Название: Defensive Security Handbook: Best Practices for Securing Infrastructure, 2nd Edition (Third Early Release)
Автор: Lee Brotherston, Amanda Berlin
Издательство: O’Reilly Media, Inc.
Год: 2022-10-14
Язык: английский
Формат: epub (true), mobi, pdf
Размер: 10.2 MB

Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don't have the budget for an information security (InfoSec) program. If you're forced to protect yourself by improvising on the job, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.

Each chapter in this book provides step-by-step instructions for dealing with issues such as breaches and disasters, compliance, network infrastructure, password management, vulnerability scanning, penetration testing, and more. Network engineers, system administrators, and security professionals will learn how to use frameworks, tools, and techniques to build and improve their cybersecurity programs.

It is not necessary to reinvent the wheel in order to lay out the initial groundwork for an information security program. There are a few standards that can be of great use. The National Institute of Standards & Technology (NIST) has a risk-based cybersecurity framework that covers many aspects of a program. The NIST Framework Core consists of five concurrent and continuous functions—Identify, Protect, Detect, Respond, and Recover. When considered together, these functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. Not only will a framework be a possible asset, so will compliance standards. Although poorly implemented compliance standards can hinder the overall security of an organization, they can also prove to be a great starting point for a new program.

This book will help you

Plan and design incident response, disaster recovery, compliance, and physical security
Learn and apply basic penetration testing concepts through purple teaming
Conduct vulnerability management using automated processes and tools
Use IDS, IPS, SOC, logging, and monitoring
Bolster Microsoft and Unix systems, network infrastructure, and password management
Use segmentation practices and designs to compartmentalize your network
Reduce exploitable errors by developing code securely