Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
,

Defensive Security Handbook

Best Practices for Securing Infrastructure

Paperback Engels 2017 9781491960387
Verkooppositie 5897Hoogste positie: 5897
Verwachte levertijd ongeveer 8 werkdagen

Samenvatting

Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job. For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.

Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others. Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks.

- Learn fundamentals of starting or redesigning an InfoSec program
- Create a base set of policies, standards, and procedures
- Plan and design incident response, disaster recovery, compliance, and physical security
- Bolster Microsoft and Unix systems, network infrastructure, and password management
- Use segmentation practices and designs to compartmentalize your network
- Explore automated process and tools for vulnerability management
- Securely develop code to reduce exploitable errors
- Understand basic penetration testing concepts through purple teaming
- Delve into IDS, IPS, SOC, logging, and monitoring

Specificaties

ISBN13:9781491960387
Taal:Engels
Bindwijze:paperback
Aantal pagina's:261
Uitgever:O'Reilly
Druk:1
Verschijningsdatum:11-4-2017
Hoofdrubriek:IT-management / ICT
ISSN:

Lezersrecensies

Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht

Over Lee Brotherston

Lee Brotherston is a Senior Security Advisor with Leviathan Security, providing Information Security consulting services to a range of clients. Having spent more than a decade in Information Security, Lee has worked as an Internal Security resource across many verticals including Finance, Telecommunications, Hospitality, Entertainment, and Government in roles ranging from Engineer to IT Security Manager.

Andere boeken door Lee Brotherston

Over Amanda Berlin

Amanda Berlin is an Information Security Architect for a consulting firm in Northern Ohio. She has spent over a decade in different areas of technology and sectors providing infrastructure support, triage, and design. Amanda has been involved in implementing a secure Payment Card Industries (PCI) process and Health Insurance Portability and Accountability Act (HIPAA) compliance as well as building a comprehensive phishing and awards-based user education program. She is the author for a Blue Team best practices book called "Defensive Security Handbook: Best Practices for Securing Infrastructure" through O'Reilly Media. She is a co-host on the Brakeing Down Security podcast and writes for several blogs. On Twitter, she's @InfoSystir.

Andere boeken door Amanda Berlin

Inhoudsopgave

Preface

1. Creating a Security Program
Lay the Groundwork
Establish Teams
Baseline Security Posture
Assess Threats and Risks
Prioritize
Create Milestones
Use Cases, Tabletops, and Drills
Expanding Your Team and Skillsets
Conclusion

2. Asset Management and Documentation
Information Classification
Asset Management Implementation Steps
Asset Management Guidelines
Documentation
Conclusion

3. Policies
Language
Document Contents
Topics
Storage and Communication
Conclusion

4. Standards and Procedures
Standards
Language
Procedures
Language
Document Contents
Conclusion

5. User Education
Broken Processes
Bridging the Gap
Building Your Own Program
Gaining Meaningful Metrics
Conclusion

6. Incident Response
Processes
Tools and Technology
Conclusion

7. Disaster Recovery
Setting Objectives
Recovery Strategies
Dependencies
Scenarios
Invoking a Fail Over...and Back
Testing
Security Considerations
Conclusion

8. Industry Compliance Standards and Frameworks
Industry Compliance Standards
Frameworks
Regulated Industries
Conclusion

9. Physical Security
Physical
Operational
Conclusion

10. Microsoft Windows Infrastructure
Quick Wins
Active Directory Domain Services
Group Policy Objects
EMET
MS-SQL Server
Conclusion

11. Unix Application Servers
Keeping Up-to-Date

12. Endpoints
Keeping Up-to-Date
Hardening Endpoints
Mobile Device Management
Endpoint Visibility
Centralization
Conclusion

13. Password Management and Multifactor Authentication
Basic Password Practices
Password Management Software
Password Resets
Password Breaches
Encryption, Hashing, and Salting
Password Storage Locations and Methods
Password Security Objects
Multifactor Authentication
Conclusion

14. Network Infrastructure
Firmware/Software Patching
Device Hardening
Routers
Switches
Egress Filtering
IPv6: A Cautionary Note
TACACS+
Conclusion

15. Segmentation
Network Segmentation
Application
Roles and Responsibilities
Conclusion

16. Vulnerability Management
How Vulnerability Scanning Works
Authenticated versus Unauthenticated Scans
Vulnerability Assessment Tools
Vulnerability Management Program
Remediation Prioritization
Risk Acceptance
Conclusion

17. Development
Language Selection
Secure Coding Guidelines
Testing
System Development Lifecycle
Conclusion

18. Purple Teaming
Open Source Intelligence

19. IDS and IPS
Types of IDS and IPS
Cutting Out the Noise
Writing Your Own Signatures
NIDS and IPS Locations
Encrypted Protocols
Conclusion

20. Logging and Monitoring
What to Log
Where to Log
Security Information and Event Management
Designing the SIEM
Log Analysis
Logging and Alerting Examples
Log Aggregation
Use Case Analysis
Conclusion

21. The Extra Mile
Email Servers
DNS Servers
Security through Obscurity
Useful Resources

A: User Education Templates

Index

Managementboek Top 100

Rubrieken

Populaire producten

    Personen

      Trefwoorden

        Defensive Security Handbook