Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.

Rating: 
Amazon Price: $15.99 $13.46 You save: $2.53 (16%). (as of January 21, 2018 05:45 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Updated, Expanded, and released to print on 10/5/14! Complete details below! Two new sections, five protocol header illustrations, improved formatting, and other corrections.

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format about the incident response process, how attackers work, common tools, a methodology for network analysis developed over 12 years, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, and numerous other topics. The book is peppered with practical real life techniques from the authors extensive career working in academia and a corporate setting. Whether you are writing up your cases notes, analyzing potentially suspicious traffic, or called in to look over a misbehaving server – this book should help you handle the case and teach you some new techniques along the way.
Continue reading “Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.”

Cyber Security: Concepts and Cases

Amazon Price: $99.99 $99.99 (as of January 21, 2018 13:01 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Cyber Security: Concepts and Cases explains the basic ideas behind cyber security using real-world examples. There are numerous textbooks and professional reference titles that adopt a very formal and theoretical approach to explaining computer security; these are all very insightful, but readers can waste a lot of time reading them while "Rome burns". This title explains the key concepts behind planning and operationalising responses to cyber threats, using real-world case studies.

Infosec Management Fundamentals

Amazon Price: N/A (as of January 21, 2018 09:21 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Infosec Management Fundamentals is a concise overview of the Information Security management concepts and techniques, providing a foundational template for both experienced professionals and those new to the industry. This brief volume will also appeal to business executives and managers outside of infosec who want to understand the fundamental concepts of Information Security and how it impacts their business decisions and daily activities.

Teaches ISO/IEC 27000 best practices on information security management Discusses risks and controls within the context of an overall information security management system (ISMS)Provides foundational information for experienced professionals as well as those new to the industry.

Cyber-Security Glossary of Building Hacks and Cyber-Attacks

Amazon Price: $10.95 $10.95 (as of January 21, 2018 11:30 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The Cyber-Security Glossary of Building Hacks and Cyber-Attacks was developed specifically to help facility and infrastructure engineers and building managers understand vulnerability of SCADA systems and building and industrial control systems to cyber-attack. The book includes definitions of technical terms related to automated equipment controls common to industry, utilities and buildings. Although written for facility engineers, much of the terminology applies to cyber-attacks in general. I define many types of cyber-attacks including: Dictionary attack Cinderella attack Time Bomb attack Fork Bomb attack Logic Bomb attack Bluesnarfing Smurf attack Vampire Tap Water Holing Pass the Hash attack Tiny Fragment attack Protocol Fuzzing attack Replay attack Amplification attack Man in the Middle attack and many more. I also include steps to take to prevent a cyber-attack.

Theoretical and Experimental Methods for Defending Against DDoS Attacks

Amazon Price: $69.95 $69.95 (as of January 21, 2018 12:15 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Denial of Service (DoS) attacks are a form of attack that seeks to make a network resource unavailable due to overloading the resource or machine with an overwhelming number of packets, thereby crashing or severely slowing the performance of the resource. Distributed Denial of Service (DDoS) is a large scale DoS attack which is distributed in the Internet. Every computer which has access to the Internet can behave as an attacker. Typically bandwidth depletion can be categorized as either a flood or an amplification attack. Flood attacks can be done by generating ICMP packets or UDP packets in which it can utilize stationary or random variable ports. Smurf and Fraggle attacks are used for amplification attacks. DDoS Smurf attacks are an example of an amplification attack where the attacker sends packets to a network amplifier with the return address spoofed to the victim’s IP address. This book presents new research and methodologies along with a proposed algorithm for prevention of DoS attacks that has been written based on cryptographic concepts such as birthday attacks to estimate the rate of attacks generated and passed along the routers. Consequently, attackers would be identified and prohibited from sending spam traffic to the server which can cause DDoS attacks. Due to the prevalence of DoS attacks, there has been a lot of research conducted on how to detect them and prevent them. The authors of this short format title provide their research results on providing an effective solution to DoS attacks, including introduction of the new algorithm that can be implemented in order to deny DoS attacks.A comprehensive study on the basics of network securityProvides a wide revision on client puzzle theoryAn experimental model to mitigate distributed denial of service (DDoS) attacks