505.1 – Learn PowerShell Scripting for Security
فهرست مطالب کتاب 505.1 – Learn PowerShell Scripting for Security:
Today’s Agenda
On Your Computer
What Is Windows PowerShell?
What Is PowerShell Core?
Tips for Executing Commands
Getting Help in PowerShell
Aliases
Objects, Properties, and Methods
Get-Member (Alias: gm)
Drives and Environment Variables
Your Profile Script(s)
Functions, Cmdlets, and Modules
The PowerShell Gallery
Today’s Agenda
Exporting, Importing, and Converting Object Data
On Your Computer
Select-Object (Alias: Select)
Where-Object (Aliases: Where, ?)
Arrays: Like In-Memory Database Tables
Capturing Output and File Contents to an Array
Search Event Logs
Hashtables
Splatting
Today’s Agenda
On Your Computer
Flow Control: If-ElseIf-Else
Flow Control: While
Flow Control: Do-While
Flow Control: ForEach and For
Flow Control: Switch
Today’s Agenda
On Your Computer
Functions
Creating a New Function
Passing in Named Parameters to a Function
Switch Parameters to Functions
Assigning Default Values to Function Parameters
Passing Arguments into Scripts
Typical Script Layout
Congratulations!
Appendix A: Becoming a Domain Controller
Appendix B: What Is the .NET Framework?
Appendix C: Creating COM Objects
Appendix D: Operators and Strings
Appendix E: Error Handling
Appendix F: Parsing Nmap XML Output
Appendix G: Installing Windows Server
506 – Hardening Linux/Unix Systems – Sections 1–3
فهرست مطالب کتاب Hardening Linux/Unix Systems:
ندارد
511.1 – Current State Assessment, SOCs, and Security Architecture
فهرست مطالب کتاب 511.1 – Current State Assessment, SOCs, and Security Architecture:
Course Overview
EXERCISE: Initial Configuration and Connection
Current State Assessment
Adversarial Dominance
Traditional Attack Techniques
Traditional Cyber Defense
EXERCISE: Detecting Traditional Attack Techniques
Modern Attack Techniques
Client-Side Attack Vectors…
Client-Side Targets.
Post-Exploitation
Modern Cyber Defense Principles
530.4 – Data-Centric Security
فهرست مطالب کتاب 530.4 – Data-Centric Security:
Data-Centric Security
Web Application Firewalls
EXERCISE: Securing Web Applications
Database Monitoring and Controls
Access Controls
Data Encryption
File Classification
EXERCISE: Discovering Sensitive Data
Data Loss Prevention
Enterprise Data Control
Mobile Device Management
Private Cloud Security
Public Cloud Security
Containers
EXERCISE: Secure Virtualization
530.5 – Zero Trust Architecture Addressing the Adversaries Already in Our Networks
فهرست مطالب کتاب 530.5 – Zero Trust Architecture Addressing the Adversaries Already in Our Networks:
Zero Trust Architecture
Credential Rotation
Securing Traffic
EXERCISE: Network Isolation and Mutual Authentication
Host-Based Firewalls
Network Access Control (NAC)
Segmentation Gateways
Security Event Information Management (SIEM)
EXERCISE: SIEM Analysis and Tactical Detection
Log Collection
Audit Policies
Host Hardening
Patching
Tripwires and Red Herring Defenses
EXERCISE: Advanced Defense Strategies
530.6 – Hands-On Secure the Flag Challenge
فهرست مطالب کتاب 530.6 – Hands-On Secure the Flag Challenge:
ندارد
599.1 – Purple Team Tactics & Kill Chain Defenses
فهرست مطالب 599.1 – Purple Team Tactics & Kill Chain Defenses:
Day 1: Introduction & Reconnaissance
Day 2: Payload Delivery & Execution
Day 3: Exploitation, Persistence and Command & Control
Day 4: Lateral Movement
Day 5: Action on Objectives, Threat Hunting & Incident Response
Day 6: APT Defender Capstone
599.2 – Payload Delivery and Execution
فهرست مطالب 599.2 – Payload Delivery and Execution:
Day 1: Introduction & Reconnaissance SANS
Day 2: Payload Delivery & Execution
Day 3: Exploitation, Persistence and Command & Control
Day 4: Lateral Movement
Day 5: Action on Objectives, Threat Hunting & Incident Response
Day 6: APT Defender Capstone
599.3 – Exploitation, Persistence, and Command & Control
فهرست مطالب 599.3 – Exploitation, Persistence, and Command & Control:
Day 1: Introduction & Reconnaissance
Day 2: Payload Delivery & Execution
Day 3: Exploitation, Persistence and Command & Control
Day 4: Lateral Movement
Day 5: Action on Objectives, Threat Hunting & Incident Response
Day 6: APT Defender Capstone
599.4 – Lateral Movement
فهرست مطالب 599.4 – Lateral Movement:
Day 1: Introduction & Reconnaissance
Day 2: Payload Delivery & Execution
Day 3: Exploitation, Persistence and
Day 4: Lateral Movement
Day 5: Action on Objectives, Threat Hunting & Incident Response
Day 6: APT Defender Capstone
599.5 – Action on Objectives, Threat Hunting, & Incident Response
فهرست مطالب کتاب 599.5 – Action on Objectives, Threat Hunting, & Incident Response:
Day 1: Introduction & Reconnaissance
Day 2: Payload Delivery & Execution
Day 3: Exploitation, Persistence and Command & Control SANS
Day 4: Lateral Movement
Day 5: Action on Objectives, Threat Hunting & Incident Response
Day 6: APT Defender Capstone
