Muutke küpsiste eelistusi

CEH v11 Certified Ethical Hacker Study Guide plus Practice Tests Set 2nd edition [Pehme köide]

  • Formaat: Paperback / softback, 2 pages, kõrgus x laius x paksus: 234x185x53 mm, kaal: 1497 g, Illustrations
  • Ilmumisaeg: 25-Nov-2021
  • Kirjastus: Sybex Inc.,U.S.
  • ISBN-10: 1119825393
  • ISBN-13: 9781119825395
Teised raamatud teemal:
  • Pehme köide
  • Hind: 68,36 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Tavahind: 80,42 €
  • Säästad 15%
  • Raamatu kohalejõudmiseks kirjastusest kulub orienteeruvalt 2-4 nädalat
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Tellimisaeg 2-4 nädalat
  • Lisa soovinimekirja
CEH v11 Certified Ethical Hacker Study Guide plus Practice Tests Set 2nd editionSuurem pilt
  • Formaat: Paperback / softback, 2 pages, kõrgus x laius x paksus: 234x185x53 mm, kaal: 1497 g, Illustrations
  • Ilmumisaeg: 25-Nov-2021
  • Kirjastus: Sybex Inc.,U.S.
  • ISBN-10: 1119825393
  • ISBN-13: 9781119825395
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781119825395.html
Märksõnad:

Master CEH v11 and identify your weak spots

As protecting information continues to be a growing concern for today’s businesses, certifications in IT security have become highly desirable, even as the number of certifications has grown. Now you can set yourself apart with the Certified Ethical Hacker (CEH v11) certification. CEH v11 Certified Ethical Hacker Study Guide and Practice Tests Set provides you with all of the technical review you need of CEH skills PLUS SEVEN practice tests to prove your readiness for exam day.

About the CEH v11 Certified Ethical Hacker Study Guide

The CEH v11 Certified Ethical Hacker Study Guide offers a comprehensive overview of the CEH certification requirements using concise and easy-to-follow instructions. Chapters are organized by exam objective, with a handy section that maps each objective to its corresponding chapter, so you can keep track of your progress. The text provides thorough coverage of all topics, along with challenging chapter review questions and Exam Essentials, a key feature that identifies critical study areas. Subjects include common attack practices like reconnaissance and scanning. Also covered are topics like intrusion detection, DoS attacks, buffer overflows, wireless attacks, mobile attacks, Internet of Things (IoT) and more.

This study guide goes beyond test prep, providing practical hands-on exercises to reinforce vital skills and real-world scenarios that put what you’ve learned into the context of actual job roles.

  • Gain a unique certification that allows you to function like an attacker, allowing you to identify vulnerabilities so they can be remediated
  • Expand your career opportunities with an IT certificate that satisfies the Department of Defense’s 8570 Directive for Information Assurance positions
  • Fully updated for the 2020 CEH v11 exam, including the latest developments in IT security
  • Access the Sybex online learning center, with chapter review questions, TWO full-length practice exams, electronic flashcards, and a glossary of key terms

About the CEH v11 Certified Ethical Hacker Practice Tests

CEH: Certified Ethical Hacker Version 11 Practice Tests are the ideal preparation for this high-stakes exam. FIVE MORE complete, unique practice tests are designed to help you identify weak spots in your understanding, so you can direct your preparation efforts efficiently and gain the confidence—and skills—you need to pass. These tests cover all section sections of the exam blueprint, allowing you to test your knowledge of Background, Analysis/Assessment, Security, Tools/Systems/Programs, Procedures/Methodology, Regulation/Policy, and Ethics.

  • Practice all seven sections of the CEH v11 exam
  • Test your knowledge of security, tools, procedures, and regulations
  • Gauge your understanding of vulnerabilities and threats
  • Master the material well in advance of exam day
Introduction xix
Assessment Test xxvi
Chapter 1 Ethical Hacking
1(14)
Overview of Ethics
2(3)
Overview of Ethical Hacking
5(1)
Methodologies
6(4)
Cyber Kill Chain
6(2)
Attack Lifecycle
8(2)
Methodology of Ethical Hacking
10(3)
Reconnaissance and Footprinting
10(1)
Scanning and Enumeration
11(1)
Gaining Access
11(1)
Maintaining Access
12(1)
Covering Tracks
12(1)
Summary
13(2)
Chapter 2 Networking Foundations
15(42)
Communications Models
17(5)
Open Systems Interconnection
18(3)
TCP/IP Architecture
21(1)
Topologies
22(5)
Bus Network
22(1)
Star Network
23(1)
Ring Network
24(1)
Mesh Network
25(1)
Hybrid
26(1)
Physical Networking
27(2)
Addressing
27(1)
Switching
28(1)
IP
29(5)
Headers
29(2)
Addressing
31(2)
Subnets
33(1)
TCP
34(4)
UDP
38(1)
Internet Control Message Protocol
39(1)
Network Architectures
40(4)
Network Types
40(1)
Isolation
41(2)
Remote Access
43(1)
Cloud Computing
44(8)
Storage as a Service
45(1)
Infrastructure as a Service
46(2)
Platform as a Service
48(1)
Software as a Service
49(2)
Internet of Things
51(1)
Summary
52(2)
Review Questions
54(3)
Chapter 3 Security Foundations
57(40)
The Triad
59(5)
Confidentiality
59(2)
Integrity
61(1)
Availability
62(1)
Parkerian Hexad
63(1)
Risk
64(2)
Policies, Standards, and Procedures
66(3)
Security Policies
66(1)
Security Standards
67(1)
Procedures
68(1)
Guidelines
68(1)
Organizing Your Protections
69(3)
Security Technology
72(12)
Firewalls
72(5)
Intrusion Detection Systems
77(3)
Intrusion Prevention Systems
80(1)
Endpoint Detection and Response
81(2)
Security Information and Event Management
83(1)
Being Prepared
84(8)
Defense in Depth
84(2)
Defense in Breadth
86(1)
Defensible Network Architecture
87(1)
Logging
88(2)
Auditing
90(2)
Summary
92(1)
Review Questions
93(4)
Chapter 4 Footprinting and Reconnaissance
97(58)
Open Source Intelligence
99(25)
Companies
99(9)
People
108(3)
Social Networking
111(13)
Domain Name System
124(12)
Name Lookups
125(5)
Zone Transfers
130(3)
Passive DNS
133(3)
Passive Reconnaissance
136(3)
Website Intelligence
139(5)
Technology Intelligence
144(4)
Google Hacking
144(2)
Internet of Things (IoT)
146(2)
Summary
148(2)
Review Questions
150(5)
Chapter 5 Scanning Networks
155(66)
Ping Sweeps
157(4)
Using fping
157(2)
Using MegaPing
159(2)
Port Scanning
161(22)
Nmap
162(14)
masscan
176(2)
MegaPing
178(2)
Metasploit
180(3)
Vulnerability Scanning
183(20)
OpenVAS
184(12)
Nessus
196(6)
Looking for Vulnerabilities with Metasploit
202(1)
Packet Crafting and Manipulation
203(8)
hping
204(3)
packETH
207(2)
fragroute
209(2)
Evasion Techniques
211(3)
Protecting and Detecting
214(1)
Summary
215(2)
Review Questions
217(4)
Chapter 6 Enumeration
221(42)
Service Enumeration
223(3)
Remote Procedure Calls
226(6)
SunRPC
226(2)
Remote Method Invocation
228(4)
Server Message Block
232(13)
Built-in Utilities
233(4)
Nmap Scripts
237(2)
NetBIOS Enumerator
239(1)
Metasploit
240(2)
Other Utilities
242(3)
Simple Network Management Protocol
245(2)
Simple Mail Transfer Protocol
247(3)
Web-Based Enumeration
250(7)
Summary
257(2)
Review Questions
259(4)
Chapter 7 System Hacking
263(56)
Searching for Exploits
265(4)
System Compromise
269(7)
Metasploit Modules
270(4)
Exploit-DB
274(2)
Gathering Passwords
276(3)
Password Cracking
279(10)
John the Ripper
280(2)
Rainbow Tables
282(2)
Kerberoasting
284(5)
Client-Side Vulnerabilities
289(2)
Living Off the Land
291(1)
Fuzzing
292(3)
Post Exploitation
295(18)
Evasion
295(1)
Privilege Escalation
296(5)
Pivoting
301(3)
Persistence
304(3)
Covering Tracks
307(6)
Summary
313(2)
Review Questions
315(4)
Chapter 8 Malware
319(48)
Malware Types
321(7)
Virus
321(2)
Worm
323(1)
Trojan
324(1)
Botnet
324(2)
Ransomware
326(2)
Dropper
328(1)
Malware Analysis
328(21)
Static Analysis
329(11)
Dynamic Analysis
340(9)
Creating Malware
349(8)
Writing Your Own
350(3)
Using Metasploit
353(3)
Obfuscating
356(1)
Malware Infrastructure
357(2)
Antivirus Solutions
359(1)
Persistence
360(1)
Summary
361(2)
Review Questions
363(4)
Chapter 9 Sniffing
367(40)
Packet Capture
368(17)
tcpdump
369(7)
tshark
376(2)
Wireshark
378(4)
Berkeley Packet Filter
382(2)
Port Mirroring/Spanning
384(1)
Packet Analysis
385(5)
Spoofing Attacks
390(9)
ARP Spoofing
390(4)
DNS Spoofing
394(3)
sslstrip
397(1)
Spoofing Detection
398(1)
Summary
399(3)
Review Questions
402(5)
Chapter 10 Social Engineering
407(32)
Social Engineering
408(5)
Pretexting
410(2)
Social Engineering Vectors
412(1)
Physical Social Engineering
413(5)
Badge Access
413(2)
Man Traps
415(1)
Biometrics
416(1)
Phone Calls
417(1)
Baiting
418(1)
Phishing Attacks
418(4)
Website Attacks
422(5)
Cloning
423(3)
Rogue Attacks
426(1)
Wireless Social Engineering
427(3)
Automating Social Engineering
430(3)
Summary
433(2)
Review Questions
435(4)
Chapter 11 Wireless Security
439(40)
Wi-Fi
440(22)
Wi-Fi Network Types
442(3)
Wi-Fi Authentication
445(1)
Wi-Fi Encryption
446(4)
Bring Your Own Device
450(1)
Wi-Fi Attacks
451(11)
Bluetooth
462(4)
Scanning
463(2)
Bluejacking
465(1)
Bluesnarfing
466(1)
Bluebugging
466(1)
Mobile Devices
466(6)
Mobile Device Attacks
467(5)
Summary
472(2)
Review Questions
474(5)
Chapter 12 Attack and Defense
479(36)
Web Application Attacks
480(12)
XML External Entity Processing
482(1)
Cross-Site Scripting
483(2)
SQL Injection
485(2)
Command Injection
487(2)
File Traversal
489(1)
Web Application Protections
490(2)
Denial-of-Service Attacks
492(5)
Bandwidth Attacks
492(3)
Slow Attacks
495(2)
Legacy
497(1)
Application Exploitation
497(5)
Buffer Overflow
498(2)
Heap Spraying
500(1)
Application Protections and Evasions
501(1)
Lateral Movement
502(2)
Defense in Depth/Defense in Breadth
504(2)
Defensible Network Architecture
506(2)
Summary
508(2)
Review Questions
510(5)
Chapter 13 Cryptography
515(32)
Basic Encryption
517(4)
Substitution Ciphers
517(3)
Diffie-Hellman
520(1)
Symmetric Key Cryptography
521(3)
Data Encryption Standard
522(1)
Advanced Encryption Standard
523(1)
Asymmetric Key Cryptography
524(4)
Hybrid Cryptosystem
525(1)
Nonrepudiation
525(1)
Elliptic Curve Cryptography
526(2)
Certificate Authorities and Key Management
528(6)
Certificate Authority
528(3)
Trusted Third Party
531(1)
Self-Signed Certificates
532(2)
Cryptographic Hashing
534(2)
PGP and S/MIME
536(2)
Disk and File Encryption
538(3)
Summary
541(2)
Review Questions
543(4)
Chapter 14 Security Architecture and Design
547(26)
Data Classification
548(2)
Security Models
550(3)
State Machine
550(1)
Biba
551(1)
Bell-LaPadula
552(1)
Clark-Wilson Integrity Model
552(1)
Application Architecture
553(10)
n-tier Application Design
554(3)
Service-Oriented Architecture
557(2)
Cloud-Based Applications
559(2)
Database Considerations
561(2)
Security Architecture
563(4)
Summary
567(2)
Review Questions
569(4)
Chapter 15 Cloud Computing and the Internet of Things
573(44)
Cloud Computing Overview
574(12)
Cloud Services
578(5)
Shared Responsibility Model
583(2)
Public vs. Private Cloud
585(1)
Cloud Architectures and Deployment
586(12)
Responsive Design
588(1)
Cloud-Native Design
589(1)
Deployment
590(3)
Dealing with REST
593(5)
Common Cloud Threats
598(6)
Access Management
598(2)
Data Breach
600(1)
Web Application Compromise
600(2)
Credential Compromise
602(2)
Insider Threat
604(1)
Internet of Things
604(6)
Operational Technology
610(2)
Summary
612(2)
Review Questions
614(3)
Appendix: Answers to Review Questions
617(1)
Chapter 2 Networking Foundations
618(1)
Chapter 3 Security Foundations
619(3)
Chapter 4 Footprinting and Reconnaissance
622(2)
Chapter 5 Scanning Networks
624(3)
Chapter 6 Enumeration
627(2)
Chapter 7 System Hacking
629(3)
Chapter 8 Malware
632(3)
Chapter 9 Sniffing
635(1)
Chapter 10 Social Engineering
636(2)
Chapter 11 Wireless Security
638(3)
Chapter 12 Attack and Defense
641(2)
Chapter 13 Cryptography
643(2)
Chapter 14 Security Architecture and Design
645(1)
Chapter 15 Cloud Computing and the Internet of Things
646(3)
Index 649
Introduction vi
Chapter 1 Practice Test 1
1(26)
Chapter 2 Practice Test 2
27(28)
Chapter 3 Practice Test 3
55(26)
Chapter 4 Practice Test 4
81(26)
Chapter 5 Practice Test 5
107(26)
Appendix Answers to Practice Tests
133(58)
Chapter 1 Practice Test 1
134(11)
Chapter 2 Practice Test 2
145(12)
Chapter 3 Practice Test 3
157(12)
Chapter 4 Practice Test 4
169(11)
Chapter 5 Practice Test 5
180(11)
Index 191
RIC MESSIER, CEH, GCIH, GSEC, CISSP, CCSP is a consultant, educator, and author of many books on information security and digital forensics. With decades of experience in information technology and information security, Ric has held the varied roles of programmer, system administrator, network engineer, security engineering manager, VoIP engineer, consultant, and professor.