Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cybersecurity – Attack and Defense Strategies, 3rd edition
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cybersecurity – Attack and Defense Strategies, 3rd edition

Cybersecurity – Attack and Defense Strategies, 3rd edition

By : Yuri Diogenes, Dr. Erdal Ozkaya
4.9 (42)
Buy this Book
close
close
Cybersecurity – Attack and Defense Strategies, 3rd edition

Cybersecurity – Attack and Defense Strategies, 3rd edition

4.9 (42)
By: Yuri Diogenes, Dr. Erdal Ozkaya
Buy this Book

Overview of this book

Cybersecurity – Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture. In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations. You will also learn how to apply newer Red Team techniques with powerful tools. Simultaneously, Blue Team tactics are introduced to help you defend your system from complex cyber-attacks. This book provides a clear, in-depth understanding of attack/defense methods as well as patterns to recognize irregular behavior within your organization. Finally, you will learn how to analyze your network and address malware, while becoming familiar with mitigation and threat detection techniques. By the end of this cybersecurity book, you will have discovered the latest tools to enhance the security of your system, learned about the security controls you need, and understood how to carry out each step of the incident response process.
Table of Contents (20 chapters)
close
close
close
Preface
chevron up
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Security Posture
Security Posture
Why security hygiene should be your number one priority
The current threat landscape
Cybersecurity challenges
Enhancing your security posture
The Red and Blue Teams
Summary
References
Free Chapter
2
Incident Response Process
Incident Response Process
The incident response process
Handling an incident
Post-incident activity
Considerations for incident response in the cloud
Summary
References
3
What is a Cyber Strategy?
What is a Cyber Strategy?
How to build a cyber strategy
Why do we need to build a cyber strategy?
Best cyber attack strategies
Best cyber defense strategies
Benefits of having a proactive cybersecurity strategy
Top cybersecurity strategies for businesses
Conclusion
Further reading
4
Understanding the Cybersecurity Kill Chain
Understanding the Cybersecurity Kill Chain
Understanding the Cyber Kill Chain
Security controls used to stop the Cyber Kill Chain
Threat life cycle management
Concerns about the Cybersecurity Kill Chain
How the Cyber Kill Chain has evolved
Tools used during the Cyber Kill Chain
Comodo AEP via Dragon Platform
Summary
Further reading
References
5
Reconnaissance
Reconnaissance
External reconnaissance
Internal reconnaissance
Tools used for reconnaissance
Passive vs. active reconnaissance
How to combat reconnaissance
How to prevent reconnaissance
Summary
References
6
Compromising the System
Compromising the System
Analyzing current trends
Performing the steps to compromise a system
Mobile phone (iOS/Android) attacks
Summary
Further reading
References
7
Chasing a User’s Identity
Chasing a User’s Identity
Identity is the new perimeter
Strategies for compromising a user’s identity
Summary
References
8
Lateral Movement
Lateral Movement
Infiltration
Network mapping
Performing lateral movement
Summary
Further reading
References
9
Privilege Escalation
Privilege Escalation
Infiltration
Summary
References
10
Security Policy
Security Policy
Reviewing your security policy
Educating the end user
Policy enforcement
Monitoring for compliance
Continuously driving security posture enhancement via security policy
Summary
References
11
Network Security
Network Security
The defense-in-depth approach
Physical network segmentation
Securing remote access to the network
Virtual network segmentation
Zero trust network
Hybrid cloud network security
Summary
References
12
Active Sensors
Active Sensors
Detection capabilities
Intrusion detection systems
Intrusion prevention system
Behavior analytics on-premises
Behavior analytics in a hybrid cloud
Summary
References
13
Threat Intelligence
Threat Intelligence
Introduction to threat intelligence
Open-source tools for threat intelligence
Microsoft threat intelligence
Summary
References
14
Investigating an Incident
Investigating an Incident
Scoping the issue
Investigating a compromised system on-premises
Investigating a compromised system in a hybrid cloud
Proactive investigation (threat hunting)
Lessons learned
Summary
References
15
Recovery Process
Recovery Process
Disaster recovery plan
Live recovery
Contingency planning
Business continuity plan
Best practices for disaster recovery
Summary
Further reading
References
16
Vulnerability Management
Vulnerability Management
Creating a vulnerability management strategy
Elements of a vulnerability strategy
Differences between vulnerability management and vulnerability assessment
Best practices for vulnerability management
Vulnerability management tools
Conclusion
Summary
Further reading
References
17
Log Analysis
Log Analysis
Data correlation
Operating system logs
Firewall logs
Web server logs
Amazon Web Services (AWS) logs
Azure Activity logs
Google Cloud Platform Logs
Summary
References
18
Other Books You May Enjoy
Other Books You May Enjoy
19
Index
Index

What this book covers

Chapter 1, Security Posture, defines what constitutes a good security posture and explores the importance of having a good defense and attack strategy.

Chapter 2, Incident Response Process, introduces the incident response process and the importance of establishing a consistent plan. It covers different industry standards and best practices for handling incident response.

Chapter 3, What is a Cyber Strategy?, explains what a cyber strategy is, why it’s needed, and how an effective enterprise cyber strategy can be built.

Chapter 4, Understanding the Cybersecurity Kill Chain, prepares the reader to understand the mindset of an attacker, the different stages of an attack, and what usually takes place in each one of these stages.

Chapter 5, Reconnaissance, covers the different strategies to perform reconnaissance, showing how data is gathered to obtain information about the target and how this information is taken into consideration to plan an attack.

Chapter 6, Compromising the System, shows current trends in strategies to compromise a system, and explains some techniques to exploit vulnerabilities in a system.

Chapter 7, Chasing a User’s Identity, explains the importance of protecting the user’s identity to avoid credential theft, and covers the main strategies used to compromise a user’s identity, all with the intent to improve your identity protection.

Chapter 8, Lateral Movement, describes how attackers perform lateral movement operations once they gain access to the system.

Chapter 9, Privilege Escalation, shows how attackers can escalate privileges in order to gain administrative access to a system.

Chapter 10, Security Policy, focuses on the different aspects of the initial defense strategy, which starts with the importance of establishing guardrails in the beginning of the deployment pipeline and goes over best practices, security awareness training, and key security controls.

Chapter 11, Network Segmentation, looks into different aspects of defense in depth, covering physical network segmentation as well as the virtual and hybrid cloud.

Chapter 12, Active Sensors, explains the importance of having network sensors that can alert about threats based on patterns and behavior. It also covers the different types of network sensors and demonstrates some use case scenarios.

Chapter 13, Threat Intelligence, discusses different aspects of threat intelligence, both from the community and from major vendors.

Chapter 14, Investigating an Incident, goes over the steps to investigate an incident, explores the differences of investigating an on-premises incident versus a cloud-based incident, and finishes with a couple of case studies.

Chapter 15, Recovery Process, focuses on the recovery steps and procedures for a compromised system, and explains the criticality of the options available and how to evaluate the best recovery option.

Chapter 16, Vulnerability Management, describes the importance of vulnerability management to mitigate attempts to exploit known vulnerabilities.

Chapter 17, Log Analysis, goes over the different techniques for manual log analysis, since it is critical for the reader to gain knowledge of how to deeply analyze different types of logs to hunt suspicious security activities.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY