Tabla de Contenidos: “…Volume Storage: File-Based Storage and Block Storage -- Object-Based Storage -- Databases -- Threats to Cloud Storage -- Designing and Applying Security Strategies for Storage -- Encryption -- Certificate Management -- Hashing -- Masking, Obfuscation, Anonymization, and Tokenization -- Data Loss Prevention -- Log Capture and Analysis -- Summary -- Exam Essentials -- Review Questions -- Chapter 4 Security in the Cloud -- Shared Cloud Platform Risks and Responsibilities -- Cloud Customers, Providers, and Similar Terms -- Cloud Computing Risks by Deployment Model -- Private Cloud -- Community Cloud -- Public Cloud -- Hybrid Cloud -- Cloud Computing Risks by Service Model -- Infrastructure as a Service (IaaS) -- Platform as a Service (PaaS) -- Software as a Service (SaaS) -- Virtualization -- Threats -- Risk Mitigation Strategies -- Disaster Recovery (DR) and Business Continuity (BC) -- Cloud-Specific BIA Concerns -- Customer/Provider Shared BC/DR Responsibilities -- Cloud Design Patterns -- Summary -- Exam Essentials -- Review Questions -- Chapter 5 Cloud Platform, Infrastructure, and Operational Security -- Foundations of Managed Services -- Cloud Provider Responsibilities -- Shared Responsibilities by Service Type -- IaaS -- PaaS -- SaaS -- Securing Communications and Infrastructure -- Firewalls -- Intrusion Detection/Intrusion Prevention Systems -- Honeypots -- Vulnerability Assessment Tools -- Bastion Hosts -- Identity Assurance in Cloud and Virtual Environments -- Securing Hardware and Compute -- Securing Software -- Third-Party Software Management -- Validating Open-Source Software -- OS Hardening, Monitoring, and Remediation -- Managing Virtual Systems -- Assessing Vulnerabilities -- Securing the Management Plane -- Auditing Your Environment and Provider -- Adapting Processes for the Cloud -- Planning for Cloud Audits -- Summary…”

Tabla de Contenidos: “…8.5 Concluding Remarks -- Appendix A (Proofs) -- Appendix B (Tables) -- Acknowledgement -- References -- 9 Mathematical Modeling of Regulation of Sulfur Metabolic Pathways -- 9.1 Introduction -- 9.2 Review of Literature -- 9.3 Materials and Methods -- 9.3.1 Materials -- 9.3.2 Methods -- 9.4 Results -- 9.4.1 KEGG Reported S-biochemical Pathways -- 9.4.2 Construction of S-biochemical Network -- 9.4.3 Model Formulation -- 9.4.4 Steady State Behavior of S-biochemical System -- 9.4.5 Parameter Dependency of the S-biochemical System -- 9.4.6 Initial Condition Dependency of the S-biochemical System -- 9.4.7 Flipping Dynamics of Sulfate and Sulfide -- 9.4.8 Elementary Flux Modes -- 9.5 Conclusion -- References -- 10 Some Results on Quasi-convergence in Gradual Normed linear Spaces -- 10.1 Introduction: Background and Driving Forces -- 10.2 Preliminaries -- 10.3 Main Results -- 10.4 Conclusion -- References -- 11 On Einstein Gyrogroup -- 11.1 Introduction -- 11.2 Preliminaries -- 11.2.1 Gyrogroup and its Main Properties -- 11.2.2 Einstein's Addition of Relativistically Admissible Velocities -- 11.3 Gyrations: Repairing the Breakdown of Classical Laws -- References -- 12 On the Norms of Toeplitz and Hankel Matrices with Balancing and Lucas-balancing Numbers -- 12.1 Introduction -- 12.1.1 Norms and Bounds for Spectral Norm -- 12.2 Main Results -- 12.2.1 Bounds on Norms for Toeplitz Matrices -- 12.2.2 Norms on Hankel Matrices -- 12.3 Numerical Experiments -- 12.4 Concluding Remarks -- Acknowledgment -- References -- 13 Grey Wolf Optimizer for the Design Optimization of a DC-DC Buck Converter -- 13.1 Introduction -- 13.2 Algorithms for Optimization -- 13.2.1 Grey Wolf Optimizer -- 13.2.2 Moth Flame Optimization -- 13.2.3 Particle Swarm Optimization -- 13.2.4 Simulated Annealing -- 13.2.5 Firefly Algorithm…”

Tabla de Contenidos: “…Cover -- Title Page -- Copyright -- Dedication -- Foreword -- Contributors -- Table of Contents -- Preface -- Part 1: Learning about the Amazon Cloud -- Chapter 1: Amazon EC2 and Compute Services -- The history of computing -- The computer -- The data center -- The virtual machine -- The idea of cloud computing -- The computer evolution path -- Amazon Global Cloud infrastructure -- Building our first EC2 instances in the Amazon cloud -- Launching EC2 instances in the AWS cloud console -- Launching EC2 instances using CloudShell -- Logging in to the EC2 instances -- ELB and ASG -- AWS compute - from EC2 to containers to serverless -- Summary -- Practice questions -- Answers to the practice questions -- Further reading -- Chapter 2: Amazon Cloud Storage Services -- Understanding EBS -- Understanding EFS -- Understanding S3 -- Understanding Snowball and Snowmobile -- Accessing S3 from EC2 instances -- Summary -- Practice questions -- Answers to the practice questions -- Further reading -- Chapter 3: Amazon Networking Services -- Reviewing computer network basics -- IP address -- CIDR -- The internet -- Understanding Amazon Virtual Private Cloud -- Part one - creating a VPC with subnets -- Part two - Provisioning more cloud resources and connecting them together -- Part three - hardening AWS network security -- VPC firewalls -- VPC endpoints -- Understanding Amazon Direct Connect -- Understanding Amazon DNS - Route 53 -- Understanding the Amazon CDN -- Summary -- Practice questions -- Answers to the practice questions -- Further reading -- Chapter 4: Amazon Database Services -- Database basics -- Relational databases -- NoSQL databases -- In-memory cache databases -- Data warehouses -- Amazon RDS -- Amazon cloud NoSQL databases -- Amazon ElastiCache -- Amazon cloud data warehouse service -- Summary -- Practice questions…”

Tabla de Contenidos: “…Chapter 10: Using Evasion Techniques -- Technical requirements -- Obfuscation techniques in APIs -- Control flow obfuscation -- Code splitting -- Dead code injection -- Resource bloat -- Injection techniques for evasion -- Parameter pollution -- Null byte injection -- Using encoding and encryption to evade detection -- Encoding -- Encryption -- Defensive considerations -- Steganography in APIs -- Advanced use cases and tools -- Defensive considerations -- Polymorphism in APIs -- Characteristics of polymorphism -- Tools -- Defensive considerations -- Detection and prevention of evasion techniques in APIs -- Comprehensive logging and monitoring -- Behavioral analysis -- Signature-based detection -- Dynamic signature generation -- Machine learning and artificial intelligence -- Human-centric practices for enhanced security -- Summary -- Further reading -- Part 4: API Security for Technical Management Professionals -- Chapter 11: Best Practices for Secure API Design and Implementation -- Technical requirements -- Relevance of secure API design and implementation -- Designing secure APIs -- Threat modeling -- Implementing secure APIs -- Tools -- Secure API maintenance -- Tools -- Summary -- Further reading -- Chapter 12: Challenges and Considerations for API Security in Large Enterprises -- Technical requirements -- Managing security across diverse API landscapes -- Balancing security and usability -- Challenges -- Protecting legacy APIs -- Using API gateways -- Implementing web application firewalls (WAFs) -- Regular security audits -- Regularly updating and patching -- Monitoring and logging activity -- Encrypting data -- Developing secure APIs for third-party integration -- Security monitoring and IR for APIs -- Security monitoring -- IR -- Summary -- Further reading -- Chapter 13: Implementing Effective API Governance and Risk Management Initiatives…”

Tabla de Contenidos: “…Designing application solutions using Azure Functions -- Durable Functions -- Workflow-driven applications using Logic Apps -- Designing application solutions using Logic Apps -- Designing for serverless computing using Azure Container Instances -- Creating containers -- Container orchestrations -- Azure Service Fabric -- Life cycle management -- API Management -- API Gateway -- API Management portal -- Developer portal -- Cloud-native deployments versus migrating assets -- Summary -- Questions -- Further reading -- Chapter 5: Robust Networking Implementations -- Technical requirements -- Azure Virtual Network -- IP addresses -- Public IP address -- Private IP address -- Creating a public IP address -- DNS -- Creating a VNet with two subnets -- Azure Load Balancer -- Probes -- Azure Traffic Manager -- Azure Application Gateway -- External connectivity for Azure Virtual Networks -- Azure VPN -- Site-to-site VPN -- VNet-to-VNet VPN -- Point-to-site VPN -- ExpressRoute -- Network security strategies -- DMZ -- Network Security Groups -- Creating a NSG -- User Defined Routes -- Creating User Defined Routes -- Virtual network service tunneling -- Web Application Firewall -- Summary -- Questions -- Further reading -- Chapter 6: Connecting Hybrid Applications -- Azure Relay service -- Hybrid connections -- WCF Relays -- Azure Data Management Gateway for Data Factory -- Azure On-premises Data Gateway -- Azure App Service Hybrid Connections -- Azure App Service Virtual Network Integration -- Azure AD Application Proxy -- Joining VMs to domains -- Enabling Azure AD Domain Services -- Adding the VM to the managed domain -- Summary -- Questions -- Further reading -- Chapter 7: Using Storage Solutions -- Technical requirements -- Azure Storage and replication types -- Storage account types -- General-purpose v1 (GPv1) -- Blob storage -- General-purpose v2 (GPv2)…”

Tabla de Contenidos: “…Getting started with CQL -- Creating a keyspace -- Single data center example -- Multi-data center example -- Creating a table -- Simple table example -- Clustering key example -- Composite partition key example -- Table options -- Data types -- Type conversion -- The primary key -- Designing a primary key -- Selecting a good partition key -- Selecting a good clustering key -- Querying data -- The IN operator -- Writing data -- Inserting data -- Updating data -- Deleting data -- Lightweight transactions -- Executing a BATCH statement -- The expiring cell -- Altering a keyspace -- Dropping a keyspace -- Altering a table -- Truncating a table -- Dropping a table -- Truncate versus drop -- Creating an index -- Caution with implementing secondary indexes -- Dropping an index -- Creating a custom data type -- Altering a custom type -- Dropping a custom type -- User management -- Creating a user and role -- Altering a user and role -- Dropping a user and role -- Granting permissions -- Revoking permissions -- Other CQL commands -- COUNT -- DISTINCT -- LIMIT -- STATIC -- User-defined functions -- cqlsh commands -- CONSISTENCY -- COPY -- DESCRIBE -- TRACING -- Summary -- Chapter 4: Configuring a Cluster -- Evaluating instance requirements -- RAM -- CPU -- Disk -- Solid state drives -- Cloud storage offerings -- SAN and NAS -- Network -- Public cloud networks -- Firewall considerations -- Strategy for many small instances versus few large instances -- Operating system optimizations -- Disable swap -- XFS -- Limits -- limits.conf -- sysctl.conf -- Time synchronization -- Configuring the JVM -- Garbage collection -- CMS -- G1GC -- Garbage collection with Cassandra -- Installation of JVM -- JCE -- Configuring Cassandra -- cassandra.yaml -- cassandra-env.sh -- cassandra-rackdc.properties -- dc -- rack -- dc_suffix -- prefer_local -- cassandra-topology.properties…”

