Vai al contenuto principale

AL MOMENTO ESAURITO

Practice of Network Security Monitoring : Understanding Incident Detection and Response by Richard Bejtlich (2013, Trade Paperback)

Informazioni su questo prodotto

Product Identifiers

PublisherNo Starch Press, Incorporated
ISBN-101593275099
ISBN-139781593275099
eBay Product ID (ePID)159988464

Product Key Features

Number of Pages376 Pages
Publication NamePractice of Network Security Monitoring : Understanding Incident Detection and Response
LanguageEnglish
SubjectNetworking / General, System Administration / Disaster & Recovery, Security / Networking
Publication Year2013
FeaturesNew Edition
TypeTextbook
AuthorRichard Bejtlich
Subject AreaComputers
FormatTrade Paperback

Dimensions

Item Height1.1 in
Item Weight26.2 Oz
Item Length9.2 in
Item Width7 in

Additional Product Features

Intended AudienceTrade
Dewey Edition23
TitleLeadingThe
Reviews"A comprehensive guide. Certain to make the reader a better information security practitioner, and their network more secure." --Ben Rothke, Slashdot "If you are in cyber security, this is a must read. The book is the best resource for tools I have seen anywhere." --Stephen Northcutt, SANS Institute "A very well written technical book. I would recommend this for anyone getting into the field of incident response who doesn't have a great understanding of NSM." --Greg Hetrick, PaulDotCom "Deploying NSM not only means you can quickly identify, contain, and remediate intrusions, it gives you insight into the network as a whole." --Michael W. Lucas, author of Absolute OpenBSD, 2nd Edition "The Practice of Network Security Monitoring: the best surveillance book you'll read anytime soon." --Peter N. M. Hansteen, author of The Book of PF "This gem from No Starch Press covers the life-cycle of Network Security Monitoring (NSM) in great detail and leans on Security Onion as its backbone. I recommend an immediate download of the latest version of Security Onion and a swift purchase of Richard's book." --Russ McRee, senior security analyst, Microsoft "The principles Bejtlich outlines for running your security monitoring are the kind of best practice you should apply to any important server." --Mary Branscombe, ZDNet "If you want to know what to do when intruders arrive on your network and how to best prepare for that eventuality, you must read this book." --Sandra Henry-Stocker, ITWorld "Bejtlich is a master of his craft and also possesses the rare gift of being able to share his knowledge in a comprehensible way." --Richard Austin, IEEE Cipher "As tech books go, it's a pretty fun ride." --Michael Larsen, Testhead
Dewey Decimal005.8
Table Of ContentForeword by Todd Heberlein Preface Part I: Getting Started Chapter 1: Network Security Monitoring Rationale Chapter 2: Collecting Network Traffic: Access, Storage, and Management Part II: Security Onion Deployment Chapter 3: Stand-alone NSM Deployment and Installation Chapter 4: Distributed Deployment Chapter 5: SO Platform Housekeeping Part III: Tools Chapter 6: Command Line Packet Analysis Tools Chapter 7: Graphical Packet Analysis Tools Chapter 8: NSM Consoles Part IV: NSM in Action Chapter 9: NSM Operations Chapter 10: Server-side Compromise Chapter 11: Client-side Compromise Chapter 12: Extending SO Chapter 13: Proxies and Checksums Conclusion Appendix SO Scripts and Configuration Index
Edition DescriptionNew Edition
SynopsisNetwork security is not simply about building impenetrable walls--determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring , Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks--no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. You'll learn how to: -Determine where to deploy NSM platforms, and size them for the monitored networks -Deploy stand-alone or distributed NSM installations -Use command line and graphical packet analysis tools, and NSM consoles -Interpret network evidence from server-side and client-side intrusions -Integrate threat intelligence into NSM software to identify sophisticated adversaries There's no foolproof way to keep attackers out of your network. But when they get in, you'll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be., Network security is not simply about building impenetrable walls-determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM)- the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring , Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks-no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. You'll learn how to- -Determine where to deploy NSM platforms, and size them for the monitored networks -Deploy stand-alone or distributed NSM installations -Use command line and graphical packet analysis tools, and NSM consoles -Interpret network evidence from server-side and client-side intrusions -Integrate threat intelligence into NSM software to identify sophisticated adversaries There's no foolproof way to keep attackers out of your network. But when they get in, you'll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be., Network Security Monitoring (NSM) is the the collection, analysis, and escalation of indications and warnings to detect and respond to intrusions. The Practice of Network Security Monitoring teaches IT and security staff how to leverage powerful NSM tools and concepts to identify threats quickly and effectively. Author Richard Bejtlich is a recognized expert in NSM and shares his 15 years of incident handling experience with the reader. In addition to teaching you how to use key monitoring tools, Bejtlich demonstrates a holistic way of thinking about detecting, responding to, and containing intruders. The Practice of Network Security Monitoring assumes no prior experience with network security monitoring, and covers designing, deploying, building, and running an NSM operation. The book focuses on open source software and vendor-neutral tools, avoiding costly and inflexible solutions., Richard Bejtlich is Chief Security Officer at Mandiant and was previously Director of Incident Response for General Electric, where he built and led the 40-member GE Computer Incident Response Team (GE-CIRT). He is a graduate of Harvard University and the United States Air Force Academy. Bejtlich's previous works include The Tao of Network ......
LC Classification NumberTK5105.59

Prodotto più venduto in Università e adulti

Risparmia su Università e adulti

Il prezzo di tendenza è basato sui prezzi di vendita negli ultimi 90 giorni.