Microsoft 365 Security and Compliance for Administrators. A definitive guide to planning, implementing, and maintaining Microsoft 365 security posture

Sasha Kranjac, Omar Kudovic

In today's hostile cyber landscape, securing data and complying with regulations is paramount for individuals, businesses, and organizations alike. Learn how Microsoft 365 Security and Compliance offers powerful tools to protect sensitive data and defend against evolving cyber threats with this comprehensive guide for administrators.Starting with an introduction to Microsoft 365 plans and essential compliance and security features, this book delves into the role of Azure Active Directory in Microsoft 365, laying the groundwork for a robust security framework. You’ll then advance to exploring the complete range of Microsoft 365 Defender security products, their coverage, and unique protection services to combat evolving threats.From threat mitigation strategies to governance and compliance best practices, you’ll gain invaluable insights into classifying and protecting data while mastering crucial data lifecycle capabilities in Microsoft 365.By the end of this book, you’ll be able to elevate the security and compliance posture of your organization significantly.

Microsoft Azure Security. Protect your solutions from malicious users using Microsoft Azure Services

Roberto Freato, Brent C Samodien

Microsoft Azure Security Technologies Certification and Beyond. Gain practical skills to secure your Azure environment and pass the AZ-500 exam

David Okeyode

Exam preparation for the AZ-500 means you’ll need to master all aspects of the Azure cloud platform and know how to implement them. With the help of this book, you'll gain both the knowledge and the practical skills to significantly reduce the attack surface of your Azure workloads and protect your organization from constantly evolving threats to public cloud environments like Azure.While exam preparation is one of its focuses, this book isn't just a comprehensive security guide for those looking to take the Azure Security Engineer certification exam, but also a valuable resource for those interested in securing their Azure infrastructure and keeping up with the latest updates. Complete with hands-on tutorials, projects, and self-assessment questions, this easy-to-follow guide builds a solid foundation of Azure security. You’ll not only learn about security technologies in Azure but also be able to configure and manage them. Moreover, you’ll develop a clear understanding of how to identify different attack vectors and mitigate risks.By the end of this book, you'll be well-versed with implementing multi-layered security to protect identities, networks, hosts, containers, databases, and storage in Azure – and more than ready to tackle the AZ-500.

Microsoft Cybersecurity Architect Exam Ref SC-100. Ace the SC-100 exam and develop cutting-edge cybersecurity strategies - Second Edition

Dwayne Natwick, Graham Gold, Abu Zobayer

This Second Edition of Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Packed with practice questions, mock exams, interactive flashcards, and invaluable exam tips, this comprehensive resource gives you everything you need to conquer the SC-100 exam with confidence.This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture of both cloud-only and hybrid infrastructures. You'll discover how to implement zero trust principles, enhance security operations, and elevate your organization's security posture.By the end of this book, you'll be fully equipped to plan, design, and assess cybersecurity frameworks for Microsoft cloud environments—and pass the SC-100 exam with flying colors. Ready to take your cybersecurity expertise to the next level? This guide is your key to success.

Microsoft Defender for Endpoint in Depth. Take any organization's endpoint security to the next level

Paul Huijbregts, Joe Anich, Justen Graves

With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.

Microsoft Information Protection Administrator SC-400 Certification Guide. Advance your Microsoft Security & Compliance services knowledge and pass the SC-400 exam with confidence

Shabaz Darr, Viktor Hedberg, Simon Binder

Cloud technologies have massively increased the amount of data being produced and the places in which this data is stored. Without proper planning and discipline in configuring information protection for your data, you may be compromising information and regulatory compliance.Microsoft Information Protection Administrator SC-400 Certification Guide begins with an overview of the SC-400 exam, and then enables you to envision, implement, and administer the Information Protection suite offered by Microsoft. The book also provides you with hands-on labs, along with the theory of creating policies and rules for content classification, data loss prevention, governance, and protection. Toward the end, you'll be able to take mock tests to help you prepare effectively for the exam.By the end of this Microsoft book, you'll have covered everything needed to pass the SC-400 certification exam, and have a handy, on-the-job desktop reference guide.

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900. Familiarize yourself with security, identity, and compliance in Microsoft 365 and Azure

Dwayne Natwick, Sonia Cuff

Cloud technologies have made building a defense-in-depth security strategy of paramount importance. Without proper planning and discipline in deploying the security posture across Microsoft 365 and Azure, you are compromising your infrastructure and data. Microsoft Security, Compliance, and Identity Fundamentals is a comprehensive guide that covers all of the exam objectives for the SC-900 exam while walking you through the core security services available for Microsoft 365 and Azure.This book starts by simplifying the concepts of security, compliance, and identity before helping you get to grips with Azure Active Directory, covering the capabilities of Microsoft’s identity and access management (IAM) solutions. You'll then advance to compliance center, information protection, and governance in Microsoft 365. You'll find out all you need to know about the services available within Azure and Microsoft 365 for building a defense-in-depth security posture, and finally become familiar with Microsoft's compliance monitoring capabilities.By the end of the book, you'll have gained the knowledge you need to take the SC-900 certification exam and implement solutions in real-life scenarios.

Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide. Manage, monitor, and respond to threats using Microsoft Security Stack for securing IT systems

Trevor Stuart, Joe Anich

Security in information technology has always been a topic of discussion, one that comes with various backgrounds, tools, responsibilities, education, and change! The SC-200 exam comprises a wide range of topics that introduce Microsoft technologies and general operations for security analysts in enterprises. This book is a comprehensive guide that covers the usefulness and applicability of Microsoft Security Stack in the daily activities of an enterprise security operations analyst.Starting with a quick overview of what it takes to prepare for the exam, you'll understand how to implement the learning in real-world scenarios. You'll learn to use Microsoft's security stack, including Microsoft 365 Defender, and Microsoft Sentinel, to detect, protect, and respond to adversary threats in your enterprise. This book will take you from legacy on-premises SOC and DFIR tools to leveraging all aspects of the M365 Defender suite as a modern replacement in a more effective and efficient way.By the end of this book, you'll have learned how to plan, deploy, and operationalize Microsoft's security stack in your enterprise and gained the confidence to pass the SC-200 exam.

Microsoft Sentinel in Action. Architect, design, implement, and operate Microsoft Sentinel as the core of your security solutions - Second Edition

Richard Diver, Gary Bushey, John Perkins

Microsoft Sentinel is a security information and event management (SIEM) tool developed by Microsoft that helps you integrate cloud security and artificial intelligence (AI). This book will teach you how to implement Microsoft Sentinel and understand how it can help detect security incidents in your environment with integrated AI, threat analysis, and built-in and community-driven logic.The first part of this book will introduce you to Microsoft Sentinel and Log Analytics, then move on to understanding data collection and management, as well as how to create effective Microsoft Sentinel queries to detect anomalous behaviors and activity patterns. The next part will focus on useful features, such as entity behavior analytics and Microsoft Sentinel playbooks, along with exploring the new bi-directional connector for ServiceNow. In the next part, you’ll be learning how to develop solutions that automate responses needed to handle security incidents and find out more about the latest developments in security, techniques to enhance your cloud security architecture, and explore how you can contribute to the security community.By the end of this book, you’ll have learned how to implement Microsoft Sentinel to fit your needs and protect your environment from cyber threats and other security issues.

Microsoft Windows Server 2003/2008. Bezpieczeństwo środowiska z wykorzystaniem Forefront Security

Światowiak Jacek

Zapewnij bezpieczeństwo Twoim systemom informatycznym! Jak w pełni wykorzystać serwer ISA 2006? Jak zautomatyzować proces aktualizacji, korzystając z WSUS? Czym jest infrastruktura klucza publicznego, jak ją zaprojektować i wdrożyć? Jak chronić specjalizowane serwery i stacje robocze przed szkodliwym oprogramowaniem oraz spamem? Niniejsza książka jest unikalną na rynku wydawniczym publikacją, podejmującą temat bezpieczeństwa z wykorzystaniem pakietu Forefront Security Suite. Pakiet ten, będący odpowiedzią Microsoftu na rosnące wymagania w zakresie bezpieczeństwa systemów oraz danych przetwarzanych w nich i składowanych, oferuje całą gamę narzędzi zapewniających bezpieczne przechowywanie oraz przesyłanie danych, ochronę przed szkodliwym oprogramowaniem i niechcianą pocztą. Teraz możesz dowiedzieć się, jak w praktyce wykorzystać te możliwości! W trakcie lektury zapoznasz się z architekturą systemu Forefront Security Suite oraz jego zaletami. Zdobędziesz wiedzę na temat infrastruktury klucza publicznego, usługi WSUS (skrót od ang. Windows System Update Service) oraz metod wdrażania jednostki certyfikacyjnej. Ponadto dowiesz się, jak zagwarantować najwyższy poziom wiarygodności w systemach z rodziny Windows Server 2003/2008 oraz wykorzystać wszystkie programy i narzędzia pakietu. Dodatkowo zgłębisz tajniki zabezpieczania stacji roboczych z użyciem Forefront Client Security. Książka ta adresowana jest do administratorów serwerów, administratorów sieci, specjalistów od zabezpieczeń oraz pasjonatów zagadnień związanych z bezpieczeństwem systemów informatycznych. Architektura Microsoft Forefront Automatyczna aktualizacja systemów oraz oprogramowania Wdrażanie infrastruktury klucza publicznego Wykorzystanie kreatora konfiguracji zabezpieczeń Instalacja i praca z ISA Server 2006 w wersji Standard oraz Enterprise Dostęp VPN z wykorzystaniem serwera ISA 2006 Ochrona antyspamowa w Exchange 2003 oraz 2007 Zabezpieczanie serwerów Exchange - Forefront Server Security for Exchange Ochrona serwerów SharePoint - Forefront Server Security for SharePoint Zabezpieczanie środowiska OCS 2007 - Forefront Server Security for Office Communications Server 2007 Zarządzanie bezpieczeństwem serwerów z wykorzystaniem Forefront Server Security Management Console Przyszłość technologii - Forefront Threat Management Gateway oraz technologia Stirling Kompletne źródło informacji na temat bezpieczeństwa w systemach Windows Server 2003/2008!

