CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions: Sybex Study Guide
Autor R Messieren Limba Engleză Paperback – 17 mai 2023
The latest version of the official study guide for the in-demand CEH certification, now with 750 Practice Test Questions Information security and personal privacy remains a growing concern for businesses in every sector. And even as the number of certifications increases, the Certified Ethical Hacker, Version 12 (CEH v12) maintains its place as one of the most sought-after and in-demand credentials in the industry. In CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions, you’ll find a comprehensive overview of the CEH certification requirements.
Concise and easy-to-follow instructions are combined with intuitive organization that allows you to learn each exam objective in your own time and at your own pace. The Study Guide now contains more end of chapter review questions and more online practice tests. This combines the value from the previous two-book set including a practice test book into a more valuable Study Guide.
The book offers thorough and robust coverage of every relevant topic, as well as challenging chapter review questions, even more end of chapter review questions to validate your knowledge, and Exam Essentials, a key feature that identifies important areas for study. There are also twice as many online practice tests included. You’ll learn about common attack practices, like reconnaissance and scanning, intrusion detection, DoS attacks, buffer overflows, wireless attacks, mobile attacks, Internet of Things vulnerabilities, and more.
It also provides: Practical, hands-on exercises that reinforce vital, real-world job skills and exam competenciesEssential guidance for a certification that meets the requirements of the Department of Defense 8570 Directive for Information Assurance positionsComplimentary access to the Sybex online learning center, complete with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms The CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions is your go-to official resource to prep for the challenging CEH v12 exam and a new career in information security and privacy.
Din seria Sybex Study Guide
- 20% Preț: 204.34 lei
- 20% Preț: 204.48 lei
- Preț: 416.00 lei
- 20% Preț: 204.15 lei
- Preț: 260.97 lei
- 20% Preț: 272.31 lei
- 20% Preț: 458.75 lei
- 20% Preț: 336.65 lei
- 20% Preț: 205.15 lei
- 20% Preț: 289.38 lei
- 20% Preț: 267.06 lei
- Preț: 322.04 lei
- 20% Preț: 304.02 lei
- Preț: 351.32 lei
- Preț: 350.89 lei
- 20% Preț: 175.26 lei
- Preț: 325.22 lei
- Preț: 288.65 lei
- Preț: 375.72 lei
- 20% Preț: 392.01 lei
- 8% Preț: 439.48 lei
- Preț: 427.33 lei
- 8% Preț: 380.32 lei
- 8% Preț: 441.16 lei
- 20% Preț: 269.07 lei
- Preț: 322.04 lei
- 20% Preț: 298.45 lei
- 20% Preț: 268.91 lei
- Preț: 257.89 lei
- 20% Preț: 376.86 lei
- 20% Preț: 309.98 lei
- 20% Preț: 221.89 lei
- 20% Preț: 281.57 lei
- 20% Preț: 276.82 lei
- 20% Preț: 278.23 lei
- Preț: 326.42 lei
- 20% Preț: 224.76 lei
- Preț: 294.97 lei
- Preț: 291.72 lei
- Preț: 321.94 lei
- 20% Preț: 254.30 lei
- 20% Preț: 251.37 lei
- Preț: 324.94 lei
- 20% Preț: 275.57 lei
- 20% Preț: 279.90 lei
- Preț: 407.96 lei
- 20% Preț: 289.13 lei
- Preț: 340.54 lei
- 20% Preț: 280.68 lei
Preț: 390.40 lei
Nou
74.71€ • 77.61$ • 62.06£
Carte disponibilă
Livrare economică 11-25 ianuarie 25
Specificații
ISBN-10: 1394186924
Pagini: 768
Dimensiuni: 187 x 235 x 41 mm
Greutate: 0.93 kg
Editura: Sybex
Seria Sybex Study Guide
Locul publicării:Hoboken, United States
Notă biografică
ABOUT THE AUTHOR RIC MESSIER, CEH, GCIH, GSEC, CISSP, CCSP, is a consultant, educator, and author of numerous books on information security and digital forensics. With decades of experience in information technology and information security, Ric has held the varied roles of programmer, system administrator, network engineer, security engineering manager, VoIP engineer, consultant, and professor and he is currently a Principal Consultant with Mandiant.
Cuprins
Introduction Assessment Test xvii Chapter 1 Ethical Hacking 1 Overview of Ethics 2 Overview of Ethical Hacking 5 Attack Modeling 6 Cyber Kill Chain 7 Attack Lifecycle 8 MITRE ATT&CK Framework 10 Methodology of Ethical Hacking 12 Reconnaissance and Footprinting 12 Scanning and Enumeration 12 Gaining Access 13 Maintaining Access 14 Covering Tracks 14 Summary 15 Chapter 2 Networking Foundations 17 Communications Models 19 Open Systems Interconnection 20 TCP/IP Architecture 23 Topologies 24 Bus Network 24 Star Network 25 Ring Network 26 Mesh Network 27 Hybrid 28 Physical Networking 29 Addressing 29 Switching 30 Ip 31 Headers 32 Addressing 34 Subnets 35 Tcp 37 Udp 40 Internet Control Message Protocol 41 Network Architectures 42 Network Types 43 Isolation 44 Remote Access 45 Cloud Computing 46 Storage as a Service 47 Infrastructure as a Service 48 Platform as a Service 49 Software as a Service 51 Internet of Things 53 Summary 54 Review Questions 56 Chapter 3 Security Foundations 59 The Triad 61 Confidentiality 61 Integrity 63 Availability 64 Parkerian Hexad 65 Information Assurance and Risk 66 Policies, Standards, and Procedures 69 Security Policies 69 Security Standards 70 Procedures 71 Guidelines 72 Organizing Your Protections 72 Security Technology 75 Firewalls 76 Intrusion Detection Systems 80 Intrusion Prevention Systems 83 Endpoint Detection and Response 84 Security Information and Event Management 86 Being Prepared 87 Defense in Depth 87 Defense in Breadth 89 Defensible Network Architecture 90 Logging 91 Auditing 93 Summary 95 Review Questions 96 Chapter 4 Footprinting and Reconnaissance 101 Open Source Intelligence 103 Companies 103 People 112 Social Networking 115 Domain Name System 129 Name Lookups 130 Zone Transfers 136 Passive DNS 138 Passive Reconnaissance 142 Website Intelligence 145 Technology Intelligence 150 Google Hacking 150 Internet of Things (IoT) 152 Summary 154 Review Questions 157 Chapter 5 Scanning Networks 161 Ping Sweeps 163 Using fping 163 Using MegaPing 165 Port Scanning 167 nmap 168 masscan 184 MegaPing 186 Metasploit 188 Vulnerability Scanning 190 OpenVAS 192 Nessus 203 Looking for Vulnerabilities with Metasploit 209 Packet Crafting and Manipulation 210 hping 211 packETH 214 fragroute 217 Evasion Techniques 218 Evasion with nmap 221 Protecting and Detecting 223 Summary 224 Review Questions 226 Chapter 6 Enumeration 231 Service Enumeration 233 Countermeasures 236 Remote Procedure Calls 236 SunRPC 237 Remote Method Invocation 239 Server Message Block 242 Built- in Utilities 243 nmap Scripts 247 NetBIOS Enumerator 249 Metasploit 250 Other Utilities 254 Countermeasures 257 Simple Network Management Protocol 258 Countermeasures 259 Simple Mail Transfer Protocol 260 Countermeasures 263 Web- Based Enumeration 264 Countermeasures 271 Summary 272 Review Questions 274 Chapter 7 System Hacking 279 Searching for Exploits 281 System Compromise 285 Metasploit Modules 286 Exploit- DB 290 Gathering Passwords 292 Password Cracking 295 John the Ripper 296 Rainbow Tables 298 Kerberoasting 300 Client- Side Vulnerabilities 305 Living Off the Land 307 Fuzzing 308 Post Exploitation 313 Evasion 313 Privilege Escalation 314 Pivoting 319 Persistence 322 Covering Tracks 326 Summary 332 Review Questions 334 Chapter 8 Malware 339 Malware Types 341 Virus 341 Worm 342 Trojan 344 Botnet 344 Ransomware 345 Dropper 347 Fileless Malware 348 Polymorphic Malware 348 Malware Analysis 349 Static Analysis 350 Dynamic Analysis 361 Automated Malware Analysis 370 Creating Malware 371 Writing Your Own 372 Using Metasploit 375 Obfuscating 381 Malware Infrastructure 382 Antivirus Solutions 384 Persistence 385 Summary 386 Review