Windows Security Monitoring: Scenarios and Patterns

حفظ امنیت و دسترس پذیری همواره از مسائل شایع در نگه داری و پشتیبانی از سرورها، می باشند. در بسیاری از موارد اتصال سرور به شبکه قطع شده و یا حمله ای توسط مهاجم صورت می‌گیرد و مدیر سیستم به دلیل بالا بودن تعداد سرورهای موجود و یا عدم توانایی در توجه همزمان به تمامی فاکتورها، متوجه آنها نمی گردد. در این شرایط نیاز به یک سامانه خودکار و مرکزی که تمامی پارامترهای موجود را از تمامی سرورها جمع آوری کرده و گزارش های مربوطه را به صورت یکپارچه به مدیر سیستم ارائه کند و در صورت لزوم به حملات صورت گرفته پاسخ مناسبی دهد، احساس می شود. در نتیجه هم به میزان قابل توجهی در زمان صرفه جویی می شود، هم احتمال بروز خطا پایین می‌آید و از همه مهمتر پاسخ بسیاری از حملات به صورت آنی داده شده و بنابراین امنیت سیستم به طرز قابل توجهی افزایش میابد…

لينک دانلود کتاب Wiley – Windows Security Monitoring: Scenarios and Patterns

دانلود – حجم : 8 مگابايت

رمز فايل:

Andrei Miroshnikov
ISBN: 978-1-119-39064-0
Apr 2018
648 pages
E-Book $32.99

Go deep into Windows security tools to implement more robust protocols and processes

Windows Security Monitoring goes beyond Windows admin and security certification guides to provide in-depth information for security professionals. Written by a Microsoft security program manager, DEFCON organizer and CISSP, this book digs deep into the underused tools that help you keep Windows systems secure. Expert guidance brings you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful native tools, while scenario-based instruction provides clear illustration of how these events unfold in the real world. From security monitoring and event detection to incident response procedures and best practices, this book provides detailed information on all of the security tools your Windows system has to offer.

Windows includes many native tools that can help IT professionals and security experts spot and remedy suspicious activities on servers, networks, and end-user computers. If you’re like many Windows pros, you’re probably not taking full advantage of these features. This book takes you deep into Windows’ underutilized built-in security tools to help you beef up your monitoring, detection, and response processes.

  • Detect anomalous events and implement centralized alerting infrastructure
  • Dig into the native Windows tools that enable robust security measures
  • Understand the details of Powershell, Applocker, LogParser, and other tools
  • Adopt effective incident response processes for various common scenarios

Fully applicable to a range of Windows versions—back to Windows Vista and Windows Server 2008—this book is designed for real-world implementation. As the threats to your data grow more numerous by the day, it becomes ever more critical to use every security tool at your disposal. Windows Security Monitoring offers complete, expert guidance toward robust security with specialist-level use of powerful Windows tools.

About the Author
Andrei Miroshnikov is a former security program manager with Microsoft. He is an organizer and author for the DEFCON security conference “Forensics CTF” village and has been a speaker at Microsoft’s Bluehat security conference. In addition, Andrei is an author of the “Windows 10 and Windows Server 2016 Security Auditing and Monitoring Reference” and multiple internal Microsoft security training documents. Among his many professional qualifications, he has earned the (ISC)2 CISSP and Microsoft MCSE: Security certifications.

  • Design

آدرس ایمیل شما منتشر نخواهد شد.