Every small, medium, and large enterprise across the globe today carries out at least a few, if not all, operations with the help of Information Technology (IT). IT networks form the basic building blocks of these complex structures with the help of associated technologies and business logic. Securing such networks is therefore of paramount importance.
In this book, we will learn advanced skills and their real-world implementation, which will enable us to build a resilient network security apparatus, secure existing network infrastructure, and implement a high-fidelity, repeatable improvement plan to stay up to date with the latest cybersecurity threats and how to mitigate them. We will be taking a deep dive into subjects including network penetration testing, network audits, network digital forensics, threat intelligence, threat hunting, deception technology, and attack vectors impacting ICS/SCADA, IoT, and VOIP, among others.
By the end of this book, you should be able to:
- Understand the building blocks of a network and how to apply security to it
- Understand threats and vulnerabilities that commonly plague networks today
- Understand how to perform security testing for your network
- Understand how to imply business impact and risk prioritization for the purpose of remediation and management discussion
- Understand how to move to a proactive security mindset from a reactive security mindset
Who this book is for
This book is for anyone looking to explore information security, privacy, malware, and cyber threats. Security experts who want to enhance their skillsets will also find this book useful. An understanding of cyber threats and information security will help in understanding the key concepts covered in this book.
What this book covers
Chapter 1, Network Security Concepts, is a start point where you will gain an understanding of what networking security concepts are. This includes the mechanisms and solutions that can be implemented. We will also take a look at the various types of setup that organizations have and what the best practices are, according to leading industry resources, for secure network establishment.
Chapter 2, Security for the Cloud and Wireless Networks, deals with the security concepts that are relevant for this book with respect to cloud and wireless networking. The majority of today's attacks on the corporate side are targeted toward cloud instances. On the other hand, unprotected wireless networks are textbook entry points for threat actors looking to gain access to an organization's infrastructure. We will cover this in detail and discuss how each category of the network can be protected and the various methods that can be employed to defend them.
Chapter 3, Mitigating the Top Network Threats of 2020, discusses the top network threats and how to mitigate them. This will also give you a detailed understanding of how to perform a network security assessment, such as a vulnerability assessment, and perform continuous monitoring, enabling you to monitor active and ongoing threats in your environment.
Chapter 4, Network Penetration Testing and Best Practices, is a step-by-step guide for you, after which you yourself can perform network penetration testing and document the findings for the next steps. We will look at the different tools/platforms that will help you perform these activities efficiently.
Chapter 5, Advanced Network Attacks, focuses on introducing the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (for example, electrical power grids), ground transportation systems (automotive, roads, bridges, and tunnels); airports and air traffic control systems; wired and wireless communication and sensor networks; systems for storing and distributing water and food supplies; medical and healthcare delivery systems; and financial, banking, and commercial transaction assets.
Chapter 6, Network Digital Forensics, is the process of looking at network artifacts to determine whether any unauthorized activity has taken place and to retrieve artifacts and evidence to prove it. This may include, but is not restricted to, network monitoring, network recording, and active/passive analysis of network traffic and events for correlation. Analysts such as yourself can use these techniques to uncover the origination of security events and perform root cause analysis. The idea behind a strong forensics practice is to enable the blue team to improve their detection techniques and have a better understanding and visibility throughout the network. In this chapter, we will be taking a deep-dive look at how to perform network forensics and how to utilize these results to build a strong security mechanism.
Chapter 7, Performing Network Auditing, explains why network auditing is needed and how to conduct it. This will be a step-by-step guide for you, after which you yourself can perform network audits and document the findings for the next steps. We will look at the different tools, platforms, and other guides that will help you perform these activities efficiently.
Chapter 8, Continuous and Effective Threat Management, discusses what threat management is all about and how it is going to help you transform your security posture. Most organizations face some magnitude of security threats today and effective management of these threats and prioritization is crucial for success. In this chapter, this is exactly what you will learn and understand as a practice for your operations. We will also talk about how to have a risk discussion with senior management and translate risk in business terms. The essence is how to analyze a threat and gauge its business impact so as to communicate it to the leadership in appropriate terms. A threat may mean different things to different areas of the organization. Hence, putting the implications into perspective and validating the risk and control effectiveness is critical for a security professional.
Chapter 9, Proactive Security Strategies, is a step-by-step guide to how to make your security approach proactive in nature. We look at steps to develop a proactive security strategy, by means of which companies can effectively assess risk and minimize the potential of a breach.
To get the most out of this book
You must have solid experience of the core concepts of information security and a working knowledge of computer networks and network operating systems.
In order to utilize the tools and platforms discussed in the book, make sure you have a computer/laptop with a modern processor that has between 8 and 16 GB of RAM.
|
Software/hardware covered in the book |
OS requirements |
|
A computer/laptop with a modern processor that has between 8 and 16 GB of RAM |
Windows/macOS |
Download the color images
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: http://www.packtpub.com/sites/default/files/downloads/Bookname_ColorImages.pdf
Conventions used
There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Mount the downloaded WebStorm-10*.dmg disk image file as another disk in your system."
A block of code is set as follows:
html, body, #map {
height: 100%;
margin: 0;
padding: 0
}
When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
[default]
exten => s,1,Dial(Zap/1|30)
exten => s,2,Voicemail(u100)
exten => s,102,Voicemail(b100)
exten => i,1,Voicemail(s0)
Any command-line input or output is written as follows:
set rhosts 192.168.43.74
run
Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "As soon as you click on the Submit button, the script gets stored on the server."
Get in touch
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in, and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Reviews
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packt.com.