Cybersecurity-Attack and Defense Strategies Second Edition

▶Book Description
Cybersecurity – Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining.

Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack – the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user's identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system.

This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.

▶What You Will Learn
- The importance of having a solid foundation for your security posture
- Use cyber security kill chain to understand the attack strategy
- Boost your organization's cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
- Utilize the latest defense tools, including Azure Sentinel and Zero Trust Network strategy
- Identify different types of cyberattacks, such as SQL injection, malware and social engineering threats such as phishing emails
- Perform an incident investigation using Azure Security Center and Azure Sentinel
- Get an in-depth understanding of the disaster recovery process
- Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
- Learn how to perform log analysis using the cloud to identify suspicious activities, including logs from Amazon Web Services and Azure

▶Key Features
- Covers the latest security threats and defense strategies for 2020
- Introduces techniques and skillsets required to conduct threat hunting and deal with a system breach
- Provides new information on Cloud Security Posture Management, Microsoft Azure Threat Protection, Zero Trust Network strategies, Nation State attacks, the use of Azure Sentinel as a cloud-based SIEM for logging and investigation, and much more

▶Who This Book Is For
For the IT professional venturing into the IT security domain, IT pentesters, security consultants, or those looking to perform ethical hacking. Prior knowledge of penetration testing is beneficial.

▶What this book covers
- Chapter 1, Security Posture, defines what constitutes a secure posture and how it helps in understanding the importance of having a good defense and attack strategy.

- Chapter 2, Incident Response Process, introduces the incident response process and the importance of having one. It goes over different industry standards and best practices for handling incident response.

- Chapter 3, What is a Cyber Strategy?, explains what a cyber strategy is, why it's needed, and how an effective enterprise cyber strategy can be built.

- Chapter 4, Understanding the Cybersecurity Kill Chain, prepares the reader to understand the mindset of an attacker, the different stages of the attack, and what usually takes place in each one of those phases.

- Chapter 5, Reconnaissance, speaks about the different strategies to perform reconnaissance and how data is gathered to obtain information about the target for planning the attack.

- Chapter 6, Compromising the System, shows current trends in strategies to compromise a system and explains how to compromise a system.

- Chapter 7, Chasing a User's Identity, explains the importance of protecting the user's identity to avoid credential theft and goes through the process of hacking the user's identity.

- Chapter 8, Lateral Movement, describes how attackers perform lateral movement once they compromise a system.

- Chapter 9, Privilege Escalation, shows how attackers can escalate privileges in order to gain administrative access to a network system.

- Chapter 10, Security Policy, focuses on the different aspects of the initial defense strategy, which starts with the importance of a well-crafted security policy and goes over the best practices for security policies, standards, security awareness training, and core security controls.

- Chapter 11, Network Segmentation, looks into different aspects of defense in depth, covering physical network segmentation as well as the virtual and hybrid cloud.

- Chapter 12, Active Sensors, details different types of network sensors that help the organizations to detect attacks.

- Chapter 13, Threat Intelligence, speaks about the different aspects of threat intelligence from the community as well as from the major vendors.

- Chapter 14, Investigating an Incident, goes over two case studies, for an on-premises compromised system and for a cloud-based compromised system, and shows all the steps involved in a security investigation.

- Chapter 15, Recovery Process, focuses on the recovery process of a compromised system and explains how crucial it is to know all the options that are available since live recovery of a system is not possible in certain circumstances.

- Chapter 16, Vulnerability Management, describes the importance of vulnerability management to mitigate vulnerability exploitation. It covers the current threat landscape and the growing number of ransomwares that exploit known vulnerabilities.

- Chapter 17, Log Analysis, goes over the different techniques for manual log analysis since it is critical for the reader to gain knowledge on how to deeply analyze different types of logs to hunt suspicious security activities.