Thinking and Reasoning Arena

• Add to cart
• Price: $69.95 $62.96
• Paperback: 341 pages
• Also available in e-Book and e-Book
• Published: December 2010
• ISBN: 978-1-4398512-3-4
• Publisher: Auerbach Publications

Sharing & Social Bookmarking:

• Share on Facebook
• Post to Twitter
• Save on del.icio.us
• Stumble it!

Question about this product?

• Contact Us

The sophisticated methods used in recent high-profile cyber incidents have driven many to need to understand how such security issues work. Demystifying the complexity often associated with information assurance, Cyber Security Essentials provides a clear understanding of the concepts behind prevalent threats, tactics, and procedures.

To accomplish this, the team of security professionals from VeriSign’s iDefense^® Security Intelligence Services supply an extensive review of the computer security landscape. Although the text is accessible to those new to cyber security, its comprehensive nature makes it ideal for experts who need to explain how computer security works to non-technical staff. Providing a fundamental understanding of the theory behind the key issues impacting cyber security, the book:

• Covers attacker methods and motivations, exploitation trends, malicious code techniques, and the latest threat vectors
• Addresses more than 75 key security concepts in a series of concise, well-illustrated summaries designed for most levels of technical understanding
• Supplies actionable advice for the mitigation of threats
• Breaks down the code used to write exploits into understandable diagrams

This book is not about the latest attack trends or botnets. It’s about the reasons why these problems continue to plague us. By better understanding the logic presented in these pages, readers will be prepared to transition to a career in the growing field of cyber security and enable proactive responses to the threats and attacks on the horizon.

Table of Contents

Cyber Security Fundamentals

Network and Security Concepts

Information Assurance Fundamentals

Basic Cryptography

Symmetric Encryption

Public Key Encryption

The Domain Name System (DNS)

Firewalls

Virtualization

Radio-Frequency Identification

Microsoft Windows Security Principles

Windows Tokens

Window Messaging

Windows Program Execution

The Windows Firewall

Attacker Techniques and Motivations

How Hackers Cover Their Tracks (Anti-forensics)

How and Why Attackers Use Proxies

Tunneling Techniques

Fraud Techniques

Phishing, Smishing, Vishing and Mobile Malicious Code

Rogue Anti-Virus

Click Fraud

Threat Infrastructure

Botnets

Fast-Flux

Advanced Fast-Flux

Exploitation

Techniques to Gain a Foothold

Shellcode

Integer Overflow Vulnerabilities

Stack-Based Buffer Overflows

Format-String Vulnerabilities

SQL Injection

Malicious PDF Files

Race Conditions

Web Exploit Tools

DoS Conditions

Brute-Force and Dictionary Attacks

Misdirection, Reconnaissance and Disruption Methods

Cross-Site Scripting (XSS)

Social Engineering

WarXing

DNS Amplification Attacks

Malicious Code

Self-Replicating Malicious Code

Worms

Viruses

Evading Detection and Elevating Privileges

Obfuscation

Virtual Machine Obfuscation

Persistent Software Techniques

Rootkits

Spyware

Attacks against Privileged User Accounts and Escalation of Privileges

Token Kidnapping

Virtual Machine Detection

Stealing Information and Exploitation

Form Grabbing

Man-in-the-Middle Attacks

DLL Injection

Browser Helper Objects

Defense and Analysis Techniques

Memory Forensics

Why Memory Forensics Is Important

Capabilities of Memory Forensics

Memory Analysis Frameworks

Dumping Physical Memory

Installing and Using Volatility

Finding Hidden Processes

Volatility Analyst Pack

Honeypots

Malicious Code Naming

Automated Malicious Code Analysis Systems

Passive Analysis

Active Analysis

Physical or Virtual Machines

Intrusion Detection Systems

iDefense Special File Investigation Tools

Author/Editor Biography

This book is the direct result of the outstanding efforts of a talented pool of security analysts, editors, business leaders and security professionals, all of whom work for iDefense^® Security Intelligence Services; a business unit of VeriSign, Inc.

iDefense is an open-source, cyber security intelligence operation that maintains expertise in vulnerability research and alerting, exploit development, malicious code analysis, underground monitoring and international actor attribution. iDefense provides intelligence products to Fortune 1,000 companies and "three-letter agencies" in various world governments. iDefense also maintains the Security Operations Center for the Financial Sector Information Sharing and Analysis Center (FS-ISAC); one of 17 ISACs mandated by the US government to facilitate information sharing throughout the country’s business sectors.

iDefense has the industry-unique capability of determining not only the technical details of cyber security threats and events (the "what", the "when" and the "where"), but because of their international presence, iDefense personnel can ascertain the most likely actors and motivations behind these attacks (the "who" and the "why").

For more information, please contact customerservice@idefense.com.