Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
Modal Close icon
Modal Close icon
  • Book Overview & Buying Cybersecurity - Attack and Defense Strategies
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cybersecurity - Attack and Defense Strategies

Cybersecurity - Attack and Defense Strategies

By : Yuri Diogenes, Dr. Erdal Ozkaya
4.7 (33)
Buy this Book
close
close
Cybersecurity - Attack and Defense Strategies

Cybersecurity - Attack and Defense Strategies

4.7 (33)
By: Yuri Diogenes, Dr. Erdal Ozkaya
Buy this Book

Overview of this book

The book will start talking about the security posture before moving to Red Team tactics, where you will learn the basic syntax for the Windows and Linux tools that are commonly used to perform the necessary operations. You will also gain hands-on experience of using new Red Team techniques with powerful tools such as python and PowerShell, which will enable you to discover vulnerabilities in your system and how to exploit them. Moving on, you will learn how a system is usually compromised by adversaries, and how they hack user's identity, and the various tools used by the Red Team to find vulnerabilities in a system. In the next section, you will learn about the defense strategies followed by the Blue Team to enhance the overall security of a system. You will also learn about an in-depth strategy to ensure that there are security controls in each network layer, and how you can carry out the recovery process of a compromised system. Finally, you will learn how to create a vulnerability management strategy and the different techniques for manual log analysis.
Table of Contents (18 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Lock Free Chapter
1
Security Posture
Icon
Security Posture
Icon
The current threat landscape
Icon
Cybersecurity challenges
Icon
Enhancing your security posture
Icon
The Red and Blue Team
Icon
References
Icon
Summary
2
Incident Response Process
Icon
Incident Response Process
Icon
Incident response process
Icon
Handling an incident
Icon
Post-incident activity
Icon
Incident response in the cloud
Icon
References
Icon
Summary
3
Understanding the Cybersecurity Kill Chain
Icon
Understanding the Cybersecurity Kill Chain
Icon
External reconnaissance
Icon
Access and privilege escalation
Icon
Exfiltration
Icon
Sustainment
Icon
Assault
Icon
Obfuscation
Icon
Threat life cycle management
Icon
References
Icon
Summary
4
Reconnaissance
Icon
Reconnaissance
Icon
External reconnaissance
Icon
Internal reconnaissance
Icon
Conclusion of the reconnaissance chapter
Icon
References
Icon
Summary
5
Compromising the System
Icon
Compromising the System
Icon
Analyzing current trends
Icon
Phishing
Icon
Exploiting a vulnerability
Icon
Zero-day
Icon
Performing the steps to compromise a system
Icon
References
Icon
Summary
6
Chasing a User's Identity
Icon
Chasing a User's Identity
Icon
Identity is the new perimeter
Icon
Strategies for compromising a user's identity
Icon
Hacking a user's identity
Icon
References
Icon
Summary
7
Lateral Movement
chevron up
Icon
Lateral Movement
Icon
Infiltration
Icon
Performing lateral movement
Icon
References
Icon
Summary
8
Privilege Escalation
Icon
Privilege Escalation
Icon
Infiltration
Icon
Avoiding alerts
Icon
Performing privilege escalation
Icon
Conclusion and lessons learned
Icon
References
Icon
Summary
9
Security Policy
Icon
Security Policy
Icon
Reviewing your security policy
Icon
Educating the end user
Icon
Policy enforcement
Icon
Monitoring for compliance
Icon
References
Icon
Summary
10
Network Segmentation
Icon
Network Segmentation
Icon
Defense in depth approach
Icon
Physical network segmentation
Icon
Securing remote access to the network
Icon
Virtual network segmentation
Icon
Hybrid cloud network security
Icon
References
Icon
Summary
11
Active Sensors
Icon
Active Sensors
Icon
Detection capabilities
Icon
Intrusion detection systems
Icon
Intrusion prevention system
Icon
Behavior analytics on-premises
Icon
Behavior analytics in a hybrid cloud
Icon
References
Icon
Summary
12
Threat Intelligence
Icon
Threat Intelligence
Icon
Introduction to threat intelligence
Icon
Open source tools for threat intelligence
Icon
Microsoft threat intelligence
Icon
Leveraging threat intelligence to investigate suspicious activity
Icon
References
Icon
Summary
13
Investigating an Incident
Icon
Investigating an Incident
Icon
Scoping the issue
Icon
Investigating a compromised system on-premises
Icon
Investigating a compromised system in a hybrid cloud
Icon
Lessons learned
Icon
References
Icon
Summary
14
Recovery Process
Icon
Recovery Process
Icon
Disaster recovery plan
Icon
Live recovery
Icon
Contingency planning
Icon
Best practices for recovery
Icon
References
Icon
Summary
15
Vulnerability Management
Icon
Vulnerability Management
Icon
Creating a vulnerability management strategy
Icon
Implementation of vulnerability management
Icon
Best practices for vulnerability management
Icon
Implementing vulnerability management with Nessus
Icon
Flexera (Secunia) Personal Software Inspector
Icon
Conclusion
Icon
References
Icon
Summary
16
Log Analysis
Icon
Log Analysis
Icon
Data correlation
Icon
Operating system logs
Icon
Firewall logs
Icon
Web server logs
Icon
References
Icon
Summary
17
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Lateral Movement

In the previous chapters, the tools and techniques that attackers use to compromise and gain entry into a system were discussed. This chapter will focus on the predominant thing that they try to do after a successful entry; solidifying and expanding their presence. This is what is referred to as lateral movement. Attackers will move from device to device after the initial hack with the hopes of accessing high-valued data. They will also be looking at ways in which they can gain additional control of the victim's network. At the same time, they will be trying not to trip alarms or raise any alerts. This phase of the attack life cycle can take a long time. In highly complicated attacks, the phase takes several months in order for the hackers to reach the desired target device.

The lateral movement involves scanning a network for other resources, the collecting...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 7
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon