Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions

Thomas J. Mowbray 

This book is organized in parts:

Part I: Cyber Network Security Concepts
Part II: Cyber Network Security Hands-On
Part III: Cyber Network Application Domains

e-book shop
e-book shop
Purchase Now !
Just with Paypal

Book Details
 3.00 USD
 518 p
 File Size
 5,212 KB
 File Type
 PDF format
 2013 Thomas J. Mowbray  

About the Author
Thomas J. Mowbray, PhD, holds gold-level certification from the SANS Institute in network penetration and ethical hacking. Dr. Mowbray, who has earned a doctorate in computer science, has co-authored five other professional books, including Wiley's bestseller Antipatterns: Refactoring Software, Architectures, and Projects in Crisis. After founding the Northrup Grumman Cyber Warfare Community of Practice, Dr. Mowbray joined the Certification and Accreditation Team (an elite cybersecurity test group) as their network administrator, security tools customizer, and hands-on penetration tester. At the time of writing, Dr. Mowbray is the Chief Enterprise Architect of The Ohio State University.

Who This Book Is For
The book is written for several core audiences:
Cybersecurity graduate and undergraduate students learning core curriculum
in network security
Cybersecurity practitioners expanding their expertise in deep skills such as
advanced log analysis and network programming
Enterprise architects and information technology (IT) professionals who
seek to deepen their practical knowledge of cybersecurity

What This Book Covers
Instead of the usual textbook formalities, this book focuses on practical, useful
real-world skills for the protection of networks, systems, and data against
innovative cyber threats.
This book is written to provide practical, advanced, undergraduate-level
network security expertise. U.S. requirements for this level of expertise are
clearly articulated by academic and industry members of,
one of the organizations in charge of the U.S. Comprehensive National Cyber
Security Initiative (CNCI) #8 on cybersecurity education. The table of contents
in this book derives from the consensus of the cyber industry and two-and fouryear
college cyber faculty.

Table of Contents
Part I: Cyber Network Security Concepts
Chapter 1: Executive Summary
Why Start with Antipatterns?
Security Architecture
Antipattern: Signature-Based Malware Detection versus
Polymorphic Threats
Refactored Solution: Reputational-, Behavioral-, and Entropy-
Based Malware Detection
Antipattern: Document-Driven Certification and Accreditation
Antipattern: Proliferating IA Standards with No Proven Benefits
Antipattern: Policy-Driven Security Certifications Do Not
Address the Threat
Refactored Solution: Security Training Roadmap
Chapter 2: The Problems: Cyber Antipatterns
Antipatterns Concept
Forces in Cyber Antipatterns
Cyber Antipattern Templates
Cybersecurity Antipattern Catalog
Chapter 3: Enterprise Security Using the Zachman
What Is Architecture? Why Do We Need It?
Enterprises Are Complex and Changing
The Zachman Framework for Enterprise Architecture
Primitive Models versus Composite Models
How Does the Zachman Framework Help with Cybersecurity?
Everyone Has Their Own Specifications
The Goldmine Is in Row 2
Frameworks for Row 3
Architectural Problem Solving Patterns
Part II: Cyber Network Security Hands-On
Chapter 4: Network Administration for Security
Managing Administrator and Root Accounts
Installing Hardware
Re-Imaging Operating Systems
Burning and Copying CDs and DVDs
Installing System Protection / Anti-Malware
Setting Up Networks
Installing Applications and Archiving
Customizing System Management Controls and Settings
Managing Remote Login
Managing User Administration
Managing Services
Mounting Disks
Moving Data Between Systems on Networks
Converting Text Files Between OSes
Making Backup Disks
Formatting Disks
Configuring Firewalls
Converting and Migrating VMs
Additional Network Administration Knowledge
Chapter 5: Customizing BackTrack and Security Tools
Creating and Running BackTrack Images
Customizing BackTrack with VM
Updating and Upgrading BackTrack and Pen Test Tools
Adding Windows to BackTrack with VMware
Licensing Challenges for Network Administrators
Chapter 6: Protocol Analysis and Network Programming
Networking Theory and Practice
Frequently Encountered Network Protocols
Network Programming: Bash
Network Programming: Windows Command-Line Interface
Python Programming: Accelerated Network Scanning
Chapter 7: Reconnaissance, Vulnerability Assessment,
and Cyber Testing
Types of Cybersecurity Evaluations
Understanding the Cybersecurity Testing Methodology
Chapter 8: Penetration Testing
Forms of Cyber Attacks
Network Penetration
Commercial Pen Testing Tools
Using Netcat to Create Connections and Move Data and Binaries
Using Netcat to Create Relays and Pivots
Using SQL Injection and Cross-Site Techniques to Perform Web
Application and Database Attacks
Collecting User Identities with Enumeration and Hash Grabbing
Password Cracking
Privilege Escalation
Final Malicious Phases
Chapter 9: Cyber Network Defense Using Advanced Log
Introduction to Cyber Network Defense
General Methods and Tools for Cyber Investigations
Continuous Cyber Investigation Strategy
A Summary of the Cyber Investigation Process
Network Monitoring
Text Log Analysis
Binary Log Analysis
Reporting Cyber Investigations
Elimination of Cyber Threats
Intrusion Discovery on Windows
Part III: Cyber Network Application Domains
Chapter 10: Cybersecurity for End Users, Social Media,
and Virtual Worlds
Doing an Ego Search
Protecting Laptops, PCs, and Mobile Devices
Staying Current with Anti-Malware and Software Updates
Managing Passwords
Guarding Against Drive-By Malware
Staying Safe with E-mail
Securely Banking and Buying Online
Understanding Scareware and Ransomware
Is Your Machine p0wned?
Being Careful with Social Media
Staying Safe in Virtual Worlds
Chapter 11: Cybersecurity Essentials for Small Business
Install Anti-Malware Protection
Update Operating Systems
Update Applications
Change Default Passwords
Educate Your End Users
Small Enterprise System Administration
Wireless Security Basics for Small Business
Tips for Apple Macintosh Users
Chapter 12: Large Enterprise Cybersecurity: Data Centers and Clouds
Critical Security Controls
Cloud Security
Chapter 13: Healthcare Information Technology Security
Healthcare Risk Assessment
Healthcare Records Management
Healthcare IT and the Judicial Process
Data Loss
Managing Logs in Healthcare Organizations
Authentication and Access Control
Chapter 14: Cyber Warfare: An Architecture for Deterrence
Introduction to Cyber Deterrence
Methodology and Assumptions
Cyber Deterrence Challenges
Legal and Treaty Assumptions
Cyber Deterrence Strategy
Reference Model
Solution Architecture
Architectural Prototypes

