Atnaujinkite slapukų nuostatas

El. knyga: CompTIA PenTest+ Certification For Dummies

5.00/5 (2 ratings by Goodreads)
  • Formatas: PDF+DRM
  • Išleidimo metai: 15-Feb-2022
  • Leidėjas: For Dummies
  • Kalba: eng
  • ISBN-13: 9781119867289
Kitos knygos pagal šią temą:
CompTIA PenTest+ Certification For DummiesDidesnis paveikslėlis
  • Formatas: PDF+DRM
  • Išleidimo metai: 15-Feb-2022
  • Leidėjas: For Dummies
  • Kalba: eng
  • ISBN-13: 9781119867289
Kitos knygos pagal šią temą:

DRM apribojimai

  • Kopijuoti:

    neleidžiama

  • Spausdinti:

    neleidžiama

  • El. knygos naudojimas:

    Skaitmeninių teisių valdymas (DRM)
    Leidykla pateikė šią knygą šifruota forma, o tai reiškia, kad norint ją atrakinti ir perskaityti reikia įdiegti nemokamą programinę įrangą. Norint skaityti šią el. knygą, turite susikurti Adobe ID . Daugiau informacijos  čia. El. knygą galima atsisiųsti į 6 įrenginius (vienas vartotojas su tuo pačiu Adobe ID).

    Reikalinga programinė įranga
    Norint skaityti šią el. knygą mobiliajame įrenginyje (telefone ar planšetiniame kompiuteryje), turite įdiegti šią nemokamą programėlę: PocketBook Reader (iOS / Android)

    Norint skaityti šią el. knygą asmeniniame arba „Mac“ kompiuteryje, Jums reikalinga  Adobe Digital Editions “ (tai nemokama programa, specialiai sukurta el. knygoms. Tai nėra tas pats, kas „Adobe Reader“, kurią tikriausiai jau turite savo kompiuteryje.)

    Negalite skaityti šios el. knygos naudodami „Amazon Kindle“.

Advance your existing career, or build a new one, with the PenTest+ certification

Looking for some hands-on help achieving one of the tech industry's leading new certifications? Complete with an online test bank to help you prep for the exam, CompTIA PenTest+ Certification For Dummies, 2nd Edition guides you through every competency tested by the exam.

Whether you're a seasoned security pro looking to looking to add a new cert to your skillset, or you're an early-career cybersecurity professional seeking to move forward, you'll find the practical, study-centered guidance you need to succeed on the certification exam. In this book and online, you'll get:

  • A thorough introduction to the planning and information gathering phase of penetration testing, including scoping and vulnerability identification
  • Comprehensive examinations of system exploits, vulnerabilities in wireless networks, and app-based intrusions
  • In-depth descriptions of the PenTest+ exam and an Exam Reference Matrix to help you get more familiar with the structure of the test
  • Three practice tests online with questions covering every competency on the exam

Perfect for cybersecurity pros looking to add an essential new certification to their repertoire, CompTIA PenTest+ Certification For Dummies, 2nd Edition is also a great resource for those looking for a way to cement and build on fundamental pentesting skills.

Introduction 1(12)
About This Book
1(1)
Conventions Used in This Book
2(1)
Foolish Assumptions
2(1)
How This Book Is Organized
3(1)
Pre-assessment
3(1)
Part 1 Planning and Information Gathering
3(1)
Part 2 Attacks and Exploits
3(1)
Part 3 Post-Exploitation and Reporting
3(1)
Appendixes
3(1)
Practice exam
4(1)
Icons Used in This Book
4(1)
Beyond the Book
5(1)
Where to Go from Here
5(2)
Pre-Assessment
7(1)
Questions
7(4)
Answers
11(2)
PART 1 PLANNING AND INFORMATION GATHERING
13(140)
Chapter 1 Introduction to Penetration Testing
15(24)
Penetration Testing Overview
15(1)
Reasons for a pentest
16(1)
Who should perform a pentest
17(2)
How often a pentest should be performed
19(2)
Defining Penetration Testing Terminology
21(1)
Types of assessments
21(1)
Pentest strategy
22(1)
Threat actors and threat models
23(2)
Looking at CompTIA's Penetration
Testing Phases
25(1)
Planning and scoping
25(1)
Information gathering and vulnerability identification
26(1)
Attacks and exploits
27(1)
Reporting and communication
27(1)
Identifying Testing Standards and Methodologies
28(1)
Mitre Att&Ck
29(1)
Open Web Application Security Project (OWASP)
29(2)
National Institute of Standards and Technology (NIST)
31(1)
OSSTMM, PTES, and ISSAF
32(1)
Reviewing Key Concepts
33(1)
Prep Test
34(3)
Answers
37(2)
Chapter 2 Planning and Scoping
39(30)
Understanding Key Legal Concepts
39(1)
Written authorization
40(1)
Contracts and agreements
40(2)
Disclaimers
42(1)
Scoping the Project
42(1)
Target list/in-scope assets
43(1)
General questions
44(1)
Web application testing questions
45(1)
Wireless network testing questions
45(1)
Physical security testing questions
45(1)
Social engineering testing questions
46(1)
Testing questions for IT staff
46(1)
Identifying the Rules of Engagement (RoE)
46(1)
Environmental considerations
47(1)
Target audience and reason for the pentest
48(1)
Communication escalation path
48(1)
Resources and requirements
49(3)
Budget
52(1)
Impact analysis and remediation timelines
52(1)
Defining Targets for the Pentest
53(1)
Internal and external targets
53(1)
First-party versus third-party hosted
53(1)
Other targets
54(1)
Target considerations
54(2)
Verifying Acceptance to Risk
56(1)
Scheduling the Pentest and Managing Scope Creep
57(1)
Scheduling
57(1)
Scope creep
58(1)
Conducting Compliance-based Assessments
59(1)
Considerations with compliance-based assessments
59(1)
Restrictions with compliance-based assessments
60(1)
Validate scope of engagement
61(1)
Maintaining professionalism and integrity
62(1)
Risks to the professional
62(1)
Reviewing Key Concepts
63(1)
Prep Test
64(3)
Answers
67(2)
Chapter 3 Information Gathering
69(40)
Looking at Information-Gathering Tools and Techniques
70(1)
Passive information gathering/passive reconnaissance
70(15)
Active information gathering/active reconnaissance
85(1)
Understanding Scanning and Enumeration
86(1)
Passive scanning
86(1)
Active scanning
87(8)
Enumeration
95(3)
Analyze the results of a reconnaissance exercise
98(1)
Detection Methods and Tokens
98(1)
Defense detection
99(1)
Security tokens
99(1)
Lab Exercises
100(1)
Exercise 3-1 Conduct a Whois Search
100(1)
Exercise 3-2 Use the Harvester to collect email addresses
101(1)
Exercise 3-3 Use Shodan to discover systems on the Internet
101(1)
Exercise 3-4 Use recon-ng for OSINT information gathering
102(1)
Exercise 3-5 Use dig for DNS profiling
102(1)
Exercise 3-6 Use Nmap to port scan
102(1)
Reviewing Key Concepts
103(1)
Prep Test
104(3)
Answers
107(2)
Chapter 4 Vulnerability Identification
109(44)
Understanding Vulnerabilities
109(1)
Types of vulnerability scans
110(4)
Vulnerability scan considerations
114(1)
Performing a Vulnerability Scan
115(1)
Installing Nessus
116(3)
Running Nessus
119(4)
Using other vulnerability scanners
123(1)
Analyzing Vulnerability Results
124(3)
Mapping vulnerabilities to exploits
