Applied incident response (Record no. 1610)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 02156nam a2200217 4500 |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20250714145433.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 250714b2020|||||||| |||| 00| 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| ISBN | 9781119560289 |
| 041 ## - LANGUAGE CODE | |
| Language code of text/sound track or separate title | English |
| 082 ## - DEWEY DECIMAL CLASSIFICATION NUMBER | |
| Classification number | 658.4038 |
| 100 ## - MAIN ENTRY--AUTHOR NAME | |
| Personal name | Anson, Steve |
| Relator term | Author |
| 245 ## - TITLE STATEMENT | |
| Title | Applied incident response |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) | |
| Place of publication | New Jersey: |
| Name of publisher | Wiley Data and Cybersecurity, |
| Year of publication | 2020. |
| 300 ## - PHYSICAL DESCRIPTION | |
| Number of Pages | xxii, 439p. |
| 500 ## - GENERAL NOTE | |
| General note | Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:<br/><br/>Preparing your environment for effective incident response<br/>Leveraging MITRE ATT&CK and threat intelligence for active network defense<br/>Local and remote triage of systems using PowerShell, WMIC, and open-source tools<br/>Acquiring RAM and disk images locally and remotely<br/>Analyzing RAM with Volatility and Rekall<br/>Deep-dive forensic analysis of system drives using open-source or commercial tools<br/>Leveraging Security Onion and Elastic Stack for network security monitoring<br/>Techniques for log analysis and aggregating high-value logs<br/>Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox<br/>Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more<br/>Effective threat hunting techniques<br/>Adversary emulation with Atomic Red Team<br/>Improving preventive and detective controls |
| 650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical Term | Acquiring Memory and Disk Imaging |
| 650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical Term | Network Security Monitoring |
| 650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical Term | Malware Analysis and Disk Forensics |
| 856 ## - ELECTRONIC LOCATION AND ACCESS | |
| Uniform Resource Identifier | https://ieeexplore.ieee.org/servlet/opac?bknumber=9820823 |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) | |
| Koha item type | e-Books |
| Withdrawn status | Lost status | Damaged status | Not for loan | Permanent Location | Current Location | Shelving location | Full call number | Accession Number | Koha item type |
|---|---|---|---|---|---|---|---|---|---|
| Dr. S. R. Ranganathan Library | Dr. S. R. Ranganathan Library | Ebook (Online Access) | 658.4038 (Online Access) | EB0038 | e-Books |