Tabla de Contenidos: “…Working with Datastore -- When to use Datastore -- Full indexing and perfect index -- Using Datastore -- Summary -- Chapter 8: BigQuery -- Underlying data representation of BigQuery -- BigQuery public datasets -- Legacy versus standard SQL -- Working with the BigQuery console -- Loading data into a table using BigQuery -- Deleting datasets -- Working with BigQuery using CLI -- BigQuery pricing -- Analyzing financial time series with BigQuery -- Summary -- Chapter 9: Identity and Access Management -- Resource hierarchy of GCP -- Permissions and roles -- Units of identity in GCP -- Creating a Service Account -- Working with cloud IAM - grant a role -- Working with IAM - creating a custom role -- Summary -- Chapter 10: Managing Hadoop with Dataproc -- Hadoop and Spark -- Hadoop on the cloud -- Google Cloud Dataproc -- Compute options for Dataproc -- Working with Dataproc -- Summary -- Chapter 11: Load Balancing -- Why load balancers matter now -- Taxonomy of GCP load balancers -- HTTP(S) load balancing -- Configuring HTTP(S) load balancing -- Configuring Internal Load Balancing -- Other load balancing -- Summary -- Chapter 12: Networking in GCP -- Why GCP's networking model is unique -- VPC networks and subnets -- The default VPC -- Internal and external IP addresses -- VPN and cloud router -- Working with VPCs -- Working with custom subnets -- Working with firewall rules -- Summary -- Chapter 13: Logging and Monitoring -- Logging -- Working with logs -- More Stackdriver - creating log-based metrics -- Monitoring -- Summary -- Chapter 14: Infrastructure Automation -- Managed Instance Groups -- Cloud deployment manager -- Summary -- Chapter 15: Security on the GCP -- Security features at Google and on the GCP -- Google-provided tools and options for security -- Some security best practices -- BeyondCorp - Identity-Aware Proxy -- Summary…”

Tabla de Contenidos: “…Basic post-exploitation commands -- The help menu -- The background command -- Reading from a channel -- File operation commands -- Desktop commands -- Screenshots and camera enumeration -- Advanced post-exploitation with Metasploit -- Obtaining system privileges -- Changing access, modification, and creation time with timestomp -- Additional post-exploitation modules -- Gathering wireless SSIDs with Metasploit -- Gathering Wi-Fi passwords with Metasploit -- Getting the applications list -- Gathering Skype passwords -- Gathering USB history -- Searching files with Metasploit -- Wiping logs from the target with the clearev command -- Advanced extended features of Metasploit -- Using pushm and popm commands -- Speeding up development using the reload, edit, and reload_all commands -- Making use of resource scripts -- Using AutoRunScript in Metasploit -- Using the multiscript module in AutoRunScript option -- Privilege escalation using Metasploit -- Finding passwords in clear text using mimikatz -- Sniffing traffic with Metasploit -- Host file injection with Metasploit -- Phishing Windows login passwords -- Summary and exercises -- Chapter 9: Evasion with Metasploit -- Evading Meterpreter using C wrappers and custom encoders -- Writing a custom Meterpreter encoder/decoder in C -- Evading intrusion detection systems with Metasploit -- Using random cases for fun and profit -- Using fake relatives to fool IDS systems -- Bypassing Windows firewall blocked ports -- Using the reverse Meterpreter on all ports -- Summary and exercises -- Chapter 10: Metasploit for Secret Agents -- Maintaining anonymity in Meterpreter sessions -- Maintaining access using vulnerabilities in common software -- DLL search order hijacking -- Using code caves for hiding backdoors -- Harvesting files from target systems -- Using venom for obfuscation…”

Tabla de Contenidos: “…Preparing for the Exam -- Summary -- Exam Essentials -- Review Questions -- Performance-Based Question -- Chapter 14 Windows Configuration -- Interacting with Operating Systems -- Task Manager -- Microsoft Management Console -- Additional Tools -- Control Panel -- Windows Settings -- The Windows Registry -- Disk Management -- Getting Disks Ready to Store Files and Programs -- Checking the Health of Hard Disks and Optimizing Their Performance -- Summary -- Exam Essentials -- Review Questions -- Performance-Based Question -- Chapter 15 Windows Administration -- Installing and Upgrading Windows -- Checking Hardware Compatibility -- Windows Installation Options -- The Installation Process -- The Upgrade Process -- Repair Installation -- Recovery Partition -- Side-by-Side Upgrading Windows 10/11 -- Image Deployment -- Upgrading Editions of Windows -- Security and Feature Updates -- Installation/Upgrade Boot Options -- Considerations -- Command-Line Tools -- Networking in Windows -- Networking Models -- User Authentication -- Establishing a Network Connection -- Accessing Resources -- Firewall Settings -- Client Network Configuration -- Summary -- Exam Essentials -- Review Questions -- Performance-Based Question -- Chapter 16 Working with macOS and Linux -- macOS and Linux -- Applications on macOS -- Installing Applications from the App Store -- Installing Downloadable Applications -- Managing Applications -- Creating Shortcuts -- Best Practices -- Scheduled Backups -- Scheduled Disk Maintenance -- System Updates/App Store -- Patch Management -- Driver/Firmware Updates -- Antivirus/Antimalware Updates -- Tools -- System Preferences -- Features -- Basic Linux Commands -- Understanding the Syntax of Shell Commands -- Discovering and Using Linux Commands -- Becoming root (Super User) -- Maintaining the Operating System -- Managing Processes…”

