Mastering Defensive Security : Effective Techniques to Secure Your Windows, Linux, IoT, and Cloud Infrastructure.
An immersive learning experience enhanced with technical, hands-on labs to understand the concepts, methods, tools, platforms, and systems required to master the art of cybersecurity Key Features Get hold of the best defensive security strategies and tools Develop a defensive security strategy at an...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Otros Autores: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham :
Packt Publishing, Limited,
2022.
|
Temas: | |
Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover
- Title page
- Copyright and Credits
- Dedication
- Foreword
- Contributors
- Table of Contents
- Preface
- Section 1: Mastering Defensive Security Concepts
- Chapter 1: A Refresher on Defensive Security Concepts
- Technical requirements
- Deep dive into the core of cybersecurity
- The cybersecurity triad
- Types of attacks
- Managing cybersecurity's legendary pain point: Passwords
- Password breaches
- Social engineering attacks using compromised passwords
- Brute-force attacks
- Dictionary attacks
- Creating a secure password
- Managing passwords at the enterprise level
- Bonus track
- Mastering defense in depth
- Factors to consider when creating DiD models
- Asset identification
- Defense by layers
- Bonus track
- Comparing the blue and red teams
- Summary
- Further reading
- Chapter 2: Managing Threats, Vulnerabilities, and Risks
- Technical requirements
- Understanding cybersecurity vulnerabilities and threats
- Performing a vulnerability assessment
- The vulnerability assessment process
- When should you check for vulnerabilities?
- Types of vulnerabilities
- USB HID vulnerabilities
- Types of USB HID attacks
- A false sense of security
- Protecting against USB HID attacks
- Managing cybersecurity risks
- Risk identification
- Risk assessment
- Risk response
- Risk monitoring
- The NIST Cybersecurity Framework
- Identify
- Protect
- Detect
- Respond
- Recover
- Creating an effective Business Continuity Plan (BCP)
- Creating a Business Impact Analysis (BIA)
- Business Continuity Planning (BCP)
- Implementing a best-in-class DRP
- Creating a DRP
- Implementing the DRP
- Summary
- Further reading
- Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits
- Creating world-class cybersecurity policies and procedures
- Cybersecurity policies
- Cybersecurity procedures
- The CUDSE method
- Understanding and achieving compliance
- Types of regulations
- Achieving compliance
- Exploring, creating, and managing audits
- Internal cybersecurity audits
- External cybersecurity audits
- Data management during audits
- Types of cybersecurity audit
- What triggers an audit?
- Applying a CMM
- The goals of a CMM
- Characteristics of a good CMM
- The structure of a good CMM
- Analyzing the results
- Advantages of a CMM
- Summary
- Further reading
- Chapter 4: Patching Layer 8
- Understanding layer 8
- the insider threat
- The inadvertent user
- The malicious insider
- How do you spot a malicious insider?
- Protecting your infrastructure against malicious insiders
- Mastering the art of social engineering
- The social engineering cycle
- Social engineering techniques
- Types of social engineering attacks
- Defending against social engineering attacks (patching layer 8)
- Creating your training strategy
- Admin rights
- Implementing a strong BYOD policy