Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the color images
• Conventions used
• Get in touch
• Share Your Thoughts

1. Section 1: Mastering Defensive Security Concepts

2. Chapter 1: A Refresher on Defensive Security Concepts FREE CHAPTER

• Technical requirements
• Deep dive into the core of cybersecurity
• Managing cybersecurity's legendary pain point: Passwords
• Mastering defense in depth
• Comparing the blue and red teams
• Summary
• Further reading

3. Chapter 2: Managing Threats, Vulnerabilities, and Risks

• Technical requirements
• Understanding cybersecurity vulnerabilities and threats
• Managing cybersecurity risks
• The NIST Cybersecurity Framework
• Creating an effective Business Continuity Plan (BCP)
• Implementing a best-in-class DRP
• Summary
• Further reading

4. Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits

• Creating world-class cybersecurity policies and procedures
• Understanding and achieving compliance
• Exploring, creating, and managing audits
• Applying a CMM
• Summary
• Further reading

5. Chapter 4: Patching Layer 8

• Understanding layer 8 – the insider threat
• Mastering the art of social engineering
• Defending against social engineering attacks (patching layer 8)
• Summary
• Further reading

6. Chapter 5: Cybersecurity Technologies and Tools

• Technical requirements
• Advanced wireless tools for cybersecurity
• Pentesting tools and methods
• Applying forensics tools and methods
• Dealing with APTs
• Leveraging security threat intelligence
• Converting a threat into a solution
• Summary
• Further reading

7. Section 2: Applying Defensive Security

8. Chapter 6: Securing Windows Infrastructures

• Technical requirements
• Applying Windows hardening
• Creating a patching strategy
• Applying security to AD
• Mastering endpoint security
• Leveraging encryption
• Summary

9. Chapter 7: Hardening a Unix Server

• Technical requirements
• Securing Unix services
• Applying secure file permissions
• Enhancing the protection of the server by improving your access controls
• Configuring host-based firewalls
• Advanced management of logs
• Summary
• Further reading

10. Chapter 8: Enhancing Your Network Defensive Skills

• Technical requirements
• Using the master tool of network mapping – Nmap
• Improving the protection of wireless networks
• Introducing Wireshark
• Working with IPS/IDS
• Summary

11. Chapter 9: Deep Diving into Physical Security

• Technical requirements
• Understanding physical security and associated threats
• Physical security mechanisms
• Mastering physical security
• Summary
• Further reading

12. Chapter 10: Applying IoT Security

• Technical requirements
• Understanding the Internet of Things
• Understanding IoT networking technologies
• Improving IoT security
• Creating cybersecurity hardware using IoT-enabled devices
• Bonus track – Understanding the danger of unauthorized IoT devices
• Summary
• Further reading

13. Chapter 11: Secure Development and Deployment on the Cloud

• Technical requirements
• Secure deployment and implementation of cloud applications
• Securing Kubernetes and APIs
• Hardening database services
• Testing your cloud security
• Summary
• Further reading

14. Chapter 12: Mastering Web App Security

• Technical requirements
• Gathering intelligence about your site/web application
• Leveraging DVWA
• Overviewing the most common attacks on web applications
• Using Burp Suite
• SQL injection attack on DVWA
• Brute forcing web applications' passwords
• Summary
• Further reading

15. Section 3: Deep Dive into Defensive Security

16. Chapter 13: Vulnerability Assessment Tools

• Technical requirements
• Dealing with vulnerabilities
• Using a vulnerability assessment scanner (OpenVAS)
• Overview of Nexpose Community
• Summary
• Further reading

17. Chapter 14: Malware Analysis

• Technical requirements
• Why should I analyze malware?
• Types and categories of malware analysis
• Best malware analysis tools
• Performing malware analysis
• Summary
• Further reading

18. Chapter 15: Leveraging Pentesting for Defensive Security

• Technical requirements
• Understanding the importance of logs
• Knowing your enemy's best friend – Metasploit
• Other offensive hacking tools
• Summary
• Further reading

19. Chapter 16: Practicing Forensics

• Introduction to digital forensics
• Digital forensics on defensive security
• Forensics platforms
• Finding evidence
• Mobile forensics
• Managing the evidence (from a legal perspective)
• Summary
• Further reading

20. Chapter 17: Achieving Automation of Security Tools

• Why bother with automation?
• Types of automated attacks
• Automation of cybersecurity tools using Python
• Cybersecurity automation with the Raspberry Pi
• Summary
• Further reading

21. Chapter 18: The Master's Compilation of Useful Resources

• Free cybersecurity templates
• Must-have web resources
• Industry-leading best practices
• Summary
• Further reading
• Why subscribe?

22. Other Books You May Enjoy

• Packt is searching for authors like you
• Share Your Thoughts