Defensive Security Handbook. Best Practices for Securing Infrastructure

(ebook) (audiobook) (audiobook)

Autorzy:: Lee Brotherston, Amanda Berlin

Niedostępna

Defensive Security Handbook. Best Practices for Securing Infrastructure Lee Brotherston, Amanda Berlin - okladka książki

Defensive Security Handbook. Best Practices for Securing Infrastructure Lee Brotherston, Amanda Berlin - audiobook MP3

Defensive Security Handbook. Best Practices for Securing Infrastructure Lee Brotherston, Amanda Berlin - audiobook CD

Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 284
Dostępne formaty:: ePub

Mobi

Ebook

149,00 zł

Powiadom mnie, gdy książka będzie dostępna

Przenieś na półkę

Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job. For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.

Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others. Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks.

Learn fundamentals of starting or redesigning an InfoSec program
Create a base set of policies, standards, and procedures
Plan and design incident response, disaster recovery, compliance, and physical security
Bolster Microsoft and Unix systems, network infrastructure, and password management
Use segmentation practices and designs to compartmentalize your network
Explore automated process and tools for vulnerability management
Securely develop code to reduce exploitable errors
Understand basic penetration testing concepts through purple teaming
Delve into IDS, IPS, SOC, logging, and monitoring

Wybrane bestsellery

O autorach książki

Lee Brotherston zawodowo zajmuje się bezpieczeństwem systemów informatycznych od ponad dziesięciu lat. Problematykę tę poznał od podszewki w czasie pracy na różnych stanowiskach: od inżyniera zabezpieczeń do dyrektora ds. bezpieczeństwa. Pracował w wielu branżach, w tym w finansach, telekomunikacji, hotelarstwie, rozrywce i dla instytucji rządowych.

Amanda Berlin co najmniej od dekady jest architektem bezpieczeństwa informacji. Pracuje dla firmy doradczej w północnym Ohio. Uczestniczyła we wdrażaniu standardu PCI, który ma zapewnić bezpieczne stosowanie kart płatniczych, oraz w budowie kompleksowego programu edukacyjnego na temat phishingu.

Ebooka "Defensive Security Handbook. Best Practices for Securing Infrastructure" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Booxs i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka "Defensive Security Handbook. Best Practices for Securing Infrastructure" posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolonych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video "Defensive Security Handbook. Best Practices for Securing Infrastructure" zobaczysz:

Oceny i opinie klientów: Defensive Security Handbook. Best Practices for Securing Infrastructure Lee Brotherston, Amanda Berlin (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.

Szczegóły książki

ISBN Ebooka:: 978-14-919-6033-2, 9781491960332
Data wydania ebooka :: 2017-04-03 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@helion.pl.
Język publikacji:: 1
Rozmiar pliku ePub:: 27.1MB
Rozmiar pliku Mobi:: 49.6MB

Zgłoś erratę
Kategorie:
Hacking » Bezpieczeństwo sieci
Hacking » Bezpieczeństwo systemów
Hacking » Inne

