Tabla de Contenidos: “…Cover -- Title Page -- Copyright -- Dedication -- Contributors -- Table of Contents -- Preface -- Part 1: Moodle Security Primer -- Chapter 1: Moodle Security - First Steps -- Technical requirements -- A short history of hacking -- The Watergate scandal - a man-in-the-middle attack -- Phreaking - VoIP fraud -- Cracking encryption - SSL attacks -- Fundamental security requirements -- Understanding risk -- The regulatory environment -- Statutory requirements -- Insurance requirements -- Service License Agreement (SLA) requirements -- ITT requirements -- Creating a risk register -- Description of risk -- Probability -- Impact -- Mitigation action -- Summary -- Chapter 2: Moodle Threat Modeling -- Technical requirements -- Cybersecurity terminology -- What are we working on? …”

Tabla de Contenidos: “…Fire prevention, detection, and suppression -- Power -- Chapter 6 Communication and Network Security -- Assess and Implement Secure Design Principles in Network Architectures -- OSI and TCP/IP models -- The OSI Reference Model -- The TCP/IP Model -- Secure Network Components -- Operation of hardware -- Transmission media -- Network access control devices -- Endpoint security -- Implement Secure Communication Channels According to Design -- Voice -- Multimedia collaboration -- Remote access -- Data communications -- Virtualized networks -- Third-party connectivity -- Chapter 7 Identity and Access Management -- Control Physical and Logical Access to Assets -- Information -- Systems and devices -- Facilities -- Applications -- Manage Identification and Authentication of People, Devices, and Services -- Identity management implementation -- Single-/multifactor authentication -- Accountability -- Session management -- Registration, proofing, and establishment of identity -- Federated identity management -- Credential management systems -- Single sign-on -- Just-in-Time -- Federated Identity with a Third-Party Service -- On-premises -- Cloud -- Hybrid -- Implement and Manage Authorization Mechanisms -- Role-based access control -- Rule-based access control -- Mandatory access control -- Discretionary access control -- Attribute-based access control -- Risk-based access control -- Manage the Identity and Access Provisioning Life Cycle -- Implement Authentication Systems -- OpenID Connect/Open Authorization -- Security Assertion Markup Language -- Kerberos -- RADIUS and TACACS+ -- Chapter 8 Security Assessment and Testing -- Design and Validate Assessment, Test, and Audit Strategies -- Conduct Security Control Testing -- Vulnerability assessment -- Penetration testing -- Log reviews -- Synthetic transactions -- Code review and testing -- Misuse case testing…”

Tabla de Contenidos: “…Natural Drugs for Diabetes: Needs of Developing Country By Namrata Dwivedi, Suhel Mehandi, Skand Kumar Mishra and I.P. Tripathi 42 VIEW ABSTRACT -- 25. Community Engagement: A Non-Formal Education Approach By Busisiwe G. …”

Tabla de Contenidos: “…-- Aufbau der Hardware -- Das Basismodul -- Der Gleisbesetztmelder -- Die Melder -- Win-DigiPet -- Aufbau der Gleisanlage -- Zusammenfassung -- Tag 4: Jetzt kann man schalten und walten -- Ziel des 4. Tages -- Was wird heute benötigt? …”

Tabla de Contenidos: “…The Evolution of the Internet: 1961-The Present -- The Internet: Key Technology Concepts -- Packet Switching -- Transmission Control Protocol/Internet Protocol (TCP/IP) -- IP Addresses -- Domain Names, DNS, and URLs -- Client/Server Computing -- The Mobile Platform -- The Internet "Cloud Computing" Model: Hardware and Software as a Service -- Other Internet Protocols and Utility Programs -- 3.2 Internet Infrastructure and Access -- The Internet Backbone -- Internet Exchange Points -- Tier 3 Internet Service Providers -- Campus/Corporate Area Networks -- Mobile Internet Access -- Telephone-based versus Computer Network-based Wireless Internet Access -- Other Innovative Internet Access Technologies: Drones, Balloons, and White Space -- The Internet of Things -- Insight on Business: The Internet of Everything: Opportunities and Challenges -- Who Governs the Internet? …”