Tabla de Contenidos: “…Front Cover -- Industrial Network Security -- Industrial Network Security -- Copyright -- Contents -- Biography -- Acknowledgments -- 1 - Introduction -- Book overview and key learning points -- Book audience -- Diagrams and figures -- The smart grid -- OT, IoT, IIoT, and xIoT -- How this book is organized -- Chapter 2: About Industrial Networks -- Chapter 3: Industrial Cyber Security, History, and Trends -- Chapter 4: Introduction to ICS Systems and Operations -- Chapter 5: ICS Network Design and Architecture -- Chapter 6: Industrial Network Protocols -- Chapter 7: Hacking Industrial Systems -- Chapter 8: Risk and Vulnerability Assessments -- Chapter 9: Establishing Zones and Conduits -- Chapter 10: OT Attack and Defense Lifecycles -- Chapter 11: Implementing Security and Access Controls -- Chapter 12: Exception, Anomaly, and Threat Detection -- Chapter 13: Security Monitoring of Industrial Control Systems -- Chapter 14: Standards and Regulations -- Chapter 15: Common Pitfalls and Mistakes -- Changes made to the third edition -- Conclusion -- 2 - About Industrial Networks -- The use of terminology within this book -- Attacks, breaches and incidents -- malware, exploits, and APTs -- Assets, critical assets, cyberassets, and critical cyberassets -- Security controls and security countermeasures -- Firewalls and intrusion prevention systems -- Industrial control system -- Building control systems -- DCS or SCADA? …”

Tabla de Contenidos: “…Web Application Proxies -- Burp Proxy -- Customizing client interception -- Modifying requests on the fly -- Burp Proxy with HTTPS websites -- Zed Attack Proxy -- ProxyStrike -- Web Crawlers and Directory Bruteforce -- DIRB -- DirBuster -- Uniscan -- Web Vulnerability Scanners -- Nikto -- w3af -- Skipfish -- Other tools -- OpenVAS -- Database exploitation -- Web application fuzzers -- Using Tor for penetration testing -- Vulnerable applications and servers to practice on -- OWASP Broken Web Applications -- Hackazon -- Web Security Dojo -- Other resources -- Summary -- Chapter 3: Reconnaissance and Profiling the Web Server -- Reconnaissance -- Passive reconnaissance versus active reconnaissance -- Information gathering -- Domain registration details -- Whois - extracting domain information -- Identifying related hosts using DNS -- Zone transfer using dig -- DNS enumeration -- DNSEnum -- Fierce -- DNSRecon -- Brute force DNS records using Nmap -- Using search engines and public sites to gather information -- Google dorks -- Shodan -- theHarvester -- Maltego -- Recon-ng - a framework for information gathering -- Domain enumeration using Recon-ng -- Sub-level and top-level domain enumeration -- Reporting modules -- Scanning - probing the target -- Port scanning using Nmap -- Different options for port scan -- Evading firewalls and IPS using Nmap -- Identifying the operating system -- Profiling the server -- Identifying virtual hosts -- Locating virtual hosts using search engines -- Identifying load balancers -- Cookie-based load balancer -- Other ways of identifying load balancers -- Application version fingerprinting -- The Nmap version scan -- The Amap version scan -- Fingerprinting the web application framework -- The HTTP header -- The WhatWeb scanner -- Scanning web servers for vulnerabilities and misconfigurations…”

