ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب Cyberjutsu: Cybersecurity for the Modern Ninja

دانلود کتاب Cyberjutsu: امنیت سایبری برای نینجا مدرن

Cyberjutsu: Cybersecurity for the Modern Ninja

مشخصات کتاب

Cyberjutsu: Cybersecurity for the Modern Ninja

ویرایش:  
نویسندگان:   
سری:  
ISBN (شابک) : 1718500548, 9781718500549 
ناشر: No Starch Press 
سال نشر: 2021 
تعداد صفحات: 264
[248] 
زبان: English 
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 5 Mb

قیمت کتاب (تومان) : 42,000



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 8


در صورت تبدیل فایل کتاب Cyberjutsu: Cybersecurity for the Modern Ninja به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب Cyberjutsu: امنیت سایبری برای نینجا مدرن نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی در مورد کتاب Cyberjutsu: امنیت سایبری برای نینجا مدرن

این کتاب مانند هنر جنگ برای تجارت مدرن سان تزو از طومارهای نینجا باستانی به عنوان پایه ای برای آموزش خوانندگان در مورد جنگ سایبری، جاسوسی و امنیت استفاده می کند. Cyberjutsu راهنمای عملی میدانی امنیت سایبری بر اساس تکنیک‌ها، تاکتیک‌ها و رویه‌ها (TTP) نینجاهای باستانی ارائه می‌کند. نویسنده، بن مک کارتی، متخصص جنگ سایبری و توسعه‌دهنده سابق NSA، طومارهای ژاپنی را که زمانی مخفی بودند، تجزیه و تحلیل می‌کند و شباهت‌هایی با مفاهیم مدرن infosec ترسیم می‌کند تا بینش منحصر به فردی در مورد امنیت دفاعی و تهاجمی ارائه دهد. او روش‌های آموزشی بدنام‌ترین ماموران مخفی ژاپن - اولین تهدید دائمی پیشرفته تاریخ (APT) - را به شیوه‌های بسیار مؤثر برای مقابله با جنگ اطلاعاتی، جاسوسی، حملات زنجیره تامین، سوء استفاده‌های روز صفر و موارد دیگر ترجمه می‌کند. هر فصل یک TTP را با جزئیات بررسی می‌کند - مانند ارزیابی شکاف‌ها در دفاع هدف، ضربه زدن به نقاطی که دشمن سهل‌انگیز است، و تسلط بر هنر نامرئی - و توضیح می‌دهد که این مفهوم می‌تواند در مورد چشم‌انداز امنیت سایبری کنونی به ما بیاموزد. مک کارتی کاهش عمیق و کنترل‌های امنیتی را توصیه می‌کند که بر اساس استاندارد NIST 800-53 ترسیم شده‌اند و یک «تمرین فکری نظریه قلعه» را توصیه می‌کند که به شما کمک می‌کند از درس باستانی برای محافظت از قلعه (شبکه) خود در برابر نینجاهای دشمن (بازیگران تهدید سایبری) استفاده کنید. شما اثربخشی استراتژی های مهندسی اجتماعی باستانی و کنترل های امنیتی مبتنی بر تله را کشف خواهید کرد. ببینید چرا نقشه برداری از شبکه شما مانند یک دشمن این مزیت را به شما می دهد. و از ابزارهای دنیای قدیم مانند "نردبان نینجا" برای جلوگیری از حملات استفاده کنید. موضوعات نیز شامل:   مدل‌سازی تهدید، اطلاعات تهدید، و کنترل‌های هدفمند   اقدامات متقابلی مانند حسگرهای شبکه، کنترل‌های مبتنی بر زمان، فاصله‌های هوایی، و پروتکل‌های احراز هویت بهبودیافته   نمایه تهدیدات داخلی، و راه‌های تشخیص آنها در کارمندان   TTPهای ارتباطی مخفی و پیامدهای آنها برای فرمان و کنترل بدافزار (C2)   روش‌هایی برای شناسایی مهاجمان، جلوگیری از حملات زنجیره تامین، و دفاع در برابر سوء استفاده‌های روز صفر در این کتاب، قدرت شگفت‌انگیز فرآیندهای جمع‌آوری اطلاعات نینجا را خواهید دید – و اینکه چگونه استفاده از آنها ممکن است کلید نوآوری مدل‌های امنیت سایبری معاصر باشد.


