine learning specialist working within the AWS architecture.From exam to interview to your first day on the job, this study guide provides the domain-by-domain specific knowledge you need to build, train, tune, and deploy machine learning models with the AWS Cloud. And with the practice exams and assessments, electronic flashcards, and supplementary online resources that accompany this Study Guide, you’ll be prepared for success in every subject area covered by the exam.You’ll also find:* An intuitive and organized layout perfect for anyone taking the exam for the first time or seasoned professionals seeking a refresher on machine learning on the AWS Cloud * Authoritative instruction on a widely recognized certification that unlocks countless career opportunities in machine learning and data science * Access to the Sybex online learning resources and test bank, with chapter review questions, a full-length practice exam, hundreds of electronic flashcards, and a glossary of key terms AWS Certified Machine Learning Study Guide: Specialty (MLS-CO1) Exam is an indispensable guide for anyone seeking to prepare themselves for success on the AWS Certified Machine Learning Specialty exam or for a job interview in the field of machine learning, or who wishes to improve their skills in the field as they pursue a career in AWS machine learning.ABOUT THE AUTHORSSHREYAS SUBRAMANIAN, PHD, is Principal Machine Learning specialist at Amazon Web Services. He has worked with several enterprise companies on business-critical machine learning and optimization problems. STEFAN NATU is Principal Machine Learning Specialist at Alexa AI, prior to which he was a Principal Architect at Amazon Web Services. His professional focus is on financial services, and he helps customers architect ML use cases on AWS with an emphasis on security, enterprise model governance, and operationalizing machine learning models. Introduction xviiAssessment Test xxixAnswers to Assessment Test xxxvPART I INTRODUCTION 1CHAPTER 1 AWS AI ML STACK 3Amazon Rekognition 4Image and Video Operations 6Amazon Textract 10Sync and Async APIs 11Amazon Transcribe 13Transcribe Features 13Transcribe Medical 14Amazon Translate 15Amazon Translate Features 16Amazon Polly 17Amazon Lex 19Lex Concepts 19Amazon Kendra 21How Kendra Works 22Amazon Personalize 23Amazon Forecast 27Forecasting Metrics 30Amazon Comprehend 32Amazon CodeGuru 33Amazon Augmented AI 34Amazon SageMaker 35Analyzing and Preprocessing Data 36Training 39Model Inference 40AWS Machine Learning Devices 42Summary 43Exam Essentials 43Review Questions 44CHAPTER 2 SUPPORTING SERVICES FROM THE AWS STACK 49Storage 50Amazon S3 50Amazon EFS 52Amazon FSx for Lustre 52Data Versioning 53Amazon VPC 54AWS Lambda 56AWS Step Functions 59AWS RoboMaker 60Summary 62Exam Essentials 62Review Questions 63PART II PHASES OF MACHINE LEARNING WORKLOADS 67CHAPTER 3 BUSINESS UNDERSTANDING 69Phases of ML Workloads 70Business Problem Identification 71Summary 72Exam Essentials 73Review Questions 74CHAPTER 4 FRAMING A MACHINE LEARNING PROBLEM 77ML Problem Framing 78Recommended Practices 80Summary 81Exam Essentials 81Review Questions 82CHAPTER 5 DATA COLLECTION 85Basic Data Concepts 86Data Repositories 88Data Migration to AWS 89Batch Data Collection 89Streaming Data Collection 92Summary 96Exam Essentials 96Review Questions 98CHAPTER 6 DATA PREPARATION 101Data Preparation Tools 102SageMaker Ground Truth 102Amazon EMR 104Amazon SageMaker Processing 105AWS Glue 105Amazon Athena 107Redshift Spectrum 107Summary 107Exam Essentials 107Review Questions 109CHAPTER 7 FEATURE ENGINEERING 113Feature Engineering Concepts 114Feature Engineering for Tabular Data 114Feature Engineering for Unstructured and Time Series Data 119Feature Engineering Tools on AWS 120Summary 121Exam Essentials 121Review Questions 123CHAPTER 8 MODEL TRAINING 127Common ML Algorithms 128Supervised Machine Learning 129Textual Data 138Image Analysis 141Unsupervised Machine Learning 142Reinforcement Learning 146Local Training and Testing 147Remote Training 149Distributed Training 150Monitoring Training Jobs 154Amazon CloudWatch 155AWS CloudTrail 155Amazon Event Bridge 158Debugging Training Jobs 158Hyperparameter Optimization 159Summary 162Exam Essentials 162Review Questions 164CHAPTER 9 MODEL EVALUATION 167Experiment Management 168Metrics and Visualization 169Metrics in AWS AI/ML Services 173Summary 174Exam Essentials 175Review Questions 176CHAPTER 10 MODEL DEPLOYMENT AND INFERENCE 181Deployment for AI Services 182Deployment for Amazon SageMaker 184SageMaker Hosting: Under the Hood 184Advanced Deployment Topics 187Autoscaling Endpoints 187Deployment Strategies 188Testing Strategies 190Summary 191Exam Essentials 191Review Questions 192CHAPTER 11 APPLICATION INTEGRATION 195Integration with On-PremisesSystems 196Integration with Cloud Systems 198Integration with Front-EndSystems 200Summary 200Exam Essentials 201Review Questions 202PART III MACHINE LEARNING WELL-ARCHITECTED LENS 205CHAPTER 12 OPERATIONAL EXCELLENCE PILLAR FOR ML 207Operational Excellence on AWS 208Everything as Code 209Continuous Integration and Continuous Delivery 210Continuous Monitoring 213Continuous Improvement 214Summary 215Exam Essentials 215Review Questions 217CHAPTER 13 SECURITY PILLAR 221Security and AWS 222Data Protection 223Isolation of Compute 224Fine-GrainedAccess Controls 225Audit and Logging 226Compliance Scope 227Secure SageMaker Environments 228Authentication and Authorization 228Data Protection 231Network Isolation 232Logging and Monitoring 233Compliance Scope 235AI Services Security 235Summary 236Exam Essentials 236Review Questions 238CHAPTER 14 RELIABILITY PILLAR 241Reliability on AWS 242Change Management for ML 242Failure Management for ML 245Summary 246Exam Essentials 246Review Questions 247CHAPTER 15 PERFORMANCE EFFICIENCY PILLAR FOR ML 251Performance Efficiency for ML on AWS 252Selection 253Review 254Monitoring 255Trade-offs256Summary 257Exam Essentials 257Review Questions 258CHAPTER 16 COST OPTIMIZATION PILLAR FOR ML 261Common Design Principles 262Cost Optimization for ML Workloads 263Design Principles 263Common Cost Optimization Strategies 264Summary 266Exam Essentials 266Review Questions 267CHAPTER 17 RECENT UPDATES IN THE AWS AI/ML STACK 271New Services and Features Related to AI Services 272New Services 272New Features of Existing Services 275New Features Related to Amazon SageMaker 279Amazon SageMaker Studio 279Amazon SageMaker Data Wrangler 279Amazon SageMaker Feature Store 280Amazon SageMaker Clarify 281Amazon SageMaker Autopilot 282Amazon SageMaker JumpStart 283Amazon SageMaker Debugger 283Amazon SageMaker Distributed Training Libraries 284Amazon SageMaker Pipelines and Projects 284Amazon SageMaker Model Monitor 284Amazon SageMaker Edge Manager 285Amazon SageMaker Asynchronous Inference 285Summary 285Exam Essentials 285APPENDIX ANSWERS TO THE REVIEW QUESTIONS 287Chapter 1: AWS AI ML Stack 288Chapter 2: Supporting Services from the AWS Stack 289Chapter 3: Business Understanding 290Chapter 4: Framing a Machine Learning Problem 291Chapter 5: Data Collection 291Chapter 6: Data Preparation 292Chapter 7: Feature Engineering 293Chapter 8: Model Training 294Chapter 9: Model Evaluation 295Chapter 10: Model Deployment and Inference 295Chapter 11: Application Integration 296Chapter 12: Operational Excellence Pillar for ML 297Chapter 13: Security Pillar 298Chapter 14: Reliability Pillar 298Chapter 15: Performance Efficiency Pillar for ML 299Chapter 16: Cost Optimization Pillar for ML 300Index 303
Data-Driven Alexa Skills
Design and build innovative, custom, data-driven Alexa skills for home or business. Working through several projects, this book teaches you how to build Alexa skills and integrate them with online APIs. If you have basic Python skills, this book will show you how to build data-driven Alexa skills. You will learn to use data to give your Alexa skills dynamic intelligence, in-depth knowledge, and the ability to remember.DATA-DRIVEN ALEXA SKILLS takes a step-by-step approach to skill development. You will begin by configuring simple skills in the Alexa Skill Builder Console. Then you will develop advanced custom skills that use several Alexa Skill Development Kit features to integrate with lambda functions, Amazon Web Services (AWS), and Internet data feeds. These advanced skills enable you to link user accounts, query and store data using a NoSQL database, and access real estate listings and stock prices via web APIs.WHAT YOU WILL LEARN* Set up and configure your development environment properly the first time* Build Alexa skills quickly and efficiently using Agile tools and techniques* Create a variety of data-driven Alexa skills for home and business* Access data from web applications and Internet data sources via their APIs* Test with unit-testing frameworks throughout the development life cycle* Manage and query your data using the DynamoDb NoSQL database enginesWHO THIS BOOK IS FORDevelopers who wish to go beyond Hello World and build complex, data-driven applications on Amazon's Alexa platform; developers who want to learn how to use Lambda functions, the Alexa Skills SDK, Alexa Presentation Language, and Alexa Conversations; developers interested in integrating with public APIs such as real estate listings and stock market prices. Readers will need to have basic Python skills.SIMON KINGABY is a software developer, programming professor, and public speaker residing in middle Tennessee. He believes that voice user interfaces will change the world and that tools like Alexa are just the tip of the iceberg. He spends his days moving data for Deloitte Global and teaching DataViz and FinTech at Vanderbilt University. In 2016, he published his first Alexa skill and has been enthralled by voice development ever since. In 2017, his uncle suddenly went blind and Simon began exploring ways Alexa could be used to help the blind by developing skills from “What’s the time?” and home navigation skills to smart home skills like “Turn on the coffee pot." In 2019 that same uncle committed suicide, and Simon turned his attention to mental health issues and using Alexa to help identify and prevent suicidal behavior. Now he is focused on enabling developers to use their programming abilities to build data-driven Alexa skills that will make a real difference in the world.PART I: GETTING STARTEDChapter 1: Voice User InterfacesChapter 2: Routines and BlueprintsChapter 3: The Developer AccountsChapter 4: Creating the VUI for a Custom Data-driven SkillChapter 5: Writing the Back-end CodeChapter 6: Publishing an Alexa SkillPART II: CUSTOM SKILL DEVELOPMENTChapter 7: Custom Alexa SkillsChapter 8: Beyond Hello WorldChapter 9: Configuring the VUIChapter 10: Using APL to Present on ScreensChapter 11: Coding the Lambda FunctionChapter 12: Unit Testing an Alexa SkillChapter 13: Storing the DataPART III: USING APIS IN ADVANCED SKILLSChapter 14: A Personal Net Worth SkillChapter 15: The Real Estate APIChapter 16: The Stock Market APIChapter 17: What’s Next?
Practical Event-Driven Microservices Architecture
In the simplest terms, event-driven architectures are like onions; they are manageable as a single layer (like a monolith) but when you get into them, they begin to cascade apart and you quickly realize that there are many complex layers (distributed microservices architecture). And that’s when the tears begin.This prescriptive guide takes you through the steps of moving a platform with millions of users from a monolith to a microservices event-driven architecture. You will learn about the challenges and complexities that arise in high-throughput environments that often contain upwards of hundreds of microservices. This book is designed to be your single best resource for learning how to apply event-driven architectures in real-world scenarios and offers hundreds of patterns to overcome the common and not so common challenges.While event-driven architectures have been the standard for decoupled, pluggable, evolutionary architectures for years, they have only recently been adopted by enterprises for the purpose of distributed microservices and there is little information about adopting them. Using them at scale can save valuable resources, but requires different considerations, including the added complexity of supporting several moving parts and getting the event schema right from the start in order to avoid large restructuring later on.Author Hugo Rocha understands that these kinds of challenges, as well as many others, need to be considered from the beginning, and helps teach you the mindset needed to create a deliberate strategy upfront. This book offers learning approaches and patterns to get you up to speed in order to sustainably build and manage event-driven architectures.WHAT YOU WILL LEARN* Understand the real-world challenges of event-driven architectures and the patterns to deal with those challenges and the trade-offs of each solution* Leverage the advantages of event-driven architectures to build scalable solutions and address legacy applications* Plan successful future implementations to avoid common pitfalls and apply proven patterns to deal with challenges in a real-world platform with millions of users* Decide whether event-driven solutions are the right choice for the requirements at hand* Discuss and understand advanced concepts about event-driven architecturesWHO IS THIS BOOK FORSoftware engineers and software architects. Anyone currently working with microservice architectures, primarily event-driven microservices, will greatly benefit from this book. Readers working with monoliths will benefit, as the book explores migration from a monolithic application to an event-driven microservice architecture.HUGO ROCHA has nearly a decade of experience working with highly distributed event-driven microservices architectures. He currently is an engineering lead for the leading global ecommerce platform for luxury products (Farfetch), providing services to millions of active users, backed by an event-driven architecture with hundreds of microservices processing hundreds of changes per second. Before that, he worked for several reference telecommunications companies that transitioned from monolithic applications to microservice-oriented architectures. Hugo has managed several teams that directly face the caveats of event-driven architectures every day. He designed solutions for critical pieces of the platform’s highly distributed backoffice platform, handling hundreds of changes per second, concurrently, scalably, and with high performance.CHAPTER 1. EMBRACING EVENT-DRIVEN ARCHITECTURES1.1. The truth about monoliths1.1.1. Anatomy of a typical monolith1.1.2. It's not all bad1.1.3. When monoliths become the business constrictor knot1.1.4. Using event-driven architectures to move away from a monolith1.2. What are microservices and how do they relate to event-driven1.3. SOA, microservice, and event-driven architectures1.4. The promise of event-driven microservices1.5. When should you use event-driven microservices?1.6. Overview of the challenges in event-driven architectures1.7. SummaryCHAPTER 2. MOVING FROM A MONOLITH TO AN EVENT-DRIVEN ARCHITECTURE2.1. Is migrating to an event-driven architecture your best option?2.2. How to decide where to start2.3. Using an event-driven approach to migrate data2.4. Using change data capture (CDC)2.4.1. Event-driven and change data capture (CDC), a real-world example2.5. Event-driven as a source of truth for both systems2.6. Managing dependencies between the two systems2.6.1. Dependency from new event-driven services to the monolith2.6.2. Dependency from the monolith to new event-driven services2.7. Gradually moving traffic2.8. Two-way synchronization and living with two sources of truth2.9. SummaryCHAPTER 3. DEFINING AN EVENT-DRIVEN MICROSERVICE AND ITS BOUNDARIES3.1. Building event-driven microservices3.1.1. Durable vs. ephemeral message brokers and GDPR3.1.2. Message types3.1.3. When to use documents over events3.1.4. Common event-driven messaging patterns3.1.5. Event-driven service topologies3.1.6. Common event-driven pitfalls and anti-patterns3.2. Organizing event-driven microservice boundaries3.3. Brief and practical introduction to domain-driven design and bounded contexts3.4. The impact of aggregate size and common pitfalls3.5. Request-driven vs. event-driven services3.6. Adding functionality to an existing microservice vs. creating a new one3.7. SummaryCHAPTER 4. EVENT-DRIVEN STRUCTURAL PATTERNS AND HIGH-LEVEL PROCESSES4.1. The challenges of transactional consistency in distributed systems4.1.1. Why abandon a monolithic database in the first place?4.1.2. The limitations of distributed transactions4.1.3. Managing multi-step processes with Sagas4.2. Event-driven orchestration pattern4.3. Event-driven choreography pattern4.4. Orchestration, choreography, or both?4.5. Data retrieval in event-driven architectures and associated patterns4.5.1. CQS, CQRS and when to use them4.5.2. The different flavors of CQRS4.5.3. When and how to use event sourcing4.5.4. Using command sourcing and its applicability4.6. Building multiple read models4.7. The pitfall of microservice spaghetti architectures and how to avoid it4.8. SummaryCHAPTER 5. HOW TO MANAGE EVENTUAL CONSISTENCY5.1. The impacts of eventual consistency and the need for alignment with the business5.2. Using event schema to leverage eventual consistency5.3. Applying domain boundaries to leverage eventual consistency5.4. Event versioning to manage delays5.5. Saving state to avoid eventual consistency5.6. End-to-end argument: a real-world use case5.7. For most use cases, it's not eventual if nobody notices5.7.1. Autoscaling use case with Prometheus and Kafka5.8. Tradeoffs of each solution5.9. SummaryCHAPTER 6. DEALING WITH EVENT-DRIVEN CONCURRENCY AND OUT OF ORDER MESSAGES6.1. Why is concurrency different in a monolith from an event-driven architecture?6.2. Pessimistic vs. optimistic concurrency, when and when not to use6.2.1. Pessimistic vs. optimistic approaches6.2.2. Solving concurrency by implementation and by architecture6.3. Using optimistic concurrency6.4. Using pessimistic concurrency6.4.1. Distributed locks6.4.2. Database transactions6.5. Dealing with out-of-order events6.5.1. How can events lose their order?6.5.2. Solving out of order events with versioning6.6. Using end-to-end message partitioning to handle concurrency and guarantee message ordering6.6.1. The relevance of message routing and partitioning6.6.2. Real-world example of message routing using Kafka6.6.3. Using end-to-end partitioning6.6.4. Limitations of end-to-end partitioning6.7. SummaryCHAPTER 7. ACHIEVING RESILIENCE AND EVENT PROCESSING RELIABILITY IN EVENT-DRIVEN MICROSERVICES7.1. Common failures in microservice architectures and how they relate to event-driven architectures7.1.1. Cascading failures and event-driven services7.1.2. Load balancing and rate limiters in event-driven services7.2. Understanding message delivery semantics7.3. Avoiding inconsistencies when saving state and publishing events7.3.1. Event stream as the only source of truth7.3.2. Outbox pattern7.3.3. Transactions and compensating actions7.4. Applying ACID 2.0 as a resilience strategy7.5. Avoiding message leak7.6. Applying common resilience patterns7.6.1. Retries7.6.2. Circuit breakers7.7. Recovering data and repairing state7.8. Bulkhead pattern7.9. SummaryCHAPTER 8. CHOOSING THE CORRECT EVENT SCHEMA DESIGN8.1. Event storming8.2. Event headers and envelopes8.2.1. Headers vs envelopes8.2.2. Relevant event contextual information8.3. Town crier events8.4. Bee events8.5. The event schema goldilocks principle8.6. Denormalized event schema8.7. Schema evolution8.7.1. Event stream versioning8.7.2. Using a downscaler/upscaler8.8. SummaryCHAPTER 9. HOW TO LEVERAGE THE USER INTERFACE9.1. Using an aggregating layer9.2. Backends for frontends9.3. UI Decomposition9.3.1. Application decomposition9.3.2. Page decomposition9.3.3. Section decomposition9.4. The limitations of API composition9.5. Task-based UIs9.6. Event-driven APIs9.7. SummaryCHAPTER 10. OVERCOMING THE CHALLENGES IN QUALITY ASSURANCE10.1. The only happens in production syndrome10.2. Component tests vs integration tests10.3. The correct mix of component validation and production validations10.4. Monitoring and alarmistic from the ground up10.5. SummaryCHAPTER 11. ORGANIZATIONAL COST OF EVENT-DRIVEN MICROSERVICES11.1. The epic journey to be onboarded11.2. When implementation overhead impacts time to market11.3. Dependencies management11.4. Summary
Mastering VMware Horizon 8
Learn all about designing, installing, configuring, and managing VMware Horizon, with a core focus on how to deliver virtual desktops using Horizon. This book allows you to follow the complete process for deploying VMware Horizon and covers the design, deployment, and management of solutions.You'll start by reviewing remote solutions, from virtual desktops to published applications, including the benefits and what the different solutions deliver. Once through the high-level technology you'll then look at the VMware Horizon solution focusing on the architecture and the components that make up the solution and how to design a production-ready environment. Other VMware EUC technologies that complement the core Horizon solution will also be incorporate into it.Armed with the knowledge of how to design a solution, you'll move onto the installation phase and start to build a test lab environment. Once your lab is installed, you'll move onto the configuration stage where you will understand how to build, configure, and optimize virtual desktops, and desktop pools ready for end-users to use. As part of this you will also look at delivering published applications with Horizon Apps.With resources built and configured you can optimize the end-user experience with Horizon clients. The final sections of the book will focus on the other complementary solutions introducing you to VMware App Volumes and VMware Dynamic Environment Manager before finishing with how to manage the solution where we will look at some advanced configuration options and troubleshooting techniques.WHAT YOU WILL LEARN* See the core components of VMware Horizon and their functionality* Design and install a Horizon environment* Deliver the best end-user experience* Manage the deployed solution* Use VMware reference architectures to create real-life scenario examples* Review the minimum requirements for designing a solutionWHO THIS BOOK IS FORVMware professionals, system integrators, IT professionals, and consultants.PETER VON OVEN is an experienced technical consultant working closely with customers and partners designing technology solutions, to meet business needs. During his career, Peter has presented at key IT events such as VMworld, IP EXPO, and various VMUGs and CCUG events. He has also worked in senior presales roles and presales management roles for Fujitsu, HP, Citrix, and VMware, and has been awarded VMware vExpert for the last six years in a row. In 2016, Peter founded his own company, Droplet Computing, where he works today as the founder and chief executive officer, helping redefine the way applications are delivered today. He is also an avid author, having now written 13 books and made videos about VMware end-user computing solutions. In his spare time, Peter volunteers as a STEM Ambassador, helping the next generation develop the skills and confidence in building careers in technology.Chapter 1: What Are Remote Desktop Solutions?Chapter 2: Getting Started with VMware HorizonChapter 3: Architecting Horizon for DeploymentChapter 4: Installing and Configuring Your Horizon EnvironmentChapter 5: Creating Virtual Desktop Images for DeploymentChapter 6: Building and Configuring Desktop PoolsChapter 7: Managing Horizon with Active Directory GPOsChapter 8: Horizon Computer GPOs Settings (split from chapter 7)Chapter 9: Horizon User GPO Settings (split from chapter 7)Chapter 10: Managing the End User Environments (former chapter 8)Chapter 11: Horizon Apps (former chapter 9)Chapter 12: Horizon Published Desktop (former chapter 10)Chapter 13: Connecting End Users (former chapter 11)Chapter 14: Horizon Enterprise Edition (former chapter 12)Chapter 15: Upgrading Horizon (former chapter 13)Chapter 16: Running Horizon in the Cloud (former chapter 14)Chapter 17: Horizon Troubleshooting (former chapter 15)Online Resource: Advanced Configuration and Management (former chapter 16)
Synology NAS - Die praktische Anleitung
Sie möchten mit einem Synology NAS Ihre Daten zentral speichern, eigene Backups erstellen und Fotos, Filme und Dokumente streamen? Dennis Rühmer hilft Ihnen bei diesen Aufgaben und erklärt, wie Sie Ihr Synology NAS richtig konfigurieren und eine private Cloud aufsetzen. Damit können Sie Ihre Daten sicher ablegen und verwalten, Live-TV aufnehmen, automatische Sicherungen Ihrer Rechner anlegen, Kalender und Kontakte verwalten und noch viel mehr. Vom reibungslosen Einstieg und einer Kaufberatung über zentrale Grundlagen bis zu den vielfältigen Diensten erfahren Sie in diesem Ratgeber, was Sie über Ihr Synology NAS für einen reibungslosen Betrieb wissen müssen.Aus dem Inhalt:Das richtige NAS wählenDas Gerät sicher einrichtenNetzwerkfreigaben verwaltenKalender und AdressbuchMusik per NAS abspielenFotos organisieren und teilenVideos genießen und verwaltenEin zentrales Backup erstellenEinen zentralen Drucker einrichtenKameraüberwachung steuernEinen TV-Server nutzenSicherheit im HeimnetzAutor: Dennis Rühmer ist promovierter Ingenieur der Elektrotechnik, an der TU Braunschweig als wissenschaftlicher Mitarbeiter tätig und erfahrener Buchautor. Er befasst sich intensiv mit Datensicherung und Streaming, ist großer Raspberry Pi- und Kodi-Fan, bekennender Linuxer und interessiert sich seit frühester Kindheit für digitale Fotografie.
Außenhandel mit SAP GTS und SAP S/4HANA
Sorgen Sie für reibungslose Abläufe im internationalen Handel! Mit diesem Buch optimieren Sie Ihre Import- und Exportprozesse und stellen sicher, dass Ihr Unternehmen die gesetzlichen Anforderungen und Handelsübereinkünfte erfüllt. Sie lernen alle Prozesse für Warenbewegungen innerhalb und außerhalb der EU ausführlich kennen und erfahren, wie Sie diese in SAP GTS und SAP S/4HANA abbilden. Sie erfahren außerdem, wie SAP GTS mit der Lagerverwaltung in SAP EWM zusammenspielt. Ob Sie SAP ERP einsetzen oder auf SAP S/4HANA umsteigen wollen: Dieses Buch gibt Ihnen praxisnah Hilfestellung zu SAP GTS 11.0, SAP GTS edition for SAP HANA 2020 und SAP S/4HANA for International Trade. Aus dem Inhalt: Überlassung zum zollrechtlich freien VerkehrVersandverfahren bei der Ein- und AusfuhrZolllagerverfahrenAktive und passive VeredelungAusfuhr von Gütern mit doppeltem VerwendungszweckUS-ReexportkontrolleEmbargosituationenWarenbewegungen innerhalb der EUSAP S/4HANA for international tradeSAP-Fiori-AppsIntegration mit SAP EWM Einleitung ... 11 TEIL I. SAP GTS ... 19 1. Einführung in SAP GTS ... 21 1.1 ... Zweckbestimmung und Produktstruktur ... 21 1.2 ... Integration in die Steuerung logistischer Prozesse in SAP ERP bzw. SAP S/4HANA ... 28 1.3 ... Stammdatenpflege ... 41 1.4 ... Abbildung von Rechtsnormen ... 48 2. Zollverfahren bei der Einfuhr ... 57 2.1 ... Überlassung zum zollrechtlich freien Verkehr ... 57 2.2 ... Versandverfahren bei der Einfuhr ... 98 2.3 ... Zolllagerverfahren ... 121 2.4 ... Aktive Veredelung ... 147 3. Zollverfahren bei der Ausfuhr ... 161 3.1 ... Ausfuhrverfahren ... 161 3.2 ... Versandverfahren bei der Ausfuhr ... 214 3.3 ... Passive Veredelung ... 235 3.4 ... Einbindung von externen Dienstleistern ... 248 4. Ausfuhrkontrolle ... 259 4.1 ... Kritische Güter ... 259 4.2 ... Embargosituationen ... 331 5. Ausfuhr von Ursprungserzeugnissen ... 373 5.1 ... Ermittlung der Ursprungseigenschaft einer Ware ... 374 5.2 ... Verwaltung von Lieferantenerklärungen ... 436 6. Warenbewegungen innerhalb der EU ... 479 6.1 ... Intrastat-Meldung ... 479 6.2 ... Beförderung im Steueraussetzungsverfahren ... 506 TEIL II. SAP S/4HANA for international trade ... 521 7. Stammdatenpflege ... 523 7.1 ... Tarifierung und Klassifizierung ... 523 7.2 ... Stammdaten für Trade Compliance ... 538 8. Intrastat-Meldung und Belegprüfung ... 545 8.1 ... Intrastat-Meldung ... 545 8.2 ... Trade Compliance ... 554 A. Abkürzungsverzeichnis ... 563 Die Autorin ... 569 Index ... 571
Steuern in SAP S/4HANA
Kein unternehmerisches Handeln ohne steuerliche Konsequenzen! Dieses Buch verbindet einen verständlichen Überblick über steuerrechtliche Anforderungen mit einer ausführlichen Darstellung der Systemeinstellungen. Alle relevanten Steuerarten werden in den Blick genommen: direkte Steuern, indirekte Steuern sowie Verbrauchsteuern und Verrechnungspreise. Sie lernen, wie Sie Ihre Anforderungen entlang der Geschäftsprozesse in SAP S/4HANA abbilden. Dabei werden Ihre Optionen für steuerliche Meldungen und Auswertungen genauso erläutert wie Best Practices für Ihr Transformationsprojekt. So können Sie die Vorteile von SAP S/4HANA voll ausschöpfen! Aus dem Inhalt: Herausforderungen für die SteuerfunktionTax Target Operating ModelTax Compliance ManagementStammdatenmanagementTax TaggingPrüferrollen in SAP FioriSAP-Fiori-Apps für die SteuerfunktionPlanung und Analysen mit SAP Analytics CloudSAP Excise Tax ManagementAdvanced Compliance ReportingVorgehensweise im Projekt Einleitung ... 13 1. SAP S/4HANA - Herausforderungen und Chancen für die Steuerfunktion ... 21 1.1 ... Chancen für die Steuerfunktion ... 23 1.2 ... Herausforderungen für die Steuerfunktion ... 37 1.3 ... Zusammenfassung ... 41 2. Strategie und Projektmethodik ... 43 2.1 ... Tax Target Operating Model ... 43 2.2 ... Brownfield, Greenfield oder SAP Central Finance? ... 58 2.3 ... Die Implementierungsmethode SAP Activate ... 64 2.4 ... Daten, Prozesse, Meldewesen: Überblick über die Use Cases ... 65 2.5 ... Internationaler Roll-out-Template-Ansatz ... 68 2.6 ... SAP Best Practices/SAP Model Company ... 69 2.7 ... Zusammenfassung ... 71 3. Steuerliche Anforderungen entlang der Geschäftsprozesse ... 73 3.1 ... Steuerlicher End-to-End-Prozess ... 73 3.2 ... Steuerliche Implikationen entlang wichtiger End-to-End-Szenarien ... 79 3.3 ... Anwendungs- und Datensicht ... 84 3.4 ... Werkzeuge zur Abbildung steuerlicher Prozesse in SAP S/4HANA ... 86 3.5 ... Zusammenfassung ... 87 4. Steuerliche Anforderungen an SAP S/4HANA ... 89 4.1 ... Kernfunktionen in SAP S/4HANA ... 89 4.2 ... Steuerliches Datenmanagement ... 121 4.3 ... Grundlagen steuerlicher Umsetzungsmöglichkeiten ... 126 4.4 ... Zusammenfassung ... 149 5. Direkte Steuern ... 151 5.1 ... Einführung ... 152 5.2 ... Organisationsstrukturen ... 156 5.3 ... Stammdaten ... 205 5.4 ... Steuerliche Analyse und Monitoring in SAP S/4HANA ... 211 5.5 ... Steuerliches Meldewesen und Reporting ... 222 5.6 ... Steuerliche Planung mit SAP Analytics Cloud ... 231 5.7 ... Zusammenfassung ... 239 6. Umsatzsteuer ... 241 6.1 ... Einführung ... 242 6.2 ... Grundlagen der Umsatzsteuerfindung in SAP ... 252 6.3 ... SAP-S/4HANA-Datenstrukturen - SAP Simplification List ... 323 6.4 ... Umsatzsteuervoranmeldung/-jahreserklärung ... 324 6.5 ... Zusammenfassende Meldung ... 336 6.6 ... Intrastat-Meldung ... 342 6.7 ... Zusammenfassung ... 344 7. Verrechnungspreise ... 345 7.1 ... Grundlagen der Verrechnungspreise ... 346 7.2 ... Lebenszyklus von Verrechnungspreisen ... 350 7.3 ... Dokumentations- und Reportinganforderungen ... 351 7.4 ... Steuerlicher End-to-End-Prozess ... 358 7.5 ... Steuerliche Anforderungen in SAP S/4HANA ... 359 7.6 ... Transferpreise im SAP-System - parallele Wertansätze ... 381 7.7 ... SAP Profitability and Performance Management und SAP Analytics Cloud ... 384 7.8 ... Zusammenfassung ... 386 8. Verbrauchsteuern ... 387 8.1 ... Verbrauchsteuern - Herausforderungen im Unternehmen ... 387 8.2 ... Überblick über SAP Excise Tax Management ... 393 8.3 ... Steuerliche Buchführung und Auswertung mit SAP Excise Tax Management ... 397 8.4 ... Typische Aktivitäten im Tagesablauf ... 431 8.5 ... Systemzugriff für den Prüfungsdienst ... 438 8.6 ... Zusammenfassung ... 440 Das Autorenteam ... 443 Index ... 445
Corporate Cybersecurity
