2 options
Mastering defensive security : effective techniques to secure your Windows, Linux, IoT, and cloud infrastructure / Cesar Bravo, Darren Kitchen.
- Format:
- Book
- Author/Creator:
- Bravo, Cesar, author.
- Kitchen, Darren, author.
- Language:
- English
- Subjects (All):
- Computer security.
- Information technology--Security measures.
- Information technology.
- Physical Description:
- 1 online resource (528 pages)
- Place of Publication:
- Birmingham, England ; Mumbai : Packt Publishing, [2021]
- Biography/History:
- Bravo Cesar: Cesar Bravo is a researcher who created and patented more than 100 inventions related to Cybersecurity in the US, Germany, China, and Japan. Cesar has been working with several universities across the world to teach Cybersecurity at all levels, including a Master Degree in Cybersecurity (in which he also served as thesis director). In recent years Cesar has become a recognized speaker (including a TEDx talk) with international presentations in countries like the UK, Germany, Mexico, the US, and Spain. His last book Mastering Defensive Security was translated into several languages and with thousands of copies sold around the world, it is widely recognized as a must-read book in cybersecurity.
- Summary:
- An immersive learning experience enhanced with technical, hands-on labs to understand the concepts, methods, tools, platforms, and systems required to master the art of cybersecurity Key Features Get hold of the best defensive security strategies and tools Develop a defensive security strategy at an enterprise level Get hands-on with advanced cybersecurity threat detection, including XSS, SQL injections, brute forcing web applications, and more Book DescriptionEvery organization has its own data and digital assets that need to be protected against an ever-growing threat landscape that compromises the availability, integrity, and confidentiality of crucial data. Therefore, it is important to train professionals in the latest defensive security skills and tools to secure them. Mastering Defensive Security provides you with in-depth knowledge of the latest cybersecurity threats along with the best tools and techniques needed to keep your infrastructure secure. The book begins by establishing a strong foundation of cybersecurity concepts and advances to explore the latest security technologies such as Wireshark, Damn Vulnerable Web App (DVWA), Burp Suite, OpenVAS, and Nmap, hardware threats such as a weaponized Raspberry Pi, and hardening techniques for Unix, Windows, web applications, and cloud infrastructures. As you make progress through the chapters, you'll get to grips with several advanced techniques such as malware analysis, security automation, computer forensics, and vulnerability assessment, which will help you to leverage pentesting for security. By the end of this book, you'll have become familiar with creating your own defensive security tools using IoT devices and developed advanced defensive security skills. What you will learn Become well versed with concepts related to defensive security Discover strategies and tools to secure the most vulnerable factor – the user Get hands-on experience using and configuring the best security tools Understand how to apply hardening techniques in Windows and Unix environments Leverage malware analysis and forensics to enhance your security strategy Secure Internet of Things (IoT) implementations Enhance the security of web applications and cloud deployments Who this book is for This book is for all IT professionals who want to take their first steps into the world of defensive security; from system admins and programmers to data analysts and data scientists with an interest in security. Experienced cybersecurity professionals working on broadening their knowledge and keeping up to date with the latest defensive developments will also find plenty of useful information in this book. You’ll need a basic understanding of networking, IT, servers, virtualization, and cloud platforms before you get started with this book.
- Contents:
- Cover
- Title page
- Copyright and Credits
- Dedication
- Foreword
- Contributors
- Table of Contents
- Preface
- Section 1: Mastering Defensive Security Concepts
- Chapter 1: A Refresher on Defensive Security Concepts
- Technical requirements
- Deep dive into the core of cybersecurity
- The cybersecurity triad
- Types of attacks
- Managing cybersecurity's legendary pain point: Passwords
- Password breaches
- Social engineering attacks using compromised passwords
- Brute-force attacks
- Dictionary attacks
- Creating a secure password
- Managing passwords at the enterprise level
- Bonus track
- Mastering defense in depth
- Factors to consider when creating DiD models
- Asset identification
- Defense by layers
- Comparing the blue and red teams
- Summary
- Further reading
- Chapter 2: Managing Threats, Vulnerabilities, and Risks
- Understanding cybersecurity vulnerabilities and threats
- Performing a vulnerability assessment
- The vulnerability assessment process
- When should you check for vulnerabilities?
- Types of vulnerabilities
- USB HID vulnerabilities
- Types of USB HID attacks
- A false sense of security
- Protecting against USB HID attacks
- Managing cybersecurity risks
- Risk identification
- Risk assessment
- Risk response
- Risk monitoring
- The NIST Cybersecurity Framework
- Identify
- Protect
- Detect
- Respond
- Recover
- Creating an effective Business Continuity Plan (BCP)
- Creating a Business Impact Analysis (BIA)
- Business Continuity Planning (BCP)
- Implementing a best-in-class DRP
- Creating a DRP
- Implementing the DRP
- Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits
- Creating world-class cybersecurity policies and procedures
- Cybersecurity policies.
- Cybersecurity procedures
- The CUDSE method
- Understanding and achieving compliance
- Types of regulations
- Achieving compliance
- Exploring, creating, and managing audits
- Internal cybersecurity audits
- External cybersecurity audits
- Data management during audits
- Types of cybersecurity audit
- What triggers an audit?
- Applying a CMM
- The goals of a CMM
- Characteristics of a good CMM
- The structure of a good CMM
- Analyzing the results
- Advantages of a CMM
- Chapter 4: Patching Layer 8
- Understanding layer 8 - the insider threat
- The inadvertent user
- The malicious insider
- How do you spot a malicious insider?
- Protecting your infrastructure against malicious insiders
- Mastering the art of social engineering
- The social engineering cycle
- Social engineering techniques
- Types of social engineering attacks
- Defending against social engineering attacks (patching layer 8)
- Creating your training strategy
- Admin rights
- Implementing a strong BYOD policy
- Performing random social engineering campaigns
- Chapter 5: Cybersecurity Technologies and Tools
- Advanced wireless tools for cybersecurity
- Defending from wireless attacks
- Pentesting tools and methods
- Metasploit framework
- Social engineering toolkit
- exe2hex
- Applying forensics tools and methods
- Dealing with evidence
- Forensic tools
- Recovering deleted files
- Dealing with APTs
- Defensive techniques
- Leveraging security threat intelligence
- Threat intelligence 101
- Implementing threat intelligence
- Converting a threat into a solution
- The problem
- The solution
- Section 2: Applying Defensive Security
- Chapter 6: Securing Windows Infrastructures
- Technical requirements.
- Applying Windows hardening
- Hardening by the infrastructure team
- Creating a hardening checklist
- Creating a patching strategy
- The complexity of patching
- Distribution of tasks (patching roles and assignments)
- Distribution and deployment of patches
- Types of patches
- Applying security to AD
- Secure administrative hosts
- Windows Server Security documentation
- Mastering endpoint security
- Windows updates
- Why move to Windows 10?
- Physical security
- Antivirus solutions
- Windows Defender Firewall
- Application control
- URL filtering
- Spam filtering
- Client-facing systems
- Backups
- Users
- Securing the data
- Leveraging encryption
- Configuring BitLocker
- Chapter 7: Hardening a Unix Server
- Securing Unix services
- Defining the purpose of the server
- Secure startup configuration
- Managing services
- Applying secure file permissions
- Understanding ownership and permissions
- Default permissions
- Permissions in directories (folders)
- Changing default permissions with umask
- Permissions hierarchy
- Comparing directory permissions
- Changing permissions and ownership of a single file
- Useful commands to search for unwanted permissions
- Enhancing the protection of the server by improving your access controls
- Viewing ACLs
- Managing ACLs
- Default ACL on directories
- Removing ACLs
- Enhanced access controls
- Configuring host-based firewalls
- Understanding iptables
- Configuring iptables
- SSH brute-force protection with iptables
- Protecting from port scanning with iptables
- Advanced management of logs
- Leveraging the logs
- Chapter 8: Enhancing Your Network Defensive Skills
- Using the master tool of network mapping - Nmap
- Phases of a cyber attack
- Nmap
- Nmap scripts.
- Improving the protection of wireless networks
- Wireless network vulnerabilities
- User's safety guide for wireless networks
- Introducing Wireshark
- Finding users using insecure protocols
- FTP, HTTP, and other unencrypted traffic
- Wireshark for defensive security
- Working with IPS/IDS
- What is an IDS?
- What is an IPS?
- Free IDS/IPS
- IPS versus IDS
- Chapter 9: Deep Diving into Physical Security
- Understanding physical security and associated threats
- The powerful LAN Turtle
- The stealthy Plunder Bug LAN Tap
- The dangerous Packet Squirrel
- The portable Shark Jack
- The amazing Screen Crab
- The advanced Key Croc
- USB threats
- Equipment theft
- Environmental risks
- Physical security mechanisms
- Mastering physical security
- Clean desk policy
- Physical security audits
- Chapter 10: Applying IoT Security
- Understanding the Internet of Things
- The risks
- The vulnerabilities
- Understanding IoT networking technologies
- LoRaWAN
- Zigbee
- Sigfox
- Bluetooth
- Security considerations
- Improving IoT security
- Creating cybersecurity hardware using IoT-enabled devices
- Raspberry Pi firewall and intrusion detection system
- Defensive security systems for industrial control systems (SCADA)
- Secure USB-to-USB copy machine
- Creating a 10 honeypot
- Advanced monitoring of web apps and networks
- Creating an internet ad blocker
- Access control and physical security systems
- Bonus track - Understanding the danger of unauthorized IoT devices
- Detecting unauthorized IoT devices
- Detecting a Raspberry Pi
- Disabling rogue Raspberry Pi devices
- Chapter 11: Secure Development and Deployment on the Cloud
- Secure deployment and implementation of cloud applications.
- Security by cloud models
- Data security in the cloud
- Securing Kubernetes and APIs
- Cloud-native security
- Controlling access to the Kubernetes API
- Controlling access to kubelet
- Preventing containers from loading unwanted kernel modules
- Restricting access to etcd
- Avoiding the use of alpha or beta features in production
- Third-party integrations
- Hardening database services
- Testing your cloud security
- Azure Security Center
- Amazon CloudWatch
- AppDynamics
- Nessus vulnerability scanner
- InsightVM
- Intruder
- Chapter 12: Mastering Web App Security
- Gathering intelligence about your site/web application
- Importance of public data gathering
- Open Source Intelligence
- Hosting information
- Checking data exposure with Google hacking (dorks)
- Leveraging DVWA
- Installing DVWA on Kali Linux
- Overviewing the most common attacks on web applications
- Exploring XSS attacks
- Using Burp Suite
- Burp Suite versions
- Setting up Burp Suite on Kali
- SQL injection attack on DVWA
- Fixing a common error
- Brute forcing web applications' passwords
- Section 3: Deep Dive into Defensive Security
- Chapter 13: Vulnerability Assessment Tools
- Dealing with vulnerabilities
- Who should be looking for vulnerabilities?
- Bug bounty programs
- Internal vulnerabilities
- Vulnerability testing tools
- Using a vulnerability assessment scanner (OpenVAS)
- Authenticated tests
- Installing OpenVAS
- Using OpenVAS
- Updating your feeds
- Overview of Nexpose Community
- Chapter 14: Malware Analysis
- Why should I analyze malware?
- Malware functionality
- Malware objectives
- Malware connections.
- Malware backdoors.
- Notes:
- Performing random social engineering campaigns.
- Includes bibliographical references and index.
- Description based on print version record.
- ISBN:
- 1-80020-609-7
- OCLC:
- 1283849360
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.