Applied incident response / (Record no. 69239)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 03898cam a2200613Ia 4500 |
| 001 - CONTROL NUMBER | |
| control field | on1136964952 |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20220711203555.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 200118s2020 inu o 001 0 eng d |
| 019 ## - | |
| -- | 1136968985 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 1119560284 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 9781119560302 |
| -- | (electronic bk. ; |
| -- | oBook) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 1119560306 |
| -- | (electronic bk. ; |
| -- | oBook) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 9781119560319 |
| -- | (ePub ebook) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 1119560314 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 9781119560289 |
| -- | (electronic bk.) |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| -- | (print) |
| 029 1# - (OCLC) | |
| OCLC library identifier | AU@ |
| System control number | 000066724003 |
| 029 1# - (OCLC) | |
| OCLC library identifier | CHNEW |
| System control number | 001077463 |
| 029 1# - (OCLC) | |
| OCLC library identifier | CHVBK |
| System control number | 582680123 |
| 029 1# - (OCLC) | |
| OCLC library identifier | UKMGB |
| System control number | 019610822 |
| 037 ## - | |
| -- | 9781119560319 |
| -- | Wiley |
| 082 04 - CLASSIFICATION NUMBER | |
| Call Number | 005.8 |
| 100 1# - AUTHOR NAME | |
| Author | Anson, Steve. |
| 245 10 - TITLE STATEMENT | |
| Title | Applied incident response / |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) | |
| Place of publication | Indianapolis : |
| Publisher | Wiley, |
| Year of publication | 2020. |
| 300 ## - PHYSICAL DESCRIPTION | |
| Number of Pages | 1 online resource (464 pages) |
| 505 0# - FORMATTED CONTENTS NOTE | |
| Remark 2 | Prepare. The Threat Landscape -- Incident Readiness -- Respond. Remote Triage -- Remote Triage Tools -- Acquiring Memory -- Disk Imaging -- Network Security Monitoring -- Event Log Analysis -- Memory Analysis -- Malware Analysis -- Disk Forensics -- Lateral Movement Analysis -- Refine. Continuous Improvement -- Proactive Activities. |
| 500 ## - GENERAL NOTE | |
| Remark 1 | Includes index. |
| 520 ## - SUMMARY, ETC. | |
| Summary, etc | Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.''Applied Incident Response'details effective ways to respond to advanced attacks against local and remote network resources, 'providing proven response techniques and a framework through which to apply them.' As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: -Preparing your environment for effective incident response -Leveraging MITRE ATT & CK and threat intelligence for active network defense -Local and remote triage of systems using PowerShell, WMIC, and open-source tools -Acquiring RAM and disk images locally and remotely -Analyzing RAM with Volatility and Rekall -Deep-dive forensic analysis of system drives using open-source or commercial tools -Leveraging Security Onion and Elastic Stack for network security monitoring -Techniques for log analysis and aggregating high-value logs -Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox -Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more -Effective threat hunting techniques -Adversary emulation with Atomic Red Team -Improving preventive and detective controls. |
| 650 #0 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| General subdivision | Security measures. |
| 650 #7 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| General subdivision | Security |
| -- | Networking. |
| 650 #7 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| General subdivision | Security measures. |
| 856 40 - ELECTRONIC LOCATION AND ACCESS | |
| Uniform Resource Identifier | https://doi.org/10.1002/9781119560302 |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) | |
| Koha item type | eBooks |
| 336 ## - | |
| -- | text |
| -- | txt |
| -- | rdacontent |
| 337 ## - | |
| -- | computer |
| -- | c |
| -- | rdamedia |
| 338 ## - | |
| -- | online resource |
| -- | cr |
| -- | rdacarrier |
| 588 0# - | |
| -- | Print version record. |
| 650 #0 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| -- | Computer security. |
| 650 #0 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| -- | Computer networks |
| 650 #7 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| -- | COMPUTERS |
| 650 #7 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| -- | Computer networks |
| -- | (OCoLC)fst00872341 |
| 650 #7 - SUBJECT ADDED ENTRY--SUBJECT 1 | |
| -- | Computer security. |
| -- | (OCoLC)fst00872484 |
| 994 ## - | |
| -- | C0 |
| -- | DG1 |
No items available.