舉報 
會員
Cybersecurity:Attack and Defense Strategies
ThisbookaimsatITprofessionalwhowanttoventuretheITsecuritydomain.ITpentester,Securityconsultants,andethicalhackerswillalsofindthiscourseuseful.Priorknowledgeofpenetrationtestingwouldbebeneficial.
最新章節
- Leave a review - let other readers know what you think
- Other Books You May Enjoy
- Summary
- References
- Web server logs
- Firewall logs
品牌:中圖公司
上架時間:2021-06-30 18:31:25
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Leave a review - let other readers know what you think 更新時間:2021-06-30 19:16:50
- Other Books You May Enjoy
- Summary
- References
- Web server logs
- Firewall logs
- Linux logs
- Windows logs
- Operating system logs
- Data correlation
- Log Analysis
- Summary
- References
- Conclusion
- Flexera (Secunia) Personal Software Inspector
- Implementing vulnerability management with Nessus
- Best practices for vulnerability management
- Implementation of vulnerability management
- Response planning tools
- Reporting and remediation tracking tools
- Vulnerability assessment tools
- Risk assessment tools
- Information management tools
- Foundstone's Enterprise
- StillSecure
- LANDesk Management Suite
- Peregrine tools
- Asset inventory tools
- Vulnerability management tools
- Response planning
- Reporting and remediation tracking
- Vulnerability assessment
- Analysis of acceptable risks
- Threat analysis
- Vulnerability analysis
- Analysis of policies and procedures
- Collecting data
- Scope
- Risk assessment
- Information management
- Asset inventory
- Creating a vulnerability management strategy
- Vulnerability Management
- Summary
- References
- Best practices for recovery
- Plan maintenance
- Plan testing training and exercising
- Equipment replacement
- Alternative sites
- Backups
- Developing recovery strategies
- Identifying the preventive controls
- Developing recovery priorities
- Identifying disruption impacts
- Identifying the critical IT resources
- Conducting business impact analysis
- Development of the contingency planning policy
- IT contingency planning process
- Contingency planning
- Live recovery
- Challenges
- Maintaining the plan
- Obtaining approval
- Testing the plan
- Creating the disaster recovery plan
- Collecting data
- Determining recovery strategies
- Prioritizing processes and operations
- Performing risk assessment
- Forming a disaster recovery team
- The disaster recovery planning process
- Disaster recovery plan
- Recovery Process
- Summary
- References
- Lessons learned
- Search and you shall find it
- Investigating a compromised system in a hybrid cloud
- Investigating a compromised system on-premises
- Key artifacts
- Scoping the issue
- Investigating an Incident
- Summary
- References
- Leveraging threat intelligence to investigate suspicious activity
- Azure Security Center
- Microsoft threat intelligence
- Open source tools for threat intelligence
- Introduction to threat intelligence
- Threat Intelligence
- Summary
- References
- Azure Security Center
- Behavior analytics in a hybrid cloud
- Device placement
- Behavior analytics on-premises
- Anomaly-based detection
- Rule-based detection
- Intrusion prevention system
- Intrusion detection systems
- Indicators of compromise
- Detection capabilities
- Active Sensors
- Summary
- References
- Hybrid cloud network security
- Virtual network segmentation
- Site-to-site VPN
- Securing remote access to the network
- Discovering your network
- Physical network segmentation
- Endpoints
- Documents in transit
- Infrastructure and services
- Defense in depth approach
- Network Segmentation
- Summary
- References
- Monitoring for compliance
- Hardening
- Application whitelisting
- Policy enforcement
- Security awareness training
- Social media security guidelines for users
- Educating the end user
- Reviewing your security policy
- Security Policy
- Summary
- References
- Conclusion and lessons learned
- Hands-on example of privilege escalation on a Windows 8 target
- Launch daemon
- Exploration of vulnerabilities
- Dylib hijacking
- DLL search order hijacking
- DLL injection
- Bypassing user account control
- Application shimming
- Exploiting accessibility features
- Access token manipulation
- Exploiting unpatched operating systems
- Performing privilege escalation
- Avoiding alerts
- Vertical privilege escalation
- Horizontal privilege escalation
- Infiltration
- Privilege Escalation
- Summary
- References
- Email pillaging
- Central administrator consoles
- Breached host analysis
- Remote Registry
- Active Directory
- Pass-the-hash
- Token stealing
- Scheduled tasks
- Windows Management Instrumentation
- PowerShell
- Remote Desktop
- File shares
- Sysinternals
- Port scans
- Performing lateral movement
- Avoiding alerts
- Network mapping
- Infiltration
- Lateral Movement
- Summary
- References
- Other methods to hack identity
- Pass the hash
- Social engineering
- Brute force
- Hacking a user's identity
- Harvesting credentials
- Gaining access to the network
- Strategies for compromising a user's identity
- Identity is the new perimeter
- Chasing a User's Identity
- Summary
- References
- DDoS attacks
- Broken authentication
- Cross-site scripting
- SQL injection
- Compromising web-based systems
- Compromising a remote system
- Compromising systems using Ophcrack
- Compromising systems using preinstalled applications
- Compromising systems using a Linux Live CD
- Compromising systems using Kon-Boot or Hiren's BootCD
- Compromising operating systems
- Using Metasploit
- Installing and using a vulnerability scanner
- Deploying payloads
- Performing the steps to compromise a system
- Structured exception handler overwrites
- Buffer overflows
- Types of zero-day exploits
- Source code analysis
- Fuzzing
- Zero-day
- Exploiting a vulnerability
- Phishing
- Hacking the cloud
- Hacking everyday devices
- Mobile device attacks
- Backdoors
- IoT device attacks
- Data manipulation attacks
- Extortion attacks
- Analyzing current trends
- Compromising the System
- Summary
- References
- Conclusion of the reconnaissance chapter
- Wardriving
- Aircrack-ng
- Metasploit
- Nessus
- Cain and Abel
- Scanrand
- Wireshark
- NMap
- tcpdump
- Prismdump
- Sniffing and scanning
- Internal reconnaissance
- Tailgating
- Quid pro quo
- Baiting
- Water holing
- Spear phishing
- Phone phishing (vishing)
- Phishing
- Diversion theft
- Pretexting
- Social engineering
- Social media
- Dumpster diving
- External reconnaissance
- Reconnaissance
- Summary
- References
- Threat life cycle management
- Obfuscation
- Assault
- Sustainment
- Exfiltration
- Horizontal privilege escalation
- Vertical privilege escalation
- Access and privilege escalation
- Cain and Abel
- Kismet
- Nikto
- Aircrack-ng
- Wireshark
- THC Hydra
- John the Ripper
- Metasploit
- NMap
- Scanning
- External reconnaissance
- Understanding the Cybersecurity Kill Chain
- Summary
- References
- Updating your IR process to include cloud
- Incident response in the cloud
- Lessons learned
- Real-world scenario
- Post-incident activity
- Best practices to optimize incident handling
- Handling an incident
- Incident life cycle
- Incident response team
- Creating an incident response process
- Reasons to have an IR process in place
- Incident response process
- Incident Response Process
- Summary
- References
- Assume breach
- The Red and Blue Team
- Enhancing your security posture
- The shift in the threat landscape
- Old techniques and broader results
- Cybersecurity challenges
- Data
- Apps
- The credentials – authentication and authorization
- The current threat landscape
- Security Posture
- Reviews
- Get in touch
- Conventions used
- Download the color images
- To get the most out of this book
- What this book covers
- Who this book is for
- Preface
- Packt is searching for authors like you
- About the reviewers
- About the authors
- Contributors
- PacktPub.com
- Why subscribe?
- Packt Upsell
- Title Page
- coverpage
- coverpage
- Title Page
- Packt Upsell
- Why subscribe?
- PacktPub.com
- Contributors
- About the authors
- About the reviewers
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Security Posture
- The current threat landscape
- The credentials – authentication and authorization
- Apps
- Data
- Cybersecurity challenges
- Old techniques and broader results
- The shift in the threat landscape
- Enhancing your security posture
- The Red and Blue Team
- Assume breach
- References
- Summary
- Incident Response Process
- Incident response process
- Reasons to have an IR process in place
- Creating an incident response process
- Incident response team
- Incident life cycle
- Handling an incident
- Best practices to optimize incident handling
- Post-incident activity
- Real-world scenario
- Lessons learned
- Incident response in the cloud
- Updating your IR process to include cloud
- References
- Summary
- Understanding the Cybersecurity Kill Chain
- External reconnaissance
- Scanning
- NMap
- Metasploit
- John the Ripper
- THC Hydra
- Wireshark
- Aircrack-ng
- Nikto
- Kismet
- Cain and Abel
- Access and privilege escalation
- Vertical privilege escalation
- Horizontal privilege escalation
- Exfiltration
- Sustainment
- Assault
- Obfuscation
- Threat life cycle management
- References
- Summary
- Reconnaissance
- External reconnaissance
- Dumpster diving
- Social media
- Social engineering
- Pretexting
- Diversion theft
- Phishing
- Phone phishing (vishing)
- Spear phishing
- Water holing
- Baiting
- Quid pro quo
- Tailgating
- Internal reconnaissance
- Sniffing and scanning
- Prismdump
- tcpdump
- NMap
- Wireshark
- Scanrand
- Cain and Abel
- Nessus
- Metasploit
- Aircrack-ng
- Wardriving
- Conclusion of the reconnaissance chapter
- References
- Summary
- Compromising the System
- Analyzing current trends
- Extortion attacks
- Data manipulation attacks
- IoT device attacks
- Backdoors
- Mobile device attacks
- Hacking everyday devices
- Hacking the cloud
- Phishing
- Exploiting a vulnerability
- Zero-day
- Fuzzing
- Source code analysis
- Types of zero-day exploits
- Buffer overflows
- Structured exception handler overwrites
- Performing the steps to compromise a system
