000 | 03898cam a2200613Ia 4500 | ||
---|---|---|---|
001 | on1136964952 | ||
003 | OCoLC | ||
005 | 20220711203555.0 | ||
006 | m o d | ||
007 | cr un|---aucuu | ||
008 | 200118s2020 inu o 001 0 eng d | ||
040 |
_aEBLCP _beng _epn _cEBLCP _dDG1 _dRECBK _dYDX _dUKMGB _dN$T _dOCLCF _dUKAHL _dOCLCQ _dDG1 |
||
015 |
_aGBB9I6131 _2bnb |
||
016 | 7 |
_a019610822 _2Uk |
|
019 | _a1136968985 | ||
020 | _a1119560284 | ||
020 |
_a9781119560302 _q(electronic bk. ; _qoBook) |
||
020 |
_a1119560306 _q(electronic bk. ; _qoBook) |
||
020 |
_a9781119560319 _q(ePub ebook) |
||
020 | _a1119560314 | ||
020 |
_a9781119560289 _q(electronic bk.) |
||
020 |
_z9781119560265 _q(print) |
||
020 | _z1119560268 | ||
029 | 1 |
_aAU@ _b000066724003 |
|
029 | 1 |
_aCHNEW _b001077463 |
|
029 | 1 |
_aCHVBK _b582680123 |
|
029 | 1 |
_aUKMGB _b019610822 |
|
035 |
_a(OCoLC)1136964952 _z(OCoLC)1136968985 |
||
037 |
_a9781119560319 _bWiley |
||
050 | 4 | _aQA76.9.A25 | |
082 | 0 | 4 |
_a005.8 _223 |
049 | _aMAIN | ||
100 | 1 |
_aAnson, Steve. _98931 |
|
245 | 1 | 0 |
_aApplied incident response / _cSteven Anson. |
260 |
_aIndianapolis : _bWiley, _c2020. |
||
300 | _a1 online resource (464 pages) | ||
336 |
_atext _btxt _2rdacontent |
||
337 |
_acomputer _bc _2rdamedia |
||
338 |
_aonline resource _bcr _2rdacarrier |
||
505 | 0 | _aPrepare. The Threat Landscape -- Incident Readiness -- Respond. Remote Triage -- Remote Triage Tools -- Acquiring Memory -- Disk Imaging -- Network Security Monitoring -- Event Log Analysis -- Memory Analysis -- Malware Analysis -- Disk Forensics -- Lateral Movement Analysis -- Refine. Continuous Improvement -- Proactive Activities. | |
500 | _aIncludes index. | ||
588 | 0 | _aPrint version record. | |
520 | _aIncident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.''Applied Incident Response'details effective ways to respond to advanced attacks against local and remote network resources, 'providing proven response techniques and a framework through which to apply them.' As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: -Preparing your environment for effective incident response -Leveraging MITRE ATT & CK and threat intelligence for active network defense -Local and remote triage of systems using PowerShell, WMIC, and open-source tools -Acquiring RAM and disk images locally and remotely -Analyzing RAM with Volatility and Rekall -Deep-dive forensic analysis of system drives using open-source or commercial tools -Leveraging Security Onion and Elastic Stack for network security monitoring -Techniques for log analysis and aggregating high-value logs -Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox -Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more -Effective threat hunting techniques -Adversary emulation with Atomic Red Team -Improving preventive and detective controls. | ||
650 | 0 |
_aComputer security. _93970 |
|
650 | 0 |
_aComputer networks _xSecurity measures. _93969 |
|
650 | 7 |
_aCOMPUTERS _xSecurity _xNetworking. _2bisacsh _95914 |
|
650 | 7 |
_aComputer networks _xSecurity measures. _2fast _0(OCoLC)fst00872341 _93969 |
|
650 | 7 |
_aComputer security. _2fast _0(OCoLC)fst00872484 _93970 |
|
655 | 4 |
_aElectronic books. _93294 |
|
776 | 0 | 8 |
_iPrint version: _aAnson, Steve. _tApplied Incident Response. _dNewark : John Wiley & Sons, Incorporated, ©2020 _z9781119560265 |
856 | 4 | 0 |
_uhttps://doi.org/10.1002/9781119560302 _zWiley Online Library |
942 | _cEBK | ||
994 |
_aC0 _bDG1 |
||
999 |
_c69239 _d69239 |