Cybersecurity Attack and Defense Strategies
Infrastructure security with Red Team and Blue Team tactics
Yuri Diogenes
Erdal Ozkaya
BIRMINGHAM - MUMBAI
Cybersecurity Attack and Defense Strategies
Copyright 2018 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors nor Packt Publishing or its dealers and distributors will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Commissioning Editor: Vijin Boricha
Acquisition Editor: Namrata Patil
Content Development Editor: Amrita Noronha
Technical Editor: Sneha Hanchate
Copy Editor: Safis Editing
Project Coordinator: Shweta Birwatkar
Proofreader: Safis Editing
Indexers: Pratik Shirodkar
Graphics: Tania Dutta
Production Coordinator: Shantanu Zagade
First published: January 2018
Production reference: 1230118
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78847-529-7
www.packtpub.com
mapt.io
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
PacktPub.com
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.
At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.
Contributors
About the authors
Yuri Diogenes is a professor at EC-Council University for their master's degree in cybersecurity program. Yuri has a master of science degree in cybersecurity from UTICA College, and MBA from FGV Brazil. Yuri currently holds the following certifications CISSP, CyberSec First Responder, CompTIA CSA+, E|CEH, E|CSA, E|CHFI, E|CND, CyberSec First Responder, CompTIA, Security+, CompTIA Cloud Essentials, Network+, Mobility+, CASP, CSA+, MCSE, MCTS, and Microsoft Specialist - Azure.
First and foremost, I would like to thank God for enabling me to write another book. I also would like to thank my wife, Alexsandra, and my daughters, Yanne and Ysis, for their unconditional support. To my coauthor and friend, Erdal Ozkaya, for the great partnership. To Amrita Noronha for her amazing support throughout this project.
Erdal Ozkaya is a doctor of philosophy in Cybersecurity, master of information systems security, master of computing research CEI, MCT, MCSE, E|CEH, E|CSA, E|CISO, CFR, and CISSP. He works for Microsoft as a cybersecurity architect and security advisor and is also a part-time lecturer at Australian Charles Sturt University. He has coauthored many security certification coursewares for different vendors and speaks in worldwide conferences. He has won many awards in his field and works hard to make the Cyber-World safe.
I would like to thank my wife, Arzu, and my kids, Jemre and Azra, for all their support and love. I would like to give special thanks to my parents and brothers who have helped me become who I am. I would also like to thank my supervisor, Dr. Rafiqul Islam, for his help and feedback whenever I have needed it.
About the reviewers
Vijay Kumar Velu is a passionate information security practitioner, author, speaker, and blogger, currently based in Malaysia. He has more than 11 years of IT industry experience. He is a licensed penetration tester and has specialized in providing technical solutions to a variety of cyber problems. He is the author of Mastering Kali Linux for Advanced Penetration Testing, Second Edition and Mobile Application Penetration Testing.
Pascal Ackerman is a seasoned industrial security professional with a degree in electrical engineering with over 15 years of experience in designing, troubleshooting, and securing large-scale industrial control systems and the various types of network technologies they utilize. After more than a decade of hands-on, in-the-field experience, he joined Rockwell Automation in 2015. He is currently employed as a senior consultant of industrial cybersecurity with the Network and Security Services Group. He recently became a digital nomad and now travels the world with his family while fighting cyber adversaries.
Packt is searching for authors like you
If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.
Table of Contents
Preface
With a threat landscape that it is in constant motion, it becomes imperative to have a strong security posture, which in reality means enhancing the protection, detection, and response. Throughout this book, you will learn the attack methods and patterns to recognize abnormal behavior within your organization with Blue Team tactics. You will also learn techniques to gather exploitation intelligence, identify risks, and demonstrate impact on Red and Blue team strategies.
Who this book is for
This book is for information security professionals and IT professionals who want to know more about Cybersecurity.
What this book covers
, Security Posture, defines what constitute a secure posture and how it helps in understanding the importance of having a good defense and attack strategy.
, Incident Response Process, introduces the incident response process and the importance to have one. It goes over different industry standards and best practices for handling the incident response.