Defensive Security Handbook - Lee Brotherston, Amanda Berlin

Defensive Security Handbook

Best Practices for Securing Infrastructure
Buch | Softcover
284 Seiten
2017
O'Reilly Media (Verlag)
978-1-4919-6038-7 (ISBN)
44,85 inkl. MwSt
Studibuch Logo

...gebraucht verfügbar!

Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job.

For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.

Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others.

Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks.
  • Learn fundamentals of starting or redesigning an InfoSec program
  • Create a base set of policies, standards, and procedures
  • Plan and design incident response, disaster recovery, compliance, and physical security
  • Bolster Microsoft and Unix systems, network infrastructure, and password management
  • Use segmentation practices and designs to compartmentalize your network
  • Explore automated process and tools for vulnerability management
  • Securely develop code to reduce exploitable errors
  • Understand basic penetration testing concepts through purple teaming
  • Delve into IDS, IPS, SOC, logging, and monitoring

Lee Brotherston is a Senior Security Advisor with Leviathan Security, providing Information Security consulting services to a range of clients. Having spent more than a decade in Information Security, Lee has worked as an Internal Security resource across many verticals including Finance, Telecommunications, Hospitality, Entertainment, and Government in roles ranging from Engineer to IT Security Manager.

Amanda Berlin is an Information Security Architect for a consulting firm in Northern Ohio. She has spent over a decade in different areas of technology and sectors providing infrastructure support, triage, and design. Amanda has been involved in implementing a secure Payment Card Industries (PCI) process and Health Insurance Portability and Accountability Act (HIPAA) compliance as well as building a comprehensive phishing and awards-based user education program. She is the author for a Blue Team best practices book called "Defensive Security Handbook: Best Practices for Securing Infrastructure" through O'Reilly Media. She is a co-host on the Brakeing Down Security podcast and writes for several blogs. On Twitter, she's @InfoSystir.

Chapter 1Creating a Security Program
Lay the Groundwork
Establish Teams
Baseline Security Posture
Assess Threats and Risks
Prioritize
Create Milestones
Use Cases, Tabletops, and Drills
Expanding Your Team and Skillsets
Conclusion
Chapter 2Asset Management and Documentation
Information Classification
Asset Management Implementation Steps
Asset Management Guidelines
Documentation
Conclusion
Chapter 3Policies
Language
Document Contents
Topics
Storage and Communication
Conclusion
Chapter 4Standards and Procedures
Standards
Language
Procedures
Language
Document Contents
Conclusion
Chapter 5User Education
Broken Processes
Bridging the Gap
Building Your Own Program
Gaining Meaningful Metrics
Conclusion
Chapter 6Incident Response
Processes
Tools and Technology
Conclusion
Chapter 7Disaster Recovery
Setting Objectives
Recovery Strategies
Dependencies
Scenarios
Invoking a Fail Over...and Back
Testing
Security Considerations
Conclusion
Chapter 8Industry Compliance Standards and Frameworks
Industry Compliance Standards
Frameworks
Regulated Industries
Conclusion
Chapter 9Physical Security
Physical
Operational
Conclusion
Chapter 10Microsoft Windows Infrastructure
Quick Wins
Active Directory Domain Services
Group Policy Objects
EMET
MS-SQL Server
Conclusion
Chapter 11Unix Application Servers
Keeping Up-to-Date
Chapter 12Endpoints
Keeping Up-to-Date
Hardening Endpoints
Mobile Device Management
Endpoint Visibility
Centralization
Conclusion
Chapter 13Password Management and Multifactor Authentication
Basic Password Practices
Password Management Software
Password Resets
Password Breaches
Encryption, Hashing, and Salting
Password Storage Locations and Methods
Password Security Objects
Multifactor Authentication
Conclusion
Chapter 14Network Infrastructure
Firmware/Software Patching
Device Hardening
Routers
Switches
Egress Filtering
IPv6: A Cautionary Note
TACACS+
Conclusion
Chapter 15Segmentation
Network Segmentation
Application
Roles and Responsibilities
Conclusion
Chapter 16Vulnerability Management
How Vulnerability Scanning Works
Authenticated versus Unauthenticated Scans
Vulnerability Assessment Tools
Vulnerability Management Program
Remediation Prioritization
Risk Acceptance
Conclusion
Chapter 17Development
Language Selection
Secure Coding Guidelines
Testing
System Development Lifecycle
Conclusion
Chapter 18Purple Teaming
Open Source Intelligence
Chapter 19IDS and IPS
Types of IDS and IPS
Cutting Out the Noise
Writing Your Own Signatures
NIDS and IPS Locations
Encrypted Protocols
Conclusion
Chapter 20Logging and Monitoring
What to Log
Where to Log
Security Information and Event Management
Designing the SIEM
Log Analysis
Logging and Alerting Examples
Log Aggregation
Use Case Analysis
Conclusion
Chapter 21The Extra Mile
Email Servers
DNS Servers
Security through Obscurity
Useful Resources
Appendix User Education Templates
Live Phishing Education Slides
Phishing Program Rules

Erscheinungsdatum
Verlagsort Sebastopol
Sprache englisch
Maße 181 x 233 mm
Gewicht 488 g
Einbandart kartoniert
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Schlagworte Administration • Handbuch • IT-Sicherheit • IT-Sicherheit, IT security • Netzwerksicherheit • security • Sicherheit • vulnerability
ISBN-10 1-4919-6038-8 / 1491960388
ISBN-13 978-1-4919-6038-7 / 9781491960387
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich