Cargando…
Cybersecurity - Attack and Defense Strategies : Infrastructure security with Red Team and Blue Team tactics.
With Cybercrime on a rise, Cybersecurity has become extremely vital to a large group of industries. Due to which, companies have started adopting the hard ways of preventing system breaches. This book will explore some Red Team and Blue Team tactics, where the Red Team tactics can be used in penetra...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing,
2018.
|
| Temas: | |
| Acceso en línea: | Texto completo |
MARC
| LEADER | 00000cam a2200000Mi 4500 | ||
|---|---|---|---|
| 001 | EBOOKCENTRAL_on1022788021 | ||
| 003 | OCoLC | ||
| 005 | 20240329122006.0 | ||
| 006 | m o d | ||
| 007 | cr |n|---||||| | ||
| 008 | 180210s2018 enk ob 000 0 eng d | ||
| 040 | |a EBLCP |b eng |e pn |c EBLCP |d NLE |d MERUC |d IDB |d YDX |d VT2 |d OCLCQ |d UKMGB |d OCLCO |d LVT |d OCLCF |d C6I |d UKAHL |d OCLCQ |d OCLCO |d K6U |d OCLCO |d OCLCQ |d OCLCO |d OCLCL | ||
| 015 | |a GBB898613 |2 bnb | ||
| 016 | 7 | |a 018754840 |2 Uk | |
| 019 | |a 1022773029 | ||
| 020 | |a 9781788473859 | ||
| 020 | |a 178847385X | ||
| 020 | |a 9781788475297 | ||
| 020 | |a 1788475291 | ||
| 024 | 3 | |a 9781788475297 | |
| 029 | 1 | |a UKMGB |b 018754840 | |
| 029 | 1 | |a AU@ |b 000067100659 | |
| 035 | |a (OCoLC)1022788021 |z (OCoLC)1022773029 | ||
| 037 | |a B08439 |b 01201872 | ||
| 050 | 4 | |a TK5105.59 |b .D564 2018eb | |
| 072 | 7 | |a COM |x 043050 |2 bisacsh | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Diogenes, Yuri. | |
| 245 | 1 | 0 | |a Cybersecurity - Attack and Defense Strategies : |b Infrastructure security with Red Team and Blue Team tactics. |
| 260 | |a Birmingham : |b Packt Publishing, |c 2018. | ||
| 300 | |a 1 online resource (368 pages) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | 0 | |a Print version record. | |
| 520 | |a With Cybercrime on a rise, Cybersecurity has become extremely vital to a large group of industries. Due to which, companies have started adopting the hard ways of preventing system breaches. This book will explore some Red Team and Blue Team tactics, where the Red Team tactics can be used in penetration for accessing sensitive data, and the ... | ||
| 504 | |a Includes bibliographical references. | ||
| 505 | 0 | |a Cover -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Security Posture -- The current threat landscape -- The credentials -- authentication and authorization -- Apps -- Data -- Cybersecurity challenges -- Old techniques and broader results -- The shift in the threat landscape -- Enhancing your security posture -- The Red and Blue Team -- Assume breach -- References -- Summary -- Chapter 2: Incident Response Process -- Incident response process -- Reasons to have an IR process in place -- Creating an incident response process -- Incident response team -- Incident life cycle -- Handling an incident -- Best practices to optimize incident handling -- Post-incident activity -- Real-world scenario -- Lessons learned -- Incident response in the cloud -- Updating your IR process to include cloud -- References -- Summary -- Chapter 3: Understanding the Cybersecurity Kill Chain -- External reconnaissance -- Scanning -- NMap -- Metasploit -- John the Ripper -- THC Hydra -- Wireshark -- Aircrack-ng -- Nikto -- Kismet -- Cain and Abel -- Access and privilege escalation -- Vertical privilege escalation -- Horizontal privilege escalation -- Exfiltration -- Sustainment -- Assault -- Obfuscation -- Threat life cycle management -- References -- Summary -- Chapter 4: Reconnaissance -- External reconnaissance -- Dumpster diving -- Social media -- Social engineering -- Pretexting -- Diversion theft -- Phishing -- Phone phishing (vishing) -- Spear phishing -- Water holing -- Baiting -- Quid pro quo -- Tailgating -- Internal reconnaissance -- Sniffing and scanning -- Prismdump -- tcpdump -- NMap -- Wireshark -- Scanrand -- Cain and Abel -- Nessus -- Metasploit -- Aircrack-ng -- Wardriving -- Conclusion of the reconnaissance chapter -- References -- Summary -- Chapter 5: Compromising the System. | |
| 505 | 8 | |a Analyzing current trends -- Extortion attacks -- Data manipulation attacks -- IoT device attacks -- Backdoors -- Mobile device attacks -- Hacking everyday devices -- Hacking the cloud -- Phishing -- Exploiting a vulnerability -- Zero-day -- Fuzzing -- Source code analysis -- Types of zero-day exploits -- Buffer overflows -- Structured exception handler overwrites -- Performing the steps to compromise a system -- Deploying payloads -- Installing and using a vulnerability scanner -- Using Metasploit -- Compromising operating systems -- Compromising systems using Kon-Boot or Hiren's BootCD -- Compromising systems using a Linux Live CD -- Compromising systems using preinstalled applications -- Compromising systems using Ophcrack -- Compromising a remote system -- Compromising web-based systems -- SQL injection -- Cross-site scripting -- Broken authentication -- DDoS attacks -- References -- Summary -- Chapter 6: Chasing a User's Identity -- Identity is the new perimeter -- Strategies for compromising a user's identity -- Gaining access to the network -- Harvesting credentials -- Hacking a user's identity -- Brute force -- Social engineering -- Pass the hash -- Other methods to hack identity -- References -- Summary -- Chapter 7: Lateral Movement -- Infiltration -- Network mapping -- Avoiding alerts -- Performing lateral movement -- Port scans -- Sysinternals -- File shares -- Remote Desktop -- PowerShell -- Windows Management Instrumentation -- Scheduled tasks -- Token stealing -- Pass-the-hash -- Active Directory -- Remote Registry -- Breached host analysis -- Central administrator consoles -- Email pillaging -- References -- Summary -- Chapter 8: Privilege Escalation -- Infiltration -- Horizontal privilege escalation -- Vertical privilege escalation -- Avoiding alerts -- Performing privilege escalation -- Exploiting unpatched operating systems. | |
| 505 | 8 | |a Access token manipulation -- Exploiting accessibility features -- Application shimming -- Bypassing user account control -- DLL injection -- DLL search order hijacking -- Dylib hijacking -- Exploration of vulnerabilities -- Launch daemon -- Hands-on example of privilege escalation on a Windows 8 target -- Conclusion and lessons learned -- References -- Summary -- Chapter 9: Security Policy -- Reviewing your security policy -- Educating the end user -- Social media security guidelines for users -- Security awareness training -- Policy enforcement -- Application whitelisting -- Hardening -- Monitoring for compliance -- References -- Summary -- Chapter 10: Network Segmentation -- Defense in depth approach -- Infrastructure and services -- Documents in transit -- Endpoints -- Physical network segmentation -- Discovering your network -- Securing remote access to the network -- Site-to-site VPN -- Virtual network segmentation -- Hybrid cloud network security -- References -- Summary -- Chapter 11: Active Sensors -- Detection capabilities -- Indicators of compromise -- Intrusion detection systems -- Intrusion prevention system -- Rule-based detection -- Anomaly-based detection -- Behavior analytics on-premises -- Device placement -- Behavior analytics in a hybrid cloud -- Azure Security Center -- References -- Summary -- Chapter 12: Threat Intelligence -- Introduction to threat intelligence -- Open source tools for threat intelligence -- Microsoft threat intelligence -- Azure Security Center -- Leveraging threat intelligence to investigate suspicious activity -- References -- Summary -- Chapter 13: Investigating an Incident -- Scoping the issue -- Key artifacts -- Investigating a compromised system on-premises -- Investigating a compromised system in a hybrid cloud -- Search and you shall find it -- Lessons learned -- References -- Summary. | |
