Cybersecurity Managing Systems, Conducting Testing, and Investigating Intrusions

A must-have, hands-on guide for working in the cybersecurity profession

Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This essential book addresses cybersecurity strategies that include identity management, risk management, and incident management, and also serves as a detailed guide for anyone looking to enter the security profession. Doubling as the text for a cybersecurity course, it is also a useful reference for cybersecurity testing, IT test/development, and system/network administration.

• Covers everything from basic network administration security skills through advanced command line scripting, tool customization, and log analysis skills
• Dives deeper into such intense topics as wireshark/tcpdump filtering, Google hacks, Windows/Linux scripting, Metasploit command line, and tool customizations
• Delves into network administration for Windows, Linux, and VMware
• Examines penetration testing, cyber investigations, firewall configuration, and security tool customization
• Shares techniques for cybersecurity testing, planning, and reporting

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions is a comprehensive and authoritative look at the critical topic of cybersecurity from start to finish.

Thomas J. Mowbray, PhD, holds gold-level certification from the SANS Institute in network penetration and ethical hacking. Dr. Mowbray, who has earned a doctorate in computer science, has co-authored five other professional books, including Wiley's bestseller Antipatterns: Refactoring Software, Architectures, and Projects in Crisis. After founding the Northrup Grumman Cyber Warfare Community of Practice, Dr. Mowbray joined the Certification and Accreditation Team (an elite cybersecurity test group) as their network administrator, security tools customizer, and hands-on penetration tester. At the time of writing, Dr. Mowbray is the Chief Enterprise Architect of The Ohio State University.

Introduction xix

Part I Cyber Network Security Concepts 1

Chapter 1 Executive Summary 3

Chapter 2 The Problems: Cyber Antipatterns 15

Chapter 3 Enterprise Security Using the Zachman Framework 37

Part II Cyber Network Security Hands-On 59

Chapter 4 Network Administration for Security Professionals 61

Chapter 5 Customizing BackTrack and Security Tools 103

Chapter 6 Protocol Analysis and Network Programming 115

Chapter 7 Reconnaissance, Vulnerability Assessment, and Cyber Testing 139

Chapter 8 Penetration Testing 165

Chapter 9 Cyber Network Defense Using Advanced Log Analysis 189

Part III Cyber Network Application Domains 217

Chapter 10 Cybersecurity for End Users, Social Media, and Virtual Worlds 219

Chapter 11 Cybersecurity Essentials for Small Business 233

Chapter 12 Large Enterprise Cybersecurity: Data Centers and Clouds 241

Chapter 13 Healthcare Information Technology Security 269

Chapter 14 Cyber Warfare: An Architecture for Deterrence 277

Glossary 307

Bibliography 317

Index 323

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.