TY - BOOK AU - Henry,Kevin M. TI - Penetration testing: protecting networks and systems SN - 9781849283724 AV - TK5105.59 .H46 2012eb U1 - 005.8 23 PY - 2012/// CY - Ely, Cambridgeshire, U.K. PB - IT Governance Pub. KW - Penetration testing (Computer security) KW - Computer networks KW - Security measures KW - Computer security KW - Evaluation KW - Tests d'intrusion KW - Réseaux d'ordinateurs KW - Sécurité KW - Mesures KW - Sécurité informatique KW - Évaluation KW - COMPUTERS KW - Internet KW - Security KW - bisacsh KW - Networking KW - General KW - fast KW - Electronic books N1 - Includes bibliographical references; Introduction; Chapter 1: Introduction to Penetration Testing; Case study; Security basics; Risk management; The threat environment; Overview of the steps to penetration testing; Penetration testing versus hacking; Benefits of penetration testing; Summary; Key learning points; Questions; Chapter 2: Preparing to Conduct a Penetration Test; Approval and scope; Planning; Summary; Questions; Chapter 3: Reconnaissance; The start of the test; Physical information gathering; Other data sources; Avoiding footprinting; Key learning points; Questions; Chapter 4: Active Reconnaissance and Enumeration; Port scanningCountermeasures to active reconnaissance; Key learning points; Questions; Chapter 5: Vulnerability Assessments; The attack vectors; References and sources of vulnerabilities; Using vulnerability assessment tools; PCI DSS requirements; Malicious code; Reporting on the vulnerability assessment; Key learning points; Questions; Chapter 6: Hacking Windows® and Unix; Having fun; Common hacking initiatives; Defeating data theft; Protecting against unauthorized access; Access controls; Actions of the attacker; Focus on UNIX/Linux; Advanced attacks; Source code review; Case study: Attack on a Chinese bankKey learning points; Questions; Chapter 7: Launching the Attack; Steps to an exploit; Attacking wireless networks; Pen testing wireless; Network sniffing; Firewalls; Intrusion detection and prevention systems (IDS/IPS); Key learning points; Questions; Chapter 8: Attacking Web Applications; The steps in attacking a web application; Questions; Chapter 9: Preparing the Report; Determining risk levels; Risk response; Report confidentiality; Delivering the report; Key learning points; Questions; Appendix 1: Linux; Appendix 2: Encryption; Concepts of cryptography; Appendix 3: Regulations and LegislationExamples of regulations and legislation; Protection of intellectual property; Appendix 4: Incident Management; Concepts of incident management; Additional Questions and Answers; Answers; References; ITG Resources N2 - This book is a preparation guide for the CPTE examination, yet is also a general reference for experienced penetration testers, ethical hackers, auditors, security personnel and anyone else involved in the security of an organization's computer systems UR - https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=571566 ER -