Chapter 1 Applying Reconnaissance Techniques
Wireless Network Considerations
Defending Against Reconnaissance
Intrusion Detection and Prevention Systems
Chapter 2 Analyzing the Results of Reconnaissance
Intrusion Detection/Prevention Systems
Security Information and Event Management Systems
Chapter 3 Responding to Network-Based Threats
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Blocking Unused Ports/Services
Chapter 4 Securing a Corporate Network
Part II Vulnerability Management
Chapter 5 Implementing Vulnerability Management Processes
Vulnerability Management Requirements
Frequency of Vulnerability Scans
Chapter 6 Vulnerability Scanning
Automated vs. Manual Distribution
Ongoing Scanning and Continuous Monitoring
Analyze Reports from a Vulnerability Scan
Review and Interpret Scan Results
Validate Results and Correlate Other Data Points
Compare to Best Practices or Compliance
Review Related Logs and/or Other Data Sources
Part III Cyber Incident Response
Chapter 7 The Incident Response Process
Chapter 8 Determining the Impact of Incidents
Known Threats vs. Unknown Threats
Factors Contributing to Incident Severity and Prioritization
Chapter 9 Preparing the Incident Response Toolkit
Chapter 10 Selecting the Best Course of Action
Irregular Peer-to-Peer Communication
Unexpected Outbound Communication
Part IV Security Architectures
Chapter 11 Frameworks, Policies, Controls, and Procedures
Verification and Quality Control
Chapter 12 Identity and Access Management
Security Issues Associated with Context-Based Authentication
Security Issues Associated with Identities
Security Issues Associated with Identity Repositories
Security Issues Associated with Federation and Single Sign-On
Manual vs. Automatic Provisioning/Deprovisioning
Chapter 13 Putting in Compensating Controls
Data Aggregation and Correlation
Chapter 14 Secure Software Development
The Software Development Lifecycle
Software Engineering Institute
Host-Based Intrusion Prevention Systems
Enhanced Mitigation Experience Toolkit
Security Information and Event Management
Part V Appendixes and Glossary
Installing and Running Total Tester
3.149.254.35