Cybersecurity – Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals. 2 Ed

 Cover

Table of Contents

Change History

Beta 9—June 9,....2021

Beta 8—April 27,....2021

Beta 7—March 11,....2021

Beta 6—August 11,....2020

Beta 5—June 5,....2020

Beta 4—March 23,....2020

Beta 3—February 9,....2020

Beta 2—December 4,....2019

Beta 1—October 30,....2019

Acknowledgments

So You Want to Write Some Client-Side Code

Basic Assumptions

The Tools We’ll Use

How This Book Is Organized

Let’s Build an App

The Sample Code

Part I—Getting Started

1. Getting Started with Client-Side Rails

Managing State and Front-End Development

Configuring Webpacker

Using Webpacker

What’s Next

2. Hotwire and Turbo

The Hotwire Way

Installing Turbo

What Is Turbo Drive?

Adding Interactivity with Turbo Frames

Navigating Outside a Turbo Frame

Extending Our Page with Turbo Streams

Turbo Frames vs. Turbo Streams

Lazy Loading a Turbo Frame

What’s Next

3. Stimulus

What Is Stimulus?

Installing Stimulus

Adding Our First Controller

Creating an Action

Adding a Target

Using Values

Automating Value Changes

Stimulus Has Class

Going Generic

Stimulus Quick Reference

What’s Next

4. React

What Is React?

Installing React

Adding Our First Component

Composing Components

Connecting to the Page

Interactivity, State, and Hooks

Sharing State

What’s Next

5. Cascading Style Sheets

Building CSS in webpack

Adding CSS and Assets to webpack

Animating CSS

Adding CSS Transitions

Animating Turbo Streams with Animate.css

Using CSS and React Components

What’s Next

Part II—Going Deeper

6. TypeScript

Using TypeScript

Understanding Basic TypeScript Types

Static vs. Dynamic Typing

Adding Type Annotations to Variables

Adding Type Annotations to Functions

Adding Type Annotations to Classes

Defining Interfaces

Type Checking Classes and Interfaces

Getting Type Knowledge to TypeScript

What’s Next

7. webpack

Understanding Why webpack Exists

Managing Dependencies with Yarn

Understanding webpack Configuration

What’s Next

8. Webpacker

Webpacker Basics

Writing Code Using Webpacker

Integrating Webpacker with Frameworks

Running webpack

Deploying Webpacker in Production

Customizing Webpacker

What’s Next

Part III—Managing Servers and State

9. Talking to the Server

Using Stimulus to Manage Forms

Stimulus and Ajax

Using Data in Stimulus

Acquiring Data in React with useState

What’s Next

10. Immediate Communication with ActionCable

Installing ActionCable

Turbo Streams and ActionCable

Stimulus and ActionCable

React and ActionCable

What’s Next

11. Managing State in Stimulus Code

Using Data Values for Logic

Observing and Responding to DOM Changes

Rendering CSS with Data Attributes

What’s Next

12. Managing State in React

Using Reducers

Using Context to Share State

Adding Asynchronous Events to Contexts

What’s Next

13. Using Redux to Manage State

Installing and Using Redux

Adding Asynchronous Actions to Redux

What’s Next

Part IV—Validating Your Code

14. Validating Code with Advanced TypeScript

Creating Union Types

Specifying Types with Literal Types

Using Enums and Literal Types

Building Mapped Types and Utility Types

TypeScript Configuration Options

Dealing with Strictness

What’s Next

15. Testing with Cypress

Why Cypress?

Installing Cypress

Configuring Cypress and Rails

Writing Our First Test

Understanding How Cypress Works

What’s Next

16. More Testing and Troubleshooting

Writing More Cypress Tests

Testing the Schedule Filter

Cypress and React

Cypress Utilities and API

Troubleshooting

What’s Next

A1. Framework Swap

The All-Hotwire App

The All-React App

Comparison

Index

Cybersecurity - Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining.

Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack - the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user's identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system.

This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.

What You Will Learn:

• The importance of having a solid foundation for your security posture
• Use cyber security kill chain to understand the attack strategy
• Boost your organization's cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
• Utilize the latest defense tools, including Azure Sentinel and Zero Trust Network strategy
• Identify different types of cyberattacks, such as SQL injection, malware and social engineering threats such as phishing emails
• Perform an incident investigation using Azure Security Center and Azure Sentinel
• Get an in-depth understanding of the disaster recovery process
• Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
• Learn how to perform log analysis using the cloud to identify suspicious activities, including logs from Amazon Web Services and Azure

Who this book is for:

For the IT professional venturing into the IT security domain, IT pentesters, security consultants, or those looking to perform ethical hacking. Prior knowledge of penetration testing is beneficial.