چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

The NICE Cyber Security Framework : Cyber Security Intelligence and Analytics

Izzat Alsmadi

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

نویسنده
Izzat Alsmadi
سال انتشار
۲۰۲۳
فرمت
PDF
زبان
انگلیسی
حجم فایل
۲۲٫۸ مگابایت
شابک
9783031216503، 9783031216510، 3031216504، 3031216512

دربارهٔ کتاب

Preface Contents Chapter 1: Introduction NICE Framework: SP 800-181 Rev. 1 General Issues with NICE Framework – Date Published: November 2020 Chapter 2: Acquisition Management K0126: Knowledge of Secure Acquisitions (e.g., Relevant Contracting Officer’s Technical Representative [COTR] Duties, Secure Procurement, Supply Chain Risk Management) K0148: Knowledge of Import/Export Control Regulations and Responsible Agencies for the Purposes of Reducing Supply Chain Risk K0154: Knowledge of Supply Chain Risk Management Standards, Processes, and Practices BES Cyber Asset ISO/IEC 20243 and 27036 K0163: Knowledge of Critical Information Technology (IT) Procurement Requirements IT Procurement Methods K0164: Knowledge of Functionality, Quality, and Security Requirements and How These Will Apply to Specific Items of Supply (i.e., Elements and Processes) Functional Requirements Quality Requirements Security Requirements K0169: Knowledge of Information Technology (IT) Supply Chain Security and Risk Management Policies, Requirements, and Procedures Supply Chain Security Policies Supply Chain Security Requirements and Procedures Supply Chain Risk Management Policies K0257: Knowledge of Information Technology (IT) Acquisition/Procurement Requirements K0264: Knowledge of Program Protection Planning to Include Information Technology (IT) Supply Chain Security/Risk Management Policies, Anti-tampering Techniques, and Requirements Information Sensitivity (Alsmadi et al. 2018) K0266: Knowledge of How to Evaluate the Trustworthiness of the Supplier and/or Product K0270: Knowledge of the Acquisition/Procurement Life Cycle Process Defense Acquisition University K0523: Knowledge of Products and Nomenclature of Major Vendors (e.g., Security Suites – Trend Micro, Symantec, McAfee, Outpost, Panda, Kaspersky) and how Differences Affect Exploitation/Vulnerabilities S0086: Skill in Evaluating the Trustworthiness of the Supplier and/or Product A0009: Ability to Apply Supply Chain Risk Management Standards A0031: Ability to Conduct and Implement Market Research to Understand Government and Industry Capabilities and Appropriate Pricing A0039: Ability to Oversee the Development and Update of the Life Cycle Cost Estimate A0045: Ability to Evaluate/Ensure the Trustworthiness of the Supplier and/or Product A0056: Ability to Ensure Security Practices Are Followed Throughout the Acquisition Process A0056-2 A0064: Ability to Interpret and Translate Customer Requirements into Operational Capabilities References Chapter 3: Continuity Planning and Disaster Recovery K0210: Knowledge of Data Backup and Restoration Concepts Type of Storage Destinations External Hard Drives, Flash Drives, Etc. Network Attached Storage Systems Storage Area Networks Raid Remote or Online Storage Backup vs. Archive K0021: Knowledge of Data Backup, Types of Backups (e.g., Full, Incremental), and Recovery Concepts and Tools K0365: Knowledge of Basic Backup and Recovery Procedures Including Different Types of Backups (e.g., Full, Incremental) K0026: Knowledge of Disaster Recovery Continuity of Operations Plans Business Process and Impact Analysis (BPA/BIA) FCD and CGC S0032: Skill in Developing, Testing, and Implementing Network Infrastructure Contingency and Recovery Plans S0150: Skill in Implementing and Testing Network Infrastructure Contingency and Recovery Plans References Chapter 4: Cyber Defense Analysis and Support K0098: Knowledge of the Cyber Defense Service Provider Reporting Structure and Processes Within One’s Own Organization DoD CND-SP Directives K0107: Knowledge of and Experience in Insider Threat Investigations, Reporting, Investigative Tools, and Laws/Regulations Phishing Attacks Password Attacks Privilege Tampering/Escalation and Abuse Challenges in Insider Threat Investigations Methods to Counter and Mitigate Insider Threats Insiders’ Investigations: Laws and Regulations K0157: Knowledge of Cyber Defense Policies, Procedures, and Regulations K0190: Knowledge of Encryption Methodologies K0408: Knowledge of Cyber Actions (i.e., Cyber Defense, Information Gathering, Environment Preparation, Cyberattack) Principles, Capabilities, Limitations, and Effects S0063: Skill in Collecting Data from a Variety of Cyber Defense Resources S0096: Skill in Reading and Interpreting Signatures (e.g., Snort) S0124: Skill in Troubleshooting and Diagnosing Cyber Defense Infrastructure Anomalies and Work Through Resolution S0170: Skill in Configuring and Utilizing Computer Protection Components (e.g., Hardware Firewalls, Servers, and Routers, as Appropriate) References Chapter 5: Cyber Intelligence K0409: Knowledge of Cyber Intelligence/Information Collection Capabilities and Repositories Cyber Intelligence Levels Sources of Cyber Intelligence or Collection Capabilities The Intelligence Life Cycle or Activities Areas of Cyber Intelligence K0525: Knowledge of Required Intelligence Planning Products Associated with Cyber Operational Planning K0550: Knowledge of Target, Including Related Current Events, Communication Profile, Actors, and History (Language, Culture) and/or Frame of Reference K0553: Knowledge of Tasking Processes for Organic and Subordinate Collection Assets K0554: Knowledge of Tasking, Collection, Processing, Exploitation, and Dissemination K0562: Knowledge of the Capabilities and Limitations of New and Emerging Collection Capabilities, Accesses, and/or Processes K0568: Knowledge of the Definition of Collection Management and Collection Management Authority K0404: Knowledge of Current Collection Requirements K0571: Knowledge of the Feedback Cycle in Collection Processes K0578: Knowledge of the Intelligence Requirement Development and Request for Information Processes K0580: Knowledge of the Organization’s Established Format for Collection Plan K0595: Knowledge of the Relationships of Operational Objectives, Intelligence Requirements, and Intelligence Production Tasks Cyber Intelligence K0596: Knowledge of the Request for Information Process K0602: Knowledge of the Various Collection Disciplines and Capabilities K0458: Knowledge of Intelligence Disciplines References Chapter 6: Cyber Intelligence Analysis K0110: Knowledge of Common Adversary Tactics, Techniques, and Procedures in Assigned Area of Responsibility (i.e., Historical Country-Specific Tactics, Techniques, and Procedures; Emerging Capabilities) Cyber Kill Chain Models Cyber Threats’ Description Languages and Models MITRE ATT&CK Framework Behavioral-Based Threat Model K0115: Knowledge of Emerging Computer-Based Technology That Has Potential for Exploitation by Adversaries K0312: Knowledge of Intelligence Principles, Policies, and Procedures Including Legal Authorities and Restrictions Cybersecurity Intelligence Principles Cybersecurity Act 2015 FISMA Electronic Surveillance and FISA Intelligence Authorization Act The Cyber Intelligence Sharing and Protection Act Freedom of Information Act (FOIA) Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA) K0315: Knowledge of the Principal Methods, Procedures, and Techniques of Gathering Information and Producing, Reporting, and Sharing Information Existing Efforts in Cybersecurity Information Sharing K0352: Knowledge of All Forms of Intelligence Support Needs, Topics, and Focus Areas K0354: Knowledge of All Relevant Reporting