Rework
فهرست مطالب کتاب Rework:
CHAPTER INTRODUCTION
CHAPTER FIRST
CHAPTER TAKEDOWNS
CHAPTER GO
CHAPTER PROGRESS
CHAPTER PRODUCTIVITY
CHAPTER COMPETITORS
CHAPTER EVOLUTION
CHAPTER PROMOTION
CHAPTER HIRING
CHAPTER DAMAGE CONTROL
CHAPTER CULTURE
CHAPTER CONCLUSION
CHAPTER RESOURCES
Running Lean: Iterate from Plan A to a Plan That Works
فهرست مطالب کتاب Running Lean:
Part 1: Roadmap
Part 2: Document Your Plan A
Part 3: Identify the Riskiest Parts of Your Plan
Part 4: Systematically Test Your Plan
SANS AUD507.1 Enterprise Audit Fundamentals; Discovery and Scanning Tools
فهرست مطالب کتاب SANS AUD507.1 Enterprise Audit Fundamentals; Discovery and Scanning Tools:
The Role of the Auditor
Expectations of Auditors
Policies and Controls
EXERCISE 0: Student Lab Setup
Risk Assessment for Auditors
The Audit Process
EXERCISE 1.1: Calculating Samples and Errors
Population Auditing with Nmap
EXERCISE 1.2: Network Scanning and Continuous Monitoring with Nmap
Continuous Remediation
EXERCISE 1.3: Network Discovery Scanning with Nessus
SANS AUD507.2 PowerShell, Windows System, and Domain Auditing
فهرست مطالب کتاب SANS AUD507.2 PowerShell, Windows System, and Domain Auditing:
Background and Plan
PowerShell and WMI
Exercise 2.1: Scripting with PowerShell
Exercise 2.2: Exploring WMI with PowerShell and WMIC
Windows Auditing
Exercise 2.3: Discovering Operating System and Patch Levels
Users, Groups, and Privilege Management
Exercise 2.4: Querying Active Directory
System and Resource Security
Windows Logging
Continuous Monitoring
Exercise 2.5: Permissions, Rights, and Logging
SANS AUD507.3 Advanced UNIX Auditing and Monitoring
فهرست مطالب کتاب SANS AUD507.3 Advanced UNIX Auditing and Monitoring:
Accreditation Process
UNIX Tools and Scripting
Exercise 3.1: Unix Scripting
System Information and Host Hardening
Exercise 3.2: System Information, Permissions, and File Integrity
Services and Network Configuration
User and Privilege Management
Exercise 3.3: Services and Passwords
Logging and Monitoring
Exercise 3.4: Unix Logging, Monitoring, and Auditing
SANS AUD507.4 Auditing Private and Public Clouds, Containers, and Networks
فهرست مطالب کتاب SANS AUD507.4 Auditing Private and Public Clouds, Containers, and Networks:
Introduction to Cloud Technologies
Private Clouds and Hypervisors
Exercise 4.1: Auditing Hypervisors
The Public Cloud
Containers
Exercise 4.2: Auditing Docker Security
Networks and Firewalls
Exercise 4.3: Wireshark, Switch Configuration Symptoms and Device Configuration Auditing
Wi-Fi and VPNs
Public Services
Exercise 4.4: Auditing Public Services
SANS AUD507.5 Auditing Web Applications
فهرست مطالب کتاب SANS AUD507.5 Auditing Web Applications:
Understanding Web Applications
Exercise 5.1: HTML, HTTP, and Burp
Server Configuration
Secure Development Practices
Exercise 5.2: Analyzing TLS and Robots.txt
Authentication and Access Control
Exercise 5.3: Fuzzing and Brute Forcing with Burp Intruder
Data Handling
Logging and Monitoring
Exercise 5.4: Finding Injection Flaws
SANS FOR509.1 Microsoft 365 and Graph API
فهرست مطالب کتاب Microsoft 365 and Graph API:
Section 1.1: Introducing SOF-ELK®
Section 1.2: Key Elements of Cloud for DFIR
Section 1.3: Microsoft 365 Unified Audit Log
Section 1.4: Microsoft Graph API
SANS FOR509.2 Microsoft Azure
فهرست مطالب کتاب Microsoft Azure:
Section 2.1: Understanding Azure
Section 2.2: VMs, Networking, and Storage
Section 2.3: Log Sources for IR
Section 2.4: Virtual Machine Logs
Section 2.5: In-Cloud IR
SANS FOR509.3 Amazon Web Services (AWS)
فهرست مطالب کتاب Amazon Web Services (AWS):
Section 3.1: Understanding IR in AWS
Section 3.2: Networking, VMs, and Storage
Section 3.3: AWS Native Log Searching
Section 3.4: Event-Driven Response
Section 3.5: In-Cloud IR