Osoby które kupowały "Defensive Security Handbook. 2nd Edition", wybierały także:

• Windows Media Center. Domowe centrum rozrywki 66,67 zÅ‚, (8,00 zÅ‚ -88%)
• Ruby on Rails. Ćwiczenia 18,75 zÅ‚, (3,00 zÅ‚ -84%)
• Przywództwo w Å›wiecie VUCA. Jak być skutecznym liderem w niepewnym Å›rodowisku 58,64 zÅ‚, (12,90 zÅ‚ -78%)
• Scrum. O zwinnym zarzÄ…dzaniu projektami. Wydanie II rozszerzone 58,64 zÅ‚, (12,90 zÅ‚ -78%)
• Od hierarchii do turkusu, czyli jak zarzÄ…dzać w XXI wieku 58,64 zÅ‚, (12,90 zÅ‚ -78%)

Spis treści

Defensive Security Handbook. 2nd Edition eBook -- spis treści

• Foreword to the First Edition
• Preface
  • Our Goal
  • Who This Book Is For
  • Navigating the Book
  • Conventions Used in This Book
  • OReilly Online Learning
  • How to Contact Us
  • Acknowledgments
    • Amanda
    • Lee
    • Bill
• 1. Creating a Security Program
  • Laying the Groundwork
  • Establishing Teams
  • Determining Your Baseline Security Posture
  • Assessing Threats and Risks
    • Identify Scope, Assets, and Threats
    • Assess Risk and Impact
    • Mitigate
    • Monitor
    • Govern
  • Prioritizing
  • Creating Milestones
  • Use Cases, Tabletops, and Drills
  • Expanding Your Team and Skillsets
  • Conclusion
• 2. Asset Management and Documentation
  • What Is Asset Management?
  • Documentation
  • Establishing the Schema
    • Data Storage Options
      • Small businesses
      • Midmarket enterprises
      • Large enterprises
    • Data Classification
      • Creating a classification system
      • A university advancement example
    • Understanding Your Inventory Schema
      • Criticality
      • Risk
      • Asset-specific fields
        • Equipment
        • Users
        • Applications
        • Cloud assets
        • Other
  • Asset Management Implementation Steps
    • Defining the Lifecycle
    • Information Gathering
      • Vulnerability management software
      • Asset management software
      • Asset management in the cloud(s)
      • Embracing infrastructure as code
    • Change Tracking
    • Monitoring and Reporting
  • Asset Management Guidelines
    • Automate
    • Establish a Single Source of Truth
    • Organize a Company-wide Team
    • Find Executive Champions
    • Keep on Top of Software Licensing
  • Conclusion
• 3. Policies
  • Language
  • Document Contents
  • Topics
  • Storage and Communication
  • Conclusion
• 4. Standards and Procedures
  • Standards
  • Procedures
  • Document Contents
  • Conclusion
• 5. User Education
  • Broken Processes
  • Bridging the Gap
  • Building Your Own Program
    • Establish Objectives
    • Establish Baselines
    • Scope and Create Program Rules and Guidelines
    • Provide Positive Reinforcement
    • Define Incident Response Processes
  • Obtaining Meaningful Metrics
    • Measurements
    • Tracking Success Rate and Progress
    • Important Metrics
  • Conclusion
• 6. Incident Response
  • Processes
    • Pre-Incident Processes
    • Incident Processes
    • Post-Incident Processes
  • Tools and Technology
    • Log Analysis
    • EDR/XDR/MDR/All the Rs
    • Disk and File Analysis
    • Memory Analysis
    • PCAP Analysis
    • All-in-One Tools
  • Conclusion
• 7. Disaster Recovery
  • Setting Objectives
    • Recovery Point Objective
    • Recovery Time Objective
  • Recovery Strategies
    • Traditional Physical Backups
    • Warm Standby
    • High Availability
    • Alternate System
    • System Function Reassignment
  • Cloud Native Disaster Recovery
  • Dependencies
  • Scenarios
  • Invoking a Failover...and Back
  • Testing
  • Security Considerations
  • Conclusion
• 8. Industry Compliance Standards and Frameworks
  • Industry Compliance Standards
    • Family Educational Rights and Privacy Act (FERPA)
    • Gramm-Leach-Bliley Act (GLBA)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Payment Card Industry Data Security Standard (PCI DSS)
    • Sarbanes-Oxley (SOX) Act
  • Frameworks
    • Center for Internet Security (CIS)
    • Cloud Control Matrix (CCM)
    • The Committee of Sponsoring Organizations of the Treadway Commission (COSO)
    • Control Objectives for Information and Related Technologies (COBIT)
    • ISO-27000 Series
    • MITRE ATT&CK
    • NIST Cybersecurity Framework (CSF)
  • Regulated Industries
    • Financial
    • Government
    • Healthcare
  • Conclusion
• 9. Physical Security
  • Physical
    • Restrict Access
    • Video Surveillance
    • Authentication Maintenance
    • Secure Media
    • Datacenters
  • Operational Aspects
    • Identifying Visitors and Contractors
    • Physical Security Training
  • Conclusion
• 10. Microsoft Windows Infrastructure
  • Quick Wins
    • Upgrade
    • Third-Party Patches
    • Open Shares
  • Active Directory Domain Services
    • Forests
    • Domains
    • Domain Controllers
    • Organizational Units
    • Groups
    • Accounts
  • Group Policy Objects (GPOs)
  • Conclusion
• 11. Unix Application Servers
  • Keeping Up-to-Date
    • Third-Party Software Updates
    • Core Operating System Updates
  • Hardening a Unix Application Server
    • Disable Services
    • Set File Permissions
    • Use Host-Based Firewalls
    • Manage File Integrity
    • Configure Separate Disk Partitions
    • Use chroot
    • Set Up Mandatory Access Control
  • Conclusion
• 12. Endpoints
  • Keeping Up-to-Date
    • Microsoft Windows
    • macOS
    • Unix Desktops
    • Third-Party Updates
  • Hardening Endpoints
    • Disable Services
    • Use Desktop Firewalls
    • Implement Full-Disk Encryption
    • Use Endpoint Protection Tools
  • Mobile Device Management
  • Endpoint Visibility
  • Centralization
  • Conclusion
• 13. Databases
  • Introduction to Databases and Their Importance in Information Security
    • Database Implementations
    • Common Database Management Systems
    • A Real-World Case Study: The Marriott Breach
      • Impact
      • References
  • Database Security Threats and Vulnerabilities
    • Unauthorized Access
    • SQL Injection
    • Data Leakage
    • Insider Threats
    • Defense Evasion
  • Database Security Best Practices
    • Data Encryption
      • Implementing database encryption: A practical example with Bree
    • Authentication and Authorization Mechanisms
      • Authentication
      • Authorization
    • Secure Database Configuration and Hardening
    • Database Management in the Cloud
    • Hands-on Exercise: Implementing Encryption in a MySQL Database (Operation Lockdown)
  • Conclusion
• 14. Cloud Infrastructure
  • Types of Cloud Services and Their Security Implications
    • Software as a Service (SaaS)
    • Platform as a Service (PaaS)
    • Infrastructure as a Service (IaaS)
    • The Shared Responsibility Model
  • Common Cloud Security Mistakes and How to Avoid Them
    • Misconfigurations
    • Inadequate Credential and Secrets Management
    • Overpermissioned Cloud Resources
    • Poor Security Hygiene
    • Failing to Understand the Shared Responsibility Model
  • Cloud Security Best Practices
    • Start with Secure Architectural Patterns
    • Properly Manage Secrets
    • Embrace Well-Architected Frameworks
    • Continue Following Security Best Practices
  • Exercise: Gaining Security Visibility into an AWS Environment
    • Configure an SNS Email Notification
    • Enable GuardDuty
    • Set Up EventBridge to Route Alerts to Email
    • Testing
  • Conclusion
• 15. Authentication
  • Identity and Access Management
  • Passwords
    • Password Basics
    • Encryption, Hashing, and Salting
      • Encryption
      • Hashing
      • Salting
      • Encryption and hashing recommendations
    • Password Management
      • Password management software
      • Password resets
      • Password storage locations and methods
    • Additional Password Security
      • Fine-grained password policies (FGPPs)
      • Cloud IAM
  • Common Authentication Protocols
    • NTLM
    • Kerberos
    • LDAP
    • RADIUS
    • Differences Between Protocols
    • Protocol Security
    • Choosing the Best Protocol for Your Organization
  • Multi-Factor Authentication
