Cybersecurity-Attack and Defense Strategies Second Edition
Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals
Packt(GCO Science)
2019년 12월 31일 출간
(개의 리뷰)
(
0%
의 구매자)
- eBook 상품 정보
- 파일 정보 pdf (33.70MB)
- ISBN 9781838822217
- 쪽수 635쪽
- 지원기기 교보eBook App, PC e서재, 리더기, 웹뷰어
-
교보eBook App
듣기(TTS) 불가능
TTS 란?텍스트를 음성으로 읽어주는 기술입니다.
- 전자책의 편집 상태에 따라 본문의 흐름과 다르게 텍스트를 읽을 수 있습니다.
- 전자책 화면에 표기된 주석 등을 모두 읽어 줍니다.
- 이미지 형태로 제작된 전자책 (예 : ZIP 파일)은 TTS 기능을 지원하지 않습니다.
- '교보 ebook' 앱을 최신 버전으로 설치해야 이용 가능합니다. (Android v3. 0.26, iOS v3.0.09,PC v1.2 버전 이상)
PDF 필기 Android 가능 (iOS예정)
소득공제
소장
정가 : 21,000원
쿠폰적용가 18,900원
10% 할인 | 5%P 적립이 상품은 배송되지 않는 디지털 상품이며,
교보eBook앱이나 웹뷰어에서 바로 이용가능합니다.
카드&결제 혜택
- 5만원 이상 구매 시 추가 2,000P
- 3만원 이상 구매 시, 등급별 2~4% 추가 최대 416P
- 리뷰 작성 시, e교환권 추가 최대 300원
작품소개
이 상품이 속한 분야
▶Book Description
Cybersecurity ? Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining.
Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack ? the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user's identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system.
This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.
▶What You Will Learn
- The importance of having a solid foundation for your security posture
- Use cyber security kill chain to understand the attack strategy
- Boost your organization's cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
- Utilize the latest defense tools, including Azure Sentinel and Zero Trust Network strategy
- Identify different types of cyberattacks, such as SQL injection, malware and social engineering threats such as phishing emails
- Perform an incident investigation using Azure Security Center and Azure Sentinel
- Get an in-depth understanding of the disaster recovery process
- Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
- Learn how to perform log analysis using the cloud to identify suspicious activities, including logs from Amazon Web Services and Azure
▶Key Features
- Covers the latest security threats and defense strategies for 2020
- Introduces techniques and skillsets required to conduct threat hunting and deal with a system breach
- Provides new information on Cloud Security Posture Management, Microsoft Azure Threat Protection, Zero Trust Network strategies, Nation State attacks, the use of Azure Sentinel as a cloud-based SIEM for logging and investigation, and much more
▶Who This Book Is For
For the IT professional venturing into the IT security domain, IT pentesters, security consultants, or those looking to perform ethical hacking. Prior knowledge of penetration testing is beneficial.
Cybersecurity ? Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining.
Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack ? the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user's identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system.
This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.
▶What You Will Learn
- The importance of having a solid foundation for your security posture
- Use cyber security kill chain to understand the attack strategy
- Boost your organization's cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
- Utilize the latest defense tools, including Azure Sentinel and Zero Trust Network strategy
- Identify different types of cyberattacks, such as SQL injection, malware and social engineering threats such as phishing emails
- Perform an incident investigation using Azure Security Center and Azure Sentinel
- Get an in-depth understanding of the disaster recovery process
- Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
- Learn how to perform log analysis using the cloud to identify suspicious activities, including logs from Amazon Web Services and Azure
▶Key Features
- Covers the latest security threats and defense strategies for 2020
- Introduces techniques and skillsets required to conduct threat hunting and deal with a system breach
- Provides new information on Cloud Security Posture Management, Microsoft Azure Threat Protection, Zero Trust Network strategies, Nation State attacks, the use of Azure Sentinel as a cloud-based SIEM for logging and investigation, and much more
▶Who This Book Is For
For the IT professional venturing into the IT security domain, IT pentesters, security consultants, or those looking to perform ethical hacking. Prior knowledge of penetration testing is beneficial.
