SØG - mellem flere end 8 millioner bøger:
Viser: CEH V9 - Certified Ethical Hacker Version 9 Study Guide
CEH V9
Certified Ethical Hacker Version 9 Study Guide
Robert Shimonski
(2016)
Sprog: Engelsk
John Wiley & Sons, Incorporated
393,00 kr.
Denne titel er udgået og kan derfor ikke bestilles. Vi beklager.
Detaljer om varen
- 3. Udgave
- Paperback: 656 sider
- Udgiver: John Wiley & Sons, Incorporated (Juni 2016)
- ISBN: 9781119252245
The ultimate preparation guide for the unique CEH exam.
The CEH v10: Certified Ethical Hacker Version 10 Study Guide is your ideal companion for CEH v10 exam preparation. This comprehensive, in-depth review of CEH certification requirements is designed to help you internalize critical information using concise, to-the-point explanations and an easy-to-follow approach to the material. Covering all sections of the exam, the discussion highlights essential topics like intrusion detection, DDoS attacks, buffer overflows, and malware creation in detail, and puts the concepts into the context of real-world scenarios. Each chapter is mapped to the corresponding exam objective for easy reference, and the Exam Essentials feature helps you identify areas in need of further study. You also get access to online study tools including chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms to help you ensure full mastery of the exam material.
The Certified Ethical Hacker is one-of-a-kind in the cybersecurity sphere, allowing you to delve into the mind of a hacker for a unique perspective into penetration testing. This guide is your ideal exam preparation resource, with specific coverage of all CEH objectives and plenty of practice material.
- Review all CEH v10 topics systematically
- Reinforce critical skills with hands-on exercises
- Learn how concepts apply in real-world scenarios
- Identify key proficiencies prior to the exam
The CEH certification puts you in professional demand, and satisfies the Department of Defense's 8570 Directive for all Information Assurance government positions. Not only is it a highly-regarded credential, but it's also an expensive exam--making the stakes even higher on exam day. The CEH v10: Certified Ethical Hacker Version 10 Study Guide gives you the intense preparation you need to pass with flying colors.
Introduction xxi Assessment Test xxxii
Chapter 1 Introduction to Ethical Hacking 1 Hacking: the Evolution 3 The Early Days of Hacking 3 Current Developments 4 Hacking: Fun or Criminal Activity? 5 The Evolution and Growth of Hacking 7 So, What Is an Ethical Hacker? 9 What Are Your Responsibilities? 9 Code of Conduct and Ethics 11 Ethical Hacking and Penetration Testing 12 Hacking Methodologies 17 Vulnerability Research and Tools 21 What Is Incident Response? 21 Business Continuity Plan 26 Ethics and the Law 33 Summary 34 Exam Essentials 35 Review Questions 36
Chapter 2 System Fundamentals 39 Exploring Network Topologies 40 Working with the Open Systems Interconnection Model 44 Dissecting the TCP/IP Suite 47 IP Subnetting 49 Hexadecimal vs. Binary 49 Exploring TCP/IP Ports 50 Domain Name System 53 Understanding Network Devices 53 Routers and Switches 53 Working with MAC Addresses 55 Proxies and Firewalls 56 Intrusion Prevention and Intrusion Detection Systems 57 Network Security 58 Knowing Operating Systems 60 Microsoft Windows 60 Mac OS 61 Android 62 Linux 62 Backups and Archiving 63 Summary 64 Exam Essentials 65 Review Questions 66
Chapter 3 Cryptography 71 Cryptography: Early Applications and Examples 73 History of Cryptography 73 Tracing the Evolution 75 Cryptography in Action 76 So How Does It Work? 77 Symmetric Cryptography 77 Asymmetric, or Public Key, Cryptography 80 Understanding Hashing 86 Issues with Cryptography 88 Applications of Cryptography 89 IPsec 90 Pretty Good Privacy 92 Secure Sockets Layer 93 Summary 94 Exam Essentials 94 Review Questions 95
Chapter 4 Footprinting 99 Understanding the Steps of Ethical Hacking 100 Phase
1: Footprinting 100 Phase
2: Scanning 101 Phase
3: Enumeration 101 Phase
4: System Hacking 102 What Is Footprinting? 102 Why Perform Footprinting? 103 Goals of the Footprinting Process 103 Terminology in Footprinting 106 Open Source and Passive Information Gathering 106 Passive Information Gathering 106 Pseudonymous Footprinting 106 Internet Footprinting 107 Threats Introduced by Footprinting 107 The Footprinting Process 108 Using Search Engines 108 Google Hacking 108 Public and Restricted Websites 111 Location and Geography 112 Social Networking and Information Gathering 113 Financial Services and Information Gathering 116 The Value of Job Sites 116 Working with Email 117 Competitive Analysis 118 Gaining Network Information 119 Social Engineering: the Art of Hacking Humans 120 Summary 121 Exam Essentials 121 Review Questions 123
Chapter 5 Scanning 127 What Is Scanning? 128 Types of Scans 129 Checking for Live Systems 130 Wardialing 131 Using Ping 133 Hping3: the Heavy Artillery 134 Checking the Status of Ports 135 The Family Tree of Scans 138 Full-Open Scan 138 Stealth or Half-Open Scan 138 Xmas Tree Scan 139 FIN Scan 140 NULL Scan 141 Idle Scanning 142 ACK Scanning 143 UDP Scanning 144 OS Fingerprinting 145 Active Fingerprinting with Nmap 146 Passive Fingerprinting an OS 147 Banner Grabbing 149 Countermeasures 151 Vulnerability Scanning 151 Mapping the Network 152 Using Proxies 153 Setting a Web Browser to Use a Proxy 154 Summary 155 Exam Essentials 155 Review Questions 156
Chapter 6 Enumeration 159 A Quick Review 160 Footprinting 160 Scanning 161 What Is Enumeration? 161 About Windows Enumeration 163 Users 163 Groups 164 Security Identifiers 166 Linux Basic 168 Users 168 Services and Ports of Interest 169 Commonly Exploited Services 170 NULL Sessions 173 SuperScan 174 DNS Zone Transfers 174 The PsTools Suite 177 Using finger 178 Enumeration with SNMP 178 Management Information Base 179 SNScan 180 Unix and Linux Enumeration 180 finger 180 rpcinfo 181 showmount 181 enum4linux 181 LDAP and Directory Service Enumeration 182 JXplorer 183 Preventing LDAP Enumeration 183 Enumeration Using NTP 184 SMTP Enumeration 184 Using VRFY 185 Using EXPN 185 Using RCPT TO 186 SMTP Relay 186 Summary 187 Exam Essentials 187 Review Questions 189
Chapter 7 System Hacking 193 Up to This Point 194 Footprinting 194 Scanning 195 Enumeration 195 System Hacking 196 Password Cracking 196 Authentication on Microsoft Platforms 209 Executing Applications 213 Covering Your Tracks 215 Summary 217 Exam Essentials 218 Review Questions 219
Chapter 8 Malware 223 Malware 224 Malware and the Law 226 Categories of Malware 227 Viruses 228 Worms 234 Spyware 236 Adware 237 Scareware 237 Ransomware 238 Trojans 238 Overt and Covert Channels 247 Summary 249 Exam Essentials 250 Review Questions 251
Chapter 9 Sniffers 255 Understanding Sniffers 256 Using a Sniffer 259 Sniffing Tools 259 Wireshark 260 Tcpdump 264 Reading Sniffer Output 266 Switched Network Sniffing 270 MAC Flooding 270 ARP Poisoning 271 MAC Spoofing 272 Port Mirror or SPAN Port 272 On the Defensive 273 Mitigating MAC Flooding 274 Detecting Sniffing Attacks 275 Summary 275 Exam Essentials 276 Review Questions 277