127(2)
Understanding the CVSS base score
129(3)
Prioritizing activities
132(1)
Considerations for analyzing scan results
133(3)
Attacks and Weaknesses in Specialized Systems
136(1)
Mobile devices
136(2)
Cloud technologies
138(2)
Internet of Things (IoT) devices
140(2)
Data storage system vulnerabilities
142(1)
Underlying software vulnerabilities
142(1)
Management interface vulnerabilities
143(1)
Vulnerabilities related to SCADA, MoT, and ICS
143(1)
Vulnerabilities related to virtual environments and containers
144(1)
Lab Exercises
145(1)
Exercise 4-1 Download and install Nessus
145(1)
Exercise 4-2 Perform a vulnerability scan
146(2)
Exercise 4-3 Perform a web application vulnerability scan with Nessus
148(1)
Reviewing Key Concepts
148(1)
Prep Test
149(2)
Answers
151(2)
PART 2 ATTACKS AND EXPLOITS
153(140)
Chapter 5 Exploiting Systems
155(54)
Exploiting Systems with Metasploit
155(1)
Starting Metasploit
156(1)
Searching for an exploit
157(1)
Using an exploit
158(2)
Running the exploit
160(1)
Setting the payload
161(2)
Using msfvenom
163(2)
Using exploit resources
165(1)
Understanding Social Engineering
166(1)
Email phishing
166(1)
USB key drop
167(1)
Other forms of social engineering
168(1)
Methods of influence
168(1)
Using SET to perform an attack
169(2)
Using BeEF to perform an attack
171(4)
Call spoofing tools
175(1)
Pretexting
175(1)
Looking at Attacks on Physical Security
176(1)
Types of physical security controls
176(1)
Exploiting physical security
176(2)
Common Attack Techniques
178(1)
Password cracking
178(2)
Using exploits
180(2)
Deception
182(1)
Exploiting Network-Based Vulnerabilities
182(1)
Common tools used for network-based attacks
183(1)
Common network-based exploits
183(2)
Man-in-the-middle (MiTM) attacks
185(3)
Other common attacks
188(2)
Exploiting Local-Host Vulnerabilities
190(1)
Operating system vulnerabilities
190(1)
Unsecure service and protocol configurations
191(1)
Privilege escalation
191(3)
Default account settings
194(1)
Sandbox escape
195(1)
Physical device security
195(1)
Lab Exercises
196(1)
Exercise 5-1 Exploit an SMB service with Metasploit
196(1)
Exercise 5-2 Use the meterpreter exploit payload
197(2)
Exercise 5-3 Conduct a MiTM attack with SETH
199(1)
Exercise 5-4 Use SET for credential harvesting
200(1)
Exercise 5-5 Use BeEF to exploit a web browser
201(3)
Reviewing Key Concepts
204(1)
Prep Test
205(2)
Answers
207(2)
Chapter 6 Exploiting Wireless Vulnerabilities
209(38)
Understanding Wireless Terminology
209(1)
Wireless concepts
210(2)
Wireless equipment and configuration
212(1)
Types of wireless networks
213(1)
Introducing Wireless Standards
213(1)
802.11a
214(1)
802.11b
214(1)
802.11g
214(1)
802.11n
214(1)
802.11ac
215(1)
Looking at Wireless Configuration and Troubleshooting
215(1)
Reviewing the Basic Service Set
215(1)
Designing a multi-access point WLAN
216(1)
Troubleshooting wireless networks
217(1)
Implementing Wireless Security Practices
218(1)
General security practices
218(2)
Encryption protocols
220(2)
Exploiting Wireless Vulnerabilities
222(1)
Understanding attack methods and tools
222(2)
Looking at 802.11 wireless vulnerabilities
224(2)
Looking at RF-based vulnerabilities
226(2)
Cracking WEP encryption
228(4)
WPS pin attack
232(2)
Cracking WPA/WPA2 encryption keys
234(3)
Using Wifite to hack wireless networks
237(1)
Exploiting Bluetooth devices
238(2)
Lab Exercises
240(1)
Exercise 6-1 Crack WEP encryption
240(1)
Exercise 6-2 Crack the WPS pin
241(1)
Exercise 6-3 Crack the WPA/WPA2 encryption key
241(1)
Exercise 6-4 Test Bluetooth devices
241(1)
Reviewing Key Concepts
242(1)
Prep Test
243(3)
Answers
246(1)
Chapter 7 Exploiting Application-Based Vulnerabilities
247(46)
Looking at Common Application-Based Attacks
247(1)
Injection attacks
248(6)
Authentication attacks
254(2)
Authorization attacks
256(2)
