Verfügbarkeit: Defensive security handbook

Defensive security handbook: best practices for securing infrastructure

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Brotherston, Lee (VerfasserIn), Berlin, Amanda (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Beijing ; Boston ; Farnham ; Sebastopol ; Tokyo O'Reilly April 2017
Ausgabe:	First edition
Schlagworte:	Computersicherheit
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	xx, 261 Seiten Illustrationen, Diagramme
ISBN:	9781491960387

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV044220366
003	DE-604
005	20170714
007	t
008	170310s2017 a\|\|\| \|\|\|\| 00\|\|\| eng d
020			\|a 9781491960387 \|c pbk \|9 978-1-491-96038-7
035			\|a (OCoLC)978270197
035			\|a (DE-599)BVBBV044220366
040			\|a DE-604 \|b ger \|e rda
041	0		\|a eng
049			\|a DE-29T \|a DE-706 \|a DE-11 \|a DE-1050
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
100	1		\|a Brotherston, Lee \|e Verfasser \|0 (DE-588)1136790446 \|4 aut
245	1	0	\|a Defensive security handbook \|b best practices for securing infrastructure \|c Lee Brotherston and Amanda Berlin
250			\|a First edition
264		1	\|a Beijing ; Boston ; Farnham ; Sebastopol ; Tokyo \|b O'Reilly \|c April 2017
300			\|a xx, 261 Seiten \|b Illustrationen, Diagramme
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
689	0	0	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0		\|5 DE-604
700	1		\|a Berlin, Amanda \|e Verfasser \|0 (DE-588)1136790578 \|4 aut
856	4	2	\|m HEBIS Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029626353&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-029626353