Tabla de Contenidos: “…Flushing the local DNS cache -- Using the nbtstat Command -- Using the netstat Command -- Displaying connections -- Displaying interface statistics -- Using the nslookup Command -- Looking up an IP address -- Using nslookup subcommands -- Displaying DNS records -- Locating the mail server for an email address -- Taking a ride through DNS-Land -- Using the pathping Command -- Using the ping Command -- Using the route Command -- Displaying the routing table -- Modifying the routing table -- Using the tracert Command -- Book 3 Planning a Network -- Chapter 1 Local Area Networks -- Making a Network Plan -- Being Purposeful -- Taking Stock -- What you need to know -- Programs that gather information for you -- Considering Cable -- Surmising Switches -- Planning the Network Topology -- Planning the TCP/IP Implementation -- Drawing Diagrams -- More Questions Your Network Plan Should Address -- Chapter 2 Wide Area Networks -- Connecting to the Internet -- Connecting with cable or DSL -- Connecting with T1 lines -- Connecting with fiber -- Connecting with a cellular network -- Choosing a Router -- Choosing a small office router -- Choosing an enterprise router -- Choosing a cellular router -- Securing Your Connection with a Firewall -- Providing Redundancy for Your Internet Connection -- Securing Connections to Remote Locations and Remote Users -- Connecting Remote Offices with an Ethernet Private Line -- Chapter 3 Server Architecture -- Deciding How Many Servers You Need -- Deciding Which Servers You Need -- Domain controllers -- DHCP servers -- Mail servers -- File servers -- Print servers -- Web servers -- Database servers -- Application servers -- Backup servers -- License servers -- Deployment servers -- Update servers -- Virtualization management platform -- Connecting Your Servers -- Chapter 4 Virtualization Architecture -- Understanding Virtualization…”

Tabla de Contenidos: “…Backdoors and Trojans -- Data Exfiltration and Covert Channels -- New Users -- Pivoting -- Covering Your Tracks -- Summary -- Exam Essentials -- Lab Exercises -- Activity 6.1: Exploit -- Activity 6.2: Discovery -- Activity 6.3: Pivot -- Review Questions -- Chapter 7 Exploiting Network Vulnerabilities -- Identifying Exploits -- Conducting Network Exploits -- VLAN Hopping -- DNS Cache Poisoning -- On-Path Attacks -- NAC Bypass -- DoS Attacks and Stress Testing -- Exploit Chaining -- Exploiting Windows Services -- NetBIOS Name Resolution Exploits -- SMB Exploits -- Identifying and Exploiting Common Services -- Identifying and Attacking Service Targets -- SNMP Exploits -- SMTP Exploits -- FTP Exploits -- Kerberoasting -- Samba Exploits -- Password Attacks -- Stress Testing for Availability -- Wireless Exploits -- Attack Methods -- Finding Targets -- Attacking Captive Portals -- Eavesdropping, Evil Twins, and Wireless On-Path Attacks -- Other Wireless Protocols and Systems -- RFID Cloning -- Jamming -- Repeating -- Summary -- Exam Essentials -- Lab Exercises -- Activity 7.1: Capturing Hashes -- Activity 7.2: Brute-Forcing Services -- Activity 7.3: Wireless Testing -- Review Questions -- Chapter 8 Exploiting Physical and Social Vulnerabilities -- Physical Facility Penetration Testing -- Entering Facilities -- Information Gathering -- Social Engineering -- In-Person Social Engineering -- Phishing Attacks -- Website-Based Attacks -- Using Social Engineering Tools -- Summary -- Exam Essentials -- Lab Exercises -- Activity 8.1: Designing a Physical Penetration Test -- Activity 8.2: Brute-Forcing Services -- Activity 8.3: Using BeEF -- Review Questions -- Chapter 9 Exploiting Application Vulnerabilities -- Exploiting Injection Vulnerabilities -- Input Validation -- Web Application Firewalls -- SQL Injection Attacks -- Code Injection Attacks…”

Tabla de Contenidos: “…Making Ansible Go Even Faster -- SSH Multiplexing and ControlPersist -- Manually Enabling SSH Multiplexing -- SSH Multiplexing Options in Ansible -- Pipelining -- Enabling Pipelining -- Configuring Hosts for Pipelining -- Fact Caching -- JSON File Fact-Caching Backend -- Redis Fact Caching Backend -- Memcached Fact Caching Backend -- Parallelism -- Accelerated Mode -- Fireball Mode -- Chapter 10. Custom Modules -- Example: Checking That We Can Reach a Remote Server -- Using the Script Module Instead of Writing Your Own -- can_reach as a Module -- Where to Put Custom Modules…”

Tabla de Contenidos: “…Stateful versus stateless -- Service discovery -- Routing -- Load balancing -- Defensive programming -- Redundancy -- Health checks -- Circuit breaker pattern -- Running in production -- Logging -- Tracing -- Monitoring -- Application updates -- Summary -- Further reading -- Questions -- Answers -- Chapter 10: Using Single-Host Networking -- Technical requirements -- Dissecting the container network model -- Network firewalling -- Working with the bridge network -- The host and null networks -- The host network -- The null network -- Running in an existing network namespace -- Managing container ports -- HTTP-level routing using a reverse proxy -- Containerizing the monolith -- Extracting the first microservice -- Using Traefik to reroute traffic -- Summary -- Further reading -- Questions -- Answers -- Chapter 11: Managing Containers with Docker Compose -- Technical requirements -- Demystifying declarative versus imperative orchestration of containers -- Running a multi-service app -- Building images with Docker Compose -- Running an application with Docker Compose -- Scaling a service -- Building and pushing an application -- Using Docker Compose overrides -- Summary -- Further reading -- Questions -- Answers -- Chapter 12: Shipping Logs and Monitoring Containers -- Technical requirements -- Why is logging and monitoring important? …”

Tabla de Contenidos: “…-- Default operations -- Man-in-the-middle attacks -- Part III: Real-World Wireless Security Defenses -- Chapter 6: Theory of Defense for Securing Wireless Networks -- We'll Cover -- Setting the Stage -- Context -- Reality -- The Attacker Has the Advantage -- Phases of Wireless Deployment -- New Deployments -- Existing Wireless Networks -- Dealing with Downtime -- New Wireless Network in Parallel -- Touch Every Wireless Client -- Wireless Refresh -- Secure Design Principles for Wireless Networks -- Defense In Depth -- Least Privilege -- Network Segmentation -- Wireless Assessments -- Secure the Infrastructure -- Rogue AP Detection -- Physical Security -- Change the Default Configurations -- Due Diligence -- Confidentiality Integrity Availability (CIA) -- Encryption -- Authentication -- Useless Defenses -- Faraday Cage -- MAC Filtering -- SSID Cloaking -- WEP -- WEP Cloaking -- Good Wireless Defenses -- Firewalls -- Routers -- Switches -- Intrusion Detection Systems and Intrusion Prevention Systems -- When to Use IDS vs. …”

Tabla de Contenidos: “…-- How to avoid instance impersonation attacks with instance identity documents -- Example of an instance identity document -- Steps to retrieving an instance identity document -- Instance purchasing options - On-Demand, Spot, and Reserved Instances -- Amazon Machine Images (AMIs) -- Core components of AMIs -- EBS -- Types of EBS volumes -- EBS snapshots and backups -- ENIs - fundamentals, configuration, and use cases -- Understanding ENIs, their properties, and configuration options -- Attaching, detaching, and managing ENIs -- Security and performance implications -- Use cases for multiple ENIs -- Enhanced networking - fundamentals, capabilities, and use cases -- Supported instance types and enabling enhanced networking -- ENA use cases -- EFA - fundamentals, capabilities, and use cases -- Significant features of EFA -- Security groups and key pairs -- Security groups - virtual firewalls for your instances -- Key pairs - secure authentication for your instances…”

Tabla de Contenidos: “…. -- 9.4.3 OPCIONES -- 9.4.4 CUENTAS DE USUARIO -- 9.4.5 INGRESO DE USUARIOS -- 9.4.6 REGISTRO DE USUARIOS -- 9.4.7 SEGURIDAD BASE DE DATOS -- 9.4.8 SEGURIDAD DE ARCHIVOS -- 9.4.9 BÚSQUEDA WHOIS -- 9.4.10 ADMINISTRADOR DE LISTAS NEGRAS -- 9.4.11 FIREWALL -- 9.4.12 FUERZA BRUTA -- 9.4.13 PREVENCIÓN DE SPAM -- 9.4.14 ESCÁNER -- 9.4.15 MANTENIMIENTO -- 9.4.16 MISCELÁNEA -- 9.5 QUÉ HACER EN CASO DE ATAQUE -- 9.6 PROTOCOLO DE ACTUACIÓN DE GOOGLE -- 9.6.1 CREA UN EQUIPO -- 9.6.2 PON EL SITIO EN CUARENTENA -- 9.6.3 UTILIZA SEARCH CONSOLE -- 9.6.4 EVALÚA LOS DAÑOS -- 9.6.5 IDENTIFICA LA VULNERABILIDAD -- 9.6.6 LIMPIA EL SITIO WEB -- 9.6.7 SOLICITA UNA REVISIÓN -- CAPÍTULO 10. …”

Tabla de Contenidos: “…. -- Creating a VPC -- Creating subnets -- Creating firewall rules -- Adding your ssh public key to GCP -- How it works... -- Launching VM instances -- Playing with Google Kubernetes Engine -- Getting ready -- How to do it... -- How it works... -- See also -- Exploring CloudProvider on GKE -- Getting ready -- How to do it... -- StorageClass -- Service (LoadBalancer) -- Ingress -- There's more... -- See also -- Managing Kubernetes clusters on GKE -- Getting ready -- How to do it... -- Node pool -- Multi-zone and regional clusters -- Multi-zone clusters -- Regional clusters -- Cluster upgrades -- See also -- Chapter 8: Advanced Cluster Administration -- Introduction -- Advanced settings in kubeconfig -- Getting ready -- How to do it…”

Tabla de Contenidos: “…Nmap Advanced Enumeration -- Enumerating Users -- POP3 (Port 110) and IMAP4 (Port 143) -- Brute-Forcing POP3 E-mail Accounts -- Database Protocols -- Microsoft SQL Server (Port 1433) -- Oracle Database Server (Port 1521) -- MySQL (Port 3306) -- CI/CD Protocols -- Docker (Port 2375) -- Jenkins (Port 8080/50000) -- Brute-Forcing a Web Portal Using Hydra -- Step 1: Enable a Proxy -- Step 2: Intercept the Form Request -- Step 3: Extracting Form Data and Brute-Forcing with Hydra -- Web Protocols 80/443 -- Graphical Remoting Protocols -- RDP (Port 3389) -- RDP Brute-Force -- VNC (Port 5900) -- File Sharing Protocols -- SMB (Port 445) -- Brute-Forcing SMB -- SNMP (Port UDP 161) -- SNMP Enumeration -- Summary -- Chapter 7 Exploitation Phase -- Vulnerabilities Assessment -- Vulnerability Assessment Workflow -- Vulnerability Scanning with OpenVAS -- Installing OpenVAS -- Scanning with OpenVAS -- Exploits Research -- SearchSploit -- Services Exploitation -- Exploiting FTP Service -- FTP Login -- Remote Code Execution -- Spawning a Shell -- Exploiting SSH Service -- SSH Login -- Telnet Service Exploitation -- Telnet Login -- Sniffing for Cleartext Information -- E-mail Server Exploitation -- Docker Exploitation -- Testing the Docker Connection -- Creating a New Remote Kali Container -- Getting a Shell into the Kali Container -- Docker Host Exploitation -- Exploiting Jenkins -- Reverse Shells -- Using Shells with Metasploit -- Exploiting the SMB Protocol -- Connecting to SMB Shares -- SMB Eternal Blue Exploit -- Summary -- Chapter 8 Web Application Vulnerabilities -- Web Application Vulnerabilities -- Mutillidae Installation -- Apache Web Server Installation -- Firewall Setup -- Installing PHP -- Database Installation and Setup -- Mutillidae Installation -- Cross-Site Scripting -- Reflected XSS -- Stored XSS -- Exploiting XSS Using the Header…”