CORPORATE CYBERSECURITYAN INSIDER’S GUIDE SHOWING COMPANIES HOW TO SPOT AND REMEDY VULNERABILITIES IN THEIR SECURITY PROGRAMSA bug bounty program is offered by organizations for people to receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. Corporate Cybersecurity gives cyber and application security engineers (who may have little or no experience with a bounty program) a hands-on guide for creating or managing an effective bug bounty program. Written by a cyber security expert, the book is filled with the information, guidelines, and tools that engineers can adopt to sharpen their skills and become knowledgeable in researching, configuring, and managing bug bounty programs. This book addresses the technical aspect of tooling and managing a bug bounty program and discusses common issues that engineers may run into on a daily basis. The author includes information on the often-overlooked communication and follow-through approaches of effective management. Corporate Cybersecurity provides a much-needed resource on how companies identify and solve weaknesses in their security program. This important book:* Contains a much-needed guide aimed at cyber and application security engineers * Presents a unique defensive guide for understanding and resolving security vulnerabilities * Encourages research, configuring, and managing programs from the corporate perspective * Topics covered include bug bounty overview; program set-up; vulnerability reports and disclosure; development and application Security Collaboration; understanding safe harbor and SLAWritten for professionals working in the application and cyber security arena, Corporate Cybersecurity offers a comprehensive resource for building and maintaining an effective bug bounty program. JOHN JACKSON is a Cyber Security Professional, Hacker, and the founder of the Hacking Group: Sakura Samurai. He is skilled in the art of configuring, managing, and utilizing Application Security Tools and programs, and an effective leader in the Cyber Security space. His unique perspective as both an Engineer and a Security Researcher provides hands-on experience towards configuring programs in a way that both organizations and researchers can benefit.Foreword xiiiAcknowledgments xvPART 1 BUG BOUNTY OVERVIEW 11 THE EVOLUTION OF BUG BOUNTY PROGRAMS 31.1 Making History 31.2 Conservative Blockers 41.3 Increased Threat Actor Activity 41.4 Security Researcher Scams 51.5 Applications Are a Small Consideration 51.6 Enormous Budgetary Requirements 51.7 Other Security Tooling as a Priority 61.8 Vulnerability Disclosure Programs vs Bug Bounty Programs 61.8.1 Vulnerability Disclosure Programs 61.8.2 Bug Bounty Programs 71.9 Program Managers 71.10 The Law 71.11 Redefining Security Research 81.12 Taking Action 81.12.1 Get to Know Security Researchers 91.12.2 Fair and Just Resolution 91.12.3 Managing Disclosure 91.12.4 Corrections 91.12.5 Specific Community Involvement 9PART 2 EVALUATING PROGRAMS 112 ASSESSING CURRENT VULNERABILITY MANAGEMENT PROCESSES 132.1 Who Runs a Bug Bounty Program? 132.2 Determining Security Posture 132.3 Management 142.3.1 Software Engineering Teams 142.3.2 Security Departments (Security Operations, Fraud Prevention, Governance/Risk/Compliance, Edge Controls, Vulnerability Management, Endpoint Detection, and Response) 142.3.3 Infrastructure Teams 142.3.4 Legal Department 142.3.5 Communications Team 142.4 Important Questions 152.5 Software Engineering 152.5.1 Which Processes Are in Place for Secure Coding? Do the Software Engineers Understand the Importance of Mitigating the Risks Associated with Vulnerable Code? 152.5.2 How Effective Are Current Communication Processes? Will Vulnerabilities Be Quickly Resolved If Brought to Their Attention? 152.5.3 Is the Breadth of Our Enterprise’s Web and Mobile Applications Immense? Which Processes Are Engineers Using for Development in the Software Development Lifecycle? 162.6 Security Departments 162.6.1 How Does Security Operations Manage Incidents? Will Employee Assistance Be Provided from the Security Operations Team If a Threat Actor Manages to Exploit an Application Vulnerability? Which Tools Do They Have in Place? 162.6.2 What Does the Fraud Prevention Team Do to Prevent Malicious Activities? How Many Occurrences Do They See of Issues such as Account Takeover, and Could They Potentially Create Application Vulnerabilities? 162.6.3 Are There Any Compliance Practices in Place and, If So, How Do They Affect the Vulnerability Management Process? What Does the Application Security Team Have to Do to Assist in Enterprise Compliance? 172.6.4 What Edge Tooling is in Place to Prevent Attacks? Are Any of the Enterprise Applications at Risk of Being Exploited due to an IoT (Internet of Things) Device? 172.6.5 How Often Does Our Vulnerability Management Team Push for Updates? How Does the Vulnerability Management Team Ensure Servers in which Enterprise Applications Reside Are Secure? 172.7 Infrastructure Teams 172.7.1 What Are Infrastructure Teams Doing to Ensure Best Security Practices Are Enabled? How Long Will It Take the Infrastructure Team to Resolve a Serious Issue When a Server-side Web Application is Exploited, or During a Subdomain Takeover Vulnerability? 172.7.2 Is There Effective Communication between Infrastructure, Vulnerability Management, Security Operations, and Endpoint Detection and Response? 182.8 Legal Department 182.8.1 How Well Refined is the Relationship between the Application Security Team and the Legal Department? 182.8.2 What Criteria Are/Will Be Set Out for the Escalation of Issues? 182.8.3 Does the Legal Department Understand the Necessity of Bug Bounty Program Management? 182.9 Communications Team 182.9.1 Has the Communications Team Dealt with Security Researchers Before? is the Importance Understood? 182.9.2 Was the Communications Team Informed of Bug Bounty Program Expectations? 192.10 Engineers 192.11 Program Readiness 193 EVALUATING PROGRAM OPERATIONS 213.1 One Size Does Not Fit All 213.2 Realistic Program Scenarios 213.3 Ad Hoc Program 223.4 Note 243.5 Applied Knowledge 243.5.1 Applied Knowledge #1 243.5.1.1 Private Programs 253.5.2 Applied Knowledge #2 253.5.2.1 Public Programs 253.5.3 Applied Knowledge #3 263.5.3.1 Hybrid Models 263.6 Crowdsourced Platforms 273.7 Platform Pricing and Services 283.8 Managed Services 283.9 Opting Out of Managed Services 293.10 On-demand Penetration Tests 29PART 3 PROGRAM SETUP 314 DEFINING PROGRAM SCOPE AND BOUNTIES 334.1 What is a Bounty? 334.2 Understanding Scope 334.3 How to Create Scope 344.3.1 Models 344.4 Understanding Wildcards 344.4.1 Subdomain 354.4.2 Domain 354.4.3 Specific Domain Path or Specific Subdomain Path 354.5 Determining Asset Allocation 364.6 Asset Risk 374.7 Understanding Out of Scope 374.8 Vulnerability Types 384.8.1 Denial of Service (DOS) or Distributed Denial of Service (DDoS) Attacks 384.8.2 Social Engineering Attacks 384.8.3 Brute Force or Rate Limiting 384.8.4 Account and Email Enumeration 384.8.5 Self-XSS 394.8.6 Clickjacking 394.8.7 Miscellaneous 394.9 When is an Asset Really Out of Scope? 394.10 The House Wins – Or Does It? 404.11 Fair Judgment on Bounties 424.12 Post-mortem 434.13 Awareness and Reputational Damage 434.14 Putting It All Together 444.15 Bug Bounty Payments 444.15.1 Determining Payments 454.15.2 Bonus Payments 464.15.3 Nonmonetary Rewards 465 UNDERSTANDING SAFE HARBOR AND SERVICE LEVEL AGREEMENTS 495.1 What is “Safe Harbor”? 495.1.1 The Reality of Safe Harbor 495.1.2 Fear and Reluctance 495.1.3 Writing Safe Harbor Agreements 505.1.4 Example Safe Harbor Agreement 505.2 Retaliation against a Rogue Researcher (Cybercriminal or Threat/Bad Actor) 515.3 Service Level Agreements (SLAs) 525.3.1 Resolution Times 535.3.2 Triage Times 536 PROGRAM CONFIGURATION 556.1 Understanding Options 556.2 Bugcrowd 556.2.1 Creating the Program 556.2.2 Program Overview 616.2.2.1 The Program Dashboard 616.2.2.2 The Crowd Control Navbar 63Summary 63Submissions 63Researchers 64Rewards 65Insights Dashboard 65Reports 666.2.3 Advanced Program Configuration and Modification 666.2.3.1 Program Brief 666.2.3.2 Scope and Rewards 676.2.3.3 Integrations 726.2.3.4 Announcements 736.2.3.5 Manage Team 746.2.3.6 Submissions 756.2.4 Profile Settings 766.2.4.1 The Profile and Account 786.2.4.2 Security 786.2.4.3 Notification Settings 796.2.4.4 API Credentials 806.2.5 Enterprise “Profile” Settings 816.2.5.1 Management and Configuration 816.2.5.2 Organization Details 816.2.5.3 Team Members 816.2.5.4 Targets 816.2.5.5 Authentication 816.2.5.6 Domains 826.2.5.7 Accounting 836.3 HackerOne 846.3.1 Program Settings 856.3.1.1 General 856.3.1.2 Information 866.3.1.3 Product Edition 866.3.1.4 Authentication 876.3.1.5 Verified Domains 886.3.1.6 Credential Management 896.3.1.7 Group Management 896.3.1.8 User Management 906.3.1.9 Audit Log 916.3.2 Billing 926.3.2.1 Overview 926.3.2.2 Credit Card 926.3.2.3 Prepayment 926.3.3 Program 936.3.3.1 Policy 936.3.3.2 Scope 936.3.3.3 Submit Report Form 956.3.3.4 Response Targets 966.3.3.5 Metrics Display 976.3.3.6 Email Notifications 976.3.3.7 Inbox Views 986.3.3.8 Disclosure 986.3.3.9 Custom Fields 986.3.3.10 Invitations 996.3.3.11 Submission 1006.3.3.12 Message Hackers 1016.3.3.13 Email Forwarding 1026.3.3.14 Embedded Submission Form 1026.3.3.15 Bounties 1036.3.3.16 Swag 1036.3.3.17 Common Responses 1046.3.3.18 Triggers 1066.3.3.19 Integrations 1076.3.3.20 API 1076.3.3.21 Hackbot 1076.3.3.22 Export Reports 1086.3.3.23 Profile Settings 1086.3.4 Inbox 1086.3.4.1 Report Details 1096.3.4.2 Timeline 1096.4 Summary 110PART 4 VULNERABILITY REPORTS AND DISCLOSURE 1117 TRIAGE AND BUG MANAGEMENT 1137.1 Understanding Triage 1137.1.1 Validation 1137.1.2 Lessons Learned 1157.1.3 Vulnerability Mishaps 1157.1.4 Managed Services 1157.1.5 Self-service 1167.2 Bug Management 1167.2.1 Vulnerability Priority 1167.2.2 Vulnerability Examples 1177.2.2.1 Reflected XSS on a login portal 117Report and Triage 117Validation 1177.2.2.2 Open redirect vulnerability 117Report and Triage 117Validation 1187.2.2.3 Leaked internal Structured Query Language (SQL) server credentials 118Report and Triage 118Validation 1187.3 Answers 1187.3.1 Vulnerability Rating-test Summary 1197.3.1.1 Reflected XSS in a login portal 1187.3.1.2 Open redirect vulnerability 1187.3.1.3 Leaked internal SQL server credentials 1187.3.2 Complexity vs Rating 1197.3.3 Projected Ratings 1207.3.4 Ticketing and Internal SLA 1207.3.4.1 Creating Tickets 1208 VULNERABILITY DISCLOSURE INFORMATION 1238.1 Understanding Public Disclosure 1238.1.1 Making the Decision 1238.1.1.1 Private Programs 123The Bottom Line 1248.1.1.2 Public Programs 125The Bottom Line 1268.2 CVE Responsibility 1268.2.1 What are CVEs? 1268.2.2 Program Manager Responsibilities 1268.2.3 Hardware CVEs 1268.2.4 Software and Product CVEs 1288.2.5 Third-party CVEs 1288.3 Submission Options 1308.3.1 In-house Submissions 1308.3.2 Program Managed Submissions and Hands-off Submissions 1308.3.2.1 Program Managed Submissions 1308.3.2.2 Hands-off Submissions 131PART 5 INTERNAL AND EXTERNAL COMMUNICATION 1339 DEVELOPMENT AND APPLICATION SECURITY COLLABORATION 1359.1 Key Role Differences 1359.1.1 Application Security Engineer 1359.1.2 Development 1359.2 Facing a Ticking Clock 1369.3 Meaningful Vulnerability Reporting 1369.4 Communicating Expectations 1379.5 Pushback, Escalations, and Exceptions 1389.5.1 Internal steps 1389.5.2 External steps 1399.5.2 Escalations 1399.5.3 Summary 1409.6 Continuous Accountability 1419.6.1 Tracking 1419.6.2 Missed Deadlines 14110 HACKER AND PROGRAM INTERACTION ESSENTIALS 14310.1 Understanding the Hacker 14310.1.1 Money, Ethics, or Both? 14310.1.2 Case Study Analysis 14510.2 Invalidating False Positives 14510.2.1 Intake Process and Breaking the News 14510.2.2 Dealing with a Toxic Hacker 14710.3 Managed Program Considerations 14710.4 In-house Programs 14810.5 Blackmail or Possible Threat Actor 15110.6 Public Threats or Disclosure 15110.7 Program Warning Messages 15310.8 Threat Actor or Security Researcher? 15310.9 Messaging Researchers 15510.9.1 Security Researcher Interviews 15510.9.2 Bug Bounty Program Manager Interviews 15910.10 Summary 164PART 6 ASSESSMENTS AND EXPANSIONS 16511 INTERNAL ASSESSMENTS 16711.1 Introduction to Internal Assessments 16711.2 Proactive Vs Reactive Testing 16711.3 Passive Assessments 16811.3.1 Shodan 16811.3.1.1 Using Shodan 16811.3.2 Amass/crt.sh 17111.3.2.1 Amass 17211.3.2.2 crt.sh 17311.4 Active Assessments 17311.4.1 nmapAutomator.sh 17311.4.2 Sn1per 17511.4.3 Owasp Zap 17511.4.4 Dalfox 17711.4.5 Dirsearch 17911.5 Passive/Active Summary 18011.6 Additional Considerations: Professional Testing and Third-Party Risk 18012 EXPANDING SCOPE 18112.1 Communicating with the Team 18112.2 Costs of Expansion 18212.3 When to Expand Scope 18212.4 Alternatives to Scope Expansion 18312.5 Managing Expansion 18313 PUBLIC RELEASE 18513.1 Understanding the Public Program 18513.2 The “Right” Time 18513.3 Recommended Release 18613.3.1 Requirements 18613.4 Rolling Backwards 18613.5 Summary 187Index 189
Private Cloud und Home Server mit QNAP NAS
* MUSIK, FOTOS, VIDEOS UND DOKUMENTE ZENTRAL SPEICHERN UND MIT ANDEREN TEILEN* BENUTZER VERWALTEN, BACKUPS ERSTELLEN UND DATEN VOR UNERLAUBTEN ZUGRIFFEN SCHÜTZEN* FORTGESCHRITTENE THEMEN WIE VPN UND VIRTUALISIERUNG* ZAHLREICHE SCHRITT-FÜR-SCHRITT-ANLEITUNGEN UND PRAXIS-TIPPSMit diesem Buch lernen Sie umfassend alles, was Sie brauchen, um Ihr QNAP NAS an Ihre persönlichen Bedürfnisse anzupassen und das Potenzial Ihres Geräts voll auszuschöpfen. Dafür gibt der Autor Ihnen zahlreiche praktische Tipps an die Hand. So können Sie all Ihre Dateien wie Musik, Videos und Fotos zentral sichern und effektiv verwalten.Andreas Hofmann stellt die verschiedenen NAS-Modelle vor, so dass Sie wissen, welches für Sie am besten geeignet ist. In leicht nachvollziehbaren Schritten erläutert er detailliert, wie Sie Ihr NAS in Betrieb nehmen und mit dem Betriebssystem QTS konfigurieren.Anhand einfacher Schritt-für-Schritt-Anleitungen zeigt er Ihnen, wie Sie Ihr NAS als Private Cloud und Home Server optimal einrichten: Dateien sichern, verwalten und mit anderen teilen, Benutzer verwalten, Fernzugriff einrichten, automatische Backups erstellen sowie Office-Dokumente und Multimedia-Dateien freigeben und mit dem SmartTV und anderen Geräten wiedergeben.Für alle, die noch tiefer in die Welt von QNAP NAS eintauchen möchten, geht der Autor auf weiterführende Themen wie Datensicherheit und die Überwachung und Optimierung des Betriebs ein und zeigt Ihnen die Konfiguration abseits der QNAP-Apps für die Einrichtung eines eigenen Chatservers sowie die Virtualisierung von Webanwendungen und Betriebssystemen.AUS DEM INHALT:* Kaufberatung und Inbetriebnahme* Das Betriebssystem * QTS im Detail* Dateien zentral verwalten mit der File Station* RAID-Konfiguration und automatische Backups* Dateifreigabe und Fernzugriff via App, FTP u.v.m.* Datensicherheit, Virenschutz und Firewall* Fotos organisieren und teilen mit der Photo Station* Musik zentral verwalten mit der Music Station * Filme katalogisieren und streamen mit dem Plex Media Server* Office-Dokumente, Kalender, Adressbuch und Notizen verwalten* E-Mail-Verwaltung mit dem QmailAgent* Zentrales Download-Management* Videoüberwachung mit der Surveillance Station* Virtualisierung* Speicher und RAID erweiternblog.viking-studios.net
Transforming Your Business with AWS
