Muutke küpsiste eelistusi

E-raamat: CompTIA PenTest+ PT0-002 Cert Guide

3.00/5 (3 hinnangut Goodreads-ist)
  • Formaat: 624 pages
  • Sari: Certification Guide
  • Ilmumisaeg: 17-Dec-2021
  • Kirjastus: Pearson IT Certification
  • Keel: eng
  • ISBN-13: 9780137566174
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 46,79 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
CompTIA PenTest+ PT0-002 Cert GuideSuurem pilt
  • Formaat: 624 pages
  • Sari: Certification Guide
  • Ilmumisaeg: 17-Dec-2021
  • Kirjastus: Pearson IT Certification
  • Keel: eng
  • ISBN-13: 9780137566174
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Trust the best-selling Cert Guide series from Pearson IT Certification to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.


CompTIA PenTest+ PT0-002 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Do I Know This Already? quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.



CompTIA PenTest+ PT0-002 Cert Guide focuses specifically on the objectives for the CompTIA PenTest+ PT0-002 exam. Leading security expert Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.


This complete study package includes


  • A test-preparation routine proven to help you pass the exams
  • Do I Know This Already? quizzes, which allow you to decide how much time you need to spend on each section
  • Chapter-ending exercises, which help you drill on key concepts you must know thoroughly
  • An online interactive Flash Cards application to help you drill on Key Terms by chapter
  • A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
  • Study plan suggestions and templates to help you organize and optimize your study time


The companion website contains the powerful Pearson Test Prep practice test software complete with two complete practice exams. 


Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.


This study guide helps you master all the topics on the CompTIA PenTest+ PT0-002 exam, including


  • Planning and Scoping a Penetration Testing Assessment
  • Information Gathering and Vulnerability Identification
  • Social Engineering Attacks and Physical Security Vulnerabilities
  • Exploiting Wired and Wireless Networks
  • Exploiting Application-Based Vulnerabilities
  • Cloud, Mobile, and IoT Security
  • Performing Post-Exploitation Techniques
  • Reporting and Communication
  • Tools and Code Analysis


Includes Exclusive Offers For Up to 80% Off Practice Tests


Pearson Test Prep online system requirements:


Browsers: Chrome version 73 and above, Safari version 12 and above, Microsoft Edge 44 and above.


Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7”. Internet access required.



Pearson Test Prep offline system requirements:


Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases


Also available from Pearson IT Certification for CompTIA PenTest+ PT0-002 study is the CompTIA PenTest+ PT0-002 Cert Guide Premium Edition eBook and Practice Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Tests.


This integrated learning package


  • Enables you to focus on individual topic areas or take complete, timed exams
  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
  • Provides unique sets of exam-realistic practice questions
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Introduction xxix
Chapter 1 Introduction to Ethical Hacking and Penetration Testing 3(20)
"Do I Know This Already?" Quiz
3(4)
Foundation Topics
7(1)
Understanding Ethical Hacking and Penetration Testing
7(2)
Why Do We Need to Do Penetration Testing?
8(1)
Threat Actors
8(1)
Exploring Penetration Testing Methodologies
9(6)
Why Do We Need to Follow a Methodology for Penetration Testing?
9(1)
Environmental Considerations
9(4)
Surveying Different Standards and Methodologies
13(2)
Building Your Own Lab
15(5)
Requirements and Guidelines for Penetration Testing Labs
17(1)
What Tools Should You Use in Your Lab?
18(1)
What if You Break Something?
19(1)
Exam Preparation Tasks
20(1)
Review All Key Topics
20(1)
Define Key Terms
20(1)
Q&A
20(3)
Chapter 2 Planning and Scoping a Penetration Testing Assessment 23(32)
"Do I Know This Already?" Quiz
23(3)
Foundation Topics
26(1)
Comparing and Contrasting Governance, Risk, and Compliance Concepts
26(13)
Regulatory Compliance Considerations
26(2)
Regulations in the Financial Sector
28(2)
Regulations in the Healthcare Sector
30(1)
Payment Card Industry Data Security Standard (PCI DSS)
31(3)
Key Technical Elements in Regulations You Should Consider
34(1)
Local Restrictions
35(1)
Legal Concepts
36(2)
Contracts
38(1)
Disclaimers
39(1)
Explaining the Importance of Scoping and Organizational or Customer Requirements
39(9)
Rules of Engagement
40(1)
Target List and In-Scope Assets
41(2)
Validating the Scope of Engagement
43(4)
Strategy: Unknown vs. Known Environment Testing
47(1)
Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity
48(2)
Exam Preparation Tasks
50(1)
Review All Key Topics
50(1)
Define Key Terms
51(1)
Q&A
51(4)
Chapter 3 Information Gathering and Vulnerability Scanning 55(90)
"Do I Know This Already?" Quiz
55(4)
Foundation Topics
59(1)
Performing Passive Reconnaissance
59(34)
Active Reconnaissance vs. Passive Reconnaissance
59(1)
DNS Lookups
60(4)
Identification of Technical and Administrative Contacts
64(4)
Cloud vs. Self-Hosted Applications and Related Subdomains
68(1)
Social Media Scraping
69(1)
Cryptographic Flaws
70(2)
Company Reputation and Security Posture
72(1)
Password Dumps
73(3)
File Metadata
76(4)
Strategic Search Engine Analysis/Enumeration
80(2)
Website Archiving/Caching
82(1)
Public Source Code Repositories
83(1)
Open-Source Intelligence (OSINT) Gathering
84(1)
Reconnaissance with Recon-ng
84(7)
Shodan
91(2)
Performing Active Reconnaissance
93(32)
Nmap Scan Types
94(1)
TCP Connect Scan (-s7)
95(1)
UDP Scan (-sU)
96(2)
TCP FIN Scan (-sF)
98(1)
Host Discovery Scan (-sn)
99(2)
Timing Options (-T 0-5)
101(1)
Types of Enumeration
101(1)
Host Enumeration
102(1)
User Enumeration
102(2)
Group Enumeration
104(1)
Network Share Enumeration
105(2)
Additional SMB Enumeration Examples
107(9)
Web Page Enumeration/Web Application Enumeration
116(3)
Service Enumeration
119(1)
Exploring Enumeration via Packet Crafting
119(6)
Packet Inspection and Eavesdropping
125(1)
Understanding the Art of Performing Vulnerability Scans
125(11)
How a Typical Automated Vulnerability Scanner Works
125(1)
Types of Vulnerability Scans
126(1)
Unauthenticated Scans
127(1)
Authenticated Scans
127(2)
Discovery Scans
129(1)
Full Scans
130(2)
Stealth Scans
132(1)
Compliance Scans
132(1)
Challenges to Consider When Running a Vulnerability Scan
133(1)
Considering the Best Time to Run a Scan
134(1)
Determining What Protocols Are in Use
134(1)
Network Topology
134(1)
Bandwidth Limitations
135(1)
Query Throttling
135(1)
Fragile Systems/Nontraditional Assets
135(1)
Understanding How to Analyze Vulnerability Scan Results
136(5)
Sources for Further Investigation of Vulnerabilities
137(1)
US-CERT
137(1)
The CERT Division of Carnegie Mellon University
138(1)
NIST
138(1)
JPCERT
138(1)
CAPEC
139(1)
CVE
139(1)
CWE
139(1)
The Common Vulnerability Scoring System (CUSS)
139(1)
How to Deal with a Vulnerability
140(1)
Exam Preparation Tasks
141(1)
Review All Key Topics
142(1)
Define Key Terms
142(1)
Q&A
143(2)
Chapter 4 Social Engineering Attacks 145(30)
"Do I Know This Already?" Quiz
145(4)
Foundation Topics
149(1)
Pretexting for an Approach and Impersonation
149(2)
Social Engineering Attacks
151(4)
Email Phishing
152(1)
Spear Phishing
152(1)
Whaling
153(1)
Vishing
153(1)
Short Message Service (SMS) Phishing
154(1)
Universal Serial Bus (USB) Drop Key
154(1)
Watering Hole Attacks
155(1)
Physical Attacks
155(2)
Tailgating
156(1)
Dumpster Diving
156(1)
Shoulder Surfing
156(1)
Badge Cloning
157(1)
Social Engineering Tools
157(13)
Social-Engineer Toolkit (SET)
157(10)
Browser Exploitation Framework (BeEF)
167(2)
Call Spoofing Tools
169(1)
Methods of Influence
170(1)
Exam Preparation Tasks
171(1)
Review All Key Topics
171(1)
Define Key Terms
172(1)
Q&A
172(3)
Chapter 5 Exploiting Wired and Wireless Networks 175(62)
"Do I Know This Already?" Quiz
175(5)
Foundation Topics
180(1)
Exploiting Network-Based Vulnerabilities
180(36)
Windows Name Resolution and SMB Attacks
180(1)
NetBIOS Name Service and LLMNR
180(2)
SMB Exploits
182(5)
DNS Cache Poisoning
187(2)
SNMP Exploits
189(2)
SMTP Exploits
191(1)
SMTP Open Relays
191(1)
Useful SMTP Commands
192(3)
Known SMTP Server Exploits
195(2)
FIT Exploits
197(2)
Pass-the-Hash Attacks
199(1)
Kerberos and LDAP-Based Attacks
200(4)
Kerberoasting
204(1)
On-Path Attacks
204(1)
ARP Spoofing and ARP Cache Poisoning
204(2)
Downgrade Attacks
206(1)
Route Manipulation Attacks
207(1)
DoS and DDoS Attacks
207(1)
Direct DoS Attacks
208(1)
Reflected DoS and DDoS Attacks
209(1)
Amplification DDoS Attacks
210(1)
Network Access Control (NAC) Bypass
211(2)
VLAN Hopping
213(2)
DHCP Starvation Attacks and Rogue DHCP Servers
215(1)
Exploiting Wireless Vulnerabilities
216(18)
Rogue Access Points
216(1)
Evil Twin Attacks
217(1)
Disassociation (or Deauthentication) Attacks
218(3)
Preferred Network List Attacks
221(1)
Wireless Signal Jamming and Interference
221(1)
War Driving
222(1)
Initialization Vector (IV) Attacks and Unsecured Wireless Protocols
222(1)
Attacks Against WEP
222(2)
Attacks Against WPA
224(4)
KRACK Attacks
228(1)
WPA3 Vulnerabilities
229(1)
Wi-Fi Protected Setup (WPS) PIN Attacks
229(1)
KARMA Attacks
229(1)
Fragmentation Attacks
230(1)
Credential Harvesting
231(1)
Bluejacking and Bluesnarfing
231(1)
Bluetooth Low Energy (BLE) Attacks
232(1)
Radio-Frequency Identification (RFID) Attacks
232(1)
Password Spraying
233(1)
Exploit Chaining
233(1)
Exam Preparation Tasks
234(1)
Review All Key Topics
234(1)
Define Key Terms
235(1)
Q&A
235(2)
Chapter 6 Exploiting Application-Based Vulnerabilities 237(68)
"Do I Know This Already?" Quiz
237(7)
Foundation Topics
244(1)
Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10
244(11)
The HTTP Protocol
244(8)
Web Sessions
252(3)
OWASP Top 10
255(1)
How to Build Your Own Web Application Lab
255(1)
Understanding Business Logic Flaws
256(1)
Understanding Injection-Based Vulnerabilities
257(16)
SQL Injection Vulnerabilities
258(1)
A Brief Introduction to SQL
258(4)
SQL Injection Categories
262(2)
Database Fingerprinting
264(1)
The UNION Exploitation Technique
265(1)
Boolean in SQL Injection Attacks
266(1)
Out-of-Band Exploitation
267(1)
Stacked Queries
268(1)
The Time-Delay SQL Injection Technique
269(1)
Surveying a Stored Procedure SQL Injection
269(1)
SQL Injection Mitigations
270(1)
Command Injection Vulnerabilities
271(1)
Lightweight Directory Access Protocol (LDAP) Injection Vulnerabilities
272(1)
Exploiting Authentication-Based Vulnerabilities
273(6)
Session Hijacking
273(4)
Redirect Attacks
277(1)
Default Credentials
278(1)
Kerberos Vulnerabilities
278(1)
Exploiting Authorization-Based Vulnerabilities
279(2)
Parameter Pollution
279(1)
Insecure Direct Object Reference Vulnerabilities
280(1)
Understanding Cross-Site Scripting (XSS) Vulnerabilities
281(7)
Reflected XSS Attacks
282(1)
Stored XSS Attacks
283(2)
XSS Evasion Techniques
285(1)
XSS Mitigations
286(2)
Understanding Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery Attacks
288(1)
Understanding Clickjacking
289(1)
Exploiting Security Misconfigurations
289(3)
Exploiting Directory Traversal Vulnerabilities
290(1)
Cookie Manipulation Attacks
291(1)
Exploiting File Inclusion Vulnerabilities
292(1)
Local File Inclusion Vulnerabilities
292(1)
Remote File Inclusion Vulnerabilities
292(1)
Exploiting Insecure Code Practices
293(8)
Comments in Source Code
293(1)
Lack of Error Handling and Overly Verbose Error Handling
294(1)
Hard-Coded Credentials
294(1)
Race Conditions
294(1)
Unprotected APIs
295(3)
Hidden Elements
298(1)
Lack of Code Signing
298(1)
Additional Web Application Hacking Tools
298(3)
Exam Preparation Tasks
301(1)
Review All Key Topics
301(1)
Define Key Terms
302(1)
Q&A
303(2)
Chapter 7 Cloud, Mobile, and loT Security 305(36)
"Do I Know This Already?" Quiz
305(4)
Foundation Topics
309(1)
Researching Attack Vectors and Performing Attacks on Cloud Technologies
309(15)
Credential Harvesting
311(6)
Privilege Escalation
317(1)
Account Takeover
318(1)
Metadata Service Attacks
319(1)
Attacks Against Misconfigured Cloud Assets
320(1)
Resource Exhaustion and DoS Attacks
321(2)
Cloud Malware Injection Attacks
323(1)
Side-Channel Attacks
323(1)
Tools and Software Development Kits (SDKs)
323(1)
Explaining Common Attacks and Vulnerabilities Against Specialized Systems
324(12)
Attacking Mobile Devices
324(4)
Attacking Internet of Things (IoT) Devices
328(1)
Analyzing IoT Protocols
328(1)
IoT Security Special Considerations
329(1)
Common IoT Vulnerabilities
330(1)
Data Storage System Vulnerabilities
330(2)
Management Interface Vulnerabilities
332(1)
Exploiting Virtual Machines
332(2)
Vulnerabilities Related to Containerized Workloads
334(2)
Exam Preparation Tasks
336(1)
Review All Key Topics
337(1)
Define Key Terms
337(1)
Q&A
338(3)
Chapter 8 Performing Post-Exploitation Techniques 341(34)
"Do I Know This Already?" Quiz
341(4)
Foundation Topics
345(1)
Creating a Foothold and Maintaining Persistence After Compromising a System
345(10)
Reverse and Bind Shells
346(6)
Command and Control (C2) Utilities
352(2)
Scheduled Jobs and Tasks
354(1)
Custom Daemons, Processes, and Additional Backdoors
355(1)
New Users
355(1)
Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration
355(16)
Post-Exploitation Scanning
356(2)
Legitimate Utilities and Living Off the Land
358(1)
PowerShell for Post-Exploitation Tasks
359(1)
PowerSploit and Empire
360(4)
BloodHound
364(1)
Windows Management Instrumentation for Post-Exploitation Tasks
364(1)
Sysinternals and PsExec
364(2)
Windows Remote Management (WinRM) for Post-Exploitation Tasks
366(1)
Post-Exploitation Privilege Escalation
366(1)
How to Cover Your Tracks
367(1)
Steganography
368(3)
Exam Preparation Tasks
371(1)
Review All Key Topics
371(1)
Define Key Terms
372(1)
Q&A
372(3)
Chapter 9 Reporting and Communication 375(24)
"Do I Know This Already?" Quiz
375(4)
Foundation Topics
379(1)
Comparing and Contrasting Important Components of Written Reports
379(6)
Report Contents
380(2)
Storage Time for Report and Secure Distribution
382(1)
Note Taking
383(1)
Common Themes/Root Causes
384(1)
Analyzing the Findings and Recommending the Appropriate Remediation Within a Report
385(5)
Technical Controls
385(3)
Administrative Controls
388(1)
Operational Controls
389(1)
Physical Controls
390(1)
Explaining the Importance of Communication During the Penetration Testing Process
390(3)
Communication Triggers
391(1)
Reasons for Communication
391(1)
Goal Reprioritization and Presentation of Findings
392(1)
