Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions

A must-have, hands-on guide for working in the cybersecurity profession

Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This essential book addresses cybersecurity strategies that include identity management, risk management, and incident management, and also serves as a detailed guide for anyone looking to enter the security profession. Doubling as the text for a cybersecurity course, it is also a useful reference for cybersecurity testing, IT test/development, and system/network administration.

Covers everything from basic network administration security skills through advanced command line scripting, tool customization, and log analysis skills

Dives deeper into such intense topics as wireshark/tcpdump filtering, Google hacks, Windows/Linux scripting, Metasploit command line, and tool customizations

Delves into network administration for Windows, Linux, and VMware

Examines penetration testing, cyber investigations, firewall configuration, and security tool customization

Shares techniques for cybersecurity testing, planning, and reporting

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions is a comprehensive and authoritative look at the critical topic of cybersecurity from start to finish.

Author

Thomas J. Mowbray, PhD, holds gold-level certification from the SANS Institute in network penetration and ethical hacking. Dr. Mowbray, who has earned a doctorate in computer science, has co-authored five other professional books, including Wiley’s bestseller Antipatterns: Refactoring Software, Architectures, and Projects in Crisis. After founding the Northrup Grumman Cyber Warfare Community of Practice, Dr. Mowbray joined the Certification and Accreditation Team (an elite cybersecurity test group) as their network administrator, security tools customizer, and hands-on penetration tester. At the time of writing, Dr. Mowbray is the Chief Enterprise Architect of The Ohio State University.

Table of Contents

Introduction xix

Part I Cyber Network Security Concepts 1

Chapter 1 Executive Summary 3

Chapter 2 The Problems: Cyber Antipatterns 15

Chapter 3 Enterprise Security Using the Zachman Framework 37

Part II Cyber Network Security Hands-On 59

Chapter 4 Network Administration for Security Professionals 61

Chapter 5 Customizing BackTrack and Security Tools 103

Chapter 6 Protocol Analysis and Network Programming 115

Chapter 7 Reconnaissance, Vulnerability Assessment, and Cyber Testing 139

Chapter 8 Penetration Testing 165

Chapter 9 Cyber Network Defense Using Advanced Log Analysis 189

Part III Cyber Network Application Domains 217

Chapter 10 Cybersecurity for End Users, Social Media, and Virtual Worlds 219

Chapter 11 Cybersecurity Essentials for Small Business 233

Chapter 12 Large Enterprise Cybersecurity: Data Centers and Clouds 241

Chapter 13 Healthcare Information Technology Security 269

Chapter 14 Cyber Warfare: An Architecture for Deterrence 277

Glossary 307

Bibliography 317

Index 323