XSS and CSRF/XSRF attacks
258(5)
Understanding Application Security Vulnerabilities
263(1)
Clickjacking
263(1)
Security misconfiguration
263(3)
File inclusion
266(1)
Privilege escalation
266(1)
Session replay and session fixation
267(1)
Common Coding Mistakes
267(1)
Business logic flaws
267(2)
Unauthorized use of functions/unprotected APIs
269(1)
Hidden elements/sensitive information in the DOM
270(1)
Insecure data transmission
271(1)
Lack of code signing
271(1)
Secure Coding Best Practices
271(1)
Validation
271(1)
Sanitization
272(1)
Escaping
272(1)
Parameterized queries
272(1)
Common Tools and Resources
273(1)
Common tools
273(1)
Common resources
273(1)
Lab Exercises
274(1)
Exercise 7-1 Perform a CSRF attack
274(4)
Exercise 7-2 Perform a SQL injection
278(5)
Exercise 7-3 Perform a command injection attack
283(1)
Exercise 7-4 Perform a reflected XSS attack
284(1)
Exercise 7-5 Perform a persistent XSS attack
284(2)
Exercise 7-6 Reset the DVWA
286(1)
Reviewing Key Concepts
286(2)
Prep Test
288(3)
Answers
291(2)
PART 3 POST-EXPLOITATION AND REPORTING
293(162)
Chapter 8 Understanding Post-Exploitation Actions
295(38)
Common Post-Exploitation Tasks
296(2)
Understanding the context
298(1)
Collecting information
299(2)
Obtaining a shell
301(1)
Retrieving password hashes
301(1)
Disabling the antivirus software
302(1)
Migrating to a different process
302(1)
Privilege escalation and restrictive shells
303(1)
Taking screenshots
303(1)
Taking remote control
303(1)
Capturing keystrokes
304(1)
Enabling the webcam
304(2)
Network segmentation testing
306(1)
Performing Lateral Movement
306(1)
PS remoting/WinRM
307(1)
Using PsExec
308(1)
Using PsExec with pass the hash
309(2)
Using RDP
311(1)
Using RPC/DCOM
312(1)
Using remote services
313(4)
Other techniques for lateral movement
317(1)
Maintaining Access (Persistence)
318(1)
New user creation
318(2)
Planting backdoors and trojans
320(1)
Other techniques for maintaining access
320(1)
Detection avoidance
321(1)
Covering Your Tracks
321(2)
Lab Exercises
323(1)
Exercise 8-1 Exploit a system and collect information
323(1)
Exercise 8-2 Record keystrokes
324(1)
Exercise 8-3 Obtain password hashes
324(1)
Exercise 8-4 Move laterally
325(1)
Exercise 8-5 Create a backdoor account
326(1)
Exercise 8-6 Cover your tracks
326(1)
Reviewing Key Concepts
327(1)
Prep Test
328(3)
Answers
331(2)
Chapter 9 Common Penetration Testing Tools
333(52)
Understanding Use Cases for Common Pentest Tools
333(1)
Reconnaissance
334(1)
Enumeration
334(1)
Vulnerability scanning
334(1)
Credential attacks
335(1)
Persistence
335(1)
Configuration compliance
336(1)
Evasion
336(1)
Decompilation and debugging
336(1)
Forensics
336(1)
Software assurance
337(1)
Looking at Common Pentest Tools
337(1)
Scanners
338(4)
Credential testing tools
342(7)
Debuggers
349(1)
Software-assurance tools
350(1)
Open-source intelligence (OSINT) tools
351(1)
Wireless tools
352(2)
Web application tools/web proxies
354(2)
Social engineering tools
356(1)
Remote access tools
357(1)
Networking tools
358(1)
Mobile tools
359(1)
Steganography tools
359(2)
Cloud tools
361(1)
Miscellaneous tools
362(1)
Analyzing Tool Output
363(1)
Password cracking
363(2)
Pass the hash
365(2)
Setting up a bind shell
367(1)
Getting a reverse shell
368(1)
Proxying a connection
369(1)
Uploading a web shell
370(1)
Injections
371(1)
Lab Exercises
371(1)
Exercise 9-1 Crack passwords with John the Ripper
372(1)
Exercise 9-2 Locate web servers
372(1)
Exercise 9-3 Scan web applications for vulnerabilities
373(1)
Exercise 9-4 Use Hydra for password cracking over RDP
373(1)
Exercise 9-5 Use Hydra to crack website credentials
374(2)
Exercise 9-6 Use CeWL to create a wordlist
376(1)
Exercise 9-7 Use Netcat/Ncat to create a bind shell
376(1)
Exercise 9-8 Using Responder and John the Ripper to capture and crack password hashes
377(3)