| 505 | 8 | |a Chapter 14: Recovery Process -- Disaster recovery plan -- The disaster recovery planning process -- Forming a disaster recovery team -- Performing risk assessment -- Prioritizing processes and operations -- Determining recovery strategies -- Collecting data -- Creating the disaster recovery plan -- Testing the plan -- Obtaining approval -- Maintaining the plan -- Challenges -- Live recovery -- Contingency planning -- IT contingency planning process -- Development of the contingency planning policy -- Conducting business impact analysis -- Identifying the critical IT resources -- Identifying disruption impacts -- Developing recovery priorities -- Identifying the preventive controls -- Developing recovery strategies -- Backups -- Alternative sites -- Equipment replacement -- Plan testing, training, and exercising -- Plan maintenance -- Best practices for recovery -- References -- Summary -- Chapter 15: Vulnerability Management -- Creating a vulnerability management strategy -- Asset inventory -- Information management -- Risk assessment -- Scope -- Collecting data -- Analysis of policies and procedures -- Vulnerability analysis -- Threat analysis -- Analysis of acceptable risks -- Vulnerability assessment -- Reporting and remediation tracking -- Response planning -- Vulnerability management tools -- Asset inventory tools -- Peregrine tools -- LANDesk Management Suite -- StillSecure -- Foundstone's Enterprise -- Information management tools -- Risk assessment tools -- Vulnerability assessment tools -- Reporting and remediation tracking tools -- Response planning tools -- Implementation of vulnerability management -- Best practices for vulnerability management -- Implementing vulnerability management with Nessus -- Flexera (Secunia) Personal Software Inspector -- Conclusion -- References -- Summary -- Chapter 16: Log Analysis -- Data correlation. | |
| 505 | 8 | |a Operating system logs -- Windows logs -- Linux logs -- Firewall logs -- Web server logs -- References -- Summary -- Other Books You May Enjoy -- Index. | |
| 590 | |a ProQuest Ebook Central |b Ebook Central Academic Complete | ||
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 0 | |a Computer crimes. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 6 | |a Criminalité informatique. | |
| 650 | 7 | |a Operating systems. |2 bicssc | |
| 650 | 7 | |a Network security. |2 bicssc | |
| 650 | 7 | |a Computer security. |2 bicssc | |
| 650 | 7 | |a Computers |x Networking |x Security. |2 bisacsh | |
| 650 | 7 | |a Computers |x Operating Systems |x General. |2 bisacsh | |
| 650 | 7 | |a Computers |x Security |x General. |2 bisacsh | |
| 650 | 7 | |a Computer crimes |2 fast | |
| 650 | 7 | |a Computer networks |x Security measures |2 fast | |
| 650 | 7 | |a Computer security |2 fast | |
| 700 | 1 | |a Ozkaya, Erdal. | |
| 758 | |i has work: |a Cybersecurity, attack and defense strategies (Text) |1 https://id.oclc.org/worldcat/entity/E39PCGXp3kWHjj4YYrV7f7YJKq |4 https://id.oclc.org/worldcat/ontology/hasWork | ||
| 776 | 0 | 8 | |i Print version: |a Diogenes, Yuri. |t Cybersecurity - Attack and Defense Strategies : Infrastructure security with Red Team and Blue Team tactics. |d Birmingham : Packt Publishing, ©2018 |
| 856 | 4 | 0 | |u https://ebookcentral.uam.elogim.com/lib/uam-ebooks/detail.action?docID=5259454 |z Texto completo |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH33868314 | ||
| 938 | |a EBL - Ebook Library |b EBLB |n EBL5259454 | ||
| 938 | |a YBP Library Services |b YANK |n 15146414 | ||
| 994 | |a 92 |b IZTAP | ||