- Deploying payloads
- Installing and using a vulnerability scanner
- Using Metasploit
- Compromising operating systems
- Compromising systems using Kon-Boot or Hiren's BootCD
- Compromising systems using a Linux Live CD
- Compromising systems using preinstalled applications
- Compromising systems using Ophcrack
- Compromising a remote system
- Compromising web-based systems
- SQL injection
- Cross-site scripting
- Broken authentication
- DDoS attacks
- References
- Summary
- Chasing a User's Identity
- Identity is the new perimeter
- Strategies for compromising a user's identity
- Gaining access to the network
- Harvesting credentials
- Hacking a user's identity
- Brute force
- Social engineering
- Pass the hash
- Other methods to hack identity
- References
- Summary
- Lateral Movement
- Infiltration
- Network mapping
- Avoiding alerts
- Performing lateral movement
- Port scans
- Sysinternals
- File shares
- Remote Desktop
- PowerShell
- Windows Management Instrumentation
- Scheduled tasks
- Token stealing
- Pass-the-hash
- Active Directory
- Remote Registry
- Breached host analysis
- Central administrator consoles
- Email pillaging
- References
- Summary
- Privilege Escalation
- Infiltration
- Horizontal privilege escalation
- Vertical privilege escalation
- Avoiding alerts
- Performing privilege escalation
- Exploiting unpatched operating systems
- Access token manipulation
- Exploiting accessibility features
- Application shimming
- Bypassing user account control
- DLL injection
- DLL search order hijacking
- Dylib hijacking
- Exploration of vulnerabilities
- Launch daemon
- Hands-on example of privilege escalation on a Windows 8 target
- Conclusion and lessons learned
- References
- Summary
- Security Policy
- Reviewing your security policy
- Educating the end user
- Social media security guidelines for users
- Security awareness training
- Policy enforcement
- Application whitelisting
- Hardening
- Monitoring for compliance
- References
- Summary
- Network Segmentation
- Defense in depth approach
- Infrastructure and services
- Documents in transit
- Endpoints
- Physical network segmentation
- Discovering your network
- Securing remote access to the network
- Site-to-site VPN
- Virtual network segmentation
- Hybrid cloud network security
- References
- Summary
- Active Sensors
- Detection capabilities
- Indicators of compromise
- Intrusion detection systems
- Intrusion prevention system
- Rule-based detection
- Anomaly-based detection
- Behavior analytics on-premises
- Device placement
- Behavior analytics in a hybrid cloud
- Azure Security Center
- References
- Summary
- Threat Intelligence
- Introduction to threat intelligence
- Open source tools for threat intelligence
- Microsoft threat intelligence
- Azure Security Center
- Leveraging threat intelligence to investigate suspicious activity
- References
- Summary
- Investigating an Incident
- Scoping the issue
- Key artifacts
- Investigating a compromised system on-premises
- Investigating a compromised system in a hybrid cloud
- Search and you shall find it
- Lessons learned
- References
- Summary
- Recovery Process
- Disaster recovery plan
- The disaster recovery planning process
- Forming a disaster recovery team
- Performing risk assessment
- Prioritizing processes and operations
- Determining recovery strategies
- Collecting data
- Creating the disaster recovery plan
- Testing the plan
- Obtaining approval
- Maintaining the plan
- Challenges
- Live recovery
- Contingency planning
- IT contingency planning process
- Development of the contingency planning policy
- Conducting business impact analysis
- Identifying the critical IT resources
- Identifying disruption impacts
- Developing recovery priorities
- Identifying the preventive controls
- Developing recovery strategies
- Backups
- Alternative sites
- Equipment replacement
- Plan testing training and exercising
- Plan maintenance
- Best practices for recovery
- References
- Summary
- Vulnerability Management
- Creating a vulnerability management strategy
- Asset inventory
- Information management
- Risk assessment
- Scope
- Collecting data
- Analysis of policies and procedures
- Vulnerability analysis
- Threat analysis
- Analysis of acceptable risks
- Vulnerability assessment
- Reporting and remediation tracking
- Response planning
- Vulnerability management tools
- Asset inventory tools
- Peregrine tools
- LANDesk Management Suite
- StillSecure
- Foundstone's Enterprise
- Information management tools
- Risk assessment tools
- Vulnerability assessment tools
- Reporting and remediation tracking tools
- Response planning tools
- Implementation of vulnerability management
- Best practices for vulnerability management
- Implementing vulnerability management with Nessus
- Flexera (Secunia) Personal Software Inspector
- Conclusion
- References
- Summary
- Log Analysis
- Data correlation
- Operating system logs
- Windows logs
- Linux logs
- Firewall logs
- Web server logs
- References
- Summary
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-30 19:16:50
