Электронная библиотека Финансового университета

     
?

Детальная информация
Карточка Таблица RUSMARC

Rains, Tim. CYBERSECURITY THREATS, MALWARE TRENDS, AND STRATEGIES [[electronic resource]]: MITIGATE EXPLOITS, MALWARE, PHISHING, AND OTHER SOCIAL ENGINEERING ATTACKS. — [S.l.]: PACKT PUBLISHING, 2020. — 1 online resource — <URL:http://elib.fa.ru/ebsco/2490088.pdf>.

Дата создания записи: 07.06.2020

Тематика: Computer security.; Cyberterrorism.; Malware (Computer software)

Коллекции: EBSCO

Разрешенные действия:

Действие 'Прочитать' будет доступно, если вы выполните вход в систему или будете работать с сайтом на компьютере в другой сети Действие 'Загрузить' будет доступно, если вы выполните вход в систему или будете работать с сайтом на компьютере в другой сети

Группа: Анонимные пользователи

Сеть: Интернет

Права на использование объекта хранения

Место доступа Группа пользователей Действие
Локальная сеть Финуниверситета Все Прочитать Печать Загрузить
Интернет Читатели Прочитать Печать
-> Интернет Анонимные пользователи

Оглавление

  • Cover
  • Copyright
  • Packt Page
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: Ingredients for a Successful Cybersecurity Strategy
    • What is a cybersecurity strategy?
    • How organizations get initially compromised and the cybersecurity fundamentals
      • Unpatched vulnerabilities
      • Security misconfigurations
      • Weak, leaked, and stolen credentials
      • Social engineering
      • Insider threats
      • Focus on the cybersecurity fundamentals
    • Understanding the difference between the attacker's motivations and tactics
    • Other ingredients for a successful strategy
      • Business objective alignment
      • Cybersecurity vision, mission, and imperatives
      • Senior executive and board support
      • Understand the risk appetite
      • Realistic view of current cybersecurity capabilities and technical talent
      • Compliance program and control framework alignment
      • An effective relationship between cybersecurity and IT
      • Security culture
    • Chapter summary
    • References
  • Chapter 2: Using Vulnerability Trends to Reduce Risk and Costs
    • Introduction
    • Vulnerability Management Primer
      • Vulnerability Disclosure Data Sources
      • Industry Vulnerability Disclosure Trends
      • Reducing Risk and Costs – Measuring Vendor and Product Improvement
        • Oracle Vulnerability Trends
        • Apple Vulnerability Trends
        • IBM Vulnerability Trends
        • Google Vulnerability Trends
        • Microsoft Vulnerability Trends
        • Vendor Vulnerability Trend Summary
      • Operating System Vulnerability Trends
        • Microsoft Operating System Vulnerability Trends
        • Windows XP Vulnerability Trends
        • Windows 7 Vulnerability Trends
        • Windows Server 2012 and 2016 Vulnerability Trends
        • Windows 10 Vulnerability Trends
        • Linux Kernel Vulnerability Trends
        • Google Android Vulnerability Trends
        • Apple macOS Vulnerability Trends
        • Operating Systems Vulnerability Trend Summary
      • Web Browser Vulnerability Trends
        • Internet Explorer Vulnerability Trends
        • Microsoft Edge Vulnerability Trends
        • Google Chrome Vulnerability Trends
        • Mozilla Firefox Vulnerability Trends
        • Apple Safari Vulnerability Trends
        • Web Browser Vulnerability Trend Summary
      • Vulnerability Management Guidance
    • Chapter summary
    • References
  • Chapter 3: The Evolution of the Threat Landscape – Malware
    • Introduction
    • Why is there so much malware on Windows compared to other platforms?
    • Data sources
      • The Malicious Software Removal Tool
      • Real-time anti-malware tools
      • Non-security data sources
    • About malware
      • How malware infections spread
      • Trojans
      • Potentially unwanted software
      • Exploits and exploit kits
      • Worms
      • Ransomware
      • Viruses
      • Browser modifiers
      • Measuring malware prevalence
    • Global windows malware infection analysis
    • Regional windows malware infection analysis
      • The long-term view of the threat landscape in the Middle East and Northern Africa
        • 10-year regional report card for the Middle East and Northern Africa
      • The long-term view of the threat landscape in the European Union and Eastern Europe
        • 10-year regional report card for the European Union
        • 10-year regional report card for select Eastern European locations
      • The long-term view of the threat landscape in select locations in Asia
        • 10-year regional report card for Asia
      • The long-term view of the threat landscape in select locations in the Americas
        • 10-year regional report card for the Americas
