Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Enterprise Cloud Security and Governance

You're reading from   Enterprise Cloud Security and Governance Efficiently set data protection and privacy principles

Arrow left icon
Product type Paperback
Published in Dec 2017
Publisher Packt
ISBN-13 9781788299558
Length 410 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Zeal Vora Zeal Vora
Author Profile Icon Zeal Vora
Zeal Vora
Arrow right icon
View More author details
Toc

Table of Contents (11) Chapters Close

Preface 1. The Fundamentals of Cloud Security FREE CHAPTER 2. Defense in Depth Approach 3. Designing Defensive Network Infrastructure 4. Server Hardening 5. Cryptography Network Security 6. Automation in Security 7. Vulnerability, Pentest, and Patch Management 8. Security Logging and Monitoring 9. First Responder 10. Best Practices

What this book covers

Chapter 1, The Fundamentals of Cloud Security, begins with providing a solid foundation for
cloud computing followed by the challenges faced when an organization moves into the cloud. At the end of the chapter, we look into at a case study of the real-world scenarios about servers of a known start-up getting hacked and analyze the security shortcoming that leads to the downfall.

Chapter 2, Defense in Depth Approach, provides insights into the structural approach for defensive security that can provide a solid base for security in an organization to protect against attacks. We have an abstract overview of the tools and technologies that can be used at these layers. This chapter provides the foundation for the rest of the book.

Chapter 3, Designing Defensive Network Infrastructure, begins with revising the fundamentals related to the TCP/IP model and then continues with understanding the stateful and stateless nature of firewalls, ideal approach to design firewall rules, and best practices. We also look into the implementation approach related to IPS in the cloud along with various technologies like Bastion Hosts and Virtual Private Networks. Throughout this chapter, we discuss the best practices both in terms of process and implementation side that will help the organization build strong network perimeter.

Chapter 4, Server Hardening, deals with the operating system level security. This chapter provides insights into the implementation of the principle of least privilege based approach with the help of various technologies related to centralized authentication and single-sign-on solutions. Along with this we have a great overview related to auditing functionality with help of AuditD and explore pluggable authentication modules as well. At the end, we look into various tools and technologies for disk level encryptions, server hardening, SELinux, host-based intrusion detection system and the approach for building “Hardening / Golden Images”.

Chapter 5, Cryptography Network Security, begins with revising the fundamentals of cryptography and then moves to explore various technologies like hardware security modules, Key Management Service along with looking into the SSL/TLS section along with the associated security best practices related to HSTS, Perfect Forward Secrecy, OCSP stapling and many more.

Chapter 6, Automation in Security, explore more about configuration management and infrastructure as code-based approach and their necessity and importance in building secure environments. In this chapter, we revise and explore tools like Terraform, Ansible along with it’s associated best practices. We look into the approach of “Desired State” that can be achieved with this configuration management and infrastructure as code-based tools and it’s significance in maintaining overall security posture in the organization.

Chapter 7, Vulnerability, Pentest, and Patch Management, gives you insights on how to implement an entire cycle of vulnerability assessment to patch management. This is one of the very important parts of any organization, and many big organizations have been compromised because of not being able to implement and follow this life cycle phase. We look into the industry standard tools, proven best practices, and approaches that you can implement in your organization related to this phase.

Chapter 8, Security Logging and Monitoring, provides insights into operational considerations related to logging monitoring, an overview of log management activity, and tools and things that need to be captured to give you the right overview of the current happening within your organization.

Chapter 9, First Responder, walks you through incident response. This chapter gives you an overview of incident response and the ideal ways in which you can implement an incident response plan, along with ways in which you can continually check on the preparedness of your incident response team.

Chapter 10, Best Practices, condenses all the chapters and the associated tools into tabular form for easy insights into the overall book.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime