Mastering Defensive Security

(ebook) (audiobook) (audiobook)

Autor:: Cesar Bravo

Mastering Defensive Security Cesar Bravo - okładka książki

Mastering Defensive Security Cesar Bravo - okładka audiobooka MP3

Mastering Defensive Security Cesar Bravo - okładka audiobooks CD

Wydawnictwo:: Packt Publishing (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 528
Dostępne formaty:: PDF

ePub

Ebook

159,00 zł

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

Przenieś na półkę

Do przechowalni

Every organization has its own data and digital assets that need to be protected against an ever-growing threat landscape that compromises the availability, integrity, and confidentiality of crucial data. Therefore, it is important to train professionals in the latest defensive security skills and tools to secure them. Mastering Defensive Security provides you with in-depth knowledge of the latest cybersecurity threats along with the best tools and techniques needed to keep your infrastructure secure.

The book begins by establishing a strong foundation of cybersecurity concepts and advances to explore the latest security technologies such as Wireshark, Damn Vulnerable Web App (DVWA), Burp Suite, OpenVAS, and Nmap, hardware threats such as a weaponized Raspberry Pi, and hardening techniques for Unix, Windows, web applications, and cloud infrastructures. As you make progress through the chapters, you'll get to grips with several advanced techniques such as malware analysis, security automation, computer forensics, and vulnerability assessment, which will help you to leverage pentesting for security.

By the end of this book, you'll have become familiar with creating your own defensive security tools using IoT devices and developed advanced defensive security skills.

Wybrane bestsellery

O autorze książki

Cesar Bravo - jest badaczem i wynalazcą, który ma ponad 100 patentów na wynalazki związane z cyberbezpieczeństwem. Uwielbia dzielić się wiedzą. Prowadził na kilku uczelniach zajęcia z zakresu bezpieczeństwa cybernetycznego na wszystkich poziomach. Chętnie uczestniczy w prestiżowych konferencjach, takich jak TEDx; wygłasza prelekcje na temat cyberbezpieczeństwa i innowacji w Wielkiej Brytanii, Niemczech, Meksyku, USA i Hiszpanii.

Ebooka przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook
i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolonych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video zobaczysz:

Oceny i opinie klientów: Mastering Defensive Security Cesar Bravo (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.

Szczegóły książki

Tytuł oryginału:: Mastering Defensive Security
ISBN Ebooka:: 978-18-002-0609-0, 9781800206090
Data wydania ebooka:: 2022-01-06 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@helion.pl.
Język publikacji:: angielski
Rozmiar pliku Pdf:: 30.4MB
Rozmiar pliku ePub:: 25.6MB

Kategorie:
Hacking » Bezpieczeństwo systemów
Systemy operacyjne » Linux

Spis treści książki

Mastering Defensive Security
Foreword
Contributors
About the author
About the reviewers
Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the color images
- Conventions used
- Get in touch
- Share Your Thoughts
Section 1: Mastering Defensive Security Concepts
Chapter 1: A Refresher on Defensive Security Concepts
- Technical requirements
- Deep dive into the core of cybersecurity
  - The cybersecurity triad
  - Types of attacks
- Managing cybersecuritys legendary pain point: Passwords
  - Password breaches
  - Social engineering attacks using compromised passwords
  - Brute-force attacks
  - Dictionary attacks
  - Creating a secure password
  - Managing passwords at the enterprise level
  - Bonus track
- Mastering defense in depth
  - Factors to consider when creating DiD models
  - Asset identification
  - Defense by layers
  - Bonus track
- Comparing the blue and red teams
- Summary
- Further reading
Chapter 2: Managing Threats, Vulnerabilities, and Risks
- Technical requirements
- Understanding cybersecurity vulnerabilities and threats
  - Performing a vulnerability assessment
  - The vulnerability assessment process
  - When should you check for vulnerabilities?
  - Types of vulnerabilities
  - USB HID vulnerabilities
  - Types of USB HID attacks
  - A false sense of security
  - Protecting against USB HID attacks
- Managing cybersecurity risks
  - Risk identification
  - Risk assessment
  - Risk response
  - Risk monitoring
- The NIST Cybersecurity Framework
  - Identify
  - Protect
  - Detect
  - Respond
  - Recover
- Creating an effective Business Continuity Plan (BCP)
  - Creating a Business Impact Analysis (BIA)
  - Business Continuity Planning (BCP)
- Implementing a best-in-class DRP
  - Creating a DRP
  - Implementing the DRP
- Summary
- Further reading
Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits
- Creating world-class cybersecurity policies and procedures
  - Cybersecurity policies
  - Cybersecurity procedures
  - The CUDSE method
- Understanding and achieving compliance
  - Types of regulations
  - Achieving compliance
- Exploring, creating, and managing audits
  - Internal cybersecurity audits
  - External cybersecurity audits
  - Data management during audits
  - Types of cybersecurity audit
  - What triggers an audit?
- Applying a CMM
  - The goals of a CMM
  - Characteristics of a good CMM
  - The structure of a good CMM
  - Analyzing the results
  - Advantages of a CMM
- Summary
- Further reading
Chapter 4: Patching Layer 8
- Understanding layer 8 the insider threat
  - The inadvertent user
  - The malicious insider
  - How do you spot a malicious insider?
  - Protecting your infrastructure against malicious insiders
- Mastering the art of social engineering
  - The social engineering cycle
  - Social engineering techniques
  - Types of social engineering attacks
- Defending against social engineering attacks (patching layer 8)
  - Creating your training strategy
  - Admin rights
  - Implementing a strong BYOD policy
  - Performing random social engineering campaigns
- Summary
- Further reading
Chapter 5: Cybersecurity Technologies and Tools
- Technical requirements
- Advanced wireless tools for cybersecurity
  - Defending from wireless attacks
- Pentesting tools and methods
  - Metasploit framework
  - Social engineering toolkit
  - exe2hex
- Applying forensics tools and methods
  - Dealing with evidence
  - Forensic tools
  - Recovering deleted files
- Dealing with APTs
  - Defensive techniques
- Leveraging security threat intelligence
  - Threat intelligence 101
  - Implementing threat intelligence
- Converting a threat into a solution
  - The problem
  - The solution
- Summary
- Further reading
Section 2: Applying Defensive Security
Chapter 6: Securing Windows Infrastructures
- Technical requirements
- Applying Windows hardening
  - Hardening by the infrastructure team
  - Creating a hardening checklist
- Creating a patching strategy
  - The complexity of patching
  - Distribution of tasks (patching roles and assignments)
  - Distribution and deployment of patches
  - Types of patches
- Applying security to AD
  - Secure administrative hosts
  - Windows Server Security documentation
- Mastering endpoint security
  - Windows updates