توضیحاتی درمورد کتاب به خارجی

Like Sun Tzu's Art of War for Modern Business, this book uses ancient ninja scrolls as the foundation for teaching readers about cyber-warfare, espionage and security. Cyberjutsu presents a practical cybersecurity field guide based on the techniques, tactics, and procedures (TTPs) of the ancient ninja. Author Ben McCarty, a cyber warfare specialist and former NSA developer, analyzes once-secret Japanese scrolls, drawing parallels to modern infosec concepts to provide unique insights on defensive and offensive security. He translates the training methodologies of Japan’s most notorious covert agents—history’s first advanced persistent threat (APT)—into highly effective practices for countering information warfare, espionage, supply-chain attacks, zero-day exploits, and more.   Each chapter examines one TTP in detail—like assessing gaps in a target’s defense, striking where the enemy is negligent, and mastering the art of invisibility—and explains what the concept can teach us about the current cybersecurity landscape. McCarty recommends in-depth mitigations and security controls, mapped to the NIST 800-53 standard, and a “Castle Theory Thought Exercise” that helps you apply the ancient lesson to protect your castle (network) from enemy ninja (cyber threat actors). You’ll discover the effectiveness of ancient social engineering strategies and trap-based security controls; see why mapping your network like an adversary gives you the advantage; and apply lessons from old-world tools, like the “ninja ladder,” to prevent attacks.   Topics also include:     Threat modeling, threat intelligence, and targeted controls     Countermeasures like network sensors, time-based controls, airgaps, and improved authentication protocols     Profiles of insider threats, and ways to recognize them in employees     Covert communication TTPs and their implications for malware command and control (C2)     Methods for detecting attackers, preventing supply-chain attacks, and defending against zero-day exploits   In this book, you’ll see the astonishing power of ninja information-gathering processes—and how adopting them just might be the key to innovating contemporary cybersecurity models.  



فهرست مطالب

About the Author
Brief Contents
Contents in Detail
Foreword
Acknowledgments
Introduction
	About This Book
		A Note on the Castle Theory Thought Exercises
			For Future Use
		A Ninja Primer
			The Historical Ninja
			The Ninja Scrolls
			Ninja Philosophy
			Ninja Techniques
1: Mapping Networks
	With these maps, the general can consider how to defend and attack a castle.
		Understanding Network Maps
		Collecting Intelligence Undetected
		Creating Your Map
		Recommended Security Controls and Mitigations
		Debrief
2: Guarding with Special Care
	Even castles with strong fortifications should be guarded, paying particular attention to the recessed corners.
		Understanding Attack Vectors
		The Concept of Guarding
		Guarding Within a Cybersecurity Framework
		Threat Modeling
		Using Threat Modeling to Find Potential Attack Vectors
		Recommended Security Controls and Mitigations
		Debrief
3: Xenophobic Security
	If you accept strangers without much thought, the enemy shinobi may come in disguised as a stranger and seek information from the inside.
		Understanding Anti-Privilege
		The Problem with Interoperability and Universal Standards
		Developing Unique Characteristics for Your Environment
		Recommended Security Controls and Mitigations
		Debrief
4: Identification Challenge
	Though there are ancient ways for identifying marks, passwords, and certificates, unless you invent new ones and rotate them, the enemy will manage to infiltrate by having similar fake ones.
		Understanding Authentication
		Developing Matched-Pair Authenticators
		Recommended Security Controls and Mitigations
		Debrief
5: Double-Sealed Password
	Sometimes, a set of signs such as pinching the nose or holding the ear should be used with these passwords.
		A Concealed 2-Step Authentication
		Developing Double-Sealed Passwords
		Recommended Security Controls and Mitigations
		Debrief
6: Hours of Infiltration
	After waiting until the hour of Ox, the ninja realized that the guard had fallen asleep; everything was dead quiet, and the fire was out leaving all in darkness.
		Understanding Time and Opportunities
		Developing Time-Based Security Controls and Anomaly Detectors
		Recommended Security Controls and Mitigations
		Debrief
7: Access to Time
	You should start your attack with no delay and not prematurely but perfectly on time.
		The Importance of Time
		Keeping Time Confidential
			Determine Your Baseline
			Assess Technical Capability
			Establish Policy
		Recommended Security Controls and Mitigations
		Debrief
8: Tools
	Remember, if you use a ninja tool, be sure to use it when the wind is whistling so as to hide any sound and always retrieve it.
		Living Off the Land
		Securing Tools
		Recommended Security Controls and Mitigations
		Debrief
9: Sensors
	Whether day or night, scouts for a far-distance observation should be sent out.
		Identifying and Detecting Threats with Sensors
		Better Sensors
		Recommended Security Controls and Mitigations
		Debrief
10: Bridges and Ladders
	There will be no wall or moat that you cannot pass, no matter how high or steep it is, particularly if you use a ninja ladder.
		Network Boundary Bridging
		Countering Bridges
		Recommended Security Controls and Mitigations
		Debrief
11: Locks
	There is no padlock that you cannot open. However, this all depends on how skilled you are; therefore, you should always get hands-on practice.
		Physical Security
		Improving Locks
		Recommended Security Controls and Mitigations
		Debrief
12: Moon on the Water
	After making an agreement with your lord, you should lure the enemy out with bait to infiltrate their defenses.
		Social Engineering
		Defenses Against Social Engineering
		Recommended Security Controls and Mitigations
		Debrief
13: Worm Agent
	Make a minomushi, or worm agent (aka insider threat), out of an enemy.
		Insider Threats
		A New Approach to Insider Threats
		Recommended Security Controls and Mitigations
		Debrief
14: Ghost on the Moon
	According to Japanese legend, if you knew how to seek the ghost who tends trees on the moon, he could invite you to the moon to eat the leaves of his tree, making you invisible.
		Implants
		Protections from Implants
		Recommended Security Controls and Mitigations
		Debrief
15: The Art of the Fireflies
	The art of fireflies should be performed only after you know everything about the enemy in great detail so that you can construct your deception in accordance with the target’s mindset.
		Attribution
		Approaches to Handling Attribution
		Recommended Security Controls and Mitigations
		Debrief
16: Live Capture
	Use good judgment to determine whether the target is actually inattentive or whether they are employing a ruse to lure ninjas and capture them.
		Live Analysis
		Confronting Live Threats
		Recommended Security Controls and Mitigations
		Debrief
17: Fire Attack
	First, it is easy to set fires; second, it is not easy for the enemy to put out the fire; and third, if your allies are coming to attack the castle at the same time, the enemy will lose any advantage as the fortifications will be understaffed.
		Destructive Cyber Attacks
		Safeguards from (Cyber) Fire Attacks
		Recommended Security Controls and Mitigations
		Debrief
18: Covert Communication
	When a shinobi is going to communicate with the general after he has gotten into the enemy’s castle, the shinobi needs to let his allies know where he is. It is essential to arrange for the time and place to do this.
		Command and Control Communication
		Controlling Coms
		Recommended Security Controls and Mitigations
		Debrief
19: Call Signs
	When you steal in, the first thing you should do is mark the route, showing allies the exit and how to escape.
		Operator Tradecraft
		Detecting the Presence of Call Signs
		Recommended Security Controls and Mitigations
		Debrief
20: Light, Noise, and Litter Discipline
	The traditions of the ancient shinobi say you should lock the doors before you have a look at the enemy with fire.
		Cyber Light, Noise, and Litter
		Detection Discipline
		Recommended Security Controls and Mitigations
		Debrief
21: Circumstances of Infiltration
	You should infiltrate at the exact moment that the enemy moves and not try when they do not move—this is a way of principled people.
		Adversarial Opportunity
		Adversarial Adversity
		Recommended Security Controls and Mitigations
		Debrief
22: Zero-Days
	A secret will work if it is kept; you will lose if words are given away.
		Zero-Day
		Zero-Day Defense
		Recommended Security Controls and Mitigations
		Debrief
23: Hiring Shinobi
	In order to defend against enemy plans or shinobi, or should an emergency arise, you may think it more desirable to have a large number of people. However, you should not hire more people into your army without careful consideration.
		Cybersecurity Talent
		Talent Management
		Recommended Security Controls and Mitigations
		Debrief
24: Guardhouse Behavior
	Do not let your guard down, even if you are not confronting the enemy.
		Security Operations Center Issues and Expectations
		Influencing Behavior
		Recommended Security Controls and Mitigations
		Debrief
25: Zero-Trust Threat Management
	If you enter a room from the rear and if there is someone in the room who is not asleep, then they will not suspect you as an intruder. It is because those who come from the rear are not considered possible thieves or assailants.
		Threat Opportunity
		Blocking the Suspicious
		Recommended Security Controls and Mitigations
		Debrief
26: Shinobi Tradecraft
	Secret techniques to infiltrate without fail are deceptive, and they are varied and flexible and are done according to opportunity. Thus, as a basis, you should embrace the old ways of the shinobi who served under ancient great generals, but remember not
		Techniques, Tactics, and Procedures
			Pyramid of Pain
			ATT&CK Framework
			Threat Intelligence
		Cyber Threat Intelligence
		Recommended Security Controls and Mitigations
		Debrief
Notes
Index




نظرات کاربران

تمامی حقوق معنوی و مادی وبسایت متعلق به اینترنشنال لایبرری می باشد
نماد اعتماد الکترونیکی