Home Page Icon
Home Page
Table of Contents for
Title Page
Close
Title Page
by Roman Zabicki
Practical Security
 Acknowledgments
 Introduction
Who Is This Book For?
What’s in This Book
Online Resources
1. Patching
Upgrading Third-Party Libraries and Software
Library Inventory
Network Inventory
Patching Windows
Finding Published Vulnerabilities
Testing Your Patches
If Patching Hurts, Do It More Often
A Practical Application of Fear
What’s Next?
2. Vulnerabilities
SQL Injection
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (XSRF)
Misconfiguration
Suggested Reading
What’s Next?
3. Cryptography
Don’t Roll Your Own Crypto
Don’t Use Low-Level Crypto Libraries
Evaluating Crypto Libraries Without Being a Crypto Expert
Password Storage
Storing Passwords When You’re the Client
Minimizing the Cost of Credential Loss
Keeping Passwords Hard to Predict
TLS Configuration
What’s Next?
4. Windows
Windows Users
Login and Mimikatz
Password Policy
Active Directory: What Else Is It Good For?
BitLocker
What’s Next?
5. Phishing
Types of Phishing Attacks
Social Defense
Don’t DIY
DNS-Based Defense
Authentication-Based Defense
In-Application Defense
Got Phished. Now What?
Wrapping Up
 Bibliography
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Practical Security
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset