publisher's note: products purchased from third party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. a new edition of shon harris bestselling exam prep guidefu...
Fernando J. Maym , Ph.D., CISSP, is a security practitioner with over 25 years of experience. He is the author of over a dozen publications and co-author of CISSP All-in-One Exam Guide, Seventh Edition. Brent Chapman, CompTIA CySA+, GCIH, GCFA, CISSP, is a recognized cyber security expert who has served as an instructor and researcher at the United States Military Academy at West Point. Jeff Parker, CompTIA CySA+, CISSP, is a certified trainer, consultant, and author who specializes in information security awareness.
Introduction
Part I Threat Management
Chapter 1 Applying Reconnaissance Techniques
Open Source Intelligence
Google
Internet Registries
Job Sites
Social Media
Active Reconnaissance
Scanning
Capturing Packets
Special Considerations
Wired Network Considerations
Wireless Network Considerations
Virtualization Technologies
Cloud Computing
Defending Against Reconnaissance
Tools of the Trade
nmap
Nikto
OWASP Zed Attack Proxy
Nessus
netstat
tcpdump
Wireshark/TShark
Intrusion Detection and Prevention Systems
Chapter Review
Questions
Answers
Chapter 2 Analyzing the Results of Reconnaissance
Data Sources
Firewall Logs
Intrusion Detection/Prevention Systems
Packet Captures
System Logs
nmap Scan Results
Point-in-Time Analysis
Packet Analysis
Protocol Analysis
Traffic Analysis
NetFlow Analysis
Wireless Analysis
Correlation Analysis
Anomaly Analysis
Behavioral Analysis
Trend Analysis
Availability Analysis
Heuristics
Tools of the Trade
Security Information and Event Management Systems
Packet Analyzers
Intrusion Detection Systems
Resource-Monitoring Tools
NetFlow Analyzers
Chapter Review
Questions
Answers
Chapter 3 Responding to Network-Based Threats
Network Segmentation
System Isolation
Jump Box
Honeypots and Honeynets
ACLs
File System ACLs
Network ACLs
Black Hole
DNS Sinkhole
Endpoint Security
Detect and Block
Sandbox
Cloud-Connected Protection
Group Policies
Device Hardening
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Compensating Controls
Blocking Unused Ports/Services
Patching
Network Access Control
Time Based
Rule Based
Role Based
Location Based
Chapter Review
Questions
Answers
Chapter 4 Securing a Corporate Network
Penetration Testing
Rules of Engagement
Reverse Engineering
Hardware
Software/Malware
Isolation/Sandboxing
Training and Exercises
Types of Exercises
Red Team
Blue Team
White Team
Risk Evaluation
Impact and Likelihood
Technical Control Review
Operational Control Review
Chapter Review
Questions
Answers
Part II Vulnerability Management
Chapter 5 Implementing Vulnerability Management Processes
Vulnerability Management Requirements
Regulatory Environments
Corporate Security Policy
Data Classification
Asset Inventory
Common Vulnerabilities
Servers
Endpoints
Network Infrastructure
Virtual Infrastructure
Mobile Devices
Interconnected Networks
Virtual Private Networks
Industrial Control Systems
SCADA Devices
Frequency of Vulnerability Scans
Risk Appetite
Regulatory Requirements
Technical Constraints
W...