Build Your Own Cybersecurity Testing Lab: Low-cost Solutions for Testing in Virtual and Cloud-based Environments

Build Your Own Cybersecurity Testing Lab: Low-cost Solutions for Testing in Virtual and Cloud-based Environments

by Ric Messier
Released February 2020
Publisher(s): McGraw-Hill
ISBN: 9781260458329

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.


Manage your own robust, inexpensive cybersecurity testing environment

This hands-on guide shows clearly how to administer an effective cybersecurity testing lab using affordable technologies and cloud resources. Build Your Own Cybersecurity Testing Lab: Low-cost Solutions for Testing in Virtual and Cloud-based Environments fully explains multiple techniques for developing lab systems, including the use of Infrastructure-as-Code, meaning you can write programs to create your labs quickly, without manual steps that could lead to costly and frustrating mistakes. Written by a seasoned IT security professional and academic, this book offers complete coverage of cloud and virtual environments as well as physical networks and automation. Included with the book is access to videos that demystify difficult concepts.

Inside, you will discover how to:
    • Gather network requirements and build your cybersecurity testing lab
    • Set up virtual machines and physical systems from inexpensive components
    • Select and configure the necessary operating systems
    • Gain remote access through SSH, RDP, and other remote access protocols
    • Efficiently isolate subnets with physical switches, routers, and VLANs
    • Analyze the vulnerabilities and challenges of cloud-based infrastructures
    • Handle implementation of systems on Amazon Web Services, Microsoft Azure, and Google Cloud Engine
    • Maximize consistency and repeatability using the latest automation tools

Table of contents

  1. Cover
  2. About the Author
  3. Title Page
  4. Copyright Page
  5. Contents
  6. Introduction
  7. Chapter 1 Why Perform Security Testing?
    1. Compliance
    2. Security Testing
      1. Software Security Testing
      2. Stress Testing
      3. Penetration Testing
      4. Red Teaming
      5. Blue Team/Operations Testing
    3. Goals
    4. Isolation
    5. You vs. the Enterprise
    6. Summary
  8. Chapter 2 Network Design
    1. Networking Basics
      1. Network Access Layer
      2. Switching
      3. Internetworking Layer
    2. Network Topologies
    3. Design Requirements
    4. The Importance of Isolation
      1. Air Gaps
      2. Routing
      3. Firewalls
    5. Summary
  9. Chapter 3 Physical and Virtual Machines
    1. Physical Systems
      1. Specifications
      2. Go New!
      3. Reduce, Reuse, Recycle
      4. Low-Cost Devices
      5. Racking and Stacking
    2. Virtualization
      1. Type 1 Hypervisors
      2. Type 2 Hypervisors
      3. Containers
    3. Summary
  10. Chapter 4 Operating Systems
    1. Operating Systems to Test From
      1. Windows
      2. Linux
      3. Single-Board Computer (SBC) Operating Systems
    2. Systems Under Test
      1. Metasploitable 2
      2. Metasploitable 3
      3. Web Applications
    3. Command Line Considerations
    4. Summary
  11. Chapter 5 Remote Access
    1. Virtual Private Networks
      1. Windows VPN
      2. Linux VPN
    2. Shell Access
    3. Graphical Interfaces
    4. Remote Management (No Interface)
    5. Virtual Machine Access
    6. Summary
  12. Chapter 6 Networking
    1. Switching
      1. Virtual Local Area Networks (VLANs)
      2. Private VLANs
    2. Routing
      1. Static Routing
      2. Dynamic Routing
    3. Virtual Machine Networking
    4. Software Defined Networking
    5. Summary
  13. Chapter 7 Cloud Computing and Private Clouds
    1. Cloud Services
      1. Infrastructure as a Service
      2. Platform as a Service
      3. Storage as a Service
      4. Software as a Service
    2. Elements of Cloud
    3. OpenStack
      1. Using DevStack
      2. Admin
      3. Instantiation
      4. Networking
      5. Security Groups
      6. Finding Images
    4. Summary
  14. Chapter 8 Amazon Web Services
    1. Traditional Architecture
      1. Data Storage
      2. Application Server
      3. Web Server
      4. Load Balancer
    2. The Cloud Way
      1. Microservices
      2. Message Queuing Services
      3. Database
    3. Summary
  15. Chapter 9 Microsoft Azure
    1. Traditional Web Design
      1. Load Balancers
      2. Web Servers
      3. Application Server
      4. Database
    2. Cloud Native
      1. Serverless
      2. Containers
      3. Databases
    3. Summary
  16. Chapter 10 Google Cloud Engine
    1. Traditional Architecture
      1. Database
      2. Application Server
      3. Web Server
      4. Load Balancer
    2. Cloud-Native
      1. Containers
      2. Databases
    3. Summary
  17. Chapter 11 Automation
    1. DevOps and DevSecOps
    2. Command Line Access
    3. Infrastructure as Code
    4. Summary
  18. Index

Product information

  • Title: Build Your Own Cybersecurity Testing Lab: Low-cost Solutions for Testing in Virtual and Cloud-based Environments
  • Author(s): Ric Messier
  • Release date: February 2020
  • Publisher(s): McGraw-Hill
  • ISBN: 9781260458329