Mobile App Reverse Engineering. Get started with discovering, analyzing, and exploring the internals of Android and iOS apps

Abhinav Mishra

Mobile App Reverse Engineering is a practical guide focused on helping cybersecurity professionals scale up their mobile security skills. With the IT world’s evolution in mobile operating systems, cybercriminals are increasingly focusing their efforts on mobile devices. This book enables you to keep up by discovering security issues through reverse engineering of mobile apps.This book starts with the basics of reverse engineering and teaches you how to set up an isolated virtual machine environment to perform reverse engineering. You’ll then learn about modern tools such as Ghidra and Radare2 to perform reverse engineering on mobile apps as well as understand how Android and iOS apps are developed. Next, you’ll explore different ways to reverse engineer some sample mobile apps developed for this book. As you advance, you’ll learn how reverse engineering can help in penetration testing of Android and iOS apps with the help of case studies. The concluding chapters will show you how to automate the process of reverse engineering and analyzing binaries to find low-hanging security issues.By the end of this reverse engineering book, you’ll have developed the skills you need to be able to reverse engineer Android and iOS apps and streamline the reverse engineering process with confidence.

Mobile Forensics - Advanced Investigative Strategies. Click here to enter text

Oleg Afonin, Vladimir Katalov

Investigating digital media is impossible without forensic tools. Dealing with complex forensic problems requires the use of dedicated tools, and even more importantly, the right strategies. In this book, you’ll learn strategies and methods to deal with information stored on smartphones and tablets and see how to put the right tools to work.We begin by helping you understand the concept of mobile devices as a source of valuable evidence. Throughout this book, you will explore strategies and plays and decide when to use each technique. We cover important techniques such as seizing techniques to shield the device, and acquisition techniques including physical acquisition (via a USB connection), logical acquisition via data backups, over-the-air acquisition. We also explore cloud analysis, evidence discovery and data analysis, tools for mobile forensics, and tools to help you discover and analyze evidence.By the end of the book, you will have a better understanding of the tools and methods used to deal with the challenges of acquiring, preserving, and extracting evidence stored on smartphones, tablets, and the cloud.

Mobile Forensics Cookbook. Data acquisition, extraction, recovery techniques, and investigations using modern forensic tools

Igor Mikhaylov

Considering the emerging use of mobile phones, there is a growing need for mobile forensics. Mobile forensics focuses specifically on performing forensic examinations of mobile devices, which involves extracting, recovering and analyzing data for the purposes of information security, criminal and civil investigations, and internal investigations.Mobile Forensics Cookbook starts by explaining SIM cards acquisition and analysis using modern forensics tools. You will discover the different software solutions that enable digital forensic examiners to quickly and easily acquire forensic images. You will also learn about forensics analysis and acquisition on Android, iOS, Windows Mobile, and BlackBerry devices. Next, you will understand the importance of cloud computing in the world of mobile forensics and understand different techniques available to extract data from the cloud. Going through the fundamentals of SQLite and Plists Forensics, you will learn how to extract forensic artifacts from these sources with appropriate tools. By the end of this book, you will be well versed with the advanced mobile forensics techniques that will help you perform the complete forensic acquisition and analysis of user data stored in different devices.

Modele rozwiązań prawnych w systemie cyberbepiczeństwa RP. Rekomendacje

red. Katarzyna Chałubińska-Jentkiewicz, Agnieszka Brzostek

Przedmiotem zainteresowania Autorów stało się interdyscyplinarnie postrzegane cyberbezpieczeństwo, zaś badaniom poddano prawne i organizacyjne rozwiązania na rzecz efektywnego przeciwdziałania oraz zwalczania niebezpiecznych zachowań w cyberprzestrzeni. Wyzwaniem badawczym stały się także relacje pomiędzy systemem cyberbezpieczeństwa a systemem prawa i związanym z tym działaniem organów władzy publicznej. Ważne zagadnienie stanowiła również analiza prawno-administracyjnych uregulowań w zakresie ochrony danych osobowych oraz ochrony informacji w cyberprzestrzeni, a także odpowiedzialności karnej za naruszenie dóbr podlegających przedmiotowej ochronie. Prof. dr hab. Waldemar KITLER, ASZWOJ Publikacja wpisuje się w aktualny nurt nauk o cyberbezpieczeństwie i jest interdyscyplinarna, tak samo jak pojęcie i system cyberbezpieczeństwa, obejmując swoim zakresem prawo publiczne i prywatne. Istotą i tym co odróżnia ją o innych dostępnych na rynku opracowań w zakresie systemu cyberbezpieczeństwa jest wskazanie przez każdego z Autorów rekomendacji w zakresie rozwoju określonych dziedzin prawa w systemie cyberbezpieczeństwa. dr hab. Jarosław Kostrubiec, prof. UMCS

Modern Cryptography for Cybersecurity Professionals. Learn how you can leverage encryption to better secure your organization's data

Lisa Bock

In today's world, it is important to have confidence in your data storage and transmission strategy. Cryptography can provide you with this confidentiality, integrity, authentication, and non-repudiation. But are you aware of just what exactly is involved in using cryptographic techniques? Modern Cryptography for Cybersecurity Professionals helps you to gain a better understanding of the cryptographic elements necessary to secure your data.The book begins by helping you to understand why we need to secure data and how encryption can provide protection, whether it be in motion or at rest. You'll then delve into symmetric and asymmetric encryption and discover how a hash is used. As you advance, you'll see how the public key infrastructure (PKI) and certificates build trust between parties, so that we can confidently encrypt and exchange data. Finally, you'll explore the practical applications of cryptographic techniques, including passwords, email, and blockchain technology, along with securely transmitting data using a virtual private network (VPN).By the end of this cryptography book, you'll have gained a solid understanding of cryptographic techniques and terms, learned how symmetric and asymmetric encryption and hashed are used, and recognized the importance of key management and the PKI.

Mroczne odmęty phishingu. Nie daj się złowić!

Christopher Hadnagy

Ofensywne i defensywne strony ataków e-mailowych Ataki za pomocą specjalnie spreparowanych wiadomości e-mail stały się jednym z najczęstszych i najbardziej uciążliwych zagrożeń. Mimo kampanii edukacyjnych i szeroko zakrojonych programów bezpieczeństwa phishing wciąż jest niezwykle skuteczną bronią przestępców. Jest tak, gdyż wykorzystuje odruchy, którymi kieruje się znakomita większość ludzi. Aby więc ochronić się przed atakiem, trzeba poznać zarówno podstawy ataków e-mailowych, jak i pewnych zasad psychologii i metod manipulacji ludzkim postępowaniem. Trzymasz w ręku świetny przewodnik po mrocznym świecie phishingu. Opisano tu formy tego rodzaju ataków, przedstawiono sposoby rozpoznawania fałszywych wiadomości e-mail czy sklonowanych stron internetowych. Omówiono również socjotechniczne aspekty phishingu, dzięki czemu lepiej zrozumiesz psychologiczne mechanizmy rządzące postępowaniem ofiary. Po lekturze tej książki będziesz również wiedział, jak udoskonalić firmowy system bezpieczeństwa, aby skutecznie odpierać ataki e-mailowe — nawet te bardzo wyrafinowane! W tej książce: opis słynnych włamań dokonanych za pomocą spreparowanych e-maili analiza celów ataku i korzyści, jakie osiągają atakujący psychologiczne i socjologiczne podstawy phishingu analiza przyczyn nieskuteczności firmowych programów budowania świadomości bezpieczeństwa informacji metody rozpoznawania ataków metody ochrony systemu informatycznego przed phishingiem Nie daj się złapać na haczyk! Strzeż swego bezpieczeństwa! Christopher Hadnagy jest założycielem spółki Social-Engineer. Od ponad 15 lat zajmuje się kwestiami bezpieczeństwa informacji. Specjalizuje się w badaniu socjotechnicznych metod zdobywania nieuprawnionego dostępu do informacji. Wzięty autor i aktywny uczestnik wielu konferencji. Michele Fincher jest behawiorystką, badaczką i ekspertką w dziedzinie bezpieczeństwa informacji. Pracowała dla Sił Powietrznych USA, gdzie zajmowała się bezpieczeństwem informacji, włączając w to wykłady w Air Force Academy. Obecnie przyczynia się do sukcesu firmy Social-Engineer.