Questions 388 Chapter 9 Sniffing 393 Packet Capture 394 tcpdump 395 tshark 401 Wireshark 403 Berkeley Packet Filter 408 Port Mirroring/Spanning 410 Detecting Sniffers 410 Packet Analysis 412 Spoofing Attacks 417 ARP Spoofing 418 DNS Spoofing 422 DHCP Starvation Attack 424 sslstrip 425 Spoofing Detection 426 Summary 428 Review Questions 430 Chapter 10 Social Engineering 435 Social Engineering 436 Pretexting 438 Social Engineering Vectors 440 Identity Theft 441 Physical Social Engineering 442 Badge Access 442 Man Traps 444 Biometrics 445 Phone Calls 446 Baiting 447 Tailgating 448 Phishing Attacks 448 Contact Spamming 452 Quid Pro Quo 452 Social Engineering for Social Networking 453 Website Attacks 454 Cloning 454 Rogue Attacks 457 Wireless Social Engineering 458 Automating Social Engineering 461 Summary 464 Review Questions 466 Chapter 11 Wireless Security 471 Wi- Fi 472 Wi- Fi Network Types 474 Wi- Fi Authentication 477 Wi- Fi Encryption 478 Bring Your Own Device 483 Wi- Fi Attacks 484 Bluetooth 495 Scanning 496 Bluejacking 498 Bluesnarfing 498 Bluebugging 498 Bluedump 499 Bluesmack 499 Mobile Devices 499 Mobile Device Attacks 500 Summary 504 Review Questions 506 Chapter 12 Attack and Defense 511 Web Application Attacks 512 OWASP Top 10 Vulnerabilities 514 Web Application Protections 524 Denial- of- Service Attacks 526 Bandwidth Attacks 527 Slow Attacks 529 Legacy 531 Application Exploitation 531 Buffer Overflow 532 Heap Spraying 534 Application Protections and Evasions 535 Lateral Movement 536 Defense in Depth/Defense in Breadth 538 Defensible Network Architecture 540 Summary 542 Review Questions 544 Chapter 13 Cryptography 549 Basic Encryption 551 Substitution Ciphers 551 Diffie-Hellman 553 Symmetric Key Cryptography 555 Data Encryption Standard 555 Advanced Encryption Standard 556 Asymmetric Key Cryptography 558 Hybrid Cryptosystem 559 Nonrepudiation 559 Elliptic Curve Cryptography 560 Certificate Authorities and Key Management 562 Certificate Authority 562 Trusted Third Party 565 Self- Signed Certificates 566 Cryptographic Hashing 569 PGP and S/MIME 571 Disk and File Encryption 572 Summary 576 Review Questions 578 Chapter 14 Security Architecture and Design 581 Data Classification 582 Security Models 584 State Machine 584 Biba 585 Bell-LaPadula 586 Clark-Wilson Integrity Model 586 Application Architecture 587 n- tier Application Design 588 Service- Oriented Architecture 591 Cloud- Based Applications 593 Database Considerations 595 Security Architecture 598 Zero- Trust Model 602 Summary 604 Review Questions 606 Chapter 15 Cloud Computing and the Internet of Things 611 Cloud Computing Overview 612 Cloud Services 616 Shared Responsibility Model 621 Public vs. Private Cloud 623 Grid Computing 624 Cloud Architectures and Deployment 625 Responsive Design 629 Cloud- Native Design 629 Deployment 631 Dealing with REST 633 Common Cloud Threats 639 Access Management 639 Data Breach 641 Web Application Compromise 642 Credential Compromise 643 Insider Threat 645 Internet of Things 646 Fog Computing 651 Operational Technology 652 The Purdue Model 654 Summary 655 Review Questions 657 Appendix Answers to Review Questions 661 Chapter 2: Networking Foundations 662 Chapter 3: Security Foundations 663 Chapter 4: Footprinting and Reconnaissance 666 Chapter 5: Scanning Networks 669 Chapter 6: Enumeration 672 Chapter 7: System Hacking 675 Chapter 8: Malware 678 Chapter 9: Sniffing 681 Chapter 10: Social Engineering 683 Chapter 11: Wireless Security 686 Chapter 12: Attack and Defense 688 Chapter 13: Cryptography 691 Chapter 14: Security Architecture and Design 693 Chapter 15: Cloud Computing and the Internet of Things 695 Index 699