What Every Engineer Should Know About Cyber Security and Digital Forensics, 2nd Edition

What Every Engineer Should Know About Cyber Security and Digital Forensics, 2nd Edition

by Joanna F. DeFranco, Bob Maley
Released December 2022
Publisher(s): CRC Press
ISBN: 9781000797985

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Designed for the non-security professional, this book is an overview of the field of cyber security. The new edition updates content and introduces topics such as business changes and outsourcing. It addresses new cyber security risks such as IoT and Distributed Networks (i.e., blockchain) and covers strategy based on the OODA loop in the cycle.

Table of contents

  1. Cover
  2. Half Title Page
  3. Series Page
  4. Title Page
  5. Copyright Page
  6. Table of Contents
  7. What Every Engineer Should Know: Series Statement
  8. Preface
  9. Acknowledgments
  10. Authors
  11. Chapter 1 Security Threats
    1. 1.1 Introduction
    2. 1.2 Social Engineering
    3. 1.3 Travel
    4. 1.4 Mobile Devices
    5. 1.5 Internet
    6. 1.6 The Cloud
    7. 1.7 Cyber Physical Systems
    8. 1.8 Theft
    9. References
    10. Notes
  12. Chapter 2 Cyber Security
    1. 2.1 Introduction
    2. 2.2 Information Security
    3. 2.3 Security Architecture
    4. 2.4 Access Controls
    5. 2.5 Cryptography
      1. 2.5.1 Types of Cryptography or Cryptographic Algorithms
    6. 2.6 Network and Telecommunications Security
    7. 2.7 Operating System Security
    8. 2.8 Software Development Security
    9. 2.9 Database Security
    10. 2.10 Internet of Things Security
    11. 2.11 Business Continuity and Disaster Recovery
    12. 2.12 Physical Security
    13. 2.13 Legal, Regulations, Compliance, and Investigations
    14. 2.14 Operations Security
    15. 2.15 Information Security Governance and Risk Management
    16. References
  13. Chapter 3 Strategy to Outpace the Adversary
    1. 3.1 Introduction
    2. 3.2 The Problem
    3. 3.3 Boyd’s OODA Loop Overview
      1. 3.3.1 Observe in Depth
      2. 3.3.2 Orient in Depth
      3. 3.3.3 Decide in Depth
      4. 3.3.4 Act in Depth
    4. 3.4 OODA Loop Applied: The Ukraine-Russia Cyberwar
      1. 3.4.1 Observe
      2. 3.4.2 Orient
        1. 3.4.2.1 Understand the Cyber Security Posture of Your Third and Fourth Parties
        2. 3.4.2.2 Understand the Ransomware Susceptibility of Your Vendors
      3. 3.4.3 Decide
        1. 3.4.3.1 Monitor the DDoS Resiliency of Your Vendors
      4. 3.4.4 Act
      5. 3.4.5 Take Away Points
    5. 3.5 Conclusions and Recommendations
    6. References
    7. Note
  14. Chapter 4 Preparing for an Incident
    1. 4.1 Introduction
      1. 4.1.1 The Zachman Framework
      2. 4.1.2 Adaptation of the Zachman Framework to Incident Response Preparation
    2. 4.2 Risk Identification
    3. 4.3 Host Preparation
    4. 4.4 Network Preparation
    5. 4.5 Establishing Appropriate Policies and Procedures
    6. 4.6 Establishing an Incident Response Team
    7. 4.7 Preparing a Response Toolkit
    8. 4.8 Training
    9. References
    10. Notes
  15. Chapter 5 Incident Response and Digital Forensics
    1. 5.1 Introduction
    2. 5.2 Incident Response
      1. 5.2.1 Detection/Identification
      2. 5.2.2 Containment
      3. 5.2.3 Eradication
      4. 5.2.4 Recovery
    3. 5.3 Incident Response for Cloud Computing
    4. 5.4 Digital Forensics
      1. 5.4.1 Preparation
      2. 5.4.2 Collection
      3. 5.4.3 Analysis
      4. 5.4.4 Reporting
    5. 5.5 Mobile Phone Forensics
    6. References
    7. Notes
  16. Chapter 6 Development, Security, and Operations
    1. 6.1 What is a Secure Software Development Life Cycle?
    2. 6.2 Reasons to Use SDLC
    3. 6.3 Segregation of Environments
    4. 6.4 Secure SDLC Phases
    5. 6.5 Why Do Developers Not Follow SDLC?
    6. 6.6 Is SDLC an OODA Loop?
    7. References
  17. Chapter 7 Mobile Device Forensic Tools
    1. 7.1 Introduction
    2. 7.2 Tools
      1. 7.2.1 Axiom and Axiom Cyber by Magnet Forensics
      2. 7.2.2 ALEAPP Android and iOS Analysis Tools
      3. 7.2.3 Belkasoft Evidence Center X
      4. 7.2.4 Cellebrite Universal Forensic Extraction Device (UFED) and Physical Analyzer
      5. 7.2.5 Oxygen Forensics
      6. 7.2.6 Graykey from Gray Shift
      7. 7.2.7 DataPilot from Susteen
      8. 7.2.8 XRY from Micro Systemation
    3. 7.3 Conclusion
    4. Note
  18. Chapter 8 The Laws Most Likely to Affect IT and IT Security
    1. 8.1 Introduction
    2. 8.2 Managing Personal Data
      1. 8.2.1 Data Breach Laws
      2. 8.2.2 Cybersecurity Protection: Massachusetts/NY SHIELD Act
      3. 8.2.3 CCPA and CPRA
      4. 8.2.4 Virginia, Colorado, and Utah
      5. 8.2.5 PCI-DSS
      6. 8.2.6 HIPAA
      7. 8.2.7 FTC Act “Unfair or Deceptive Practices”
      8. 8.2.8 FERPA
      9. 8.2.9 GDPR and Personal Data Belonging to Non-US Residents
      10. 8.2.10 Contractual Agreements on Data Handling
    3. 8.3 Biometric Security
    4. 8.4 Collecting Digital Evidence and Electronic Discovery
      1. 8.4.1 Forensically Sound Collection of Digital Evidence
      2. 8.4.2 Electronic Discovery
    5. 8.5 Criminal Liability for Surveilling Employees
    6. 8.6 Organizational Security, Financial Institutions, and Critical Infrastructure
      1. 8.6.1 Gramm-Leach-Bliley Act
      2. 8.6.2 Sarbanes-Oxley
      3. 8.6.3 State Regulatory Requirements, Including NY DFS Cybersecurity Regulation
      4. 8.6.4 Federal Cybersecurity Framework for Critical Infrastructure
      5. 8.6.5 Defense Federal Acquisition Regulation Supplement (DFARS)
    7. Notes
  19. Chapter 9 Cyber Security and Digital Forensics Careers
    1. 9.1 Introduction
    2. 9.2 Career Opportunities
      1. 9.2.1 A Summarized List of “Information Security” Job Tasks
      2. 9.2.2 A Summarized List of “Digital Forensic” Job Tasks
    3. 9.3 Certifications
      1. 9.3.1 Information Security Certifications
      2. 9.3.2 Digital Forensic and Forensic Software Certifications
        1. 9.3.2.1 Digital Forensic Certifications
        2. 9.3.2.2 Forensic Software Certifications
    4. References
    5. Notes
  20. Chapter 10 Theory to Practice
    1. 10.1 Introduction
    2. 10.2 Case Study 1: It is All Fun and Games until Something Gets Deleted
      1. 10.2.1 After-Action Report
        1. 10.2.1.1 What Worked Well?
        2. 10.2.1.2 Lessons Learned
        3. 10.2.1.3 What to Do Differently Next Time
    3. 10.3 Case Study 2: How is This Working for You?
      1. 10.3.1 After-Action Report
        1. 10.3.1.1 What Worked Well?
        2. 10.3.1.2 Lessons Learned
        3. 10.3.1.3 What to Do Differently Next Time
    4. 10.4 Case Study 3: The Weakest Link
      1. 10.4.1 Background
      2. 10.4.2 The Crime
      3. 10.4.3 The Trial
        1. 10.4.3.1 The Defense
        2. 10.4.3.2 The Prosecution
        3. 10.4.3.3 Other Strategies to Win the Case
        4. 10.4.3.4 Verdict
      4. 10.4.4 After-Action Report
        1. 10.4.4.1 What Worked Well for UBS-PW?
        2. 10.4.4.2 What to Do Differently Next Time
    5. 10.5 Case Study 4: Dealing with Phishing Using the OODA Loop
    6. 10.6 Case Study 5: Dealing with Incident Response Using the OODA Loop
    7. 10.7 Case Study 6: The Colonial Pipeline: Three Assumptions You Should Never Make about Ransomware
      1. 10.7.1 Background
    8. References
    9. Notes
  21. Index

Product information

  • Title: What Every Engineer Should Know About Cyber Security and Digital Forensics, 2nd Edition
  • Author(s): Joanna F. DeFranco, Bob Maley
  • Release date: December 2022
  • Publisher(s): CRC Press
  • ISBN: 9781000797985