Tabla de Contenidos: “…Quiz -- The Hierarchical Nature of DNS -- Installing DNS on Windows Server 2008 R2 -- Configuring DNS Zones -- DNS Zone Types -- DNS Name Server Roles -- Creating DNS Zones -- DNS Resource Records -- Configuring DNS Zone Properties -- Command-Line DNS Server Administration -- Review All the Key Topics -- Complete the Tables and Lists from Memory -- Definitions of Key Terms -- Chapter 3 Installing Active Directory Domain Services -- "Do I Know This Already?" …”

Tabla de Contenidos: “…Web Application Proxies -- Burp Proxy -- Customizing client interception -- Modifying requests on the fly -- Burp Proxy with HTTPS websites -- Zed Attack Proxy -- ProxyStrike -- Web Crawlers and Directory Bruteforce -- DIRB -- DirBuster -- Uniscan -- Web Vulnerability Scanners -- Nikto -- w3af -- Skipfish -- Other tools -- OpenVAS -- Database exploitation -- Web application fuzzers -- Using Tor for penetration testing -- Vulnerable applications and servers to practice on -- OWASP Broken Web Applications -- Hackazon -- Web Security Dojo -- Other resources -- Summary -- Chapter 3: Reconnaissance and Profiling the Web Server -- Reconnaissance -- Passive reconnaissance versus active reconnaissance -- Information gathering -- Domain registration details -- Whois - extracting domain information -- Identifying related hosts using DNS -- Zone transfer using dig -- DNS enumeration -- DNSEnum -- Fierce -- DNSRecon -- Brute force DNS records using Nmap -- Using search engines and public sites to gather information -- Google dorks -- Shodan -- theHarvester -- Maltego -- Recon-ng - a framework for information gathering -- Domain enumeration using Recon-ng -- Sub-level and top-level domain enumeration -- Reporting modules -- Scanning - probing the target -- Port scanning using Nmap -- Different options for port scan -- Evading firewalls and IPS using Nmap -- Identifying the operating system -- Profiling the server -- Identifying virtual hosts -- Locating virtual hosts using search engines -- Identifying load balancers -- Cookie-based load balancer -- Other ways of identifying load balancers -- Application version fingerprinting -- The Nmap version scan -- The Amap version scan -- Fingerprinting the web application framework -- The HTTP header -- The WhatWeb scanner -- Scanning web servers for vulnerabilities and misconfigurations…”

Tabla de Contenidos: “…Chapter 9: Grow Employees Who Create Company Calm -- Create Employees With a Possibility-Centered Mindset -- Encourage People to Feel What They're Feeling... for 90 Seconds -- Develop Proactivity Over Reactivity -- Zap Conflict -- Bring in Some Old-Fashioned Forgiveness -- Kill Fear Mongering -- Get Them Organized Their Way -- Be Mindful of the Learning Curve -- Encourage Outside Interests -- Value Privacy and "Off" Time -- Tweet-Sized Takeaways -- Chapter 10: Inspire Great Performance -- Be a Mirror for What You Seek -- Let Yourself Learn From Them -- Make Yourself Accessible -- Give the Gift of Trust -- Push Young Professionals Outside Their Comfort Zones -- Let Employees Have Input -- Proselytize Mentorship -- Invest in Their Learning and Development -- Provide Opportunities to Lead -- Your Tactic -- Tweet-Sized Takeaways -- Afterthought -- Acknowledgments -- About the Author -- Index…”

Tabla de Contenidos: “…Chapter 11: Shield Right for APIs with Runtime Protection -- Technical requirements -- Securing and hardening environments -- Container images -- Operating systems -- Using WAFs -- Understanding the Next-Generation Firewall (NGWAF) and Web Application API Protection (WAAP) products -- Using API gateways and API management -- Implementing security patterns in the Kong API gateway -- Best practices for API gateway protection -- Deploying API firewalls -- API monitoring and alerting -- Selecting the correct protections for your APIs -- Summary -- Further reading -- Chapter 12: Securing Microservices -- Technical requirements -- Understanding microservices -- Securing the foundations of microservices -- Securing the connectivity of microservices -- Access control for microservices -- Running secure microservices in practice -- Summary -- Further reading -- Chapter 13: Implementing an API Security Strategy -- Ownership of API security -- Understanding your stakeholders -- Roles and responsibilities -- The 42Crunch maturity model -- Inventory -- Design -- Development -- Testing -- Protection -- Governance -- Planning your program -- Establishing your objectives -- Assessing your current state -- Building a landing zone for APIs -- Running your program -- Building your teams -- Tracking your progress -- Integrating with your existing AppSec program -- Your personal API security journey -- Summary -- Further reading -- Index -- Other Books You May Enjoy…”