Tabla de Contenidos: “…How to Estimate Consequences and Likelihood -- Risk Ranking -- Risk Reduction and Mitigation -- Summary -- Chapter 9 - Establishing Zones and Conduits -- Information in this Chapter -- Security Zones and Conduits Explained -- Identifying and Classifying Security Zones and Conduits -- Recommended Security Zone Separation -- Network Connectivity -- Caution -- Control Loops -- Supervisory Controls -- Note -- Plant Level Control Processes -- Control Data Storage -- Trading Communications -- Remote Access -- Users and Roles -- Protocols -- Criticality -- Tip -- Tip -- Establishing Security Zones and Conduits -- Summary -- Chapter 10 - Implementing Security and Access Controls -- Information in this Chapter -- Network Segmentation -- Zones and Security Policy Development -- Using Zones within Security Device Configurations -- Implementing Network Security Controls -- Selecting Network Security Devices -- Implementing Network Security Devices -- Firewall Configuration Guidelines -- Intrusion Detection and Prevention (IDS/IPS) Configuration Guidelines -- Recommended IDS/IPS Rules -- Anomaly-Based Intrusion Detection -- Protocol Anomaly Detection -- Application and Protocol Monitoring in Industrial Networks -- Data Diodes and Unidirectional Gateways -- Implementing Host Security and Access Controls -- Selecting Host Cyber Security Systems -- Host Firewalls -- Host IDS -- Anti-virus -- Application Whitelisting -- External Controls -- Patch Management -- Patching as a form of Vulnerability Management -- Leave no Vulnerability Unturned -- Maintaining System Availability -- Comprehensive Predeployment Testing -- Automating the Process -- How Much Security is Enough? …”

Tabla de Contenidos: “….) -- 3.3.3 Obtener la contraseña -- 3.3.4 Postexplotación -- 3.3.5 LiveCD ophcrack -- 3.3.6 Contramedidas -- 3.4 ATAQUES CONTRA CONTRASEÑAS DE SISTEMAS GNU/LINUX -- 3.4.1 John the Ripper -- 3.4.2 @stack LC5 -- 3.4.3 Contramedidas -- 4 HACKING DE REDES -- 4.1 INTRODUCCIÓN -- 4.2 MAN IN THE MIDDLE -- 4.3 ¿CÓMO FUNCIONA ARP? -- 4.3.1 Windows (....) -- 4.3.2 GNU/Linux (...) -- 4.3.3 Contramedidas -- 4.4 SNIFFERS -- 4.4.1 Sniffers…”

Tabla de Contenidos: “…Auflage -- Was will dieses Buch -- Die wichtigsten Änderungen für SAFe 4.5 -- Neue Liefer- oder Delivery Pipeline -- Integration von Lean-Startup-Strategien -- Scalable DevOps als Kultur-, Organisations- und technische Aufgabe -- Die Einführungsstrategie ist konkreter geworden -- Viele kleine Änderungen -- Danksagung -- Viel Erfolg beim Umsetzen -- Geleitwort -- 1 -- Inhaltsübersicht -- Inhaltsverzeichnis -- 1 Einleitung -- 1.1 Was macht Agilität erfolgreich -- 1.2 Warum skalieren -- Muss man wirklich skalieren? -- Teamgrößen -- Die Dunbar-Zahl -- 1.3 Die neuen Herausforderungen an Agilität -- Große Vorhaben unterstützen -- Der ganze Wertstrom -- Die ganze Organisation und Hierarchie -- Große und etablierte Entwicklungen -- Der Zyklus von Produkt und Markt -- Kultur oder wie Agile aus dem Radarschatten kam -- 2 Überblick über SAFe -- SAFe basiert auf Lean und Agile -- Alignment, Zusammenarbeit, Lieferung -- SAFe ist ein definierter Startpunkt für eine agile und Lean-Transformation -- SAFe skaliert für große Organisationen -- 2.1 Woher kommt SAFe -- 2.2 Die Struktur von SAFe -- Das Gesamtbild (Big Picture) -- 2.2.1 Teamebene -- 2.2.2 Programmebene (Agile Release Train) -- Das Programminkrement -- Arbeiten im Takt - Liefern auf Nachfrage -- Wertströme -- Architectural Runway oder Landebahn -- 2.2.3 Solution-Ebene -- 2.2.4 Portfolioebene -- 2.3 Strukturierung von Anforderungen -- 2.4 Rollen -- 2.5 Schlüsselwerte -- Das Agile Manifest -- Codequalität -- Lieferzuverlässigkeit -- Alignment -- Transparenz -- 2.6 Agile Architektur und Software Engineering -- 2.7 Integrierte Qualitätskultur -- Qualität einbauen -- Fehler beheben, nicht verwalten -- Äußere und innere Softwarequalität -- 2.8 SAFe-Prinzipien für einen effektiven Entwicklungsfluss -- #1: Nimm einen ökonomischen Standpunkt ein -- #2: Denke in Systemen…”

