Sign In Start Free Trial

Book Overview & Buying
Table Of Contents
Feedback & Rating

Cybersecurity - Attack and Defense Strategies

By : Yuri Diogenes, Dr. Erdal Ozkaya

4.7 (33)

Cybersecurity - Attack and Defense Strategies

4.7 (33)

By: Yuri Diogenes, Dr. Erdal Ozkaya

Overview of this book

The book will start talking about the security posture before moving to Red Team tactics, where you will learn the basic syntax for the Windows and Linux tools that are commonly used to perform the necessary operations. You will also gain hands-on experience of using new Red Team techniques with powerful tools such as python and PowerShell, which will enable you to discover vulnerabilities in your system and how to exploit them. Moving on, you will learn how a system is usually compromised by adversaries, and how they hack user's identity, and the various tools used by the Red Team to find vulnerabilities in a system. In the next section, you will learn about the defense strategies followed by the Blue Team to enhance the overall security of a system. You will also learn about an in-depth strategy to ensure that there are security controls in each network layer, and how you can carry out the recovery process of a compromised system. Finally, you will learn how to create a vulnerability management strategy and the different techniques for manual log analysis.

Preface

Preface

Who this book is for

What this book covers

To get the most out of this book

Get in touch

Free Chapter

Security Posture

Security Posture

The current threat landscape

Cybersecurity challenges

Enhancing your security posture

The Red and Blue Team

References

Summary

Incident Response Process

Incident Response Process

Incident response process

Handling an incident

Post-incident activity

Incident response in the cloud

References

Summary

Understanding the Cybersecurity Kill Chain

Understanding the Cybersecurity Kill Chain

External reconnaissance

Access and privilege escalation

Exfiltration

Sustainment

Assault

Obfuscation

Threat life cycle management

References

Summary

Reconnaissance

Reconnaissance

External reconnaissance

Internal reconnaissance

Conclusion of the reconnaissance chapter

References

Summary

Compromising the System

Compromising the System

Analyzing current trends

Phishing

Exploiting a vulnerability

Zero-day

Performing the steps to compromise a system

References

Summary

Chasing a User's Identity

Chasing a User's Identity

Identity is the new perimeter

Strategies for compromising a user's identity

Hacking a user's identity

References

Summary

Lateral Movement

Lateral Movement

Infiltration

Performing lateral movement

References

Summary

Privilege Escalation

Privilege Escalation

Infiltration

Avoiding alerts

Performing privilege escalation

Conclusion and lessons learned

References

Summary

Security Policy

Security Policy

Reviewing your security policy

Educating the end user

Policy enforcement

Monitoring for compliance

References

Summary

Network Segmentation

Network Segmentation

Defense in depth approach

Physical network segmentation

Securing remote access to the network

Virtual network segmentation

Hybrid cloud network security

References

Summary

Active Sensors

Active Sensors

Detection capabilities

Intrusion detection systems

Intrusion prevention system

Behavior analytics on-premises

Behavior analytics in a hybrid cloud

References

Summary

Threat Intelligence

Threat Intelligence

Introduction to threat intelligence

Open source tools for threat intelligence

Microsoft threat intelligence

Leveraging threat intelligence to investigate suspicious activity

References

Summary

Investigating an Incident

Investigating an Incident

Scoping the issue

Investigating a compromised system on-premises

Investigating a compromised system in a hybrid cloud

Lessons learned

References

Summary

Recovery Process

Recovery Process

Disaster recovery plan

Live recovery

Contingency planning

Best practices for recovery

References

Summary

Vulnerability Management

Vulnerability Management

Creating a vulnerability management strategy

Implementation of vulnerability management

Best practices for vulnerability management

Implementing vulnerability management with Nessus

Flexera (Secunia) Personal Software Inspector

Conclusion

References

Summary

Log Analysis

Log Analysis

Data correlation

Operating system logs

Firewall logs

Web server logs

References

Summary

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

4.7 (33)

5 star

81.8%

4 star

12.1%

3 star

0%

2 star

3%

1 star

3%

Implementation of vulnerability management

The implementation of vulnerability management follows the stipulated strategy. The implementation starts with the creation of an asset inventory. This serves as a register of all the hosts in a network and also of the software contained in them. At this stage, an organization has to give a certain IT staff member the task of keeping this inventory updated. The asset inventory at the very least should show the hardware and software assets owned by an organization and their relevant license details. As an optional addition, the inventory should also show the vulnerabilities present in any of these assets. An up-to-date register will come in handy when the organization has to respond to vulnerabilities with fixes to all its assets. The aforementioned tools can properly handle the tasks that are to be carried out at this stage.

After the...

Visually different images

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Cybersecurity - Attack and Defense Strategies

Search

Your notes and bookmarks