Search Inside and Read Larger Cover Defensive Security Handbook Best Practices for Securing Infrastructure By Publisher: O'Reilly Media Final Release Date: April 2017 Pages: 284 Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job. For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost. Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others. Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks. Learn fundamentals of starting or redesigning an InfoSec program

Create a base set of policies, standards, and procedures

Plan and design incident response, disaster recovery, compliance, and physical security

Bolster Microsoft and Unix systems, network infrastructure, and password management

Use segmentation practices and designs to compartmentalize your network

Explore automated process and tools for vulnerability management

Securely develop code to reduce exploitable errors

Understand basic penetration testing concepts through purple teaming

Delve into IDS, IPS, SOC, logging, and monitoring Chapter 1 Creating a Security Program Lay the Groundwork Establish Teams Baseline Security Posture Assess Threats and Risks Prioritize Create Milestones Use Cases, Tabletops, and Drills Expanding Your Team and Skillsets Conclusion Chapter 2 Asset Management and Documentation Information Classification Asset Management Implementation Steps Asset Management Guidelines Documentation Conclusion Chapter 3 Policies Language Document Contents Topics Storage and Communication Conclusion Chapter 4 Standards and Procedures Standards Language Procedures Language Document Contents Conclusion Chapter 5 User Education Broken Processes Bridging the Gap Building Your Own Program Gaining Meaningful Metrics Conclusion Chapter 6 Incident Response Processes Tools and Technology Conclusion Chapter 7 Disaster Recovery Setting Objectives Recovery Strategies Dependencies Scenarios Invoking a Fail Over...and Back Testing Security Considerations Conclusion Chapter 8 Industry Compliance Standards and Frameworks Industry Compliance Standards Frameworks Regulated Industries Conclusion Chapter 9 Physical Security Physical Operational Conclusion Chapter 10 Microsoft Windows Infrastructure Quick Wins Active Directory Domain Services Group Policy Objects EMET MS-SQL Server Conclusion Chapter 11 Unix Application Servers Keeping Up-to-Date Chapter 12 Endpoints Keeping Up-to-Date Hardening Endpoints Mobile Device Management Endpoint Visibility Centralization Conclusion Chapter 13 Password Management and Multifactor Authentication Basic Password Practices Password Management Software Password Resets Password Breaches Encryption, Hashing, and Salting Password Storage Locations and Methods Password Security Objects Multifactor Authentication Conclusion Chapter 14 Network Infrastructure Firmware/Software Patching Device Hardening Routers Switches Egress Filtering IPv6: A Cautionary Note TACACS+ Conclusion Chapter 15 Segmentation Network Segmentation Application Roles and Responsibilities Conclusion Chapter 16 Vulnerability Management How Vulnerability Scanning Works Authenticated versus Unauthenticated Scans Vulnerability Assessment Tools Vulnerability Management Program Remediation Prioritization Risk Acceptance Conclusion Chapter 17 Development Language Selection Secure Coding Guidelines Testing System Development Lifecycle Conclusion Chapter 18 Purple Teaming Open Source Intelligence Chapter 19 IDS and IPS Types of IDS and IPS Cutting Out the Noise Writing Your Own Signatures NIDS and IPS Locations Encrypted Protocols Conclusion Chapter 20 Logging and Monitoring What to Log Where to Log Security Information and Event Management Designing the SIEM Log Analysis Logging and Alerting Examples Log Aggregation Use Case Analysis Conclusion Chapter 21 The Extra Mile Email Servers DNS Servers Security through Obscurity Useful Resources Appendix User Education Templates Live Phishing Education Slides Phishing Program Rules Title: Defensive Security Handbook By: Lee Brotherston, Amanda Berlin Publisher: O'Reilly Media Formats: Print

Ebook

Safari Books Online Print: Ebook: Pages: 284 Print ISBN: 978-1-4919-6038-7 | ISBN 10: 1-4919-6038-8 Ebook ISBN: 978-1-4919-6032-5 | ISBN 10: 1-4919-6032-9 Lee Brotherston Lee Brotherston is a Senior Security Advisor with Leviathan Security, providing Information Security consulting services to a range of clients. Having spent more than a decade in Information Security, Lee has worked as an Internal Security resource across many verticals including Finance, Telecommunications, Hospitality, Entertainment, and Government in roles ranging from Engineer to IT Security Manager. View Lee Brotherston's full profile page. Amanda Berlin Amanda Berlin is an Information Security Architect for a consulting firm in Northern Ohio. She has spent over a decade in different areas of technology and sectors providing infrastructure support, triage, and design. Amanda has been involved in implementing a secure Payment Card Industries (PCI) process and Health Insurance Portability and Accountability Act (HIPAA) compliance as well as building a comprehensive phishing and awards-based user education program. She is the author for a Blue Team best practices book called "Defensive Security Handbook: Best Practices for Securing Infrastructure" through O'Reilly Media. She is a co-host on the Brakeing Down Security podcast and writes for several blogs. On Twitter, she's @InfoSystir. View Amanda Berlin's full profile page. Table of Contents Product Details About the Author Recommended for You Related Content Customer Reviews REVIEW SNAPSHOT® by PowerReviews oreilly 4.3 (based on 3 reviews) Ratings Distribution 5 Stars (2)

4 Stars (0)

3 Stars (1)

2 Stars (0)

1 Stars (0) Ratings Distribution 5 Stars (2)

4 Stars (0)

3 Stars (1)

2 Stars (0)

1 Stars (0) Pros Easy to understand (3)

Helpful examples (3) Cons No Cons Best Uses No Best Uses Reviewed by 3 customers Sort by Newest Oldest Highest rating Lowest rating Most helpful Least helpful Clear all filters Displaying reviews 1-3 Back to top (2 of 5 customers found this review helpful) 5.0 Best all around information security book on the market By Infosystir from Ohio About Me Designer, Educator, Sys Admin Pros Accurate

Concise

Easy to understand

Helpful examples

Well-written Cons Best Uses Expert

Intermediate

Novice

Student (9 of 9 customers found this review helpful) 5.0 Excellent content and more to come By ihatenicknames from San Francisco, CA About Me Developer, Technical Manager Pros Accurate

Easy to understand

Helpful examples

Well-written Cons Still Being Written Best Uses Intermediate

Novice

Student (1 of 1 customers found this review helpful) 3.0 Eagerly awaiting the next update By FormerlyBoyGenius from Chicago, IL About Me Sys Admin Pros Easy to understand

Helpful examples Cons Not comprehensive enough Best Uses Displaying reviews 1-3 Back to top Immediate Access - Go Digital what's this? Ebook: $33.99 Formats: DAISY, ePub, Mobi, PDF Print & Ebook: $43.99 Print: $39.99