Tabla de Contenidos: “…Bilder einer Webcam auswerten -- 10.9.1 Webcams im Internet anzapfen -- 10.9.2 Auf einem Foto zeichnen - das Modul ImageDraw -- 10.9.3 Projekt: Verkehrsdichte auf der Autobahn -- 10.10 Randbemerkung: Was darf man? Was soll man? -- 10.11 Aufgabe -- 10.12 Lösung -- Kapitel 11: Webserver -- 11.1 Der RPi im lokalen Netz -- 11.1.1 WLAN -- 11.1.2 Eine dauerhafte IP-Adresse für den RPi -- 11.1.3 Über SSH auf dem RPi arbeiten -- 11.1.4 Virtual Network Computing (VNC) -- 11.2 Ein Webserver…”

Tabla de Contenidos: “…OPC -- ICCP/TASE.2 -- Physical hardware -- Summary -- 7 - Hacking Industrial Control Systems -- Motives and consequences -- Consequences of a successful cyberincident -- Cybersecurity and safety -- Common industrial targets -- The evolution of the industrial cyberattack -- Common attack methods -- Attack phases -- Initial attack phases -- Industrial attack phases -- Cyber-physical attacks -- Rogue access devices -- Keylogging/keystroke injections/HID attacks -- Man-in-the-middle attacks -- Denial-of-service attacks -- Replay attacks -- Compromising the human-machine interface -- Compromising the engineering workstation -- Blended attacks -- Weaponized industrial cyberthreats -- Stuxnet -- Dissecting stuxnet -- What it does -- Lessons learned -- Shamoon/DistTrack -- Flame/flamer/skywiper -- Dragonfly -- BlackEnergy -- Industroyer -- TRISIS/TRITON -- Industroyer2 -- Incontroller/pipedream -- Attack trends -- Evolving vectors -- Supply chain vulnerabilities -- Adobe Portable Document Format -- Macros -- Secure sockets layers -- Log4j -- Ransomware and industrial control systems -- Industrial application layer protocols -- Antisocial networks: A new playground for malware -- Polymorphic and adaptive malware -- Dealing with an infection -- Summary -- 8 - Risk and Vulnerability Assessments -- Cybersecurity and risk management -- Why risk management is the foundation of cyber security? …”

