LEADER 00428oas  2200169z- 450 
001 996336344103316
005 20170227165419.0
035   $a(CKB)2670000000015458
035   $a(EXLCZ)992670000000015458
100   $a20121018cuuuuuuuu  -u-            -
101 0 $aeng
200   $a50+ Digital [50+ Digital, LLC - BLOG]
210   $cNewstex
906   $aJOURNAL
912   $a996336344103316
996   $a50+ Digital$92415258
997   $aUNISA

LEADER 02651nam  2200433   450 
001 9910555168603321
005 20200304095930.0
010   $a1-119-56031-4
010   $a1-119-56030-6
010   $a1-119-56028-4
035   $a(CKB)4100000010103141
035   $a(MiAaPQ)EBC6017672
035   $a(CaSebORM)9781119560265
035   $a(PPN)272715190
035   $a(EXLCZ)994100000010103141
100   $a20200304d2020      uy             0
101 0 $aeng
135   $aurcnu||||||||
181   $ctxt$2rdacontent
182   $cc$2rdamedia
183   $acr$2rdacarrier
200 10$aApplied incident response /$fSteve Anson
205   $a1st edition
210  1$aIndianapolis, Indiana :$cWiley,$d[2020]
210  4$dİ2020
215   $a1 online resource (464 pages)
311   $a1-119-56026-8 
330   $aIncident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them.  As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: Preparing your environment for effective incident response Leveraging MITRE ATT&CK and threat intelligence for active network defense Local and remote triage of systems using PowerShell, WMIC, and open-source tools Acquiring RAM and disk images locally and remotely Analyzing RAM with Volatility and Rekall Deep-dive forensic analysis of system drives using open-source or commercial tools Leveraging Security Onion and Elastic Stack for network security monitoring Techniques for log analysis and aggregating high-value logs Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more Effective threat hunting techniques Adversary emulation with Atomic Red Team Improving preventive and detective controls
606   $aInformation technology$xManagement
615  0$aInformation technology$xManagement.
676   $a658.4038
700   $aAnson$b Steve$01163078
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
906   $aBOOK
912   $a9910555168603321
996   $aApplied incident response$92817088
997   $aUNINA