Chapter 10 Social Engineering 281 What Is Social Engineering? 282 Why Does Social Engineering Work? 283 The Power of Social Engineering 284 Social-Engineering Phases 285 What Is the Impact of Social Engineering? 285 Common Targets of Social Engineering 286 Social Networking to Gather Information? 287 Networking 289 Countermeasures for Social Networking 291 Commonly Employed Threats 293 Identity Theft 296 Protective Measures 297 Know What Information Is Available 298 Summary 298 Exam Essentials 299 Review Questions 300
Chapter 11 Denial of Service 305 Understanding DoS 306 DoS Targets 308 Types of Attacks 308 Buffer Overflow 314 Understanding DDoS 317 DDoS Attacks 318 DoS Tools 319 DDoS Tools 320 DoS Defensive Strategies 323 Botnet-Specific Defenses 323 DoS Pen-Testing Considerations 324 Summary 324 Exam Essentials 324 Review Questions 326
Chapter 12 Session Hijacking 331 Understanding Session Hijacking 332 Spoofing vs. Hijacking 334 Active and Passive Attacks 335 Session Hijacking and Web Apps 336 Types of Application-Level Session Hijacking 337 A Few Key Concepts 341 Network Session Hijacking 344 Exploring Defensive Strategies 352 Summary 353 Exam Essentials 353 Review Questions 355
Chapter 13 Web Servers and Applications 359 Exploring the ClientServer Relationship 360 Looking Closely at Web Servers 361 Web Applications 363 The Client and the Server 364 A Look at the Cloud 365 Closer Inspection of a Web Application 366 Vulnerabilities of Web Servers and Applications 369 Common Flaws and Attack Methods 375 Testing Web Applications 383 Summary 384 Exam Essentials 384 Review Questions 385
Chapter 14 SQL Injection 389 Introducing SQL Injection 390 Results of SQL Injection 392 The Anatomy of a Web Application 393 Databases and Their Vulnerabilities 394 Anatomy of a SQL Injection Attack 396 Altering Data with a SQL Injection Attack 399 Injecting Blind 401 Information Gathering 402 Evading Detection Mechanisms 403 SQL Injection Countermeasures 404 Summary 405 Exam Essentials 405 Review Questions 406
Chapter 15 Hacking WiFi and Bluetooth 409 What Is a Wireless Network? 410 WiFi: an Overview 410 The Fine Print 411 Wireless Vocabulary 414 A Close Examination of Threats 425 Ways to Locate Wireless Networks 429 Choosing the Right Wireless Card 430 Hacking Bluetooth 431 Summary 433 Exam Essentials 434 Review Questions 435
Chapter 16 Mobile Device Security 439 Mobile OS Models and Architectures 440 Goals of Mobile Security 441 Device Security Models 442 Google Android OS 443 Apple iOS 446 Common Problems with Mobile Devices 447 Penetration Testing Mobile Devices 449 Penetration Testing Using Android 450 Countermeasures 454 Summary 455 Exam Essentials 456 Review Questions 457
Chapter 17 Evasion 461 Honeypots, IDSs, and Firewalls 462 The Role of Intrusion Detection Systems 462 Firewalls 467 What''s That Firewall Running?
Chapter 1 Introduction to Ethical Hacking 1 Hacking: the Evolution 3 The Early Days of Hacking 3 Current Developments 4 Hacking: Fun or Criminal Activity? 5 The Evolution and Growth of Hacking 7 So, What Is an Ethical Hacker? 9 What Are Your Responsibilities? 9 Code of Conduct and Ethics 11 Ethical Hacking and Penetration Testing 12 Hacking Methodologies 17 Vulnerability Research and Tools 21 What Is Incident Response? 21 Business Continuity Plan 26 Ethics and the Law 33 Summary 34 Exam Essentials 35 Review Questions 36
Chapter 2 System Fundamentals 39 Exploring Network Topologies 40 Working with the Open Systems Interconnection Model 44 Dissecting the TCP/IP Suite 47 IP Subnetting 49 Hexadecimal vs. Binary 49 Exploring TCP/IP Ports 50 Domain Name System 53 Understanding Network Devices 53 Routers and Switches 53 Working with MAC Addresses 55 Proxies and Firewalls 56 Intrusion Prevention and Intrusion Detection Systems 57 Network Security 58 Knowing Operating Systems 60 Microsoft Windows 60 Mac OS 61 Android 62 Linux 62 Backups and Archiving 63 Summary 64 Exam Essentials 65 Review Questions 66
Chapter 3 Cryptography 71 Cryptography: Early Applications and Examples 73 History of Cryptography 73 Tracing the Evolution 75 Cryptography in Action 76 So How Does It Work? 77 Symmetric Cryptography 77 Asymmetric, or Public Key, Cryptography 80 Understanding Hashing 86 Issues with Cryptography 88 Applications of Cryptography 89 IPsec 90 Pretty Good Privacy 92 Secure Sockets Layer 93 Summary 94 Exam Essentials 94 Review Questions 95
Chapter 4 Footprinting 99 Understanding the Steps of Ethical Hacking 100 Phase
1: Footprinting 100 Phase
2: Scanning 101 Phase
3: Enumeration 101 Phase
4: System Hacking 102 What Is Footprinting? 102 Why Perform Footprinting? 103 Goals of the Footprinting Process 103 Terminology in Footprinting 106 Open Source and Passive Information Gathering 106 Passive Information Gathering 106 Pseudonymous Footprinting 106 Internet Footprinting 107 Threats Introduced by Footprinting 107 The Footprinting Process 108 Using Search Engines 108 Google Hacking 108 Public and Restricted Websites 111 Location and Geography 112 Social Networking and Information Gathering 113 Financial Services and Information Gathering 116 The Value of Job Sites 116 Working with Email 117 Competitive Analysis 118 Gaining Network Information 119 Social Engineering: the Art of Hacking Humans 120 Summary 121 Exam Essentials 121 Review Questions 123
Chapter 5 Scanning 127 What Is Scanning? 128 Types of Scans 129 Checking for Live Systems 130 Wardialing 131 Using Ping 133 Hping3: the Heavy Artillery 134 Checking the Status of Ports 135 The Family Tree of Scans 138 Full-Open Scan 138 Stealth or Half-Open Scan 138 Xmas Tree Scan 139 FIN Scan 140 NULL Scan 141 Idle Scanning 142 ACK Scanning 143 UDP Scanning 144 OS Fingerprinting 145 Active Fingerprinting with Nmap 146 Passive Fingerprinting an OS 147 Banner Grabbing 149 Countermeasures 151 Vulnerability Scanning 151 Mapping the Network 152 Using Proxies 153 Setting a Web Browser to Use a Proxy 154 Summary 155 Exam Essentials 155 Review Questions 156
Chapter 6 Enumeration 159 A Quick Review 160 Footprinting 160 Scanning 161 What Is Enumeration? 161 About Windows Enumeration 163 Users 163 Groups 164 Security Identifiers 166 Linux Basic 168 Users 168 Services and Ports of Interest 169 Commonly Exploited Services 170 NULL Sessions 173 SuperScan 174 DNS Zone Transfers 174 The PsTools Suite 177 Using finger 178 Enumeration with SNMP 178 Management Information Base 179 SNScan 180 Unix and Linux Enumeration 180 finger 180 rpcinfo 181 showmount 181 enum4linux 181 LDAP and Directory Service Enumeration 182 JXplorer 183 Preventing LDAP Enumeration 183 Enumeration Using NTP 184 SMTP Enumeration 184 Using VRFY 185 Using EXPN 185 Using RCPT TO 186 SMTP Relay 186 Summary 187 Exam Essentials 187 Review Questions 189
Chapter 7 System Hacking 193 Up to This Point 194 Footprinting 194 Scanning 195 Enumeration 195 System Hacking 196 Password Cracking 196 Authentication on Microsoft Platforms 209 Executing Applications 213 Covering Your Tracks 215 Summary 217 Exam Essentials 218 Review Questions 219
Chapter 8 Malware 223 Malware 224 Malware and the Law 226 Categories of Malware 227 Viruses 228 Worms 234 Spyware 236 Adware 237 Scareware 237 Ransomware 238 Trojans 238 Overt and Covert Channels 247 Summary 249 Exam Essentials 250 Review Questions 251
Chapter 9 Sniffers 255 Understanding Sniffers 256 Using a Sniffer 259 Sniffing Tools 259 Wireshark 260 Tcpdump 264 Reading Sniffer Output 266 Switched Network Sniffing 270 MAC Flooding 270 ARP Poisoning 271 MAC Spoofing 272 Port Mirror or SPAN Port 272 On the Defensive 273 Mitigating MAC Flooding 274 Detecting Sniffing Attacks 275 Summary 275 Exam Essentials 276 Review Questions 277
Chapter 10 Social Engineering 281 What Is Social Engineering? 282 Why Does Social Engineering Work? 283 The Power of Social Engineering 284 Social-Engineering Phases 285 What Is the Impact of Social Engineering? 285 Common Targets of Social Engineering 286 Social Networking to Gather Information? 287 Networking 289 Countermeasures for Social Networking 291 Commonly Employed Threats 293 Identity Theft 296 Protective Measures 297 Know What Information Is Available 298 Summary 298 Exam Essentials 299 Review Questions 300
Chapter 11 Denial of Service 305 Understanding DoS 306 DoS Targets 308 Types of Attacks 308 Buffer Overflow 314 Understanding DDoS 317 DDoS Attacks 318 DoS Tools 319 DDoS Tools 320 DoS Defensive Strategies 323 Botnet-Specific Defenses 323 DoS Pen-Testing Considerations 324 Summary 324 Exam Essentials 324 Review Questions 326
Chapter 12 Session Hijacking 331 Understanding Session Hijacking 332 Spoofing vs. Hijacking 334 Active and Passive Attacks 335 Session Hijacking and Web Apps 336 Types of Application-Level Session Hijacking 337 A Few Key Concepts 341 Network Session Hijacking 344 Exploring Defensive Strategies 352 Summary 353 Exam Essentials 353 Review Questions 355
Chapter 13 Web Servers and Applications 359 Exploring the ClientServer Relationship 360 Looking Closely at Web Servers 361 Web Applications 363 The Client and the Server 364 A Look at the Cloud 365 Closer Inspection of a Web Application 366 Vulnerabilities of Web Servers and Applications 369 Common Flaws and Attack Methods 375 Testing Web Applications 383 Summary 384 Exam Essentials 384 Review Questions 385
Chapter 14 SQL Injection 389 Introducing SQL Injection 390 Results of SQL Injection 392 The Anatomy of a Web Application 393 Databases and Their Vulnerabilities 394 Anatomy of a SQL Injection Attack 396 Altering Data with a SQL Injection Attack 399 Injecting Blind 401 Information Gathering 402 Evading Detection Mechanisms 403 SQL Injection Countermeasures 404 Summary 405 Exam Essentials 405 Review Questions 406
Chapter 15 Hacking WiFi and Bluetooth 409 What Is a Wireless Network? 410 WiFi: an Overview 410 The Fine Print 411 Wireless Vocabulary 414 A Close Examination of Threats 425 Ways to Locate Wireless Networks 429 Choosing the Right Wireless Card 430 Hacking Bluetooth 431 Summary 433 Exam Essentials 434 Review Questions 435
Chapter 16 Mobile Device Security 439 Mobile OS Models and Architectures 440 Goals of Mobile Security 441 Device Security Models 442 Google Android OS 443 Apple iOS 446 Common Problems with Mobile Devices 447 Penetration Testing Mobile Devices 449 Penetration Testing Using Android 450 Countermeasures 454 Summary 455 Exam Essentials 456 Review Questions 457
Chapter 17 Evasion 461 Honeypots, IDSs, and Firewalls 462 The Role of Intrusion Detection Systems 462 Firewalls 467 What''s That Firewall Running?
De oplyste priser er inkl. moms
Butikker og åbningstid
Handler du som firma
Forretningsbetingelser
Porto og forsendelse
Data & cookiepolitik
Handler du som firma
Forretningsbetingelser
Porto og forsendelse
Data & cookiepolitik
Polyteknisk Boghandel og Forlag A/S - Anker Engelundsvej 1 - 2800 Lyngby
Tlf 77 42 43 44 - email poly@polyteknisk.dk - CVR 34072655 - Sydbank Reg: 6748 Konto 0001107927
Tlf 77 42 43 44 - email poly@polyteknisk.dk - CVR 34072655 - Sydbank Reg: 6748 Konto 0001107927