Spis treści książki

Foreword
Introduction
- Our Goal
- Who This Book Is For
- Navigating the Book
- Conventions Used in This Book
- OReilly Safari
- How to Contact Us
- Acknowledgments
  - Amanda
  - Lee
1. Creating a Security Program
- Lay the Groundwork
- Establish Teams
- Baseline Security Posture
- Assess Threats and Risks
  - Identify
  - Assess
  - Mitigate
  - Monitor
- Prioritize
- Create Milestones
- Use Cases, Tabletops, and Drills
- Expanding Your Team and Skillsets
- Conclusion
2. Asset Management and Documentation
- Information Classification
- Asset Management Implementation Steps
  - Defining the Lifecycle
  - Information Gathering
  - Change Tracking
  - Monitoring and Reporting
- Asset Management Guidelines
  - Automation
  - One Source of Truth
  - Organize a Company-Wide Team
  - Executive Champions
  - Software Licensing
  - Define Assets
- Documentation
  - Networking Equipment
  - Network
  - Servers
  - Desktops
  - Users
  - Applications
  - Other
- Conclusion
3. Policies
- Language
- Document Contents
- Topics
- Storage and Communication
- Conclusion
4. Standards and Procedures
- Standards
- Language
- Procedures
- Language
- Document Contents
- Conclusion
5. User Education
- Broken Processes
- Bridging the Gap
- Building Your Own Program
  - Establish Objectives
  - Establish Baselines
  - Scope and Create Program Rules and Guidelines
  - Implement and Document Program Infrastructure
  - Positive Reinforcement
  - Gamification
  - Define Incident Response Processes
- Gaining Meaningful Metrics
  - Measurements
  - Tracking Success Rate and Progress
  - Important Metrics
- Conclusion
6. Incident Response
- Processes
  - Pre-Incident Processes
  - Incident Processes
  - Post-Incident Processes
- Tools and Technology
  - Log Analysis
  - Disk and File Analysis
  - Memory Analysis
  - PCAP Analysis
  - All in One
- Conclusion
7. Disaster Recovery
- Setting Objectives
  - Recovery Point Objective
  - Recovery Time Objective
- Recovery Strategies
  - Backups
  - Warm Standby
  - High Availability
  - Alternate System
  - System Function Reassignment
- Dependencies
- Scenarios
- Invoking a Fail Over...and Back
- Testing
- Security Considerations
- Conclusion
8. Industry Compliance Standards and Frameworks
- Industry Compliance Standards
  - Payment Card Industry Data Security Standard (PCI DSS)
  - Health Insurance Portability & Accountability Act
  - Gramm-Leach Bliley Act
  - Family Educational Rights and Privacy Act
  - Sarbanes-Oxley Act
- Frameworks
  - Cloud Control Matrix
  - Center for Internet Security
  - Control Objectives for Information and Related Technologies
  - The Committee of Sponsoring Organizations of the Treadway Commission
  - ISO-27000 Series
  - NIST CyberSecurity Framework
- Regulated Industries
  - Financial
  - Government
  - Healthcare
- Conclusion
9. Physical Security
- Physical
  - Restrict Access
  - Video Surveillance
  - Authentication Maintenance
  - Secure Media
  - Datacenters
- Operational
  - Identify Visitors and Contractors
  - Visitor Actions
  - Contractor Actions
  - Badges
  - Include Physical Security Training
- Conclusion
10. Microsoft Windows Infrastructure
- Quick Wins
  - Upgrade
  - Third-Party Patches
  - Open Shares
- Active Directory Domain Services
  - Forest
  - Domain
  - Domain Controllers
  - OUs
  - Groups
  - Accounts
- Group Policy Objects
- EMET
  - Basic Configuration
  - Custom Configuration
  - Enterprise Deployment Strategies
- MS-SQL Server
  - When Third-Party Vendors Have Access
  - MS SQL Authentication
  - SA User Security
- Conclusion
11. Unix Application Servers
- Keeping Up-to-Date
  - Third-Party Software Updates
  - Core Operating System Updates
  - Hardening a Unix Application Server
    - Disable services
    - File permissions
    - Host-based firewalls
    - Managing file integrity
    - Separate disk partitions
    - chroot
    - Mandatory Access Controls
  - Conclusion
12. Endpoints
- Keeping Up-to-Date
  - Microsoft Windows
  - macOS
  - Unix Desktops
  - Third-Party Updates
- Hardening Endpoints
  - Disable Services
  - Desktop Firewalls
  - Full-Disk Encryption
  - Endpoint Protection Tools
- Mobile Device Management
- Endpoint Visibility
- Centralization
- Conclusion
13. Password Management and Multifactor Authentication
- Basic Password Practices
- Password Management Software
- Password Resets
- Password Breaches
- Encryption, Hashing, and Salting
  - Encryption
  - Hashing
  - Salting
- Password Storage Locations and Methods
- Password Security Objects
  - Setting a Fine-Grained Password Policy
- Multifactor Authentication
  - Why 2FA?
  - 2FA Methods
  - How It Works
  - Threats
  - Where It Should Be Implemented
- Conclusion
14. Network Infrastructure
- Firmware/Software Patching
- Device Hardening
  - Services
  - SNMP
  - Encrypted Protocols
  - Management Network
- Routers
- Switches
- Egress Filtering
- IPv6: A Cautionary Note
- TACACS+
- Conclusion
15. Segmentation
- Network Segmentation
  - Physical
  - Logical
    - VLANs
    - ACLs
    - NACs
    - VPNs
  - Physical and Logical Network Example
  - Software-Defined Networking
- Application
- Roles and Responsibilities
- Conclusion
16. Vulnerability Management
- How Vulnerability Scanning Works
- Authenticated versus Unauthenticated Scans
- Vulnerability Assessment Tools
- Vulnerability Management Program
  - Program Initialization
  - Business as Usual
- Remediation Prioritization
- Risk Acceptance
- Conclusion
17. Development
- Language Selection
  - 0xAssembly
  - /* C and C++ */
  - GO func()
  - #!/Python/Ruby/Perl
  - <? PHP ?>
- Secure Coding Guidelines
- Testing
  - Automated Static Testing
  - Automated Dynamic Testing
  - Peer Review
- System Development Lifecycle
- Conclusion
18. Purple Teaming
- Open Source Intelligence
  - Types of Information and Access
    - Physical assets
    - Company assets
    - Technology
    - Documents
    - Personal assets
  - OSINT Tools
    - Maltego
    - recon-ng
    - theharvester.py
    - Websites
  - Red Teaming
    - Responder
    - Rawr
  - Conclusion
19. IDS and IPS
- Types of IDS and IPS
  - Network-Based IDS
  - Host-Based IDS
  - IPS
- Cutting Out the Noise
- Writing Your Own Signatures
- NIDS and IPS Locations
- Encrypted Protocols
- Conclusion
20. Logging and Monitoring
- What to Log
- Where to Log
- Security Information and Event Management
- Designing the SIEM
- Log Analysis
- Logging and Alerting Examples
  - Authentication Systems
  - Application Logs
  - Proxy and Firewall Logs
- Log Aggregation
- Use Case Analysis
- Conclusion
21. The Extra Mile
- Email Servers
- DNS Servers
- Security through Obscurity
- Useful Resources
  - Books
  - Blogs
  - Podcasts
  - Tools
  - Websites
A. User Education Templates
- Live Phishing Education Slides
  - Youve Been Hacked!
  - What Just Happened, and Why?
  - Social Engineering 101(0101)
  - So Its OK That You Were Exploited (This Time)
  - No Blame, No Shames, Just...
  - A Few Strategies for Next Time
  - Because There Will Be a Next Time
  - If Something Feels Funny
  - If Something Looks Funny
  - If Something Sounds Funny
  - Feels, Looks, or Sounds FunnyCall the IS Helpdesk
  - What If I Already Clicked the Link, or Opened the Attachment?
  - What If I Didnt Click the Link or Attachment?
  - Your IT Team Is Here for You!
- Phishing Program Rules
Index

pokaż cały spis treści

O'Reilly Media - inne książki

Promocja

Keeping up with the Python ecosystem can be daunting. Its developer tooling doesn't provide the out-of-the-box experience native to languages like Rust and Go. When it comes to long-term project maintenance or collaborating with others, every Python project faces the same problem: how to build reliable workflows beyond local development while stayi
- ePub + Mobi
Hypermodern Python Tooling

Claudio Jolowicz

(203,15 zł najniższa cena z 30 dni)

211.65 zł ~~249.00 zł (-15%)~~
Promocja

Bringing a deep-learning project into production at scale is quite challenging. To successfully scale your project, a foundational understanding of full stack deep learning, including the knowledge that lies at the intersection of hardware, software, data, and algorithms, is required.This book illustrates complex concepts of full stack deep learnin
- ePub + Mobi
Deep Learning at Scale

Suneeta Mall

(245,65 zł najniższa cena z 30 dni)

254.15 zł ~~299.00 zł (-15%)~~
Promocja

Frontend developers have to consider many things: browser compatibility, usability, performance, scalability, SEO, and other best practices. But the most fundamental aspect of creating websites is one that often falls short: accessibility. Accessibility is the cornerstone of any website, and if a website is inaccessible, users won't be able to inte
- ePub + Mobi
Web Accessibility Cookbook

Manuel Matuzovic

(203,15 zł najniższa cena z 30 dni)

211.65 zł ~~249.00 zł (-15%)~~
Promocja

In this insightful and comprehensive guide, Addy Osmani shares more than a decade of experience working on the Chrome team at Google, uncovering secrets to engineering effectiveness, efficiency, and team success. Engineers and engineering leaders looking to scale their effectiveness and drive transformative results within their teams and organizati
- ePub + Mobi
Leading Effective Engineering Teams

Addy Osmani

(126,65 zł najniższa cena z 30 dni)

126.65 zł ~~149.00 zł (-15%)~~
Promocja

Data modeling is the single most overlooked feature in Power BI Desktop, yet it's what sets Power BI apart from other tools on the market. This practical book serves as your fast-forward button for data modeling with Power BI, Analysis Services tabular, and SQL databases. It serves as a starting point for data modeling, as well as a handy refresher
- ePub + Mobi
Data Modeling with Microsoft Power BI

Markus Ehrenmueller-Jensen

(203,15 zł najniższa cena z 30 dni)

211.65 zł ~~249.00 zł (-15%)~~
Promocja

C# is undeniably one of the most versatile programming languages available to engineers today. With this comprehensive guide, you'll learn just how powerful the combination of C# and .NET can be. Author Ian Griffiths guides you through C# 12.0 and .NET 8 fundamentals and techniques for building cloud, web, and desktop applications.Designed for expe
- ePub + Mobi
Programming C# 12

Ian Griffiths

(245,65 zł najniższa cena z 30 dni)

254.15 zł ~~299.00 zł (-15%)~~
Promocja

Learn how to get started with Futures Thinking. With this practical guide, Phil Balagtas, founder of the Design Futures Initiative and the global Speculative Futures network, shows you how designers and futurists have made futures work at companies such as Atari, IBM, Apple, Disney, Autodesk, Lufthansa, and McKinsey & Company.This book demystifies
- ePub + Mobi
Making Futures Work

Phil Balagtas

(160,65 zł najniższa cena z 30 dni)

160.65 zł ~~189.00 zł (-15%)~~
Promocja

Augmented Analytics isn't just another book on data and analytics; it's a holistic resource for reimagining the way your entire organization interacts with information to become insight-driven.Moving beyond traditional, limited ways of making sense of data, Augmented Analytics provides a dynamic, actionable strategy for improving your organization'
- ePub + Mobi
Augmented Analytics

Willi Weber, Tobias Zwingmann

(186,15 zł najniższa cena z 30 dni)

186.15 zł ~~219.00 zł (-15%)~~
Promocja

Learn how to prepare for—and pass—the Kubernetes and Cloud Native Associate (KCNA) certification exam. This practical guide serves as both a study guide and point of entry for practitioners looking to explore and adopt cloud native technologies. Adrián González Sánchez and Jorge Valenzuela Jiménez teach you not only the core technology fundamentals
- ePub + Mobi
Kubernetes and Cloud Native Associate (KCNA) Study Guide. In-Depth Exam Prep and Practice

Jorge Valenzuela Jiménez, Adrián González Sánchez

(177,65 zł najniższa cena z 30 dni)

177.65 zł ~~209.00 zł (-15%)~~
Promocja

Python is an excellent way to get started in programming, and this clear, concise guide walks you through Python a step at a time—beginning with basic programming concepts before moving on to functions, data structures, and object-oriented design. This revised third edition reflects the growing role of large language models (LLMs) in programming an
- ePub + Mobi
Think Python. 3rd Edition

Allen Downey

(152,15 zł najniższa cena z 30 dni)

160.65 zł ~~189.00 zł (-15%)~~

Zamknij

Proszę czekać...