Bezpieczeństwo systemów
Paul Huijbregts, Joe Anich, Justen Graves
With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.
Paul Huijbregts, Ru Campbell, Joe Anich, Justen...
Modern organizations run on constantly changing endpoints, yet many teams still struggle to make Microsoft Defender for Endpoint a dependable control. Coverage gaps, noisy detections, mixed platforms, and unclear device behavior often get in the way of effective prevention, detection, and response.This second edition helps you tackle those challenges directly. Updated for today’s Defender for Endpoint and the broader Microsoft Defender ecosystem, it shows how MDE works across clients, servers, and now mobile devices, and how to align deployments with real-world constraints. New chapters on mobile threat defense, production rollout, and tuning provide practical guidance for moving beyond pilot environments, handling edge cases, and protecting critical and legacy assets.Throughout, the book brings together IT and SecOps viewpoints to help you operate Defender for Endpoint with more clarity and less friction. You’ll learn how to maintain sensor health, interpret incidents confidently, reduce noise without weakening protection, and troubleshoot recurring issues.Whether you’re refining an existing deployment or planning a new one, this edition gives you a clearer path to making Defender for Endpoint a reliable part of your security program.
Pierre Thoor, Matthew Zorich
Written by a recognized cybersecurity expert, Microsoft Defender for Identity in Depth not only lays the groundwork for deploying and managing MDI, but also takes your knowledge to expert levels, enabling you to strengthen your organization against the most advanced cyber threats.You’ll familiarize yourself with the essentials of MDI, from seamless setup to leveraging PowerShell for automation, setting the stage for exploring advanced integrations and capabilities. Through practical, real-world examples, you’ll learn how to extend MDI’s reach by using APIs and conducting proactive threat hunting with KQL to turn insights into actions.The book gradually shifts focus to operational excellence, helping you develop expertise in investigating alerts, optimizing action accounts, and troubleshooting, which will empower you to master the building and maintenance of a robust ITDR framework and strengthen your security posture.By the end of this book, you’ll be able to harness the full potential of MDI’s functionalities, positioning you as a key player in your organization’s cybersecurity defenses.
Aaron Guilmette, James Hardiman, Doug Haven, Dwayne...
SC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation.You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks.By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.
David Steadman, Jeff Ingalls
Microsoft Identity Manager 2016 is Microsoft’s solution to identity management. When fully installed, the product utilizes SQL, SharePoint, IIS, web services, the .NET Framework, and SCSM to name a few, allowing it to be customized to meet nearly every business requirement. The book is divided into 15 chapters and begins with an overview of the product, what it does, and what it does not do. To better understand the concepts in MIM, we introduce a fictitious company and their problems and goals, then build an identity solutions to fit those goals. Over the course of this book, we cover topics such as MIM installation and configuration, user and group management options, self-service solutions, role-based access control, reducing security threats, and finally operational troubleshooting and best practices.By the end of this book, you will have gained the necessary skills to deploy, manage and operate Microsoft Identity Manager 2016 to meet your business requirements and solve real-world customer problems.
Shabaz Darr, Viktor Hedberg, Simon Binder
Cloud technologies have massively increased the amount of data being produced and the places in which this data is stored. Without proper planning and discipline in configuring information protection for your data, you may be compromising information and regulatory compliance.Microsoft Information Protection Administrator SC-400 Certification Guide begins with an overview of the SC-400 exam, and then enables you to envision, implement, and administer the Information Protection suite offered by Microsoft. The book also provides you with hands-on labs, along with the theory of creating policies and rules for content classification, data loss prevention, governance, and protection. Toward the end, you'll be able to take mock tests to help you prepare effectively for the exam.By the end of this Microsoft book, you'll have covered everything needed to pass the SC-400 certification exam, and have a handy, on-the-job desktop reference guide.
Dwayne Natwick, Sonia Cuff
Cloud technologies have made building a defense-in-depth security strategy of paramount importance. Without proper planning and discipline in deploying the security posture across Microsoft 365 and Azure, you are compromising your infrastructure and data. Microsoft Security, Compliance, and Identity Fundamentals is a comprehensive guide that covers all of the exam objectives for the SC-900 exam while walking you through the core security services available for Microsoft 365 and Azure.This book starts by simplifying the concepts of security, compliance, and identity before helping you get to grips with Azure Active Directory, covering the capabilities of Microsoft’s identity and access management (IAM) solutions. You'll then advance to compliance center, information protection, and governance in Microsoft 365. You'll find out all you need to know about the services available within Azure and Microsoft 365 for building a defense-in-depth security posture, and finally become familiar with Microsoft's compliance monitoring capabilities.By the end of the book, you'll have gained the knowledge you need to take the SC-900 certification exam and implement solutions in real-life scenarios.
Microsoft Security Copilot. Master strategies for AI-driven cyber defense
Bi Yue Xu, Rod Trent
Be at the forefront of cybersecurity innovation with Microsoft Security Copilot, where advanced AI tackles the intricate challenges of digital defense. This book unveils Security Copilot’s powerful features, from AI-powered analytics revolutionizing security operations to comprehensive orchestration tools streamlining incident response and threat management. Through real-world case studies and frontline stories, you’ll learn how to truly harness AI advancements and unlock the full potential of Security Copilot within the expansive Microsoft ecosystem.Designed for security professionals navigating increasingly sophisticated cyber threats, this book equips you with the skills to accelerate threat detection and investigation, refine your security processes, and optimize cyber defense strategies.By the end of this book, you’ll have become a Security Copilot ninja, confidently crafting effective prompts, designing promptbooks, creating custom plugins, and integrating logic apps for enhanced automation.
Trevor Stuart, Joe Anich
Security in information technology has always been a topic of discussion, one that comes with various backgrounds, tools, responsibilities, education, and change! The SC-200 exam comprises a wide range of topics that introduce Microsoft technologies and general operations for security analysts in enterprises. This book is a comprehensive guide that covers the usefulness and applicability of Microsoft Security Stack in the daily activities of an enterprise security operations analyst.Starting with a quick overview of what it takes to prepare for the exam, you'll understand how to implement the learning in real-world scenarios. You'll learn to use Microsoft's security stack, including Microsoft 365 Defender, and Microsoft Sentinel, to detect, protect, and respond to adversary threats in your enterprise. This book will take you from legacy on-premises SOC and DFIR tools to leveraging all aspects of the M365 Defender suite as a modern replacement in a more effective and efficient way.By the end of this book, you'll have learned how to plan, deploy, and operationalize Microsoft's security stack in your enterprise and gained the confidence to pass the SC-200 exam.
Richard Diver, Gary Bushey, John Perkins
Microsoft Sentinel is a security information and event management (SIEM) tool developed by Microsoft that helps you integrate cloud security and artificial intelligence (AI). This book will teach you how to implement Microsoft Sentinel and understand how it can help detect security incidents in your environment with integrated AI, threat analysis, and built-in and community-driven logic.The first part of this book will introduce you to Microsoft Sentinel and Log Analytics, then move on to understanding data collection and management, as well as how to create effective Microsoft Sentinel queries to detect anomalous behaviors and activity patterns. The next part will focus on useful features, such as entity behavior analytics and Microsoft Sentinel playbooks, along with exploring the new bi-directional connector for ServiceNow. In the next part, you’ll be learning how to develop solutions that automate responses needed to handle security incidents and find out more about the latest developments in security, techniques to enhance your cloud security architecture, and explore how you can contribute to the security community.By the end of this book, you’ll have learned how to implement Microsoft Sentinel to fit your needs and protect your environment from cyber threats and other security issues.
Microsoft Windows Server 2003/2008. Bezpieczeństwo środowiska z wykorzystaniem Forefront Security
Światowiak Jacek
Zapewnij bezpieczeństwo Twoim systemom informatycznym! Jak w pełni wykorzystać serwer ISA 2006? Jak zautomatyzować proces aktualizacji, korzystając z WSUS? Czym jest infrastruktura klucza publicznego, jak ją zaprojektować i wdrożyć? Jak chronić specjalizowane serwery i stacje robocze przed szkodliwym oprogramowaniem oraz spamem? Niniejsza książka jest unikalną na rynku wydawniczym publikacją, podejmującą temat bezpieczeństwa z wykorzystaniem pakietu Forefront Security Suite. Pakiet ten, będący odpowiedzią Microsoftu na rosnące wymagania w zakresie bezpieczeństwa systemów oraz danych przetwarzanych w nich i składowanych, oferuje całą gamę narzędzi zapewniających bezpieczne przechowywanie oraz przesyłanie danych, ochronę przed szkodliwym oprogramowaniem i niechcianą pocztą. Teraz możesz dowiedzieć się, jak w praktyce wykorzystać te możliwości! W trakcie lektury zapoznasz się z architekturą systemu Forefront Security Suite oraz jego zaletami. Zdobędziesz wiedzę na temat infrastruktury klucza publicznego, usługi WSUS (skrót od ang. Windows System Update Service) oraz metod wdrażania jednostki certyfikacyjnej. Ponadto dowiesz się, jak zagwarantować najwyższy poziom wiarygodności w systemach z rodziny Windows Server 2003/2008 oraz wykorzystać wszystkie programy i narzędzia pakietu. Dodatkowo zgłębisz tajniki zabezpieczania stacji roboczych z użyciem Forefront Client Security. Książka ta adresowana jest do administratorów serwerów, administratorów sieci, specjalistów od zabezpieczeń oraz pasjonatów zagadnień związanych z bezpieczeństwem systemów informatycznych. Architektura Microsoft Forefront Automatyczna aktualizacja systemów oraz oprogramowania Wdrażanie infrastruktury klucza publicznego Wykorzystanie kreatora konfiguracji zabezpieczeń Instalacja i praca z ISA Server 2006 w wersji Standard oraz Enterprise Dostęp VPN z wykorzystaniem serwera ISA 2006 Ochrona antyspamowa w Exchange 2003 oraz 2007 Zabezpieczanie serwerów Exchange - Forefront Server Security for Exchange Ochrona serwerów SharePoint - Forefront Server Security for SharePoint Zabezpieczanie środowiska OCS 2007 - Forefront Server Security for Office Communications Server 2007 Zarządzanie bezpieczeństwem serwerów z wykorzystaniem Forefront Server Security Management Console Przyszłość technologii - Forefront Threat Management Gateway oraz technologia Stirling Kompletne źródło informacji na temat bezpieczeństwa w systemach Windows Server 2003/2008!
Abhinav Mishra
Mobile App Reverse Engineering is a practical guide focused on helping cybersecurity professionals scale up their mobile security skills. With the IT world’s evolution in mobile operating systems, cybercriminals are increasingly focusing their efforts on mobile devices. This book enables you to keep up by discovering security issues through reverse engineering of mobile apps.This book starts with the basics of reverse engineering and teaches you how to set up an isolated virtual machine environment to perform reverse engineering. You’ll then learn about modern tools such as Ghidra and Radare2 to perform reverse engineering on mobile apps as well as understand how Android and iOS apps are developed. Next, you’ll explore different ways to reverse engineer some sample mobile apps developed for this book. As you advance, you’ll learn how reverse engineering can help in penetration testing of Android and iOS apps with the help of case studies. The concluding chapters will show you how to automate the process of reverse engineering and analyzing binaries to find low-hanging security issues.By the end of this reverse engineering book, you’ll have developed the skills you need to be able to reverse engineer Android and iOS apps and streamline the reverse engineering process with confidence.
Mobile Forensics - Advanced Investigative Strategies. Click here to enter text
Oleg Afonin, Vladimir Katalov
Investigating digital media is impossible without forensic tools. Dealing with complex forensic problems requires the use of dedicated tools, and even more importantly, the right strategies. In this book, you’ll learn strategies and methods to deal with information stored on smartphones and tablets and see how to put the right tools to work.We begin by helping you understand the concept of mobile devices as a source of valuable evidence. Throughout this book, you will explore strategies and plays and decide when to use each technique. We cover important techniques such as seizing techniques to shield the device, and acquisition techniques including physical acquisition (via a USB connection), logical acquisition via data backups, over-the-air acquisition. We also explore cloud analysis, evidence discovery and data analysis, tools for mobile forensics, and tools to help you discover and analyze evidence.By the end of the book, you will have a better understanding of the tools and methods used to deal with the challenges of acquiring, preserving, and extracting evidence stored on smartphones, tablets, and the cloud.
Igor Mikhaylov
Considering the emerging use of mobile phones, there is a growing need for mobile forensics. Mobile forensics focuses specifically on performing forensic examinations of mobile devices, which involves extracting, recovering and analyzing data for the purposes of information security, criminal and civil investigations, and internal investigations.Mobile Forensics Cookbook starts by explaining SIM cards acquisition and analysis using modern forensics tools. You will discover the different software solutions that enable digital forensic examiners to quickly and easily acquire forensic images. You will also learn about forensics analysis and acquisition on Android, iOS, Windows Mobile, and BlackBerry devices. Next, you will understand the importance of cloud computing in the world of mobile forensics and understand different techniques available to extract data from the cloud. Going through the fundamentals of SQLite and Plists Forensics, you will learn how to extract forensic artifacts from these sources with appropriate tools. By the end of this book, you will be well versed with the advanced mobile forensics techniques that will help you perform the complete forensic acquisition and analysis of user data stored in different devices.
Modele rozwiązań prawnych w systemie cyberbepiczeństwa RP. Rekomendacje
red. Katarzyna Chałubińska-Jentkiewicz, Agnieszka Brzostek
Przedmiotem zainteresowania Autorów stało się interdyscyplinarnie postrzegane cyberbezpieczeństwo, zaś badaniom poddano prawne i organizacyjne rozwiązania na rzecz efektywnego przeciwdziałania oraz zwalczania niebezpiecznych zachowań w cyberprzestrzeni. Wyzwaniem badawczym stały się także relacje pomiędzy systemem cyberbezpieczeństwa a systemem prawa i związanym z tym działaniem organów władzy publicznej. Ważne zagadnienie stanowiła również analiza prawno-administracyjnych uregulowań w zakresie ochrony danych osobowych oraz ochrony informacji w cyberprzestrzeni, a także odpowiedzialności karnej za naruszenie dóbr podlegających przedmiotowej ochronie. Prof. dr hab. Waldemar KITLER, ASZWOJ Publikacja wpisuje się w aktualny nurt nauk o cyberbezpieczeństwie i jest interdyscyplinarna, tak samo jak pojęcie i system cyberbezpieczeństwa, obejmując swoim zakresem prawo publiczne i prywatne. Istotą i tym co odróżnia ją o innych dostępnych na rynku opracowań w zakresie systemu cyberbezpieczeństwa jest wskazanie przez każdego z Autorów rekomendacji w zakresie rozwoju określonych dziedzin prawa w systemie cyberbezpieczeństwa. dr hab. Jarosław Kostrubiec, prof. UMCS
Lisa Bock
In today's world, it is important to have confidence in your data storage and transmission strategy. Cryptography can provide you with this confidentiality, integrity, authentication, and non-repudiation. But are you aware of just what exactly is involved in using cryptographic techniques? Modern Cryptography for Cybersecurity Professionals helps you to gain a better understanding of the cryptographic elements necessary to secure your data.The book begins by helping you to understand why we need to secure data and how encryption can provide protection, whether it be in motion or at rest. You'll then delve into symmetric and asymmetric encryption and discover how a hash is used. As you advance, you'll see how the public key infrastructure (PKI) and certificates build trust between parties, so that we can confidently encrypt and exchange data. Finally, you'll explore the practical applications of cryptographic techniques, including passwords, email, and blockchain technology, along with securely transmitting data using a virtual private network (VPN).By the end of this cryptography book, you'll have gained a solid understanding of cryptographic techniques and terms, learned how symmetric and asymmetric encryption and hashed are used, and recognized the importance of key management and the PKI.
Mroczne odmęty phishingu. Nie daj się złowić!
