Bezpieczeństwo sieci
Shinesa Cambric, Michael Ratemo
As more and more companies are moving to cloud and multi-cloud environments, being able to assess the compliance of these environments properly is becoming more important. But in this fast-moving domain, getting the most up-to-date information is a challenge—so where do you turn?Cloud Auditing Best Practices has all the information you’ll need. With an explanation of the fundamental concepts and hands-on walk-throughs of the three big cloud players, this book will get you up to speed with cloud auditing before you know it.After a quick introduction to cloud architecture and an understanding of the importance of performing cloud control assessments, you’ll quickly get to grips with navigating AWS, Azure, and GCP cloud environments. As you explore the vital role an IT auditor plays in any company’s network, you'll learn how to successfully build cloud IT auditing programs, including using standard tools such as Terraform, Azure Automation, AWS Policy Sentry, and many more.You’ll also get plenty of tips and tricks for preparing an effective and advanced audit and understanding how to monitor and assess cloud environments using standard tools.By the end of this book, you will be able to confidently apply and assess security controls for AWS, Azure, and GCP, allowing you to independently and effectively confirm compliance in the cloud.
Ganesh Ramakrishnan, Mansoor Haqanee
As organizations embrace cloud-centric environments, it becomes imperative for security professionals to master the skills of effective cloud investigation. Cloud Forensics Demystified addresses this pressing need, explaining how to use cloud-native tools and logs together with traditional digital forensic techniques for a thorough cloud investigation. The book begins by giving you an overview of cloud services, followed by a detailed exploration of the tools and techniques used to investigate popular cloud platforms such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). Progressing through the chapters, you’ll learn how to investigate Microsoft 365, Google Workspace, and containerized environments such as Kubernetes. Throughout, the chapters emphasize the significance of the cloud, explaining which tools and logs need to be enabled for investigative purposes and demonstrating how to integrate them with traditional digital forensic tools and techniques to respond to cloud security incidents. By the end of this book, you’ll be well-equipped to handle security breaches in cloud-based environments and have a comprehensive understanding of the essential cloud-based logs vital to your investigations. This knowledge will enable you to swiftly acquire and scrutinize artifacts of interest in cloud security incidents.
Cloud Penetration Testing. Learn how to effectively pentest AWS, Azure, and GCP applications
Kim Crawley
With AWS, Azure, and GCP gaining prominence, understanding their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you’ll explore the intricacies of cloud security testing and gain valuable insights into how pentesters evaluate cloud environments effectively.In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set.By the end of this cloud security book, you’ll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments.
Cloud Security Automation. Get to grips with automating your cloud security on AWS and OpenStack
Prashant Priyam
Security issues are still a major concern forall IT organizations. For many enterprises,the move to cloud computing has raisedconcerns for security, but when applicationsare architected with focus on security,cloud platforms can be made just as secureas on-premises platforms. Cloud instancescan be kept secure by employing securityautomation that helps make your data meetyour organization's security policy.This book starts with the basics of whycloud security is important and howautomation can be the most effective wayof controlling cloud security. You willthen delve deeper into the AWS cloudenvironment and its security servicesby dealing with security functions suchas Identity and Access Managementand will also learn how these servicescan be automated. Moving forward,you will come across aspects suchas cloud storage and data security, automatingcloud deployments, and so on. Then,you'll work with OpenStack security modulesand learn how private cloud securityfunctions can be automated for bettertime- and cost-effectiveness. Toward the endof the book, you will gain an understandingof the security compliance requirementsfor your Cloud.By the end of this book, you will havehands-on experience of automating yourcloud security and governance.
Eyal Estrin
Securing cloud resources is no easy task—each provider has its unique set of tools, processes, and challenges, demanding specialized expertise. This book cuts through the complexity, delivering practical guidance on embedding security best practices across the core infrastructure components of AWS, Azure, and GCP. It equips information security professionals and cloud engineers with the skills to identify risks and implement robust security controls throughout the design, deployment, and maintenance of public cloud environments.Starting with the shared responsibility model, cloud service models, and deployment models, this book helps you get to grips with fundamental concepts such as compute, storage, networking, identity management, and encryption. You’ll then explore common threats and compliance requirements for cloud environments. As you progress, you'll implement security strategies across deployments ranging from small-scale environments to enterprise-grade production systems, including hybrid and multi-cloud setups.This edition expands on emerging topics like GenAI service security and DevSecOps, with hands-on examples leveraging built-in security features of AWS, Azure, and GCP.By the end of this book, you'll confidently secure any cloud environment with a comprehensive understanding of cloud security principles.
Nearchos Nearchou
In today’s world, the crime-prevention landscape is impossible to navigate. The dark web means new frontiers of combat against bad actors that pop up daily. Everyone from narcotics dealers to human traffickers are exploiting the dark web to evade authorities. If you want to find your feet in this tricky terrain and fight crime on the dark web, take this comprehensive, easy-to-follow cyber security guide with you.Combating Crime on the Dark Web contains everything you need to be aware of when tackling the world of the dark web. Step by step, you’ll gain acumen in the tactics that cybercriminals are adopting and be equipped with the arsenal of strategies that are available to you as a cybersecurity specialist.This cyber security book ensures that you are well acquainted with all the latest techniques to combat dark web criminality. After a primer on cybercrime and the history of the dark web, you’ll dive right into the main domains of the dark web ecosystem, reaching a working understanding of how drug markets, child pornography, and human trafficking operate. Once well-versed with the functioning of criminal groups, you’ll be briefed on the most effective tools and methods being employed by law enforcement, tech companies, and others to combat such crimes, developing both a toolkit and a mindset that can help you stay safe from such criminal activities and can be applied in any sector or domain. By the end of this book, you’ll be well prepared to begin your pushback against the criminal elements of the dark web.
Glen D. Singh
This book helps you to easily understand core networking concepts without the need of prior industry experience or knowledge within this fi eld of study. This updated second edition of the CompTIA Network+ N10-008 Certification Guide begins by introducing you to the core fundamentals of networking technologies and concepts, before progressing to intermediate and advanced topics using a student-centric approach.You’ll explore best practices for designing and implementing a resilient and scalable network infrastructure to support modern applications and services. Additionally, you’ll learn network security concepts and technologies to effectively secure organizations from cyber attacks and threats. The book also shows you how to efficiently discover and resolve networking issues using common troubleshooting techniques.By the end of this book, you’ll have gained sufficient knowledge to efficiently design, implement, and maintain a network infrastructure as a successful network professional within the industry. You’ll also have gained knowledge of all the official CompTIA Network+ N10-008 exam objectives, networking technologies, and how to apply your skills in the real world.
Ian Neil
CompTIA Security+ is a worldwide certification that establishes the fundamental knowledge required to perform core security functions and pursue an IT security career. CompTIA Security+ Certification Guide is a best-in-class exam study guide that covers all of CompTIA Security+ 501 exam objectives. It is authored by Ian Neil, who is a world-class trainer of CompTIA Security+ 501. Packed with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to succeed in the exam the first time you take it. Using relevant examples, you will learn all the important security fundamentals from Certificates and Encryption to Identity and Access Management concepts. You will then dive into the important domains of the exam; namely, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and Public Key Infrastructure (PKI). This book comes with over 600 practice questions with detailed explanation that is at the exam level and also includes two mock exams to help you with your study plan. This guide will ensure that encryption and certificates are made easy for you.