    • MFA Weaknesses
    • Where It Should Be Implemented
  • Conclusion
• 16. Secure Network Infrastructure
  • Device Hardening
    • Firmware/Software Patching
    • Services
    • SNMP
    • Encrypted Protocols
    • Management Network
  • Hardware Devices
    • Bastion Hosts
    • Routers
    • Switches
    • Wireless Devices
      • Communication protocols
      • Security protocols
  • Design
    • Egress Filtering
    • IPv6: A Cautionary Note
    • TACACS+
  • Networking Attacks
    • ARP Cache Poisoning and MAC Spoofing
    • DDoS Amplification
    • VPN Attacks
    • Wireless
      • WiFi abuse
      • Rogue access points and evil twin attacks
      • Jamming
  • Conclusion
• 17. Segmentation
  • Network Segmentation
    • Physical
    • Logical
      • VLANs
      • ACLs
      • NAC
      • VPNs
    • Physical and Logical Network Example
    • Software-Defined Networking
  • Application Segmentation
  • Segmentation of Roles and Responsibilities
  • Conclusion
• 18. Vulnerability Management
  • Authenticated Versus Unauthenticated Scans
  • Vulnerability Assessment Tools
  • Open Source Tools
  • Vulnerability Management Program
    • Program Initialization
    • Business as Usual
  • Remediation Prioritization
  • Risk Acceptance
  • Conclusion
• 19. Development
  • Language Selection
    • Assembly
    • C and C++
    • Go
    • Rust
    • Python/Ruby/Perl
    • PHP
  • Secure Coding Guidelines
  • Testing
    • Automated Static Testing
    • Automated Dynamic Testing
    • Peer Review
  • Software Development Lifecycle
  • Conclusion
• 20. OSINT and Purple Teaming
  • Open Source Intelligence
    • Types of Information and Access
      • Physical assets
      • Email addresses and outsourcing considerations
      • Technology assets and metadata
      • Web pages and documents
      • Personal assets and data breaches
    • Modern OSINT Tools
      • The OSINT Framework
      • Maltego
      • Shodan
  • Purple Teaming
    • A Purple Teaming Example
  • Conclusion
• 21. Understanding IDSs and IPSs
  • Role in Information Security
  • Exploring IDS and IPS Types
    • Network-Based IDSs
    • Host-Based IDSs
    • IPSs
    • NGFWs
  • IDSs and IPSs in the Cloud
    • AWS
    • Azure
    • GCP
  • Working with IDSs and IPSs
    • Managing False Positives
    • Writing Your Own Signatures
  • IDS/IPS Positioning
  • Encrypted Protocols
  • Conclusion
• 22. Logging and Monitoring
  • Security Information and Event Management
    • Why Use a SIEM
    • Scope of Coverage
    • Designing the SIEM
  • Log Analysis and Enrichment
    • Sysmon
      • Installing Sysmon
      • Detecting common threats with Sysmon events
    • Group Policy
  • Alert Examples and Log Sources to Focus On
    • Authentication Systems
    • Application Logs
    • Cloud Services
      • AWS
      • Azure
      • GCP
    • Databases
    • DNS
    • Endpoint Protection Solutions
    • IDSs/IPSs
    • Operating Systems
    • Proxy and Firewall Logs
    • User Accounts, Groups, and Permissions
  • Testing and Continuing Configuration
  • Aligning with Detection Frameworks, Compliance Mandates, and Use Cases
    • MITRE ATT&CK
    • Sigma
    • Compliance
    • Use Case Analysis
  • Conclusion
• 23. The Extra Mile
  • Email Servers
  • DNS Servers
  • Security Through Obscurity
  • Useful Resources
    • Books
    • Blogs
    • Podcasts
    • Websites
• A. User Education Templates
  • Live Phishing Education Slides
    • Youve Been Hacked!
    • What Just Happened, and Why?
    • Social Engineering 101(0101)
    • So Its OK That You Were Exploited (This Time)
    • No Blame, No Shames, Just...
    • A Few Strategies for Next Time
    • Because There Will Be a Next Time
    • If Something Feels Funny
    • If Something Looks Funny
    • If Something Sounds Funny
    • Feels, Looks, or Sounds FunnyCall the IT Help Desk
    • What If I Already Clicked the Link or Opened the Attachment?
    • What If I Didnt Click the Link or Attachment?
    • Your IT Team Is Here for You!
  • Phishing Program Rules
• Index