Tabla de Contenidos: “…-- 5.5.2 Pflicht zur Gesamtpreisangabe -- 5.5.3 Angabe von Versandkosten -- 5.5.4 Angabe von Grundpreisen -- 5.5.5 Währung -- 5.5.6 Kostenpflichtige Rufnummern -- 5.5.7 Preisvergleiche -- 5.6 Spezielle gesetzliche Regelungen -- 5.6.1 Arzneimittel -- 5.6.2 Bücher -- 5.6.3 Digitale Inhalte -- 5.6.4 Elektronikartikel -- 5.6.5 Lebensmittel -- 5.6.6 Textilien -- 5.6.7 Verpackungsverordnung -- 5.7 Gütesiegel, Bewertungen und Bewertungsportale -- 5.7.1 Gütesiegel -- 5.7.2 Bewertungstools -- 5.8 B2B-Online-Shop -- 5.8.1 Ausschluss von Verbrauchern -- 5.8.2 Rechtsrahmen für den B2B-Shop -- 5.9 Conversion-Optimierung -- 5.10 Besonderheiten im Mobile Commerce -- 5.10.1 Vertragsschluss im M-Commerce -- 5.10.2 Einbeziehung von AGB -- 5.10.3 Widerrufsbelehrung und Informationspflichten -- 5.10.4 Mobiler Warenkorb -- 5.11 Cross-Border-Vertrieb -- 5.11.1 Zuständigkeit und anwendbares Recht -- 5.11.2 Umsetzungsmöglichkeiten -- Kapitel 6: Web-Analyse -- 6.1 Rechtsprobleme beim Tracking -- 6.1.1 IP-Daten und Personenbezug -- 6.1.2 Schlussfolgerungen -- 6.2 Lösung: Speicherung gekürzter IP-Adresse -- 6.2.1 Verwendung gekürzter IP-Adressen -- 6.2.2 Widerspruchsmöglichkeit -- 6.2.3 Beispiel für die Erweiterung der Datenschutzerklärung -- 6.3 Cookies -- 6.4 Tracking ohne Cookies -- 6.5 Zusammenarbeit mit Dienstleistern -- 6.5.1 Auftragsdatenverarbeitung bei Tracking-Tools -- 6.5.2 Auftragsdatenverarbeitung - Was ist das überhaupt? …”

Tabla de Contenidos: “…7.1 Introduction 165 -- 7.2 IPv4 165 -- 7.3 IPv6 169 -- 7.4 Routing 172 -- 7.5 ATM 174 -- 7.6 Frame Relay 176 -- 7.7 LAN and MAN 177 -- 7.8 Wi-Fi 189 -- 7.9 Inter-Operator Networks 202 -- References 204 -- 8 Telecommunications Network Services and Applications 207 /Jyrki T. …”

Tabla de Contenidos: “…Domain 3 Security Architecture and Engineering -- Research, Implement, and Manage Engineering Processes Using Secure Design Principles -- ISO/IEC 19249 -- Threat Modeling -- Secure Defaults -- Fail Securely -- Separation of Duties -- Keep It Simple -- Trust, but Verify -- Zero Trust -- Privacy by Design -- Shared Responsibility -- Defense in Depth -- Understand the Fundamental Concepts of Security Models -- Primer on Common Model Components -- Information Flow Model -- Noninterference Model -- Bell-LaPadula Model -- Biba Integrity Model -- Clark-Wilson Model -- Brewer-Nash Model -- Take-Grant Model -- Select Controls Based Upon Systems Security Requirements -- Understand Security Capabilities of Information Systems -- Memory Protection -- Secure Cryptoprocessor -- Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements -- Client-Based Systems -- Server-Based Systems -- Database Systems -- Cryptographic Systems -- Industrial Control Systems -- Cloud-Based Systems -- Distributed Systems -- Internet of Things -- Microservices -- Containerization -- Serverless -- Embedded Systems -- High-Performance Computing Systems -- Edge Computing Systems -- Virtualized Systems -- Select and Determine Cryptographic Solutions -- Cryptography Basics -- Cryptographic Lifecycle -- Cryptographic Methods -- Public Key Infrastructure -- Key Management Practices -- Digital Signatures and Digital Certificates -- Nonrepudiation -- Integrity -- Understand Methods of Cryptanalytic Attacks -- Brute Force -- Ciphertext Only -- Known Plaintext -- Chosen Plaintext Attack -- Frequency Analysis -- Chosen Ciphertext -- Implementation Attacks -- Side-Channel Attacks -- Fault Injection -- Timing Attacks -- Man-in-the-Middle -- Pass the Hash -- Kerberos Exploitation -- Ransomware -- Apply Security Principles to Site and Facility Design…”

Tabla de Contenidos: “…Configure storage security -- RBAC roles on the storage account -- Applying the correct NTFS permissions -- Configuring private access using a private endpoint -- Configuring NSGs -- Configure network security with Azure Firewall -- Using IP groups in firewall policies -- Configure network security with NSGs -- Deploying AVD on dedicated hosts -- Configuring Defender for Cloud -- Deploying an Azure VPN gateway -- Summary -- Part 5: Use Cases -- Chapter 12: Windows 365 Use Cases -- When to use Windows 365 as your personal desktop -- Windows 365 as a replacement for on-premise VDI -- Why is Windows 365 a good alternative to an on-premise VDI? …”

Tabla de Contenidos: “…Finding the technology behind web apps -- How to do it... -- Scanning IPs with masscan -- How to do it... -- Sniffing around with Kismet -- How to do it... -- Testing routers with firewalk -- How to do it... -- How it works... -- Chapter 3: Vulnerability Assessment -- Introduction -- Using the infamous Burp -- How to do it... -- Exploiting WSDLs with Wsdler -- How to do it... -- Using Intruder -- How to do it... -- Web app pentest with Vega -- Getting ready -- How to do it... -- Exploring SearchSploit -- How to do it... -- Exploiting routers with RouterSploit -- Getting ready -- How to do it... -- Using the scanners command -- Using creds -- Using Metasploit -- How to do it... -- Automating Metasploit -- How to do it... -- Writing a custom resource script -- How to do it... -- Databases in Metasploit -- How to do it... -- Chapter 4: Web App Exploitation - Beyond -- Introduction -- Exploiting XSS with XSS Validator -- Getting ready -- How to do it... -- Injection attacks with sqlmap -- How to do it... -- See also -- Owning all .svn and .git repositories -- How to do it... -- Winning race conditions -- How to do it... -- See also -- Exploiting JBoss with JexBoss -- How to do it... -- Exploiting PHP Object Injection -- How to do it... -- See also -- Backdoors using web shells -- How to do it... -- Backdoors using meterpreters -- How to do it... -- Chapter 5: Network Exploitation on Current Exploitation -- Introduction -- Man in the middle with hamster and ferret -- Getting ready -- How to do it... -- Exploring the msfconsole -- How to do it... -- Railgun in Metasploit -- How to do it... -- There's more... -- Using the paranoid meterpreter -- How to do it... -- There's more... -- A tale of a bleeding heart -- How to do it... -- Redis exploitation -- How to do it... -- Say no to SQL - owning MongoDBs -- Getting ready -- How to do it…”

Tabla de Contenidos: “…Intro -- Inhalt -- Vorwort -- Danksagung -- Einführung -- Wer dieses Buch lesen sollte -- Wie man dieses Buch liest -- Was Sie in diesem Buch finden -- Ein Disclaimer zum Hacking -- Kapitel 1: Bug-Bounty-Grundlagen -- 1.1 Schwachstellen und Bug-Bounties -- 1.2 Client und Server -- 1.3 Was beim Besuch einer Website passiert -- 1.3.1 Schritt 1: Extrahieren des Domainnamens -- 1.3.2 Schritt 2: Auflösen der IP-Adresse -- 1.3.3 Schritt 3: Herstellen einer TCP-Verbindung -- 1.3.4 Schritt 4: Senden eines HTTP-Requests -- 1.3.5 Schritt 5: Die Response des Servers -- 1.3.6 Schritt 6: Rendering der Response -- 1.4 HTTP-Requests -- 1.4.1 Request-Methoden -- 1.4.2 HTTP ist zustandslos -- 1.5 Zusammenfassung -- Kapitel 2: Offene Redirects -- 2.1 Wie offene Redirects funktionieren -- 2.2 Offener Redirect bei Shopify-Theme-Installation -- 2.3 Offener Redirect bei Shopify-Log-in -- 2.4 Interstitieller Redirect bei HackerOne -- 2.5 Zusammenfassung -- Kapitel 3: HTTP Parameter Pollution -- 3.1 Serverseitiges HPP -- 3.2 Clientseitiges HPP -- 3.3 HackerOnes Social-Media-Buttons -- 3.4 Abmelden von Benachrichtigungen bei Twitter -- 3.5 Twitter Web Intents -- 3.6 Zusammenfassung -- Kapitel 4: Cross Site Request Forgery -- 4.1 Authentifizierung -- 4.2 CSRF mit GET-Requests -- 4.3 CSRF mit POST-Requests -- 4.4 Schutz vor CSRF-Angriffen -- 4.5 Twitter-Abmeldung bei Shopify -- 4.6 Instacart-Zonen eines Nutzers ändern -- 4.7 Vollständige Übernahme eines Badoo-Accounts -- 4.8 Zusammenfassung -- Kapitel 5: HTML Injection und Content Spoofing -- 5.1 Coinbase: Kommentare einfügen durch Zeichencodierung -- 5.2 Ungewolltes Einbinden von HTML bei HackerOne -- 5.3 Den Fix zu obigem Bug bei HackerOne umgehen -- 5.4 Content Spoofing bei Within Security -- 5.5 Zusammenfassung -- Kapitel 6: Carriage Return/Line Feed Injection -- 6.1 HTTP Request Smuggling…”

