Defensive Security Handbook: Best Practices for Securing Infrastructure

Lee Brotherston, Amanda Berlin

買這商品的人也買了...

商品描述

Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job. For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.

Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others. Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks.

  • Learn fundamentals of starting or redesigning an InfoSec program
  • Create a base set of policies, standards, and procedures
  • Plan and design incident response, disaster recovery, compliance, and physical security
  • Bolster Microsoft and Unix systems, network infrastructure, and password management
  • Use segmentation practices and designs to compartmentalize your network
  • Explore automated process and tools for vulnerability management
  • Securely develop code to reduce exploitable errors
  • Understand basic penetration testing concepts through purple teaming
  • Delve into IDS, IPS, SOC, logging, and monitoring

商品描述(中文翻譯)

儘管高調的駭客攻擊、創紀錄的數據洩露和勒索軟體攻擊不斷增加,但許多組織並沒有預算來建立或外包信息安全(InfoSec)計劃,迫使他們在工作中學習。對於被迫臨時應變的公司來說,這本實用指南提供了一本安全101手冊,提供步驟、工具、流程和想法,以幫助您以最小或零成本推動最大程度的安全改進。

本書的每一章都提供了處理特定問題的逐步指南,包括違規和災難、合規性、網絡基礎設施和密碼管理、漏洞掃描和滲透測試等。網絡工程師、系統管理員和安全專業人員將學習到工具和技術,以幫助以明智、可管理的方式提高安全性。

- 學習開始或重新設計InfoSec計劃的基礎知識
- 建立一套基本的政策、標準和程序
- 計劃和設計事件應對、災難恢復、合規性和物理安全
- 加強Microsoft和Unix系統、網絡基礎設施和密碼管理
- 使用分割實踐和設計來區分您的網絡
- 探索漏洞管理的自動化流程和工具
- 安全地開發代碼以減少可利用的錯誤
- 通過紫隊合作了解基本的滲透測試概念
- 深入研究入侵檢測系統(IDS)、入侵防禦系統(IPS)、安全運營中心(SOC)、日誌記錄和監控