Cybersecurity - Attack and Defense Strategies : Infrastructure security with Red Team and Blue Team tactics. (eBook, 2018) [WorldCat.org]
skip to content
Cybersecurity - Attack and Defense Strategies : Infrastructure security with Red Team and Blue Team tactics. Preview this item
ClosePreview this item
Checking...

Cybersecurity - Attack and Defense Strategies : Infrastructure security with Red Team and Blue Team tactics.

Author: Yuri Diogenes; Erdal Ozkaya
Publisher: Birmingham : Packt Publishing, 2018.
Edition/Format:   eBook : Document : EnglishView all editions and formats
Summary:
With Cybercrime on a rise, Cybersecurity has become extremely vital to a large group of industries. Due to which, companies have started adopting the hard ways of preventing system breaches. This book will explore some Red Team and Blue Team tactics, where the Red Team tactics can be used in penetration for accessing sensitive data, and the ...
Rating:

(not yet rated) 0 with reviews - Be the first.

Subjects
More like this

Find a copy online

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...

Details

Genre/Form: Electronic books
Additional Physical Format: Print version:
Diogenes, Yuri.
Cybersecurity - Attack and Defense Strategies : Infrastructure security with Red Team and Blue Team tactics.
Birmingham : Packt Publishing, ©2018
Material Type: Document, Internet resource
Document Type: Internet Resource, Computer File
All Authors / Contributors: Yuri Diogenes; Erdal Ozkaya
ISBN: 9781788473859 178847385X 9781788475297 1788475291
OCLC Number: 1022788021
Description: 1 online resource (368 pages)
Contents: Cover --
Copyright and Credits --
Packt Upsell --
Contributors --
Table of Contents --
Preface --
Chapter 1: Security Posture --
The current threat landscape --
The credentials --
authentication and authorization --
Apps --
Data --
Cybersecurity challenges --
Old techniques and broader results --
The shift in the threat landscape --
Enhancing your security posture --
The Red and Blue Team --
Assume breach --
References --
Summary --
Chapter 2: Incident Response Process --
Incident response process --
Reasons to have an IR process in place --
Creating an incident response process --
Incident response team --
Incident life cycle --
Handling an incident --
Best practices to optimize incident handling --
Post-incident activity --
Real-world scenario --
Lessons learned --
Incident response in the cloud --
Updating your IR process to include cloud --
References --
Summary --
Chapter 3: Understanding the Cybersecurity Kill Chain --
External reconnaissance --
Scanning --
NMap --
Metasploit --
John the Ripper --
THC Hydra --
Wireshark --
Aircrack-ng --
Nikto --
Kismet --
Cain and Abel --
Access and privilege escalation --
Vertical privilege escalation --
Horizontal privilege escalation --
Exfiltration --
Sustainment --
Assault --
Obfuscation --
Threat life cycle management --
References --
Summary --
Chapter 4: Reconnaissance --
External reconnaissance --
Dumpster diving --
Social media --
Social engineering --
Pretexting --
Diversion theft --
Phishing --
Phone phishing (vishing) --
Spear phishing --
Water holing --
Baiting --
Quid pro quo --
Tailgating --
Internal reconnaissance --
Sniffing and scanning --
Prismdump --
tcpdump --
NMap --
Wireshark --
Scanrand --
Cain and Abel --
Nessus --
Metasploit --
Aircrack-ng --
Wardriving --
Conclusion of the reconnaissance chapter --
References --
Summary --
Chapter 5: Compromising the System. Analyzing current trends --
Extortion attacks --
Data manipulation attacks --
IoT device attacks --
Backdoors --
Mobile device attacks --
Hacking everyday devices --
Hacking the cloud --
Phishing --
Exploiting a vulnerability --
Zero-day --
Fuzzing --
Source code analysis --
Types of zero-day exploits --
Buffer overflows --
Structured exception handler overwrites --
Performing the steps to compromise a system --
Deploying payloads --
Installing and using a vulnerability scanner --
Using Metasploit --
Compromising operating systems --
Compromising systems using Kon-Boot or Hiren's BootCD --
Compromising systems using a Linux Live CD --
Compromising systems using preinstalled applications --
Compromising systems using Ophcrack --
Compromising a remote system --
Compromising web-based systems --
SQL injection --
Cross-site scripting --
Broken authentication --
DDoS attacks --
References --
Summary --
Chapter 6: Chasing a User's Identity --
Identity is the new perimeter --
Strategies for compromising a user's identity --
Gaining access to the network --
Harvesting credentials --
Hacking a user's identity --
Brute force --
Social engineering --
Pass the hash --
Other methods to hack identity --
References --
Summary --
Chapter 7: Lateral Movement --
Infiltration --
Network mapping --
Avoiding alerts --
Performing lateral movement --
Port scans --
Sysinternals --
File shares --
Remote Desktop --
PowerShell --
Windows Management Instrumentation --
Scheduled tasks --
Token stealing --
Pass-the-hash --
Active Directory --
Remote Registry --
Breached host analysis --
Central administrator consoles --
Email pillaging --
References --
Summary --
Chapter 8: Privilege Escalation --
Infiltration --
Horizontal privilege escalation --
Vertical privilege escalation --
Avoiding alerts --
Performing privilege escalation --
Exploiting unpatched operating systems. Access token manipulation --
Exploiting accessibility features --
Application shimming --
Bypassing user account control --
DLL injection --
DLL search order hijacking --
Dylib hijacking --
Exploration of vulnerabilities --
Launch daemon --
Hands-on example of privilege escalation on a Windows 8 target --
Conclusion and lessons learned --
References --
Summary --
Chapter 9: Security Policy --
Reviewing your security policy --
Educating the end user --
Social media security guidelines for users --
Security awareness training --
Policy enforcement --
Application whitelisting --
Hardening --
Monitoring for compliance --
References --
Summary --
Chapter 10: Network Segmentation --
Defense in depth approach --
Infrastructure and services --
Documents in transit --
Endpoints --
Physical network segmentation --
Discovering your network --
Securing remote access to the network --
Site-to-site VPN --
Virtual network segmentation --
Hybrid cloud network security --
References --
Summary --
Chapter 11: Active Sensors --
Detection capabilities --
Indicators of compromise --
Intrusion detection systems --
Intrusion prevention system --
Rule-based detection --
Anomaly-based detection --
Behavior analytics on-premises --
Device placement --
Behavior analytics in a hybrid cloud --
Azure Security Center --
References --
Summary --
Chapter 12: Threat Intelligence --
Introduction to threat intelligence --
Open source tools for threat intelligence --
Microsoft threat intelligence --
Azure Security Center --
Leveraging threat intelligence to investigate suspicious activity --
References --
Summary --
Chapter 13: Investigating an Incident --
Scoping the issue --
Key artifacts --
Investigating a compromised system on-premises --
Investigating a compromised system in a hybrid cloud --
Search and you shall find it --
Lessons learned --
References --
Summary. Chapter 14: Recovery Process --
Disaster recovery plan --
The disaster recovery planning process --
Forming a disaster recovery team --
Performing risk assessment --
Prioritizing processes and operations --
Determining recovery strategies --
Collecting data --
Creating the disaster recovery plan --
Testing the plan --
Obtaining approval --
Maintaining the plan --
Challenges --
Live recovery --
Contingency planning --
IT contingency planning process --
Development of the contingency planning policy --
Conducting business impact analysis --
Identifying the critical IT resources --
Identifying disruption impacts --
Developing recovery priorities --
Identifying the preventive controls --
Developing recovery strategies --
Backups --
Alternative sites --
Equipment replacement --
Plan testing, training, and exercising --
Plan maintenance --
Best practices for recovery --
References --
Summary --
Chapter 15: Vulnerability Management --
Creating a vulnerability management strategy --
Asset inventory --
Information management --
Risk assessment --
Scope --
Collecting data --
Analysis of policies and procedures --
Vulnerability analysis --
Threat analysis --
Analysis of acceptable risks --
Vulnerability assessment --
Reporting and remediation tracking --
Response planning --
Vulnerability management tools --
Asset inventory tools --
Peregrine tools --
LANDesk Management Suite --
StillSecure --
Foundstone's Enterprise --
Information management tools --
Risk assessment tools --
Vulnerability assessment tools --
Reporting and remediation tracking tools --
Response planning tools --
Implementation of vulnerability management --
Best practices for vulnerability management --
Implementing vulnerability management with Nessus --
Flexera (Secunia) Personal Software Inspector --
Conclusion --
References --
Summary --
Chapter 16: Log Analysis --
Data correlation. Operating system logs --
Windows logs --
Linux logs --
Firewall logs --
Web server logs --
References --
Summary --
Other Books You May Enjoy --
Index.

Abstract:

With Cybercrime on a rise, Cybersecurity has become extremely vital to a large group of industries. Due to which, companies have started adopting the hard ways of preventing system breaches. This  Read more...

Reviews

User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...

Tags

All user tags (4)

View most popular tags as: tag list | tag cloud

Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.