Practical Network Scanning : Capture network vulnerabilities using standard tools such as Nmap and Nessus.

Network administrators use network scanning tools to build a network inventory and to perform security audits by examining active hosts on a network with the help of IP address ranges. The same principles can also be used in cyber attacks to find weaknesses in a system. This book will help you not o...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Cox, Jacob
Otros Autores: Singh., Ajay
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt Publishing, 2018.
Temas:
Computer networks > Monitoring > Computer programs.
Computer networks > Security measures > Computer programs.
Réseaux d'ordinateurs > Surveillance > Logiciels.
Réseaux d'ordinateurs > Sécurité > Mesures > Logiciels.
Computer networks > Security measures > Computer programs
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover; Title Page; Copyright and Credits; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Fundamental Security Concepts; Why security?; Building blocks of information security; Computer security; Network security; Firewalls; Intrusion detection systems / intrusion prevention systems; Multitier topology; Internet security; Password; System upgrade and updates; Phishing; Beware of phishing phone calls; Phishing protection; Security issues, threats, and attacks; IoT security risk; Computer security risk; Security Risk-Border Gateway Protocol; Security and threats.
  • Natural disastersHuman threats; Security vulnerabilities; Technology weaknesses; Configuration weaknesses ; Security policy weaknesses; Using unencrypted or weak encryption for a website; Summary; Questions; Further reading; Chapter 2: Secure Network Design; Access control ; Asset classification and physical security; Authentication, authorization, and accounting; Network management and security design; Network segmentation; Segmentation strategy steps; Network protection consideration and design; Hardening your TCP/IP stack; DoS and DDoS attacks ; Volume-based attacks.
  • Application layer attacksLow-rate attacks; IP spoofing; Anti-spoofing using access lists; Encryption; Anti-spoofing using RPF checks; Ping sweeps and Port scans; Mitigation; DNS vulnerabilities ; How does DNS work?; DNS protocol attacks; Mitigation; Two factor authentication; Summary ; Questions; Further reading; Chapter 3: Server-Level Security; Classification of data; Physical security ; Disk encryption; Full-disk encryption; Bitlocker; Virtual Trusted Platform Module
  • vTPM ; Encrypt your Hyper-V Guest VMs ; Cloud VM disk encryption; What is encryption at rest?; Hardening server security.
  • Check for open ports or servicesSystem firewall configuration; System update; Disable USB; Hard disk encryption; BIOS protection; Check the installed packages; Password policies; Secure and encrypt remote access; Implement activity logging; Document the host information; Authentication NTLM versus Kerberos; Password policies; Server-level permissions; Server antivirus and malware protection; Local security policies; Summary; Questions; Further reading; Chapter 4: Cloud Security Design; Cloud offerings; IaaS; PaaS; SaaS; Public versus private; Public IaaS versus private IaaS.
  • Public PaaS versus private PaaSPublic SaaS versus private SaaS; Shared technology and shared danger; Security approach for cloud computing; Traditional enterprise network model; Hybrid data center and cloud network; Network security devices for IaaS; Firewall Virtual Appliance; Virtual TAP vTAP; Virtual Router; Virtual web application firewalls; DDoS attack protection; Data loss prevention; Exploited system vulnerabilities; Summary ; Questions; Further reading; Chapter 5: Application Security Design; GDPR; Getting consent; Access to data; Encryption; SQL Injection.

Ejemplares similares