EXPERT GUIDANCE ON HOW TO USE AMAZON WEB SERVICES TO SUPERCHARGE YOUR DIGITAL SERVICES BUSINESSIn Transforming Your Business with AWS: Getting the Most Out of Using AWS to Modernize and Innovate Your Digital Services, renowned international consultant and sought-after speaker Philippe Abdoulaye delivers a practical and accessible guide to using Amazon Web Services to modernize your business and the digital services you offer. This book provides you with a concrete action plan to build a team capable of creating world-class digital services and long-term competitive advantages.You'll discover what separates merely average digital service organizations from the truly outstanding, as well as how moving to the cloud will enable your business to deliver your services faster, better, and more efficiently.This book also includes:* A comprehensive overview of building industry-leading digital service delivery capabilities, including discussions of the development lifecycle, best practices, and AWS-based development infrastructure* Explanations of how to implement a digital business transformation strategy* An exploration of key roles like DevOps Continuous Delivery, Continuous Deployment, Continuous Integration, Automation, and DevSecOps* Hands-on treatments of AWS application management tools, including Elastic Beanstalk, CodeDeploy, and CodePipelinePerfect for executives, managers, and other business leaders attempting to clarify and implement their organization's digital vision and strategy, Transforming Your Business with AWS is a must-read reference that answers the "why" and, most importantly, the "how," of digital transformation with Amazon Web Services.PHILIPPE ABDOULAYE is an international digital business transformation consultant. He advises business and IT leaders on how to take advantage of digital technologies to grow and prosper. He is a sought-after speaker for technology conferences around the world and has authored seven books on digital transformation and digital technologies.Introduction xxviiPART I UNDERSTANDING THE DIGITAL TRANSFORMATION CHALLENGES 1CHAPTER 1 THE DIGITAL ECONOMY’S CHALLENGES, OPPORTUNITIES, AND RELEVANCE OF AWS 3Understanding the Digital Economy’s Impacts 4Surviving Disruptions Are Your Business’s Primary Challenge 4Understanding the Digital Economy’s Opportunities 4Surviving the Disruptions: The AWS Solutions 5The AWS Universal Architecture: Simplifying AWS Understanding 5Navigating AWS IaaS Building Block 6AWS Compute Resources 7AWS Network Resources 8AWS Storage Resources 9Understanding Essential AWS PaaS Tools 10AWS Elastic Beanstalk 10AWS CodeDeploy 10AWS CodePipeline 11Understanding Innovation with AWS: Machine Learning, Internet of Things, and Elastic MapReduce 11AWS Machine Learning 11AWS Internet of Things 12Amazon Elastic MapReduce 12Understanding the AWS Integration Building Block 13Site-to-Site VPN 13Hybrid Cloud with VMware Cloud on AWS 13Changes in the AWS Implementation Paradigm 14Lift-and-Shift Migration is a Problem 14Failure Factors Making Lift-and-Shift Irrelevant 14Understanding the Benefits of Enterprise Architecture for AWS 15Key Takeaways 16References 16CHAPTER 2 WHAT IS A DIGITAL PRODUCT? 17Differences Between Digital Products and Digital Services 17Digital Service Delivers Information 18Digital Product Exists in Intangible Formats 18Anatomy of the Digital Product 18The Digital Product’s Technology Stack 18The 4G/5G Services 19Cloud Computing Services: Innovation as a Service 20Smart Mobile Devices 24Impacts on Digital Product and Service Development 24The Growing Complexity of the Technological Stack 24Technology Innovation Alone Isn’t Enough Anymore 25Key Takeaways 25References 26CHAPTER 3 DIGITAL PRODUCT AND SERVICE DEVELOPMENT CHALLENGES 27What is Digital Product and Service Development? 28Digital Product and Service Development Defined 28How is Digital Product and Service Development Performed? 28Ideation 29Concept 30Business Case 30Development 30Testing 31Launch 31Digital Product and Service Development Approach Evaluation 31Understanding the Digital Product and Service Development Assessment Framework 32Assessment Framework Overview 32The Context Elements 33The Performance Enablers 33The Digital Transformation Solutions 34Assessing Current Digital Product and Service Development 35What is a Digital Product and Service Development Platform? 35Capturing Business Context 37Evaluating Your Digital Operating Model 37Evaluating Your Technical Platform 38Evaluating Your Organizational Model 40Assessing Your Human Capital 41Challenges of Current Digital Product Development 42Focus on Digital Product and Service Development 42Accurate Customer Insights 43Competitive Pricing 43Premium Customer Experience 43Rapid Go-to-Market 44Key Takeaways 44References 44CHAPTER 4 INDUSTRIALIZING DIGITAL PRODUCT AND SERVICE DEVELOPMENT 47The Total Quality Management and Mass Production Heritage 48Total Quality Management Principles Defined 48Customer Focus 48Workforce Commitment 49Process Approach 49Integrated System 49Continual Improvement 49Transversal Communication 49Mass Production Principles Defined 49Assembly Line 50Work Specialization 50Automation 50Industrialization Factors 50Industrialization Factor Defined 50Families of Industrialization Factors 51Principles Family 51Design Patterns Family 52Methodology Family 52Technology Family 53Understanding DevOps as the Framework for Implementing Your Digital Product and Service Development Platform 54DevOps Defined 54Understanding DevOps Components 54Software Delivery Lifecycle’s Importance 54DevOps Practices Purpose 56Methodologies Benefit 58DevOps Toolchain Importance 63AWS Industrialization Factors 64Understanding AWS Design Patterns: The Enterprise Cloud Migration Pattern 64Defining AWS Enterprise Cloud Migration Pattern 65Understanding the Baseline Architecture Purpose 66AWS Methodology 66Defining AWS Well-Architected Framework 66Understanding the Industrialization Matrix for AWS 70Key Takeaways 73References 73PART II DIGITIZING THE BUSINESS MODEL USING AWS 75CHAPTER 5 THE J&S FOOD DIGITAL TRANSFORMATION PROJECT 77History of J&S Food, Inc. 77Company’s Evolution 78Territorial Conquest 78Diversification 79Company’s Culture 79Productivity 80Effectiveness 80Innovation 80Technology 81Transformation Journey’s First Stage: Planning the Transformation 81The Kickoff Meeting 82Understanding the Grocery Sector’s Digital Disruption Impacts on J&S Food 82Capturing and Analyzing the Factors Driving the Grocery Sector Disruption 84Discussing and Agreeing on the Factors Affecting J&S’s Food Business 87Developing and Sharing J&S Food’s Digital Mission and Digital Strategy 90Defining J&S Food’s Mission 90Developing J&S Food’s Digital Strategy 91Developing J&S Food’s Digital Transformation Roadmap 94Digital Transformation Roadmap Defined 94Developing a Digital Transformation Roadmap 96Understanding J&S Food’s Digital Transformation Roadmap 98The J&S Food Digital Transformation Project’s Statement of Work 99The Statement of Work Defined 99Introduction/Background 99Scope of Work 100Work Requirements 100Schedule/Milestones 101Acceptance Criteria 101Other Requirements 101The Next Step 102Key Takeaways 102References 102CHAPTER 6 RETHINKING J&S FOOD’S BUSINESS 103Transformation Journey’s Second Stage: Rethinking the Business 104Understanding J&S Food’s Current Business 105Capturing the Current Business Model 105Understanding Use Cases 106Understanding Actors 106Understanding Links 106The Current Business Model Captured 106Buy 107Fulfill Order 108Pay 109Perform Customer Service 109Manage Supply Chain 110Maintain Website 111Develop Food Product 112Understanding J&S Food’s Current Data Model 112Assessing the As-Is Operational Model 113Digital Food Experience Defined 113Assessing J&S Food’s Operational Model 114Defining the Digital Smart Shopping Bag 116Optimizing the Fulfill Order Experience Based on a Two-SidedMarketplace Platform 117Enhancing Online Order Experience Using a Mobile App 118Implementing a Digital Products and Services Development Platform 118Defining the Future Digital Business Model 118Reconfiguring J&S Food’s Operational Model 119Understanding Michael Porter’s Value Chain 119The Value Chain for Digital Business Defined 121J&S Food’s Digital Business Model Defined 123Understanding J&S Food’s Next Digital Value Chain 123Support Digital Business Activities 123Primary Digital Business Activities 124Understanding J&S Food’s AWS Cloud Platform 126J&S Food’s AWS Software as a Service 126The J&S Food’s Platform as a Service 126The J&S Food’s AWS Virtual Infrastructure 126Integrating J&S Food’s Digital Operational Model with the Organization 127The Digital Business Value Chain: A Shortcut to the Digital Business Organization 127Digital Business Organizational Model Defined 127Developing the Digital Business Organizational Model 128The J&S Organizational Model Defined 130Roles and Responsibilities 130Interaction and Collaboration Mechanisms 132Key Takeaways 132References 133CHAPTER 7 DIGITIZING J&S FOOD’S BUSINESS MODEL USING AWS—IMPLEMENTING THE VPC 135Transformation Journey’s Third Stage: Digitizing the Business Model 136Defining J&S Food’s AWS Migration Strategy 137Sharing J&S Food’s Digital Business Model 138Defining the J&S Food’s Digital Business Application Portfolio 139Specifying J&S Food’s Virtual Private Cloud Architecture 141Understanding the Enterprise Cloud Migration Model For AWS 141J&S Food’s Virtual Private Cloud Specified 141The Availability Zone 142Amazon CloudFront and the Content Delivery Network 143J&S Food’s Virtual Private Cloud 143J&S Food’s Extended Elastic Compute Cloud Building Block 145J&S Food’s Extended Storage Build Block 149J&S Food’s Extended Fault Tolerance Building Block4 150J&S Food’s Extended Security Build Block 151Executing J&S Food’s AWS Migration Strategy 152Understanding the AWS Application Migration Process 152Discover 152Design 152Build 153Integrate 153Validate 153Cutover 153Migrating J&S Food’s Ecommerce Website Into a Two-Sided Marketplace Platform 154Implementing J&S Food’s Virtual Private Cloud 154Discovering the Ecommerce Website Three-Tier Architecture 155Extending the Ecommerce Website Architecture to a Two-Sided Marketplace Platform 157Implementing J&S Food’s Two-Sided Marketplace Platform 161Validating the Two-Sided Marketplace Platform 165Key Takeaways 165References 166CHAPTER 8 IMPLEMENTING J&S FOOD’S DEVOPS PLATFORM USING AWS PAAS 167Transformation Journey’s Third Stage: Implementing J&S Food’s DevOps Platform 168Understanding What J&S Food is Trying to Achieve 169Understanding the DevOps Implementation in the AWS Computing Environment 169Discussing the Challenges 170Understanding the Common Mistakes 171The DevOps Implementation Framework for AWS 171The Digital Business Value Chain Primary Activities and AWS Modern Application Influence 172The AWS CodePipeline Service 173Understanding DevOps Implementation for AWS 175Implementing J&S Food’s Digital Product and Service Development Platform 177J&S Food’s Digital Product and Service Development Platform 177J&S Food’s DevOps Toolchain 178J&S Food’s Digital Business Primary Activities 180Designing the Agile Operating Model 181The Usual Challenges and Solutions 181J&S Food’s Agile Operating Model Defined 182Key Takeaways 183References 184CHAPTER 9 DEVELOPING J&S FOOD’S INNOVATION AS A SERVICE PLATFORM USING AWS 185Transformation Journey’s Third Stage: Developing J&S Food’s Innovation as a Service 185Software Engineering Methodology for Innovations Development in the AWS Cloud 186Software Engineering Methodology for Innovations Development 187Driving Principles Explained 187Key Concepts to Understand 189Understanding the Innovative Digital Product Development Lifecycle 193The Five-Step Development Lifecycle 193Specifying the Innovative Digital Product Using a UML Use Case Diagram 194Designing the Innovative Digital Product Using a UML Package Diagram 196Prototyping the Microservices Using AWS Amplify 197Developing and Deploying the Application Supporting the Innovative Digital Product 198Implementing the Microservices Architecture of the Digital Product and Service 200The User Interface Microservices 201The Business Logic Microservices 201The Technology Microservices 201Key Takeaways 202References 202PART III DEVELOPING WORLD-CLASS DIGITAL PRODUCTS AND SERVICES USING AWS 205CHAPTER 10 J&S FOOD’S SMART SHOPPING BAG DIGITAL PRODUCT PROJECT 207Transformation Journey’s Fourth Stage: Experimenting with the Digital Business Model 208The Smart Shopping Bag Project Overview 208The Smart Shopping Bag Project’s Organization 209The Smart Shopping Bag Project’s Opportunity Statement 209The Smart Shopping Bag Project’s Objectives 210The Smart Shopping Bag Project’s Scope 210The Pilot Project Management 211Key Takeaways 211References 212CHAPTER 11 SPECIFYING J&S FOOD’S SMART SHOPPING BAG DIGITAL PRODUCT 213Transformation Journey’s Fourth Stage: Specification of the Smart Shopping Bag Digital Product 213Specifying the Smart Shopping Bag Digital Product’s Scope 214Using Context Diagrams to Improve the Specification Process 215Developing the Smart Shopping Bag’s Context Diagram 215J&S Food’s Stores IoT Infrastructure 215J&S Food’s AWS IoT Core Platform 216Developing the Smart Shopping Bag Use Case Diagram 216Identifying the Smart Shopping Bag’s Actors and Use Cases 218Specifying the Smart Shopping Bag’s Functions Using Sequence Diagrams 221Use Case Description: Press Start to Begin Shopping 221Use Case Description: Respond to In-Store Customer Button Presses 222Use Case Description: Detect Product Code Put in the Bag 223Use Case Description: Send EEPROM Data to Billing System 225Use Case Description: Respond to RFID Reader Queries 226Use Case Description: Calculate the Bill Amount 226Specifying the Smart Shopping Business Rules Using Class Diagram 228The In-Store Customer 228The Smart Shopping Bag 230The RFID Reader 230The Product RFID Tag 230The Smart Mobile Device 231The Shopping Session 231The Smart Shopping Service 231The Smart Shopping Bag Application 231Key Takeaways 232References 232CHAPTER 12 DESIGNING J&S FOOD’S SMART SHOPPING BAG DIGITAL PRODUCT 233Transformation Journey’s Fourth Stage: Designing the Smart Shopping Bag Digital Product 233The Agile Operational Model Confirmed as the Foundation of J&S Food’s Work Organization 234J&S Food’s New Organization of Work 234The Princeton’s Digital Product Development Team Defined 235UML Package Diagram Facilitates the Microservices Architecture Design Process 237Lucidchart Confirmed as the Best Architecture Tool 237Overall Feedback 237The Resulting Smart Shopping Bag’s Architecture 238The Smart Shopping Bag Blueprint 239The In-Store Customer Package 240The Shopping Session Package 240The Smart Shopping Bag Package 241Acquired Digital Business Competency: Digital Products and Services Architecture Design 241Key Takeaways 241References 242CHAPTER 13 PROTOTYPING J&S FOOD’S SMART SHOPPING BAG USING INNOVATION AS A SERVICE 243Transformation Journey’s Fourth Stage: Prototyping the Smart Shopping Bag’s Application 244Sharing the Prototyping Process Goal and Approach 245Prototyping Using AWS Amplify Defined 245The Prototyping Iterations Using AWS Amplify 245The Prototyping Team 251The Team’s Feedback 252The Smart Shopping Bag Application Prototype 253The Business Logic, Technological, and UI Microservices Prototyped 255The Microservices Development Process in the AWS Amplify Context 255Defining the Microservices Granularity 256The Smart Shopping Bag Business Logic Microservices Implemented 257The Smart Shopping Bag Business Logic Microservices Documented 257The Smart Shopping Bag Technological Innovation Microservices Implemented 259IoT Gateway Microservices 259AWS IoT Core Microservices 261RFID Reader Microservices 263RFID Tag Microservices 265The Smart Shopping Bag UI Microservices Implemented 265Key Takeaways 266References 267CHAPTER 14 IMPLEMENTING J&S FOOD’S SMART SHOPPING BAG APPLICATION 269Transformation Journey’s Fourth Stage: Implementing the Smart Shopping Bag’s Production Release 270The Smart Shopping Bag App: Production Release 270Blueprint of the Smart Shopping Bag in Production 270Understanding the Production Release Building Blocks 271Application Layer 271AWS Innovation Layer 273AWS Virtual Infrastructure Layer 274Understanding the Pivotal Role Played by Agile Methodologies 275The Architectural Spike and Prototyping Benefits 275The Importance of Scrum Sprints in the Incremental Development Effort 275Understanding the Vital Role of the Daily Scrums 276The Development Team’s Feedback: Lessons Learned 277Key Takeaways 278References 278CHAPTER 15 LAUNCHING J&S FOOD’S FIRST DIGITAL FOOD PRODUCT 279Transformation Journey’s Fourth Stage: Deploy J&S Food’s Digital Business 279Defining J&S Food’s Go-To-Market Strategy 280The Go-To-Market Strategy Defined 281Articulating J&S Food’s Go-To-Market Strategy 281The Objectives Questionnaire 282The Value Propositions Questionnaire 282The Key Processes to Stress Questionnaire 282The Organizational and Technological Assets to Stress Questionnaire 282J&S Food’s Go-To-Market Strategy Defined 282Understanding J&S Food’s Go-To-Market Strategy 283Declaring J&S Food’s Digital Business Opened 284Key Takeaways 284References 285CHAPTER 16 MAINTAINING AND SUPPORTING J&S FOOD’S DIGITAL BUSINESS ON A DAILY BASIS 287The New J&S Food Day-to-Day Business 287J&S Food’s Customer Value Creation Virtuous Circle 288J&S Food’s Virtuous Circle for Creating Customer Value 288Customer Insights Management on a Daily Basis 289J&S Food’s AWS EMR Infrastructure 289Business Data Providers 290Data Lake 290Data Warehouse 290Data Mart 290The Big Data Analytics Activity in the Customer Insights Management Team 291Customer Value Increase Management’s Day-to-Day Operations 292J&S Food’s AI/ML Development Environment 292Generate Data 293Train Models 293Deploy Models 294The Customer Increase Value Management Team’s Activity 294Digital Product and Service Releases Development 295Defining Product Backlog 295Sprint Planning 296Sprint Execution 296Key Takeaways 296References 297Index 299
FRITZ!Box - Der umfassende Ratgeber (2. Auflg.)
Die ganze Power der FRITZ!Box nutzen. Der umfassende Ratgeber in 2. Auflage, September 2021.Erfahren Sie alles, was Sie zum sicheren Umgang mit der FRITZ!Box wissen müssen! Verständlich erklärt und reich bebildert hilft Ihnen dieses Buch bei der Kaufentscheidung. So finden Sie das richtige Modell, das perfekt zu Ihren persönlichen Ansprüchen passt. Dennis Rühmer zeigt Ihnen, worauf Sie bei der Ersteinrichtung achten sollten. Er führt Sie Schritt für Schritt durch die zahlreichen Funktionen und Einsatzmöglichkeiten, ob (Mesh-)WLAN, Telefonie oder die Steuerung eines Smart Homes. So lernen Sie, wie Sie Ihren Router richtig konfigurieren und ein sicheres Heimnetzwerk einrichten.Aus dem Inhalt:Die FRITZ!Box stellt sich vorDas richtige Modell auswählen3... 2... 1: der erste StartDie Benutzeroberfläche verstehenDie NetzwerkfunktionenKabellos glücklich - alles rund ums WLANReichweite vergrößer: Mesh, AccessPoints und Repeater einrichtenRuf doch mal an - TelefoniefunktionenErweiterte Systemfunktionen
Cloud Native Architecture and Design
Build enterprise-grade cloud-native systems and learn all about cloud-native architecture and design. This book provides extensive in-depth details of patterns, tools, techniques, and processes with plenty of examples.Cloud Native Architecture and Design begins by explaining the fundamentals of cloud-native architecture and services, what cloud principles and patterns to use, and details of designing a cloud-native element.The book progresses to cover the details of how IT systems can modernize to embrace cloud-native architecture, and also provides details of various enterprise assessment techniques to decide what systems can move and cannot move into the cloud.Architecting and designing a cloud-native system isn’t possible without modernized software engineering principles, the culture of automation, and the culture of innovation. As such, this book covers the details of cloud-native software engineering methodologies, and process, and how to adopt an automated governance approach across enterprises with the adoption of artificial intelligence.Finally, you need your cloud-native applications to run efficiently; this section covers the details of containerization, orchestration, and virtualization in the public, private, and hybrid clouds.After reading this book, you will have familiarity with the many concepts related to cloud-native and understand how to design and develop a successful cloud-native application. Technologies and practices may change over time, but the book lays a strong foundation on which you can build successful cloud-native systems.WHAT YOU WILL LEARNDiscover cloud-native principles and patterns, and how you can leverage them to solve your business problems * Gain the techniques and concepts you need to adapt to design a cloud-native applicationUse assessment techniques and tools for IT modernization * Apply cloud-native engineering principles to the culture of automation and culture of innovationHarness the techniques and tools to run your cloud-native applications and automate infrastructure* Operate your cloud-native applications by using AI techniques and zero operation techniques WHO THIS BOOK IS FORSoftware architects, leaders, developers, engineers, project managers, and students.SHIVAKUMAR R GONIWADA is an enterprise architect, technology leader, and inventor with more than 23 years of experience in architecting enterprise architecture with cloud-native, event-driven systems. He currently works at Accenture and leads a highly experienced technology enterprise and cloud architects. In his 23 years of experience, he led many highly complex projects across industries and the globe. He has ten software patents to his name in the areas of cloud, polyglot and polylithic architecture, software engineering, and IoT. He is a speaker at multiple global and in-house conferences. He holds Master Technology Architecture Accenture, Google Professional, AWS, and data science certifications. He completed an executive MBA at MIT Sloan School of Management.PART I: CLOUD NATIVE JOURNEY, PRINCIPLES & PATTERNS1. Introduction to Cloud Native Architecture2. Cloud Native Services3. Cloud Native Architecture Principles4. Cloud Native Architecture & Design PatternsPART II: ELEMENTS OF CLOUD NATIVE ARCHITECTURE & DESIGN5. Microservices Architecture & Design6. Event Driven Architecture7. Serverless Architecture8. Cloud Native Data Architecture9. Designing for “-ilities”PART III: MODERNIZING AN ENTERPRISE IT SYSTEMS10. Modernize Monolithic Application to Cloud Native11. Enterprise IT Systems Assessment to Decide Cloud Native Journey12. Cloud Native Architecture Fitness CheckPART IV: CLOUD NATIVE SOFTWARE ENGINEERING13. Developing an Enterprise Systems for Cloud Native14. Automation in an Enterprise Cloud-Native Journey15. AI Driven DevelopmentPART V: CLOUD NATIVE INFRASTRUCTURE16. Containerization and Virtualization17. Automation in InfrastructurePART VI: CLOUD NATIVE OPERATION18. Intelligent Operation19. ObservabilityPART VII: CLOUD NATIVE FEATURE20. Cloud Native Supported Future Technologies
Einstieg in SAP HANA
Wenn Sie im SAP-Umfeld arbeiten möchten, kommen Sie um SAP HANA nicht herum. Die In-Memory-Datenbank, Entwicklungs- und Analytics-Plattform bildet zukünftig die Grundlage für alle SAP-Anwendungen, allen voran SAP S/4HANA. Dieses Buch führt Sie in die Architektur der leistungsstarken Plattform ein, erklärt die Besonderheiten und begleitet Sie bei den wichtigsten Aufgaben im Umgang mit SAP HANA. Aus dem Inhalt: Tabellenstruktur und SpeicherKomponenten und SchnittstellenMulti-Tenancy-Konzept und SystemlandschaftenBetriebssysteme und EditionenInstallation und KonfigurationAdministrationMonitoring und ProtokollierungEntwicklung mit SQLScript, Node.js und RSAP HANA XS(A)Views, Datenbankprozeduren und FunktionenSicherheit und Berechtigungen Einleitung ... 13 1. Was ist SAP HANA? ... 17 1.1 ... Die Datenbank ... 17 1.2 ... Applikationsserver in SAP HANA ... 20 1.3 ... Advanced Analytics mit SAP HANA ... 21 2. SAP HANA als Datenbank ... 25 2.1 ... Das ACID-Prinzip ... 25 2.2 ... Tabellenstrukturen im Speicher von SAP HANA ... 31 2.3 ... Kommmunikationsschnittstellen ... 41 2.4 ... Warm und Hot Storage ... 52 2.5 ... Tabellenpartitionierung ... 66 3. Architektur und Technologie von SAP HANA ... 73 3.1 ... Komponenten der SAP-HANA-Plattform ... 74 3.2 ... Das Multi-Tenancy-Konzept ... 84 3.3 ... Systemlandschaften ... 89 3.4 ... Erweiterung der Hardwareressourcen ... 95 3.5 ... Hochverfügbarkeit ... 102 3.6 ... Betriebssystem ... 115 3.7 ... Editionen von SAP HANA ... 127 4. Einsatzszenarien ... 137 4.1 ... SAP-ERP-Lösungen ... 137 4.2 ... SAP-Data-Warehouse-Lösungen ... 141 4.3 ... Big Data ... 143 4.4 ... SAP Solution Manager ... 145 4.5 ... Native SAP-HANA-Applikationen ... 147 5. Administration ... 153 5.1 ... Sizing ... 154 5.2 ... Installation von SAP HANA ... 159 5.3 ... Platform Lifecycle Management ... 173 5.4 ... Patch-Management ... 178 5.5 ... Backup und Recovery ... 186 5.6 ... Manuelle Prüfungen der SAP-HANA-Datenbank ... 194 6. Administrationsumgebungen ... 211 6.1 ... SAP HANA Studio ... 211 6.2 ... SAP HANA Cockpit ... 225 6.3 ... HDBSQL ... 248 7. Monitoring und Protokollierung ... 253 7.1 ... Performance-Monitoring ... 254 7.2 ... SAP HANA Audit Trail ... 263 7.3 ... Problemanalyse ... 281 8. SAP HANA als Entwicklungsplattform ... 289 8.1 ... Verfügbare Technologien ... 289 8.2 ... SAP HANA Extended Application Services ... 308 8.3 ... Entwicklungsplattformen ... 321 8.4 ... SAP HANA Application Lifecycle Management ... 341 9. Grundlagen der Datenmodellierung ... 355 9.1 ... Design von Datenbanktabellen in SAP HANA ... 355 9.2 ... Views ... 364 10. Big Data ... 383 10.1 ... Grundlagen ... 383 10.2 ... Datenbereitstellung und Remote-Datenquellen für SAP HANA ... 386 10.3 ... Apache Hadoop mit SAP HANA einsetzen ... 392 10.4 ... SAP IQ ... 396 11. Sicherheit und Berechtigungen ... 401 11.1 ... Benutzerverwaltung ... 402 11.2 ... Autorisierung ... 433 11.3 ... Datenverschlüsselung ... 455 11.4 ... Transportverschlüsselung und Netzwerksicherung ... 462 12. Weiterbildung und Unterstützung ... 473 12.1 ... Weiterbildung ... 474 12.2 ... DSAG ... 481 12.3 ... Veranstaltungen ... 482 12.4 ... SAP-Serviceportale ... 483 12.5 ... Dokumentation ... 493 Anhang ... 499 A ... Literaturverzeichnis ... 501 B ... Abkürzungsverzeichnis ... 503 C ... Glossar ... 507 D ... Das Autorenteam ... 509 Index ... 511
SAP BW/4HANA
Lernen Sie die neue Standardlösung für das Data Warehousing kennen, SAP BW/4HANA. Dieses umfassende Handbuch zeigt Ihnen Schritt für Schritt, wie Sie die Modellierungswerkzeuge einrichten, Quellsysteme anbinden und Anwendungen in SAP BW/4HANA 2.0 aufbauen. Sie erfahren, wie Sie Daten für Analyse- und Planungsszenarien bereitstellen und Big Data über die Anbindung von SAP Data Intelligence verarbeiten. Zudem stellen Ihnen die Autorinnen die Erweiterung mit SAP Data Warehouse Cloud vor. Aus dem Inhalt: Installation der ModellierungswerkzeugeArchitektur von SAP BW/4HANAModellierungsobjekteDatenbeschaffung und -verwaltungAdministration (z.B. Data Aging)Betrieb und SicherheitFrontend-ToolsBW-integrierte PlanungData Lakes und HadoopSAP Data Warehouse CloudSAP Data Intelligence Einleitung ... 15 1. Entwicklungsgeschichte und Einsatzgebiete von SAP BW/SAP BW/4HANA 2.0 ... 25 1.1 ... Business Intelligence und Data Warehousing ... 25 1.2 ... SAP Business Warehouse ... 35 1.3 ... SAP Business Warehouse Edition für SAP HANA ... 44 2. Einführung in SAP BW/4HANA 2.0 ... 51 2.1 ... In-Memory-Computing mit SAP HANA ... 51 2.2 ... Entwicklungs- und Administrationsumgebungen für SAP BW/4HANA 2.0 ... 65 2.3 ... Einführung von SAP BW/4HANA 2.0 im Unternehmen ... 73 3. Installation und Einrichtung der Modellierungs- und Administrationswerkzeuge für SAP BW/4HANA 2.0 ... 83 3.1 ... Installation und Einrichtung des SAP HANA Studios ... 84 3.2 ... Einführung in die Modellierungs- und Administrationswerkzeuge ... 97 4. Datenarchitektur in SAP BW/4HANA 2.0 ... 119 4.1 ... Referenzarchitekturen für Data Warehouses ... 124 4.2 ... SAPs Referenzarchitekturen für das SAP BW ... 131 4.3 ... Ableitung einer unternehmensspezifischen Referenzarchitektur aus der LSA++ ... 139 5. Grundlegende Modellierungsobjekte: Datenhaltung ... 143 5.1 ... Allgemeine Hinweise zur Modellierung ... 143 5.2 ... InfoAreas und Anwendungskomponenten ... 153 5.3 ... Quellsysteme ... 155 5.4 ... DataSources ... 158 5.5 ... InfoObjects ... 168 5.6 ... Advanced DataStore-Objekte ... 201 6. Grundlegende Modellierungsobjekte: Datentransformation und präsentation ... 229 6.1 ... Transformationen ... 229 6.2 ... Datentransferprozesse (DTPs) ... 242 6.3 ... CompositeProvider ... 252 6.4 ... Queries ... 276 7. Komplexere Modellierungsobjekte ... 329 7.1 ... Open ODS Views ... 330 7.2 ... Modellierung von Merkmalshierarchien ... 341 7.3 ... Remodellierung von aDSOs ... 352 7.4 ... Experteneinstellungen für CompositeProvider ... 360 7.5 ... InfoSources ... 364 7.6 ... Transformationen (erweitert) ... 377 8. Datenbeschaffung ... 415 8.1 ... Technologien zur Quellsystemanbindung ... 415 8.2 ... Typische Quellsysteme für SAP BW/4HANA 2.0 ... 431 9. Datenflussmodellierung und Datenverwaltung ... 439 9.1 ... Datenflussmodellierung ... 441 9.2 ... Datenflussobjekte ... 446 9.3 ... Open Hub Destination ... 458 9.4 ... Data Tiering und Multi-Temperature-Speicherstrategien ... 466 9.5 ... Löschen von Daten ... 477 10. Frontend-Tools ... 487 10.1 ... SAP Lumira 2.x ... 488 10.2 ... SAP Analytics Cloud ... 495 10.3 ... SAP Analysis for Microsoft Office ... 510 10.4 ... BW Workspaces für den agilen Zugriff auf Informationen ... 517 10.5 ... Tableau Desktop ... 530 10.6 ... Anwendungsszenarien ... 536 11. Betrieb und Administration ... 537 11.1 ... Prozessketten ... 537 11.2 ... Sicherheit ... 551 11.3 ... Transportwesen ... 564 11.4 ... BW Workspaces ... 575 12. Planung ... 583 12.1 ... Aufbau eines einfachen Planungsszenarios ... 585 12.2 ... Komplexere Planungsszenarien ... 602 13. Ausblick ... 617 13.1 ... Roadmap für SAP BW/4HANA 2.0 ... 618 13.2 ... SAP Data Warehouse Cloud ... 620 13.3 ... SAP HANA Cloud ... 642 13.4 ... SAP Data Intelligence ... 644 Anhang ... 649 Die Autorinnen ... 705 Index ... 707
SAP Customer Experience
Mit diesem Buch beginnt Ihre CX-Erfolgsgeschichte: Erfahren Sie, wie Sie die Bedürfnisse Ihrer Zielgruppe kennenlernen, eine tragfähige Datenbasis schaffen und ihr an jedem Touchpoint relevante Inhalte liefern. Und das über alle Kommunikationskanäle und den gesamten Kaufprozess hinweg. Unsere Experten zeigen Ihnen, welche SAP-Tools Ihnen zur Verfügung stehen, um Marketing-Prozesse zu automatisieren, den Vertrieb und Ihr E-Business neu auszurichten und einen erstklassigen Kundenservice sicherzustellen. Dabei lernen Sie die SAP Marketing, Commerce, Sales und Service Cloud sowie CPQ, Qualtrics XM, SAP Field Service Management und viele weitere Lösungen kennen. Ausführliche Beispiele aus erfolgreichen Projekten unterschiedlicher Branchen und detaillierte Prozessanalysen unterstützen Sie bei der Vorbereitung und Durchführung Ihres eigenen Projekts. Aus dem Inhalt: SAP Commerce CloudSAP Customer Data CloudExperience Management mit QualtricsSAP Marketing CloudSAP Sales CloudSAP Service CloudSAP Field Service ManagementSAP Emarsys Customer EngagementConfigure-Price-Quote (SAP CPQ)SAP Subscription BillingSAP Conversational AISAP Business Technology PlatformSAP Analytics CloudSAP S/4HANA Service Vorwort von Sven Feurer (SAP) ... 25 Vorwort von Thomas Regele (Sybit) ... 29 Über dieses Buch ... 31 TEIL I. Was bedeutet Customer Experience? ... 39 1. Customer Experience: Einordnung und Abgrenzung ... 41 1.1 ... Was möchten Kunden? ... 41 1.2 ... Customer Experience Management ... 46 2. Customer Experience im digitalen Zeitalter: Wandel, Bedeutung und Trends ... 51 2.1 ... Neue Perspektiven, neue Rollen und Lösungsansätze ... 52 2.2 ... Customer Experience als Mittelpunkt digitaler Geschäftsmodelle ... 101 2.3 ... Fazit ... 108 TEIL II. SAP-Customer-Experience-Lösungen ... 111 3. SAP Commerce Cloud ... 113 3.1 ... Produktdatenmanagement ... 116 3.2 ... Order Management ... 129 3.3 ... Web-Content-Management-System ... 136 3.4 ... Suche und Navigation ... 139 3.5 ... Branchenlösungen am Beispiel des Telco & Utilities Accelerators ... 143 3.6 ... Werbeaktionen ... 144 3.7 ... Personalisierung ... 146 3.8 ... Frontend ... 150 3.9 ... Administration ... 153 3.10 ... Infrastruktur und Administration ... 161 3.11 ... Administration ... 164 3.12 ... SAP Upscale Commerce ... 166 3.13 ... Integrative Szenarien ... 170 3.14 ... Fazit ... 175 4. SAP-Customer-Data-Lösungen ... 177 4.1 ... Einführung ... 178 4.2 ... SAP Customer Data Cloud ... 178 4.3 ... SAP Customer Data Platform ... 192 4.4 ... Fazit ... 197 5. Experience Management mit Qualtrics ... 199 5.1 ... Funktionen der Qualtrics Customer Experience ... 200 5.2 ... Integrationsszenarien ... 209 5.3 ... Fazit ... 213 6. SAP Marketing Cloud ... 215 6.1 ... Der digitale Marketingprozess ... 216 6.2 ... Geschäftsszenarios in der SAP Marketing Cloud ... 218 6.3 ... Kampagnen- und Journey-Orchestrierung ... 230 6.4 ... Handelsmarketing (Commerce Marketing) ... 238 6.5 ... Lead- und Account-based Marketing ... 240 6.6 ... Planung und Analytics ... 245 6.7 ... Fazit ... 249 7. SAP Emarsys Customer Engagement ... 251 7.1 ... Übersicht der Customer-Engagement-Plattform ... 252 7.2 ... Datenmanagement ... 255 7.3 ... Automatisierung ... 258 7.4 ... Personalisierung ... 260 7.5 ... Kanäle ... 261 7.6 ... Emarsys Loyalty ... 262 7.7 ... Emarsys Predict ... 264 7.8 ... Emarsys Smart Insight ... 266 7.9 ... Emarsys Artificial Intelligence Marketing ... 267 7.10 ... Erweiternde Add-ons ... 268 7.11 ... Fazit ... 268 8. SAP Sales Cloud ... 269 8.1 ... Einführung ... 270 8.2 ... Navigation in der SAP Sales Cloud ... 271 8.3 ... Stammdaten ... 278 8.4 ... Gebietsmanagement ... 283 8.5 ... Marketing ... 285 8.6 ... Lead Management ... 290 8.7 ... Opportunity Management ... 293 8.8 ... Angebots- und Auftragsmanagement ... 303 8.9 ... Aktivitäten und Besuche ... 312 8.10 ... Vertriebszielplanung ... 318 8.11 ... Verträge ... 318 8.12 ... Umfragen ... 321 8.13 ... Bibliothek ... 326 8.14 ... Analytics im Vertrieb ... 326 8.15 ... Mobiles Arbeiten mit der App »SAP Sales Cloud« ... 330 8.16 ... Retail Execution ... 332 8.17 ... Integrationsszenarien ... 334 8.18 ... Fazit ... 341 9. SAP CPQ ... 343 9.1 ... Produktidentifikation ... 344 9.2 ... Produktkonfiguration ... 346 9.3 ... Angebotskonfiguration ... 352 9.4 ... Genehmigungsprozess ... 356 9.5 ... Angebotserstellung ... 358 9.6 ... Angebotsversand ... 360 9.7 ... Angebotsabschluss und Angebotsmanagement ... 361 9.8 ... Integrationsszenarien ... 363 9.9 ... Fazit ... 365 10. SAP Subscription Billing ... 367 10.1 ... Allgemeine Informationen und Funktionen ... 367 10.2 ... Integrationsmöglichkeiten ... 370 10.3 ... Fazit ... 371 11. SAP Service Cloud ... 373 11.1 ... Aufbau und Navigation ... 374 11.2 ... Stammdaten und Organisationsstruktur ... 377 11.3 ... Tickets ... 383 11.4 ... Aktivitäten ... 387 11.5 ... Kommunikationskanäle ... 390 11.6 ... Ressourcenplaner, Qualifikationsmanagement und Zeiterfassung ... 393 11.7 ... Angebote und Aufträge ... 394 11.8 ... Verträge ... 394 11.9 ... Umfragen ... 396 11.10 ... Bibliothek ... 397 11.11 ... Vorlagen ... 397 11.12 ... Analytics im Service ... 398 11.13 ... Ticket Intelligence ... 401 11.14 ... Integrationsszenarien ... 406 11.15 ... Fazit ... 409 12. Wissensmanagement ... 411 12.1 ... Einführung ... 411 12.2 ... SAP Knowledge Central by NICE ... 412 12.3 ... Integrationsszenarien ... 416 12.4 ... Fazit ... 419 13. SAP Conversational AI ... 421 13.1 ... Konfiguration eines Chatbots ... 422 13.2 ... Chatbots im Kundenservice ... 426 13.3 ... Chatbots für Mitarbeitende ... 427 13.4 ... Fazit ... 427 14. SAP Field Service Management ... 429 14.1 ... Stammdaten ... 430 14.2 ... Serviceabruf/Aktivitäten ... 432 14.3 ... Einsatzplanung und weitere Funktionen im Workforce Management ... 433 14.4 ... App für das Servicetechnikteam ... 435 14.5 ... Analytics ... 439 14.6 ... Administration ... 440 14.7 ... Customer-Self-Service ... 441 14.8 ... Integrationsszenarien ... 442 14.9 ... SAP Crowd Service ... 443 14.10 ... Fazit ... 445 15. Ergänzende SAP-Lösungen ... 447 15.1 ... SAP Business Technology Platform ... 447 15.2 ... SAP BTP, Kyma Runtime ... 468 15.3 ... SAP Asset Intelligence Network ... 474 15.4 ... SAP S/4HANA Service ... 475 15.5 ... Fazit ... 485 TEIL III. Ausgewählte Prozesse mit SAP Customer Experience ... 487 16. CX-Szenarien im Service und After Sales ... 489 16.1 ... Omnichannel-Reklamation ... 490 16.2 ... Servicemeldung mit Einsatz des Servicetechnikteams ... 501 16.3 ... Servicemeldung (Predictive Maintenance und IoT) ... 512 16.4 ... After Sales (Ersatzteilshop) - Kaffeemaschine ... 520 16.5 ... Serviceportale (digitale Maschinenverwaltung) ... 527 16.6 ... Online Repair ... 533 16.7 ... Digitales Partnermanagement (Smart Home) ... 540 17. CX-Szenarien im Vertrieb ... 551 17.1 ... Vertriebssteuerung, Reporting und Performance Measurement ... 551 17.2 ... Shop-Auftrag im B2B-Umfeld ... 563 17.3 ... Shop-Auftrag im B2C-Umfeld: Ticket und Merchandising ... 569 17.4 ... Shop-Konfiguration mit Angebotsanfrage ... 576 17.5 ... Lead-to-Quote am Beispiel der Baubranche ... 589 17.6 ... Opportunity-to-Cash in der Medizintechnik ... 599 17.7 ... Perfect Store (Retail) ... 610 18. CX-Szenarien in Vertrieb und Marketing ... 617 18.1 ... Messeprozess mit Lead Nurturing ... 617 18.2 ... Shop-Auftrag B2C (Warenkorbabbruch) ... 632 18.3 ... Buyer Enablement (Personalisierung und Content) ... 640 18.4 ... Experience Management (Predictive B2B) ... 652 18.5 ... Experience Management (Feedback B2C) ... 662 TEIL IV. Ausgewählte Projektbeispiele ... 673 19. Kundenszenario 1: CX als Innovationsfaktor im Maschinenbau ... 675 19.1 ... CX-Plattform als Vorteil im globalen Markt ... 675 19.2 ... Implementierung einer globalen CX-Plattform in mehreren Teilprojekten ... 678 19.3 ... Fazit und Ausblick ... 684 20. Kundenszenario 2: Digitalisierung der User Experience im Baugewerbe ... 687 20.1 ... CX-Plattform zur gezielten Ausrichtung der Vertriebsprozesse ... 687 20.2 ... Digitalisierung der CX in mehreren Teilprojekten ... 690 20.3 ... Fazit und Ausblick ... 694 21. Kundenszenario 3: Neuorganisation und Digitalisierung einer Systemlandschaft ... 697 21.1 ... Einheitlicher Auftritt über verschiedene Marken hinweg ... 697 21.2 ... Umfangreiche Konzeptionsphase ... 699 21.3 ... Aufbau des Implementierungsprojekts ... 703 21.4 ... Fazit und Ausblick ... 708 22. Kundenszenario 4: Smart in Richtung Customer Experience ... 709 22.1 ... Einführung eines CX-Projekts im produzierenden Gewerbe ... 710 22.2 ... Konzeptionsphase und Planung ... 715 22.3 ... Implementierung ... 718 22.4 ... Fazit und Ausblick ... 722 23. Kundenszenario 5: CX-Projekte in kurzer Zeit realisieren ... 725 23.1 ... Mit der CRM-Plattform zur Vertriebsautomatisierung ... 725 23.2 ... Konzeptionsphase und Projektablauf ... 727 23.3 ... Fazit und Ausblick ... 731 24. Kundenszenario 6: Alle CX-Lösungen auf einmal einführen ... 733 24.1 ... Neuaufstellung der Customer Experience in der Dienstleistungsbranche ... 733 24.2 ... Konzeptionsphase und Planung ... 739 24.3 ... Umsetzung des Implementierungsprojekts ... 745 24.4 ... Fazit und Ausblick ... 752 25. Kundenszenario 7: Mit integrierten Vertriebs- und Marketingprozessen zur 360-Grad-Marktbearbeitung ... 755 25.1 ... Customer Experience als Verbindung zwischen Marketing und Vertrieb ... 755 25.2 ... Einführung und Projektablauf ... 758 25.3 ... Ergebnis und Ausblick ... 764 Anhang ... 775 A ... Glossar ... 775 Das Autorenteam ... 781 Index ... 783
CompTIA Network+ Review Guide
PREP FOR SUCCESS ON THE NETWORK+ N10-008 EXAM AND FOR YOUR NEW CAREER IN NETWORK ADMINISTRATION WITH THIS MUST-HAVE RESOURCEIn the newly updated Fifth Edition of the CompTIA Network+ Review Guide: Exam: N10-008, a leading expert in Network Operations, Jon Buhagiar, delivers a focused and concise handbook for anyone preparing for the new Network+ N10-008 exam or for a career in network administration.This guide is organized into five parts, with each part corresponding to one of the 5 objective domain areas of the Network+ exam: Fundamentals, Implementations, Operations, Security, and Troubleshooting.You’ll handily learn crucial IT skills like designing and implementing functional networks, configuring and managing essential network devices, using switches and routers to segment network traffic, and securing existing networks. This book also allows you to:* Quickly and comprehensively prepare for the Network+ N10-008 exam with intuitively organized info and efficient learning strategies * Discover the skills and techniques required in an entry-level network administration interview and job * Access the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms Perfect as a standalone resource for those seeking to succeed on the CompTIA Network+ N10-008 exam or as a companion to the CompTIA Network+ Study Guide and CompTIA Network+ Deluxe Study Guide, this book is an indispensable reference for anyone preparing for a career in network administration, network analysis, or systems engineering.ABOUT THE AUTHORJON BUHAGIAR, NETWORK+, A+, CCNA, MCSA, MCSE, BS/ITM, is Supervisor of Network Operations at Pittsburgh Technical College. In addition to teaching, he has been creating course content for the past 20 years. Some of his more recent work can be found on YouTube http://www.youtube.com/networkedminds. Introduction xviiCHAPTER 1 DOMAIN 1.0: NETWORKING FUNDAMENTALS 11.1 Compare and contrast the Open Systems Interconnection (OSI) model layers and encapsulation concepts 11OSI Model 12Protocol Data Units 21Data Encapsulation and Decapsulation 22Exam Essentials 261.2 Explain the characteristics of network topologies and network types 28Wired Topologies 28Types 33Service-Related Entry Point 39Virtualization 40Virtual Networking Components 40Service Type 43Service Delivery 48Exam Essentials 501.3 Summarize the types of cables and connectors and explain which is the appropriate type for a solution 51Media Types 51Connector Types 55Transceivers 60Media Converters 62Characteristics of Fiber Transceivers 63Termination Points 65Copper Cabling Standards 70Copper Termination Standards 73Ethernet Deployment Standards 76Exam Essentials 781.4 Given a scenario, configure a subnet and use appropriate IP addressing schemes 80Private vs Public 80NAT/PAT 81IPv4 Concepts 84IPv6 Concepts 88Address Assignments 93Subnetting 99Virtual IP (VIP) 107Exam Essentials 1081.5 Explain common ports and protocols, their application, and encrypted alternatives 110Protocols and Ports 110IP Protocol Types 117Connection-Oriented vs Connectionless 121Exam Essentials 1221.6 Explain the use and purpose of network services 123DNS 123DHCP Service 132NTP 137Exam Essentials 1371.7 Explain basic corporate and datacenter network architecture 139Three-Tiered Model 139Software-Defined Networking 140Spine and Leaf 142Traffic Flows 143Host Locations 144Network Storage Types 145Connection Type 147Exam Essentials 1501.8 Summarize cloud concepts and connectivity options 151Characteristics of a Cloud 151Cloud Delivery Models 152Types of Services 155Infrastructure as Code 157Connectivity Methods 160Multitenancy 161Elasticity 161Scalability 162Security Implications/Considerations 162Relationship Between Local and Cloud Resources 163Exam Essentials 163Review Questions 165CHAPTER 2 DOMAIN 2.0: NETWORK IMPLEMENTATIONS 1692.1 Compare and contrast various devices, their features, and their appropriate placement on the network 173Network Devices 173Exam Essentials 2032.2 Compare and contrast routing technologies and bandwidth management concepts 204Routing 204Bandwidth Management 212Exam Essentials 2152.3 Given a scenario, configure and deploy common Ethernet switching features 216Characteristics of Ethernet and IP Communications 216Basic Switch Functions 220Segmentation and Interface Properties 227Switching Features 231Exam Essentials 2342.4 Given a scenario, install and configure the appropriate wireless standards and technologies 235802.11 Standards 235Frequencies 238Wireless Considerations 239Wireless Modes of Operation 245Wireless Security 248Cellular 252Exam Essentials 254Review Questions 256CHAPTER 3 DOMAIN 3.0: NETWORK OPERATIONS 2613.1 Given a scenario, use the appropriate statistics and sensors to ensure network availability 265Performance Metrics 265SNMP 270Network Device Logs 274Interface Statistics/Status 279Interface Errors or Alerts 286Environmental Factors and Sensors 289Performance Baselines 291NetFlow Data 292Uptime/Downtime 293Exam Essentials 2943.2 Explain the purpose of organizational documents and policies 296Plans and Procedures 296Hardening and Security Policies 303Common Documentation 307Common Agreements 315Exam Essentials 3163.3 Explain high availability and disaster recovery concepts and summarize which is the best solution 318Load Balancing 318Multipathing 318Network Interface Card (NIC) Teaming 320Redundant Hardware/Clusters 320Facilities and Infrastructure Support 326Redundancy and High Availability (HA) Concepts 330Backups 334Exam Essentials 336Review Questions 338CHAPTER 4 DOMAIN 4.0: NETWORK SECURITY 3434.1 Explain common security concepts 348Confidentiality, Integrity, Availability (CIA) 348Threats 349Vulnerabilities 350Exploits 351Least Privilege 351Role-Based Access 352Zero Trust 352Defense in Depth 353Authentication Methods 357Security Assessments 364Security Information and Event Management (SIEM) 366Exam Essentials 3664.2 Compare and contrast common types of attacks 368Technology-Based 368Human and Environmental 378Exam Essentials 3794.3 Given a scenario, apply network hardening techniques 381Best Practices 381Wireless Security 390IOT Considerations 395Exam Essentials 3964.4 Compare and contrast remote access methods and security implications 397VPN 397Remote Desktop Connection 400Remote Desktop Gateway 401SSH 401Virtual Network Computing (VNC) 402Virtual Desktop 402Authentication and Authorization Considerations 403In-Band vs Out-of-Band Management 403Exam Essentials 4054.5 Explain the importance of physical security 406Detection Methods 407Prevention Methods 410Asset Disposal 413Exam Essentials 415Review Questions 416CHAPTER 5 DOMAIN 5.0: NETWORK TROUBLESHOOTING 4215.1 Explain the network troubleshooting methodology 427Identify the Problem 428Establish a Theory of Probable Cause 430Test the Theory to Determine the Cause 431Establish a Plan of Action to Resolve the Problem and Identify Potential Effects 432Implement the Solution or Escalate as Necessary 432Verify Full System Functionality and, If Applicable, Implement Preventive Measures 433Document Findings, Actions, Outcomes, and Lessons Learned 433Exam Essentials 4335.2 Given a scenario, troubleshoot common cable connectivity issues and select the appropriate tools 434Specifications and Limitations 434Cable Considerations 435Cable Application 437Common Issues 439Common Tools 445Exam Essentials 4565.3 Given a scenario, use the appropriate network software tools and commands 458Software Tools 458Command-LineTools 466Basic Network Platform Commands 481Exam Essentials 4855.4 Given a scenario, troubleshoot common wireless connectivity issues 486Specifications and Limitations 486Considerations 489Common Issues 493Exam Essentials 4985.5 Given a scenario, troubleshoot general networking issues 499Considerations 499Common Issues 501Exam Essentials 530Review Questions 532APPENDIX ANSWERS TO REVIEW QUESTIONS 537Chapter 1: Domain 1.0: Networking Fundamentals 538Chapter 2: Domain 2.0: Network Implementations 541Chapter 3: Domain 3.0: Network Operations 544Chapter 4: Domain 4.0: Network Security 547Chapter 5: Domain 5.0: Network Troubleshooting 550Index 553
Intelligent Security Systems
INTELLIGENT SECURITY SYSTEMSDRAMATICALLY IMPROVE YOUR CYBERSECURITY USING AI AND MACHINE LEARNINGIn Intelligent Security Systems, distinguished professor and computer scientist Dr. Leon Reznik delivers an expert synthesis of artificial intelligence, machine learning and data science techniques, applied to computer security to assist readers in hardening their computer systems against threats. Emphasizing practical and actionable strategies that can be immediately implemented by industry professionals and computer device’s owners, the author explains how to install and harden firewalls, intrusion detection systems, attack recognition tools, and malware protection systems. He also explains how to recognize and counter common hacking activities. This book bridges the gap between cybersecurity education and new data science programs, discussing how cutting-edge artificial intelligence and machine learning techniques can work for and against cybersecurity efforts. Intelligent Security Systems includes supplementary resources on an author-hosted website, such as classroom presentation slides, sample review, test and exam questions, and practice exercises to make the material contained practical and useful. The book also offers:* A thorough introduction to computer security, artificial intelligence, and machine learning, including basic definitions and concepts like threats, vulnerabilities, risks, attacks, protection, and tools * An exploration of firewall design and implementation, including firewall types and models, typical designs and configurations, and their limitations and problems * Discussions of intrusion detection systems (IDS), including architecture topologies, components, and operational ranges, classification approaches, and machine learning techniques in IDS design * A treatment of malware and vulnerabilities detection and protection, including malware classes, history, and development trends Perfect for undergraduate and graduate students in computer security, computer science and engineering, Intelligent Security Systems will also earn a place in the libraries of students and educators in information technology and data science, as well as professionals working in those fields. LEON REZNIK, PHD, is Professor in the Department of Computer Science at Rochester Institute of Technology, USA. He received his doctorate in Information and Measurement Systems in 1983 at the St. Petersburg State Polytechnic University. He has published four books and numerous book chapters, conference papers, and journal articles.Acknowledgments ixIntroduction xi1 COMPUTER SECURITY WITH ARTIFICIAL INTELLIGENCE, MACHINE LEARNING, AND DATA SCIENCE COMBINATION: WHAT? HOW? WHY? AND WHY NOW AND TOGETHER? 11.1 The Current Security Landscape 11.2 Computer Security Basic Concepts 71.3 Sources of Security Threats 91.4 Attacks Against IoT and Wireless Sensor Networks 131.5 Introduction into Artificial Intelligence, Machine Learning, and Data Science 181.6 Fuzzy Logic and Systems 311.7 Machine Learning 351.8 Artificial Neural Networks (ANN) 431.9 Genetic Algorithms (GA) 501.10 Hybrid Intelligent Systems 51Review Questions 52Exercises 53References 542 FIREWALL DESIGN AND IMPLEMENTATION: HOW TO CONFIGURE KNOWLEDGE FOR THE FIRST LINE OF DEFENSE? 572.1 Firewall Definition, History, and Functions: What Is It? And Where Does It Come From? 572.2 Firewall Operational Models or How Do They Work? 652.3 Basic Firewall Architectures or How Are They Built Up? 702.4 Process of Firewall Design, Implementation, and Maintenance or What Is the Right Way to Put All Things Together? 752.5 Firewall Policy Formalization with Rules or How Is the Knowledge Presented? 822.6 Firewalls Evaluation and Current Developments or How Are They Getting More and More Intelligent? 96Review Questions 104Exercises 106References 1073 INTRUSION DETECTION SYSTEMS: WHAT DO THEY DO BEYOND THE FIRST LINE OF DEFENSE? 1093.1 Definition, Goals, and Primary Functions 1093.2 IDS from a Historical Perspective 1133.3 Typical IDS Architecture Topologies, Components, and Operational Ranges 1163.4 IDS Types: Classification Approaches 1213.5 IDS Performance Evaluation 1313.6 Artificial Intelligence and Machine Learning Techniques in IDS Design 1363.7 Intrusion Detection Challenges and Their Mitigation in IDS Design and Deployment 1593.8 Intrusion Detection Tools 163Review Questions 172Exercises 174References 1754 MALWARE AND VULNERABILITIES DETECTION AND PROTECTION: WHAT ARE WE LOOKING FOR AND HOW? 1774.1 Malware Definition, History, and Trends in Development 1774.2 Malware Classification 1824.3 Spam 2144.4 Software Vulnerabilities 2164.5 Principles of Malware Detection and Anti-malware Protection 2194.6 Malware Detection Algorithms 2294.7 Anti-malware Tools 237Review Questions 240Exercises 242References 2435 HACKERS VERSUS NORMAL USERS: WHO IS OUR ENEMY AND HOW TO DIFFERENTIATE THEM FROM US? 2475.1 Hacker’s Activities and Protection Against 2475.2 Data Science Investigation of Ordinary Users’ Practice 2735.3 User’s Authentication 2885.4 User’s Anonymity, Attacks Against It, and Protection 301Review Questions 309Exercises 310References 3116 ADVERSARIAL MACHINE LEARNING: WHO IS MACHINE LEARNING WORKING FOR? 3156.1 Adversarial Machine Learning Definition 3156.2 Adversarial Attack Taxonomy 3166.3 Defense Strategies 3206.4 Investigation of the Adversarial Attacks Influence on the Classifier Performance Use Case 3226.5 Generative Adversarial Networks 327Review Questions 333Exercises 334References 335Index 337
Systematic Cloud Migration
This book is your systematic cloud migration guide. Experiences shared by the author are drawn from real-life migration projects and contain practical advice, as well as step-by-step architecture, design, and technical implementation instructions using sample application code on GitLab. Following the guidance in this book will provide much needed support to your teams, and help you successfully complete the application cloud migration journey.SYSTEMATIC CLOUD MIGRATION consists of four major parts. Part one starts with a fundamental introduction of cloud computing to establish the context for migration, including paradigm changes in five important areas: software application, DevSecOps, operations, infrastructure, and security. And these are the areas that the book follows throughout. Next, it introduces a real-life migration process that your team can follow.Part two presents the migration process for the application code, including architecture diagrams and presented by demo application code and supporting infrastructure in AWS cloud. Part three dives into DevSecOps and automation. In addition to concepts, a real-life migration diagram and sample pipeline code implemented with GitLab are include. Part four deals with efficient cloud operations.Each chapter has a practical structure: objectives, roles, inputs, process/activities, outputs/deliverables, best practices, and summary. There is a wealth of cloud production-grade template style artifacts that can be used as is.WHAT YOU WILL LEARN* Design applications in the cloud, including determining the design criteria (e.g., solution cost is a design criterion, same as security, and is not an afterthought)* Understand the major migration areas: software development (application code, data, integration, and configuration), software delivery (pipeline and automation), and software operations (observability)* Migrate each application element: client and business components code, data, integration and services, logging, monitoring, alerting, as well as configurations* Understand cloud-critical static application security testing (SAST), dynamic application security testing (DAST), containers compliance and security scanning, and open source dependency testing* Know the directions and implementation details on cost-efficient, automated, cloud-native software operationsWHO THIS BOOK IS FORPrimarily designed with software developers, team leads, development managers, DevOps engineers, and software architects in mind. Their day-to-day activities include architecting, designing, developing, delivering, and operating software in the cloud environment. In addition, this book will benefit infrastructure, network, security, and operations engineers, who in turn, can provide better support for the software development product teams.TARAS GLEB is a pragmatic and hands-on cloud solutions architect focused on software delivery, strategy, and innovation. He has been leading software development and digital transformation projects in business applications, big data, reporting, machine learning, DevSecOps, and automation. He has 25+ years of experience in design and implementation of mission-critical, customer-oriented, software solutions for institutional investors, governments, insurance companies, banks, capital markets, and power utilities. While delivering these solutions, he is applying advanced software architecture and development methodologies. His focus is on building cloud-native, secure, innovative, and cost-efficient solutions that deliver business value in an agile manner. Taras is a life-long learner who holds degrees in engineering, business administration and various industry certifications. He is continuously searching for ways to proactively apply the latest technologies and methodologies to software architecture and development.PROLOGUETARGET AUDIENCEHOW THIS BOOK IS STRUCTUREDPART I INTRODUCTION TO CLOUD COMPUTINGCHAPTER 1 TITLE: CLOUD COMPUTING PRIMER1.1 Section Title: What is Cloud Computing?1.2 Section Title: Cloud Advantages and Drawbacks1.3 Section Title: Cloud Paradigm Shifts1.4 Section Title: SummaryCHAPTER 2 TITLE: CLOUD MIGRATION FUNDAMENTALS2.1 Section Title: Cloud Organizational Structure (People)2.2 Section Title: Cloud Migration Framework (Technology)2.3 Section Title Cloud Migration Process (Process)2.4 Section Title: SummaryPART II SOFTWARE DEVELOPMENT MIGRATIONCHAPTER 3 TITLE: DEVELOP TARGET ARCHITECTURE3.1 Section Title: Input3.2 Section Title: Process & Activities3.3 Section Title: Output & Deliverables3.4 Section Title: Tools, Techniques & Best Practices3.5 Section Title: SummaryCHAPTER 4 TITLE: BUILD & SECURE CLOUD ENVIRONMENT4.1 Section Title: Input4.2 Section Title: Process & Activities4.3 Section Title: Outputs & Deliverables4.4 Best Practices, Tools & Techniques4.5 Section Title: SummaryCHAPTER 5 TITLE: MIGRATE SOFTWARE APPLICATION5.1 Section Title: Input5.2 Section Title: Process & Activities5.4 Section Title: Outputs & Deliverables5.5 Section Title: Tools, Techniques & Best PracticesBest Practices5.5 Section Title: SummaryCHAPTER 6 TITLE: ADD LOGGING MONITORING & ALERTING6.1 Section Title: Input6.2 Section Title: Process & Activities6.3 Section Title: Outputs & Deliverables6.4 Section Title: Tools, Techniques & Best PracticesBest Practices6.5 Section Title: SummaryPART III SOFTWARE DELIVERY MIGRATIONCHAPTER 7 TITLE: PROCURE SOFTWARE DELIVERY ENVIRONMENT7.1 Section Title: Input7.2 Section Title: Process & Activities7.3 Section Title: Outputs & Deliverables7.4 Section Title: Tools, Techniques & Best Practices7.5 Section Title: SummaryCHAPTER 8 TITLE: BUILD AUTOMATED PIPELINE8.1 Section Title: Input8.2 Section Title: Process & Activities8.3 Section Title: Outputs & Deliverables8.4 Section Title: Tools, Techniques & Best Practices8.5 Section Title: SummaryPART IV SOFTWARE OPERATIONS MIGRATIONCHAPTER 9 TITLE: EXECUTE FOR OPERATIONAL EXCELLENCE9.1 Section Title: Inputs9.2 Section Title: Process & Activities9.3 Section Title: Outputs & Deliverables9.4 Section Title: Tools, Techniques & Best Practices9.5 Section Title: SummaryCHAPTER 10 TITLE: TRANSITION WITH RUNBOOK & DISASTER RECOVERY10.1 Section Title: Inputs10.2 Section Title: Process & Activities10.3 Section Title: Outputs & Deliverables10.4 Section Title: Tools, Techniques & Best Practices10.5 Section Title: SummaryEPILOGUEREFERENCESAPPENDIX
Ransomware Protection Playbook
AVOID BECOMING THE NEXT RANSOMWARE VICTIM BY TAKING PRACTICAL STEPS TODAYColonial Pipeline. CWT Global. Brenntag. Travelex. The list of ransomware victims is long, distinguished, and sophisticated. And it's growing longer every day.In Ransomware Protection Playbook, computer security veteran and expert penetration tester Roger A. Grimes delivers an actionable blueprint for organizations seeking a robust defense against one of the most insidious and destructive IT threats currently in the wild. You'll learn about concrete steps you can take now to protect yourself or your organization from ransomware attacks.In addition to walking you through the necessary technical preventative measures, this critical book will show you how to:* Quickly detect an attack, limit the damage, and decide whether to pay the ransom* Implement a pre-set game plan in the event of a game-changing security breach to help limit the reputational and financial damage* Lay down a secure foundation of cybersecurity insurance and legal protection to mitigate the disruption to your life and businessA must-read for cyber and information security professionals, privacy leaders, risk managers, and CTOs, Ransomware Protection Playbook is an irreplaceable and timely resource for anyone concerned about the security of their, or their organization's, data.ROGER A. GRIMES is a 34-year computer security expert and author on the subject of hacking, malware, and ransomware attacks. He was the weekly security columnist at InfoWorld and CSO Magazines between 2005 and 2019. He is frequently interviewed and quoted, including by Newsweek, CNN, NPR, and the WSJ.Acknowledgments xiIntroduction xxiPART I: INTRODUCTION 1CHAPTER 1: INTRODUCTION TO RANSOMWARE 3How Bad is the Problem? 4Variability of Ransomware Data 5True Costs of Ransomware 7Types of Ransomware 9Fake Ransomware 10Immediate Action vs. Delayed 14Automatic or Human-Directed 17Single Device Impacts or More 18Ransomware Root Exploit 19File Encrypting vs. Boot Infecting 21Good vs. Bad Encryption 22Encryption vs. More Payloads 23Ransomware as a Service 30Typical Ransomware Process and Components 32Infiltrate 32After Initial Execution 34Dial-Home 34Auto-Update 37Check for Location 38Initial Automatic Payloads 39Waiting 40Hacker Checks C&C 40More Tools Used 40Reconnaissance 41Readying Encryption 42Data Exfiltration 43Encryption 44Extortion Demand 45Negotiations 46Provide Decryption Keys 47Ransomware Goes Conglomerate 48Ransomware Industry Components 52Summary 55CHAPTER 2: PREVENTING RANSOMWARE 57Nineteen Minutes to Takeover 57Good General Computer Defense Strategy 59Understanding How Ransomware Attacks 61The Nine Exploit Methods All Hackers and Malware Use 62Top Root-Cause Exploit Methods of All Hackers and Malware 63Top Root-Cause Exploit Methods of Ransomware 64Preventing Ransomware 67Primary Defenses 67Everything Else 70Use Application Control 70Antivirus Prevention 73Secure Configurations 74Privileged Account Management 74Security Boundary Segmentation 75Data Protection 76Block USB Keys 76Implement a Foreign Russian Language 77Beyond Self-Defense 78Geopolitical Solutions 79International Cooperation and Law Enforcement 79Coordinated Technical Defense 80Disrupt Money Supply 81Fix the Internet 81Summary 84CHAPTER 3: CYBERSECURITY INSURANCE 85Cybersecurity Insurance Shakeout 85Did Cybersecurity Insurance Make Ransomware Worse? 90Cybersecurity Insurance Policies 92What’s Covered by Most Cybersecurity Policies 93Recovery Costs 93Ransom 94Root-Cause Analysis 95Business Interruption Costs 95Customer/Stakeholder Notifications and Protection 96Fines and Legal Investigations 96Example Cyber Insurance Policy Structure 97Costs Covered and Not Covered by Insurance 98The Insurance Process 101Getting Insurance 101Cybersecurity Risk Determination 102Underwriting and Approval 103Incident Claim Process 104Initial Technical Help 105What to Watch Out For 106Social Engineering Outs 107Make Sure Your Policy Covers Ransomware 107Employee’s Mistake Involved 107Work-from-Home Scenarios 108War Exclusion Clauses 108Future of Cybersecurity Insurance 109Summary 111CHAPTER 4: LEGAL CONSIDERATIONS 113Bitcoin and Cryptocurrencies 114Can You Be in Legal Jeopardy for Paying a Ransom? 123Consult with a Lawyer 127Try to Follow the Money 127Get Law Enforcement Involved 128Get an OFAC License to Pay the Ransom 129Do Your Due Diligence 129Is It an Official Data Breach? 129Preserve Evidence 130Legal Defense Summary 130Summary 131PART II: DETECTION AND RECOVERY 133CHAPTER 5: RANSOMWARE RESPONSE PLAN 135Why Do Response Planning? 135When Should a Response Plan Be Made? 136What Should a Response Plan Include? 136Small Response vs. Large Response Threshold 137Key People 137Communications Plan 138Public Relations Plan 141Reliable Backup 142Ransom Payment Planning 144Cybersecurity Insurance Plan 146What It Takes to Declare an Official Data Breach 147Internal vs. External Consultants 148Cryptocurrency Wallet 149Response 151Checklist 151Definitions 153Practice Makes Perfect 153Summary 154CHAPTER 6: DETECTING RANSOMWARE 155Why is Ransomware So Hard to Detect? 155Detection Methods 158Security Awareness Training 158AV/EDR Adjunct Detections 159Detect New Processes 160Anomalous Network Connections 164New, Unexplained Things 166Unexplained Stoppages 167Aggressive Monitoring 169Example Detection Solution 169Summary 175CHAPTER 7: MINIMIZING DAMAGE 177Basic Outline for Initial Ransomware Response 177Stop the Spread 179Power Down or Isolate Exploited Devices 180Disconnecting the Network 181Disconnect at the Network Access Points 182Suppose You Can’t Disconnect the Network 183Initial Damage Assessment 184What is Impacted? 185Ensure Your Backups Are Still Good 186Check for Signs of Data and Credential Exfiltration 186Check for Rogue Email Rules 187What Do You Know About the Ransomware? 187First Team Meeting 188Determine Next Steps 189Pay the Ransom or Not? 190Recover or Rebuild? 190Summary 193CHAPTER 8: EARLY RESPONSES 195What Do You Know? 195A Few Things to Remember 197Encryption is Likely Not Your Only Problem 198Reputational Harm May Occur 199Firings May Happen 200It Could Get Worse 201Major Decisions 202Business Impact Analysis 202Determine Business Interruption Workarounds 203Did Data Exfiltration Happen? 204Can You Decrypt the Data Without Paying? 204Ransomware is Buggy 205Ransomware Decryption Websites 205Ransomware Gang Publishes Decryption Keys 206Sniff a Ransomware Key Off the Network? 206Recovery Companies Who Lie About Decryption Key Use 207If You Get the Decryption Keys 207Save Encrypted Data Just in Case 208Determine Whether the Ransom Should Be Paid 209Not Paying the Ransom 209Paying the Ransom 210Recover or Rebuild Involved Systems? 212Determine Dwell Time 212Determine Root Cause 213Point Fix or Time to Get Serious? 214Early Actions 215Preserve the Evidence 215Remove the Malware 215Change All Passwords 217Summary 217CHAPTER 9: ENVIRONMENT RECOVERY 219Big Decisions 219Recover vs. Rebuild 220In What Order 221Restoring Network 221Restore IT Security Services 223Restore Virtual Machines and/or Cloud Services 223Restore Backup Systems 224Restore Clients, Servers, Applications, Services 224Conduct Unit Testing 225Rebuild Process Summary 225Recovery Process Summary 228Recovering a Windows Computer 229Recovering/Restoring Microsoft Active Directory 231Summary 233CHAPTER 10: NEXT STEPS 235Paradigm Shifts 235Implement a Data-Driven Defense 236Focus on Root Causes 238Rank Everything! 239Get and Use Good Data 240Heed Growing Threats More 241Row the Same Direction 241Focus on Social Engineering Mitigation 242Track Processes and Network Traffic 243Improve Overall Cybersecurity Hygiene 243Use Multifactor Authentication 243Use a Strong Password Policy 244Secure Elevated Group Memberships 246Improve Security Monitoring 247Secure PowerShell 247Secure Data 248Secure Backups 249Summary 250CHAPTER 11: WHAT NOT TO DO 251Assume You Can’t Be a Victim 251Think That One Super-Tool Can Prevent an Attack 252Assume Too Quickly Your Backup is Good 252Use Inexperienced Responders 253Give Inadequate Considerations to Paying Ransom 254Lie to Attackers 255Insult the Gang by Suggesting Tiny Ransom 255Pay the Whole Amount Right Away 256Argue with the Ransomware Gang 257Apply Decryption Keys to Your Only Copy 257Not Care About Root Cause 257Keep Your Ransomware Response Plan Online Only 258Allow a Team Member to Go Rogue 258Accept a Social Engineering Exclusion in Your Cyber-Insurance Policy 259Summary 259CHAPTER 12: FUTURE OF RANSOMWARE 261Future of Ransomware 261Attacks Beyond Traditional Computers 262IoT Ransoms 264Mixed-PurposeHacking Gangs 265Future of Ransomware Defense 267Future Technical Defenses 267Ransomware Countermeasure Apps and Features 267AI Defense and Bots 268Strategic Defenses 269Focus on Mitigating Root Causes 269Geopolitical Improvements 269Systematic Improvements 270Use Cyber Insurance as a Tool 270Improve Internet Security Overall 271Summary 271Parting Words 272Index 273
Fight Fire with Fire
Organizations around the world are in a struggle for survival, racing to transform themselves in a herculean effort to adapt to the digital age, all while protecting themselves from headline-grabbing cybersecurity threats. As organizations succeed or fail, the centrality and importance of cybersecurity and the role of the CISO—Chief Information Security Officer—becomes ever more apparent. It's becoming clear that the CISO, which began as a largely technical role, has become nuanced, strategic, and a cross-functional leadership position.Fight Fire with Fire: Proactive Cybersecurity Strategies for Today's Leaders explores the evolution of the CISO's responsibilities and delivers a blueprint to effectively improve cybersecurity across an organization.Fight Fire with Fire draws on the deep experience of its many all-star contributors. For example:* Learn how to talk effectively with the Board from engineer-turned-executive Marianne Bailey, a top spokesperson well-known for global leadership in cyber* Discover how to manage complex cyber supply chain risk with Terry Roberts, who addresses this complex area using cutting-edge technology and emerging standards* Tame the exploding IoT threat landscape with Sonia Arista, a CISO with decades of experience across sectors, including healthcare where edge devices monitor vital signs and robots perform surgeryThese are just a few of the global trailblazers in cybersecurity who have banded together to equip today’s leaders to protect their enterprises and inspire tomorrow’s leaders to join them.With fires blazing on the horizon, there is no time for a seminar or boot camp. Cyber leaders need information at their fingertips. Readers will find insight on how to close the diversity and skills gap and become well-versed in modern cyber threats, including attacks coming from organized crime and nation-states.This book highlights a three-pronged approach that encompasses people, process, and technology to empower everyone to protect their organization. From effective risk management to supply chain security and communicating with the board, Fight Fire with Fire presents discussions from industry leaders that cover every critical competency in information security.Perfect for IT and information security professionals seeking perspectives and insights they can’t find in certification exams or standard textbooks, Fight Fire with Fire is an indispensable resource for everyone hoping to improve their understanding of the realities of modern cybersecurity through the eyes of today’s top security leaders.RENEE TARUN is the Deputy CISO at Fortinet with a focus on enterprise security, compliance and governance, and product security. She has over 25 years of experience in the information technology and cybersecurity fields with leadership experience within the U.S. Intelligence Community, Department of Defense, law enforcement, and private sector organizations around the world. Prior to joining Fortinet, she served as Special Assistant to the Director of the National Security Agency (NSA) for Cyber and as Director of the NSA's Cyber Task Force.Introduction 1PART ONE PEOPLE 3Chapter 1 From Technologist to Strategist 9Sanju MisraChapter 2 Communicating with the Board 21Marianne BaileyChapter 3 Building a Culture of Security 29Susan KoskiChapter 4 Who Is Behind the Evolving Threat Landscape? 43Jenny MennaChapter 5 Addressing the Skills and Diversity Gap 59Lisa DonnanPART TWO PROCESS 69Chapter 6 Effective Cyber Risk Management Requires Broad Collaboration 75Suzanne Hartin and Maria S ThompsonChapter 7 Blending NOC and SOC 91Mel T MigriñoChapter 8 Security by Design: Strategies for a Shift-Left Culture 103Anne Marie ZettlemoyerChapter 9 From Enforcer to Strategic Partner: The Changing Role of Governance, Risk, and Compliance 117Beth-Anne BygumChapter 10 Don’t Let Cyber Supply Chain Security Be Your Weakest Link 135Terry RobertsPART THREE TECHNOLOGY 155Chapter 11 Cybersecurity in the Cloud 161Fatima BoolaniChapter 12 The Convergence of Cyber and Physical: IoT and Edge Security 169Sonia E AristaChapter 13 Security-Driven Networking 181Laura DeanerChapter 14 Achieving End-to-End Security 193Renee TarunGlossary 205Resources We Rely On 215Index 223
Meine digitale Sicherheit Tipps und Tricks für Dummies
Identitätsdiebstahl, Schadsoftware auf dem Rechner, Phishing-Mail? Wir wissen alle, welche Gefahren uns im digitalen Alltag drohen und doch verschließen wir oft die Augen davor. Dieses Buch zeigt Ihnen, warum eine skeptische Grundhaltung vonnöten ist und wie Sie pragmatisch und mit so wenig Zeitaufwand wie möglich wichtige Schutzmaßnahmen für sich und Ihre Familie ergreifen. Pflegen Sie Ihre Accounts, finden Sie sichere Online-Anbieter und erkennen Sie Spam- und Phishingmails auf einen Blick. Damit Sie nachts besser schlafen können. Matteo Große-Kampmann und Chris Wojzechowski sind geschäftsführende Gesellschafter der AWARE7 GmbH, einem IT-Security-Unternehmen in Gelsenkirchen, das professionelle Penetrationstests, Live-Hacking-Shows und Seminare zur IT-Sicherheit anbietet. Sie halten Fachvorträge auf Kongressen, bei Firmenevents, bei Verbraucherzentralen und anderen Institutionen und Organisationen, veröffentlichen regelmäßig Forschungsartikel und stehen in Funk und Fernsehen Rede und Antwort zu aktuellen Fragen der IT-Sicherheit.Über die Autoren 7Vorworte 17EINLEITUNG 19Über dieses Buch 20Törichte Annahmen über den Leser 20Konventionen in diesem Buch 20Symbole, die in diesem Buch verwendet werden 21KAPITEL 1 BASISWISSEN UND SOFTSKILLS23Digitale Sicherheit bei digitalen Gefahren 23Schaffen Sie Risikobewusstsein 24Der souveräne Umgang mit Geräten, Apps und Cloud 25KAPITEL 2 STRUKTUR UND ORGANISATION27Die Ordnung in Jahren – Eine gewohnte Routine! 27Von Anfang an an die Account-Hygiene denken 29Webseiten in Kategorien einteilen und individuelle E-Mail-Adressen verwenden 30Für jede Kategorie eine eigene E-Mail-Adresse verwenden 32Die E-Mail-Adresse einfach erweitern 33Schöne, saubere digitale Welt 34KAPITEL 3 SOFTWARE37Der Virenschutz – Hilfe gegen Schadsoftware 38Ich verwende Windows Da sollte ich einen Virenscanner installieren, oder? 38Ist ein kostenpflichtiger Virenschutz besser als ein kostenfreier? 38Braucht mein Apple-Computer mit macOS einen Virenscanner? 39Ich verwende Linux Da brauche ich keinen Virenscanner, oder? 39Braucht mein Smartphone einen Virenscanner? 39Wann Sie einen Virenscanner benutzen sollten! 39Browser, Plugins und Pannen 40Passwort-Safe – Das digitale Bankschließfach 41Verschlüsselte Festplatten und USB-Sticks 43Massenspeicher verschlüsseln 44Verschlüsselten Massenspeicher verwenden 49KAPITEL 4 ACCOUNT-PFLEGE55Trennung von Accounts nach Anwendungsfall 57Starke Passwörter – Eine sichere Grundlage 58Die Zwei-Faktor-Authentifizierung – Eine zusätzliche Hürde 60Soziale Netzwerke 61Facebook 62Twitter 69Instagram 69TikTok 72Ein Wort zu beruflichen Netzwerken 74Xing 74LinkedIn 76Messenger-Dienste 77WhatsApp 77Signal 80Threema 80Telegram 81Wire 82Element 83KAPITEL 5 ENDGERÄTE ABSICHERN 85Mobile Geräte 85Automatische Updates 86Sichere Zugangsdaten auf dem Mobilgerät 89Drittanbieter-Sperre 91Sperren von Apps mit Biometrie 92Vorbereitet auf Verlust 94Stationäre Geräte 100Automatische Updates 100Sichere Zugangsdaten zum Rechner 104Offline-Backup 107Nutzerkonto ohne Admin-Rechte 109Verschlüsselung des Systems 112KAPITEL 6 SICHERE ONLINE-ANBIETER FINDEN UND PRÜFEN117Die Seriosität einer Internetadresse erkennen 117Das »s« in »https« steht nicht für Vertrauenswürdigkeit 118Wenn ein Betrüger versucht, Ihnen ein X für ein U zu verkaufen 118Die Bestandteile einer Internetadresse – Das www ist nicht nötig 119Merkmale einer vertrauenswürdigen Webseite 122Warnhinweise erkennen und beachten 123Verdächtige Webseiten überprüfen lassen 125Gütesiegel erkennen und prüfen 126Unternehmensregister und andere Unternehmensdaten sinnvoll nutzen 128Ist die Umsatzsteuer-Identifikationsnummer gültig? 128Sind Bilanzen und andere Dokumente veröffentlicht? 129Für die letzten Zweifel: Der Handelsregisterauszug 130Sicher bezahlen im Internet 132Zahlung auf Rechnung 134SEPA-Lastschrift 135Abbuchungsauftrag unterschreiben 135Zahlung mit Kreditkarte 135Online-Bezahlsysteme 136KAPITEL 7 SPAM-UND PHISHING-MAILS ERKENNEN137Wie erkenne ich bösartige Nachrichten? 139Spear-Phishing – Die gezielte Phishing-Attacke 142Die gesunde Portion Skepsis 142Netiquette und die richtige Kommunikation 143Vishing – Der falsche Telefonanruf 145KAPITEL 8 HÄUFIG GESTELLTE FRAGEN 147Ich habe auf einen Phishing-Link geklickt.as kann ich nun tun? 147Brauche ich eine Anti-Viren-Software? 147Ich glaube, ich wurde gehackt Wie gehe ich am besten vor? 148Ich will, dass ein Anbieter meine Daten löscht.Wie schaffe ich das? 149Die Polizei hat mich mit der 110 angerufen.Ist der Anruf echt? 150Ist es sicher, Passwörter im iCloud-Schlüsselbund zu sichern? 150Ich weiß nicht, wo ich angemeldet bin, kann ich das irgendwo nachgucken? 151Warum wird das Darknet nicht verboten? 151Ich habe nichts zu verstecken Warum sollte ich meine Daten schützen? 152Ich werde per E-Mail erpresst Woher hat der Erpresser mein Passwort? 152Wie anonym bin ich im Inkognito-Modus der Standard-Browser? 153Wie kann ich meine Kinder zum sicheren Umgang im Netz bewegen? 153Welche Maßnahmen sind beim Betreiben von SmartTVs zu empfehlen? 154Ich suche online eine Ferienwohnung. Welche Betrugsmaschen gibt es? 154Was muss ich bei Gewinnspielen im Internet beachten? 155Beim Surfen öffnen sich ständig Fenster, auf die ich nicht geklickt habe 156Ich werde immer wieder auf Seiten weitergeleitet, die unseriös sind 156KAPITEL 9 ZEHN TYPISCHE BETRUGSMASCHEN IM INTERNET157Ware existiert nicht, wird aber trotzdem verkauft 157Wie schützen Sie sich? 157Der Dreiecksbetrug – Vorsicht, schwer zu durchschauen! 158Wie schützen Sie sich? 158Die Stellenanzeige -Zuverlockend? Vorsicht ist geboten 159Wie schützen Sie sich? 159Romance Scamming – Wenn digitale Liebe nicht echt ist 160Wie schützen Sie sich? 161Paketbetrug per SMS – Ein Klick vom Betrüger entfernt 161Wie schützen Sie sich? 162Einsammeln von Daten – Besser nicht ins Netz gehen 162Wie schützen Sie sich? 163Windows Updates – Return of the Suchleiste 163Wie schützen Sie sich? 163Erpressung in allen Formen und Varianten 164Wie schützen Sie sich? 164Gutscheinbetrug – Tausche Plastik gegen Geld 165Wie schützen Sie sich? 165Vorschussbetrug – Wenn Geld auch nicht gegen Geld fließt 165Wie schützen Sie sich? 166Inhaltsverzeichnis 15KAPITEL 10 DIE ZEHN BESTEN TIPPS FÜR DAS SICHERE SURFEN IM INTERNET167Erneuern, verwalten und pflegen Sie Ihre Passwörter! 167So viel Software wie nötig, so wenig wie möglich … und mit Update! 168Daten, die privat sind, sollten privat bleiben! 168Vorbereitet sein, Backup erstellen, sich sicher fühlen! 168Drei Augen sehen mehr: Nutzen Sie Antivirus-Software! 169Phishing? Schlagen Sie den Angreifern die Tür vor der Nase zu! 169Gehen Sie nicht auf ungeschützte Webseiten! 170Vermeiden Sie ungesicherte öffentliche Netzwerke! 170Prüfen und pflegen Sie Ihre Einstellungen! 171Virtual Private Network nutzen und unterwegs sicherer sein! 171Stichwortverzeichnis 173
Learning SD-WAN with Cisco
Explore the rise of SD-WAN with CISCO and transform your existing WAN into an agile, efficient, and cost-effective network.LEARNING SD-WAN WITH CISCO helps you understand the development of SD-WAN and its benefits to modern networks. This book starts with an exploration of the different components of SD-WAN, such as vBond for orchestration, vManage for management, vSmart for control, and the vEdge devices. From there, it moves on to building a network from the ground up using EVE-NG, focusing on how to install EVE-NG, get the required licenses via a SmartNET account, download the components, and begin to create your network by installing vManage.Once you have this foundation, you will create the organization and certificates, and look at local users as well as single- and multi-tenancy options and clustering. As you continue to build your network, you will dig down into the overlay protocols used in SD-WAN, and then deploy your controllers and edge devices, looking at zero-touch provisioning along the way.After building your network, you will configure and apply policies and templates to manage the control and data planes as well as VPNs, Internet access, security, and quality of service. The book also explores reporting and management using vManage, along with upgrading and troubleshooting the various components, using techniques from simple ping and trace route through to advanced techniques such as DTLS and TLOC troubleshooting and traffic simulation.After reading this book, you will have hands-on experience working with SD-WAN. You will understand how to deploy, configure, manage, and troubleshoot it.WHAT YOU WILL LEARN* Know what SD-WAN is, how it came about, and why we need it* Understand troubleshooting and traffic simulation of DTLS and TLOC * Monitor, report, and troubleshoot the SD-WAN environmentWHO THIS BOOK IS FORNetwork professionals with experience in Linux and Cisco devicesSTUART FORDHAM, CCIE 49337, is the Network Manager and Infrastructure Team Leader for SmartCommunications SC Ltd, which is the only provider of a cloud-based, next-generation customer communications platform. Stuart has written a series of books on BGP, MPLS, VPNs, and NAT, as well as a CCNA study guide and a Cisco ACI Cookbook. He lives in the UK with his wife and twin sons.Chapter 1: An Introduction To SD-WANCHAPTER GOAL: EXPLORE HOW SD-WAN EVOLVED AND WHY WE WOULD USE IT.NO OF PAGES 20SUB -TOPICS1. What is SD-WAN and what does it do for us?2. Cisco Viptela3. What comprises an SD-WANvBondvManagevSmartvEdgeChapter 2: Deployment OverviewCHAPTER GOAL: HOW WE ARE GOING TO DEPLOY OUR LAB AND WHAT RESOURCES WE NEEDNO OF PAGES: 15SUB - TOPICS1. EVE-NG – install and basic usage2. Smart-Net account – creating and licensing3. Downloading the components4. TopologyChapter 3: Deploying vManageCHAPTER GOAL: TO DEPLOY THE VMANAGE SERVER, GET FAMILIAR WITH IT AND PERFORM SOME BASIC SET UPNO OF PAGES : 20SUB - TOPICS:1. Installing vManage2. Creating our Organization3. Creating the certificates4. Managing images in the software repository5. Managing users6. Single and multi-tenancy options7. Clustering optionsChapter 4: Understanding The OverlayCHAPTER GOAL: TO GAIN A DEEPER UNDERSTANDING OF THE OVERLAY MECHANISMS THAT ARE USED IN SD-WANNO OF PAGES: 20SUB - TOPICS:1: The OMP routing protocol2: BFD3: TLOC4: VPN05: VPN 512Chapter 5: Deploying vBondCHAPTER GOAL: DEPLOY THE VBOND SERVER AND CONNECT IT TO OUR NETWORKNO OF PAGES : 10SUB - TOPICS:1. Configuring vBond2. Adding vBond to the network3. Other vBond deployment options:a. ESXib. KVMChapter 6: Deploying vSmartCHAPTER GOAL: DEPLOY THE VSMART CONTROLLER AND CONNECT IT TO OUR NETWORKNO OF PAGES : 10SUB - TOPICS:1. Configuring vSmart controller2. Adding the vSmart controller to the network3. Other vBond deployment options:a. ESXib. KVMChapter 7: Deploying vEdgeCHAPTER GOAL: DEPLOY THE VEDGE ROUTERS LOCALLY AND ON AWSNO OF PAGES : 20SUB - TOPICS:1. Configuring our vEdge routers2. Alternative deployment optionsa. ESXib. KVM3. Deploying vEdge on AWS4. Preparing vEdge for ZTPChapter 8: Configuring PoliciesCHAPTER GOAL: TO EXPLORE LOCALIZED AND CENTRALIZED POLICIESNO OF PAGES: 8SUB - TOPICS:1. About Localized and Centralized policies2. Configuring localized policies3. Configuring centralized policiesChapter 9: Exploring The Configuration TemplatesCHAPTER GOAL: TO WALKTHROUGH THE DIFFERENT TEMPLATE OPTIONS, CONFIGURING THEM AND PUSHING CHANGES TO DEVICESNO OF PAGES: 10-15SUB - TOPICS:1. Configuring AAA2. Configuring banners3. Configuring DHCP4. Configuring NTPChapter 10: Security And QoSCHAPTER GOAL: To set up security and quality of service across the SD-WANNO OF PAGES: 101. Configuring and verifying service insertion2. Application-aware firewall3. QoS Scheduling, Queuing, Shaping and PolicingChapter 11: Management And OperationsCHAPTER GOAL: To be able to perform monitoring and reporting with vManage, to be able to use the REST API and how to upgrade the devices.NO OF PAGES: 81. Monitoring and reporting with vManageConfiguring email notificationsExporting logs and dataMaintenance Windows2. Setting up SNMP3. Using the REST API4. UpgradingChapter 12: TroubleshootingCHAPTER GOAL: To get an understanding of common errors and how to fix themNO OF PAGES:201. Pinging devices2. Running Traceroute3. Performing packet captures4. Using SNMP traps5. Troubleshooting DTLS connection failures6. Troubleshooting TLOC issues7. Simulating traffic
Finance meets Logistics
Mit diesem Handbuch für Logistikerinnen und Controller optimieren Sie Ihre Prozesse und sorgen für reibungslose Abläufe. Christian Weißenborn "übersetzt" zwischen den Fachbereichen und stellt Ihnen typische Szenarien für die Integration von MM, PP, SD und FI/CO vor. Ob Lieferanten-Konsignation, Fremdbearbeitung oder Variantenfertigung – dank anschaulicher Prozessdiagramme und passender Buchungsschemas sind Sie bestens gerüstet für Ihr nächstes SAP-Projekt! Aus dem Inhalt: Grundlagen und SAP-FachbegriffeSchwimmbahndiagramme und BuchungsschemasSzenarien ohne Produktion, z.B. Einkauf Lagermaterial, StreckengeschäftSzenarien mit anonymer Produktion, z.B. Diskrete und SerienfertigungSzenarien mit kundenauftragsorientierter Produktion, z.B. Kundeneinzelfertigung und Automotive-RückmeldungSzenarien mit Kundenauftrags-ControllingServicaufträgeKundenprojekte Einleitung ... 15 1. Grundlagen und SAP-Fachbegriffe ... 19 1.1 ... Buchhaltung ... 19 1.2 ... Controlling ... 25 1.3 ... Logistik ... 32 1.4 ... Prozessdarstellung ... 41 1.5 ... Organisationsstruktur ... 43 1.6 ... Elemente des Buchungsschemas ... 45 2. Szenarien ohne Produktion ... 47 2.1 ... Einkauf Lagermaterial ... 48 2.2 ... Verkauf Eigenerzeugnis aus Lager ... 53 2.3 ... Handelsware mit Verkauf ab Lager ... 67 2.4 ... Handelsware mit Einzelbestellung ... 72 2.5 ... Streckengeschäft ... 83 2.6 ... Streckengeschäft ohne Lieferavis ... 90 2.7 ... Lohnbearbeitung ... 96 2.8 ... Lieferantenkonsignation ... 109 2.9 ... Kundenkonsignation ... 116 2.10 ... Buchungskreisübergreifender Verkauf ... 126 3. Szenarien mit anonymer Produktion ... 139 3.1 ... Diskrete Fertigung ... 140 3.2 ... Diskrete Fertigung mit Ware in Arbeit und Abweichung ... 155 3.3 ... Serienfertigung ... 182 3.4 ... Serienfertigung mit WIP und Abweichung ... 197 3.5 ... Fremdbearbeitung ... 221 3.6 ... Fremdbearbeitung mit Lohnbearbeitung ... 234 3.7 ... Fertigungsauftrag mit Produktkostensammler ... 248 3.8 ... Kuppelproduktion mit Fertigungsauftrag ... 264 4. Szenarien mit kundenauftragsorientierter Produktion ... 289 4.1 ... Kundeneinzelfertigung ... 289 4.2 ... Variantenfertigung ... 310 4.3 ... Kundenauftragsorientierte Serienfertigung ... 328 4.4 ... PP/DS-Produktionsrückmeldung ... 344 5. Szenarien mit Kundenauftragscontrolling ... 375 5.1 ... Kundenauftragscontrolling mit bewertetem Kundenauftragsbestand ... 375 5.2 ... Kundenauftragscontrolling mit unbewertetem Kundenauftragsbestand ... 396 6. Weitere Szenarien ... 425 6.1 ... Serviceauftrag mit aufwandsbezogener Faktura ... 425 6.2 ... Kundenprojekt ... 450 7. Zusammenfassung ... 489 7.1 ... Anwendung der Buchungsschemata ... 489 7.2 ... Aus der Praxis ... 494 Anhang ... 495 A ... Kontenzuordnung Bilanz- und GuV-Struktur ... 497 B ... MM-Kontenfindung -- Vorgänge ... 501 C ... Transaktionen ... 505 Autor ... 511 Index ... 513