Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder(Paperback)

Don Murdoch GSE

  • 出版商: CreateSpace Independ
  • 出版日期: 2014-08-03
  • 售價: $760
  • 貴賓價: 9.5$722
  • 語言: 英文
  • 頁數: 164
  • 裝訂: Paperback
  • ISBN: 1500734756
  • ISBN-13: 9781500734756
  • 相關分類: 資訊安全
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Updated, Expanded, and released to print on 10/5/14! Complete details below! Two new sections, five protocol header illustrations, improved formatting, and other corrections.

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics. The book is peppered with practical real life techniques from the authors extensive career working in academia and a corporate setting. Whether you are writing up your cases notes, analyzing potentially suspicious traffic, or called in to look over a misbehaving server – this book should help you handle the case and teach you some new techniques along the way.

Version 2.0 updates:
- *** A new section on Database incident response was added.
- *** A new section on Chain of Custody was added.
- *** Matt Baxter's superbly formatted protocol headers were added!
- Table headers bolded.
- Table format slightly revised throughout book to improve left column readability.
- Several sentences updated and expanded for readability and completeness.
- A few spelling errors were corrected.
- Several sites added to the Web References section.
- Illustrations reformatted for better fit on the page.
- An index was added.
- Attribution for some content made more clear (footnotes, expanded source citing)
- Content expanded a total of 20 pages

商品描述(中文翻譯)

更新、擴充並於2014年10月5日出版!詳細內容如下!新增兩個章節、五個協議標頭插圖、改善格式以及其他修正。

《藍隊手冊》是一本針對網路安全事件回應人員和資訊安全專業人士的零廢話參考指南。該手冊以簡明手冊格式提供關於事件回應流程、攻擊者作業方式、常用工具、作者在12年間開發的網路分析方法論、Windows和Linux分析流程、tcpdump使用範例、Snort IDS使用等主題的基本資訊。書中融入了作者在學術界和企業環境中豐富職業生涯中的實用技巧。無論您是在撰寫案例筆記、分析可能可疑的流量,或是被要求檢視一台異常運作的伺服器,這本書都應該能幫助您處理案件並學習一些新技巧。

2.0版本更新內容:
- 新增一個關於資料庫事件回應的章節。
- 新增一個關於證物鏈的章節。
- 新增Matt Baxter精心格式化的協議標頭!
- 表格標題加粗。
- 稍微修改整本書的表格格式,以提升左欄的可讀性。
- 更新並擴充數個句子,以提升可讀性和完整性。
- 更正幾個拼字錯誤。
- 在網路參考資料部分新增數個網站。
- 重新格式化插圖,以更好地適應頁面。
- 新增索引。
- 更清楚地標示部分內容的來源(腳註、擴充引用來源)。
- 內容擴充了20頁。