Reviewing Key Concepts
380(1)
Prep Test
381(3)
Answers
384(1)
Chapter 10 Analyzing Script Functionality
385(44)
Reviewing Scripting Concepts
386(1)
Variables and arrays
386(1)
Looping and flow control
387(3)
Understanding operators
390(1)
Data structures
390(2)
Parts of software and scripts
392(1)
Common operations
392(2)
Error handling
394(1)
Using Bash Scripting
395(1)
Variables and arrays
395(2)
Looping and flow control
397(1)
Executing the script
398(1)
Error handling
399(1)
Input and output
399(1)
Understanding Python Scripting
400(1)
Variables and arrays
400(2)
Looping and flow control
402(1)
Executing the script
403(1)
Error handling
403(1)
Input and output
404(1)
Working with Ruby Scripting
405(1)
Variables and arrays
405(1)
Looping and flow control
406(2)
Executing the script
408(1)
Error handling
408(1)
Input and output
409(1)
Cbcling in PowerShell Scripting
410(1)
Variables and arrays
410(1)
Looping and flow control
411(2)
Executing the script
413(1)
Error handling
414(1)
Input and output
414(1)
Code Examples and Automation
415(1)
Analyze exploit code
415(7)
Opportunities for automation
422(1)
Lab Exercises
422(1)
Exercise 10-1 Review Bash script
422(1)
Exercise 10-2 Review Python script
423(1)
Exercise 10-3 Review PowerShell script
424(1)
Reviewing Key Concepts
425(1)
Prep Test
426(2)
Answers
428(1)
Chapter 11 Reporting and Communication
429(26)
Communicating During a PenTest
429(1)
Understanding communication paths
430(1)
Communication triggers
431(1)
Reasons for communication
432(1)
Goal reprioritization and presentation of findings
433(1)
Findings and Remediations
433(1)
Shared local administrator credentials
434(1)
Weak password complexity
434(1)
Plain text passwords
434(1)
No multifactor authentication
435(1)
SQL injection
435(1)
Unnecessary open services
436(1)
Focusing Your Remediation Strategies
436(1)
Recommending the Appropriate Remediation Strategy
437(1)
Common technical controls
437(2)
Common administrative controls
439(1)
Common operational controls
439(1)
Common physical controls
440(1)
Writing and Handling the Pentest Report
440(1)
Common themes/root causes
440(1)
Notetaking and normalization of data
441(1)
Risk appetite
441(1)
Report audience
442(1)
Report structure
442(3)
Secure handling and distribution of reports
445(1)
Delivering the Report and Post-Report Activities
446(1)
Post-engagement cleanup
446(1)
Client acceptance
447(1)
Administrative tasks
447(1)
Lab Exercises
448(1)
Exercise 11-1 Create a pentest report
448(1)
Exercise 11-2 Encrypt the pentest report
448(1)
Reviewing Key Concepts
449(1)
Prep Test
450(3)
Answers
453(2)
PART 4 APPENDIXES
455(36)
Appendix A PenTest+ Exam Details
457(8)
CompTIA PenTest+ Certification and Why You Need It
457(1)
Checking Out the Exam and Its Objectives
458(1)
Using This Book to Prepare for the Exam
459(1)
Steps to Prepare for the Exam
460(1)
Making Arrangements to Take the Exam
460(1)
The Day the Earth Stood Still: Exam Day
461(1)
Arriving at the exam location
461(1)
Testing online (from home or work)
461(1)
Taking the exam
462(2)
How does CompTIA set the pass level?
464(1)
Appendix B CompTIA PenTest+ Exam Reference Matrix
465(24)
2021 PenTest+ Exam Objectives -- PTO-002
465(24)
Appendix C Lab Setup
489(2)
Setting Up the Virtual Machines
489(1)
Obtaining the Software Needed
490(1)
VMware Workstation
490(1)
Windows Server 2012/2016/2019
490(1)
Windows 7
490(1)
Kali Linux 491(1)
Metasploitable2 491(2)
Index 493
Glen E. Clarke is the owner of DC Advanced Technology Training (DCATT) and teaches dozens of courses on cybersecurity, Microsoft software, and programming. Glen has authored many certification titles on topics such as A+, Network+, Security+, Cisco CCT and CCNA.
Daugiau apie elektronines knygas Daugiau apie elektronines knygas
Pastovi nuoroda: https://www.kriso.lt/db/97811198672892e.html
Raktažodžiai: