360° Vulnerability Assessment with Nessus and Wireshark: Identify, evaluate, treat, and report threats and vulnerabilities across your network
- Length: 238 pages
- Edition: 1
- Language: English
- Publisher: BPB Publications
- Publication Date: 2023-02-23
- ISBN-10: 9355513380
- ISBN-13: 9789355513380
- Sales Rank: #1222720 (See Top 100 Books)
A practical guide that will help you map, shield, and harden your network perimeter using Nessus and Wireshark
Key Features
- Minimize your organization’s exposure to cybersecurity threats with Vulnerability management.
- Learn how to locate vulnerabilities using Nessus and Wireshark.
- Explore and work with different network analysis and mapping tools.
Description
Today, the world depends on services that run on the IT environments. These services, essentials for the modern world functioning constantly suffer attacks and invasions. This kind of preoccupation is true and must be a top priority for an IT security professional.
This book will help you explore different techniques to locate, understand, and fix vulnerabilities that may exist in an IT infrastructure environment. The book starts by sharing the findings of professionals who are looking to create a secure IT environment. It then focuses on the building blocks of vulnerability assessment, tools, and frameworks that will help you find and map IT vulnerabilities. Moving on, the book deep dives into Network segregation and separation. It then shows you how to secure and harden your web servers using Apache and Nginx. Lastly, the book explains how to apply important hardening techniques to avoid operating system threats.
By the end of the book, you will learn how to improve the overall security through Vulnerability Management.
What you will learn
- Use the SNMP protocol to monitor and configure devices on the network.
- Learn how to harden and secure your web servers.
- Get tips to improve your OS hardening.
- Explore ways to secure your wireless & IoT devices.
- Understand important considerations when developing an information security policy.
Who this book is for
This book is for Pentesters, Security analysts, Network administrators and also for any IT professionals who seek knowledge in security.
Cover Page Title Page Copyright Page Dedication Page About the Author and Co-Author Acknowledgements Preface Errata Table of Contents 1. Fundamentals of 360° Vulnerability Assessment Introduction Structure Objectives The importance of a security environment The power of tools The Penetration Test Execution Standard Pre-engagement interactions Intelligence gathering Threat modeling Identification of vulnerabilities Exploration Post-exploration Reports Report structure Conclusion Points to remember Multiple choice questions Answers 2. IT Security Frameworks and Vulnerability Assessment Introduction Structure Objectives Information security Information security frameworks Information Technology Security Frameworks ISO/IEC 27001 NIST CSF Core Tiers Profile CIS Nessus and IT Security Frameworks Conclusion Points to remember Multiple choice questions Answers 3. Recognizing Services and Network Infrastructure Introduction Structure Objectives The network discovery process Network mapper tool Nmap scripting engine Scripting engine classification Using Nmap scripting engine Wireshark and tcpdump Tcpdump Wireshark Wireshark and tcpdump working together in network discovery Nessus, a powerful ally Understanding network key elements by security analysis optic Conclusion Points to remember 4. Segregating Services and Applications Introduction Structure Objectives Virtual local area network—802.1Q Combining firewall rules with VLAN usage Preparing the environment Understanding the iptables characteristics Implementing iptables Proxy Web filter Intrusion detection and prevention system (IDPS) Conclusion Points to remember MCQ Answers 5. Good Practices About Network Information Introduction Structure Objectives Simple Network Management Protocol (SNMP) Using SNMP for monitoring an IT environment Using SNMP for the management of an IT environment SNMP and traps Detecting sensible SNMP information with Nessus and Wireshark Adopting security measures with SNMP Conclusion Points to remember Questions 6. The AAA Importance in Security Introduction Structure Objective The importance of AAA NAC and AAA relationship 802.1X, the network standard Using and implementing a AAA network with Freeradius Auditing on Freeradius Nessus and Wireshark looking for Freeradius Conclusion Points to remember Multiple Choice Questions Answers 7. Hardening Web Application Services Introduction Structure Objectives Apache and Nginx Single sign-on techniques Hardening techniques avoiding DDoS crash Hardening techniques chroot Conclusion Points to remember Questions 8. Performing Hardening in Operational Systems Introduction Structure Objectives Detecting Operational Systems on a network Scripting engine classification Using Nmap Scripting Engine Wireshark detecting Operational Systems Main hardening techniques Mandatory Access Control (MAC) and Discretionary Access Control (DAC) Conclusion Points to remember Questions 9. Wireless and IoT Security Treatment Introduction Structure Objectives Important wireless concepts Wireless security characteristics Main wireless vulnerabilities Wireless intrusion detection and prevention system (WIDS/WIPS) Internet of Things (IoT) networks Bluetooth Zigbee Radio frequency identification (RFID) Segregation example Conclusion Points to remember Questions 10. Security Policy in IT Environment Introduction Structure Objectives ISO 27000 family concepts Development and implementation of a SIP Information classification and responsibilities Social engineering and IT policies Physical and logical access control Conclusion Points to remember Questions Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.