      • Regional Windows malware infection analysis conclusions
        • What does this all mean for CISOs and enterprise security teams?
    • Global malware evolution
      • Global malware evolution conclusions
    • The great debate – are anti-malware solutions really worthwhile?
    • Threat intelligence best practices and tips
      • Tip #1 – data sources
      • Tip #2 – time periods
      • Tip #3 – recognizing hype
      • Tip #4 – predictions about the future
      • Tip #5 – vendors' motives
    • Chapter summary
    • References
  • Chapter 4: Internet-Based Threats
    • Introduction
    • A typical attack
    • Phishing attacks
      • Mitigating phishing
    • Drive-by download attacks
      • Mitigating drive-by download attacks
    • Malware hosting sites
      • Mitigating malware distribution
    • Post compromise – botnets and DDoS attacks
    • Chapter summary
    • References
  • Chapter 5: Cybersecurity Strategies
    • Introduction
    • Measuring the efficacy of cybersecurity strategies
    • Cybersecurity strategies
      • Protect and Recover Strategy
        • Cybersecurity fundamentals scoring system score
        • Protect and Recover Strategy summary
      • Endpoint Protection Strategy
        • Cybersecurity fundamentals scoring system score
        • Endpoint Protection Strategy summary
      • Physical control and security clearances as a security strategy
        • Cybersecurity fundamentals scoring system score
        • Physical Control and Security Clearances Strategy summary
      • Compliance as a Security Strategy
        • Cybersecurity fundamentals scoring system score
        • Compliance as a Security Strategy summary
      • Application-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Application-Centric Strategy summary
      • Identity-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Identity-Centric Strategy summary
      • Data-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Data-Centric Strategy summary
      • Attack-Centric Strategy
        • Cybersecurity fundamentals scoring system score
        • Attack-Centric Strategy summary
      • Cybersecurity strategies summary
      • DevOps and DevSecOps
      • Zero Trust
    • Chapter summary
    • References
  • Chapter 6: Strategy Implementation
    • Introduction
    • What is an Intrusion Kill Chain?
    • Modernizing the kill chain
      • Mapping the cybersecurity usual suspects
      • Updating the matrix
    • Getting started
      • Maturity of current cybersecurity capabilities
      • Who consumes the data?
      • Cybersecurity license renewals
    • Implementing this strategy
      • Rationalizing the matrix – gaps, under-investments, and over-investments
      • Planning your implementation
      • Designing control sets
        • Attack phase – Reconnaissance I
        • Attack phase – Delivery
        • Attack phase – Exploitation
        • Attack phase – Installation
        • Attack phase – Command and Control (C2)
        • Attack phase – Reconnaissance II
        • Attack phase – Actions on Objectives
    • Conclusion
    • Chapter summary
    • References
  • Chapter 7: Measuring Performance and Effectiveness
    • Introduction
    • Using vulnerability management data
      • Assets under management versus total assets
      • Known unpatched vulnerabilities
      • Unpatched vulnerabilities by severity
      • Vulnerabilities by product type
    • Measuring performance and efficacy of an Attack-Centric Strategy
      • Performing intrusion reconstructions
      • Using intrusion reconstruction results
        • Identifying lame controls
        • Learning from failure
        • Identifying helpful vendors
        • Informing internal assessments
    • Chapter summary
    • References
  • Chapter 8: The Cloud – A Modern Approach to Security and Compliance
    • Introduction
    • How is cloud computing different?
    • Security and compliance game changers
      • The power of APIs
      • The advantages of automation
        • Mitigating insider threat and social engineering
        • Mitigating unpatched vulnerabilities
        • Mitigating security misconfigurations
        • Mitigating weak, leaked and stolen passwords
      • Security and compliance game changers: Summary
    • Using cybersecurity strategies in the cloud
      • Using the protect and recover strategy in the cloud
      • Compliance as a cybersecurity strategy in the cloud
      • Using the attack-centric strategy in the cloud
      • DevOps – A modern approach to security in the cloud
    • Encryption and key management
    • Conclusion
    • Chapter summary
    • References
  • Other Books You May Enjoy
  • Index

Статистика использования

stat Количество обращений: 0
За последние 30 дней: 0
Подробная статистика