Mastering defensive security effective techniques to secure your Windows, Linux, IoT, and cloud infrastructure
An immersive learning experience enhanced with technical, hands-on labs to understand the concepts, methods, tools, platforms, and systems required to master the art of cybersecurity Key Features Get hold of the best defensive security strategies and tools Develop a defensive security strategy at an...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, England ; Mumbai :
Packt Publishing
[2021]
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009645693406719 |
Tabla de Contenidos:
- Cover
- Title page
- Copyright and Credits
- Dedication
- Foreword
- Contributors
- Table of Contents
- Preface
- Section 1: Mastering Defensive Security Concepts
- Chapter 1: A Refresher on Defensive Security Concepts
- Technical requirements
- Deep dive into the core of cybersecurity
- The cybersecurity triad
- Types of attacks
- Managing cybersecurity's legendary pain point: Passwords
- Password breaches
- Social engineering attacks using compromised passwords
- Brute-force attacks
- Dictionary attacks
- Creating a secure password
- Managing passwords at the enterprise level
- Bonus track
- Mastering defense in depth
- Factors to consider when creating DiD models
- Asset identification
- Defense by layers
- Bonus track
- Comparing the blue and red teams
- Summary
- Further reading
- Chapter 2: Managing Threats, Vulnerabilities, and Risks
- Technical requirements
- Understanding cybersecurity vulnerabilities and threats
- Performing a vulnerability assessment
- The vulnerability assessment process
- When should you check for vulnerabilities?
- Types of vulnerabilities
- USB HID vulnerabilities
- Types of USB HID attacks
- A false sense of security
- Protecting against USB HID attacks
- Managing cybersecurity risks
- Risk identification
- Risk assessment
- Risk response
- Risk monitoring
- The NIST Cybersecurity Framework
- Identify
- Protect
- Detect
- Respond
- Recover
- Creating an effective Business Continuity Plan (BCP)
- Creating a Business Impact Analysis (BIA)
- Business Continuity Planning (BCP)
- Implementing a best-in-class DRP
- Creating a DRP
- Implementing the DRP
- Summary
- Further reading
- Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits
- Creating world-class cybersecurity policies and procedures
- Cybersecurity policies.
- Cybersecurity procedures
- The CUDSE method
- Understanding and achieving compliance
- Types of regulations
- Achieving compliance
- Exploring, creating, and managing audits
- Internal cybersecurity audits
- External cybersecurity audits
- Data management during audits
- Types of cybersecurity audit
- What triggers an audit?
- Applying a CMM
- The goals of a CMM
- Characteristics of a good CMM
- The structure of a good CMM
- Analyzing the results
- Advantages of a CMM
- Summary
- Further reading
- Chapter 4: Patching Layer 8
- Understanding layer 8 - the insider threat
- The inadvertent user
- The malicious insider
- How do you spot a malicious insider?
- Protecting your infrastructure against malicious insiders
- Mastering the art of social engineering
- The social engineering cycle
- Social engineering techniques
- Types of social engineering attacks
- Defending against social engineering attacks (patching layer 8)
- Creating your training strategy
- Admin rights
- Implementing a strong BYOD policy
- Performing random social engineering campaigns
- Summary
- Further reading
- Chapter 5: Cybersecurity Technologies and Tools
- Technical requirements
- Advanced wireless tools for cybersecurity
- Defending from wireless attacks
- Pentesting tools and methods
- Metasploit framework
- Social engineering toolkit
- exe2hex
- Applying forensics tools and methods
- Dealing with evidence
- Forensic tools
- Recovering deleted files
- Dealing with APTs
- Defensive techniques
- Leveraging security threat intelligence
- Threat intelligence 101
- Implementing threat intelligence
- Converting a threat into a solution
- The problem
- The solution
- Summary
- Further reading
- Section 2: Applying Defensive Security
- Chapter 6: Securing Windows Infrastructures
- Technical requirements.
- Applying Windows hardening
- Hardening by the infrastructure team
- Creating a hardening checklist
- Creating a patching strategy
- The complexity of patching
- Distribution of tasks (patching roles and assignments)
- Distribution and deployment of patches
- Types of patches
- Applying security to AD
- Secure administrative hosts
- Windows Server Security documentation
- Mastering endpoint security
- Windows updates
- Why move to Windows 10?
- Physical security
- Antivirus solutions
- Windows Defender Firewall
- Application control
- URL filtering
- Spam filtering
- Client-facing systems
- Backups
- Users
- Securing the data
- Leveraging encryption
- Configuring BitLocker
- Summary
- Chapter 7: Hardening a Unix Server
- Technical requirements
- Securing Unix services
- Defining the purpose of the server
- Secure startup configuration
- Managing services
- Applying secure file permissions
- Understanding ownership and permissions
- Default permissions
- Permissions in directories (folders)
- Changing default permissions with umask
- Permissions hierarchy
- Comparing directory permissions
- Changing permissions and ownership of a single file
- Useful commands to search for unwanted permissions
- Enhancing the protection of the server by improving your access controls
- Viewing ACLs
- Managing ACLs
- Default ACL on directories
- Removing ACLs
- Enhanced access controls
- Configuring host-based firewalls
- Understanding iptables
- Configuring iptables
- SSH brute-force protection with iptables
- Protecting from port scanning with iptables
- Advanced management of logs
- Leveraging the logs
- Summary
- Further reading
- Chapter 8: Enhancing Your Network Defensive Skills
- Technical requirements
- Using the master tool of network mapping - Nmap
- Phases of a cyber attack
- Nmap
- Nmap scripts.
- Improving the protection of wireless networks
- Wireless network vulnerabilities
- User's safety guide for wireless networks
- Introducing Wireshark
- Finding users using insecure protocols
- FTP, HTTP, and other unencrypted traffic
- Wireshark for defensive security
- Working with IPS/IDS
- What is an IDS?
- What is an IPS?
- Free IDS/IPS
- IPS versus IDS
- Summary
- Chapter 9: Deep Diving into Physical Security
- Technical requirements
- Understanding physical security and associated threats
- The powerful LAN Turtle
- The stealthy Plunder Bug LAN Tap
- The dangerous Packet Squirrel
- The portable Shark Jack
- The amazing Screen Crab
- The advanced Key Croc
- USB threats
- Equipment theft
- Environmental risks
- Physical security mechanisms
- Mastering physical security
- Clean desk policy
- Physical security audits
- Summary
- Further reading
- Chapter 10: Applying IoT Security
- Understanding the Internet of Things
- The risks
- The vulnerabilities
- Understanding IoT networking technologies
- LoRaWAN
- Zigbee
- Sigfox
- Bluetooth
- Security considerations
- Improving IoT security
- Creating cybersecurity hardware using IoT-enabled devices
- Raspberry Pi firewall and intrusion detection system
- Defensive security systems for industrial control systems (SCADA)
- Secure USB-to-USB copy machine
- Creating a 10 honeypot
- Advanced monitoring of web apps and networks
- Creating an internet ad blocker
- Access control and physical security systems
- Bonus track - Understanding the danger of unauthorized IoT devices
- Detecting unauthorized IoT devices
- Detecting a Raspberry Pi
- Disabling rogue Raspberry Pi devices
- Summary
- Further reading
- Chapter 11: Secure Development and Deployment on the Cloud
- Technical requirements
- Secure deployment and implementation of cloud applications.
- Security by cloud models
- Data security in the cloud
- Securing Kubernetes and APIs
- Cloud-native security
- Controlling access to the Kubernetes API
- Controlling access to kubelet
- Preventing containers from loading unwanted kernel modules
- Restricting access to etcd
- Avoiding the use of alpha or beta features in production
- Third-party integrations
- Hardening database services
- Testing your cloud security
- Azure Security Center
- Amazon CloudWatch
- AppDynamics
- Nessus vulnerability scanner
- InsightVM
- Intruder
- Summary
- Further reading
- Chapter 12: Mastering Web App Security
- Technical requirements
- Gathering intelligence about your site/web application
- Importance of public data gathering
- Open Source Intelligence
- Hosting information
- Checking data exposure with Google hacking (dorks)
- Leveraging DVWA
- Installing DVWA on Kali Linux
- Overviewing the most common attacks on web applications
- Exploring XSS attacks
- Using Burp Suite
- Burp Suite versions
- Setting up Burp Suite on Kali
- SQL injection attack on DVWA
- Fixing a common error
- Brute forcing web applications' passwords
- Analyzing the results
- Summary
- Further reading
- Section 3: Deep Dive into Defensive Security
- Chapter 13: Vulnerability Assessment Tools
- Technical requirements
- Dealing with vulnerabilities
- Who should be looking for vulnerabilities?
- Bug bounty programs
- Internal vulnerabilities
- Vulnerability testing tools
- Using a vulnerability assessment scanner (OpenVAS)
- Authenticated tests
- Installing OpenVAS
- Using OpenVAS
- Updating your feeds
- Overview of Nexpose Community
- Summary
- Further reading
- Chapter 14: Malware Analysis
- Technical requirements
- Why should I analyze malware?
- Malware functionality
- Malware objectives
- Malware connections.
- Malware backdoors.
