SANS SEC549 Workbook
فهرست مطالب کتاب Enterprise Cloud Security Architecture:
ندارد
SANS SEC549.1 Cloud Account Management and Identity Foundations
فهرست مطالب کتاب Cloud Account Management and Identity Foundations:
Security Architecture in the Cloud
Threat-Modeling the Cloud
Cloud-Native Security Models
Lab 1.1: Threat Modeling S3
Federated Access / Single Sign-On
Managing Users at Scale
Lab 1.2: Centralizing User Provisioning
Creating Hierarchical Cloud Structures
Designing for Policy Inheritance
Lab 1.3: Structure an AWS Organization
Implementing an Identity Foundation
Granting Access to Cloud Resources
Lab 1.4: Transition AWS Access to Roles
SANS SEC549.2 Implementing Zero-Trust in the Cloud
فهرست مطالب کتاب Enterprise Cloud Security Architecture:
Introduction to Cloud Migrations
Drivers for Cloud Migrations
Implementing Zero-Trust Architecture
Using Cloud Services to get to ZT
Lab 2.1: Integrating Auth into Legacy Application
Establishing Perimeters for Application Access
Connecting VPC-Aware and Non-VPC Aware Services
Lab 2.2: Creating a Shared VPC Network
Establishing Perimeters for Data Access
Managing S3 Access At Scale
Lab 2.3: Access Control For Shared Data Sets
SANS SEC555 Workbook Sections 1-2
فهرست مطالب کتاب SANS SEC555 Workbook Sections 1-2:
ندارد
SANS SEC555 Workbook Sections 3-5
فهرست مطالب کتاب SANS SEC555 Workbook Sections 3-5:
ندارد
SANS SEC555.1 SIEM Architecture
فهرست مطالب کتاب SANS SEC555.1 SIEM Architecture:
State of the SIEM
SIEM Planning
EXERCISE: DeTTect, Visualize Visibility and Detection Capabilities
Log Collection
EXERCISE: Introduction to SIEM Architecture
Log Aggregation and Parsing
EXERCISE: Log Ingestion from Files and Network Connections
EXERCISE: Log Enrichment and Parsing
Log Broker
Log Storage
Alerting and Analysis
EXERCISE: Tactical Alerting
SANS SEC555.2 Service Profiling with SIEM
فهرست مطالب کتاب SANS SEC555.2 Service Profiling with SIEM:
Major Networking Services
Service Log Collection
Log Enrichment
EXERCISE: Enrichment, Adding Context
SMTP
DNS
EXERCISE: Catching the Adversary with DNS
HTTP
EXERCISE: Investigating HTTP
TLS
EXERCISE: HTTPS Analysis
SANS SEC555.3 Advanced Endpoint Analytics
فهرست مطالب کتاب SANS SEC555.3 Advanced Endpoint Analytics:
Windows Logging
Linux Logging
Endpoint Collection Strategies
EXERCISE: Windows Log Filtering
Events of Interest
EXERCISE: CatchingEvil with Windows Logs
Host-based Firewalls
Login Events
EXERCISE: Login Monitoring
OS Protection
Container Logging
EXERCISE: Docker Monitoring
SANS SEC555.4 Baselining and User Behavior Monitoring
فهرست مطالب کتاب SANS SEC555.4 Baselining and User Behavior Monitoring:
Getting to Know Yourself
Active Device Discovery
Passive Device Discovery
EXERCISE: Master Inventory
Software Monitoring
Scripting
EXERCISE: PowerShell Compromise
Traffic Monitoring
EXERCISE: NetFlow Detection
User Monitoring
Tactical Baselining
EXERCISE: Cloud Monitoring
SANS SEC555.5 Tactical SIEM Detection and Post-Mortem Analysis
فهرست مطالب کتاب SANS SEC555.5 Tactical SIEM Detection and Post-Mortem Analysis:
Centralized Alerting
SIEM Alerting
EXERCISE: Sigma, MITRE and Universal Alerts
Intrusion Detection Systems
Analyzing Alerts
EXERCISE: Alert Context
External Analysis Tools
Case Management
Reverse Analysis
Tripwire Detection
EXERCISE: Virtual Tripwires
Post-Mortem Analysis
EXERCISE: Beacon Detection
SANS SEC556.1 Introduction to IoT Network Traffic and Web Services
فهرست مطالب کتاب SANS SEC556.1 Introduction to IoT Network Traffic and Web Services:
Internet of Things – History and Overview
IoT Testing Methodology
IoT Network Analysis and Exploitation
Exercise: Analyze an IoT Device Packet Capture
Exercise: Scan and Exploit an IoT Router Device
The Web of Things
IoT Web Services Recon
Exercise: Access a Publicly Exposed IoT Webcam
Hacking loT Devices on the Web
Attacking loT Web Service APIs
Exercise: Steal a Car through IoT Web Service APIs