Book description
Key Features
- Gain a clear understanding of the attack methods, and patterns to recognize abnormal behavior within your organization with Blue Team tactics
- Learn to unique techniques to gather exploitation intelligence, identify risk and demonstrate impact with Red Team and Blue Team strategies
- A practical guide that will give you hands-on experience to mitigate risks and prevent attackers from infiltrating your system
Book Description
The book will start talking about the security posture before moving to Red Team tactics, where you will learn the basic syntax for the Windows and Linux tools that are commonly used to perform the necessary operations. You will also gain hands-on experience of using new Red Team techniques with powerful tools such as python and PowerShell, which will enable you to discover vulnerabilities in your system and how to exploit them. Moving on, you will learn how a system is usually compromised by adversaries, and how they hack user's identity, and the various tools used by the Red Team to find vulnerabilities in a system.
In the next section, you will learn about the defense strategies followed by the Blue Team to enhance the overall security of a system. You will also learn about an in-depth strategy to ensure that there are security controls in each network layer, and how you can carry out the recovery process of a compromised system. Finally, you will learn how to create a vulnerability management strategy and the different techniques for manual log analysis.
What you will learn
- Learn the importance of having a solid foundation for your security posture
- Understand the attack strategy using cyber security kill chain
- Learn how to enhance your defense strategy by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
- Learn how to perform an incident investigation
- Get an in-depth understanding of the recovery process
- Understand continuous security monitoring and how to implement a vulnerability management strategy
- Learn how to perform log analysis to identify suspicious activities
Who this book is for
This book aims at IT professional who want to venture the IT security domain. IT pentester, Security consultants, and ethical hackers will also find this course useful. Prior knowledge of penetration testing would be beneficial.
Publisher resources
Table of contents
- Preface
- Security Posture
- Incident Response Process
- Understanding the Cybersecurity Kill Chain
- Reconnaissance
- Compromising the System
- Chasing a User's Identity
- Lateral Movement
-
Privilege Escalation
- Infiltration
- Avoiding alerts
-
Performing privilege escalation
- Exploiting unpatched operating systems
- Access token manipulation
- Exploiting accessibility features
- Application shimming
- Bypassing user account control
- DLL injection
- DLL search order hijacking
- Dylib hijacking
- Exploration of vulnerabilities
- Launch daemon
- Hands-on example of privilege escalation on a Windows 8 target
- Conclusion and lessons learned
- References
- Summary
- Security Policy
- Network Segmentation
- Active Sensors
- Threat Intelligence
- Investigating an Incident
-
Recovery Process
- Disaster recovery plan
- Live recovery
- Contingency planning
- Best practices for recovery
- References
- Summary
-
Vulnerability Management
- Creating a vulnerability management strategy
- Implementation of vulnerability management
- Best practices for vulnerability management
- Implementing vulnerability management with Nessus
- Flexera (Secunia) Personal Software Inspector
- Conclusion
- References
- Summary
- Log Analysis
- Other Books You May Enjoy
Product information
- Title: Cybersecurity - Attack and Defense Strategies
- Author(s):
- Release date: January 2018
- Publisher(s): Packt Publishing
- ISBN: 9781788475297
You might also like
book
Cybersecurity - Attack and Defense Strategies
Updated edition of the bestselling guide for planning attack and defense strategies based on the current …
book
Cybersecurity – Attack and Defense Strategies - Second Edition
Updated and revised edition of the bestselling guide to developing defense strategies against the latest threats …
book
Cybersecurity Attacks – Red Team Strategies
Develop your red team skills by learning essential foundational tactics, techniques, and procedures, and boost the …
book
ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition
CISSP Study Guide - fully updated for the 2024 CISSP Body of Knowledge ISC2 Certified Information …