Response to computer incidents. Applied course
Please sign in so that we can notify you about a reply
The response to incidents is crucial for the active protection of any network, and specialists working in this area require modern methods that can be used immediately to enter the battle with the enemy. This book describes in detail effective ways to respond to complex attacks on local and remote se-tech resources and proven techniques and frameworks are offered for their use. Beginners can use it as a starting point, and for experienced specialists it can serve as a technical reference book.
In Rnig, the latest methods of response to the threats of your network are considered, including:
• Preparing your environment for effective response to incidents,
• Using Miter ATT & CK and cyber intelligence for active protection Networks,
• Local and remote sorting of systems using PowerShell, WMIC and open source tools,
• Create a dump memory and disks using local and remote systems,
• analysis Using the Framws of Volatility and Rekall,
• in -depth forensic analysis of the system discs using open or commercial tools,
• Using Security ONION and ELASTIC STACK to monitor network security,
• Methods of magazine analysis and aggregation and aggregation Particularly valuable magazines,
• Static and dynamic analysis of malicious programs using the Yara, Flare VM and Cuckoo Sandbox,
• Detection and response to methods of further P Ashs on the network, including PASS-THE-HASH, PASS-THEKET, KERBEROASTING, malicious use of PowerShell and many others,
• Effective threat search methods,
• emulation of enemy actions using Atomic Red Team ,
• Improving the mechanisms of prevention and detection
In Rnig, the latest methods of response to the threats of your network are considered, including:
• Preparing your environment for effective response to incidents,
• Using Miter ATT & CK and cyber intelligence for active protection Networks,
• Local and remote sorting of systems using PowerShell, WMIC and open source tools,
• Create a dump memory and disks using local and remote systems,
• analysis Using the Framws of Volatility and Rekall,
• in -depth forensic analysis of the system discs using open or commercial tools,
• Using Security ONION and ELASTIC STACK to monitor network security,
• Methods of magazine analysis and aggregation and aggregation Particularly valuable magazines,
• Static and dynamic analysis of malicious programs using the Yara, Flare VM and Cuckoo Sandbox,
• Detection and response to methods of further P Ashs on the network, including PASS-THE-HASH, PASS-THEKET, KERBEROASTING, malicious use of PowerShell and many others,
• Effective threat search methods,
• emulation of enemy actions using Atomic Red Team ,
• Improving the mechanisms of prevention and detection
Cover:
Cover:Hard
Category:
- Category:Computer & Technology
ISBN:
ISBN:978-5-97060-484-7
No reviews found