Muutke küpsiste eelistusi

E-raamat: CompTIA PenTestplus Study Guide - Exam PT0-001: Exam PT0-001 [Wiley Online]

(University of Notre Dame),
  • Formaat: 544 pages
  • Ilmumisaeg: 27-Nov-2018
  • Kirjastus: Sybex Inc.,U.S.
  • ISBN-10: 1119549426
  • ISBN-13: 9781119549420
Teised raamatud teemal:
  • Wiley Online
  • Hind: 63,44 €*
  • * hind, mis tagab piiramatu üheaegsete kasutajate arvuga ligipääsu piiramatuks ajaks
CompTIA PenTestplus Study Guide - Exam PT0-001: Exam PT0-001Suurem pilt
  • Formaat: 544 pages
  • Ilmumisaeg: 27-Nov-2018
  • Kirjastus: Sybex Inc.,U.S.
  • ISBN-10: 1119549426
  • ISBN-13: 9781119549420
Teised raamatud teemal:
Wiley Online e-raamatudRohkem infot Wiley Online kohta
Raamatu kodulehekülg: https://onlinelibrary.wiley.com/doi/book/10.1002/9781119549420

World-class preparation for the new PenTest+ exam

The CompTIA PenTest+ Study Guide: Exam PT0-001 offers comprehensive preparation for the newest intermediate cybersecurity certification exam. With expert coverage of Exam PT0-001 objectives, this book is your ideal companion throughout all stages of study; whether you’re just embarking on your certification journey or finalizing preparations for the big day, this invaluable resource helps you solidify your understanding of essential skills and concepts. Access to the Sybex online learning environment allows you to study anytime, anywhere with electronic flashcards, a searchable glossary, and more, while hundreds of practice exam questions help you step up your preparations and avoid surprises on exam day.

The CompTIA PenTest+ certification validates your skills and knowledge surrounding second-generation penetration testing, vulnerability assessment, and vulnerability management on a variety of systems and devices, making it the latest go-to qualification in an increasingly mobile world. This book contains everything you need to prepare; identify what you already know, learn what you don’t know, and face the exam with full confidence!

  • Perform security assessments on desktops and mobile devices, as well as cloud, IoT, industrial and embedded systems 
  • Identify security weaknesses and manage system vulnerabilities
  • Ensure that existing cybersecurity practices, configurations, and policies conform with current best practices
  • Simulate cyberattacks to pinpoint security weaknesses in operating systems, networks, and applications

As our information technology advances, so do the threats against it. It’s an arms race for complexity and sophistication, and the expansion of networked devices and the Internet of Things has integrated cybersecurity into nearly every aspect of our lives. The PenTest+ certification equips you with the skills you need to identify potential problems—and fix them—and the CompTIA PenTest+ Study Guide: Exam PT0-001 is the central component of a complete preparation plan. 

Introduction xxv
Assessment Test lvi
Chapter 1 Penetration Testing 1(30)
What Is Penetration Testing?
2(3)
Cybersecurity Goals
2(2)
Adopting the Hacker Mind-Set
4(1)
Reasons for Penetration Testing
5(3)
Benefits of Penetration Testing
5(1)
Regulatory Requirements for Penetration Testing
6(2)
Who Performs Penetration Tests?
8(2)
Internal Penetration Testing Teams
8(1)
External Penetration Testing Teams
9(1)
Selecting Penetration Testing Teams
9(1)
The CompTIA Penetration Testing Process
10(3)
Planning and Scoping
11(1)
Information Gathering and Vulnerability Identification
11(1)
Attacking and Exploiting
12(1)
Reporting and Communicating Results
13(1)
The Cyber Kill Chain
13(4)
Reconnaissance
15(1)
Weaponization
15(1)
Delivery
16(1)
Exploitation
16(1)
Installation
16(1)
Command and Control
16(1)
Actions on Objectives
17(1)
Tools of the Trade
17(6)
Reconnaissance
19(1)
Vulnerability Scanners
20(1)
Social Engineering
21(1)
Credential-Testing Tools
21(1)
Debuggers
21(1)
Software Assurance
22(1)
Network Testing
22(1)
Remote Access
23(1)
Exploitation
23(1)
Summary
23(1)
Exam Essentials
24(1)
Lab Exercises
25(1)
Activity 1.1: Adopting the Hacker Mind-Set
25(1)
Activity 1.2: Using the Cyber Kill Chain
25(1)
Review Questions
26(5)
Chapter 2 Planning and Scoping Penetration Tests 31(26)
Scoping and Planning Engagements
35(10)
Assessment Types
36(1)
White Box, Black Box, or Gray Box?
36(2)
The Rules of Engagement
38(2)
Scoping Considerations: A Deeper Dive
40(2)
Support Resources for Penetration Tests
42(3)
Key Legal Concepts for Penetration Tests
45(3)
Contracts
45(1)
Data Ownership and Retention
46(1)
Authorization
46(1)
Environmental Differences
46(2)
Understanding Compliance-Based Assessments
48(2)
Summary
50(1)
Exam Essentials
51(1)
Lab Exercises
52(1)
Review Questions
53(4)
Chapter 3 Information Gathering 57(42)
Footprinting and Enumeration
60(14)
OSINT
61(3)
Location and Organizational Data
64(3)
Infrastructure and Networks
67(5)
Security Search Engines
72(2)
Active Reconnaissance and Enumeration
74(15)
Hosts
75(1)
Services
75(6)
Networks, Topologies, and Network Traffic
81(2)
Packet Crafting and Inspection
83(1)
Enumeration
84(4)
Information Gathering and Code
88(1)
Information Gathering and Defenses
89(1)
Defenses Against Active Reconnaissance
90(1)
Preventing Passive Information Gathering
90(1)
Summary
90(1)
Exam Essentials
91(1)
Lab Exercises
92(2)
Activity 3.1: Manual OSINT Gathering
92(1)
Activity 3.2: Exploring Shodan
93(1)
Activity 3.3: Running a Nessus Scan
93(1)
Review Questions
94(5)
Chapter 4 Vulnerability Scanning 99(38)
Identifying Vulnerability Management Requirements
102(7)
Regulatory Environment
102(4)
Corporate Policy
106(1)
Support for Penetration Testing
106(1)
Identifying Scan Targets
106(1)
Determining Scan Frequency
107(2)
Configuring and Executing Vulnerability Scans
109(10)
Scoping Vulnerability Scans
110(1)
Configuring Vulnerability Scans
111(6)
Scanner Maintenance
117(2)
Software Security Testing
119(6)
Analyzing and Testing Code
120(1)
Web Application Vulnerability Scanning
121(4)
Developing a Remediation Workflow
125(2)
Prioritizing Remediation
126(1)
Testing and Implementing Fixes
127(1)
Overcoming Barriers to Vulnerability Scanning
127(2)
Summary
129(1)
Exam Essentials
129(1)
Lab Exercises
130(2)
Activity 4.1: Installing a Vulnerability Scanner
130(1)
Activity 4.2: Running a Vulnerability Scan
130(1)
Activity 4.3: Developing a Penetration Test Vulnerability Scanning Plan
131(1)
Review Questions
132(5)
Chapter 5 Analyzing Vulnerability Scans 137(44)
Reviewing and Interpreting Scan Reports
138(9)
Understanding CVSS
142(5)
Validating Scan Results
147(3)
False Positives
147(1)
Documented Exceptions
147(1)
Understanding Informational Results
148(1)
Reconciling Scan Results with Other Data Sources
149(1)
Trend Analysis
149(1)
Common Vulnerabilities
150(22)
Server and Endpoint Vulnerabilities
151(10)
Network Vulnerabilities
161(6)
Virtualization Vulnerabilities
167(2)
Internet of Things (IoT)
169(1)
Web Application Vulnerabilities
170(2)
Summary
172(1)
Exam Essentials
173(1)
Lab Exercises
174(2)
Activity 5.1: Interpreting a Vulnerability Scan
174(1)
Activity 5.2: Analyzing a CVSS Vector
174(1)
Activity 5.3: Developing a Penetration Testing Plan
175(1)
Review Questions
176(5)
Chapter 6 Exploit and Pivot 181(42)
Exploits and Attacks
184(7)
Choosing Targets
184(1)
Identifying the Right Exploit
185(3)
Exploit Resources
188(1)
Developing Exploits
189(2)
Exploitation Toolkits
191(8)
Metasploit
192(6)
PowerSploit
198(1)
Exploit Specifics
199(5)
RPC/DCOM
199(1)
PsExec
199(1)
PS Remoting/WinRM
199(1)
WMI
200(1)
Scheduled Tasks and cron Jobs
200(1)
SMB
201(1)
RDP
202(1)
Apple Remote Desktop
203(1)
VNC
203(1)
X-Server Forwarding
203(1)
Telnet
203(1)
SSH
204(1)
Leveraging Exploits
204(5)
Common Post-Exploit Attacks
204(3)
Privilege Escalation
207(1)
Social Engineering
208(1)
Persistence and Evasion
209(2)
Scheduled Jobs and Scheduled Tasks
209(1)
Inetd Modification
210(1)
Daemons and Services
210(1)
Back Doors and Trojans
210(1)
New Users
211(1)
Pivoting
211(1)
Covering Your Tracks
212(1)
Summary
213(1)
Exam Essentials
214(1)
Lab Exercises
215(2)
Activity 6.1: Exploit
215(1)
Activity 6.2: Discovery
215(1)
Activity 6.3: Pivot
216(1)
Review Questions
217(6)
Chapter 7 Exploiting Network Vulnerabilities 223(36)
Conducting Network Exploits
226(10)
VLAN Hopping
226(2)
Network Proxies
228(1)
DNS Cache Poisoning
228(1)
Man-in-the-Middle
229(4)
NAC Bypass
233(1)
DoS Attacks and Stress Testing
234(2)
Exploiting Windows Services
236(4)
NetBIOS Name Resolution Exploits
236(4)
SMB Exploits
240(1)
Exploiting Common Services
240(5)
SNMP Exploits
241(1)
SMTP Exploits
242(1)
FTP Exploits
243(1)
Samba Exploits
244(1)
Wireless Exploits
245(5)
Evil Twins and Wireless MITM
245(2)
Other Wireless Protocols and Systems
247(1)
RFID Cloning
248(1)
Jamming
249(1)
Repeating
249(1)
Summary
250(1)
Exam Essentials
251(1)
Lab Exercises
251(3)
Activity 7.1: Capturing Hashes
251(1)
Activity 7.2: Brute-Forcing Services
252(1)
Activity 7.3: Wireless Testing
253(1)
Review Questions
254(5)
Chapter 8 Exploiting Physical and Social Vulnerabilities 259(24)
Physical Facility Penetration Testing
262(4)
Entering Facilities
262(4)
Information Gathering
266(1)
Social Engineering
266(7)
In-Person Social Engineering
267(2)
Phishing Attacks
269(1)
Website-Based Attacks
270(1)
Using Social Engineering Tools
270(3)
Summary
273(1)
Exam Essentials
274(1)
Lab Exercises
275(3)
Activity 8.1: Designing a Physical Penetration Test
275(1)
Activity 8.2: Brute-Forcing Services
276(1)
Activity 8.3: Using BeEF
276(2)
Review Questions
278(5)
Chapter 9 Exploiting Application Vulnerabilities 283(38)
Exploiting Injection Vulnerabilities
287(6)
Input Validation
287(1)
Web Application Firewalls
288(1)
SQL Injection Attacks
289(3)
Code Injection Attacks
292(1)
Command Injection Attacks
293(1)
Exploiting Authentication Vulnerabilities
293(6)
Password Authentication
294(1)
Session Attacks
295(3)
Kerberos Exploits
298(1)
Exploiting Authorization Vulnerabilities
299(3)
Insecure Direct Object References
299(1)
Directory Traversal
300(1)
File Inclusion
301(1)
Exploiting Web Application Vulnerabilities
302(4)
Cross-Site Scripting (XSS)
302(3)
Cross-Site Request Forgery (CSRF/XSRF)
305(1)
Clickjacking
305(1)
Unsecure Coding Practices
306(2)
Source Code Comments
306(1)
Error Handling
306(1)
Hard-Coded Credentials
307(1)
Race Conditions
308(1)
Unprotected APIs
308(1)
Unsigned Code
308(1)
Application Testing Tools
308(5)
Static Application Security Testing (SAST)
309(1)
Dynamic Application Security Testing (DAST)
310(3)
Mobile Tools
313(1)
Summary
313(1)
Exam Essentials
313(1)
Lab Exercises
314(2)
Activity 9.1: Application Security Testing Techniques
314(1)
Activity 9.2: Using the ZAP Proxy
314(1)
Activity 9.3: Creating a Cross-Site Scripting Vulnerability
315(1)
Review Questions
316(5)
Chapter 10 Exploiting Host Vulnerabilities 321(42)
Attacking Hosts
325(15)
Linux
325(6)
Windows
331(7)
Cross-Platform Exploits
338(2)
Remote Access
340(2)
SSH
340(1)
NETCAT and Ncat
341(1)
Proxies and Proxychains
341(1)
Metasploit and Remote Access
342(1)
Attacking Virtual Machines and Containers
342(3)
Virtual Machine Attacks
343(1)
Container Attacks
344(1)
Physical Device Security
345(2)
Cold-Boot Attacks
345(1)
Serial Consoles
345(1)
JTAG Debug Pins and Ports
346(1)
Attacking Mobile Devices
347(1)
Credential Attacks
348(4)
Credential Acquisition
348(1)
Offline Password Cracking
349(1)
Credential Testing and Brute-Forcing Tools
350(1)
Wordlists and Dictionaries
351(1)
Summary
352(1)
Exam Essentials
353(1)
Lab Exercises
354(4)
Activity 10.1: Dumping and Cracking the Windows SAM and Other Credentials
354(1)
Activity 10.2: Cracking Passwords Using Hashcat
355(1)
Activity 10.3: Setting Up a Reverse Shell and a Bind Shell
356(2)
Review Questions
358(5)
Chapter 11 Scripting for Penetration Testing 363(42)
Scripting and Penetration Testing
364(4)
Bash
365(1)
PowerShell
366(1)
Ruby
367(1)
Python
368(1)
Variables, Arrays, and Substitutions
368(4)
Bash
370(1)
PowerShell
371(1)
Ruby
371(1)
Python
372(1)
Comparison Operations
372(1)
String Operations
373(5)
Bash
375(1)
PowerShell
376(1)
Ruby
377(1)
Python
378(1)
Flow Control
378(16)
Conditional Execution
379(5)
For Loops
384(5)
While Loops
389(5)
Input and Output (I/O)
394(1)
Redirecting Standard Input and Output
394(1)
Error Handling
395(2)
Bash
395(1)
PowerShell
396(1)
Ruby
396(1)
Python
396(1)
Summary
397(1)
Exam Essentials
397(1)
Lab Exercises
398(1)
Activity 11.1: Reverse DNS Lookups
398(1)
Activity 11.2: Nmap Scan
398(1)
Review Questions
399(6)
Chapter 12 Reporting and Communication 405(20)
The Importance of Communication
408(1)
Defining a Communication Path
408(1)
Communication Triggers
408(1)
Goal Reprioritization
409(1)
Recommending Mitigation Strategies
409(6)
Finding: Shared Local Administrator Credentials
411(1)
Finding: Weak Password Complexity
411(2)
Finding: Plain Text Passwords
413(1)
Finding: No Multifactor Authentication
413(1)
Finding: SQL Injection
414(1)
Finding: Unnecessary Open Services
415(1)
Writing a Penetration Testing Report
415(3)
Structuring the Written Report
415(2)
Secure Handling and Disposition of Reports
417(1)
Wrapping Up the Engagement
418(2)
Post-Engagement Cleanup
418(1)
Client Acceptance
419(1)
Lessons Learned
419(1)
Follow-Up Actions/Retesting
419(1)
Attestation of Findings
419(1)
Summary
420(1)
Exam Essentials
420(1)
Lab Exercises
421(1)
Activity 12.1: Remediation Strategies
421(1)
Activity 12.2: Report Writing
421(1)
Review Questions
422(3)
Appendix Answers to Review Questions 425(22)
Chapter 1: Penetration Testing
426(1)
Chapter 2: Planning and Scoping Penetration Tests
427(2)
Chapter 3: Information Gathering
429(2)
Chapter 4: Vulnerability Scanning
431(2)
Chapter 5: Analyzing Vulnerability Scans
433(1)
Chapter 6: Exploit and Pivot
434(2)
Chapter 7: Exploiting Network Vulnerabilities
436(2)
Chapter 8: Exploiting Physical and Social Vulnerabilities
438(2)
Chapter 9: Exploiting Application Vulnerabilities
440(2)
Chapter 10: Exploiting Host Vulnerabilities
442(2)
Chapter 11: Script for Penetration Testing
444(1)
Chapter 12: Reporting and Communication
445(2)
Index 447
MIKE CHAPPLE, PHD, CISSP, PenTest+, is Associate Teaching Professor of IT, Analytics, and Operations at the University of Notre Dame. He's a cybersecurity professional and educator with over 20 years of experience, and provides cybersecurity certification resources at his website, CertMike.com. DAVID SEIDL, CISSP, CySA+, Pentest+, GPEN, GCIH is Senior Director for Campus Technology Services at the University of Notre Dame. A former Director of Information Security, he is now responsible for cloud operations, middleware, enterprise operating systems, applications, and identity and access management.
Püsilink: https://www.kriso.ee/db/9781119549420_pe.html
Märksõnad: