Klientų aptarnavimas: +370 652 87781

Pagalba | Naujas vartotojas | Prisijungti

El. knyga: CompTIA PenTest+ Certification Bundle (Exam PT0-001)

5.00/5 (2 ratings by Goodreads)

Jonathan Ammerman, Raymond Nutting

Formatas: PDF+DRM
Išleidimo metai: 05-Apr-2019
Leidėjas: McGraw-Hill Education
Kalba: eng
ISBN-13: 9781260454192

Kitos knygos pagal šią temą:

Computer certification

Formatas - PDF+DRM
Kaina: 70,20 €*
* ši kaina yra galutinė, t.y. papildomos nuolaidos nebus taikomos
Įdėti į krepšelį
Įtraukti į pageidavimų sąrašą
Ši e-knyga skirta tik asmeniniam naudojimui. El. knygos nėra grąžinamos.

Formatas: PDF+DRM
Išleidimo metai: 05-Apr-2019
Leidėjas: McGraw-Hill Education
Kalba: eng
ISBN-13: 9781260454192

Kitos knygos pagal šią temą:

Computer certification

DRM apribojimai

Kopijuoti:

neleidžiama
Spausdinti:

neleidžiama
El. knygos naudojimas:

Skaitmeninių teisių valdymas (DRM)
Leidykla pateikė šią knygą šifruota forma, o tai reiškia, kad norint ją atrakinti ir perskaityti reikia įdiegti nemokamą programinę įrangą. Norint skaityti šią el. knygą, turite susikurti Adobe ID . Daugiau informacijos čia. El. knygą galima atsisiųsti į 6 įrenginius (vienas vartotojas su tuo pačiu Adobe ID).

Reikalinga programinė įranga
Norint skaityti šią el. knygą mobiliajame įrenginyje (telefone ar planšetiniame kompiuteryje), turite įdiegti šią nemokamą programėlę: PocketBook Reader (iOS / Android)

Norint skaityti šią el. knygą asmeniniame arba „Mac“ kompiuteryje, Jums reikalinga Adobe Digital Editions “ (tai nemokama programa, specialiai sukurta el. knygoms. Tai nėra tas pats, kas „Adobe Reader“, kurią tikriausiai jau turite savo kompiuteryje.)

Negalite skaityti šios el. knygos naudodami „Amazon Kindle“.

Prepare for the new PenTest+ certification exam from CompTIA with this money-saving, comprehensive study package

Designed as a complete self-study program, this collection offers a variety of proven resources to use in preparation for the August 2018 release of the CompTIA PenTest+ certification exam. Comprised of CompTIA PenTest+ Certification All-In-One Exam Guide (PT0-001) and CompTIA PenTest+ Certification Practice Exams (Exam CS0-001), this bundle thoroughly covers every topic on the challenging exam.

CompTIA PenTest+ Certification Bundle (Exam PT0-001) contains hundreds of practice questions that match those on the live exam in content, difficulty, tone, and format. The set includes detailed coverage of performance-based questions. You will get exam-focused “Tip,” “Note,” and “Caution” elements as well as end of chapter reviews. This authoritative, cost-effective bundle serves both as a study tool AND a valuable on-the-job reference for computer security professionals.

•This bundle is 25% cheaper than purchasing the books individually and includes a 10% off the exam voucher

•Written by a pair of penetration testing experts

•Electronic content includes 370+ practice exam questions and secured PDF copies of both books

Acknowledgments

Introduction

xiii

Objective Map: Exam PTO-001

xvi

Chapter 1 Pre-engagement Activities

(22)

Target Audience

(1)

Impact Analysis

(2)

Scope and Methodology

(9)

Types of Assessment

(2)

Threat Modeling

(3)

Target Selection

(2)

Contractual Agreements

(4)

Nondisclosure Agreement

(1)

Master Service Agreement

(1)

Statement of Work

(2)

Chapter Review

(7)

Questions

(2)

Questions and Answers

(5)

Chapter 2 Getting to Know Your Targets

(22)

Footprinting and Reconnaissance

(1)

Information Gathering

(1)

Tools, Methods, and Frameworks

(15)

Data Mining

(5)

Specialized Search Engines

(4)

DNS, Website, and Email Footprinting

(6)

Metadata Analysis

(1)

Chapter Review

(6)

Questions

(2)

Questions and Answers

(3)

Chapter 3 Network Scanning and Enumeration

(26)

802.11 Wireless Standards

(4)

Wireless Spectrum Bands

(1)

Wireless Modes and Terminology

(3)

Wireless Testing Equipment

(1)

Popular Antennas

(1)

802.11 Network Discovery

(4)

802.11 Frames

(2)

Wireless Scanning

(1)

Host Discovery

(3)

Ping Scan

(2)

Port Scanning

(5)

Port Scanning Methods

(1)

Common Ports and Protocols

(1)

TCP Scan

(1)

Half-Open Scan

(1)

UDP Scan

(1)

Enumeration

(2)

Chapter Review

(7)

Questions

(2)

Questions and Answers

(5)

Chapter 4 Vulnerability Scanning and Analysis

(34)

Researching Vulnerabilities

(5)

CVE

(1)

CWE

(1)

CAPEC

(1)

ATT&CK

(1)

Remote Security Scanning

(9)

Credentialed vs. Noncredentialed Scanning

(2)

Compliance and Configuration Auditing

(1)

Nontraditional Assets

(4)

Web and Database Scanning

(13)

Open Web Application Security Project (OWASP)

(1)

Fingerprinting Web and Database Servers

(2)

Enumerating Information

(1)

Authentication and Authorization Testing

(7)

Data Validation Testing

(1)

Vulnerability Mapping

(1)

Chapter Review

(7)

Questions

(2)

Questions and Answers

100

(5)

Chapter 5 Mobile Device and Application Testing

105

(42)

Mobile Device Architecture

105

(5)

iPhone Operating System

107

(2)

Android Operating System

109

(1)

Mobile Pentesting Fundamentals

110

(3)

Static Analysis

111

(1)

Dynamic and Runtime Analysis

112

(1)

Network Analysis

112

(1)

Server-Side Testing

113

(1)

iOS Application Security Testing

113

(10)

Setting Up an iOS Testing Environment

113

(1)

Jailbreaking an iOS Device

113

(2)

Connecting to the iOS Device

115

(2)

iOS Functional Testing and Application Mapping

117

(6)

Android Application Security Testing

123

(7)

Setting Up an Android Testing Environment

123

(1)

Rooting an Android Device

124

(1)

Connecting to the Android Device

124

(1)

Android Functional Testing and Application Mapping

125

(5)

Software Assurance Testing

130

(7)

Understanding Programming Logic

131

(6)

Chapter Review

137

(10)

Questions

138

(3)

Questions and Answers

141

(6)

Chapter 6 Social Engineering

147

(16)

Motivation Techniques

147

(1)

Social Engineering Attacks

148

(1)

Phishing

149

(6)

Email-Based

149

(6)

Phone-Based

155

(1)

Countermeasures

155

(1)

Chapter Review

156

(7)

Questions

157

(1)

Questions and Answers

158

(5)

Chapter 7 Network-Based Attacks

163

(42)

Name Resolution Exploits

163

(13)

DNS Spoofing and Cache Poisoning

165

(4)

Attacking LLMNR and NetBIOS

169

(7)

Stress Testing Applications and Protocols

176

(3)

Denial of Service Attacks

176

(2)

Executing DDoS Attacks

178

(1)

Network Packet-Manipulation

179

(4)

Analyzing and Inspecting Packets

179

(2)

Forge and Decode Packets

181

(2)

Layer-2 Attacks

183

(3)

Attacking the Spanning Tree Protocol

183

(1)

VLAN Hopping

184

(1)

Bypassing Network Access Controls

185

(1)

Attacking Common Protocols

186

(12)

Exploiting SNMPvl

186

(2)

Poorly Configured File Sharing

188

(9)

Abusing SMTP

197

(1)

Chapter Review

198

(7)

Questions

198

(2)

Questions and Answers

200

(5)

Chapter 8 Wireless and RF Attacks

205

(28)

Wireless Encryption Standards

206

(13)

Setting Up a Wireless Testing Lab

206

(1)

Cracking WEP

206

(6)

Wi-Fi Protected Access (WPA)

212

(5)

Cracking WPS

217

(2)

Wireless Attacks and Exploitation

219

(6)

Man-in-the-Middle Attacks

220

(2)

Attacking Bluetooth

222

(3)

Chapter Review

225

(8)

Questions

226

(2)

Questions and Answers

228

(5)

Chapter 9 Web and Database Attacks

233

(112)

Server-Side Attacks

233

(27)

Injection Attacks

233

(12)

Attacking Authentication and Session Management

245

(6)

Inclusion Attacks

251

(2)

Exploiting Security Misconfigurations

253

(7)

Client-Side Attacks

260

(4)

HTML Injection

261

(1)

Cross-Site Scripting

261

(2)

Cross-Site Request Forgery

263

(1)

Clickjacking

264

(1)

Chapter Review

264

(7)

Questions

265

(2)

Questions and Answers

267

(4)

Chapter 10 Attacking Local Host Vulnerabilities

271

(1)

OS Vulnerabilities

271

(2)

Postexploitation

273

(6)

Gain Situational Awareness

273

(3)

Collecting Information

276

(2)

Exfiltration

278

(1)

Privilege Escalation

279

(21)

Linux Privilege Escalation

279

(6)

Windows Privilege Escalation

285

(15)

Exploitable Services

300

(18)

Buffer Overflows

300

(13)

Unquoted Service Paths

313

(5)

Lateral Movement

318

(13)

Lateral Movement in Linux

318

(10)

Lateral Movement in Windows

328

(3)

Maintaining Persistence

331

(2)

Covering Your Tracks

333

(3)

Clearing Command History

333

(1)

Timestomping

334

(2)

File Deletion

336

(1)

Chapter Review

336

(9)

Questions

337

(2)

Questions and Answers

339

(6)

Chapter 11 Physical Penetration Testing

345

(30)

Keeping the Honest People Honest

347

(18)

Environmental Threats

347

(1)

Physical and Environmental Protection

348

(4)

Physical Locks and Security

352

(1)

Mechanical Locks

353

(7)

Basic Tools and Opening Techniques

360

(3)

Alarms and Early Warning Systems

363

(2)

Physical Device Security

365

(2)

Cold Boot Attack

365

(1)

BIOS Attacks

365

(2)

USB Keylogger

367

(1)

Chapter Review

367

(8)

Questions

368

(2)

Questions and Answers

370

(5)

Chapter 12 Reporting and Communication

375

(30)

Writing the Pentest Report

375

(23)

Drafting the Report

377

(19)

Postengagement Cleanup

396

(1)

Report Handling

397

(1)

Post-Report Delivery Activities

398

(1)

Customer Debriefing

398

(1)

Follow-Up Actions

398

(1)

Communication Is Key

398

(1)

Chapter Review

399

(6)

Questions

400

(2)

Questions and Answers

402

(3)

Appendix About the Online Content

405

(4)

Glossary

409

(14)

Index

423

Acknowledgments

Introduction

Chapter 1 Pre-engagement Activities

(36)

Questions

(10)

Quick Answer Key

(1)

In-Depth Answers

(24)

Chapter 2 Getting to Know Your Targets

(16)

Questions

(4)

Quick Answer Key

(1)

In-Depth Answers

(10)

Chapter 3 Network Scanning and Enumeration

(16)

Questions

(5)

Quick Answer Key

(1)

In-Depth Answers

(9)

Chapter 4 Vulnerability Scanning and Analysis

(38)

Questions

(12)

Quick Answer Key

(1)

In-Depth Answers

(23)

Chapter 5 Mobile Device and Application Testing

107

(14)

Questions

108

(4)

Quick Answer Key

112

(1)

In-Depth Answers

113

(8)

Chapter 6 Social Engineering

121

(16)

Questions

122

(5)

Quick Answer Key

127

(1)

In-Depth Answers

128

(9)

Chapter 7 Network-Based Attacks

137

(20)

Questions

138

(6)

Quick Answer Key

144

(1)

In-Depth Answers

145

(12)

Chapter 8 Wireless and Radio Frequency Attacks

157

(16)

Questions

158

(4)

Quick Answer Key

162

(1)

In-Depth Answers

163

(10)

Chapter 9 Web and Database Attacks

173

(20)

Questions

174

(5)

Quick Answer Key

179

(1)

In-Depth Answers

180

(13)

Chapter 10 Attacking Local Host Vulnerabilities

193

(40)

Questions

194

(12)

Quick Answer Key

206

(1)

In-Depth Answers

207

(26)

Chapter 11 Physical Penetration Testing

233

(12)

Questions

234

(3)

Quick Answer Key

237

(1)

In-Depth Answers

238

(7)

Chapter 12 Reporting and Communication

245

Questions

246

(10)

Quick Answer Key

256

(1)

In-Depth Answers

257

(22)

Appendix About the Online Content

279

System Requirements

279

(1)

Your Total Seminars Training Hub Account

279

(1)

Privacy Notice

279

(1)

Single User License Terms and Conditions

279

(2)

Total Tester Online

281

(1)

Pre-Assessment Test

281

(1)

Performance-Based Questions

281

(1)

Technical Support

282

Daugiau apie elektronines knygas

Pastovi nuoroda: https://www.kriso.lt/db/97812604541922e.html

El. knyga: CompTIA PenTest+ Certification Bundle (Exam PT0-001)

DRM apribojimai

Kopijuoti:

Spausdinti:

El. knygos naudojimas:

Paskyra ir nustatymai

Paieška

Ieškoti duomenų bazėje

Patikslinti paiešką

Temos E-knygų temos

Pasirinkti pirkinių krepšelį