  - Why move to Windows 10?
  - Physical security
  - Antivirus solutions
  - Windows Defender Firewall
  - Application control
  - URL filtering
  - Spam filtering
  - Client-facing systems
  - Backups
  - Users
  - Securing the data
- Leveraging encryption
  - Configuring BitLocker
- Summary
Chapter 7: Hardening a Unix Server
- Technical requirements
- Securing Unix services
  - Defining the purpose of the server
  - Secure startup configuration
  - Managing services
- Applying secure file permissions
  - Understanding ownership and permissions
  - Default permissions
  - Permissions in directories (folders)
  - Changing default permissions with umask
  - Permissions hierarchy
  - Comparing directory permissions
  - Changing permissions and ownership of a single file
  - Useful commands to search for unwanted permissions
- Enhancing the protection of the server by improving your access controls
  - Viewing ACLs
  - Managing ACLs
  - Default ACL on directories
  - Removing ACLs
  - Enhanced access controls
- Configuring host-based firewalls
  - Understanding iptables
  - Configuring iptables
  - SSH brute-force protection with iptables
  - Protecting from port scanning with iptables
- Advanced management of logs
  - Leveraging the logs
- Summary
- Further reading
Chapter 8: Enhancing Your Network Defensive Skills
- Technical requirements
- Using the master tool of network mapping Nmap
  - Phases of a cyber attack
  - Nmap
  - Nmap scripts
- Improving the protection of wireless networks
  - Wireless network vulnerabilities
  - User's safety guide for wireless networks
- Introducing Wireshark
  - Finding users using insecure protocols
  - FTP, HTTP, and other unencrypted traffic
  - Wireshark for defensive security
- Working with IPS/IDS
  - What is an IDS?
  - What is an IPS?
  - Free IDS/IPS
  - IPS versus IDS
- Summary
Chapter 9: Deep Diving into Physical Security
- Technical requirements
- Understanding physical security and associated threats
  - The powerful LAN Turtle
  - The stealthy Plunder Bug LAN Tap
  - The dangerous Packet Squirrel
  - The portable Shark Jack
  - The amazing Screen Crab
  - The advanced Key Croc
  - USB threats
  - Equipment theft
  - Environmental risks
- Physical security mechanisms
- Mastering physical security
  - Clean desk policy
  - Physical security audits
- Summary
- Further reading
Chapter 10: Applying IoT Security
- Technical requirements
- Understanding the Internet of Things
  - The risks
  - The vulnerabilities
- Understanding IoT networking technologies
  - LoRaWAN
  - Zigbee
  - Sigfox
  - Bluetooth
  - Security considerations
- Improving IoT security
- Creating cybersecurity hardware using IoT-enabled devices
  - Raspberry Pi firewall and intrusion detection system
  - Defensive security systems for industrial control systems (SCADA)
  - Secure USB-to-USB copy machine
  - Creating a $10 honeypot
  - Advanced monitoring of web apps and networks
  - Creating an internet ad blocker
  - Access control and physical security systems
- Bonus track Understanding the danger of unauthorized IoT devices
  - Detecting unauthorized IoT devices
  - Detecting a Raspberry Pi
  - Disabling rogue Raspberry Pi devices
- Summary
- Further reading
Chapter 11: Secure Development and Deployment on the Cloud
- Technical requirements
- Secure deployment and implementation of cloud applications
  - Security by cloud models
  - Data security in the cloud
- Securing Kubernetes and APIs
  - Cloud-native security
  - Controlling access to the Kubernetes API
  - Controlling access to kubelet
  - Preventing containers from loading unwanted kernel modules
  - Restricting access to etcd
  - Avoiding the use of alpha or beta features in production
  - Third-party integrations
- Hardening database services
- Testing your cloud security
  - Azure Security Center
  - Amazon CloudWatch
  - AppDynamics
  - Nessus vulnerability scanner
  - InsightVM
  - Intruder
- Summary
- Further reading
Chapter 12: Mastering Web App Security
- Technical requirements
- Gathering intelligence about your site/web application
  - Importance of public data gathering
  - Open Source Intelligence
  - Hosting information
  - Checking data exposure with Google hacking (dorks)
- Leveraging DVWA
  - Installing DVWA on Kali Linux
- Overviewing the most common attacks on web applications
