Contents

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

CompTIA CySA+® Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-001)

Acknowledgments

CONTENTS

Acknowledgments

Part I Threat Management

Chapter 1 Applying Reconnaissance Techniques

Open Source Intelligence

Internet Registries

Active Reconnaissance

Capturing Packets

Special Considerations

Wired Network Considerations

Wireless Network Considerations

Virtualization Technologies

Cloud Computing

Defending Against Reconnaissance

Tools of the Trade

OWASP Zed Attack Proxy

Wireshark/TShark

Intrusion Detection and Prevention Systems

Chapter 2 Analyzing the Results of Reconnaissance

Intrusion Detection/Prevention Systems

Packet Captures

nmap Scan Results

Point-in-Time Analysis

Packet Analysis

Protocol Analysis

Traffic Analysis

NetFlow Analysis

Wireless Analysis

Correlation Analysis

Anomaly Analysis

Behavioral Analysis

Availability Analysis

Tools of the Trade

Security Information and Event Management Systems

Packet Analyzers

Intrusion Detection Systems

Resource-Monitoring Tools

NetFlow Analyzers

Chapter 3 Responding to Network-Based Threats

Network Segmentation

System Isolation

Honeypots and Honeynets

File System ACLs

Endpoint Security

Detect and Block

Cloud-Connected Protection

Device Hardening

Discretionary Access Control (DAC)

Mandatory Access Control (MAC)

Role-Based Access Control (RBAC)

Compensating Controls

Blocking Unused Ports/Services

Network Access Control

Chapter 4 Securing a Corporate Network

Penetration Testing

Rules of Engagement

Reverse Engineering

Software/Malware

Isolation/Sandboxing

Training and Exercises

Types of Exercises

Risk Evaluation

Impact and Likelihood

Technical Control Review

Operational Control Review

Part II Vulnerability Management

Chapter 5 Implementing Vulnerability Management Processes

Vulnerability Management Requirements

Regulatory Environments

Corporate Security Policy

Data Classification

Asset Inventory

Common Vulnerabilities

Network Infrastructure

Virtual Infrastructure

Interconnected Networks

Virtual Private Networks

Industrial Control Systems

Frequency of Vulnerability Scans

Regulatory Requirements

Technical Constraints

Tool Configuration

Scanning Criteria

Tool Updates and Plug-Ins

Permissions and Access

Chapter 6 Vulnerability Scanning

Execute Scanning

Generate Reports

Automated vs. Manual Distribution

Communication/Change Control

Sandboxing/Testing

Inhibitors to Remediation

Ongoing Scanning and Continuous Monitoring

Analyze Reports from a Vulnerability Scan

Review and Interpret Scan Results

Validate Results and Correlate Other Data Points

Compare to Best Practices or Compliance

Reconcile Results

Review Related Logs and/or Other Data Sources

Determine Trends

Part III Cyber Incident Response

Chapter 7 The Incident Response Process

A Cast of Characters

Response Techniques

Corrective Actions

Communication Processes

Internal Communications

External Communications

Chapter 8 Determining the Impact of Incidents

Threat Classification

Known Threats vs. Unknown Threats

Advanced Persistent Threat

Factors Contributing to Incident Severity and Prioritization

Scope of Impact

Chapter 9 Preparing the Incident Response Toolkit

Digital Forensics

Phases of an Investigation

Forensic Investigation Suite

Acquisition Utilities

Analysis Utilities

OS and Process Analysis

Mobile Device Forensics

Building Your Forensic Kit

Chapter 10 Selecting the Best Course of Action

Introduction to Diagnosis

Network-Related Symptoms

Bandwidth Utilization

Irregular Peer-to-Peer Communication

Rogue Devices on the Network

Host-Related Symptoms

Running Processes

Memory Contents

Capacity Consumption

Unauthorized Privileges

Application-Related Symptoms

Anomalous Activity

Introduction of New Accounts

Unexpected Output

Unexpected Outbound Communication

Service Interruption

Memory Overflows

Part IV Security Architectures

Chapter 11 Frameworks, Policies, Controls, and Procedures

Security Frameworks

Policies and Procedures

Security Policies

Physical Controls

Logical Controls

Administrative Controls

Control Selection

Regulatory Compliance

Verification and Quality Control

Maturity Models

Chapter 12 Identity and Access Management

Security Issues Associated with Context-Based Authentication

Security Issues Associated with Identities

Security Issues Associated with Identity Repositories

Directory Services

Security Issues Associated with Federation and Single Sign-On

Manual vs. Automatic Provisioning/Deprovisioning

Self-Service Password Reset

Man in the Middle

Cross-Site Scripting

Privilege Escalation

Chapter 13 Putting in Compensating Controls

Security Data Analytics

Data Aggregation and Correlation

Historical Analysis

Authentication Logs

Defense in Depth

Other Security Concepts

Chapter 14 Secure Software Development

The Software Development Lifecycle

Operation and Maintenance

Secure Software Development

Security Testing

Software Engineering Institute

Center for Internet Security

Chapter 15 Tool Sets

Preventative Tools

Host-Based Intrusion Prevention Systems

Enhanced Mitigation Experience Toolkit

Web Application Firewalls

Collective Tools

Security Information and Event Management

Network Scanning

Command-line Utilities

Analytical Tools

Vulnerability Scanning

Monitoring Tools

Interception Proxy

Exploitative Tools

Exploitation Frameworks

Forensic Suites

Password Cracking

Part V Appendixes and Glossary

Appendix A Objectives Map

Appendix B About the Download

System Requirements

Installing and Running Total Tester

About Total Tester

Pre-assessment Test

Performance-Based Questions

McGraw-Hill Professional Media Center Download

Technical Support

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

3.149.254.35