| Description |
1 online resource (528 pages) |
| Contents |
Cover -- Title page -- Copyright and Credits -- Dedication -- Foreword -- Contributors -- Table of Contents -- Preface -- Section 1: Mastering Defensive Security Concepts -- Chapter 1: A Refresher on Defensive Security Concepts -- Technical requirements -- Deep dive into the core of cybersecurity -- The cybersecurity triad -- Types of attacks -- Managing cybersecurity's legendary pain point: Passwords -- Password breaches -- Social engineering attacks using compromised passwords -- Brute-force attacks -- Dictionary attacks -- Creating a secure password |
|
Managing passwords at the enterprise level -- Bonus track -- Mastering defense in depth -- Factors to consider when creating DiD models -- Asset identification -- Defense by layers -- Bonus track -- Comparing the blue and red teams -- Summary -- Further reading -- Chapter 2: Managing Threats, Vulnerabilities, and Risks -- Technical requirements -- Understanding cybersecurity vulnerabilities and threats -- Performing a vulnerability assessment -- The vulnerability assessment process -- When should you check for vulnerabilities? -- Types of vulnerabilities -- USB HID vulnerabilities |
|
Types of USB HID attacks -- A false sense of security -- Protecting against USB HID attacks -- Managing cybersecurity risks -- Risk identification -- Risk assessment -- Risk response -- Risk monitoring -- The NIST Cybersecurity Framework -- Identify -- Protect -- Detect -- Respond -- Recover -- Creating an effective Business Continuity Plan (BCP) -- Creating a Business Impact Analysis (BIA) -- Business Continuity Planning (BCP) -- Implementing a best-in-class DRP -- Creating a DRP -- Implementing the DRP -- Summary -- Further reading |
|
Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits -- Creating world-class cybersecurity policies and procedures -- Cybersecurity policies -- Cybersecurity procedures -- The CUDSE method -- Understanding and achieving compliance -- Types of regulations -- Achieving compliance -- Exploring, creating, and managing audits -- Internal cybersecurity audits -- External cybersecurity audits -- Data management during audits -- Types of cybersecurity audit -- What triggers an audit? -- Applying a CMM -- The goals of a CMM -- Characteristics of a good CMM -- The structure of a good CMM |
|
Analyzing the results -- Advantages of a CMM -- Summary -- Further reading -- Chapter 4: Patching Layer 8 -- Understanding layer 8 -- the insider threat -- The inadvertent user -- The malicious insider -- How do you spot a malicious insider? -- Protecting your infrastructure against malicious insiders -- Mastering the art of social engineering -- The social engineering cycle -- Social engineering techniques -- Types of social engineering attacks -- Defending against social engineering attacks (patching layer 8) -- Creating your training strategy -- Admin rights -- Implementing a strong BYOD policy |
| Note |
Performing random social engineering campaigns. |
| Summary |
An immersive learning experience enhanced with technical, hands-on labs to understand the concepts, methods, tools, platforms, and systems required to master the art of cybersecurity Key Features Get hold of the best defensive security strategies and tools Develop a defensive security strategy at an enterprise level Get hands-on with advanced cybersecurity threat detection, including XSS, SQL injections, brute forcing web applications, and more Book DescriptionEvery organization has its own data and digital assets that need to be protected against an ever-growing threat landscape that compromises the availability, integrity, and confidentiality of crucial data. Therefore, it is important to train professionals in the latest defensive security skills and tools to secure them. Mastering Defensive Security provides you with in-depth knowledge of the latest cybersecurity threats along with the best tools and techniques needed to keep your infrastructure secure. The book begins by establishing a strong foundation of cybersecurity concepts and advances to explore the latest security technologies such as Wireshark, Damn Vulnerable Web App (DVWA), Burp Suite, OpenVAS, and Nmap, hardware threats such as a weaponized Raspberry Pi, and hardening techniques for Unix, Windows, web applications, and cloud infrastructures. As you make progress through the chapters, you'll get to grips with several advanced techniques such as malware analysis, security automation, computer forensics, and vulnerability assessment, which will help you to leverage pentesting for security. By the end of this book, you'll have become familiar with creating your own defensive security tools using IoT devices and developed advanced defensive security skills. What you will learn Become well versed with concepts related to defensive security Discover strategies and tools to secure the most vulnerable factor - the user Get hands-on experience using and configuring the best security tools Understand how to apply hardening techniques in Windows and Unix environments Leverage malware analysis and forensics to enhance your security strategy Secure Internet of Things (IoT) implementations Enhance the security of web applications and cloud deployments Who this book is for This book is for all IT professionals who want to take their first steps into the world of defensive security; from system admins and programmers to data analysts and data scientists with an interest in security. Experienced cybersecurity professionals working on broadening their knowledge and keeping up to date with the latest defensive developments will also find plenty of useful information in this book. You'll need a basic understanding of networking, IT, servers, virtualization, and cloud platforms before you get started with this book. |
| Subject |
Computer security.
|
|
Information technology -- Security measures.
|
|
Computer Security |
|
Sécurité informatique. |
|
Technologie de l'information -- Sécurité -- Mesures. |
|
Computer security |
|
Information technology -- Security measures |
| Added Author |
Kitchen, Darren.
|
| Other Form: |
Print version: Bravo, Cesar. Mastering Defensive Security. Birmingham : Packt Publishing, Limited, ©2021 |
| ISBN |
1800206097 (electronic book) |
|
9781800206090 (electronic bk.) |
|
(paperback) |
|
More Resources