Cyber Security on Azure (eBook, PDF) - Copeland, Marshall
-9%
40,95 €
Statt 44,99 €**
40,95 €
inkl. MwSt.
**Preis der gedruckten Ausgabe (Broschiertes Buch)
Sofort per Download lieferbar
20 °P sammeln
-9%
40,95 €
Statt 44,99 €**
40,95 €
inkl. MwSt.
**Preis der gedruckten Ausgabe (Broschiertes Buch)
Sofort per Download lieferbar

Alle Infos zum eBook verschenken
20 °P sammeln
Als Download kaufen
Statt 44,99 €**
-9%
40,95 €
inkl. MwSt.
**Preis der gedruckten Ausgabe (Broschiertes Buch)
Sofort per Download lieferbar
20 °P sammeln
Jetzt verschenken
Statt 44,99 €**
-9%
40,95 €
inkl. MwSt.
**Preis der gedruckten Ausgabe (Broschiertes Buch)
Sofort per Download lieferbar

Alle Infos zum eBook verschenken
20 °P sammeln
  • Format: PDF


Prevent destructive attacks to your Azure public cloud infrastructure, remove vulnerabilities, and instantly report cloud security readiness. This book provides comprehensive guidance from a security insider's perspective. Cyber Security on Azure explains how this 'security as a service' (SECaaS) business solution can help you better manage security risk and enable data security control using encryption options such as Advanced Encryption Standard (AES) cryptography. Discover best practices to support network security groups, web application firewalls, and database auditing for threat…mehr

  • Geräte: PC
  • ohne Kopierschutz
  • eBook Hilfe
  • Größe: 12.39MB
Produktbeschreibung
Prevent destructive attacks to your Azure public cloud infrastructure, remove vulnerabilities, and instantly report cloud security readiness. This book provides comprehensive guidance from a security insider's perspective.
Cyber Security on Azure explains how this 'security as a service' (SECaaS) business solution can help you better manage security risk and enable data security control using encryption options such as Advanced Encryption Standard (AES) cryptography. Discover best practices to support network security groups, web application firewalls, and database auditing for threat protection. Configure custom security notifications of potential cyberattack vectors to prevent unauthorized access by hackers, hacktivists, and industrial spies.
What You'll Learn
This book provides step-by-step guidance on how to:
  • Support enterprise security policies
  • Improve cloud security
  • Configure intrusion detection
  • Identify potential vulnerabilities
  • Prevent enterprise security failures
Who This Book Is For
IT, cloud, and security administrators; CEOs, CIOs, and other business professionals

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

  • Produktdetails
  • Verlag: Springer-Verlag GmbH
  • Seitenzahl: 208
  • Erscheinungstermin: 17. Juli 2017
  • Englisch
  • ISBN-13: 9781484227404
  • Artikelnr.: 53062145
Autorenporträt
Marshall Copeland is a cloud solution architect at Microsoft focusing on cloud identity and cyber security. His work with Microsoft Azure cloud includes hybrid cloud supporting software defined networks, Windows Server, and Linux systems. Marshall provides cloud identity authentication guidance with on-premises Active Directory Domain Services, Azure Active Directory, OAuth2, and OpenID Connect. Marshall holds a Master of Science degree in information assurance (MSIA) specializing in cyber security from Dakota State University. He maintains an MCSD Azure Solution Architect Certification and CISSP. Marshall co-wrote 'Microsoft Azure: Planning, Deploying, and Managing Your Datacenter in the Cloud' and 'Microsoft Office 365 Administration Inside Out'.
Inhaltsangabe
Part I: All Business Roles Chapter 1: Cybersecurity: How Security Vulnerabilities Affect Your Business Chapter 2: Azure Security Center Cost Model Part II: Cloud Security Operations Chapter 3: Azure Security Center Getting Started Chapter 4: Azure Security Center Configuration Chapter 5: Azure Security Center Scenarios Chapter 6: Azure Security Center Extensions Appendix A: Troubleshooting & Cyber Reference Appendix B: Know Your Enemy Appendix C: Security Frameworks

Part I: Zero Trust Cloud Security
Chapter 1. Reduce Cybersecurity Vulnerabilities from the Identity Layer

In this chapter you learn the foundation of Azure active directory and quickly expand on the different capabilities for custom domains to manage Azure Subscriptions and why Identity is the security perimeter in the cloud. Azure directly supports IAM (Identity Access Management), for any size organization as the IT cloud supports secure connection from any device and any location. In this chapter you gain insight into IAM challenges for blue team defense of cyber security attacks.

· Azure cloud relations to: Azure Tenant, Azure Subscription, Azure AD

o Azure tenant security

o Azure subscription security

o Azure API security

o Azure resource locks

· Managing Azure Active Directory: Users, and Groups

· Azure Active Directory OAuth, SAML, AD Connect

· Security measures:

o Azure Application Permission Scopes, consent

o Configure Multi-Factor Authentication

o Conditional Access Policies

· Configure Azure AD Privileged Identity Management

Chapter 2 Azure Network Security Configuration
Software defined network is titled VNet in Azure and introduces new security challenges for cloud security architect when it comes to isolate data and still allow secure communication from valid users, applications and systems. In this chapter you learn security supported networking in Azure with the guides to present TCP/IP, protocol communication ports and what Azure security services are available to learn about notable tactics, techniques and procedures (TTPs) that can be exploited by Advanced Persistent Threats (APT). You learn VNet recommendations to mitigate misconfigurations and provide detection on Incidents of Compromise (IOC) like forensic evidence of potential intrusions.

· Virtual Networks, VNets, Network Peering

· NSG, Port vulnerability, OSI / TCP Model

· Azure Firewall Configurations

· Azure Front Door Service

· Application Security Groups

· Remote Access Management

Chapter 3 Reduce Cybersecurity Vulnerabilities from IaaS and Data

Operational frameworks and cyber security frameworks work hand-in-hand to support the business. The framework helps to prepare and enable steps to prevent penetration from globally attacks. In this chapter you learn through examples about advanced persistent threats (APT) using techniques, tactics and procedures to reduce risk to specific threats.

· Harden Azure VMs

· VM Security

· VM Endpoint Security

· VM OS security updates

· Database configurations (Best Practices)

o Authentication

o Auditing

o SQL Advanced Threat Protection

· Storage Accounts (data access)

· Key Management (best practices)

· Azure Files authentication

· Shared Access Signatures (SAS)

· HDInsight Security

Part II: Azure Cloud Security Operations (Red Team / Blue Team)

(150 pages)

This section of the book is focused on identifying the vulnerabilities from a Red Team perspective (aka Black Hat) and how the Blue Team (White Hat) could defend from the attack. The topics are the same but the Red teams view to help train the Blue teams defense on specific cloud targets. During the chapters in Part II the reader is guided through many attack matrix from https://attack.mitre.org/ and C2Matrix examples of attackers and their attack techniques.

Chapter 4 Configure Azure Monitoring for Blue Team Hunting

In this chapter readers learn about monitoring the availability of applications and services provide the insight on all Azure services from VM, to containers and cloud services specific to Microsoft Azure. Logs are divided into two functional types, Metrics, and logs. Azure has continued to expand insight by collecting this data and displaying in for alerts and management datapoints to respond appropriately.

Data collected includes tenant and subscription data in attrition to all Azure resources. Metrics are near real time data (review using Metrics Explorer), reviews data at a specific point of time. Logs have different properties based on the type of logs. Streamed to an Analytics workspace for Alerting and review information over long periods of time.

· Azure Monitor enablement

· Logs sources and types of logs

· Diagnostic logs & retention

· Azure analytics

· Privileged Identity Management Configuration

· Monitor Privileged Access Best Practices

· Manage API access Best Practices

· Manage Azure subscription transfers (M&A activities)

Chapter 5 Azure Security Center Configuration

Azure Security Center was introduced in the First Editions, and the reader continues their journey with a deep dive on considerations for reducing other security tools. You learn how to ingest log files from Azure environment and auto discover IaaS resources to reduce the "shadow IT" expansion. In this chapter the Cyber Security Kill Chain is front-and-center as you learn to configure alerts on known exploits. Again the reinforcement of the Attack Matrix is used to correlate and guide the Cloud Operations team into Cloud Security Operations.

· Configuration cost (consolidation considerations)

· Enable security:

o Network

o VMs

o Database

o BLOBs

· Data Protection

· Configure Alerting

· Central policy management with Security Center

· Just in Time VM access with Security Center

· Azure Sentinel

Chapter 6 Azure Kubernetes Service and Container Security

A NEW chapter in the second edition, takes the reader beyond the introduction to Kubernetes, it guides them on why containers are not secure by default. You learn container weakness and how to mitigate with security controls to secure Azure containers and the Azure Kubernetes Service (AKS).

You learn to use Azure Security Center to identify the different Alerts from a Windows OS and Linux OS running in Azure IaaS configuration. Threat protection with Security Center expands the benefits of a cloud-native solution and you learn how using the security controls support your companies Cyber Security Framework.

· Container Network Configuration

· Authentication

· Container isolation

· AKS Security focus

· Securing the container registry

· Container vulnerability management

Chapter 7 Security Governance Operations
A NEW chapter that uses many exercises to provide Azure Policy definition structure and readers learn how the policies take effect on users based on business rules. The exercises examples help readers evaluate the impact and what the logical evaluation of an Azure policy and how to customize the JSON policy definitions. Additional policies apply directly to Azure Kubernetes Services (AKS), to support the Information Security Officers team goals of improved security controls and reporting.

· Azure Policies (overview)

o Assignments

o Definitions

o Blueprints

· Compliance reports

· Configure Azure Monitor

o Diagnostic logging

o Log retention

o Vulnerability scanning

· Data Management

o Classification

o Retention

o Sovereignty

Appendix A (10-20 pages)

· Azure Penetration Testing Configuration

Appendix B (10-20 pages)

· Configure an Azure Cloud Cyber Security lab for education