eBook - ePub

Cybersecurity – Attack and Defense Strategies

Name: Cybersecurity – Attack and Defense Strategies
Author: Yuri Diogenes, Dr. Erdal Ozkaya

Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition

Yuri Diogenes, Dr. Erdal Ozkaya

Share book

634 pages
English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Cybersecurity – Attack and Defense Strategies

Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition

Yuri Diogenes, Dr. Erdal Ozkaya

Book details

Book preview

Table of contents

Citations

About This Book

Updated and revised edition of the bestselling guide to developing defense strategies against the latest threats to cybersecurity

Key Features

Covers the latest security threats and defense strategies for 2020
Introduces techniques and skillsets required to conduct threat hunting and deal with a system breach
Provides new information on Cloud Security Posture Management, Microsoft Azure Threat Protection, Zero Trust Network strategies, Nation State attacks, the use of Azure Sentinel as a cloud-based SIEM for logging and investigation, and much more

Book Description

Cybersecurity – Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining.

Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack – the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user's identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system.

This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.

What you will learn

The importance of having a solid foundation for your security posture
Use cyber security kill chain to understand the attack strategy
Boost your organization's cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
Utilize the latest defense tools, including Azure Sentinel and Zero Trust Network strategy
Identify different types of cyberattacks, such as SQL injection, malware and social engineering threats such as phishing emails
Perform an incident investigation using Azure Security Center and Azure Sentinel
Get an in-depth understanding of the disaster recovery process
Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
Learn how to perform log analysis using the cloud to identify suspicious activities, including logs from Amazon Web Services and Azure

Who this book is for

For the IT professional venturing into the IT security domain, IT pentesters, security consultants, or those looking to perform ethical hacking. Prior knowledge of penetration testing is beneficial.

Frequently asked questions

How do I cancel my subscription?

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

Can/how do I download books?

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

What is the difference between the pricing plans?

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

What is Perlego?

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Do you support text-to-speech?

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Is Cybersecurity – Attack and Defense Strategies an online PDF/ePUB?

Yes, you can access Cybersecurity – Attack and Defense Strategies by Yuri Diogenes, Dr. Erdal Ozkaya in PDF and/or ePUB format, as well as other popular books in Informatique & Cybersécurité. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Packt Publishing

Year

2019

ISBN

9781838822217

Edition

Topic

Informatique

Subtopic

Cybersécurité

Symbols

0xsp Mongoose v1.7

about 347

download link 347, 349

tasks 347, 348

used, for launching Privilege Escalation attack 349, 350, 352, 356

used, for launching Privilege Escalation attack 351, 354, 355

Azure Sentinel

AWS logs, accessing from 586, 587

/etc/passwd file

using 334

Abel 131

accessibility features

exploiting 313

access token

manipulating 311, 312

Active Directory (AD)

about 277

Acunetix

about 556, 557

used, for performing online vulnerability scan 557, 558, 559, 560, 561, 562, 563, 564, 565

admin shares

about 279

advanced persistent threats (APTs) 50

Advanced Threat Analytics (ATA) 435

Advanced Threat Protection (ATP) 442

Aircrack-ng

about 74, 75, 134

download link 125

Airgeddon 78, 79

Airgraph-ng

about 124, 125

alerts

avoiding 254, 306, 307

AlienVault USM Anywhere

reference link 453

alternate data streams (ADS) 255

alternative sites, recovery strategies

cold sites 508

hot sites 508

mirrored sites 508

mobile sites 508

warm sites 508

Amazon Web Services (AWS) 584

Ammyy Admi 274

Androguard

about 213

download link 213

Android

rooting 332

Android Intent Hijacking 247

anomaly-based detection 433

apache-scalp tool

download link 584

Apache servers

hacking 149, 150

Apple OS

application whitelisting 385

AppleScript 276

application deployment 274

applications (apps)

about 6, 7

company-owned versus personal apps 6

data 8

security apps 6

security challenge 6

application shimming 314, 315, 316, 317, 318

application whitelisting

reference link 384

AppLocker

documentation link 385

ArcSight Enterprise Security Manager (ESM) 537

ARGOS 414

ARP spoofing 275, 276

aspects, for aggregating resources

business objectives 405

level of sensitivity 405

location 405

security zones 405

assault

about 58, 59

asset inventory tools

about 533

Foundstone's Enterprise 535

LANDesk Management Suite 534

peregrine tools 533

StillSecure 534

Automated Indicator Sharing 457

AWS logs

about 584, 585, 586

accessing, from Azure Sentinel 586, 587

Azure Active Directory (Azure AD) 416

Azure Activity Logs

about 587, 588

accessing, from Azure Sentinel 588, 589, ...