?

Детальная информация
Таблица Карточка RUSMARC
Название: Practical cyber intelligence: how action-based intelligence can be an effective response to incidents
Авторы: Bautista Wilson (Jr.,)
Коллекция: Электронные книги зарубежных издательств; Общая коллекция
Тематика: Cyber intelligence (Computer security); Cyberterrorism — Prevention.; Computer networks — Security measures.; Information technology — Security measures.; Computer crimes — Prevention.; COMPUTERS / Security / General; EBSCO eBooks
Тип документа: Другой
Тип файла: PDF
Язык: Английский
Права доступа: Доступ по паролю из сети Интернет (чтение, печать, копирование)
Ключ записи: on1034015100

Разрешенные действия:

pdf/1775073.pdf
Действие 'Прочитать' будет доступно, если вы выполните вход в систему или будете работать с сайтом на компьютере в другой сети Действие 'Загрузить' будет доступно, если вы выполните вход в систему или будете работать с сайтом на компьютере в другой сети
epub/1775073.epub
Действие 'Загрузить' будет доступно, если вы выполните вход в систему или будете работать с сайтом на компьютере в другой сети

Группа: Анонимные пользователи

Сеть: Интернет

Права на использование объекта хранения

Место доступа Группа пользователей Действие
Локальная сеть ИБК СПбПУ Все Прочитать Печать Загрузить
Интернет Авторизованные пользователи СПбПУ Прочитать Печать Загрузить
-> Интернет Анонимные пользователи

Оглавление

  • Cover
  • Copyright and Credits
  • Dedication
  • Packt Upsell
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: The Need for Cyber Intelligence
    • Need for cyber intelligence
    • The application of intelligence in the military
      • Intel stories in history
        • The American Revolutionary War
        • Napoleon's use of intelligence
    • Some types of intelligence
      • HUMINT or human intelligence 
      • IMINT or image intelligence
      • MASINT or measurement and signature intelligence
      • OSINT or open source intelligence
      • SIGINT or signals intelligence
      • COMINT or communications intelligence
      • ELINT or electronic intelligence
      • FISINT or foreign instrumentation signals intelligence
      • TECHINT or technical intelligence
      • MEDINT or medical intelligence
      • All source intelligence
    • Intelligence drives operations
      • Putting theory into practice isn't simple
    • Understanding the maneuver warfare mentality
      • Follow the process, the process will save you
      • What is maneuver warfare?
        • Tempo
          • The OODA Loop
        • Center of gravity and critical vulnerability
        • Surprise – creating and exploiting opportunity
        • Combined arms – collaboration
        • Flexibility
        • Decentralized command
    • Summary
  • Chapter 2: Intelligence Development
    • The information hierarchy
    • Introduction to the intelligence cycle
      • The intelligence cycle steps
      • Step 1 – Planning and direction
        • Requirements development
        • Requirements management
        • Directing the intelligence effort
        • Requirements satisfaction
        • Planning the intelligence support system
      • Step 2 – Collection
      • Step 3 – Processing
      • Step 4 – Analysis and Production
      • Step 5 – Dissemination
        • Methods
        • Channels
        • Modes
        • Dissemination architecture
      • Step 6 – Utilization
    • Summary
  • Chapter 3: Integrating Cyber Intel, Security, and Operations
    • A different look at operations and security
    • Developing a strategic cyber intelligence capability
      • Understanding our priorities
        • The business architecture
        • The data/application architecture
        • Technology architecture
        • Application of the architectures and cyber intelligence
      • A look at strategic cyber intelligence – level 1 
    • Introduction to operational security
      • OPSEC step 1 – identify critical information 
      • OPSEC step 2 – analysis of threats
      • OPSEC step 3 – analysis of vulnerabilities
      • OPSEC step 4 – assessment of risk
      • OPSEC step 5 – application of appropriate countermeasures
    • OPSEC applicability in a business environment
    • Cyber intel program roles
      • Strategic level – IT leadership
      • Strategic level – cyber intelligence program officer
      • Tactical level – IT leadership
      • Tactical level – cyber intelligence program manager
      • Operational level – IT leadership
      • Operational level – cyber intelligence analysts
    • Summary
  • Chapter 4: Using Cyber Intelligence to Enable Active Defense
    • An introduction to Active Defense
    • Understanding the Cyber Kill Chain
    • General principles of Active Defense
      • Active Defense – principle 1: annoyance
      • Active Defense – principle 2: attribution
    • Enticement and entrapment in Active Defense
      • Scenario A
      • Scenario B
    • Types of Active Defense
      • Types of Active Defense – manual
      • Types of Active Defense – automatic
    • An application of tactical level Active Defense
    • Summary
  • Chapter 5: F3EAD for You and for Me
    • Understanding targeting
    • The F3EAD process
    • F3EAD in practice
    • F3EAD and the Cyber Kill Chain
      • Cyber Kill Chain and OODA loop
      • Cyber Kill Chain and OPSEC
      • Cyber Kill Chain and the intelligence cycle
      • Cyber Kill Chain and F3EAD
    • Application of F3EAD in the commercial space
      • Limitations of F3EAD
    • Summary
  • Chapter 6: Integrating Threat Intelligence and Operations
    • Understanding threat intelligence
    • Capability Maturity Model – threat intelligence overview
      • Level 1 – threat intelligence collection capability
        • Phase initial 
          • Example 1 – Open Threat Exchange – AlienVault
          • Example 2 - Twitter
          • Example 3 - Information Sharing and Analysis Centers
          • Example 4 - news alert notifications
          • Example 5 - Rich Site Summary feeds
        • Phase A
          • Example 1 - Cisco – GOSINT platform
          • Example 2 - The Malware Information Sharing Platform project
        • Phase B
        • Phase C
      • Level 2 – Threat Information Integration
        • Phase initial
        • Phase A
          • Categorization of items that are applicable to multiple teams
        • Phase B
        • Phase C
    • Summary
  • Chapter 7: Creating the Collaboration Capability
    • Purpose of collaboration capability
      • Formal communications
      • Informal communications
      • Communication and cyber intelligence process
      • Methods and tools for collaboration
        • Service level agreements and organizational level agreements
        • Responsible accountable supporting consulted informed matrix
        • Using key risk indicators
    • Collaboration at the Strategic Level
      • Executive support
      • Policies and procedures
      • Architecture
        • Understanding dependencies
      • Prioritized information
      • Intelligence aggregation
      • Intelligence reconciliation and presentation
    • Collaboration at the Tactical Level
      • Breaking down priority information requirements
      • Application of the theory
      • Theory versus reality
      • Creating the tactical dashboard
    • Collaboration at the Operational Level
    • Summary
  • Chapter 8: The Security Stack
    • Purpose of integration – it's just my POV
    • Core security service basics
    • Security Operations Center
      • The spider
      • Capabilities among teams
    • Capability deep dive – Security Configuration Management
      • Security Configuration Management – core processes
      • Security Configuration Management – Discovery and Detection
      • Security Configuration Management – Risk Mitigation
      • Security Configuration Management – Security State Analysis
      • Security Configuration Management – Data Exposure and Sharing
    • Prelude – integrating like services
    • Integrating cyber intel from different services
      • Overview – red team methodology
      • Red team – testing methods
        • White box
        • Gray box
        • Black box
      • Red team constraints
      • Red team – graphical representation
      • Data integration challenges
        • The end user perspective
        • The service level perspective – cyber intelligence – Data Exposure and Sharing
        • The SOC perspective
    • Capability Maturity Model – InfoSec and cyber intel
      • Capability Maturity Model - InfoSec and cyber intel – initial phase
      • Capability Maturity Model - InfoSec and cyber intel – Phase A
      • Capability Maturity Model - InfoSec and cyber intel – Phase B
      • Capability Maturity Model - InfoSec and cyber intel – Phase C
    • Collaboration + Capability = Active Defense
    • Summary
  • Chapter 9: Driving Cyber Intel
    • The gap
    • Another set of eyes
      • The logic
        • Event
        • Incident
      • Mapping events and incidents to InfoSec capabilities
    • Capability Maturity Model – security awareness
      • Capability Maturity Model - security awareness Phase - Initial
      • Capability Maturity Model - security awareness – Phase A
      • Capability Maturity Model - security awareness – Phase B
      • Capability Maturity Model - security awareness – Phase C
      • Capability Maturity Model - security awareness – Phase C +
        • Just another day part 1
    • Summary
  • Chapter 10: Baselines and Anomalies
    • Setting up camp
      • Baselines and anomalies
    • Continuous monitoring – the challenge 
      • Part 1
      • Part 2
      • Part 3
    • Capability Maturity Model – continuous monitoring overview
      • Level 1 – phase A
      • Level 1 – phase B
      • Level 1 – phase C
    • Capability Maturity Model – continuous monitoring level 2
      • Scenario 1 – asset management/vulnerability scanning asset inventory
        • Phase initial
          • Information gathering
          • Developing possible solutions
        • Phase A
          • Procedure RASCI (example)
        • Phase B
          • Regional data centers
          • Local office environment
        • Phase C
      • Scenario 2 – security awareness/continuous monitoring/IT helpdesk
        • Phase initial
          • Information gathering
          • Developing possible solutions
        • Phase A
          • Procedure RASCI (example)
        • Phase B and C – sample questions 
      • Just another day part 2
    • Summary
  • Chapter 11: Putting Out the Fires
    • Quick review
    • Overview – incident response
      • Preparation and prevention
      • Detection and analysis
      • Containment, eradication, and recovery
      • Post-incident activity
      • Incident response process and F3EAD integration
      • Intelligence process tie-in
    • Capability Maturity Model – incident response
      • Initial phase
      • Phase A
      • Phase B
      • Phase C
    • Summary
  • Chapter 12: Vulnerability Management
    • A quick recap
    • The Common Vulnerability Scoring System calculator
      • Base metric group
      • Temporal metric group
      • Environmental metric group
      • CVSS base scoring
        • Metrics madness
    • Vulnerability management overview
    • Capability Maturity Model: vulnerability management – scanning
      • Initial phase
      • Phase A
      • Phase B
      • Phase C
    • Capability Maturity Model: vulnerability management – reporting
      • Initial phase
      • Phase A
      • Phase B
      • Phase C
    • Capability Maturity Model: vulnerability management – fix
      • Initial phase
      • Phase A
      • Phase B
      • Phase C
    • Summary
  • Chapter 13: Risky Business
    • Risk overview
      • Treating risk
      • Risk tolerance and risk appetite
    • Labeling things platinum, gold, silver, and copper
      • Differentiating networks
    • Taking a different look at risk
      • Review of threat intelligence integration
      • Capability Maturity Model: risk phase – initial
        • Improving risk reporting part 1
      • Capability Maturity Model: risk phase – final
        • Improving risk reporting part 2
      • Open source governance risk and compliance tools
        • Binary Risk Assessment
        • STREAM cyber risk platform
        • Practical threat analysis for information security experts
        • SimpleRisk
        • Security Officers Management and Analysis Project
    • Summary
  • Chapter 14: Assigning Metrics
    • Security configuration management
      • Developing the risk score
      • Working in key risk indicators
    • Summary
  • Chapter 15: Wrapping Up
    • Just another day part 3
    • Lessons learned
  • Other Books You May Enjoy
  • Index

Статистика использования

pdf/1775073.pdf

stat Количество обращений: 0
За последние 30 дней: 0
Подробная статистика

epub/1775073.epub

stat Количество обращений: 0
За последние 30 дней: 0
Подробная статистика