語系:
繁體中文
English
說明(常見問題)
圖資館首頁
登入
回首頁
切換:
標籤
|
MARC模式
|
ISBD
Applied incident response
~
Anson, Steve.
Applied incident response
紀錄類型:
書目-電子資源 : Monograph/item
正題名/作者:
Applied incident responseSteven Anson.
作者:
Anson, Steve.
出版者:
Indianapolis, IN :John Wiley & Sons,c2020.
面頁冊數:
1 online resource (464 p.)
附註:
Includes index.
標題:
Computer security.
電子資源:
https://onlinelibrary.wiley.com/doi/book/10.1002/9781119560302
ISBN:
9781119560302$q(electronic bk. ;$qoBook)
Applied incident response
Anson, Steve.
Applied incident response
[electronic resource] /Steven Anson. - 1st ed. - Indianapolis, IN :John Wiley & Sons,c2020. - 1 online resource (464 p.)
Includes index.
Prepare. The Threat Landscape -- Incident Readiness -- Respond. Remote Triage -- Remote Triage Tools -- Acquiring Memory -- Disk Imaging -- Network Security Monitoring -- Event Log Analysis -- Memory Analysis -- Malware Analysis -- Disk Forensics -- Lateral Movement Analysis -- Refine. Continuous Improvement -- Proactive Activities
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: Preparing your environment for effective incident response. Leveraging MITRE ATT&CK and threat intelligence for active network defense. Local and remote triage of systems using PowerShell, WMIC, and open-source tools. Acquiring RAM and disk images locally and remotely. Analyzing RAM with Volatility and Rekall. Deep-dive forensic analysis of system drives using open-source or commercial tools. Leveraging Security Onion and Elastic Stack for network security monitoring. Techniques for log analysis and aggregating high-value logs. Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox. Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more. Effective threat hunting techniques. Adversary emulation with Atomic Red Team. Improving preventive and detective controls.
ISBN: 9781119560302$q(electronic bk. ;$qoBook)Subjects--Topical Terms:
184416
Computer security.
LC Class. No.: QA76.9.A25
Dewey Class. No.: 005.8
Applied incident response
LDR
:02711cmm a2200289 a 4500
001
606133
003
OCoLC
005
20200216072237.6
006
m o d
007
cr cnu---unuuu
008
211203s2020 inu o 001 0 eng d
020
$a
9781119560302$q(electronic bk. ;$qoBook)
020
$a
9781119560289$q(ebk.)
020
$a
9781119560319$q(ePub)
020
$z
9781119560265$q(print)
035
$a
1136964952
040
$a
EBLCP
$b
eng
$c
EBLCP
$d
DG1
$d
RECBK
$d
YDX
$d
UKMGB
050
4
$a
QA76.9.A25
082
0 4
$a
005.8
$2
23
100
1
$a
Anson, Steve.
$3
902791
245
1 0
$a
Applied incident response
$h
[electronic resource] /
$c
Steven Anson.
250
$a
1st ed.
260
$a
Indianapolis, IN :
$b
John Wiley & Sons,
$c
c2020.
300
$a
1 online resource (464 p.)
500
$a
Includes index.
505
0
$a
Prepare. The Threat Landscape -- Incident Readiness -- Respond. Remote Triage -- Remote Triage Tools -- Acquiring Memory -- Disk Imaging -- Network Security Monitoring -- Event Log Analysis -- Memory Analysis -- Malware Analysis -- Disk Forensics -- Lateral Movement Analysis -- Refine. Continuous Improvement -- Proactive Activities
520
$a
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: Preparing your environment for effective incident response. Leveraging MITRE ATT&CK and threat intelligence for active network defense. Local and remote triage of systems using PowerShell, WMIC, and open-source tools. Acquiring RAM and disk images locally and remotely. Analyzing RAM with Volatility and Rekall. Deep-dive forensic analysis of system drives using open-source or commercial tools. Leveraging Security Onion and Elastic Stack for network security monitoring. Techniques for log analysis and aggregating high-value logs. Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox. Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more. Effective threat hunting techniques. Adversary emulation with Atomic Red Team. Improving preventive and detective controls.
588
$a
Description based on print version record.
650
0
$a
Computer security.
$3
184416
650
0
$a
Computer networks
$x
Security measures.
$3
185597
856
4 0
$u
https://onlinelibrary.wiley.com/doi/book/10.1002/9781119560302
筆 0 讀者評論
全部
電子館藏
館藏
1 筆 • 頁數 1 •
1
條碼號
館藏地
館藏流通類別
資料類型
索書號
使用類型
借閱狀態
預約狀態
備註欄
附件
000000203120
電子館藏
1圖書
電子書
EB QA76.9.A25 c2020
一般使用(Normal)
在架
0
1 筆 • 頁數 1 •
1
多媒體
多媒體檔案
https://onlinelibrary.wiley.com/doi/book/10.1002/9781119560302
評論
新增評論
分享你的心得
Export
取書館別
處理中
...
變更密碼
登入