Penetration Testing: Protecting Networks and Systems
Autor Kevin M. Henryen Limba Engleză Paperback – 31 mai 2012
Preț: 226.39 lei
Preț vechi: 282.99 lei
-20% Nou
Puncte Express: 340
Preț estimativ în valută:
43.33€ • 44.65$ • 36.58£
43.33€ • 44.65$ • 36.58£
Carte disponibilă
Livrare economică 11-25 februarie
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781849283717
ISBN-10: 1849283710
Pagini: 236
Dimensiuni: 140 x 216 x 13 mm
Greutate: 0.28 kg
Editura: Itgp
ISBN-10: 1849283710
Pagini: 236
Dimensiuni: 140 x 216 x 13 mm
Greutate: 0.28 kg
Editura: Itgp
Notă biografică
Kevin Henry has 35 years' experience working on computer systems, initially as an operator on the largest mini-computer installation in Canada, and then in various programmer and analyst roles before moving into computer audit and security. Kevin currently provides security auditing, training and educational programs for major clients and governments around the world and is a frequent speaker on the security conference circuit.
Cuprins
Introduction Chapter 1: Introduction to Penetration Testing Case study Security basics Risk management The threat environment Overview of the steps to penetration testing Penetration testing versus hacking Benefits of penetration testing Summary Key learning points Questions Chapter 2: Preparing to Conduct a Penetration Test Approval and scope Planning Summary Questions Chapter 3: Reconnaissance The start of the test Physical information gathering Other data sources Avoiding footprinting Key learning points Questions Chapter 4: Active Reconnaissance and Enumeration Port scanning Countermeasures to active reconnaissance Key learning points Questions Chapter 5: Vulnerability Assessments The attack vectors References and sources of vulnerabilities Using vulnerability assessment tools PCI DSS requirements Malicious code Reporting on the vulnerability assessment Key learning points Questions Chapter 6: Hacking Windows(R) and UNIX Having fun Common hacking initiatives Defeating data theft Protecting against unauthorized access Access controls Actions of the attacker Focus on UNIX/Linux Advanced attacks Source code review Case study: Attack on a Chinese bank Key learning points Questions Chapter 7: Launching the Attack Steps to an exploit Attacking wireless networks Pen testing wireless Network sniffing Firewalls Intrusion detection and prevention systems (IDS/IPS). Key learning points Questions Chapter 8: Attacking Web Applications The steps in attacking a web application Questions Chapter 9: Preparing the Report Determining risk levels Risk response Report confidentiality Delivering the report Key learning points Questions Appendix 1: Linux Appendix 2: Encryption Concepts of cryptography Appendix 3: Regulations and Legislation Examples of regulations and legislation Protection of intellectual property Appendix 4: Incident Management Concepts of incident management Additional Questions and Answers Answers References ITG Resources