and Dissemination Procedures K0355: Knowledge of All-Source Reporting and Dissemination Procedures The Intelligence and Information Sharing and Dissemination Capability (IISDC) Suspicious Activity Reporting (SAR) Process NSA/CSS Policy 5-5, “Reporting of Security Incidents and Criminal Violations: August 2010” Interagency Threat Assessment and Coordination Group (ITACG) Intelligence Guide for First Responders Unified Crime Reporting System Production and Dissemination of Serialized Intelligence Reports Derived from Signals Intelligence Intelligence Products Typically Available to First Responders (HSDL 2009) K0358: Knowledge of Analytical Standards and the Purpose of Intelligence Confidence Levels DNI ICD 203: Analytic Standards (www.dni.gov) How Right and How Often? (Lowenthal 2008, 2012) K0359: Knowledge of Approved Intelligence Dissemination Processes Common Forms/Format of Dissemination K0386: Knowledge of Collection Management Tools K0391: Knowledge of Collection Systems, Capabilities, and Processes Joint Collection Management Tools (JCMT) (globalsecurity.org) ECHELON UTT: Unified Targeting Tool NSA XKeyscore Program PRISM Program Upstream Cadence WebTAS K0387: Knowledge of Collection Planning Process and Collection Plan Internet-Based Collection Planning Process K0389: Knowledge of Collection Sources Including Conventional and Nonconventional Sources SIGAD DNR and DNI Collection Sources K0390: Knowledge of Collection Strategies Cross-Intelligence Collection Strategies Collection Coverage Plan Strategic Intelligence K0394: Knowledge of Common Reporting Databases and Tools K0401: Knowledge of Criteria for Evaluating Collection Products Accuracy and Timeliness K0441: Knowledge of How Collection Requirements and Information Needs Are Translated, Tracked, and Prioritized Across the Extended Enterprise Actionable Knowledge Autonomous Security Controls K0456: Knowledge of Intelligence Capabilities and Limitations Intelligence Capabilities Intelligence Limitations Predictive vs. Prescriptive Analytics K0457: Knowledge of Intelligence Confidence Levels K0459: Knowledge of Intelligence Employment Requirements (i.e., Logistical, Communications Support, Maneuverability, Legal Restrictions, Etc.) K0460: Knowledge of Intelligence Preparation of the Environment and Similar Processes K0461: Knowledge of Intelligence Production Processes K0462: Knowledge of Intelligence Reporting Principles, Policies, Procedures, and Vehicles, Including Report Formats, Report-Ability Criteria (Requirements and Priorities), Dissemination Practices, and Legal Authorities and Restrictions Examples of Intelligence Reporting Formats K0463: Knowledge of Intelligence Requirements’ Tasking Systems Standard Collection Asset Request Format (SCARF) National Human Intelligence Requirements’ Tasking Center (NHRTC) K0464: Knowledge of Intelligence Support to Planning, Execution, and Assessment K0484: Knowledge of Midpoint Collection (Process, Objectives, Organization, Targets, Etc.) K0492: Knowledge of Nontraditional Collection Methodologies K0514: Knowledge of Organizational Structures and Associated Intelligence Capabilities K0544: Knowledge of Target Intelligence Gathering and Operational Preparation Techniques and Life Cycles K0577: Knowledge of the Intelligence Frameworks, Processes, and Related Systems Open Indicators of Compromise (OpenIOC) Framework Collective Intelligence Framework (CIF) Open Threat Exchange (OTX) References Chapter 7: Cyber Operational Planning K0028: Knowledge of Organization’s Evaluation and Validation Requirements K0234: Knowledge of Full-Spectrum Cyber Capabilities CNA/D/E/O K0316: Knowledge of Business or Military Operation Plans, Concept Operation Plans, Orders, Policies, and Standing Rules of Engagement K0367: Knowledge of Basic Cyber Operation Activity Concepts (e.g., Foot Printing, Scanning and Enumeration, Penetration Testing, White/Blacklisting) K0400: Knowledge of Crisis Action Planning for Cyber Operations Define a Crisis K0413: Knowledge of Cyber Operation Objectives, Policies, and Legalities K0415: Knowledge of Cyber Operation Terminology/Lexicon K0436: Knowledge of Fundamental Cyber Operation Concepts, Terminology/Lexicon (i.e., Environment Preparation, Cyberattack, Cyber Defense), Principles, Capabilities, Limitations, and Effects Cyberspace Full-Spectrum Cyber Cyber Ranges and Information Technology Ranges Cyber Espionage Cyber Deterrence Cyber War and Cyber Warfare Cyber Persona Cyber Weapons Cyber Warriors Cyber Deception Cyber-Hacktivists Cyber Operations Limitations K0416: Knowledge of Cyber Operations K0424: Knowledge of Denial and Deception Techniques K0442: Knowledge of How Converged Technologies Impact Cyber Operations (e.g., Digital, Telephony, Wireless) Internet of Things (IoT) Cloud Computing Smartphones Online Social Networks K0465: Knowledge of Internal and External Partner Cyber Operations Capabilities and Tools K0494: Knowledge of Objectives, Situation, Operational Environment, and the Status and Disposition of Internal and External Partner Collection Capabilities Available to Support Planning K0495: Knowledge of Ongoing and Future Operations Stuxnet, Olympic Games, Nitro Zeus, and Flame Russia’s Hack of Ukraine’s Power Grid Russia Cyber Operations in Georgia Cyber Operations in Estonia Sony Hack in 2014 Democratic National Committee Hack in 2016 K0496: Knowledge of Operational Asset Constraints K0497: Knowledge of Operational Effectiveness Assessment K0498: Knowledge of Operational Planning Processes K0499: Knowledge of Operations Security K0503: Knowledge of Organization Formats of Resource and Asset Readiness Reporting and Its Operational Relevance and Intelligence Collection Impact K0519: Knowledge of Planning Timelines Adaptive, Crisis Action, and Time-Sensitive Planning K0572: Knowledge of the Functions and Capabilities of Internal Teams That Emulate Threat Activities to Benefit the Organization Bug Bounty Programs K0585: Knowledge of the Organizational Structure as It Pertains to Full-Spectrum Cyber Operations, Including the Functions, Responsibilities, and Interrelationships Among Distinct Internal Elements Team Employment Category Organizational Structure K0588: Knowledge of the Priority Information Requirements from Subordinate, Lateral, and Higher Levels of the Organization K0589: Knowledge of the Process Used to Assess the Performance and Impact of Operations K0593: Knowledge of the Range of Cyber Operations and Their Underlying Intelligence Support Needs, Topics, and Focus Areas K0594: Knowledge of the Relationships Between End States, Objectives, Effects, Lines of Operation, Etc. K0613: Knowledge of Who the Organization’s Operational Planners Are, How and Where They Can Be Contacted, and What Are Their Expectations S0030: Skill in Developing Operations-Based Testing Scenarios S0055: Skill in Using Knowledge Management Technologies S0061: Skill in Writing Test Plans Cybersecurity T&E Policy in DoDI 5000.02 S0082: Skill in Evaluating Test Plans for Applicability and Completeness S0104: Skill in Conducting Test Readiness Reviews References Chapter 8: Cyber Policy and Strategy Management K0065: Knowledge of Policy-Based and Risk-Adaptive Access Controls K0191: Knowledge of Signature Implementation Impact K0248: Knowledge of Strategic Theory and Practice K0288: Knowledge of Industry Standard Security Models Access Control Models ISO 27001 NIST SP 800-53 Authentication Protocols or Standards (OWASP 2017) Encryption Standards Symmetric Encryption Algorithms Asymmetric Encryption Algorithms Cloud Security Models (Kaur 2014) K0311: Knowledge of Industry Indicators Useful for Identifying Technology Trends Gartner Top 10 Strategic Technology Trends AI Foundation Intelligent Apps and Analytics Intelligent Things Digital Twin Cloud to the Edge Conversational Platforms Immersive Experience Blockchain Event Driven Continuous Adaptive Risk and Trust Deloitte Technical Trends K0335: Knowledge of Current and Emerging Cyber Technologies Ten Top Cybersecurity Companies K0412: Knowledge of Cyber Lexicon/Terminology K0435: Knowledge of Fundamental Cyber Concepts, Principles, Limitations, and Effects K0454: Knowledge of Information Needs K0504: Knowledge of Organization Issues, Objectives, and Operations in Cyber as Well as Regulations and Policy Directives Governing Cyber Operations Presidential Policy Directive 20 (PPD 20) National Security Presidential Directive 54 (NSPD 54) Comprehensive National Cybersecurity Initiative (CNCI) K0521: Knowledge of Priority Information, How It Is Derived, Where It Is Published, How to Access, Etc. K0526: Knowledge of Research Strategies and Knowledge Management K0535: Knowledge of Strategies and Tools for Target Research K0566: Knowledge of the Critical Information Requirements and How They’re Used in Planning S0018: Skill in Creating Policies That Reflect System Security Objectives S0145: Skill in Integrating and Applying Policies That Meet System Security Objectives Creating Policies in Operating Systems Creating Policies in Firewalls Creating Policies in Switches and Routers Creating Policies in DBMS Creating Policies in Web Servers S0146: Skill in Creating Policies That Enable Systems to Meet Performance Objectives (e.g., Traffic Routing, SLAs, CPU Specifications) Amazon Route 53 A0034: Ability to Develop, Update, and/or Maintain Standard Operating Procedures (SOPs) References Chapter 9: Cyber Threat Analysis K0426: Knowledge of Dynamic and Deliberate Targeting Deliberate Targets Dynamic Targets K0430: Knowledge of Evasion Strategies and Techniques IDS/IPS Evasion Sandbox Evasion Domain Generation Algorithms (DGAs) K0453: Knowledge of Indications and Warning Cyber Threat Indications and Warning K0469: Knowledge of Internal Tactics to Anticipate and/or Emulate Threat Capabilities and Actions Threat Emulation and Sandboxing MITRE Adversary Emulation Plans K0474: Knowledge of Key Cyber Threat Actors and their Equities Cybercriminals Cyber Activists Nation States K0533: Knowledge of Specific Target Identifiers and their Usage K0536: Knowledge of Structure, Approach, and Strategy of Exploitation Tools (e.g., Sniffers, Keyloggers) and Techniques (e.g., Gaining Backdoor Access, Collecting/Exfiltrating Data, Conducting Vulnerability Analysis of Other Systems in the Network) Exploitation Tools Traffic Sniffers Keyloggers Exploitation Techniques Software Exploitation Techniques Vulnerability Type Local or Remote Software Exploits Windows Exploitation Techniques Linux Exploitation Techniques Cisco OS Exploitation Techniques Apple iOS Exploitation Techniques Android Exploitation Techniques K0540: Knowledge of Target Communication Tools and Techniques Centralized Communication P2P Communication Covert or Anonymous Communication K0546: Knowledge of Target List Development (i.e., RTL, JTL, CTL, etc.) Cyber Target Template Cyber Target Development K0548: Knowledge of Target or Threat Cyber Actors and Procedures Cyber Attribution K0549: Knowledge of Target Vetting and Validation Procedures K0551: Knowledge of Targeting Cycles D3A Targeting Framework F3EAD Targeting Cycle Joint Targeting Cycles K0603: Knowledge of the Ways in which Targets or Threats Use the Internet Communication Malware Deployment Information Gathering or Intelligence K0612: Knowledge of What Constitutes a “Threat” to a Network Subjectivity Priority or Importance Evolution and Dynamics The Environment OWASP Top 10 S0022: Skill in Designing Countermeasures to Identified Security Risks S0044: Skill in Mimicking Threat Behaviors S0052: Skill in the Use of Social Engineering Techniques Social Engineering Techniques for Cyber Operations and Vulnerability Assessment S0109: Skill in Identifying Hidden Patterns or Relationships References Chapter 10: Cybersecurity Management K0147: Knowledge of Emerging Security Issues, Risks, and Vulnerabilities IoT Security Issues Cryptocurrency, Bitcoin, Blockchain, and Security Security in the Cloud Security in Online Social Networks Smartphones and Security K0173: Knowledge of Operations Security K0242: Knowledge of Organizational Security Policies K0502: Knowledge of Organization Decision Support Tools and/or Methods References Chapter 11: Forensics Analysis K0017: Knowledge of Concepts and Practices of Processing Digital Forensic Data Digital Forensic Process Image Acquisition K0118: Knowledge of Processes for Seizing and Preserving Digital Evidence (e.g., Chain of Custody) Probable Cause Documentation and Labeling Seizure of Memory or Any Volatile Data K0119: Knowledge of Hacking Methodologies in Windows or Unix/Linux Environment Windows Hacking Hacking Windows Registry and SAM Internet Explorer Windows Operating Systems .NET Framework Pandemic and Grasshopper Linux Hacking K0133: Knowledge of Types of Digital Forensic Data and how to Recognize them Disks Forensics Deleted Data Hidden Data Slack Spaces Memory Forensic Artifacts Operating System Logs Internet Forensic Data Email Clients and Servers K0134: Knowledge of Deployable Forensics NFSTC Deployable Forensics Deployable Configurations K0184: Knowledge of Anti-forensics Tactics, Techniques, and Procedures Anti-forensics’ Goals Anti-forensics’ Methods K0185: Knowledge of Common Forensic Tool Configuration and Support Applications (e.g., VMware, Wireshark) Network Forensics K0268: Knowledge of Forensics Footprint Identification Malware Footprinting K0433: Knowledge of Forensics Implications of Operating System Structure and Operations Alternate Data Stream: ADS Forensic Investigations in MAC Operating Systems K0449: Knowledge of how to Extract, Analyze, and Use Metadata Common Sources of Metadata Examples of Metadata Disk Acquisition Formats and Metadata K0573: Knowledge of the Fundamentals of Digital Forensics in Order to Extract Actionable Intelligence Actionable Forensic Intelligence S0047: Skill in Preserving Evidence Integrity According to Standard Operating Procedures or National Standards Follow Current Standards, Guidelines, and Laws Hashing Write Blockers Antistatic Bags Memory Dumps S0065: Skill in Identifying and Extracting Data of Forensic Interest in Diverse Media (i.e., Media Forensics) Disk Forensic Tools Disk Forensics Foremost and File Carving S0069: Skill in Setting up a Forensic Workstation S0071: Skill in Using Forensic Tool Suites (e.g., EnCase, Sleuthkit, FTK) A Sample Usage of Sleuthkit Autopsy Tool S0075: Skill in Conducting Forensic Analyses in Multiple Operating System Environments (e.g., Mobile Device Systems) Using Santoku: https://santoku-linux.com Forensics Analysis S0087: Skill in Deep Analysis of Captured Malicious Code (e.g., Malware Forensics) S0088: Skill in Using Binary Analysis Tools (e.g., Hexedit, Command Code xxd, Hexdump) S0120: Skill in Reviewing Logs to Identify Evidence of Past Intrusions S0175: Skill in Performing Root Cause Analysis A0010: Ability to Analyze Malware Demo the Usage of NSRL Public Hash Database A0043: Ability to Conduct Forensic Analyses in and for both Windows and Unix/Linux Environments References Chapter 12: Identity Management Identity Management Single Sign-on (SSO) Session Time-Out Kerberos Digital Certificates K0007: Knowledge of Authentication, Authorization, and Access Control Methods Access Controls in Operating and File Systems Access Controls in File Systems Access Controls in Database Management Systems Access Controls in Websites and Web Applications RBAC (Role-Based Access Control) OBAC (Object-Based Access Control) K0033: Knowledge of Host/Network Access Control Mechanisms (e.g., Access Control List) Access Control in Distributed and Operating Systems Access Controls in Firewalls Access Controls in Switches Access Controls in Routers Access Controls in IDS/IPS References Chapter 13: Incident Response K0041: Knowledge of Incident Categories, Incident Responses, and Timelines for Responses K0042: Knowledge of Incident Response and Handling Methodologies K0145: Knowledge of Security Event Correlation Tools Security Information and Event Management (SIEM) K0150: Knowledge of Enterprise Incident Response Program, Roles, and Responsibilities National Computer Security Incident Response Programs K0193: Knowledge of Advanced Data Remediation Security Features in Databases K0230: Knowledge of Cloud Service Models and Possible Limitations for an Incident Response K0317: Knowledge of Procedures Used for Documenting and Querying Reported Incidents, Problems, and Events Security Incident Reporting Procedures K0381: Knowledge of Collateral Damage and Estimating Impact(s) S0054: Skill in Using Incident Handling Methodologies S0080: Skill in Performing Damage Assessments S0098: Skill in Detecting Host- and Network-Based Intrusions Via Intrusion Detection Technologies S0173: Skill in Using Security Event Correlation Tools A0025: Ability to Accurately Define Incidents, Problems, and Events in the Trouble Ticketing System References Chapter 14: Collection Operations K0371: Knowledge of Intelligence Collection Development Processes (e.g., Dialed Number Recognition, Social Network Analysis) Social Media Bots K0557: Knowledge of Terminal or Environmental Collection (Process, Objectives, Organization, Targets, etc.) References Chapter 15: Computer Network Defense K0405: Knowledge of Current Computer-Based Intrusion Sets Related Definitions K0440: Knowledge of Host-Based Security Products and How Those Products Affect Exploitation and Reduce Vulnerability K0493: Knowledge of Obfuscation Techniques (e.g., TOR/Onion/Anonymizers, VPN/VPS, Encryption) K0507: Knowledge of Organization or Partner Exploitation of Digital Networks K0472: Knowledge of Intrusion Detection Systems and Signature Development References Chapter 16: Data Analysis K0356: Knowledge of Analytic Tools and Techniques for Language, Voice, and/or Graphic Material K0056: Knowledge of Network Access, Identity, and Access Management (e.g., Public) Key Infrastructure, Oauth, OpenID, SAML, SPML) Access Control Models ISO 27001 NIST SP 800–53 Authentication Protocols or Standards (OWASP 2017) K0229: Knowledge of Applications that Can Log Errors, Exceptions, and Application Faults and Logging Windows Registry Event Viewers Web Logs References Chapter 17: Threat Analysis K0177: Knowledge of Cyberattack Stages (e.g., Reconnaissance, Scanning, Enumeration, Gaining Access, Escalation of Privileges, Maintaining Access, Network Exploitation, Covering Tracks) K0362: Knowledge of Attack Methods and Techniques (DDoS, Brute Force, Spoofing, Etc.) K0479: Knowledge of Malware Analysis and Characteristics Chapter 18: Vulnerability Assessment K0005: Knowledge of Cyber Threats and Vulnerabilities K0006: Knowledge of Specific Operational Impacts of Cybersecurity Lapses K0392: Knowledge of Common Computer/Network Infections (Virus, Trojan, etc.) and Methods of Infection (Ports, Attachments, etc.) Ransomware Worms Types of Computer Worms Trojan Horses Types of Computer Trojan Horses (Goertzel 2009) Internet Bots K0402: Knowledge of Criticality and Vulnerability Factors (e.g., Value, Recuperation, Cushion, Countermeasures) for Target Selection and Applicability to the Cyber Domain References Index

قیمت نهایی

۴۴٬۰۰۰ تومان