Christopher Hadnagy, Michele Fincher, Robin Dreeke (Foreword)
Ofensywne i defensywne strony ataków e-mailowych Ataki za pomocą specjalnie spreparowanych wiadomości e-mail stały się jednym z najczęstszych i najbardziej uciążliwych zagrożeń. Mimo kampanii edukacyjnych i szeroko zakrojonych programów bezpieczeństwa phishing wciąż jest niezwykle skuteczną bronią przestępców. Jest tak, gdyż wykorzystuje odruchy, którymi kieruje się znakomita większość ludzi. Aby więc ochronić się przed atakiem, trzeba poznać zarówno podstawy ataków e-mailowych, jak i pewnych zasad psychologii i metod manipulacji ludzkim postępowaniem. Trzymasz w ręku świetny przewodnik po mrocznym świecie phishingu. Opisano tu formy tego rodzaju ataków, przedstawiono sposoby rozpoznawania fałszywych wiadomości e-mail czy sklonowanych stron internetowych. Omówiono również socjotechniczne aspekty phishingu, dzięki czemu lepiej zrozumiesz psychologiczne mechanizmy rządzące postępowaniem ofiary. Po lekturze tej książki będziesz również wiedział, jak udoskonalić firmowy system bezpieczeństwa, aby skutecznie odpierać ataki e-mailowe — nawet te bardzo wyrafinowane! W tej książce: opis słynnych włamań dokonanych za pomocą spreparowanych e-maili analiza celów ataku i korzyści, jakie osiągają atakujący psychologiczne i socjologiczne podstawy phishingu analiza przyczyn nieskuteczności firmowych programów budowania świadomości bezpieczeństwa informacji metody rozpoznawania ataków metody ochrony systemu informatycznego przed phishingiem Nie daj się złapać na haczyk! Strzeż swego bezpieczeństwa! Christopher Hadnagy jest założycielem spółki Social-Engineer. Od ponad 15 lat zajmuje się kwestiami bezpieczeństwa informacji. Specjalizuje się w badaniu socjotechnicznych metod zdobywania nieuprawnionego dostępu do informacji. Wzięty autor i aktywny uczestnik wielu konferencji. Michele Fincher jest behawiorystką, badaczką i ekspertką w dziedzinie bezpieczeństwa informacji. Pracowała dla Sił Powietrznych USA, gdzie zajmowała się bezpieczeństwem informacji, włączając w to wykłady w Air Force Academy. Obecnie przyczynia się do sukcesu firmy Social-Engineer.
Peter Rising, Nate Chamberlain
Exam MS-700: Managing Microsoft Teams tests your knowledge and competence in the deployment, management, and monitoring of Microsoft Teams features within the Microsoft 365 platform.This book will teach you how to effectively plan and implement the required services using both the Teams admin centre within Microsoft 365 and Windows PowerShell. Throughout the chapters, you'll learn about all the policies relating to messaging, teams, meetings, and more; get to grips with the settings; and explore configuration options that a Teams administrator would encounter in their day-to-day responsibilities. You'll also discover best practices for rolling out and managing Teams services for users within your Microsoft 365 tenant as you explore each objective in detail.By the end of this Microsoft Teams book, you'll have covered everything you need to pass the MS-700 certification exam and have a handy, on-the-job desktop reference guide.
Arun Narayanan, Praseed Pai, Shine Xavier
Knowing about design patterns enables developers to improve their code base, promoting code reuse and making their design more robust.This book focuses on the practical aspects of programming in .NET. You will learn about some of the relevant design patterns (and their application) that are most widely used. We start with classic object-oriented programming (OOP) techniques, evaluate parallel programming and concurrency models, enhance implementations by mixing OOP and functional programming, and finally to the reactive programming model where functional programming and OOP are used in synergy to write better code. Throughout this book, we’ll show you how to deal with architecture/design techniques, GoF patterns, relevant patterns from other catalogs, functional programming, and reactive programming techniques. After reading this book, you will be able to convincingly leverage these design patterns (factory pattern, builder pattern, prototype pattern, adapter pattern, facade pattern, decorator pattern, observer pattern and so on) for your programs. You will also be able to write fluid functional code in .NET that would leverage concurrency and parallelism!
.NET MAUI for C# Developers. Build cross-platform mobile and desktop applications
Jesse Liberty, Rodrigo Juarez, Maddy Montaquila (Leger)
While UI plays a pivotal role in retaining users in a highly competitive landscape, maintaining the same UI can be tricky if you use different languages for different platforms, leading to mismatches and un-synced pages. In this book, you'll see how .NET MAUI allows you to create a real-world application that will run natively on different platforms. By building on your C# experience, you’ll further learn to create beautiful and engaging UI using XAML, architect a solid app, and discover best practices for this Microsoft platform.The book starts with the fundamentals and quickly moves on to intermediate and advanced topics on laying out your pages, navigating between them, and adding controls to gather and display data. You’ll explore the key architectural pattern of Model-View-ViewModel: and ways to leverage it. You’ll also use xUnit and NSubstitute to create robust and reliable code.By the end of this book, you’ll be well-equipped to leverage .NET MAUI and create an API for your app to interact with a web frontend to the backend data using C#.
