In this chapter, you learned about the incident response process, and how this fits into the overall purpose of enhancing your security posture. You also learned about the importance of having an incident response in place to rapidly identify and respond to security incidents. By planning each phase of the incident response life cycle, you create a cohesive process that can be applied to the entire organization. The foundation of the incident response plan is the same for different industries, and on top of this foundation you can include the customized areas that are relevant to your own business. You also came across the key aspects of handling an incident, and the importance of post-incident activity—which includes a full documentation of lessons learned—and using this information as input to improve the overall process. Lastly, you learned the basics...
-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating
Cybersecurity - Attack and Defense Strategies
By :
Cybersecurity - Attack and Defense Strategies
By:
Overview of this book
The book will start talking about the security posture before moving to Red Team tactics, where you will learn the basic syntax for the Windows and Linux tools that are commonly used to perform the necessary operations. You will also gain hands-on experience of using new Red Team techniques with powerful tools such as python and PowerShell, which will enable you to discover vulnerabilities in your system and how to exploit them. Moving on, you will learn how a system is usually compromised by adversaries, and how they hack user's identity, and the various tools used by the Red Team to find vulnerabilities in a system.
In the next section, you will learn about the defense strategies followed by the Blue Team to enhance the overall security of a system. You will also learn about an in-depth strategy to ensure that there are security controls in each network layer, and how you can carry out the recovery process of a compromised system. Finally, you will learn how to create a vulnerability management strategy and the different techniques for manual log analysis.
Table of Contents (18 chapters)
Preface
Free Chapter
Security Posture
Incident Response Process
Understanding the Cybersecurity Kill Chain
Reconnaissance
Compromising the System
Chasing a User's Identity
Lateral Movement
Privilege Escalation
Security Policy
Network Segmentation
Active Sensors
Threat Intelligence
Investigating an Incident
Recovery Process
Vulnerability Management
Log Analysis
Other Books You May Enjoy
Customer Reviews