▶TABLE of CONTENTS
1. Security Posture
2. Incident Response Process
3. What is a Cyber Strategy?
4. Understanding the Cybersecurity Kill Chain
5. Reconnaissance
6. Compromising the System
7. Chasing a User's Identity
8. Lateral Movement
9. Privilege Escalation
10. Security Policy
11. Network Segmentation
12. Active Sensors
13. Threat Intelligence
14. Investigating an Incident
15. Recovery Process
16. Vulnerability Management
17. Log Analysis
1. Security Posture
2. Incident Response Process
3. What is a Cyber Strategy?
4. Understanding the Cybersecurity Kill Chain
5. Reconnaissance
6. Compromising the System
7. Chasing a User's Identity
8. Lateral Movement
9. Privilege Escalation
10. Security Policy
11. Network Segmentation
12. Active Sensors
13. Threat Intelligence
14. Investigating an Incident
15. Recovery Process
16. Vulnerability Management
17. Log Analysis
▶What this book covers
- Chapter 1, Security Posture, defines what constitutes a secure posture and how it helps in understanding the importance of having a good defense and attack strategy.
- Chapter 2, Incident Response Process, introduces the incident response process and the importance of having one. It goes over different industry standards and best practices for handling incident response.
- Chapter 3, What is a Cyber Strategy?, explains what a cyber strategy is, why it's needed, and how an effective enterprise cyber strategy can be built.
- Chapter 4, Understanding the Cybersecurity Kill Chain, prepares the reader to understand the mindset of an attacker, the different stages of the attack, and what usually takes place in each one of those phases.
- Chapter 5, Reconnaissance, speaks about the different strategies to perform reconnaissance and how data is gathered to obtain information about the target for planning the attack.
- Chapter 6, Compromising the System, shows current trends in strategies to compromise a system and explains how to compromise a system.
- Chapter 7, Chasing a User's Identity, explains the importance of protecting the user's identity to avoid credential theft and goes through the process of hacking the user's identity.
- Chapter 8, Lateral Movement, describes how attackers perform lateral movement once they compromise a system.
- Chapter 9, Privilege Escalation, shows how attackers can escalate privileges in order to gain administrative access to a network system.
- Chapter 10, Security Policy, focuses on the different aspects of the initial defense strategy, which starts with the importance of a well-crafted security policy and goes over the best practices for security policies, standards, security awareness training, and core security controls.
- Chapter 11, Network Segmentation, looks into different aspects of defense in depth, covering physical network segmentation as well as the virtual and hybrid cloud.
- Chapter 12, Active Sensors, details different types of network sensors that help the organizations to detect attacks.
- Chapter 13, Threat Intelligence, speaks about the different aspects of threat intelligence from the community as well as from the major vendors.
- Chapter 14, Investigating an Incident, goes over two case studies, for an on-premises compromised system and for a cloud-based compromised system, and shows all the steps involved in a security investigation.
- Chapter 15, Recovery Process, focuses on the recovery process of a compromised system and explains how crucial it is to know all the options that are available since live recovery of a system is not possible in certain circumstances.
- Chapter 16, Vulnerability Management, describes the importance of vulnerability management to mitigate vulnerability exploitation. It covers the current threat landscape and the growing number of ransomwares that exploit known vulnerabilities.
- Chapter 17, Log Analysis, goes over the different techniques for manual log analysis since it is critical for the reader to gain knowledge on how to deeply analyze different types of logs to hunt suspicious security activities.
▶ Preface
With a threat landscape that it is in constant motion, it becomes imperative to have a strong security posture, which in reality means enhancing the protection, detection, and response. Throughout this book, you will learn about attack methods and patterns to recognize abnormal behavior within your organization with Blue Team tactics. You will also learn techniques to gather exploitation intelligence, identify risks, and demonstrate impact on Red and Blue Team strategies.
작가정보
저자(글) Yuri Diogenes
Yuri Diogenes is a professor at EC-Council University for their master's degree in cybersecurity and a Senior Program Manager at Microsoft for Azure Security Center. Yuri has a Master of Science degree in cybersecurity from UTICA College, and an MBA from FGV Brazil. Yuri currently holds the following certifications: CISSP, CyberSec First Responder, CompTIA CSA+, E|CEH, E|CSA, E|CHFI, E|CND, CyberSec First Responder, CompTIA, Security+, CompTIA Cloud Essentials, Network+, Mobility+, CASP, CSA+, MCSE, MCTS, and Microsoft Specialist - Azure.
저자(글) Erdal Ozkaya
Dr. Erdal Ozkaya is a leading Cybersecurity Professional with business development, management, and academic skills who focuses on securing the Cyber Space and sharing his real-life skills as a Security Advisor, Speaker, Lecturer, and Author.Erdal is known to be passionate about reaching communities, creating cyber awareness campaigns, and leveraging new and innovative approaches and technologies to holistically address the information security and privacy needs for every person and organization in the world.He is an award-winning technical expert and speaker: His recent awards include: Cyber Security Professional of the Year MEA, Hall of Fame by CISO Magazine, Cybersecurity Influencer of the Year (2019), Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016) Security Professional of the Year by MEA Channel Magazine (2015), Professional of the Year Sydney (2014), and many speaker of the year awards in conferences.He also holds Global Instructor of the Year awards from EC Council and Microsoft. Erdal is also a part-time lecturer at Charles Sturt University, Australia.Erdal has co-authored many cybersecurity books as well as security certification courseware and exams for different vendors.Erdal has the following qualifications: Doctor of Philosophy in Cybersecurity, Master of Computing Research, Master of Information Systems Security, Bachelor of Information Technology, Microsoft Certified Trainer, Microsoft Certified Learning Consultant, ISO27001 Auditor and Implementer, Certified Ethical Hacker (CEH), Certified Ethical Instructor and Licensed Penetration Tester, and 90+ other industry certifications.
이 상품의 총서
Klover리뷰 (0)
Klover리뷰 안내
Klover(Kyobo-lover)는 교보를 애용해 주시는 고객님들이 남겨주신 평점과 감상을 바탕으로, 다양한 정보를 전달하는 교보문고의 리뷰 서비스입니다.
1. 리워드 안내
구매 후 90일 이내에 평점 작성 시 e교환권 100원을 적립해 드립니다.
- - e교환권은 적립일로부터 180일 동안 사용 가능합니다.
- - 리워드는 1,000원 이상 eBook, 오디오북, 동영상에 한해 다운로드 완료 후 리뷰 작성 시 익일 제공됩니다.
- - 리워드는 한 상품에 최초 1회만 제공됩니다.
- - sam 이용권 구매 상품 / 선물받은 eBook은 리워드 대상에서 제외됩니다.
2. 운영 원칙 안내
Klover리뷰를 통한 리뷰를 작성해 주셔서 감사합니다. 자유로운 의사 표현의 공간인 만큼 타인에 대한 배려를 부탁합니다. 일부 타인의 권리를 침해하거나 불편을 끼치는 것을 방지하기 위해 아래에 해당하는 Klover 리뷰는 별도의 통보 없이 삭제될 수 있습니다.
- 도서나 타인에 대해 근거 없이 비방을 하거나 타인의 명예를 훼손할 수 있는 리뷰
- 도서와 무관한 내용의 리뷰
- 인신공격이나 욕설, 비속어, 혐오 발언이 개재된 리뷰
- 의성어나 의태어 등 내용의 의미가 없는 리뷰
구매 후 리뷰 작성 시, e교환권 100원 적립
문장수집
문장수집 안내
문장수집은 고객님들이 직접 선정한 책의 좋은 문장을 보여 주는 교보문고의 새로운 서비스 입니다. 교보eBook 앱에서 도서 열람 후 문장 하이라이트 하시면 직접 타이핑 하실 필요 없이 보다 편하게 남길 수 있습니다. 마음을 두드린 문장들을 기록하고 좋은 글귀들은 ‘좋아요’ 하여 모아보세요. 도서 문장과 무관한 내용 등록 시 별도 통보없이 삭제될 수 있습니다.
리워드 안내
- 구매 후 90일 이내에 문장 수집 등록 시 e교환권 100원을 적립해 드립니다.
- e교환권은 적립일로부터 180일 동안 사용 가능합니다.
- 리워드는 1,000원 이상 eBook에 한해 다운로드 완료 후 문장수집 등록 시 제공됩니다.
- 리워드는 한 상품에 최초 1회만 제공됩니다.
- sam 이용권 구매 상품/오디오북·동영상 상품/주문취소/환불 시 리워드 대상에서 제외됩니다.