e-books shop

How This Book Is Structured
Part I is a conceptual discourse. From the executive perspective, Chapter 1
introduces you to the cybersecurity domain and some of its key challenges—in
particular, educating a new generation of hands-on cybersecurity professionals.
From the business management perspective, Chapter 2 uses antipatterns to
explain the most common mistakes and bad habits in computer security today.
Antipatterns are fun to read and discuss because they highlight some of the most
ridiculous and naive things people do that result in significant security gaps. If
you avoid the worst antipatterns, your situation will dramatically improve. This
is especially true of cybersecurity. The choice of cyber antipatterns in the chapter
is derived from an assessment of the most critical cyber antipatterns in current
organizations, networks, and systems.
Chapter 3 introduces the Zachman Framework and articulates a vision for
resolving cybersecurity issues by transforming enterprises. Enterprises that have
self-knowledge (that is, enterprise architecture) are able to change and respond
with agility to cybersecurity challenges. Future organizations must adopt this
vision for competitive business reasons as well as cybersecurity reasons.
Part II is almost entirely a hands-on tutorial for cybersecurity techniques,
including assignments using cyber labs from Syracuse University’s SEED: A
Suite of Instructional Laboratories for Computer Security Education. The
material in the chapters progresses from a more basic to a very advanced handson
introduction to enterprise network security. I review networking essentials,
cover practical skills in network administration, review network security
programming, and then explain network penetration, Google hacks, BackTrack
customization, vulnerability testing, and the certification testing process. The
final chapter in this part is a real-world introduction to network defense,
explaining the scripts and procedures for conducting network investigations and
advanced log analysis.
Part III covers several important security application domains, such as small
businesses, data centers, clouds, and healthcare IT.
Throughout the book are hands-on exercises with online software resources
called SEED Labs: Developing Instructional Laboratories for Computer Security
Education. These are the invention of Professor Kevin Du from Syracuse
University, who had the great foresight to create hands-on coursework
independent of any single textbook. An instructor manual is available from
Professor Du containing exemplary exercise solutions. In addition, you can find
instructor ancillaries available online for this book, including a course syllabus, a
test bank, and PowerPoint slides for each chapter.
In profound ways, this is day zero in cybersecurity. The entire regime of paperdriven
compliance, policy-driven certifications, and signature-based defenses
has failed miserably (i.e., indicative of antipatterns). This book offers practical
ways to approach cyber defenses, which leverage ongoing innovations in
intrusion detection/prevention and malware defense. My vision is that this book
sets a new level of expectations for advanced undergraduate education in
network security and plays a role in turning the tide against cyber criminals and
cyber warriors attacking our society.
Loading... Protection Status