Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Incident Response for Windows

You're reading from   Incident Response for Windows Adapt effective strategies for managing sophisticated cyberattacks targeting Windows systems

Arrow left icon
Product type Paperback
Published in Aug 2024
Publisher Packt
ISBN-13 9781804619322
Length 244 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Anatoly Tykushin Anatoly Tykushin
Author Profile Icon Anatoly Tykushin
Anatoly Tykushin
Svetlana Ostrovskaya Svetlana Ostrovskaya
Author Profile Icon Svetlana Ostrovskaya
Svetlana Ostrovskaya
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Part 1: Understanding the Threat Landscape and Attack Life Cycle
2. Chapter 1: Introduction to the Threat Landscape FREE CHAPTER 3. Chapter 2: Understanding the Attack Life Cycle 4. Part 2: Incident Response Procedures and Endpoint Forensic Evidence Collection
5. Chapter 3: Phases of an Efficient Incident Response on Windows Infrastructure 6. Chapter 4: Endpoint Forensic Evidence Collection 7. Part 3: Incident Analysis and Threat Hunting on Windows Systems
8. Chapter 5: Gaining Access to the Network 9. Chapter 6: Establishing a Foothold 10. Chapter 7: Network and Key Assets Discovery 11. Chapter 8: Network Propagation 12. Chapter 9: Data Collection and Exfiltration 13. Chapter 10: Impact 14. Chapter 11: Threat Hunting and Analysis of TTPs 15. Part 4: Incident Investigation Management and Reporting
16. Chapter 12: Incident Containment, Eradication, and Recovery 17. Chapter 13: Incident Investigation Closure and Reporting 18. Index 19. Other Books You May Enjoy

Index

As this ebook edition doesn't have fixed pagination, the page numbers below are hyperlinked for reference only, based on the printed edition of this book.

Symbols

12 tips for mitigating cyberattacks

reference link 148

A

Abuse Elevation Control Mechanism (T1548) 33, 99

Access Token Manipulation (T1134) 29, 33

Active Directory Service Interface (ADSI) 36

ADExplorer 34

ADFind 34, 118

ADRecon 34, 36, 118

Advanced IP Scanner 118

advanced persistent threats (APTs) 4, 8, 206

features 9

nation-state groups 8

non-nation-state threat actors 8

OPSEC practices 9, 10

Advanced Port Scanner 118

Alternate Authentication Material (T1550) 39

anomaly detection

intrusion, spotting in Windows environments 164, 165

antivirus (AV) 17

AnyDesk 42

Application Layer Protocol (T1071) 109

Atera 42

B

Background Activity Moderator 121

Background Intelligent Transfer Service (BITS) activity 101

Big Game...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime