|
|
|
|
| LEADER |
00000cam a2200000 i 4500 |
| 001 |
OR_on1003042356 |
| 003 |
OCoLC |
| 005 |
20231017213018.0 |
| 006 |
m o d |
| 007 |
cr unu|||||||| |
| 008 |
170906t20172017caua o 001 0 eng d |
| 040 |
|
|
|a UMI
|b eng
|e rda
|e pn
|c UMI
|d N$T
|d EBLCP
|d TOH
|d STF
|d MERER
|d OCLCF
|d YDX
|d OCLCQ
|d VT2
|d U3W
|d UOK
|d CEF
|d KSU
|d OCLCQ
|d WYU
|d OCLCQ
|d C6I
|d UAB
|d UKAHL
|d OCLCQ
|d GZM
|d OCLCQ
|d OCLCO
|d OCLCQ
|
| 019 |
|
|
|a 1001809133
|a 1001933758
|
| 020 |
|
|
|a 9781491935200
|q (electronic bk.)
|
| 020 |
|
|
|a 1491935200
|q (electronic bk.)
|
| 020 |
|
|
|z 9781491934944
|
| 020 |
|
|
|z 1491934948
|
| 029 |
1 |
|
|a AU@
|b 000070667960
|
| 029 |
1 |
|
|a GBVCP
|b 1004860390
|
| 035 |
|
|
|a (OCoLC)1003042356
|z (OCoLC)1001809133
|z (OCoLC)1001933758
|
| 037 |
|
|
|a CL0500000889
|b Safari Books Online
|
| 050 |
|
4 |
|a HV8079.C65
|
| 072 |
|
7 |
|a SOC
|x 004000
|2 bisacsh
|
| 082 |
0 |
4 |
|a 364.16/8
|2 23
|
| 049 |
|
|
|a UAMI
|
| 100 |
1 |
|
|a Roberts, Scott J.,
|e author.
|
| 245 |
1 |
0 |
|a Intelligence-driven incident response :
|b outwitting the adversary /
|c Scott J. Roberts and Rebekah Brown.
|
| 250 |
|
|
|a First edition.
|
| 264 |
|
1 |
|a Sebastopol, CA :
|b O'Reilly Media,
|c [2017]
|
| 264 |
|
4 |
|c ©2017
|
| 300 |
|
|
|a 1 online resource (282 pages) :
|b illustrations
|
| 336 |
|
|
|a text
|b txt
|2 rdacontent
|
| 337 |
|
|
|a computer
|b c
|2 rdamedia
|
| 338 |
|
|
|a online resource
|b cr
|2 rdacarrier
|
| 588 |
0 |
|
|a Online resource; title from title page (Safari, viewed August 30, 2017).
|
| 500 |
|
|
|a Includes index.
|
| 505 |
0 |
|
|a Copyright; Table of Contents; Foreword; Preface; Why We Wrote This Book; Who This Book Is For; How This Book Is Organized; Conventions Used in This Book; O'Reilly Safari; How to Contact Us; Acknowledgments; Part I. The Fundamentals; Chapter 1. Introduction; Intelligence as Part of Incident Response; History of Cyber Threat Intelligence; Modern Cyber Threat Intelligence; The Way Forward; Incident Response as a Part of Intelligence; What Is Intelligence-Driven Incident Response?; Why Intelligence-Driven Incident Response?; Operation SMN; Operation Aurora; Conclusion.
|
| 505 |
8 |
|
|a Chapter 2. Basics of IntelligenceData Versus Intelligence; Sources and Methods; Process Models; OODA; Intelligence Cycle; Using the Intelligence Cycle; Qualities of Good Intelligence; Levels of Intelligence; Tactical Intelligence; Operational Intelligence; Strategic Intelligence; Confidence Levels; Conclusion; Chapter 3. Basics of Incident Response; Incident-Response Cycle; Preparation; Identification; Containment; Eradication; Recovery; Lessons Learned; Kill Chain; Targeting; Reconnaissance; Weaponization; Delivery; Exploitation; Installation; Command and Control; Actions on Objective.
|
| 505 |
8 |
|
|a Example Kill ChainDiamond Model; Basic Model; Extending the Model; Active Defense; Deny; Disrupt; Degrade; Deceive; Destroy; F3EAD; Find; Fix; Finish; Exploit; Analyze; Disseminate; Using F3EAD; Picking the Right Model; Scenario: GLASS WIZARD; Conclusion; Part II. Practical Application; Chapter 4. Find; Actor-Centric Targeting; Starting with Known Information; Useful Find Information; Asset-Centric Targeting; Using Asset-Centric Targeting; News-Centric Targeting; Targeting Based on Third-Party Notification; Prioritizing Targeting; Immediate Needs; Past Incidents; Criticality.
|
| 505 |
8 |
|
|a Organizing Targeting ActivitiesHard Leads; Soft Leads; Grouping Related Leads; Lead Storage; The Request for Information Process; Conclusion; Chapter 5. Fix; Intrusion Detection; Network Alerting; System Alerting; Fixing GLASS WIZARD; Intrusion Investigation; Network Analysis; Live Response; Memory Analysis; Disk Analysis; Malware Analysis; Scoping; Hunting; Developing Leads; Testing Leads; Conclusion; Chapter 6. Finish; Finishing Is Not Hacking Back; Stages of Finish; Mitigate; Remediate; Rearchitect; Taking Action; Deny; Disrupt; Degrade; Deceive; Destroy; Organizing Incident Data.
|
| 505 |
8 |
|
|a Tools for Tracking ActionsPurpose-Built Tools; Assessing the Damage; Monitoring Life Cycle; Conclusion; Chapter 7. Exploit; What to Exploit?; Gathering Information; Storing Threat Information; Data Standards and Formats for Indicators; Data Standards and Formats for Strategic Information; Managing Information; Threat-Intelligence Platforms; Conclusion; Chapter 8. Analyze; The Fundamentals of Analysis; What to Analyze?; Conducting the Analysis; Enriching Your Data; Developing Your Hypothesis; Evaluating Key Assumptions; Judgment and Conclusions; Analytic Processes and Methods.
|
| 590 |
|
|
|a O'Reilly
|b O'Reilly Online Learning: Academic/Public Library Edition
|
| 650 |
|
0 |
|a Computer crimes
|x Investigation.
|
| 650 |
|
6 |
|a Criminalité informatique
|x Enquêtes.
|
| 650 |
|
7 |
|a SOCIAL SCIENCE
|x Criminology.
|2 bisacsh
|
| 650 |
|
7 |
|a Computer crimes
|x Investigation.
|2 fast
|0 (OCoLC)fst00872065
|
| 700 |
1 |
|
|a Brown, Rebekah,
|e author.
|
| 776 |
0 |
8 |
|i Print version:
|a Roberts, Scott J.
|t Intelligence-driven incident response.
|b First edition.
|d ©2017
|z 1491934948
|z 9781491934944
|w (OCoLC)935986592
|
| 856 |
4 |
0 |
|u https://learning.oreilly.com/library/view/~/9781491935187/?ar
|z Texto completo (Requiere registro previo con correo institucional)
|
| 938 |
|
|
|a Askews and Holts Library Services
|b ASKH
|n AH33215915
|
| 938 |
|
|
|a Askews and Holts Library Services
|b ASKH
|n AH33155085
|
| 938 |
|
|
|a EBSCOhost
|b EBSC
|n 1578731
|
| 938 |
|
|
|a YBP Library Services
|b YANK
|n 14758841
|
| 994 |
|
|
|a 92
|b IZTAP
|
