وبلاگ بلیان

Red Hat and IT Security : With Red Hat Ansible, Red Hat OpenShift, and Red Hat Security Auditing

معرفی کتاب «Red Hat and IT Security : With Red Hat Ansible, Red Hat OpenShift, and Red Hat Security Auditing» نوشتهٔ Gustavo R. Santos و Rithik Chatterjee، منتشرشده توسط نشر Apress : Imprint : Apress در سال 2021. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

Use Red Hat's security tools to establish a set of security strategies that work together to help protect your digital data. You will begin with the basic concepts of IT security and DevOps with topics such as CIA triage, security standards, network and system security controls and configuration, hybrid cloud infrastructure security, and the CI/CD process. Next, you will integrate and automate security into the DevOps cycle, infrastructure, and security as code. You will also learn how to automate with Red Hat Ansible Automation Platform and about hybrid cloud infrastructure. The later chapters will cover hyper-converged infrastructure and its security, Red Hat Smart Management, predictive analytics with Red Hat Insights, and Red Hat security auditing to ensure best security practices. Lastly, you will see the different types of case studies with real-world examples. Red Hat and IT Security will help you get a better understanding of IT security concepts from a network and system administration perspective. It will help you to understand how the IT infrastructure landscape can change by implementing specific security best practices and integrating Red Hat products and solutions to counter against modern cybersecurity threats. What You Will Learn ● Understand IT infrastructure security and its best practices ● Implement hybrid cloud infrastructure ● Realign DevOps process into DevSecOps, emphasizing security ● Implement automation in IT infrastructure services using Red Hat Ansible ● Explore Red Hat Smart Management, predictive analytics, and auditing Who This Book Is For IT professionals handling network/system administration or the IT infrastructure of an organization. DevOps professionals and cybersecurity analysts would find the book useful. Table of Contents About the Author About the Technical Reviewer Acknowledgments Introduction Chapter 1: Introduction to IT Security Basics of Networking Firewalls Virtual Private Network Virtual Private Cloud DHCP Domain Name System TCP UDP Simple Network Management Protocol SSH HTTP SSL/TLS Network Address Translation Port Forwarding IT Infrastructure Elements Switching vs. Routing Domain Controller Database Server Application Server Load Balancing Server Linux System Administration Essential Concepts Directory Services LDAP File Systems in Linux Block Storage Security Basics in Linux Access Control Lists (ACLs) SELinux Firewall Daemon (Firewalld) Standardizing Security in Network and System Administration Confidentiality Integrity Availability Chapter 2: Red Hat Hybrid Cloud Infrastructure Basics of Cloud Infrastructure What Is Cloud Computing? Cloud Computing Services Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Cloud Bursting Security in Cloud Infrastructure Introduction to Hybrid Cloud Architecture Operating Hybrid Clouds Cloud First Migration Lift and Shift Improve and Move Rip and Replace Flexibility Tiered Hybrid Strategy Benefits of Tiered Hybrid Implementation Analytical Hybrid Infrastructure Hybrid Edge Cloud Computing Modern Hybrid Cloud Architecture Security in Hybrid Clouds Red Hat Cloud Suite Red Hat CloudForms Red Hat Virtualization Red Hat OpenStack Platform Red Hat OpenShift Container Platform Advantages of CloudSuite Orchestration with Red Hat OpenShift OpenShift Container Platform (Red Hat OCP) Compatibility with Hybrid Cloud OpenShift Security Distinctive Features Kubernetes OCP Life Cycle OCP Installation Installation Procedure Chapter 3: Security in DevOps and Automation Categories of DevOps Automation Continuous Integration (CI) Continuous Testing (CT) Agile Development Enterprise Systems Management (ESM) Continuous Delivery vs. Continuous Deployment Continuous Delivery (CD) Continuous Deployment (CD) Continuous Monitoring Benefits of DevOps Scalability Speed Innovation Agility Qualitative Growth Reliability Cost-Effective Evolution of DevSecOps DevSecOps in Environment and Data Security DevSecOps in CI/CD Pipeline Infrastructure as Code and Security as Code Infrastructure as Code (IaC) Security as Code (SaC) Buffer Overflow Code Injection Attacks Automation with Red Hat Ansible Automation Platform Ansible Components Control Node Managed Nodes Inventory Modules Tasks Playbooks Using Ansible Building an Inventory Default Groups Ansible Playbook DevSecOps in OpenShift Red Hat Consulting Chapter 4: Red Hat Hyperconverged Infrastructure Obsolescence of Legacy Infrastructure What Is Hyperconverged Infrastructure? HCI Architecture Databases Analytics and Logging Data Security Data Storage Edge Computing Desktop as a Service (DaaS) Programming General Uses Red Hat Hyperconverged Infrastructure for Virtualization Core Operations Key Features Red Hat Virtualization Elements of Red Hat Virtualization Cluster Data center Event HA Services Host Storage Pool Manager (SPM) Host Storage Manager (HSM) Networking Self-Hosted Engine Node Template Data Warehouse Metrics Store Security in Red Hat Virtualization Configuration of sVirt Flexibility with Red Hat Gluster Storage Red Hat Hyperconverged Infrastructure for Cloud Cloud Computing with Red Hat OpenStack Platform (RHOSP) Core Elements of OpenStack Dashboard (Code: Horizon) Identity (Code: Keystone) OpenStack Networking (Code: Neutron) Load-Balancing Service (Code: Octavia) OpenStack Block Storage (Code: Cinder) OpenStack Compute (Code: Nova) OpenStack Image Service (Code: Glance) OpenStack Object Storage (Code: Swift) OpenStack Telemetry (Code: Ceilometer) OpenStack Orchestration (Code: Heat) Red Hat OpenStack Platform Director Scalability with Red Hat Ceph Storage Ceph OSD Daemon Ceph Monitor Ceph Manager Hyperconverged Infrastructure Security Best Practices Secure Individual Components Security Centralization Accessibility Security Policies Implementation Chapter 5: Red Hat Smart Management and Red Hat Insights Red Hat Satellite Architecture Core System Elements Organizations Locations Life-Cycle Environments Provisioning Kickstart PXE Booting Single Location Single Location with Separate Subnets Multiple Locations Disconnected Satellite Disconnected Satellite with Content ISO Disconnected Satellite with Inter-Satellite Synchronization Capsule with External Services Infrastructure Controlling with Red Hat Smart Management Predictive Analytics Using Red Hat Insights Advisor Service Vulnerability Service Security Rules Compliance Service System Comparison / Drift Analysis System Baselines Reference Point System Facts Insights Policies Webhooks System Patching Using Ansible Playbooks Chapter 6: Red Hat Security Auditing IT System Auditing General Controls vs. Application Controls Risk Analysis System Security Control Objectives and Environment Finding Best Practices for Red Hat System Audit RHEL Audit Use Cases Audit Configuration Evaluate Vulnerabilities and Verify Compliance Unprompted Active Role Partaking Identifying the Key Business Processes Zero In on Critical Applications Underneath the Processes Identify the Hardware Powering the Applications and Processes Mapping Network Architecture Analyze the Security and Control Measures Perform Vulnerability Scans Consolidate the Scan Results with Technological and Business Context Perform Penetration Testing Conclusion Chapter 7: Case Studies Case Study 1: Anonymous Context Policies and Controls That Could Have Helped BYOD (Bring Your Own Device) Policy Limit Network Port Access Safeguarding FTP Server Defense Mechanisms Data Security Wireless Access Security Case Study 2: Sony Pictures Entertainment (2014) Context Policies and Controls That Could Have Helped Encryption Network Security Data Scanning Malware Defense Mechanisms Data Recovery Administrative Privileges Security Logging Network Segmentation Penetration Testing and Red Team Assessments Incident Response Case Study 3: Capital One (2019) Context Policies and Controls That Could Have Helped Firewall Configurations Access Controls Encryption Monitoring Additional Case Studies Bangladesh Bank Cyber Heist (2016) Facebook–Cambridge Analytica Data Scandal (2018) Twitter Hack (2020) References Index
دانلود کتاب Red Hat and IT Security : With Red Hat Ansible, Red Hat OpenShift, and Red Hat Security Auditing