Tabla de Contenidos: “…Tech Utilities -- Right-Click -- Control Panel -- Device Manager -- System Tools -- Command Line -- Microsoft Management Console -- Administrative Tools -- Action Center (Unique to Windows 7) -- Beyond A+ -- Windows 8 -- Windows Embedded -- Chapter Review -- Questions -- Answers -- Chapter 5 Visible Networks -- Historical/Conceptual -- Networking Technologies -- Topology -- 801 -- Frames and NICs -- Introducing Ethernet -- Network Protocols, LANs, and WANs -- A Short History of the War of the Network Protocols and Why TCP/IP Won -- LANs, Routing, and WANs -- 802 -- Network Organization -- Workgroups -- Domains -- Homegroups -- Chapter Review -- Questions -- Answers -- Chapter 6 Microprocessors -- Historical/Conceptual -- CPU Core Components -- The Man in the Box -- Clock -- Back to the External Data Bus -- Memory -- Memory and RAM -- Address Bus -- 801 -- Modern CPUs -- Manufacturers -- Technology -- Selecting, Installing, and Troubleshooting CPUs -- Selecting a CPU -- Installation Issues -- 802 -- Troubleshooting CPUs -- Beyond A+ -- Intel Atom -- Chapter Review -- Questions -- Answers -- Chapter 7 RAM -- Historical/Conceptual -- Understanding DRAM -- Organizing DRAM -- Practical DRAM -- DRAM Sticks -- Consumer RAM -- 801 -- Types of RAM -- SDRAM -- RDRAM -- DDR SDRAM -- DDR2 -- DDR3 -- RAM Variations -- Working with RAM -- Do You Need More RAM? …”

Tabla de Contenidos: “…-- Kernel State: sysctl -- The Kernel Environment -- Kernel Modules -- Build Your Own Kernel -- Building a Kernel -- Custom Kernel Configuration -- Inclusions, Exclusions, and Expanding the Kernel -- 7 THE NETWORK -- Network Layers -- The Network in Practice -- Getting Bits and Hexes -- Network Stacks -- IPv4 Addresses and Netmasks -- IPv6 Addresses and Subnets -- TCP/IP Basics -- Understanding Ethernet -- 8 CONFIGURING NETWORKING…”

Tabla de Contenidos: “…Indirect attacks -- Hidden database servers -- Accessible backups -- Privilege escalation -- Insecure system architecture -- Database server password cracking -- Methods of attacking database servers -- Scanning for vulnerabilities -- Attacking the System Administrator account -- Exploit module attacks -- Google hacks -- Perusing website source code -- SQL replay attack -- Protecting databases -- Hidden or unknown databases -- How insecure databases are created -- Weak auditing and insufficient logging -- Lab - Database hacking -- Setup -- Exercise 1 -- Exercise 2 -- Summary -- Assessment -- Answer -- Chapter 9: Ethical Hacking Protocol Review -- Exploring communication protocols -- Introducing the OSI model -- Introducing IP -- Introducing TCP -- The three-way handshake -- UDP -- ICMP -- Comparing TCP and UDP -- Well-known ports -- Understanding protocol attacks -- TCP attacks -- UDP attacks -- ICMP attacks -- An overview of IPv6 -- The setup and configuration of IPv6 -- Reconnaissance and attack tools -- Defending IPv4 networks -- Defending IPv6 networks -- Lab -- Exercise 1 -- Exercise 2 -- Summary -- Assessment -- Answers -- Chapter 10: Ethical Hacking for Malware Analysis -- Technical requirements -- Why does malware exist and who are its sources? …”