Explaining Post-Report Delivery Activities
393(2)
Post-Engagement Cleanup
393(1)
Additional Post-Report Delivery Activities
394(1)
Exam Preparation Tasks
395(1)
Review All Key Topics
395(1)
Define Key Terms
395(1)
Q&A
396(3)
Chapter 10 Tools and Code Analysis 399(114)
"Do I Know This Already?" Quiz
399(4)
Foundation Topics
403(1)
Understanding the Basic Concepts of Scripting and Software Development
403(6)
Logic Constructs
403(1)
Data Structures
404(1)
Libraries
405(1)
Procedures
405(1)
Functions
405(1)
Classes
406(1)
Analysis of Scripts and Code Samples for Use in Penetration Testing
406(1)
The Bash Shell
406(1)
Resources to Learn Python
407(1)
Resources to Learn Ruby
407(1)
Resources to Learn PowerShell
408(1)
Resources to Learn Perl
408(1)
Resources to Learn JavaScript
408(1)
Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code
409(96)
Penetration Testing-Focused Linux Distributions
409(1)
Kali Linux
410(1)
Parrot OS
411(1)
BlackArch Linux
411(2)
Common Tools for Reconnaissance and Enumeration
413(1)
Tools for Passive Reconnaissance
413(20)
Tools for Active Reconnaissance
433(10)
Common Tools for Vulnerability Scanning
443(20)
Common Tools for Credential Attacks
463(1)
John the Ripper
464(4)
Cain
468(1)
Hashcat
469(2)
Hydra
471(2)
RainbowCrack
473(1)
Medusa and Ncrack
474(1)
CeWL
474(1)
Mimikatz
475(1)
Patator
476(1)
Common Tools for Persistence
477(1)
Common Tools for Evasion
478(1)
Veil
478(4)
Tor
482(1)
Proxychains
483(1)
Encryption
483(1)
Encapsulation and Tunneling Using DNS and Protocols Such as NTP
484(2)
Exploitation Frameworks
486(1)
Metaspkit
486(7)
BeEF
493(1)
Common Decompilation, Disassembly, and Debugging Tools
494(1)
The GNU Project Debugger (GDB)
494(2)
Windows Debugger
496(1)
011yDbg
496(1)
edb Debugger
497(1)
Immunity Debugger
498(1)
IDA
498(2)
Odump
500(1)
Common Tools for Forensics
501(1)
Common Tools for Software Assurance
502(1)
SpotBugs, Findsecbugs, and SonarQube
502(1)
Fuzzers and Fuzz Testing
503(1)
Peach
503(1)
Mutiny Fuzzing Framework
503(1)
American Fuzzy Lop
503(1)
Wireless Tools
504(1)
Steganography Tools
504(1)
Cloud Tools
505(1)
Exam Preparation Tasks
505(3)
Review All Key Topics
506(2)
Define Key Terms
508(1)
Q&A
508(5)
Chapter 11 Final Preparation 513(6)
Tools for Final Preparation
513(4)
Pearson Test Prep Practice Test Engine
513(1)
Accessing the Pearson Test Prep Software Online
514(1)
Accessing the Pearson Test Prep Software Offline
514(1)
Customizing Your Exams
515(1)
Updating Your Exams
516(1)
Premium Edition
516(1)
Chapter-Ending Review Tools
517 (1)
Suggested Plan for Final Review/Study
517 (1)
Summary
518(1)
Glossary of Key Terms 519(18)
Appendix A Answers to the "Do I Know This Already?" Quizzes and Q&A Sections 537(22)
Appendix B CompTIA® PenTest+ PTO-002 Cert Guide Exam Updates 559(2)
Index 561
Online Elements:
Appendix C Study Planner
Glossary of Key Terms
Omar Santos is an active member of the cybersecurity community who leads several industry-wide initiatives. He is a best-selling author and trainer. Omar is the author of more than 20 books and video courses, as well as numerous whitepapers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), Security Research and Operations, where he mentors and leads engineers and incident managers during the investigation and resolution of cybersecurity vulnerabilities.

Omar co-leads the DEF CON Red Team Village, is the chair of the OASIS Common Security Advisory Framework (CSAF) technical committee, is the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group, and has been the chair of several initiatives in the Industry Consortium for Advancement of Security on the Internet (ICASI). His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures. You can find additional information about Omars current projects at h4cker.org and can follow Omar on Twitter @santosomar.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97801375661746e.html
Märksõnad: