Карточка | Таблица | RUSMARC | |
Ozkaya, Erdal. Hands-On Cybersecurity for Finance [[electronic resource]]: Identify Vulnerabilities and Secure Your Financial Services from Security Breaches. — Birmingham: Packt Publishing Ltd, 2019. — 1 online resource (300 p.) — <URL:http://elib.fa.ru/ebsco/2018968.pdf>.Дата создания записи: 16.02.2019 Тематика: Computer networks — Security measures — Management.; Cyber intelligence (Computer security); Financial institutions — Effect of technological innovations on.; Internet — Security measures.; COMPUTERS / Security / Networking. Коллекции: EBSCO Разрешенные действия: –
Действие 'Прочитать' будет доступно, если вы выполните вход в систему или будете работать с сайтом на компьютере в другой сети
Действие 'Загрузить' будет доступно, если вы выполните вход в систему или будете работать с сайтом на компьютере в другой сети
Группа: Анонимные пользователи Сеть: Интернет |
Права на использование объекта хранения
Место доступа | Группа пользователей | Действие | ||||
---|---|---|---|---|---|---|
Локальная сеть Финуниверситета | Все | |||||
Интернет | Читатели | |||||
Интернет | Анонимные пользователи |
Оглавление
- Cover
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Foreword
- Contributors
- Table of Contents
- Preface
- Chapter 1: Introduction to Cybersecurity and the Economy
- What is cybersecurity – a brief technical description?
- People
- Processes
- Technology
- The scope of cybersecurity
- Critical infrastructure security
- Network security
- Cloud security
- Application/system security
- User security
- Internet of Things security
- Terminologies
- General description of hacking groups and cyber espionage
- Hacking groups
- Cyber espionage
- Cybersecurity objectives
- Importance of cybersecurity and its impacts on the global economy
- The number of cyber attacks is growing
- Cyber attacks are getting worse
- Impacts on the global economy
- Estimation of financial losses related to cybercrime
- Finance and cybersecurity
- Critical dependency of business, processes, and IT infrastructure
- Economic loss
- Banking and financial systems – changes from a risk and security perspective
- Data breach means money
- Importance of cybersecurity and its impacts on the global economy
- Financial repercussion of reputational damage caused by cyber attacks
- Digital economy and related threats
- Smart threats
- Ransomware
- Critical infrastructure attacks
- Summary
- Further reading
- What is cybersecurity – a brief technical description?
- Chapter 2: Cyber Crime - Who the Attackers Are
- Introduction to cyber crime
- Threat actors
- Hacktivism
- Case study – Dakota Access Pipeline
- Case study – Panama Papers
- Cyber terrorists
- Case study – Operation Ababil
- Cyber criminals
- Case study – FIN7
- Case study – Carbanak APT Attack
- Case study – OurMine operation
- Hacktivism
- Summary
- Chapter 3: Counting the Costs
- The cost of a cybersecurity attack
- The cost of different cyber attacks
- Breakdown of the costs of a cyber attack
- Production loss
- Economic losses
- Damaged brand and reputation
- Loss of data
- Fines, penalties, and litigations
- Losses due to recovery techniques
- Breakdown of the cost of securing an organization
- Every financial institute should know Carbanak
- Antivirus systems
- Endpoint Detection and Response solutions
- Firewall systems
- Intrusion-prevention systems
- Encryption
- Bonus
- What is Microsoft offering?
- Windows 10 Defender Security Center
- Windows Defender
- Windows Defender Exploit Guard
- Controlled folder access
- Network protection
- Attack surface reduction
- Windows Defender Credential Guard
- Windows Defender Application Guard
- Windows Event Forwarding
- Windows Defender Advanced Threat Protection
- Protecting privileged identities
- How do privileged identities get compromised?
- How to prevent attackers from gaining access to privileged identities
- Summary
- Further reading
- The cost of a cybersecurity attack
- Chapter 4: The Threat Landscape
- Threats against end customers
- Credit card fraud
- Application fraud
- Card-not-present fraud
- Compromised account fraud
- Credit card testing
- Financial Trojans
- Case study – BackSwap Trojan
- Case study – Ramnit
- Case study – Bebloh
- Phishing
- Case study – immediate action required
- Pretexting
- Dumpster diving
- Mobile fraud
- Threats against financial institutes
- ATM attacks
- POS attacks
- Denial of service
- Ransomware
- Blackmailing
- Summary
- Threats against end customers
- Chapter 5: Phishing, Spamming, and Scamming to Steal Data and Money
- Phishing scams
- Evolution of phishing
- Social engineering emails
- Spear phishing
- Business email compromise or whaling
- Credential theft using malicious software
- Ardamax
- LokiBot
- Credential theft using malicious software
- Characteristics of phishing emails
- Evolution of phishing
- Spamming
- How spammers get email addresses
- How spammers make money
- Advertising
- Malware
- Storm
- Triout
- Botnets
- Characteristics of spam emails
- Summary
- Further reading
- Phishing scams
- Chapter 6: The Malware Plague
- Malware categories
- Computer virus
- Computer worm
- SQL Slammer worm
- Crypto worm
- WannaCry
- Trojan
- Bebloh
- Zeus
- Rootkit
- Torpig
- Spyware
- Adware
- Malware trends
- Malware infection vectors
- Injected by remote attacker
- Auto-executed web infection
- User-executed web infection
- Installed by other malware
- Network propagation
- Portable media
- Coded into existing software
- Summary
- Malware categories
- Chapter 7: Vulnerabilities and Exploits
- Detecting vulnerabilities
- Exploitation techniques
- Buffer overflow
- Integer overflow
- Memory corruption
- Format string attacks
- Race condition
- Cross-site scripting
- One-click attack
- SQL injections
- Exploitation delivery
- Summary
- Further reading
- Chapter 8: Attacking Online Banking Systems
- Online banking benefits for financial services
- The online banking process
- Attack techniques
- Summary
- Further reading
- Chapter 9: Vulnerable Networks and Services - a Gateway for Intrusion
- Vulnerable network protocols and network intrusions
- Simple Mail Transfer Protocol
- Secure Sockets Layer
- Domain Name System
- Packet sniffing
- Distributed denial of service
- Attacking web servers and web-based systems
- SQL injection
- Buffer overflow
- Advanced Google search operators
- Brute-force attacks
- Medusa
- Brutus
- Bypassing web protection
- Bypassing captcha
- Bypassing two-factor authentication
- Bypassing firewalls
- Hacking wireless networks
- Hacking wireless networks
- Aircrack-ng
- Kismet
- Wireshark
- Hacking Bluetooth
- Hacking wireless networks
- Vulnerable network devices
- Summary
- Further reading
- Vulnerable network protocols and network intrusions
- Chapter 10: Responding to Service Disruption
- Cybersecurity incidents
- Fundamentals
- Data knowledge
- Monitoring
- Attack surface analysis
- Vendor management
- Incident response and management
- Phase 1 – preparation
- Phase 2 – detection and analysis
- Phase 3 – containment
- Phase 4 – eradication and recovery
- Phase 5 – post-incident activity
- Summary
- Further reading
- Chapter 11: The Human Problem - Governance Fail
- Business versus security
- Failing security management
- Lack of adoption of cybersecurity initiatives
- Lack of organization and planning
- Poor leadership
- Careless online behavior
- Insider threats
- Technological transformation of financial services
- Failure in implementing security policies
- Summary
- Further reading
- Chapter 12: Securing the Perimeter and Protecting the Assets
- Network models
- Single trust network model
- Dual trust network model
- Zero trust network model
- Microsoft 365 zero trust network models
- Endpoint security
- Endpoint security threats
- Physical access
- Malicious code execution
- Device-based attack
- Communication interception
- Insider threats
- Decreased productivity
- Modern endpoint security
- Device protection
- Threat resistance
- Identity protection
- Information protection
- Breach detection investigation and response
- Endpoint security threats
- Summary
- Further reading
- Network models
- Chapter 13: Threat and Vulnerability Management
- Vulnerability management strategy
- Asset inventory
- Information management
- Risk assessment
- Vulnerability analysis
- Threat analysis
- Risk acceptance
- Vulnerability assessment
- Reporting and remediation
- Defining vulnerabilities in a few steps
- From vulnerability to threat
- Multiplying threats
- Multiplying risk
- The root cause of security issues
- Vulnerability management tools
- Implementation of vulnerability management
- Best practices for vulnerability management
- Assess yourself
- Tying vulnerability assessments into business impact
- Take an active role
- Identify and understand the business processes
- Pinpoint the applications and data
- Try to find hidden data sources
- Determine the hardware structure
- Map the network infrastructure to hardware
- Identify the controls
- Run the vulnerability scans
- Read the results of the scans
- Conduct penetration testing by third parties as well
- Tying vulnerability assessments into business impact
- Understanding risk management
- Defense in depth approach
- Best practices for protecting your environment
- Summary
- Further reading
- Vulnerability management strategy
- Chapter 14: Audit, Risk Management, and Incident Handling
- IT auditing
- Evaluating the systems, policies, and processes that secure the organization
- Determining the risks to the company's assets
- Ensuring that the organization is compliant with the relevant regulations
- Determining inefficiencies in the IT infrastructure and management
- Risk management
- Identification
- Risk analysis
- Risk assessment
- Risk mitigation
- Risk monitoring
- Incident handling
- Preparation
- Identification
- Containment
- Recovery and analysis
- Summary
- Further reading
- IT auditing
- Chapter 15: Encryption and Cryptography for Protecting Data and Services
- Encryption
- Early encryption methods
- Encryption today
- Symmetric encryption
- Asymmetric encryption
- Protecting data and services with cryptography
- Data at rest
- Full disk encryption
- File encryption
- Data in transit
- End-to-end encryption
- Encrypted web connection (SSL and TLS)
- Encrypted email servers
- Data at rest
- Examples of encryption algorithms
- Advanced Encryption Standard (AES)
- Triple DES
- RSA
- Blowfish
- Encryption challenges
- Summary
- Further reading
- Encryption
- Chapter 16: The Rise of the Blockchain
- Introduction to Blockchain technology
- Consensus mechanisms in a Blockchain
- Proof of work
- Proof of stake
- Applications of Blockchain technology
- Recording purposes
- Digital identity
- Government purposes
- Financial applications
- Recording purposes
- Consensus mechanisms in a Blockchain
- Cryptocurrencies
- Cryptocurrency wallets
- Desktop wallets
- Web wallets
- Mobile wallets
- Hardware wallets
- Paper wallets
- Challenges to cryptocurrencies
- Unstable value
- Theft
- Exchange risks
- Cryptocurrency wallets
- Blockchain challenges and future
- Summary
- Further reading
- Introduction to Blockchain technology
- Chapter 17: Artificial Intelligence and Cybersecurity
- Threat landscape evolution
- Artificial Intelligence
- Narrow Artificial Intelligence
- True Artificial Intelligence
- Technologies powering Artificial Intelligence
- Artificial Intelligence-powered cybersecurity
- Use cases
- Summary
- Further reading
- Chapter 18: The Quantum Future
- Evolution of the quantum technology
- 1965
- 1980
- 1985
- 1994
- 1995
- 1996–present
- The quantum technology race
- Quantum communication
- Quantum computation
- Quantum simulation
- Quantum sensing
- Quantum software
- Quantum technology breakthroughs
- Impacts of the quantum technology
- Communication
- Mining
- Finance
- Defense
- Health
- Energy
- Big data
- Artificial Intelligence
- Summary
- Further reading
- Evolution of the quantum technology
- Other Books You May Enjoy
- Index
Статистика использования
Количество обращений: 0
За последние 30 дней: 0 Подробная статистика |