My Account Log in

2 options

Mastering defensive security : effective techniques to secure your Windows, Linux, IoT, and cloud infrastructure / Cesar Bravo, Darren Kitchen.

EBSCOhost Academic eBook Collection (North America) Available online

View online

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Bravo, Cesar, author.
Kitchen, Darren, author.
Language:
English
Subjects (All):
Computer security.
Information technology--Security measures.
Information technology.
Physical Description:
1 online resource (528 pages)
Place of Publication:
Birmingham, England ; Mumbai : Packt Publishing, [2021]
Biography/History:
Bravo Cesar: Cesar Bravo is a researcher who created and patented more than 100 inventions related to Cybersecurity in the US, Germany, China, and Japan. Cesar has been working with several universities across the world to teach Cybersecurity at all levels, including a Master Degree in Cybersecurity (in which he also served as thesis director). In recent years Cesar has become a recognized speaker (including a TEDx talk) with international presentations in countries like the UK, Germany, Mexico, the US, and Spain. His last book Mastering Defensive Security was translated into several languages and with thousands of copies sold around the world, it is widely recognized as a must-read book in cybersecurity.
Summary:
An immersive learning experience enhanced with technical, hands-on labs to understand the concepts, methods, tools, platforms, and systems required to master the art of cybersecurity Key Features Get hold of the best defensive security strategies and tools Develop a defensive security strategy at an enterprise level Get hands-on with advanced cybersecurity threat detection, including XSS, SQL injections, brute forcing web applications, and more Book DescriptionEvery organization has its own data and digital assets that need to be protected against an ever-growing threat landscape that compromises the availability, integrity, and confidentiality of crucial data. Therefore, it is important to train professionals in the latest defensive security skills and tools to secure them. Mastering Defensive Security provides you with in-depth knowledge of the latest cybersecurity threats along with the best tools and techniques needed to keep your infrastructure secure. The book begins by establishing a strong foundation of cybersecurity concepts and advances to explore the latest security technologies such as Wireshark, Damn Vulnerable Web App (DVWA), Burp Suite, OpenVAS, and Nmap, hardware threats such as a weaponized Raspberry Pi, and hardening techniques for Unix, Windows, web applications, and cloud infrastructures. As you make progress through the chapters, you'll get to grips with several advanced techniques such as malware analysis, security automation, computer forensics, and vulnerability assessment, which will help you to leverage pentesting for security. By the end of this book, you'll have become familiar with creating your own defensive security tools using IoT devices and developed advanced defensive security skills. What you will learn Become well versed with concepts related to defensive security Discover strategies and tools to secure the most vulnerable factor – the user Get hands-on experience using and configuring the best security tools Understand how to apply hardening techniques in Windows and Unix environments Leverage malware analysis and forensics to enhance your security strategy Secure Internet of Things (IoT) implementations Enhance the security of web applications and cloud deployments Who this book is for This book is for all IT professionals who want to take their first steps into the world of defensive security; from system admins and programmers to data analysts and data scientists with an interest in security. Experienced cybersecurity professionals working on broadening their knowledge and keeping up to date with the latest defensive developments will also find plenty of useful information in this book. You’ll need a basic understanding of networking, IT, servers, virtualization, and cloud platforms before you get started with this book.
Contents:
Cover
Title page
Copyright and Credits
Dedication
Foreword
Contributors
Table of Contents
Preface
Section 1: Mastering Defensive Security Concepts
Chapter 1: A Refresher on Defensive Security Concepts
Technical requirements
Deep dive into the core of cybersecurity
The cybersecurity triad
Types of attacks
Managing cybersecurity's legendary pain point: Passwords
Password breaches
Social engineering attacks using compromised passwords
Brute-force attacks
Dictionary attacks
Creating a secure password
Managing passwords at the enterprise level
Bonus track
Mastering defense in depth
Factors to consider when creating DiD models
Asset identification
Defense by layers
Comparing the blue and red teams
Summary
Further reading
Chapter 2: Managing Threats, Vulnerabilities, and Risks
Understanding cybersecurity vulnerabilities and threats
Performing a vulnerability assessment
The vulnerability assessment process
When should you check for vulnerabilities?
Types of vulnerabilities
USB HID vulnerabilities
Types of USB HID attacks
A false sense of security
Protecting against USB HID attacks
Managing cybersecurity risks
Risk identification
Risk assessment
Risk response
Risk monitoring
The NIST Cybersecurity Framework
Identify
Protect
Detect
Respond
Recover
Creating an effective Business Continuity Plan (BCP)
Creating a Business Impact Analysis (BIA)
Business Continuity Planning (BCP)
Implementing a best-in-class DRP
Creating a DRP
Implementing the DRP
Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits
Creating world-class cybersecurity policies and procedures
Cybersecurity policies.
Cybersecurity procedures
The CUDSE method
Understanding and achieving compliance
Types of regulations
Achieving compliance
Exploring, creating, and managing audits
Internal cybersecurity audits
External cybersecurity audits
Data management during audits
Types of cybersecurity audit
What triggers an audit?
Applying a CMM
The goals of a CMM
Characteristics of a good CMM
The structure of a good CMM
Analyzing the results
Advantages of a CMM
Chapter 4: Patching Layer 8
Understanding layer 8 - the insider threat
The inadvertent user
The malicious insider
How do you spot a malicious insider?
Protecting your infrastructure against malicious insiders
Mastering the art of social engineering
The social engineering cycle
Social engineering techniques
Types of social engineering attacks
Defending against social engineering attacks (patching layer 8)
Creating your training strategy
Admin rights
Implementing a strong BYOD policy
Performing random social engineering campaigns
Chapter 5: Cybersecurity Technologies and Tools
Advanced wireless tools for cybersecurity
Defending from wireless attacks
Pentesting tools and methods
Metasploit framework
Social engineering toolkit
exe2hex
Applying forensics tools and methods
Dealing with evidence
Forensic tools
Recovering deleted files
Dealing with APTs
Defensive techniques
Leveraging security threat intelligence
Threat intelligence 101
Implementing threat intelligence
Converting a threat into a solution
The problem
The solution
Section 2: Applying Defensive Security
Chapter 6: Securing Windows Infrastructures
Technical requirements.
Applying Windows hardening
Hardening by the infrastructure team
Creating a hardening checklist
Creating a patching strategy
The complexity of patching
Distribution of tasks (patching roles and assignments)
Distribution and deployment of patches
Types of patches
Applying security to AD
Secure administrative hosts
Windows Server Security documentation
Mastering endpoint security
Windows updates
Why move to Windows 10?
Physical security
Antivirus solutions
Windows Defender Firewall
Application control
URL filtering
Spam filtering
Client-facing systems
Backups
Users
Securing the data
Leveraging encryption
Configuring BitLocker
Chapter 7: Hardening a Unix Server
Securing Unix services
Defining the purpose of the server
Secure startup configuration
Managing services
Applying secure file permissions
Understanding ownership and permissions
Default permissions
Permissions in directories (folders)
Changing default permissions with umask
Permissions hierarchy
Comparing directory permissions
Changing permissions and ownership of a single file
Useful commands to search for unwanted permissions
Enhancing the protection of the server by improving your access controls
Viewing ACLs
Managing ACLs
Default ACL on directories
Removing ACLs
Enhanced access controls
Configuring host-based firewalls
Understanding iptables
Configuring iptables
SSH brute-force protection with iptables
Protecting from port scanning with iptables
Advanced management of logs
Leveraging the logs
Chapter 8: Enhancing Your Network Defensive Skills
Using the master tool of network mapping - Nmap
Phases of a cyber attack
Nmap
Nmap scripts.
Improving the protection of wireless networks
Wireless network vulnerabilities
User's safety guide for wireless networks
Introducing Wireshark
Finding users using insecure protocols
FTP, HTTP, and other unencrypted traffic
Wireshark for defensive security
Working with IPS/IDS
What is an IDS?
What is an IPS?
Free IDS/IPS
IPS versus IDS
Chapter 9: Deep Diving into Physical Security
Understanding physical security and associated threats
The powerful LAN Turtle
The stealthy Plunder Bug LAN Tap
The dangerous Packet Squirrel
The portable Shark Jack
The amazing Screen Crab
The advanced Key Croc
USB threats
Equipment theft
Environmental risks
Physical security mechanisms
Mastering physical security
Clean desk policy
Physical security audits
Chapter 10: Applying IoT Security
Understanding the Internet of Things
The risks
The vulnerabilities
Understanding IoT networking technologies
LoRaWAN
Zigbee
Sigfox
Bluetooth
Security considerations
Improving IoT security
Creating cybersecurity hardware using IoT-enabled devices
Raspberry Pi firewall and intrusion detection system
Defensive security systems for industrial control systems (SCADA)
Secure USB-to-USB copy machine
Creating a 10 honeypot
Advanced monitoring of web apps and networks
Creating an internet ad blocker
Access control and physical security systems
Bonus track - Understanding the danger of unauthorized IoT devices
Detecting unauthorized IoT devices
Detecting a Raspberry Pi
Disabling rogue Raspberry Pi devices
Chapter 11: Secure Development and Deployment on the Cloud
Secure deployment and implementation of cloud applications.
Security by cloud models
Data security in the cloud
Securing Kubernetes and APIs
Cloud-native security
Controlling access to the Kubernetes API
Controlling access to kubelet
Preventing containers from loading unwanted kernel modules
Restricting access to etcd
Avoiding the use of alpha or beta features in production
Third-party integrations
Hardening database services
Testing your cloud security
Azure Security Center
Amazon CloudWatch
AppDynamics
Nessus vulnerability scanner
InsightVM
Intruder
Chapter 12: Mastering Web App Security
Gathering intelligence about your site/web application
Importance of public data gathering
Open Source Intelligence
Hosting information
Checking data exposure with Google hacking (dorks)
Leveraging DVWA
Installing DVWA on Kali Linux
Overviewing the most common attacks on web applications
Exploring XSS attacks
Using Burp Suite
Burp Suite versions
Setting up Burp Suite on Kali
SQL injection attack on DVWA
Fixing a common error
Brute forcing web applications' passwords
Section 3: Deep Dive into Defensive Security
Chapter 13: Vulnerability Assessment Tools
Dealing with vulnerabilities
Who should be looking for vulnerabilities?
Bug bounty programs
Internal vulnerabilities
Vulnerability testing tools
Using a vulnerability assessment scanner (OpenVAS)
Authenticated tests
Installing OpenVAS
Using OpenVAS
Updating your feeds
Overview of Nexpose Community
Chapter 14: Malware Analysis
Why should I analyze malware?
Malware functionality
Malware objectives
Malware connections.
Malware backdoors.
Notes:
Performing random social engineering campaigns.
Includes bibliographical references and index.
Description based on print version record.
ISBN:
1-80020-609-7
OCLC:
1283849360

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account