Efnisyfirlit

• Acknowledgments
• About the Authors
• Introduction
• Assessment Test
• Answers to Assessment Test
• Chapter 1 Penetration Testing
• What Is Penetration Testing?
• Reasons for Penetration Testing
• Who Performs Penetration Tests?
• The CompTIA Penetration Testing Process
• The Cyber Kill Chain
• Tools of the Trade
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 2 Planning and Scoping Penetration Tests
• Scoping and Planning Engagements
• Key Legal Concepts for Penetration Tests
• Understanding Compliance-Based Assessments
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 3 Information Gathering
• Footprinting and Enumeration
• Active Reconnaissance and Enumeration
• Information Gathering and Defenses
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 4 Vulnerability Scanning
• Identifying Vulnerability Management Requirements
• Configuring and Executing Vulnerability Scans
• Software Security Testing
• Developing a Remediation Workflow
• Overcoming Barriers to Vulnerability Scanning
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 5 Analyzing Vulnerability Scans
• Reviewing and Interpreting Scan Reports
• Validating Scan Results
• Common Vulnerabilities
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 6 Exploit and Pivot
• Exploits and Attacks
• Exploitation Toolkits
• Exploit Specifics
• Leveraging Exploits
• Persistence and Evasion
• Pivoting
• Covering Your Tracks
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 7 Exploiting Network Vulnerabilities
• Conducting Network Exploits
• Exploiting Windows Services
• Exploiting Common Services
• Wireless Exploits
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 8 Exploiting Physical and Social Vulnerabilities
• Physical Facility Penetration Testing
• Social Engineering
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 9 Exploiting Application Vulnerabilities
• Exploiting Injection Vulnerabilities
• Exploiting Authentication Vulnerabilities
• Exploiting Authorization Vulnerabilities
• Exploiting Web Application Vulnerabilities
• Unsecure Coding Practices
• Application Testing Tools
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 10 Exploiting Host Vulnerabilities
• Attacking Hosts
• Remote Access
• Attacking Virtual Machines and Containers
• Physical Device Security
• Attacking Mobile Devices
• Credential Attacks
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 11 Scripting for Penetration Testing
• Scripting and Penetration Testing
• Variables, Arrays, and Substitutions
• Comparison Operations
• String Operations
• Flow Control
• Input and Output (I/O)
• Error Handling
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Chapter 12 Reporting and Communication
• The Importance of Communication
• Recommending Mitigation Strategies
• Writing a Penetration Testing Report
• Wrapping Up the Engagement
• Summary
• Exam Essentials
• Lab Exercises
• Review Questions
• Appendix Answers to Review Questions
• Chapter 1: Penetration Testing
• Chapter 2: Planning and Scoping Penetration Tests
• Chapter 3: Information Gathering
• Chapter 4: Vulnerability Scanning
• Chapter 5: Analyzing Vulnerability Scans
• Chapter 6: Exploit and Pivot
• Chapter 7: Exploiting Network Vulnerabilities
• Chapter 8: Exploiting Physical and Social Vulnerabilities
• Chapter 9: Exploiting Application Vulnerabilities
• Chapter 10: Exploiting Host Vulnerabilities
• Chapter 11: Script for Penetration Testing
• Chapter 12: Reporting and Communication
• Index
• Advert
• End User License Agreement