Aditya Mukherjee
With advanced cyber attacks severely impacting industry giants and the constantly evolving threat landscape, organizations are adopting complex systems to maintain robust and secure environments. Network Security Strategies will help you get well-versed with the tools and techniques required to protect any network environment against modern cyber threats.You’ll understand how to identify security vulnerabilities across the network and how to effectively use a variety of network security techniques and platforms. Next, the book will show you how to design a robust network that provides top-notch security to protect against traditional and new evolving attacks. With the help of detailed solutions and explanations, you'll be able to monitor networks skillfully and identify potential risks. Finally, the book will cover topics relating to thought leadership and the management aspects of network security.By the end of this network security book, you'll be well-versed in defending your network from threats and be able to consistently maintain operational efficiency, security, and privacy in your environment.
Network Security with pfSense. Architect, deploy, and operate enterprise-grade firewalls
Manuj Aggarwal
While connected to the internet, you’re a potential target for an array of cyber threats, such as hackers, keyloggers, and Trojans that attack through unpatched security holes. A firewall works as a barrier (or ‘shield’) between your computer and cyberspace. pfSense is highly versatile firewall software. With thousands of enterprises using pfSense, it is fast becoming the world's most trusted open source network security solution.Network Security with pfSense begins with an introduction to pfSense, where you will gain an understanding of what pfSense is, its key features, and advantages. Next, you will learn how to configure pfSense as a firewall and create and manage firewall rules. As you make your way through the chapters, you will test pfSense for failover and load balancing across multiple wide area network (WAN) connections. You will then configure pfSense with OpenVPN for secure remote connectivity and implement IPsec VPN tunnels with pfSense. In the concluding chapters, you’ll understand how to configure and integrate pfSense as a Squid proxy server.By the end of this book, you will be able to leverage the power of pfSense to build a secure network.
Network Vulnerability Assessment. Identify security loopholes in your network’s infrastructure
Sagar Rahalkar
The tech world has been taken over by digitization to a very large extent, and so it’s become extremely important for an organization to actively design security mechanisms for their network infrastructures. Analyzing vulnerabilities can be one of the best ways to secure your network infrastructure.Network Vulnerability Assessment starts with network security assessment concepts, workflows, and architectures. Then, you will use open source tools to perform both active and passive network scanning. As you make your way through the chapters, you will use these scanning results to analyze and design a threat model for network security. In the concluding chapters, you will dig deeper into concepts such as IP network analysis, Microsoft Services, and mail services. You will also get to grips with various security best practices, which will help you build your network security mechanism.By the end of this book, you will be in a position to build a security framework fit for an organization.
NHibernate 4.x Cookbook. Click here to enter text. - Second Edition
Gunnar Liljas, Alexander Zaytsev, Jason Dentler
NHibernate is a mature, flexible, scalable, and feature-complete open source project for data access. Although it sounds like an easy task to build and maintain database applications, it can be challenging to get beyond the basics and develop applications that meet your needs perfectly. NHibernate allows you to use plain SQL and stored procedures less and keep focus on your application logic instead. Learning the best practices for a NHibernate-based application will help you avoid problems and ensure that your project is a success. The book will take you from the absolute basics of NHibernate through to its most advanced features, showing you how to take full advantage of each concept to quickly create amazing database applications. You will learn several techniques for each of the four core NHibernate tasks—configuration, mapping, session and transaction management, and querying—and which techniques fit best with various types of applications. In short, you will be able to build an application using NHibernate by the end of the book. You will also learn how to best implement enterprise application architecture patterns using NHibernate, leading to clean, easy-to-understand code and increased productivity. In addition to new features, you will learn creative ways to extend the NHibernate core, as well as gaining techniques to work with the NHibernate search, shards, spatial, envers, and validation projects.