60,65 €*
Versandkostenfrei per Post / DHL
Lieferzeit 1-2 Wochen
In the revamped Second Edition of CompTIA PenTest+ Study Guide: Exam PT0-002, veteran information security experts Dr. Mike Chapple and David Seidl deliver a comprehensive roadmap to the foundational and advanced skills every pentester (penetration tester) needs to secure their CompTIA PenTest+ certification, ace their next interview, and succeed in an exciting new career in a growing field.
You'll learn to perform security assessments of traditional servers, desktop and mobile operating systems, cloud installations, Internet-of-Things devices, and industrial or embedded systems. You'll plan and scope a penetration testing engagement including vulnerability scanning, understand legal and regulatory compliance requirements, analyze test results, and produce a written report with remediation techniques.
This book will:
* Prepare you for success on the newly introduced CompTIA PenTest+ PT0-002 Exam
* Multiply your career opportunities with a certification that complies with ISO 17024 standards and meets Department of Defense Directive 8140/8570.01-M requirements
* Allow access to the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms
Perfect for anyone preparing for the updated CompTIA PenTest+ certification exam, CompTIA PenTest+ Study Guide: Exam PT0-002 is also a must-read resource for aspiring penetration testers and IT security professionals seeking to expand and improve their skillset.
In the revamped Second Edition of CompTIA PenTest+ Study Guide: Exam PT0-002, veteran information security experts Dr. Mike Chapple and David Seidl deliver a comprehensive roadmap to the foundational and advanced skills every pentester (penetration tester) needs to secure their CompTIA PenTest+ certification, ace their next interview, and succeed in an exciting new career in a growing field.
You'll learn to perform security assessments of traditional servers, desktop and mobile operating systems, cloud installations, Internet-of-Things devices, and industrial or embedded systems. You'll plan and scope a penetration testing engagement including vulnerability scanning, understand legal and regulatory compliance requirements, analyze test results, and produce a written report with remediation techniques.
This book will:
* Prepare you for success on the newly introduced CompTIA PenTest+ PT0-002 Exam
* Multiply your career opportunities with a certification that complies with ISO 17024 standards and meets Department of Defense Directive 8140/8570.01-M requirements
* Allow access to the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms
Perfect for anyone preparing for the updated CompTIA PenTest+ certification exam, CompTIA PenTest+ Study Guide: Exam PT0-002 is also a must-read resource for aspiring penetration testers and IT security professionals seeking to expand and improve their skillset.
MIKE CHAPPLE, Security+, CySA+, CISSP, is Teaching Professor of IT, Analytics, and Operations at the University of Notre Dame. He's a cybersecurity professional and educator with over 20 years of experience. Mike provides cybersecurity certification resources at his website, [...].
DAVID SEIDL, Security+, CySA+, CISSP, PenTest+, is Vice President for Information Technology and CIO at Miami University. David co-led Notre Dame's move to the cloud, and has written multiple cybersecurity certification books.
