Używamy cookies, aby ułatwić korzystanie z Portalu. Możesz określić warunki przechowywania, dostępu do plików cookies w Twojej przeglądarce. Dowiedz się więcej.
strona główna Strona główna | Nowości | Promocje | Zapowiedzi Twoje konto | Zarejestruj | Schowek | Kontakt | Pomoc
mapa działów
Szukaj: szukanie zaawansowane
Koszyk
Książki \ Bezpieczeństwo

Certified Ethical Hacker (CEH) Version 10 Cert Guide, 3rd Edition Język: 2

978-0-7897-6052-4

Cena Brutto: 252.00

Cena netto: 240.00

Ilość:
Wersja: Drukowana
Autor Omar Santos, Michael Gregg
Liczba_stron 704
Wydawnictwo Pearson IT Certification
Data_Wydania 2019-10-14
Certified Ethical Hacker (CEH) Version 10 Cert Guide, 3rd Edition

In this best-of-breed study guide, leading experts Michael Gregg and Omar Santos help you master all the topics you need to know to succeed on your Certified Ethical Hacker Version 10 exam and advance your career in IT security. The authors’ concise, focused approach explains every exam objective from a real-world perspective, helping you quickly identify weaknesses and retain everything you need to know.


Every feature of this book supports both efficient exam preparation and long-term mastery:

  • Opening Topics Lists identify the topics you need to learn in each chapter and list EC-Council’s official exam objectives
  • Key Topics figures, tables, and lists call attention to the information that’s most crucial for exam success
  • Exam Preparation Tasks enable you to review key topics, define key terms, work through scenarios, and answer review questions…going beyond mere facts to master the concepts that are crucial to passing the exam and enhancing your career
  • Key Terms are listed in each chapter and defined in a complete glossary, explaining all the field’s essential terminology

This study guide helps you master all the topics on the latest CEH exam, including      

  • Ethical hacking basics
  • Technical foundations of hacking
  • Footprinting and scanning
  • Enumeration and system hacking
  • Social engineering, malware threats, and vulnerability analysis
  • Sniffers, session hijacking, and denial of service
  • Web server hacking, web applications, and database attacks
  • Wireless technologies, mobile security, and mobile attacks
  • IDS, firewalls, and honeypots
  • Cryptographic attacks and defenses
  • Cloud computing, IoT, and botnets
Introduction

Chapter 1 An Introduction to Ethical Hacking

“Do I Know This Already?” Quiz

Security Fundamentals

    Goals of Security

    Risk, Assets, Threats, and Vulnerabilities

    Backing Up Data to Reduce Risk

    Defining an Exploit

    Risk Assessment

Security Testing

    No-Knowledge Tests (Black Box)

    Full-Knowledge Testing (White Box)

    Partial-Knowledge Testing (Gray Box)

    Types of Security Tests

Hacker and Cracker Descriptions

    Who Attackers Are

Ethical Hackers

    Required Skills of an Ethical Hacker

    Modes of Ethical Hacking

Test Plans–Keeping It Legal

    Test Phases

    Establishing Goals

    Getting Approval

    Ethical Hacking Report

    Vulnerability Research–Keeping Up with Changes

Ethics and Legality

    Overview of U.S. Federal Laws

    Compliance Regulations

    Payment Card Industry Data Security Standard (PCI-DSS)

Summary

Review All Key Topics

Define Key Terms

Exercises

    1-1 Searching for Exposed Passwords

    1-2 Examining Security Policies

Review Questions

Suggested Reading and Resources

Chapter 2 The Technical Foundations of Hacking

“Do I Know This Already?” Quiz

The Hacking Process

    Performing Reconnaissance and Footprinting

    Scanning and Enumeration

    Gaining Access

    Escalation of Privilege

    Maintaining Access

    Covering Tracks and Planting Backdoors

The Ethical Hacker’s Process

    NIST SP 800-15

    Operationally Critical Threat, Asset, and Vulnerability Evaluation

    Open Source Security Testing Methodology Manual

Information Security Systems and the Stack

    The OSI Model

    Anatomy of TCP/IP Protocols

    The Application Layer

    The Transport Layer

    Transmission Control Protocol

    User Datagram Protocol

    The Internet Layer

    Traceroute

    The Network Access Layer

Summary

Review All Key Topics

Define Key Terms

Exercises

    2.1 Install a Sniffer and Perform Packet Captures

    2.2 List the Protocols, Applications, and Services Found at Each Layer of the Stack

    2.3 Using Traceroute for Network Troubleshooting

Review Questions

Suggested Reading and Resources

Chapter 3 Footprinting and Scanning

“Do I Know This Already?” Quiz

Overview of the Seven-Step Information-Gathering Process

Information Gathering

    Documentation

    The Organization’s Website

    Job Boards

    Employee and People Searches

    EDGAR Database

    Google Hacking

    Usenet

    Registrar Query

    DNS Enumeration

Determining the Network Range

    Traceroute

Identifying Active Machines

Finding Open Ports and Access Points

    Nmap

    SuperScan

    THC-Amap

    Hping

    Port Knocking

    War Driving

OS Fingerprinting

    Active Fingerprinting Tools

Fingerprinting Services

    Default Ports and Services

    Finding Open Services

Mapping the Network Attack Surface

    Manual Mapping

    Automated Mapping

Summary

Review All Key Topics

Define Key Terms

Exercises

    3.1 Performing Passive Reconnaissance

    3.2 Performing Active Reconnaissance

Review Questions

Suggested Reading and Resources

Chapter 4 Enumeration and System Hacking

“Do I Know This Already?” Quiz

Enumeration

    Windows Enumeration

    Windows Security

    NetBIOS and LDAP Enumeration

    NetBIOS Enumeration Tools

    SNMP Enumeration

    Linux/UNIX Enumeration

    NTP Enumeration

    SMTP Enumeration

    IPsec and VoIP Enumeration

    DNS Enumeration

System Hacking

    Nontechnical Password Attacks

    Technical Password Attacks

    Password Guessing

    Automated Password Guessing

    Password Sniffing

    Keylogging

    Privilege Escalation and Exploiting Vulnerabilities

    Exploiting an Application

    Exploiting a Buffer Overflow

    Owning the Box

    Windows Authentication Types

    Cracking Windows Passwords

    Linux Authentication and Passwords

    Cracking Linux Passwords

    Hiding Files and Covering Tracks

    Rootkits

    File Hiding

Summary

Review All Key Topics

Define Key Terms

Exercise

    4.1 NTFS File Streaming

Review Questions

Suggested Reading and Resources

Chapter 5 Social Engineering, Malware Threats, and Vulnerability Analysis

“Do I Know This Already?” Quiz

Social Engineering

    Phishing

    Pharming

    Malvertising

    Spear Phishing

    SMS Phishing

    Voice Phishing

    Whaling

    Elicitation, Interrogation, and Impersonation (Pretexting)

    Social Engineering Motivation Techniques

    Shoulder Surfing and USB Key Drop

Malware Threats

    Viruses and Worms

    Types and Transmission Methods of Viruses and Malware

    Virus Payloads

    History of Viruses

    Well-Known Viruses and Worms

    Virus Creation Tools

    Trojans

    Trojan Types

    Trojan Ports and Communication Methods

    Trojan Goals

    Trojan Infection Mechanisms

    Effects of Trojans

    Trojan Tools

    Distributing Trojans

    Wrappers

    Packers

    Droppers

    Crypters

    Ransomware

    Covert Communication

    Tunneling via the Internet Layer

    Tunneling via the Transport Layer

    Tunneling via the Application Layer

    Port Redirection

    Keystroke Logging and Spyware

    Hardware Keyloggers

    Software Keyloggers

    Spyware

powrót
 
Produkty Podobne
Certified Ethical Hacker (CEH) Version 10 Cert Guide, 3rd Edition
Firewall nie powstrzyma prawdziwego smoka, czyli jak zadbać o cyberbezpieczeństwo. Przewodnik dla niefachowców. Wydanie III
Kliknij tutaj, aby zabić wszystkich. Bezpieczeństwo i przetrwanie w hiperpołączonym świecie
Bezpieczeństwo systemu Linux w praktyce. Receptury. Wydanie II
Atak na sieć okiem hakera. Wykrywanie i eksploatacja luk w zabezpieczeniach sieci
Anonimizacja i maskowanie danych wrażliwych w przedsiębiorstwach
Bezpieczeństwo systemów informatycznych. Zasady i praktyka. Wydanie IV. Tom 2
Bezpieczeństwo systemów informatycznych. Zasady i praktyka. Wydanie IV. Tom 1
Bądź bezpieczny w cyfrowym świecie. Poradnik bezpieczeństwa IT dla każdego
Bezpieczeństwo defensywne. Podstawy i najlepsze praktyki
Więcej produktów