Syngress Applied Network Security Monitoringseeders: 16
leechers: 3
Syngress Applied Network Security Monitoring (Size: 41.5 MB)
Description http://www.mynetsafety.com/2014/07/applied-network-security-monitoring.html Book Description Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM. Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster. The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data. If you’ve never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job. Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analyst Provides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and Argus Loaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examples Companion website includes up-to-date blogs from the authors about the latest developments in NSM Table of Contents Chapter 1. The Practice of Applied Network Security Monitoring Section 1 - Collection Chapter 2. Planning Data Collection Chapter 3. The Sensor Platform Chapter 4. Session Data Chapter 5. Full Packet Capture Data Chapter 6. Packet String Data Section 2 - Detection Chapter 7. Detection Mechanisms, Indicators of Compromise, and Signatures Chapter 8. Reputation-Based Detection Chapter 9. Signature-Based Detection with Snort and Suricata Chapter 10. The Bro Platform Chapter 11. Anomaly-Based Detection with Statistical Data Chapter 12. Using Canary Honeypots for Detection Section 3 - Analysis Chapter 13. Packet Analysis Chapter 14. Friendly and Threat Intelligence Chapter 15. The Analysis Process Appendix 1. Security Onion Control Scripts Appendix 2. Important Security Onion Files and Directories Appendix 3. Packet Headers Appendix 4. Decimal / Hex / ASCII Conversion Chart Sharing Widget |