Introduction xxxix
Assessment Test xxv
Chapter 1 Penetration Testing 1
What Is Penetration Testing? 2
Cybersecurity Goals 2
Adopting the Hacker Mindset 4
Ethical Hacking 5
Reasons for Penetration Testing 5
Benefits of Penetration Testing 6
Regulatory Requirements for Penetration Testing 7
Who Performs Penetration Tests? 8
Internal Penetration Testing Teams 8
External Penetration Testing Teams 9
Selecting Penetration Testing Teams 10
The CompTIA Penetration Testing Process 10
Planning and Scoping 11
Information Gathering and Vulnerability Scanning 11
Attacks and Exploits 12
Reporting and Communication 13
Tools and Code Analysis 13
The Cyber Kill Chain 14
Reconnaissance 15
Weaponization 16
Delivery 16
Exploitation 16
Installation 16
Command and Control 16
Actions on Objectives 17
Tools of the Trade 17
Reconnaissance 20
Vulnerability Scanners 21
Social Engineering 21
Credential Testing Tools 22
Debuggers and Software Testing Tools 22
Network Testing 23
Remote Access 23
Exploitation 24
Steganography 24
Cloud Tools 25
Summary 25
Exam Essentials 25
Lab Exercises 26
Activity 1.1: Adopting the Hacker Mindset 26
Activity 1.2: Using the Cyber Kill Chain 26
Review Questions 27
Chapter 2 Planning and Scoping Penetration Tests 31
Scoping and Planning Engagements 34
Assessment Types 35
Known Environments and Unknown Environments 35
The Rules of Engagement 37
Scoping Considerations- A Deeper Dive 39
Support Resources for Penetration Tests 42
Penetration Testing Standards and Methodologies 44
Key Legal Concepts for Penetration Tests 46
Contracts 46
Data Ownership and Retention 47
Permission to Attack (Authorization) 47
Environmental Differences and Location Restrictions 48
Regulatory Compliance Considerations 49
Summary 51
Exam Essentials 52
Lab Exercises 53
Review Questions 54
Chapter 3 Information Gathering 59
Footprinting and Enumeration 63
Osint 64
Location and Organizational Data 65
Infrastructure and Networks 68
Security Search Engines 74
Google Dorks and Search Engine Techniques 77
Password Dumps and Other Breach Data 77
Source Code Repositories 78
Passive Enumeration and Cloud Services 78
Active Reconnaissance and Enumeration 78
Hosts 79
Services 79
Networks, Topologies, and Network Traffic 85
Packet Crafting and Inspection 88
Enumeration 90
Information Gathering and Code 97
Avoiding Detection 99
Information Gathering and Defenses 99
Defenses Against Active Reconnaissance 100
Preventing Passive Information Gathering 100
Summary 100
Exam Essentials 101
Lab Exercises 102
Activity 3.1: Manual OSINT Gathering 102
Activity 3.2: Exploring Shodan 102
Activity 3.3: Running an Nmap Scan 103
Review Questions 104
Chapter 4 Vulnerability Scanning 109
Identifying Vulnerability Management Requirements 112
Regulatory Environment 112
Corporate Policy 116
Support for Penetration Testing 116
Identifying Scan Targets 117
Determining Scan Frequency 118
Active vs. Passive Scanning 120
Configuring and Executing Vulnerability Scans 121
Scoping Vulnerability Scans 121
Configuring Vulnerability Scans 122
Scanner Maintenance 129
Software Security Testing 131
Analyzing and Testing Code 131
Web Application Vulnerability Scanning 133
Developing a Remediation Workflow 138
Prioritizing Remediation 140
Testing and Implementing Fixes 141
Overcoming Barriers to Vulnerability Scanning 141
Summary 143
Exam Essentials 143
Lab Exercises 144
Activity 4.1: Installing a Vulnerability Scanner 144
Activity 4.2: Running a Vulnerability Scan 145
Activity 4.3: Developing a Penetration Test Vulnerability Scanning Plan 145
Review Questions 146
Chapter 5 Analyzing Vulnerability Scans 151
Reviewing and Interpreting Scan Reports 152
Understanding CVSS 156
Validating Scan Results 162
False Positives 162
Documented Exceptions 162
Understanding Informational Results 163
Reconciling Scan Results with Other Data Sources 164
Trend Analysis 164
Common Vulnerabilities 165
Server and Endpoint Vulnerabilities 166
Network Vulnerabilities 175
Virtualization Vulnerabilities 181
Internet of Things (IoT) 183
Web Application Vulnerabilities 184
Summary 186
Exam Essentials 187
Lab Exercises 188
Activity 5.1: Interpreting a Vulnerability Scan 188
Activity 5.2: Analyzing a CVSS Vector 188
Activity 5.3: Developing a Penetration Testing Plan 189
Review Questions 190
Chapter 6 Exploiting and Pivoting 195
Exploits and Attacks 198
Choosing Targets 198
Enumeration 199
Identifying the Right Exploit 201
Exploit Resources 204
Exploitation Toolkits 206
Metasploit 206
PowerSploit 212
BloodHound 213
Exploit Specifics 213
Rpc/dcom 213
PsExec 214
PS Remoting/WinRM 214
Wmi 214
Fileless Malware and Living Off the Land 215
Scheduled Tasks and cron Jobs 216
Smb 217
Dns 219
Rdp 220
Apple Remote Desktop 220
Vnc 220
Ssh 220
Network Segmentation Testing and Exploits 221
Leaked Keys 222
Leveraging Exploits 222
Common Post- Exploit Attacks 222
Cross Compiling 225
Privilege Escalation 226
Social Engineering 226
Escaping and Upgrading Limited Shells 227
Persistence and Evasion 228
Scheduled Jobs and Scheduled Tasks 228
Inetd Modification 228
Daemons and Services 229
Backdoors and Trojans 229
Data Exfiltration and Covert Channels 230
New Users 230
Pivoting 231
Covering Your Tracks 232
Summary 233
Exam Essentials 234
Lab Exercises 235
Activity 6.1: Exploit 235
Activity 6.2: Discovery 235
Activity 6.3: Pivot 236
Review Questions 237
Chapter 7 Exploiting Network Vulnerabilities 243
Identifying Exploits 247
Conducting Network Exploits 247
VLAN Hopping 247
DNS Cache Poisoning 249
On- Path Attacks 251
NAC Bypass 254
DoS Attacks and Stress Testing 255
Exploit Chaining 257
Exploiting Windows Services 257
NetBIOS Name Resolution Exploits 257
SMB Exploits 261
Identifying and Exploiting Common Services 261
Identifying and Attacking Service Targets 262
SNMP Exploits 263
SMTP Exploits 264
FTP Exploits 265
Kerberoasting 266
Samba Exploits 267
Password Attacks 268
Stress Testing for Availability 269
Wireless Exploits 269
Attack Methods 269
Finding Targets 270
Attacking Captive Portals 270
Eavesdropping, Evil Twins, and Wireless On- Path Attacks 271
Other Wireless Protocols and Systems 275
RFID Cloning 276
Jamming 277
Repeating 277
Summary 278
Exam Essentials 279
Lab Exercises 279
Activity 7.1: Capturing Hashes 279
Activity 7.2: Brute- Forcing Services 280
Activity 7.3: Wireless Testing 281
Review Questions 282
Chapter 8 Exploiting Physical and Social Vulnerabilities 287
Physical Facility Penetration Testing 290
Entering Facilities 290
Information Gathering 294
Social Engineering 294
In- Person Social Engineering 295
Phishing Attacks 297
Website- Based Attacks 298
Using Social Engineering Tools 298
Summary 302
Exam Essentials 303
Lab Exercises 303
Activity 8.1: Designing a Physical Penetration Test 303
Activity 8.2: Brute- Forcing Services 304
Activity 8.3: Using BeEF 305
Review Questions 306
Chapter 9 Exploiting Application Vulnerabilities 311
Exploiting Injection Vulnerabilities 314
Input Validation 314
Web Application Firewalls 315
SQL Injection Attacks 316
Code Injection Attacks 319
Command Injection Attacks 319
LDAP Injection Attacks 320
Exploiting Authentication Vulnerabilities 320
Password Authentication 321
Session Attacks 322
Kerberos Exploits 326
Exploiting Authorization Vulnerabilities 327
Insecure Direct Object References 327
Directory Traversal 328
File Inclusion 330
Privilege Escalation 331
Chapter 10 Exploiting Web Application Vulnerabilities 331
Cross- Site Scripting (XSS) 331
Request Forgery 334
Clickjacking 335
Unsecure Coding Practices 335
Source Code Comments 335
Error Handling 336
Hard- Coded Credentials 336
Race Conditions 337
Unprotected APIs 337
Unsigned Code 338
Steganography 340
Application Testing Tools 341
Static Application Security Testing (SAST) 341
Dynamic Application Security Testing (DAST) 342
Mobile Tools 346
Summary 346
Exam Essentials 347
Lab Exercises 347
Activity 9.1: Application Security Testing Techniques 347
Activity 9.2: Using the ZAP Proxy 348
Activity 9.3: Creating a Cross- Site Scripting Vulnerability...
| Erscheinungsjahr: | 2021 |
|---|---|
| Genre: | Importe, Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Medium: | Taschenbuch |
| Inhalt: | 576 S. |
| ISBN-13: | 9781119823810 |
| ISBN-10: | 1119823811 |
| Sprache: | Englisch |
| Herstellernummer: | 1W119823810 |
| Einband: | Kartoniert / Broschiert |
| Autor: |
Chapple, Mike
Seidl, David |
| Auflage: | 2nd edition |
| Hersteller: | Wiley |
| Maße: | 238 x 190 x 32 mm |
| Von/Mit: | Mike Chapple (u. a.) |
| Erscheinungsdatum: | 02.11.2021 |
| Gewicht: | 0,955 kg |
MIKE CHAPPLE, Security+, CySA+, CISSP, is Teaching Professor of IT, Analytics, and Operations at the University of Notre Dame. He's a cybersecurity professional and educator with over 20 years of experience. Mike provides cybersecurity certification resources at his website, [...].
DAVID SEIDL, Security+, CySA+, CISSP, PenTest+, is Vice President for Information Technology and CIO at Miami University. David co-led Notre Dame's move to the cloud, and has written multiple cybersecurity certification books.
Introduction xxxix
Assessment Test xxv
Chapter 1 Penetration Testing 1
What Is Penetration Testing? 2
Cybersecurity Goals 2
Adopting the Hacker Mindset 4
Ethical Hacking 5
Reasons for Penetration Testing 5
Benefits of Penetration Testing 6
Regulatory Requirements for Penetration Testing 7
Who Performs Penetration Tests? 8
Internal Penetration Testing Teams 8
External Penetration Testing Teams 9
Selecting Penetration Testing Teams 10
The CompTIA Penetration Testing Process 10
Planning and Scoping 11
Information Gathering and Vulnerability Scanning 11
Attacks and Exploits 12
Reporting and Communication 13
Tools and Code Analysis 13
The Cyber Kill Chain 14
Reconnaissance 15
Weaponization 16
Delivery 16
Exploitation 16
Installation 16
Command and Control 16
Actions on Objectives 17
Tools of the Trade 17
Reconnaissance 20
Vulnerability Scanners 21
Social Engineering 21
Credential Testing Tools 22
Debuggers and Software Testing Tools 22
Network Testing 23
Remote Access 23
Exploitation 24
Steganography 24
Cloud Tools 25
Summary 25
Exam Essentials 25
Lab Exercises 26
Activity 1.1: Adopting the Hacker Mindset 26
Activity 1.2: Using the Cyber Kill Chain 26
Review Questions 27
Chapter 2 Planning and Scoping Penetration Tests 31
Scoping and Planning Engagements 34
Assessment Types 35
Known Environments and Unknown Environments 35
The Rules of Engagement 37
Scoping Considerations- A Deeper Dive 39
Support Resources for Penetration Tests 42
Penetration Testing Standards and Methodologies 44
Key Legal Concepts for Penetration Tests 46
Contracts 46
Data Ownership and Retention 47
Permission to Attack (Authorization) 47
Environmental Differences and Location Restrictions 48
Regulatory Compliance Considerations 49
Summary 51
Exam Essentials 52
Lab Exercises 53
Review Questions 54
Chapter 3 Information Gathering 59
Footprinting and Enumeration 63
Osint 64
Location and Organizational Data 65
Infrastructure and Networks 68
Security Search Engines 74
Google Dorks and Search Engine Techniques 77
Password Dumps and Other Breach Data 77
Source Code Repositories 78
Passive Enumeration and Cloud Services 78
Active Reconnaissance and Enumeration 78
Hosts 79
Services 79