Datensatz im Suchindex

_version_	1804177367779770368
adam_text	Defensive Security Handbook Best Practices for Securing Infrastructure Lee Brotherston and Amanda Berlin Beijing • Boston • Farnham • Sebastopol • Tokyo Table of Contents Foreword xi Introduction xiii 1 Creating a Security Program 1 Lay the Groundwork 1 Establish Teams 2 Baseline Security Posture 3 Assess Threats and Risks 3 Identify 3 Assess 4 Mitigate 4 Monitor 5 Prioritize 5 Create Milestones 5 Use Cases, Tabletops, and Drills 6 Expanding Your Team and Skillsets 10 Conclusion 11 2 Asset Management and Documentation 13 Information Classification 13 Asset Management Implementation Steps J 14 Defining the Lifecycle 15 Information Gathering 16 Change Tracking 17 Monitoring and Reporting 18 Asset Management Guidelines 18 Automation 18 iii One Source of Truth 19 Organize a Company-Wide Team 19 Executive Champions 19 Software Licensing 19 Define Assets 20 Documentation 20 Networking Equipment 20 Network 21 Servers 21 Desktops 22 Users 22 Applications 22 Other 23 Conclusion 23 3 Policies 25 Language 26 Document Contents 27 Topics 28 Storage and Communication 29 Conclusion 29 4 Standards and Procedures 31 Standards 32 Language 32 Procedures 33 Language 33 Document Contents 34 Conclusion 35 5 User Education 37 Broken Processes 37 Bridging the Gap 38 Building Your Own Program 39 Establish Objectives 39 Establish Baselines t 40 Scope and Create Program Rules and Guidelines 40 Implement and Document Program Infrastructure 40 Positive Reinforcement 40 Gamification 41 Define Incident Response Processes 41 Gaining Meaningful Metrics 41 iv \| Table of Contents Measurements 41 Tracking Success Rate and Progress 42 Important Metrics 42 Conclusion 42 6 Incident Response 45 Processes 45 Pre-Incident Processes 45 Incident Processes 46 Post-Incident Processes 48 Tools and Technology 49 Log Analysis 49 Disk and File Analysis 49 Memory Analysis 50 PCAP Analysis 51 All in One 52 Conclusion 52 7 Disaster Recovery 53 Setting Objectives 53 Recovery Point Objective 54 Recovery Time Objective 54 Recovery Strategies 55 Backups 55 Warm Standby 55 High Availability 56 Alternate System 56 System Function Reassignment 57 Dependencies 57 Scenarios 58 Invoking a Fail Over and Back 58 Testing 59 Security Considerations 59 Conclusion 60 8 Industry Compliance Standards and Frameworks 61 Industry Compliance Standards 61 Payment Card Industry Data Security Standard (PCI DSS) 62 Health Insurance Portability 8c Accountability Act 62 Gramm-Leach Bliley Act 63 Family Educational Rights and Privacy Act 63 Sarbanes-Oxley Act 64 Table of Contents \| v Frameworks 65 Cloud Control Matrix 65 Center for Internet Security 65 Control Objectives for Information and Related Technologies 65 The Committee of Sponsoring Organizations of the Treadway Commission 65 ISO-27000 Series 66 NIST CyberSecurity Framework 66 Regulated Industries 67 Financial 67 Government 67 Healthcare 68 Conclusion 69 9 Physical Security 71 Physical 72 Restrict Access 72 1 Video Surveillance 72 Authentication Maintenance 74 Secure Media 75 Datacenters 75 Operational 76 Identify Visitors and Contractors 76 Visitor Actions 76 Contractor Actions 76 Badges 76 Include Physical Security Training 77 Conclusion 79 10 Microsoft Windows Infrastructure 81 Quick Wins 81 Upgrade 81 Third-Party Patches 82 Open Shares 83 Active Directory Domain Services 83 Forest 84 Domain ( 85 Domain Controllers 85 OUs 86 Groups 86 Accounts 87 Group Policy Objects 88 EMET 89 vi \| Table of Contents Basic Configuration 90 Custom Configuration 92 Enterprise Deployment Strategies 93 MS-SQL Server 96 When Third-Party Vendors Have Access 96 MS SQL Authentication 97 SA User Security 97 Conclusion 98 11 Unix Application Servers 101 Keeping Up-to-Date 102 Third-Party Software Updates 102 Core Operating System Updates 104 Hardening a Unix Application Server 105 Conclusion 111 12 Endpoints 113 Keeping Up-to-Date 113 Microsoft Windows 114 macOS 114 Unix Desktops 115 Third-Party Updates 115 Hardening Endpoints 116 Disable Services 116 Desktop Firewalls 118 Full-Disk Encryption 119 Endpoint Protection Tools 121 Mobile Device Management 122 Endpoint Visibility 122 Centralization 123 Conclusion 124 13 Password Management and Multifactor Authentication 125 Basic Password Practices 125 Password Management Software 127 Password Resets 128 Password Breaches 128 Encryption, Hashing, and Salting 129 Encryption 129 Hashing 129 Salting 130 Password Storage Locations and Methods 131 Table of Contents \| vii Password Security Objects 133 Setting a Fine-Grained Password Policy 133 Multifactor Authentication 137 Why 2FA? 138 2FA Methods 140 How It Works 140 Threats 141 Where It Should Be Implemented 141 Conclusion 142 14 Network Infrastructure 143 Firmware/Software Patching 143 Device Hardening 145 Services 145 SNMP 147 Encrypted Protocols 148 Management Network 148 Routers 149 Switches 150 Egress Filtering 151 IPv6: A Cautionary Note 151 TACACS+ 152 Conclusion 153 15 Segmentation 155 Network Segmentation 155 Physical 155 Logical 156 Physical and Logical Network Example 162 Software-Defined Networking 164 Application 164 Roles and Responsibilities 165 Conclusion 167 16 Vulnerability Management 169 How Vulnerability Scanning Works 170 Authenticated versus Unauthenticated Scans 170 Vulnerability Assessment Tools 172 Vulnerability Management Program 173 Program Initialization 174 Business as Usual 175 Remediation Prioritization 175 viii \| Table of Contents Risk Acceptance Conclusion 17 Development 179 Language Selection 179 Ox Assembly 180 /* C and C++ */ 180 GO func() 180 #!/Python/Ruby/Perl 181 ? PHP ? 