Cargando…
Applied incident response /
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.''Applied Incident Response'details effective ways to respond to advanced attacks against local and remote...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Indianapolis :
Wiley,
2020.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 a 4500 | ||
|---|---|---|---|
| 001 | OR_on1136964952 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr un|---aucuu | ||
| 008 | 200118s2020 inu o 001 0 eng d | ||
| 040 | |a EBLCP |b eng |e pn |c EBLCP |d DG1 |d RECBK |d YDX |d UKMGB |d N$T |d OCLCF |d UKAHL |d OCLCQ |d DG1 |d OCLCQ |d OCLCO |d IEEEE |d K6U |d OCLCQ |d OCLCO | ||
| 015 | |a GBB9I6131 |2 bnb | ||
| 016 | 7 | |a 019610822 |2 Uk | |
| 019 | |a 1136968985 | ||
| 020 | |a 1119560284 | ||
| 020 | |a 9781119560302 |q (electronic bk. ; |q oBook) | ||
| 020 | |a 1119560306 |q (electronic bk. ; |q oBook) | ||
| 020 | |a 9781119560319 |q (ePub ebook) | ||
| 020 | |a 1119560314 | ||
| 020 | |a 9781119560289 |q (electronic bk.) | ||
| 020 | |z 9781119560265 |q (print) | ||
| 020 | |z 1119560268 | ||
| 024 | 7 | |a 10.1002/9781119560302 |2 doi | |
| 029 | 1 | |a AU@ |b 000066480886 | |
| 029 | 1 | |a AU@ |b 000066724003 | |
| 029 | 1 | |a CHNEW |b 001077463 | |
| 029 | 1 | |a CHVBK |b 582680123 | |
| 029 | 1 | |a UKMGB |b 019610822 | |
| 035 | |a (OCoLC)1136964952 |z (OCoLC)1136968985 | ||
| 037 | |a 9781119560319 |b Wiley | ||
| 037 | |a 9820823 |b IEEE | ||
| 050 | 4 | |a QA76.9.A25 | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Anson, Steve. | |
| 245 | 1 | 0 | |a Applied incident response / |c Steven Anson. |
| 260 | |a Indianapolis : |b Wiley, |c 2020. | ||
| 300 | |a 1 online resource (464 pages) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 505 | 0 | |a Prepare. The Threat Landscape -- Incident Readiness -- Respond. Remote Triage -- Remote Triage Tools -- Acquiring Memory -- Disk Imaging -- Network Security Monitoring -- Event Log Analysis -- Memory Analysis -- Malware Analysis -- Disk Forensics -- Lateral Movement Analysis -- Refine. Continuous Improvement -- Proactive Activities. | |
| 500 | |a Includes index. | ||
| 588 | 0 | |a Print version record. | |
| 520 | |a Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.''Applied Incident Response'details effective ways to respond to advanced attacks against local and remote network resources, 'providing proven response techniques and a framework through which to apply them.' As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: -Preparing your environment for effective incident response -Leveraging MITRE ATT & CK and threat intelligence for active network defense -Local and remote triage of systems using PowerShell, WMIC, and open-source tools -Acquiring RAM and disk images locally and remotely -Analyzing RAM with Volatility and Rekall -Deep-dive forensic analysis of system drives using open-source or commercial tools -Leveraging Security Onion and Elastic Stack for network security monitoring -Techniques for log analysis and aggregating high-value logs -Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox -Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more -Effective threat hunting techniques -Adversary emulation with Atomic Red Team -Improving preventive and detective controls. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 2 | |a Computer Security | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 7 | |a COMPUTERS |x Security |x Networking. |2 bisacsh | |
| 650 | 7 | |a Computer networks |x Security measures |2 fast | |
| 650 | 7 | |a Computer security |2 fast | |
| 776 | 0 | 8 | |i Print version: |a Anson, Steve. |t Applied Incident Response. |d Newark : John Wiley & Sons, Incorporated, ©2020 |z 9781119560265 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781119560265/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH36899991 | ||
| 938 | |a Askews and Holts Library Services |b ASKH |n BDZ0042621356 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6017672 | ||
| 938 | |a EBSCOhost |b EBSC |n 2354902 | ||
| 938 | |a Recorded Books, LLC |b RECE |n rbeEB00803475 | ||
| 938 | |a YBP Library Services |b YANK |n 301056172 | ||
| 938 | |a YBP Library Services |b YANK |n 16322785 | ||
| 994 | |a 92 |b IZTAP | ||