Networks, Topologies, and Network Traffic 85
Packet Crafting and Inspection 88
Enumeration 90
Information Gathering and Code 97
Avoiding Detection 99
Information Gathering and Defenses 99
Defenses Against Active Reconnaissance 100
Preventing Passive Information Gathering 100
Summary 100
Exam Essentials 101
Lab Exercises 102
Activity 3.1: Manual OSINT Gathering 102
Activity 3.2: Exploring Shodan 102
Activity 3.3: Running an Nmap Scan 103
Review Questions 104
Chapter 4 Vulnerability Scanning 109
Identifying Vulnerability Management Requirements 112
Regulatory Environment 112
Corporate Policy 116
Support for Penetration Testing 116
Identifying Scan Targets 117
Determining Scan Frequency 118
Active vs. Passive Scanning 120
Configuring and Executing Vulnerability Scans 121
Scoping Vulnerability Scans 121
Configuring Vulnerability Scans 122
Scanner Maintenance 129
Software Security Testing 131
Analyzing and Testing Code 131
Web Application Vulnerability Scanning 133
Developing a Remediation Workflow 138
Prioritizing Remediation 140
Testing and Implementing Fixes 141
Overcoming Barriers to Vulnerability Scanning 141
Summary 143
Exam Essentials 143
Lab Exercises 144
Activity 4.1: Installing a Vulnerability Scanner 144
Activity 4.2: Running a Vulnerability Scan 145
Activity 4.3: Developing a Penetration Test Vulnerability Scanning Plan 145
Review Questions 146
Chapter 5 Analyzing Vulnerability Scans 151
Reviewing and Interpreting Scan Reports 152
Understanding CVSS 156
Validating Scan Results 162
False Positives 162
Documented Exceptions 162
Understanding Informational Results 163
Reconciling Scan Results with Other Data Sources 164
Trend Analysis 164
Common Vulnerabilities 165
Server and Endpoint Vulnerabilities 166
Network Vulnerabilities 175
Virtualization Vulnerabilities 181
Internet of Things (IoT) 183
Web Application Vulnerabilities 184
Summary 186
Exam Essentials 187
Lab Exercises 188
Activity 5.1: Interpreting a Vulnerability Scan 188
Activity 5.2: Analyzing a CVSS Vector 188
Activity 5.3: Developing a Penetration Testing Plan 189
Review Questions 190
Chapter 6 Exploiting and Pivoting 195
Exploits and Attacks 198
Choosing Targets 198
Enumeration 199
Identifying the Right Exploit 201
Exploit Resources 204
Exploitation Toolkits 206
Metasploit 206
PowerSploit 212
BloodHound 213
Exploit Specifics 213
Rpc/dcom 213
PsExec 214
PS Remoting/WinRM 214
Wmi 214
Fileless Malware and Living Off the Land 215
Scheduled Tasks and cron Jobs 216
Smb 217
Dns 219
Rdp 220
Apple Remote Desktop 220
Vnc 220
Ssh 220
Network Segmentation Testing and Exploits 221
Leaked Keys 222
Leveraging Exploits 222
Common Post- Exploit Attacks 222
Cross Compiling 225
Privilege Escalation 226
Social Engineering 226
Escaping and Upgrading Limited Shells 227
Persistence and Evasion 228
Scheduled Jobs and Scheduled Tasks 228
Inetd Modification 228
Daemons and Services 229
Backdoors and Trojans 229
Data Exfiltration and Covert Channels 230
New Users 230
Pivoting 231
Covering Your Tracks 232
Summary 233
Exam Essentials 234
Lab Exercises 235
Activity 6.1: Exploit 235
Activity 6.2: Discovery 235
Activity 6.3: Pivot 236
Review Questions 237
Chapter 7 Exploiting Network Vulnerabilities 243
Identifying Exploits 247
Conducting Network Exploits 247
