Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released—a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on.
What’s inside
The book demystifies how authentication and authorization actually work in practice—Kerberos, NTLM, tokens, SIDs, SPNs—and shows how Group Policy, delegations, and trust topology shape exposure. Readers build a small, offline lab to observe identity flows on the wire and in logs, deploy Sysmon alongside Windows Event IDs, and integrate signal into SIEM/EDR/UEBA pipelines. The result is a repeatable way to establish baselines, detect what matters, and harden what counts.
Who it serves
Security engineers, detection analysts, incident responders, red/purple teamers, architects, admins—anyone responsible for the safety and reliability of Windows environments.
Key takeaways
Clear mental models for AD, GPOs, trusts, and admin protocols
A safe, reproducible offline lab and build scripts
Curated Windows Event and Sysmon IDs that surface meaningful behaviors
Practical hardening: tiering, LAPS hygiene, Credential Guard, auditing that works
Reporting patterns that tie technical signal to business risk
Chapter 0 — Foundations & Acronyms
Chapter 1 — Assessment Mindset & Methodology
Chapter 2 — Building the Safe Lab
Chapter 3 — Identity 101 in Windows Domains
Chapter 4 — Kerberos in the Real World
Chapter 5 — NTLM and Legacy Realities
Chapter 6 — Directory Objects, Delegations & RBAC
Chapter 7 — Group Policy Deep Dive
Chapter 8 — Trusts, Forests, and Boundaries
Chapter 9 — Name Resolution & Identity Discovery
Chapter 10 — Admin Protocols I: SMB, RPC/DCOM
Chapter 11 — Admin Protocols II: WMI & WinRM
Chapter 12 — Remote Access: RDP & NLA
Chapter 13 — Secrets & Protections: LSASS, LSA, SSO
Chapter 14 — Telemetry Architecture
Chapter 15 — SIEM/EDR/UEBA Integration
Chapter 16 — Behaviors that Matter (MITRE ATT&CK)
Chapter 17 — Hardening the Enterprise
Chapter 18 — Designing for Resilience
Chapter 19 — Executive Reporting & Risk Communication
Chapter 20 — Putting It All Together
Appendices
A. Checklists & Templates (Scope, ROE, Evidence Logs)
B. Event ID & Sysmon Quick Reference
C. Lab Topologies & Build Scripts (Safe, Offline)
Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.
Anbieter: PBShop.store UK, Fairford, GLOS, Vereinigtes Königreich
PAP. Zustand: New. New Book. Shipped from UK. Established seller since 2000. Artikel-Nr. L2-9798264400940
Anzahl: Mehr als 20 verfügbar
Anbieter: AHA-BUCH GmbH, Einbeck, Deutschland
Taschenbuch. Zustand: Neu. Neuware - Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on. Artikel-Nr. 9798264400940
Anzahl: 2 verfügbar