Defensive Security Handbook, 2nd Edition

Defensive Security Handbook, 2nd Edition

by Lee Brotherston, Amanda Berlin, William F. Reyor
Released July 2024
Publisher(s): O'Reilly Media, Inc.
ISBN: 9781098127244

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don't have the budget for an information security (InfoSec) program. If you're forced to protect yourself by improvising on the job, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.

Each chapter in this book provides step-by-step instructions for dealing with issues such as breaches and disasters, compliance, network infrastructure, password management, vulnerability scanning, penetration testing, and more. Network engineers, system administrators, and security professionals will learn how to use frameworks, tools, and techniques to build and improve their cybersecurity programs.

This book will help you:

  • Plan and design incident response, disaster recovery, compliance, and physical security
  • Learn and apply basic penetration testing concepts through purple teaming
  • Conduct vulnerability management using automated processes and tools
  • Use IDS, IPS, SOC, logging, and monitoring
  • Bolster Microsoft and Unix systems, network infrastructure, and password management
  • Use segmentation practices and designs to compartmentalize your network
  • Reduce exploitable errors by developing code securely

Publisher resources

View/Submit Errata

Table of contents

  1. Brief Table of Contents (Not Yet Final)
  2. 1. Creating a Security Program
    1. Lay the Groundwork
    2. Establish Teams
    3. Baseline Security Posture
    4. Assess Threats and Risks
      1. Identify Scope, Assets, & Threats
      2. Assess Risk & Impact
      3. Mitigate
      4. Monitor
    5. Prioritize
    6. Create Milestones
    7. Use Cases, Tabletops, and Drills
    8. Expanding Your Team and Skillsets
    9. Conclusion
  3. 2. Asset Management and Documentation
    1. Objectives of the Chapter
      1. What Do We Mean by Not a One-Time Project?
      2. Definition of Asset Management
    2. Documentation
    3. Types of Assets and Establishing the Schema
    4. How Are You Storing Data?
      1. Small Businesses
      2. Mid-Market Enterprises
      3. Large Enterprises
    5. Understanding Your Inventory Schema: Incorporating Criticality and Risk
      1. Criticality
      2. Risk
    6. Data Classification
    7. A University Advancement Example
    8. Asset Management Implementation Steps
      1. Defining the Life-cycle
      2. Information Gathering
        1. Asset management in the cloud(s)
      3. Change Tracking
      4. Monitoring and Reporting
    9. Asset Management Guidelines
      1. Automation
      2. One Source of Truth
      3. Organize a Company-Wide Team
      4. Executive Champions
      5. Software Licensing
    10. Conclusion
  4. 3. Policies
    1. Language
    2. Document Contents
    3. Topics
    4. Storage and Communication
    5. Conclusion
  5. 4. Standards and Procedures
    1. Standards
    2. Language
    3. Procedures
    4. Language
    5. Document Contents
    6. Conclusion
  6. 5. User Education
    1. Broken Processes
    2. Bridging the Gap
    3. Building Your Own Program
      1. Establish Objectives
      2. Establish Baselines
      3. Scope and Create Program Rules and Guidelines
      4. Implement and Document Program Infrastructure
      5. Positive Reinforcement
      6. Gamification
      7. Define Incident Response Processes
    4. Gaining Meaningful Metrics
      1. Measurements
      2. Tracking Success Rate and Progress
      3. Important Metrics
    5. Conclusion
  7. 6. Incident Response
    1. Processes
      1. Pre-Incident Processes
      2. Incident Processes
      3. Post-Incident Processes
    2. Tools and Technology
      1. Log Analysis
      2. Disk and File Analysis
      3. Memory Analysis
      4. PCAP Analysis
      5. All in One
    3. Conclusion
  8. 7. Disaster Recovery
    1. Setting Objectives
      1. Recovery Point Objective
      2. Recovery Time Objective
    2. Recovery Strategies
      1. Backups
      2. Warm Standby
      3. High Availability
      4. Alternate System
      5. System Function Reassignment
    3. Dependencies
    4. Scenarios
    5. Invoking a Fail Over...and Back
    6. Testing
    7. Security Considerations
    8. Conclusion
  9. 8. Industry Compliance Standards and Frameworks
    1. Industry Compliance Standards
      1. Family Educational Rights and Privacy Act
      2. Gramm-Leach Bliley Act
      3. Health Insurance Portability & Accountability Act
      4. 0. Payment Card Industry Data Security Standard (PCI DSS)
      5. Sarbanes-Oxley Act
    2. Frameworks
      1. Center for Internet Security
      2. 0. Cloud Control Matrix
      3. The Committee of Sponsoring Organizations of the Treadway Commission
      4. 0. Control Objectives for Information and Related Technologies
      5. ISO-27000 Series
      6. MITRE ATT&CK
      7. 0. NIST CyberSecurity Framework
    3. Regulated Industries
      1. Financial
      2. Government
      3. Healthcare
    4. Conclusion
  10. 9. Physical Security
    1. Physical
      1. Restrict Access
      2. Video Surveillance
      3. Authentication Maintenance
      4. Secure Media
      5. Datacenters
    2. Operational
      1. Identify Visitors and Contractors
      2. Visitor Actions
      3. Contractor Actions
      4. Badges
      5. Include Physical Security Training
    3. Conclusion
  11. 10. Microsoft Windows Infrastructure
    1. Quick Wins
      1. Upgrade
      2. Third-Party Patches
      3. Open Shares
    2. Active Directory Domain Services
      1. Forest
      2. Domain
      3. Domain Controllers
      4. OUs
      5. Groups
      6. Accounts
    3. Group Policy Objects
    4. Conclusion
  12. 11. Unix Application Servers
    1. Keeping Up-to-Date
      1. Third-Party Software Updates
      2. Core Operating System Updates
      3. Hardening a Unix Application Server
      4. Disable services
    2. Conclusion
  13. About the Authors

Product information

  • Title: Defensive Security Handbook, 2nd Edition
  • Author(s): Lee Brotherston, Amanda Berlin, William F. Reyor
  • Release date: July 2024
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781098127244