Cover image for Network Security Strategies

Network Security Strategies

Author Aditya Mukherjee
Release Date: 2020/11/01
Topic:
0%
21
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

Build a resilient network and prevent advanced cyber attacks and breaches

Key Features

  • Explore modern cybersecurity techniques to protect your networks from ever-evolving cyber threats
  • Prevent cyber attacks by using robust cybersecurity strategies
  • Unlock the secrets of network security

Book Description

With advanced cyber attacks severely impacting industry giants and the constantly evolving threat landscape, organizations are adopting complex systems to maintain robust and secure environments. Network Security Strategies will help you get well-versed with the tools and techniques required to protect any network environment against modern cyber threats.

You'll understand how to identify security vulnerabilities across the network and how to effectively use a variety of network security techniques and platforms. Next, the book will show you how to design a robust network that provides top-notch security to protect against traditional and new evolving attacks. With the help of detailed solutions and explanations, you'll be able to monitor networks skillfully and identify potential risks. Finally, the book will cover topics relating to thought leadership and the management aspects of network security.

By the end of this network security book, you'll be well-versed in defending your network from threats and be able to consistently maintain operational efficiency, security, and privacy in your environment.

What you will learn

  • Understand network security essentials, including concepts, mechanisms, and solutions to implement secure networks
  • Get to grips with setting up and threat monitoring cloud and wireless networks
  • Defend your network against emerging cyber threats in 2020
  • Discover tools, frameworks, and best practices for network penetration testing
  • Understand digital forensics to enhance your network security skills
  • Adopt a proactive approach to stay ahead in network security

Who this book is for

This book is for anyone looking to explore information security, privacy, malware, and cyber threats. Security experts who want to enhance their skill set will also find this book useful. A prior understanding of cyber threats and information security will help you understand the key concepts covered in the book more effectively.