구매 후 문장수집 작성 시, e교환권 100원 적립
교보eBook 첫 방문을 환영 합니다!
신규가입 혜택 지급이 완료 되었습니다.
바로 사용 가능한 교보e캐시 1,000원 (유효기간 7일)
지금 바로 교보eBook의 다양한 콘텐츠를 이용해 보세요!
신간 알림 안내
Cybersecurity-Attack and Defense Strategies Second Edition
웹툰 신간 알림이 신청되었습니다.
신간 알림 안내
Cybersecurity-Attack and Defense Strategies Second Edition
웹툰 신간 알림이 취소되었습니다.
리뷰작성
- 구매 후 90일 이내 작성 시, e교환권 100원 (최초1회)
- 리워드 제외 상품 : 마이 > 라이브러리 > Klover리뷰 > 리워드 안내 참고
- 콘텐츠 다운로드 또는 바로보기 완료 후 리뷰 작성 시 익일 제공
감성 태그
가장 와 닿는 하나의 키워드를 선택해주세요.
사진 첨부(선택)
0 / 5
총 5MB 이하로 jpg,jpeg,png 파일만 업로드 가능합니다.
신고/차단
신고 사유를 선택해주세요.
신고 내용은 이용약관 및 정책에 의해 처리됩니다.
허위 신고일 경우, 신고자의 서비스 활동이 제한될 수
있으니 유의하시어 신중하게 신고해주세요.
이 글을 작성한 작성자의 모든 글은 블라인드 처리 됩니다.
문장수집 작성
구매 후 90일 이내 작성 시, e교환권 100원 적립
eBook 문장수집은 웹에서 직접 타이핑 가능하나, 모바일 앱에서 도서를 열람하여 문장을 드래그하시면 직접 타이핑 하실 필요 없이 보다 편하게 남길 수 있습니다.
P.
Cybersecurity-Attack and Defense Strategies Second Edition
Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals
저자 모두보기
낭독자 모두보기
sam 이용권 선택
님이 보유하신 이용권입니다.
차감하실 sam이용권을 선택하세요.
차감하실 sam이용권을 선택하세요.
sam 이용권 선택
님이 보유하신 이용권입니다.
차감하실 sam이용권을 선택하세요.
차감하실 sam이용권을 선택하세요.
sam 이용권 선택
님이 보유하신 프리미엄 이용권입니다.
선물하실 sam이용권을 선택하세요.
선물하실 sam이용권을 선택하세요.
결제완료
e캐시 원 결제
계속 하시겠습니까?
교보 e캐시 간편 결제
sam 열람권 선물하기
-
보유 권수 / 선물할 권수0권 / 1권
-
받는사람 이름받는사람 휴대전화
- 구매한 이용권의 대한 잔여권수를 선물할 수 있습니다.
- 열람권은 1인당 1권씩 선물 가능합니다.
- 선물한 열람권이 ‘미등록’ 상태일 경우에만 ‘열람권 선물내역’화면에서 선물취소 가능합니다.
- 선물한 열람권의 등록유효기간은 14일 입니다.
(상대방이 기한내에 등록하지 않을 경우 소멸됩니다.) - 무제한 이용권일 경우 열람권 선물이 불가합니다.
이 상품의 총서 전체보기
네이버 책을 통해서 교보eBook 첫 구매 시
교보e캐시 지급해 드립니다.
교보e캐시 지급해 드립니다.
- 첫 구매 후 3일 이내 다운로드 시 익일 자동 지급
- 한 ID당 최초 1회 지급 / sam 이용권 제외
- 네이버 책을 통해 교보eBook 구매 이력이 없는 회원 대상
- 교보e캐시 1,000원 지급 (유효기간 지급일로부터 7일)
구글북액션을 통해서 교보eBook
첫 구매 시 교보e캐시 지급해 드립니다.
첫 구매 시 교보e캐시 지급해 드립니다.
- 첫 구매 후 3일 이내 다운로드 시 익일 자동 지급
- 한 ID당 최초 1회 지급 / sam 이용권 제외
- 구글북액션을 통해 교보eBook 구매 이력이 없는 회원 대상
- 교보e캐시 1,000원 지급 (유효기간 지급일로부터 7일)