CompTIA Security+ Exam SY0-301 Rapid Review – For Security+ certification – #bookreview

CompTIA Security+ Exam SY0-301 Rapid Review
Michael Gregg
(Microsoft Press – paperback, Kindle)

IT security professionals know the importance of certifications to their careers and their continuing credibility with employers or potential clients.

The CompTIA Security+ Exam SY0-301 Rapid Review is a handy and helpful guide for IT security specialists who are preparing for Exam SY0-301, to earn a CompTIA vendor-neutral Security+ certification

Important note: This book is for certification candidates who are already well-versed in their field. It is specifically “designed to assess your readiness for the SY-301 exam,” the author notes. “It is not designed as a comprehensive exam preparation guide.”

If you want to begin studying for Exam SY0-301, you are urged to start with the CompTIA Security+ Training Kit, which is scheduled for release in 2013.

The Rapid Review and the SY0-301 exam are aimed at IT professionals who have “a minimum of two years of experience in IT administration with a focus on security.”

Also, exam candidates should have “[d]ay-to-day technical information security experience” and “[b]road knowledge of security concerns and implementation.”

Like the exam, the Rapid Review focuses on six areas: (1) network security; (2) compliance and operational security; (3) threats and vulnerabilities; (4) application, data and host security; (5) access control and identity management; and (6) cryptography.

Along with definitions and explanations, the Rapid Review challenges the reader with numerous true-false questions and “Can you answer these questions?” queries. The true-false answers and their explanations are presented immediately after the true-false questions. Meanwhile, the answers to the “Can you answer these questions?” queries are presented at the end of each chapter—and you have to do a bit more work and reviewing to sort them out.

Si Dunn

Advertisements

Ethics of Big Data – Thoughtful insights into key issues confronting big-data ‘gold mines’ – #management #bookreview

Ethics of Big Data
Kord Davis, with Doug Patterson
(O’Reilly, paperbackKindle)

“Big Data” and how to mine it for profit are red-hot topics in today’s business world. Many corporations now find themselves sitting atop virtual gold mines of customer information. And even small businesses now are attempting to find new ways to profit from their stashes of sales, marketing, and research data. 

Like it or not, you can’t block all of the cookies or tracking companies or sites that are following you, and each time you surf the web, you leave behind a “data exhaust” trail that has monetary value to others. Indeed, one recent start-up, Enliken, (“Data to the People”), is offering a way for computer users to gain some control over their data exhaust trail’s monetary value and choose who benefits from it, including some charities.

Ethics of Big Data does not seek to lay down a “hard-and-fast list of rules for the ethical handling of data.” The new book also doesn’t “tell you what to do with your data.” Its goals are “to help you engage in productive ethical discussions raised by today’s big-data-driven enterprises, propose a framework for thinking and talking about these issues, and introduce a methodology for aligning actions with values within an organization.”

It’s heady stuff, packed into just 64 pages. But the book is well written and definitely thought-provoking. It can serve as a focused guide for corporate leaders and others now hoping to get a grip on their own big-data situations, in ways that will not alienate their customers, partners, and stakeholders.

In the view of the authors: “For both individuals and organizations, four common elements define what can be considered a framework for big data:

  • “Identity – What is the relationship between our offline identity and our online identity?”
  • “Privacy – Who should control access to data?”
  • “Ownership – Who owns data, can rights be transferred, and what are the obligations of people who generate and use that data?”
  • “Reputation – How can we determine what data is trustworthy? Whether about ourselves, others, or anything else, big data exponentially increases the amount of information and ways we can interact with it. This phenomenon increases the complexity of managing how we are perceived and judged.”

Big-data technology itself is “ethnically neutral,” the authors contend, and it “has no value framework. Individuals and corporations, however, do have value systems, and it is only by asking and seeking answers to ethical questions that we can ensure big data is used in a way that aligns with those values.”

At the same time: “Big data is pushing corporate action further and more fully into individual lives through the sheer volume, variety, and velocity of the data being generated. Big-data product design, development, sales, and management actions expand their influence and impact over individuals’ lives that may be changing the common meanings of words like privacy, reputation, ownership, and identity.”

What will happen next as (1) big data continues to expand and intrude and (2) people and organizations  push back harder, is still anybody’s guess. But matters of ethics likely will remain at the center of the conflicts.

Indeed, some big-data gold mines could suffer devastating financial and legal cave-ins if greed is allowed to trump ethics.

Si Dunn

Security and Privacy for Microsoft Office 2010 Users – #bookreview #in

Security and Privacy for Microsoft Office 2010 Users
Mitch Tulloch
(Microsoft Press,
paperback, list price $9.99; Kindle edition, $0.00)
 

If you work for a company that uses Microsoft Office products, or if you have them in your own business, you may be concerned about security and privacy as you publish documents, download documents or collaborate on projects online. Indeed, there may be formal security and privacy restrictions in place.

At the same time, because of workload, you may have little time for formal training in Word, Excel, and PowerPoint. And you may not get much guidance on how you are supposed to comply with your employer’s restrictions. Indeed, you may be required and expected to just learn this stuff on your own.

This handy 84-page guidebook can help. Using typical office scenarios, it covers a number of everyday topics. These include working with Protected View, removing private information from documents, signing documents digitally, marking documents as final so they can’t be modified, encrypting documents, password-only access to documents, and restricting who can edit a document.

Security and Privacy for Microsoft Office 2010 Users is recommended for intermediate-level users of Microsoft Word, Excel, and PowerPoint. But the examples and illustrations are clear enough for Microsoft Office newcomers, as well.

Si Dunn

#