Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the example code files
• Code in Action
• Download the color images
• Conventions used
• Get in touch
• Reviews

1. Section 1: Network and Security Concepts

2. Chapter 1: Exploring Networking Concepts FREE CHAPTER

• Technical requirements
• The functions of the network layers
• Understanding the purpose of various network protocols
• Summary
• Questions
• Further reading

3. Chapter 2: Exploring Network Components and Security Systems

• Technical requirements
• Exploring various network services
• Discovering the role and operations of network devices
• Describing the functions of Cisco network security systems
• Summary
• Questions
• Further reading

4. Chapter 3: Discovering Security Concepts

• Introducing the principles of defense in depth
• Exploring security terminologies
• Exploring access control models
• Understanding security deployment
• Summary
• Questions

5. Section 2: Principles of Security Monitoring

6. Chapter 4: Understanding Security Principles

• Technical requirements
• Understanding a security operation center
• Understanding the security tools used to inspect data types on a network
• Understanding the impact of data visibility through networking technologies
• Understanding how threat actors transport malicious code
• Delving into data types used during security monitoring
• Summary
• Questions
• Further reading

7. Chapter 5: Identifying Attack Methods

• Understanding network-based attacks
• Exploring web application attacks
• Delving into social engineering attacks
• Understanding endpoint-based attacks
• Interpreting evasion and obfuscation techniques
• Summary
• Questions
• Further reading

8. Chapter 6: Working with Cryptography and PKI

• Technical requirements
• Understanding the need for cryptography
• Types of ciphers
• Understanding cryptanalysis
• Understanding the hashing process
• Exploring symmetric encryption algorithms
• Delving into asymmetric encryption algorithms
• Understanding PKI
• Using cryptography in wireless security
• Summary
• Questions
• Further reading

9. Section 3: Host and Network-Based Analysis

10. Chapter 7: Delving into Endpoint Threat Analysis

• Technical requirements
• Understanding endpoint security technologies
• Understanding Microsoft Windows components
• Exploring Linux components
• Summary
• Questions
• Further reading

11. Chapter 8: Interpreting Endpoint Security

• Technical requirements
• Exploring the Microsoft Windows filesystem
• Delving into the Linux filesystem
• Understanding the CVSS
• Working with malware analysis tools
• Summary
• Questions

12. Chapter 9: Exploring Computer Forensics

• Technical requirements
• Understanding the need for computer forensics
• Understanding types of evidence
• Contrasting tampered and untampered disk images
• Tools commonly used during a forensics investigation
• Understanding the role of attribution in an investigation
• Summary
• Questions
• Further reading

13. Chapter 10: Performing Intrusion Analysis

• Technical requirements
• Identifying intrusion events based on source technologies
• Stateful and deep packet firewall operations
• Comparing inline traffic interrogation techniques
• Understanding impact and no impact on intrusion
• Protocol headers in intrusion analysis
• Packet analysis using a PCAP file and Wireshark
• Summary
• Questions
• Further reading

14. Section 4: Security Policies and Procedures

15. Chapter 11: Security Management Techniques

• Technical requirements
• Identifying common artifact elements
• Interpreting basic regular expressions
• Understanding asset management
• Delving into configuration and mobile device management
• Exploring patch and vulnerability management
• Summary
• Questions
• Further reading

16. Chapter 12: Dealing with Incident Response

• Understanding the incident handling process
• Exploring CSIRT teams and their responsibilities
• Delving into network and server profiling
• Comparing compliance frameworks
• Summary
• Questions
• Further reading

17. Chapter 13: Implementing Incident Handling

• Understanding the NIST SP 800-86 components
• Sharing information using VERIS
• Exploring the Cyber Kill Chain
• Delving into the Diamond Model of Intrusion Analysis
• Identifying protected data in a network
• Summary
• Questions
• Further reading

18. Chapter 14: Implementing Cisco Security Solutions

• Technical requirements
• Implementing AAA in a Cisco environment
• Deploying a zone-based firewall
• Configuring an IPS
• Summary
• Further reading

19. Chapter 15: Working with Cisco Security Solutions

• Technical requirements
• Implementing secure protocols on Cisco devices
• Deploying Layer 2 security controls
• Configuring a Cisco ASA firewall
• Summary

20. Chapter 16: Real-World Implementation and Best Practices

• Technical requirements
• Implementing an open source SIEM tool
• Implementing tools to perform the active scanning of assets
• Using open source breach and attack simulation tools
• Implementing an open source honeypot platform
• Summary

21. Chapter 17: Mock Exam 1

22. Chapter 18: Mock Exam 2

23. Assessment

• Chapter 2
• Chapter 3
• Chapter 4
• Chapter 5
• Chapter 6
• Chapter 7
• Chapter 8
• Chapter 9
• Chapter 10
• Chapter 11
• Chapter 12
• Chapter 13
• Chapter 17
• Chapter 18
• Why subscribe?

24. Other Books You May Enjoy

• Packt is searching for authors like you
• Leave a review - let other readers know what you think