Details
Practical Industrial Cybersecurity
ICS, Industry 4.0, and IIoT1. Aufl.
|
32,99 € |
|
| Verlag: | Wiley |
| Format: | |
| Veröffentl.: | 10.05.2022 |
| ISBN/EAN: | 9781119883036 |
| Sprache: | englisch |
| Anzahl Seiten: | 624 |
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.
Beschreibungen
<p><b>A practical roadmap to protecting against cyberattacks in industrial environments</b> <p>In <i>Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT</i>, veteran electronics and computer security author Charles J. Brooks and electrical grid cybersecurity expert Philip Craig deliver an authoritative and robust discussion of how to meet modern industrial cybersecurity challenges. The book outlines the tools and techniques used by practitioners in the industry today, as well as the foundations of the professional cybersecurity skillset required to succeed on the SANS Global Industrial Cyber Security Professional (GICSP) exam. <p>Full of hands-on explanations and practical guidance, this book also includes: <ul> <li>Comprehensive coverage consistent with the National Institute of Standards and Technology guidelines for establishing secure industrial control systems (ICS)</li> <li>Rigorous explorations of ICS architecture, module and element hardening, security assessment, security governance, risk management, and more</li></ul><p><i>Practical Industrial Cybersecurity</i> is an indispensable read for anyone preparing for the Global Industrial Cyber Security Professional (GICSP) exam offered by the Global Information Assurance Certification (GIAC). It also belongs on the bookshelves of cybersecurity personnel at industrial process control and utility companies. <p><i>Practical Industrial Cybersecurity</i> provides key insights to the Purdue ANSI/ISA 95 Industrial Network Security reference model and how it is implemented from the production floor level to the Internet connection of the corporate network. It is a valuable tool for professionals already working in the ICS/Utility network environment, IT cybersecurity personnel transitioning to the OT network environment, and those looking for a rewarding entry point into the cybersecurity field.
<p>Introduction xxiii</p> <p><b>Chapter 1 Industrial Control Systems 1</b></p> <p>Introduction 2</p> <p>Basic Process Control Systems 3</p> <p>Closed- Loop Control Systems 5</p> <p>Industrial Process Controllers 6</p> <p>Supervisory Control and Data Acquisition Systems 20</p> <p>System Telemetry 21</p> <p>Utility Networks 23</p> <p>OT/IT Network Integration 25</p> <p>Industrial Safety and Protection Systems 28</p> <p>Safety Instrument Systems 29</p> <p>Review Questions 39</p> <p>Exam Questions 41</p> <p><b>Chapter 2 ICS Architecture 43</b></p> <p>Introduction 44</p> <p>Network Transmission Media 45</p> <p>Copper Cabling 45</p> <p>Fiber- Optic Cabling 46</p> <p>Industrial Network Media Standards 49</p> <p>Ethernet Connectivity 52</p> <p>External Network Communications 53</p> <p>Transmission Media Vulnerabilities 55</p> <p>Field Device Architecture 56</p> <p>PLC I/O Sections 58</p> <p>PLC Implementations 62</p> <p>Industrial Sensors 63</p> <p>Final Control Elements/Actuators 71</p> <p>Relays 73</p> <p>Process Units 76</p> <p>Industrial Network Protocols 79</p> <p>Common Industrial Protocols 79</p> <p>EtherNet/IP Protocol 79</p> <p>Modbus 80</p> <p>ProfiNet/ProfiBus 81</p> <p>Dnp3 82</p> <p>Iccp 83</p> <p>Opc 83</p> <p>BACnet 83</p> <p>Enterprise Network Protocols 84</p> <p>Tcp/ip 84</p> <p>Dynamic Host Configuration Protocol 89</p> <p>Review Questions 90</p> <p>Exam Questions 91</p> <p><b>Chapter 3 Secure ICS Architecture 95</b></p> <p>Introduction 96</p> <p>Boundary Protection 97</p> <p>Firewalls 98</p> <p>Proxies 104</p> <p>Security Topologies 105</p> <p>Network Switches 106</p> <p>Routers 108</p> <p>Security Zoning Models 109</p> <p>Flat Network Topologies 113</p> <p>Network Segmentation 122</p> <p>Controlling Intersegment Data Movement 128</p> <p>Tunneling 128</p> <p>Wireless Networking 129</p> <p>Wireless Sensors 131</p> <p>Wireless Gateways 134</p> <p>Modems 135</p> <p>Review Questions 137</p> <p>Exam Questions 139</p> <p><b>Chapter 4 ICS Module and Element Hardening 143</b></p> <p>Introduction 145</p> <p>Endpoint Security and Hardening 145</p> <p>User Workstation Hardening 145</p> <p>BIOS Security Subsystems 147</p> <p>Additional Outer Perimeter Access Hardening 148</p> <p>Mobile Device Protection 154</p> <p>OS Security/Hardening 155</p> <p>File System Security 156</p> <p>Operating System Security Choices 160</p> <p>Linux SystemV vs Systemd 160</p> <p>Hardening Operating Systems 162</p> <p>Common Operating System Security Tools 162</p> <p>Virtualization 169</p> <p>Application Software Security 172</p> <p>Software Exploitation 172</p> <p>Information Leakage 173</p> <p>Applying Software Updates and Patches 174</p> <p>Database Hardening 174</p> <p>SQL Injection 175</p> <p>Anti-Malware 177</p> <p>Antivirus 178</p> <p>Anti-spyware 178</p> <p>Anti- Malware: Sanitization 181</p> <p>Embedded Device Security 182</p> <p>Meters 184</p> <p>Network Hardening 189</p> <p>OT/IT Network Security 189</p> <p>Server Security 191</p> <p>Hardening the Server OS 193</p> <p>Logical Server Access Control 194</p> <p>Hardening Network Connectivity Devices 196</p> <p>Review Questions 201</p> <p>Exam Questions 202</p> <p><b>Chapter 5 Cybersecurity Essentials for ICS 205</b></p> <p>Introduction 207</p> <p>Basic Security Tenets 208</p> <p>Confidentiality, Integrity, and Availability 208</p> <p>Availability in ICS Networks 209</p> <p>Nonrepudiation 210</p> <p>Principle of Least Privilege 211</p> <p>Separation of Duties 211</p> <p>Vulnerability and Threat Identification 212</p> <p>Nation- States 213</p> <p>Cyberterrorists 213</p> <p>Cybercriminals 214</p> <p>Insider Threats 216</p> <p>Events, Incidents, and Attacks 217</p> <p>Threat Vectors 217</p> <p>Weaponization 230</p> <p>Delivery 230</p> <p>Exploitation 231</p> <p>Installation 232</p> <p>Command and Control 233</p> <p>Actions on Objectives 233</p> <p>Attack Methods 234</p> <p>Unauthorized Access 251</p> <p>Cryptographics 260</p> <p>Encryption 262</p> <p>Digital Certificates 264</p> <p>Public Key Infrastructure 264</p> <p>Hashing 266</p> <p>Resource Constraints 267</p> <p>Review Questions 268</p> <p>Exam Questions 268</p> <p><b>Chapter 6 Physical Security 271</b></p> <p>Introduction 272</p> <p>Infrastructure Security 273</p> <p>Access Control 274</p> <p>Physical Security Controls 276</p> <p>Authentication Systems 278</p> <p>Remote Access Monitoring and Automated Access Control Systems 286</p> <p>Intrusion Detection and Reporting Systems 289</p> <p>Security Controllers 290</p> <p>Video Surveillance Systems 295</p> <p>Cameras 297</p> <p>IP Cameras 297</p> <p>Pan- Tilt- Zoom Cameras 298</p> <p>Physical Security for ICS 306</p> <p>Industrial Processes/Generating Facilities 307</p> <p>Control Center/Company Offices 307</p> <p>Nerc Cip-006-1 309</p> <p>Review Questions 311</p> <p>Exam Questions 312</p> <p><b>Chapter 7 Access Management 315</b></p> <p>Introduction 316</p> <p>Access Control Models 317</p> <p>Mandatory Access Control 317</p> <p>Discretionary Access Control 318</p> <p>Role- Based Access Control 318</p> <p>Rule- Based Access Control 319</p> <p>Attribute- Based Access Control 319</p> <p>Context- Based Access Control 320</p> <p>Key Security Components within Access Controls 320</p> <p>Directory Services 321</p> <p>Active Directory 321</p> <p>Linux Directory Services 324</p> <p>Application Runtime and Execution Control 326</p> <p>User Access Management 326</p> <p>Establishing User and Group Accounts 328</p> <p>Group Account Security 330</p> <p>Network Authentication Options 331</p> <p>Establishing Resource Controls 332</p> <p>ICS Access Control 334</p> <p>Remote ICS Access Control 336</p> <p>Access Control for Cloud Systems 340</p> <p>Review Questions 343</p> <p>Exam Questions 344</p> <p><b>Chapter 8 ICS Security Governance and Risk Management 347</b></p> <p>Introduction 348</p> <p>Security Policies and Procedure Development 348</p> <p>Requirements 349</p> <p>Exceptions and Exemptions 350</p> <p>Standards 351</p> <p>ICS Security Policies 356</p> <p>Risk Management 357</p> <p>Asset Identification 358</p> <p>Risk Assessment 359</p> <p>Risk Identification Vulnerability Assessment 362</p> <p>Impact Assessment 363</p> <p>ICS Risk Assessments 364</p> <p>Risk Mitigation 366</p> <p>Nerc Cip-008 367</p> <p>Review Questions 369</p> <p>Exam Questions 370</p> <p><b>Chapter 9 ICS Security Assessments 373</b></p> <p>Introduction 374</p> <p>Security Assessments 374</p> <p>ICS Device Testing 376</p> <p>Vulnerability 376</p> <p>Supply Chain 377</p> <p>Communication Robustness Testing 382</p> <p>Fuzzing 382</p> <p>ICS Penetration Testing 384</p> <p>The Pentest Process 385</p> <p>Security Testing Tools 392</p> <p>Packet Sniffers 392</p> <p>Network Enumeration/Port Scanning 393</p> <p>Port Scanning 395</p> <p>Vulnerability Scanning 395</p> <p>Review Questions 401</p> <p>Exam Questions 402</p> <p><b>Chapter 10 ICS Security Monitoring and Incident Response 405</b></p> <p>Introduction 407</p> <p>ICS Lifecycle Challenges 408</p> <p>Change Management 408</p> <p>Establishing a Security Baseline 409</p> <p>Change Management Documentation 411</p> <p>Configuration Change Management 412</p> <p>Controlling Patch Distribution and Installation for Systems 414</p> <p>Monitoring 419</p> <p>Event Monitoring 420</p> <p>Network Monitoring 421</p> <p>Security Monitoring 423</p> <p>Logging and Auditing 424</p> <p>Event Logging 425</p> <p>Incident Management 433</p> <p>The Incident Response Lifecycle 434</p> <p>Preparation 435</p> <p>Incident Response 442</p> <p>Recovery 445</p> <p>Post- Incident Activities 446</p> <p>Review Questions 449</p> <p>Exam Questions 450</p> <p><b>Chapter 11 Disaster Recovery and Business Continuity 453</b></p> <p>Introduction 454</p> <p>Business Continuity Plans 455</p> <p>System Redundancy 455</p> <p>Local Virtualized Storage 459</p> <p>System Backup and Restoration 462</p> <p>Backup Options 463</p> <p>Backup Media Rotation 466</p> <p>Securing Backup Media 467</p> <p>Other BCP Considerations 467</p> <p>Disaster Recovery 469</p> <p>Planning 470</p> <p>Documenting the Disaster Recovery Plan 472</p> <p>The Disaster Response/Recovery Team 473</p> <p>Nerc Cip-009-6 475</p> <p>Review Questions 477</p> <p>Exam Questions 478</p> <p><b>Appendix A GICSP Objective Map 481</b></p> <p>ICS410.1 ICS: Global Industrial Cybersecurity Professional (GICSP) Objectives 482</p> <p>Overview 482</p> <p>ICS410.2: Architecture and Field Devices 483</p> <p>ICS410.3: Communications and Protocols 484</p> <p>ICS410.4: Supervisory Systems 485</p> <p>ICS410.5: Security Governance 485</p> <p><b>Appendix B Glossary 487</b></p> <p><b>Appendix C Standards and References 533</b></p> <p>Reference Links 536</p> <p><b>Appendix D Review and Exam Question Answers 539</b></p> <p>Chapter 1: Industrial Control Systems 540</p> <p>Review Question Answers 540</p> <p>Exam Question Answers 541</p> <p>Chapter 2: ICS Architecture 542</p> <p>Review Question Answers 542</p> <p>Exam Question Answers 544</p> <p>Chapter 3: Secure ICS Architecture 545</p> <p>Review Question Answers 545</p> <p>Exam Question Answers 547</p> <p>Chapter 4: ICS Modules and Element Hardening 548</p> <p>Review Question Answers 548</p> <p>Exam Question Answers 550</p> <p>Chapter 5: Cybersecurity Essentials for ICS 551</p> <p>Review Question Answers 551</p> <p>Exam Question Answers 553</p> <p>Chapter 6: Physical Security 554</p> <p>Review Question Answers 554</p> <p>Exam Question Answers 556</p> <p>Chapter 7: Access Management 556</p> <p>Review Question Answers 556</p> <p>Exam Question Answers 558</p> <p>Chapter 8: ICS Security Governance and Risk Management 559</p> <p>Review Question Answers 559</p> <p>Exam Question Answers 560</p> <p>Chapter 9: ICS Security Assessments 561</p> <p>Review Question Answers 561</p> <p>Exam Question Answers 563</p> <p>Chapter 10: ICS Security Monitoring and Incident Response 564</p> <p>Review Question Answers 564</p> <p>Exam Question Answers 565</p> <p>Chapter 11: Disaster Recovery and Business Continuity 567</p> <p>Review Question Answers 567</p> <p>Exam Question Answers 568</p> <p>Index 571</p>
<p><b>CHARLES J. BROOKS</b> is the co-Owner and Vice President of Educational Technologies Group Inc and the co-Owner of eITPrep LLP. He oversees research and product development at those organizations and has authored several books, including the <i>A+ Certification Training Guide</i> and <i>The Complete Introductory Computer Course</i>. For the past eight years Charles has been lecturing and providing Instructor training for cybersecurity teachers throughout the U.S. and abroad. His latest projects have been associated with IT and OT cybersecurity courses and hands-on lab activities that include Cybersecurity Essentials — Concepts & Practices; Cybersecurity Essentials – Environments & Testing; and Industrial Network Cybersecurity.</p> <p><b>PHILIP A. CRAIG JR </b>is the founder of BlackByte Cyber Security, LLC, a consultancy formed to develop new cybersecurity tools and tactics for use in U.S Critical Infrastructure. He oversees research and product development for the U.S. Department of Energy (DOE), the Defense Advanced Research Projects Agency (DARPA), and the National Rural Electric Cooperative Association (NRECA), as well as providing expert knowledge in next generation signal isolation techniques to protect automated controls in energy generation, transmission, and distribution systems. Mr. Craig has authored regulation for both the Nuclear Regulatory Commission (NRC) and National Energy Reliability Corporation (NERC) and is an active cyber responder in federal partnerships for incident response.
<p><b>A hands-on roadmap to the GICSP exam and industrial cybersecurity best practices</b></p> <p>In <i>Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT</i>, a team of veteran computer security professionals and educators delivers an accessible and authoritative discussion of the tools and techniques used by industrial cybersecurity professionals. The book walks you through the foundations of a modern cybersecurity skillset as it is applied in an industrial setting, as well as the skills and competencies you’ll need to succeed on the Global Industrial Cyber Security Professional (GICSP) exam. <p>The authors provide comprehensive coverage that is fully consistent with the National Institute of Standards and Technology (NIST) guidelines governing the establishment of secure industrial control systems (ICS). They present explanations of best practices in the design and implementation of ICS architecture, module and element hardening, security assessment and governance, risk management, and more. <p>An indispensable handbook for anyone preparing for the GICSP exam, as well as industry professionals seeking to upgrade their on-the-job, industrial cybersecurity skillset, <i>Practical Industrial Cybersecurity also offers</i>: <ul><b><li>Understand and configure access management</li> <li>Implement disaster recovery and business continuity strategies</li> <li>Plan and design industrial control systems architecture</li> <li>Assess and monitor industrial control system security</li> <li>Build a physical security system that complements your industrial cybersecurity setup</li></b></ul>
Diese Produkte könnten Sie auch interessieren:
Impact of Artificial Intelligence on Organizational Transformation
von: S. Balamurugan, Sonal Pathak, Anupriya Jain, Sachin Gupta, Sachin Sharma, Sonia Duggal
190,99 €
