▶Book Description
Network scanning is the process of assessing a network to identify an active host network; same methods can be used by an attacker or network administrator for security assessment. This procedure plays a vital role in risk assessment programs or while preparing a security plan for your organization.
Practical Network Scanning starts with the concept of network scanning and how organizations can benefit from it. Then, going forward, we delve into the different scanning steps, such as service detection, firewall detection, TCP/IP port detection, and OS detection. We also implement these concepts using a few of the most prominent tools on the market, such as Nessus and Nmap. In the concluding chapters, we prepare a complete vulnerability assessment plan for your organization.
By the end of this book, you will have hands-on experience in performing network scanning using different tools and in choosing the best tools for your system.
▶What You Will Learn
⦁ Achieve an effective security posture to design security architectures
⦁ Learn vital security aspects before moving to the Cloud
⦁ Launch secure applications with Web Application Security and SQL Injection
⦁ Explore the basics of threat detection/response/ mitigation with important use cases
⦁ Learn all about integration principles for PKI and tips to secure it
⦁ Design a WAN infrastructure and ensure security over a public WAN
▶Key Features
⦁ Learn to choose the best network scanning toolset for your system
⦁ Implement different concepts of network scanning such as port scanning and OS detection
⦁ Adapt a practical approach to securing your network
▶Who This Book Is For
If you are a security professional who is responsible for securing an organization's infrastructure, then this book is for you.
▶What this book covers
⦁ Chapter 1, Fundamental Security Concepts, explains the necessity for network security and covers a step-by-step approach to keep in mind for securing a network. You will also learn how to identify the need for security and the factors involved in network security.
⦁ Chapter 2, Secure Network Design, explains the security threats that exist in modern networks and how to design a secure network by keeping them in mind. It also explains network segmentation, defining a network boundary, and the importance of encryption, things to consider, and the benefits of implementing security on different network layers.
⦁ Chapter 3, Server-Level Security, gives us a basic understanding of protecting a server's infrastructure, including aspects such as hardening the server, the use of various authentication methods, password policies, and protection against viruses and malware.
⦁ Chapter 4, Cloud Security Design, explains the security aspects that you will need to keep in mind before migrating your critical data information to the cloud.
⦁ Chapter 5, Application Security Design, explains how to identify the common risks involved in designing and launching an application. You will also learn common safeguard methods from a user's point of view to surf an application in a secure way.
⦁ Chapter 6, Threat Detection and Response, explains various aspects of security IT infrastructure, from monitoring to responding to incidents and diverting attackers.
⦁ Chapter 7, Vulnerability Assessment, explains the vulnerability assessment methodology and generating reports based on assessment metrics for scoring.
⦁ Chapter 8, Remote OS Detection, explains methods for detecting a target's operating system with an Nmap application.
⦁ Chapter 9, Public Key Infrastructure –. SSL, explains PKI and the implementation steps for securing an application using SSL.
⦁ Chapter 10, Firewall Placement and Detection Techniques, explains the aspects of designing a firewall to build secure network. It also explains the techniques and tools to detect firewall.
⦁ Chapter 11, VPN and WAN Encryption, explains how to design and secure a WAN infrastructure.
⦁ Chapter 12, Summary and Scope of Security Technologies, explains security trends and possible future security technologies.