VLAN Hopping 247
DNS Cache Poisoning 249
On- Path Attacks 251
NAC Bypass 254
DoS Attacks and Stress Testing 255
Exploit Chaining 257
Exploiting Windows Services 257
NetBIOS Name Resolution Exploits 257
SMB Exploits 261
Identifying and Exploiting Common Services 261
Identifying and Attacking Service Targets 262
SNMP Exploits 263
SMTP Exploits 264
FTP Exploits 265
Kerberoasting 266
Samba Exploits 267
Password Attacks 268
Stress Testing for Availability 269
Wireless Exploits 269
Attack Methods 269
Finding Targets 270
Attacking Captive Portals 270
Eavesdropping, Evil Twins, and Wireless On- Path Attacks 271
Other Wireless Protocols and Systems 275
RFID Cloning 276
Jamming 277
Repeating 277
Summary 278
Exam Essentials 279
Lab Exercises 279
Activity 7.1: Capturing Hashes 279
Activity 7.2: Brute- Forcing Services 280
Activity 7.3: Wireless Testing 281
Review Questions 282
Chapter 8 Exploiting Physical and Social Vulnerabilities 287
Physical Facility Penetration Testing 290
Entering Facilities 290
Information Gathering 294
Social Engineering 294
In- Person Social Engineering 295
Phishing Attacks 297
Website- Based Attacks 298
Using Social Engineering Tools 298
Summary 302
Exam Essentials 303
Lab Exercises 303
Activity 8.1: Designing a Physical Penetration Test 303
Activity 8.2: Brute- Forcing Services 304
Activity 8.3: Using BeEF 305
Review Questions 306
Chapter 9 Exploiting Application Vulnerabilities 311
Exploiting Injection Vulnerabilities 314
Input Validation 314
Web Application Firewalls 315
SQL Injection Attacks 316
Code Injection Attacks 319
Command Injection Attacks 319
LDAP Injection Attacks 320
Exploiting Authentication Vulnerabilities 320
Password Authentication 321
Session Attacks 322
Kerberos Exploits 326
Exploiting Authorization Vulnerabilities 327
Insecure Direct Object References 327
Directory Traversal 328
File Inclusion 330
Privilege Escalation 331
Chapter 10 Exploiting Web Application Vulnerabilities 331
Cross- Site Scripting (XSS) 331
Request Forgery 334
Clickjacking 335
Unsecure Coding Practices 335
Source Code Comments 335
Error Handling 336
Hard- Coded Credentials 336
Race Conditions 337
Unprotected APIs 337
Unsigned Code 338
Steganography 340
Application Testing Tools 341
Static Application Security Testing (SAST) 341
Dynamic Application Security Testing (DAST) 342
Mobile Tools 346
Summary 346
Exam Essentials 347
Lab Exercises 347
Activity 9.1: Application Security Testing Techniques 347
Activity 9.2: Using the ZAP Proxy 348
Activity 9.3: Creating a Cross- Site Scripting Vulnerability...
| Erscheinungsjahr: | 2021 |
|---|---|
| Genre: | Importe, Informatik |
| Rubrik: | Naturwissenschaften & Technik |
| Medium: | Taschenbuch |
| Inhalt: | 576 S. |
| ISBN-13: | 9781119823810 |
| ISBN-10: | 1119823811 |
| Sprache: | Englisch |
| Herstellernummer: | 1W119823810 |
| Einband: | Kartoniert / Broschiert |
| Autor: |
Chapple, Mike
Seidl, David |
| Auflage: | 2nd edition |
| Hersteller: | Wiley |
| Maße: | 238 x 190 x 32 mm |
| Von/Mit: | Mike Chapple (u. a.) |
| Erscheinungsdatum: | 02.11.2021 |
| Gewicht: | 0,955 kg |
Ähnliche Produkte
Aktuell nicht verfügbar
Lieferzeit 4-7 Werktage
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Wochen
Lieferzeit 1-2 Wochen