Running Lean: Iterate from Plan A to a Plan That Works
فهرست مطالب کتاب Running Lean:
Part 1: Roadmap
Part 2: Document Your Plan A
Part 3: Identify the Riskiest Parts of Your Plan
Part 4: Systematically Test Your Plan
SANS AUD507.1 Enterprise Audit Fundamentals; Discovery and Scanning Tools
فهرست مطالب کتاب SANS AUD507.1 Enterprise Audit Fundamentals; Discovery and Scanning Tools:
The Role of the Auditor
Expectations of Auditors
Policies and Controls
EXERCISE 0: Student Lab Setup
Risk Assessment for Auditors
The Audit Process
EXERCISE 1.1: Calculating Samples and Errors
Population Auditing with Nmap
EXERCISE 1.2: Network Scanning and Continuous Monitoring with Nmap
Continuous Remediation
EXERCISE 1.3: Network Discovery Scanning with Nessus
SANS AUD507.2 PowerShell, Windows System, and Domain Auditing
فهرست مطالب کتاب SANS AUD507.2 PowerShell, Windows System, and Domain Auditing:
Background and Plan
PowerShell and WMI
Exercise 2.1: Scripting with PowerShell
Exercise 2.2: Exploring WMI with PowerShell and WMIC
Windows Auditing
Exercise 2.3: Discovering Operating System and Patch Levels
Users, Groups, and Privilege Management
Exercise 2.4: Querying Active Directory
System and Resource Security
Windows Logging
Continuous Monitoring
Exercise 2.5: Permissions, Rights, and Logging
SANS AUD507.3 Advanced UNIX Auditing and Monitoring
فهرست مطالب کتاب SANS AUD507.3 Advanced UNIX Auditing and Monitoring:
Accreditation Process
UNIX Tools and Scripting
Exercise 3.1: Unix Scripting
System Information and Host Hardening
Exercise 3.2: System Information, Permissions, and File Integrity
Services and Network Configuration
User and Privilege Management
Exercise 3.3: Services and Passwords
Logging and Monitoring
Exercise 3.4: Unix Logging, Monitoring, and Auditing
SANS AUD507.4 Auditing Private and Public Clouds, Containers, and Networks
فهرست مطالب کتاب SANS AUD507.4 Auditing Private and Public Clouds, Containers, and Networks:
Introduction to Cloud Technologies
Private Clouds and Hypervisors
Exercise 4.1: Auditing Hypervisors
The Public Cloud
Containers
Exercise 4.2: Auditing Docker Security
Networks and Firewalls
Exercise 4.3: Wireshark, Switch Configuration Symptoms and Device Configuration Auditing
Wi-Fi and VPNs
Public Services
Exercise 4.4: Auditing Public Services
SANS AUD507.5 Auditing Web Applications
فهرست مطالب کتاب SANS AUD507.5 Auditing Web Applications:
Understanding Web Applications
Exercise 5.1: HTML, HTTP, and Burp
Server Configuration
Secure Development Practices
Exercise 5.2: Analyzing TLS and Robots.txt
Authentication and Access Control
Exercise 5.3: Fuzzing and Brute Forcing with Burp Intruder
Data Handling
Logging and Monitoring
Exercise 5.4: Finding Injection Flaws
SANS FOR509.1 Microsoft 365 and Graph API
فهرست مطالب کتاب Microsoft 365 and Graph API:
Section 1.1: Introducing SOF-ELK®
Section 1.2: Key Elements of Cloud for DFIR
Section 1.3: Microsoft 365 Unified Audit Log
Section 1.4: Microsoft Graph API
SANS FOR509.2 Microsoft Azure
فهرست مطالب کتاب Microsoft Azure:
Section 2.1: Understanding Azure
Section 2.2: VMs, Networking, and Storage
Section 2.3: Log Sources for IR
Section 2.4: Virtual Machine Logs
Section 2.5: In-Cloud IR
SANS FOR509.3 Amazon Web Services (AWS)
فهرست مطالب کتاب Amazon Web Services (AWS):
Section 3.1: Understanding IR in AWS
Section 3.2: Networking, VMs, and Storage
Section 3.3: AWS Native Log Searching
Section 3.4: Event-Driven Response
Section 3.5: In-Cloud IR
SANS FOR509.4 Google Workspace Forensics and IR
فهرست مطالب کتاب Google Workspace Forensics and IR:
- Section 4.1: Understanding Google Workspace
- Section 4.2: Google Workspace Evidence
- Section 4.3: ATT&CKing Workspace
- Section 4.4: Workspace Evidence in Google Cloud