  - Exploring XSS attacks
- Using Burp Suite
  - Burp Suite versions
  - Setting up Burp Suite on Kali
- SQL injection attack on DVWA
  - Fixing a common error
- Brute forcing web applications' passwords
  - Analyzing the results
- Summary
- Further reading
Section 3: Deep Dive into Defensive Security
Chapter 13: Vulnerability Assessment Tools
- Technical requirements
- Dealing with vulnerabilities
  - Who should be looking for vulnerabilities?
  - Bug bounty programs
  - Internal vulnerabilities
  - Vulnerability testing tools
- Using a vulnerability assessment scanner (OpenVAS)
  - Authenticated tests
  - Installing OpenVAS
  - Using OpenVAS
  - Updating your feeds
- Overview of Nexpose Community
- Summary
- Further reading
Chapter 14: Malware Analysis
- Technical requirements
- Why should I analyze malware?
  - Malware functionality
  - Malware objectives
  - Malware connections
  - Malware backdoors
  - Affected systems
- Types and categories of malware analysis
  - Static malware analysis
  - Dynamic malware analysis
  - Hybrid malware analysis
  - Static properties analysis
  - Interactive behavior analysis
  - Fully automated analysis
  - Manual code reversing
- Best malware analysis tools
  - Process Explorer
  - Process Monitor
  - ProcDOT
  - Ghidra
  - PeStudio
- Performing malware analysis
  - Security measurements
  - Executing the analysis
- Summary
- Further reading
Chapter 15: Leveraging Pentesting for Defensive Security
- Technical requirements
- Understanding the importance of logs
  - Log files
  - Log management
  - The importance of logs
- Knowing your enemy's best friend Metasploit
  - Metasploit
  - Metasploit editions
  - Installing Armitage
  - Configuring Metasploit for the first time
  - Installing Armitage (continued)
  - Exploring Armitage
  - Launching an attack with Armitage
  - Executing Metasploit
- Other offensive hacking tools
  - Searchsploit
  - sqlmap
  - Weevely
- Summary
- Further reading
Chapter 16: Practicing Forensics
- Introduction to digital forensics
  - Forensics to recover deleted or missing data
- Digital forensics on defensive security
  - Who should be in charge of digital forensics?
  - The digital forensics process
- Forensics platforms
  - CAINE
  - SIFT Workstation
  - PALADIN
- Finding evidence
  - Sources of data
- Mobile forensics
  - Deviceless forensics
  - Important data sources on mobile devices
  - Transporting mobile devices
- Managing the evidence (from a legal perspective)
  - ISO 27037
  - Digital Evidence Policies and Procedures Manual
  - FBI's Digital Evidence Policy Guide
  - Regional Computer Forensics Laboratory
  - US Cybersecurity & Infrastructure Security Agency
- Summary
- Further reading
Chapter 17: Achieving Automation of Security Tools
- Why bother with automation?
  - Benefits of automation
  - The risks of ignoring automation
- Types of automated attacks
  - Account aggregation
  - Account creation
  - Ad fraud
  - CAPTCHA defeat
  - Card cracking
  - Carding
  - Cashing out
  - Credential cracking
  - Credential stuffing
  - Denial of inventory
  - DoS
  - Expediting
  - Fingerprinting
  - Footprinting
  - Scalping
  - Sniping
  - Scraping
  - Skewing
  - Spamming
  - Token cracking
  - Vulnerability scanning
- Automation of cybersecurity tools using Python
  - Local file search
  - Basic forensics
  - Web scraping
  - Network security automation
- Cybersecurity automation with the Raspberry Pi
  - Automating threat intelligence gathering with a Fail2ban honeypot on a Raspberry Pi
  - Automated internet monitoring system with the Raspberry Pi
- Summary
- Further reading
Chapter 18: The Master's Compilation of Useful Resources
- Free cybersecurity templates
  - Business continuity plan and disaster recovery plan templates
  - Risk management
  - Design and management of cybersecurity policies and procedures
- Must-have web resources
  - Cyber threat or digital attack maps
  - Cybersecurity certifications
  - Cybersecurity news and blogs
  - Cybersecurity tools
  - Password-related tools
- Industry-leading best practices
  - Regulations and standards
  - Cybersecurity frameworks, standards, and more
- Summary
- Further reading
- Why subscribe?
Other Books You May Enjoy
- Packt is searching for authors like you
- Share Your Thoughts

pokaż cały spis treści