ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

دانلود کتاب مبارزه با فیشینگ: هر کاری که می توانید برای مبارزه با مهندسی اجتماعی و فیشینگ انجام دهید

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

مشخصات کتاب

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

ویرایش: 1 
نویسندگان:   
سری:  
ISBN (شابک) : 1394249209, 9781394249213 
ناشر: Wiley 
سال نشر: 2024 
تعداد صفحات: 450 
زبان: English 
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 14 مگابایت

قیمت کتاب (تومان) : 89,000



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 3


در صورت تبدیل فایل کتاب Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب مبارزه با فیشینگ: هر کاری که می توانید برای مبارزه با مهندسی اجتماعی و فیشینگ انجام دهید نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی درمورد کتاب به خارجی



فهرست مطالب

Cover
Title Page
Copyright Page
Contents
Introduction
	Who This Book Is For
	What Is Covered in This Book
	How to Contact Wiley or the Author
Part I Introduction to Social Engineering Security
	Chapter 1 Introduction to Social Engineering and Phishing
		What Are Social Engineering and Phishing?
		How Prevalent Are Social Engineering and Phishing?
			Social Engineering Statistics
		The Solution
		Summary
	Chapter 2 Phishing Terminology and Examples
		Social Engineering
		Phish
		Well-Known Brands
		Top Phishing Subjects
		Stressor Statements
		Malicious Downloads
		Malware
		Bots
		Downloader
		Account Takeover
		Spam
		Spear Phishing
		Whaling
		Page Hijacking
		SEO Pharming
		Calendar Phishing
		Social Media Phishing
		Romance Scams
		Vishing
		Pretexting
		Open-Source Intelligence
		Callback Phishing
		Smishing
		Business Email Compromise
		Sextortion
		Browser Attacks
		Baiting
		QR Phishing
		Phishing Tools and Kits
		Summary
	Chapter 3 3x3 Cybersecurity Control Pillars
		The Challenge of Cybersecurity
		Compliance
		Risk Management
			Assessing Risk Probability
		Defense-In-Depth
		3x3 Cybersecurity Control Pillars
		Summary
Part II Policies
	Chapter 4 Acceptable Use and General Cybersecurity Policies
		Acceptable Use Policy (AUP)
		General Cybersecurity Policy
			Recommended Best Security Practices
		Summary
	Chapter 5 Anti-Phishing Policies
		The Importance of Anti-Phishing Policies
		What to Include
			Introduction
			Definitions
			Training
			Recognizing Common Signs of Social Engineering
			Reporting
			What to Do in the Event of Successful Phishing
			Incident Response
			Anti-BEC policies
			Employee Monitoring
		Summary
	Chapter 6 Creating a Corporate SAT Policy
		Getting Started with Your SAT Policy
		Necessary SAT Policy Components
			Policy Header Information
			Goal
			Control Mapping
			Get Senior Management Approval and Sponsorship
			Determine Where the SAT Program Originates
			Scope
			Definitions
			Use Mostly Internal or External SAT Resources
			Training Specifics
			Simulated Phishing Campaigns
			Platform Types
			Content Types
			Will You Have a Champions Program?
			Expected Participant Behavior
			Rewards and Consequences
			Incident Response
			Which Metrics to Use
			SAT Policy Component Conclusion
		Example of Security Awareness Training Corporate Policy
		Acme Security Awareness Training Policy: Version 2.1
			Scope
			Policy Goal
			Control Mapping
			Definitions
			Security Awareness Training Program Summary
			Simulated Phishing Campaigns
			Participant Requirements
			Acme Champion Program
			Rewards and Consequences
			Incident Response
			Reporting Metrics
		Summary
Part III Technical Defenses
	Chapter 7 DMARC, SPF, and DKIM
		The Core Concepts
		A US and Global Standard
		Email Addresses
			Friendly From Name
			5322.From Name
			5321.MailFrom Email Address
			HELO Email Domain
		Sender Policy Framework (SPF)
		Domain Keys Identified Mail (DKIM)
		Domain-based Message Authentication, Reporting, and Conformance (DMARC)
			DMARC Failed Email Treatment
			DMARC Reporting
		Configuring DMARC, SPF, and DKIM
		Putting It All Together
		DMARC Configuration Checking
		How to Verify DMARC Checks
		How to Use DMARC
		What DMARC Doesn’t Do
		Other DMARC Resources
		Summary
	Chapter 8 Network and Server Defenses
		Defining Network
		Network Isolation
		Network-Level Phishing Attacks
		Network- and Server-Level Defenses
			Firewall
			Use Phishing-Resistant MFA
			HTTPS
			Content-Filtering
			Anti-Phishing Filters
			Anti-Malware
			Email Gateways
			Email Servers/Service
			Email Search and Destroy
			Block Potentially Malicious File Attachments
			Detonation Sandboxes
			Anti-Domain Spoofing
			Blocklists
			Greylists
			Reputation Services
			DNS Lookups
			Network Flow
			Country-Blocks
			Picture Badges
		Summary
	Chapter 9 Endpoint Defenses
		Focusing on Endpoints
		Anti-Spam and Anti-Phishing Filters
		Anti-Malware
		Patch Management
		Browser Settings
			Browser-Within-a-Browser
			Full-Screen Mode
		Browser Notifications
		Email Client Settings
		Firewalls
		Phishing-Resistant MFA
		Password Managers
		VPNs
		Prevent Unauthorized External Domain Collaboration
		DMARC
		End Users Should Not Be Logged on as Admin
		Change and Configuration Management
		Mobile Device Management
		Summary
	Chapter 10 Advanced Defenses
		AI-Based Content Filters
		Single-Sign-Ons
		Application Control Programs
		Red/Green Defenses
		Email Server Checks
		Proactive Doppelganger Searches
		Honeypots and Canaries
		Highlight New Email Addresses
		Fighting USB Attacks
		Phone-Based Testing
		Physical Penetration Testing
		Summary
Part IV Creating a Great Security Awareness Program
	Chapter 11 Security Awareness Training Overview
		What Is Security Awareness Training?
		Goals of SAT
		Senior Management Sponsorship
		Absolutely Use Simulated Phishing Tests
		Different Types of Training
			Videos
			Make Sure Content Is Up-to-Date
			Posters and Newsletters
			Games
			Quizzes
			Mobile Apps
			Immediate Lessons upon Failure
			Educate about the Signs of Social Engineering
			Teach How to Recognize Rogue URLs
			USB Key Attacks
			Voice-Based Social Engineering
			SMS-Based Phishing
			Communication Tools
			In-Person Attacks
			Champion Programs
			BEC Scams
			Spear Phishing
			Increase Sophistication and Maturity over Time
			Train Like You Are Marketing
		Compliance
		Localization
		SAT Rhythm of the Business
		Reporting/Results
		Checklist
		Summary
	Chapter 12 How to Do Training Right
		Designing an Effective Security Awareness Training Program
			Set Program Objectives
			Getting Leadership Support
			Form a Steering Committee
			Training Frequency and Time Allocation
			Audience Analysis
			Accessibility
			Assessment
		Building/Selecting and Reviewing Training Content
			Selecting Content
			Create or Buy?
			Review by Steering Committee
			Interactivity
			Learning Objectives
			Reviewing Content
			Communicating the SAT Plan
			Deployment Tips
			Ongoing Evaluation and Maintenance
		Additional References
		Summary
	Chapter 13 Recognizing Rogue URLs
		How to Read a URL
			Protocol Moniker
			Hostname
			DNS Domain Name
			Resource Name or Path
			Variables
		Most Important URL Information
		Rogue URL Tricks
			Look-Alike Domains
			Strange Origination Domain
			Hover, Bait, and Switch
			Shortened URLs
			URL Encoding
			Malicious Open Redirects
			Homoglyphs and Punycode Attacks
		Summary
	Chapter 14 Fighting Spear Phishing
		Background
		Spear Phishing Examples
			Compromised Trusted Email Account
			Spearphishing on Inside Confidential Information
			Fake Job Offers
			Fake Vendor Support
			Credit Card Fraud Prevention
			Personal to Company Attack
		How to Defend Against Spear Phishing
		Summary
	Chapter 15 Forensically Examining Emails
		Why Investigate?
		Why You Should Not Investigate
		How to Investigate
		Examining Emails
			Message Body
			Disjointed Email Addresses
			Strange Body or Attachments
			Instructions to Ignore Warnings
			Password-Protected File Attachments
			Spotting Rogue URLs
			File-Type Mismatches
			Email Header Inspection
		Clicking on Links and Running Malware
		Submit Links and File Attachments to AV
		The Preponderance of Evidence
		A Real-World Forensic Investigation Example
		Summary
	Chapter 16 Miscellaneous Hints and Tricks
		First-Time Firing Offense
		Text-Only Email
		Memory Issues
		SAT Counselor
		Annual SAT User Conference
		Voice-Call Tests
		Credential Searches
		Dark Web Searches
		Social Engineering Penetration Tests
		Ransomware Recovery
		Patch, Patch, Patch
		CISA Cybersecurity Awareness Program
		Passkeys
		Avoid Controversial Simulated Phishing Subjects
		Practice and Teach Mindfulness
		Must Have Mindfulness Reading
		Summary
	Chapter 17 Improving Your Security Culture
		What Is a Security Culture?
		Seven Dimensions of a Security Culture
			Attitudes
			Behaviors
			Cognition
			Communication
			Compliance
			Norms
			Responsibilities
		Improving Security Culture
			Baseline Measurement
			Set a Goal
			Identify Gaps and Apply Tactics
			Remeasure Maturity Level
		Other Resources
		Summary
Conclusion
Acknowledgments
About the Author
Index
EULA




نظرات کاربران

تمامی حقوق معنوی و مادی وبسایت متعلق به اینترنشنال لایبرری می باشد