-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating

Incident Response for Windows
By :

Incident Response for Windows
By:
Overview of this book
Cybersecurity incidents are becoming increasingly common and costly, making incident response a critical domain for organizations to understand and implement. This book enables you to effectively detect, respond to, and prevent cyberattacks on Windows-based systems by equipping you with the knowledge and tools needed to safeguard your organization's critical assets, in line with the current threat landscape.
The book begins by introducing you to modern sophisticated cyberattacks, including threat actors, methods, and motivations. Then, the phases of efficient incident response are linked to the attack's life cycle using a unified cyber kill chain. As you advance, you'll explore various types of Windows-based platform endpoint forensic evidence and the arsenal necessary to gain full visibility of the Windows infrastructure. The concluding chapters discuss the best practices in the threat hunting process, along with proactive approaches that you can take to discover cybersecurity incidents before they reach their final stage.
By the end of this book, you’ll have gained the skills necessary to run intelligence-driven incident response in a Windows environment, establishing a full-fledged incident response and management process, as well as proactive methodologies to enhance the cybersecurity posture of an enterprise environment.
Table of Contents (20 chapters)
Preface
In Progress
| 0 / 8 sections completed |
0%
Part 1: Understanding the Threat Landscape and Attack Life Cycle
In Progress
| 0 / 1 sections completed |
0%
Chapter 1: Introduction to the Threat Landscape
In Progress
| 0 / 5 sections completed |
0%
Chapter 2: Understanding the Attack Life Cycle
In Progress
| 0 / 7 sections completed |
0%
Part 2: Incident Response Procedures and Endpoint Forensic Evidence Collection
In Progress
| 0 / 1 sections completed |
0%
Chapter 3: Phases of an Efficient Incident Response on Windows Infrastructure
In Progress
| 0 / 7 sections completed |
0%
Chapter 4: Endpoint Forensic Evidence Collection
In Progress
| 0 / 5 sections completed |
0%
Part 3: Incident Analysis and Threat Hunting on Windows Systems
In Progress
| 0 / 1 sections completed |
0%
Chapter 5: Gaining Access to the Network
In Progress
| 0 / 7 sections completed |
0%
Chapter 6: Establishing a Foothold
In Progress
| 0 / 5 sections completed |
0%
Chapter 7: Network and Key Assets Discovery
In Progress
| 0 / 5 sections completed |
0%
Chapter 8: Network Propagation
In Progress
| 0 / 5 sections completed |
0%
Chapter 9: Data Collection and Exfiltration
In Progress
| 0 / 6 sections completed |
0%
Chapter 10: Impact
In Progress
| 0 / 5 sections completed |
0%
Chapter 11: Threat Hunting and Analysis of TTPs
In Progress
| 0 / 7 sections completed |
0%
Part 4: Incident Investigation Management and Reporting
In Progress
| 0 / 1 sections completed |
0%
Chapter 12: Incident Containment, Eradication, and Recovery
In Progress
| 0 / 6 sections completed |
0%
Chapter 13: Incident Investigation Closure and Reporting
In Progress
| 0 / 6 sections completed |
0%
Index
In Progress
| 0 / 2 sections completed |
0%
Other Books You May Enjoy
In Progress
| 0 / 4 sections completed |
0%
Customer Reviews