Applied network security monitoring : collection, detection, and analysis / Chris Sanders, Jason Smith
Tipo de material:
TextoDetalles de publicación: Waltham : Syngress, 2014 Descripción: XXIV, 472 p. ; 24 cmISBN: 9780124172081Tema(s): Criptografía | Seguridad informáticaResumen: Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM. Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster. The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data. If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job. Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analystProvides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and ArgusLoaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examplesCompanion website includes up-to-date blogs from the authors about the latest developments in NSM
INDICE: Introduction to NSM Driving Data Collection The Sensor Platform Full Packet Capture Data Session Data Protocol Metadata Statistical Data Indicators of Compromise Target-Based Detection Signature-Based Detection with Snort Signature-Based Detection with Suricata Anomaly-Based Detection with Bro Early Warning AS&W with Honeypots Packet Analysis Friendly Intelligence Hostile Intelligence Differential Diagnosis of NSM Events Incident Morbidity and Mortality Malware Analysis for NSM
| Tipo de ítem | Biblioteca de origen | Signatura | Estado | Fecha de vencimiento | Código de barras | Reserva de ítems | Bibliografía recomendada |
|---|---|---|---|---|---|---|---|
| Manuales | 03. BIBLIOTECA INGENIERÍA PUERTO REAL | 681.3.07-7/SAN/app (Navegar estantería(Abre debajo)) | Disponible Ubicación en estantería | Bibliomaps® | 3745200080 | |||
| Monografías | 03. BIBLIOTECA INGENIERÍA PUERTO REAL | 681.3.07-7/SAN/app (Navegar estantería(Abre debajo)) | Disponible Ubicación en estantería | Bibliomaps® | 3744455541 |
Navegando 03. BIBLIOTECA INGENIERÍA PUERTO REAL Estantes Cerrar el navegador de estanterías (Oculta el navegador de estanterías)
Índice
Bibliografía
Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM. Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster. The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data. If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job. Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analystProvides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and ArgusLoaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examplesCompanion website includes up-to-date blogs from the authors about the latest developments in NSM
INDICE: Introduction to NSM Driving Data Collection The Sensor Platform Full Packet Capture Data Session Data Protocol Metadata Statistical Data Indicators of Compromise Target-Based Detection Signature-Based Detection with Snort Signature-Based Detection with Suricata Anomaly-Based Detection with Bro Early Warning AS&W with Honeypots Packet Analysis Friendly Intelligence Hostile Intelligence Differential Diagnosis of NSM Events Incident Morbidity and Mortality Malware Analysis for NSM
No hay comentarios en este titulo.