Table of Contents

  1. Title Page
  2. Copyright and Credits
    1. Network Security Strategies
  3. About Packt
    1. Why subscribe?
  4. Contributors
    1. About the author
    2. About the reviewer
    3. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
    7. Reviews
  6. Section 1: Network Security Concepts, Threats, and Vulnerabilities
  7. Network Security Concepts
    1. Technical requirements
    2. An overview of network security
    3. Network security concepts
    4. Network security components
    5. Network and system hardening
    6. Network segmentation
    7. Network choke-points
    8. Defense-in-Depth
    9. Due diligence and cyber resilience
    10. Soft targets
    11. Continuous monitoring and improvement
    12. Post-deployment review
    13. Network security architecture approach
    14. Planning and analysis
    15. Designing
    16. Building
    17. Testing
    18. Deployment
    19. Post-deployment
    20. Network security best practices and guidelines
    21. Network Operations Center overview
    22. Proper incident management
    23. Functional ticketing system and knowledge base
    24. Monitoring policy
    25. A well-defined investigation process
    26. Reporting and dashboards
    27. Escalation
    28. High availability and failover
    29. Assessing network security effectiveness
    30. Key attributes to be considered
    31. The action priority matrix
    32. Threat modeling
    33. Assessing the nature of threats
    34. STRIDE
    35. PASTA
    36. Trike
    37. VAST
    38. OCTAVE
    39. Summary
    40. Questions
    41. Further reading
  8. Security for Cloud and Wireless Networks
    1. Technical requirements
    2. An introduction to secure cloud computing
    3. AWS' shared responsibility model
    4. Major cybersecurity challenges with the cloud
    5. Amazon Web Services (AWS)
    6. AWS security features
    7. Well-defined identity capabilities
    8. Traceability
    9. Defense in depth
    10. Automation of security best practices
    11. Continuous data protection
    12. Security event response
    13. Microsoft Azure security technologies
    14. The Zero Trust model
    15. Security layers
    16. Identity management using Azure
    17. Infrastructure protection using Azure
    18. Criticality of infrastructure
    19. Encryption
    20. Identifying and classifying data
    21. Encryption on Azure
    22. Network security
    23. Internet protection
    24. Virtual networks
    25. Network integrations
    26. CipherCloud
    27. Securing cloud computing
    28. Security threats
    29. Countermeasures
    30. Wireless network security
    31. Wi-Fi attack surface analysis and exploitation techniques
    32. Wi-Fi data collection and analysis
    33. Wi-Fi attack and exploitation techniques 
    34. Best practices
    35. Security assessment approach
    36. Software-defined radio attacks
    37. Types of radio attacks
    38. Replay attacks
    39. Cryptanalysis attacks
    40. Reconnaissance attacks
    41. Mitigation techniques
    42. Summary
    43. Questions
    44. Further reading
  9. Mitigating the Top Network Threats of 2020
    1. Technical requirements
    2. The top 10 network attacks and how to fix them
    3. Phishing – the familiar foe
    4. How to fix phishing threats
    5. Rogue applications and fake security alerts – intimidation and imitation
    6. How to fix rogue applications and software threats
    7. Insider threats – the enemy inside the gates
    8. How to fix insider threats
    9. Viruses and worms – a prevailing peril 
    10. How to fix viruses and worms threats
    11. Botnets – an adversarial army at disposal
    12. How to fix botnet threats
    13. Trojan horse – covert entry 
    14. How to fix trojan threats
    15. Rootkit – clandestine malicious applications
    16. How to fix rootkit threats
    17. Malvertising – ads of chaos
    18. How to fix malvertising threats 
    19. DDoS – defending against one too many
    20. How to fix DDoS threats
    21. Ransomware – cyber extortions 
    22. How to fix ransomware threats
    23. Notable mentions
    24. Drive-by download
    25. Exploit kits and AI-ML-driven attacks
    26. Third-party and supply chain attacks
    27. Creating an integrated threat defense architecture
    28. Keeping up with vulnerabilities and threats
    29. Understanding various defense mechanisms 
    30. Safeguarding confidential information from third parties
    31. Implementing strong password policies
    32. Enhancing email security
    33. Vulnerability management policies
    34. Vulnerability management life cycle
    35. Network vulnerability assessments
    36. Utilizing scanning tools in vulnerability assessment
    37. Exercising continuous monitoring
    38. The NIST Risk Management Framework
    39. The NIST Release Special Publication 800-37
    40. Summary
    41. Questions
    42. Further reading
  10. Section 2: Network Security Testing and Auditing
  11. Network Penetration Testing and Best Practices
    1. Technical requirements
    2. Approach to network penetration testing
    3. Pre-engagement
    4. Reconnaissance
    5. Threat modeling
    6. Exploitation
    7. Post-exploitation
    8. Reporting
    9. Retesting
    10. Top penetration testing platforms
    11. Setting up our network
    12. Performing automated exploitation
    13. OpenVas
    14. Sparta 
    15. Armitage
    16. Performing manual exploitation
    17. Kali Linux
    18. Nmap
    19. Nikto
    20. Dirb
    21. Metasploit
    22. Browser Exploitation Framework (BeEF)
    23. Burp Suite
    24. Penetration testing best practices
    25. Case study
    26. Information gathering
    27. Scanning the servers
    28. Identifying and exploiting vulnerabilities
    29. Reporting
    30. Presentation
    31. A few other practices
    32. The concept of teaming
    33. Red team
    34. Blue team
    35. Purple team
    36. Capture the flag
    37. Engagement models and methodologies
    38. Black box
    39. Gray box
    40. White box
    41. Summary
    42. Questions
    43. Further reading
  12. Advanced Network Attacks
    1. Technical requirements
    2. Critical infrastructure and prominent exploitation 
    3. Attack frameworks toward ICS industries
    4. The cyber kill chain
    5. Information sharing and analysis centers
    6. Understanding the threat landscape
    7. Top threats and vulnerable points in ICS industries
    8. Well-known critical infrastructure exploitation examples
    9. Penetration testing IoT networks and reverse engineering firmware
    10. Introduction to IoT network security
    11. Security challenges for IoT
    12. Penetration testing for IoT networks
    13. Reconnaissance 
    14. Evaluation
    15. Exploitation
    16. Reporting
    17. Setting up an IoT pen testing lab
    18. Software tool requirements
    19. Firmware software tools
    20. Web application software tools
    21. Platforms and tools for advanced testing
    22. UART communication
    23. Firmware reverse engineering and exploitation
    24. Exploiting VoIP networks and defense mechanisms
    25. VoIP threat landscape
    26. VoIP phone classifications
    27. Pros and cons of VoIP
    28. Analyzing VoIP security issues
    29. Vishing
    30. Denial of Service (DoS)
    31. Eavesdropping
    32. Countermeasures and defense vectors
    33. Top platforms for VoIP monitoring and security
    34. Summary
    35. Questions
    36. Further reading
  13. Network Digital Forensics
    1. Technical requirements
    2. Concepts of network forensics
    3. Fundamentals of network forensics
    4. Technical capabilities for responding to forensic incidents
    5. Network protocols and communication layers
    6. Damballa network threat analysis 
    7. Forensics tools – network analysis and response
    8. Wireshark
    9. The NIKSUN Suite
    10. Security Onion
    11. Xplico
    12. NetworkMiner
    13. Hakabana
    14. NetWitness NextGen
    15. Solera Networks DS
    16. DSHELL
    17. LogRhythm Network Monitor
    18. Key approaches to network forensics
    19. Industry best practices and standards
    20. The four steps to dealing with digital evidence
    21. Advances in network forensics practices
    22. Big data analytics-based forensics
    23. Conducting a tabletop forensics exercise
    24. Familiarizing yourself with the stakeholders
    25. Creating the ideal scenario
    26. Gamification
    27. Document lessons learned
    28. Summary
    29. Questions
    30. Further reading
  14. Performing Network Auditing
    1. Technical requirements
    2. Getting started with your audit
    3. What is a network audit?
    4. Why do we need a network audit?
    5. Key concepts of network auditing
    6. Understanding the fundamentals of an audit
    7. Understanding the types of audits
    8. Foundational pillars for network audits
    9. Policy
    10. Procedures
    11. Standards
    12. Controls
    13. Risk management in a network audit
    14. Risk assessment
    15. Risk management strategies
    16. Industry standards and governance framework
    17. Understanding the auditor's role
    18. Understanding the auditing process
    19. Performing a network security audit
    20. Planning and research phase
    21. Data gathering and data analysis phase
    22. Audit report and follow-up phase
    23. Exploring network audit tools
    24. Network assessment and auditing tools
    25. SolarWinds
    26. Open-AudIT
    27. Nmap
    28. NetformX
    29. Security assessment tools 
    30. Nessus
    31. Nipper
    32. Wireshark
    33. Network audit checklist
    34. Comprehensive checklist
    35. Planning phase
    36. Design and architecture review
    37. Physical inventory
    38. Network infrastructure security
    39. Infrastructure for monitoring and management
    40. Configuration management
    41. Performance monitoring and analysis
    42. Documentation
    43. Case study
    44. Network monitoring checklist
    45. NOC audit checklist
    46. Audit report (sampling)
    47. Auditing best practices and latest trends 
    48. Best practices
    49. Latest trends
    50. SolarWinds Network Automation Manager 
    51. SolarWinds NCM
    52. TrueSight Network Automation
    53. Summary
    54. Questions
    55. Further reading
  15. Section 3: Threat Management and Proactive Security Operations
  16. Continuous and Effective Threat Management
    1. Technical requirements
    2. Cyber threat management concepts
    3. BCP/DR
    4. Cyber risk assessment
    5. Strategic governance framework
    6. Cyber resilience
    7. Governance, risk, and compliance (GRC)
    8. Cyber perimeter establishment
    9. Threat intelligence gathering
    10. Continuous threat monitoring 
    11. Actively managing risks and threats
    12. Unified threat management (UTM)
    13. Advanced persistent threats (APT)
    14. The essential eight
    15. Malware analysis
    16. Malware analysis process
    17. Malware analysis lab – overview
    18. Setting up a malware analysis lab
    19. Proposed malware analysis lab architecture
    20. Creating an isolated virtual network
    21. Creating and restoring snapshots
    22. Endpoint detection and response (EDR)
    23. Vulnerability and patch management
    24. Threat management best practices
    25. Addressing security leadership concerns 
    26. Conveying risk and threat management to leadership
    27. Strategies for boardroom discussions
    28. Cybersecurity and business outcomes
    29. Summary
    30. Questions
    31. Further reading
  17. Proactive Security Strategies
    1. Technical requirements
    2. Advancing to proactive security
    3. Key considerations
    4. Evolving security challenges
    5. Steps to building a proactive security system
    6. Understanding how threat intelligence works
    7. Threat intelligence platforms
    8. FireEye iSIGHT
    9. IBM's X-Force Exchange
    10. IntSights's Enterprise Threat Intelligence and Mitigation Platform
    11. Digital Shadows SearchLight
    12. Understanding how threat hunting works
    13. Stages of threat hunting
    14. Components of threat hunting
    15. Developing a threat hunting plan
    16. Threat hunting maturity model
    17. Threat hunting platforms 
    18. MITRE Framework
    19. Endgame threat hunting
    20. Cybereason
    21. Understanding deception technology
    22. Need for deception technology
    23. Deception technology vendors and platforms 
    24. Illusive Networks
    25. Attivo Networks
    26. Smokescreen IllusionBLACK Deception
    27. TrapX Security
    28. Security Information and Event Management (SIEM)
    29. Capabilities of SIEM
    30. SIEM platforms
    31. Splunk
    32. ArcSight Enterprise Security Manager
    33. IBM QRadar
    34. ELK SIEM
    35. AlienVault OSSIM
    36. Summary
    37. Questions
    38. Further reading
  18. Assessments
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
  19. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think
3.136.154.103