181 Secure Coding Guidelines 182 Testing 183 Automated Static Testing 183 Automated Dynamic Testing 183 Peer Review 184 System Development Lifecycle 184 Conclusion 186 18 Purple Teaming 187 Open Source Intelligence 187 Types of Information and Access 188 OSINT Tools 191 Red Teaming 208 Conclusion 213 19 IDS and IPS 215 Types of IDS and IPS 215 Network-Based IDS 215 Host-Based IDS 217 IPS 217 Cutting Out the Noise 217 Writing Your Own Signatures 219 NIDS and IPS Locations 221 Encrypted Protocols 222 Conclusion 223 20 Logging and Monitoring 225 What to Log 225 Where to Log 226 Security Information and Event Management 226 Designing the SIEM 227 Log Analysis 228 Table of Contents \| ix Logging and Alerting Examples 228 Authentication Systems 228 Application Logs 229 Proxy and Firewall Logs 230 Log Aggregation 230 Use Case Analysis 231 Conclusion 232 21 The Extra Mile 233 Email Servers 233 DNS Servers 235 Security through Obscurity 237 Useful Resources 238 Books 238 Blogs 238 Podcasts 239 Tools 239 Websites 239 A User Education Templates 241 Index 247 x \| Table of Contents
any_adam_object	1
author	Brotherston, Lee Berlin, Amanda
author_GND	(DE-588)1136790446 (DE-588)1136790578
author_facet	Brotherston, Lee Berlin, Amanda
author_role	aut aut
author_sort	Brotherston, Lee
author_variant	l b lb a b ab
building	Verbundindex
bvnumber	BV044220366
classification_rvk	ST 277
ctrlnum	(OCoLC)978270197 (DE-599)BVBBV044220366
discipline	Informatik
edition	First edition
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01409nam a2200337 c 4500</leader><controlfield tag="001">BV044220366</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20170714 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">170310s2017 a\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781491960387</subfield><subfield code="c">pbk</subfield><subfield code="9">978-1-491-96038-7</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)978270197</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV044220366</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-29T</subfield><subfield code="a">DE-706</subfield><subfield code="a">DE-11</subfield><subfield code="a">DE-1050</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Brotherston, Lee</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1136790446</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Defensive security handbook</subfield><subfield code="b">best practices for securing infrastructure</subfield><subfield code="c">Lee Brotherston and Amanda Berlin</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">First edition</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Beijing ; Boston ; Farnham ; Sebastopol ; Tokyo</subfield><subfield code="b">O'Reilly</subfield><subfield code="c">April 2017</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xx, 261 Seiten</subfield><subfield code="b">Illustrationen, Diagramme</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Berlin, Amanda</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1136790578</subfield><subfield code="4">aut</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HEBIS Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029626353&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-029626353</subfield></datafield></record></collection>
id	DE-604.BV044220366
illustrated	Illustrated
indexdate	2024-07-10T07:46:57Z
institution	BVB
isbn	9781491960387
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-029626353
oclc_num	978270197
open_access_boolean
owner	DE-29T DE-706 DE-11 DE-1050
owner_facet	DE-29T DE-706 DE-11 DE-1050
physical	xx, 261 Seiten Illustrationen, Diagramme
publishDate	2017
publishDateSearch	2017
publishDateSort	2017
publisher	O'Reilly
record_format	marc
spelling	Brotherston, Lee Verfasser (DE-588)1136790446 aut Defensive security handbook best practices for securing infrastructure Lee Brotherston and Amanda Berlin First edition Beijing ; Boston ; Farnham ; Sebastopol ; Tokyo O'Reilly April 2017 xx, 261 Seiten Illustrationen, Diagramme txt rdacontent n rdamedia nc rdacarrier Computersicherheit (DE-588)4274324-2 gnd rswk-swf Computersicherheit (DE-588)4274324-2 s DE-604 Berlin, Amanda Verfasser (DE-588)1136790578 aut HEBIS Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029626353&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Brotherston, Lee Berlin, Amanda Defensive security handbook best practices for securing infrastructure Computersicherheit (DE-588)4274324-2 gnd
subject_GND	(DE-588)4274324-2
title	Defensive security handbook best practices for securing infrastructure
title_auth	Defensive security handbook best practices for securing infrastructure
title_exact_search	Defensive security handbook best practices for securing infrastructure
title_full	Defensive security handbook best practices for securing infrastructure Lee Brotherston and Amanda Berlin
title_fullStr	Defensive security handbook best practices for securing infrastructure Lee Brotherston and Amanda Berlin
title_full_unstemmed	Defensive security handbook best practices for securing infrastructure Lee Brotherston and Amanda Berlin
title_short	Defensive security handbook
title_sort	defensive security handbook best practices for securing infrastructure
title_sub	best practices for securing infrastructure
topic	Computersicherheit (DE-588)4274324-2 gnd
topic_facet	Computersicherheit
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029626353&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT brotherstonlee defensivesecurityhandbookbestpracticesforsecuringinfrastructure AT berlinamanda defensivesecurityhandbookbestpracticesforsecuringinfrastructure

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge