The sophisticated methods used in recent high-profile cyber incidents have driven many to need to understand how such security issues work. Demystifying the complexity often associated with information assurance, Cyber Security Essentials provides a clear understanding of the concepts behind prevalent threats, tactics, and procedures.
To accomplish this, the team of security professionals from VeriSign’s iDefense® Security Intelligence Services supply an extensive review of the computer security landscape. Although the text is accessible to those new to cyber security, its comprehensive nature makes it ideal for experts who need to explain how computer security works to non-technical staff. Providing a fundamental understanding of the theory behind the key issues impacting cyber security, the book:
This book is not about the latest attack trends or botnets. It’s about the reasons why these problems continue to plague us. By better understanding the logic presented in these pages, readers will be prepared to transition to a career in the growing field of cyber security and enable proactive responses to the threats and attacks on the horizon.
Cyber Security Fundamentals
Network and Security Concepts
Information Assurance Fundamentals
Public Key Encryption
The Domain Name System (DNS)
Microsoft Windows Security Principles
Windows Program Execution
The Windows Firewall
Attacker Techniques and Motivations
How Hackers Cover Their Tracks (Anti-forensics)
How and Why Attackers Use Proxies
Phishing, Smishing, Vishing and Mobile Malicious Code
Techniques to Gain a Foothold
Integer Overflow Vulnerabilities
Stack-Based Buffer Overflows
Malicious PDF Files
Web Exploit Tools
Brute-Force and Dictionary Attacks
Misdirection, Reconnaissance and Disruption Methods
Cross-Site Scripting (XSS)
DNS Amplification Attacks
Self-Replicating Malicious Code
Evading Detection and Elevating Privileges
Virtual Machine Obfuscation
Persistent Software Techniques
Attacks against Privileged User Accounts and Escalation of Privileges
Virtual Machine Detection
Stealing Information and Exploitation
Browser Helper Objects
Defense and Analysis Techniques
Why Memory Forensics Is Important
Capabilities of Memory Forensics
Memory Analysis Frameworks
Dumping Physical Memory
Installing and Using Volatility
Finding Hidden Processes
Volatility Analyst Pack
Malicious Code Naming
Automated Malicious Code Analysis Systems
Physical or Virtual Machines
Intrusion Detection Systems
iDefense Special File Investigation Tools
This book is the direct result of the outstanding efforts of a talented pool of security analysts, editors, business leaders and security professionals, all of whom work for iDefense® Security Intelligence Services; a business unit of VeriSign, Inc.
iDefense is an open-source, cyber security intelligence operation that maintains expertise in vulnerability research and alerting, exploit development, malicious code analysis, underground monitoring and international actor attribution. iDefense provides intelligence products to Fortune 1,000 companies and "three-letter agencies" in various world governments. iDefense also maintains the Security Operations Center for the Financial Sector Information Sharing and Analysis Center (FS-ISAC); one of 17 ISACs mandated by the US government to facilitate information sharing throughout the country’s business sectors.
iDefense has the industry-unique capability of determining not only the technical details of cyber security threats and events (the "what", the "when" and the "where"), but because of their international presence, iDefense personnel can ascertain the most likely actors and motivations behind these attacks (the "who" and the "why").
For more information, please contact firstname.lastname@example.org.