Cargando…
GPEN GIAC Certified Penetration Tester All-In-One Exam Guide
This effective study guide provides 100% coverage of every topic on the GPEN GIAC Penetration Tester exam This effective self-study guide fully prepares you for the Global Information Assurance Certification's challenging Penetration Tester exam, which validates advanced IT security skills. The...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
New York :
McGraw-Hill Education,
2020.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000Mu 4500 | ||
|---|---|---|---|
| 001 | OR_on1224369829 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu|||unuuu | ||
| 008 | 201128s2020 nyu o ||| 0 eng d | ||
| 040 | |a EBLCP |b eng |c EBLCP |d YDX |d UKAHL |d TOH |d TEFOD |d OCLCO |d OCLCF |d OCLCO |d OCLCQ |d OCLCO | ||
| 019 | |a 1224162832 |a 1243073785 | ||
| 020 | |a 9781260456752 | ||
| 020 | |a 1260456757 | ||
| 029 | 1 | |a AU@ |b 000068856934 | |
| 035 | |a (OCoLC)1224369829 |z (OCoLC)1224162832 |z (OCoLC)1243073785 | ||
| 037 | |a 855BB969-530B-4A2B-A6A7-B6DCD68F40F9 |b OverDrive, Inc. |n http://www.overdrive.com | ||
| 050 | 4 | |a QA76.9.A25 | |
| 082 | 0 | 4 | |a 005.83 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Nutting, Raymond. | |
| 245 | 1 | 0 | |a GPEN GIAC Certified Penetration Tester All-In-One Exam Guide |h [electronic resource]. |
| 260 | |a New York : |b McGraw-Hill Education, |c 2020. | ||
| 300 | |a 1 online resource (558 p.) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 500 | |a Description based upon print version of record. | ||
| 505 | 0 | |a Cover -- Title Page -- Copyright Page -- Dedication -- Contents -- Acknowledgments -- Introduction -- Objectives Map: GPEN Exam -- Chapter 1 Planning and Preparation -- Penetration Testing Methodologies -- Penetration Testing Execution Standard -- NIST Technical Guide to Information Security Testing and Assessment -- Penetration Testing Framework -- Open Source Security Testing Methodology Manual -- OWASP Web Security Testing Guide -- MITRE ATT&CK -- CAPEC -- Pre-engagement Activities -- Testing Phases -- Rules of Engagement -- Scope -- Other Pre-engagement Documentation | |
| 505 | 8 | |a Third-Party Providers -- Chapter Review -- Questions -- Answers -- Chapter 2 Reconnaissance -- Open Source Intelligence -- Organizational Culture -- Social Media Behavior -- Information Technology -- Discovery Methods -- Regional Internet Registries -- Querying DNS Records -- Search Engines -- OSINT Collection Tools -- Metadata Analysis -- Chapter Review -- Questions -- Answers -- Chapter 3 Initial Access -- Exploitation Categories -- Server-Side Exploitation -- Client-Side Exploitation -- Privilege Escalation -- Network Basics and Not-So-Basics -- TCP Three-Way Handshake -- TCP and IP Headers | |
| 505 | 8 | |a Scanning and Host Discovery -- Monitoring Network Scans -- Lab 3-1: Using Wireshark -- Nmap Introduction -- Ping Sweeping -- Network Mapping -- Port Scanning -- Vulnerability Scanning -- Lab 3-2: Scanning with Nmap -- Lab 3-3: Vulnerability Scanning with Nessus -- Packet Crafting with Scapy -- Lab 3-4: Scapy Introductory -- Lab 3-5: Evil Scapy Scripting -- Web Application Penetration Testing -- Web Application Vulnerabilities -- Lab 3-6: BeEF Basics -- Lab 3-7: OWASP ZAP -- SQL Injection Attacks -- Lab 3-8: SQLi -- Lab 3-9: Blind SQLi and Sqlmap -- Command Injection -- Lab 3-10: Command Injection | |
| 505 | 8 | |a Client-Side Attacks -- Lab 3-11: Stored XSS -- Time-Saving Tips -- Chapter Review -- Questions -- Answers -- Chapter 4 Execution -- Command-Line Interface -- Linux CLI -- Windows CLI -- Scripting -- Declaring Methods and Variables -- Looping and Flow Control -- Error and Exception Handling -- Metasploit Framework (MSF) -- MSF Components -- Lab 4-1: Navigating the MSFconsole -- Service-Based Exploitation -- Lab 4-2: Exploiting SMB with Metasploit -- Lab 4-3: Exploiting ProFTPD with Metasploit -- Metasploit Meterpreter -- Lab 4-4: Upgrading to a Meterpreter Shell -- Chapter Review -- Questions | |
| 505 | 8 | |a Answers -- Chapter 5 Persistence, Privilege Escalation, and Evasion -- Persistence -- Windows Persistence -- Lab 5-1: Scheduled Tasks -- Lab 5-2: Configuring a Callback via Windows Services -- Lab 5-3: Persistence with PowerShell Empire -- Linux Persistence -- Privilege Escalation -- Lab 5-4: Linux Privilege Escalation -- Lab 5-5: Windows Information Gathering and Privilege Escalation -- Evasion -- In Memory vs. On Disk -- Disk Location -- Code Obfuscation -- Lab 5-6: Windows Defender Evasion -- Chapter Review -- Questions -- Answers -- Chapter 6 Credential Access -- Windows Password Types | |
| 500 | |a NTLM Challenge-Response Protocol. | ||
| 520 | |a This effective study guide provides 100% coverage of every topic on the GPEN GIAC Penetration Tester exam This effective self-study guide fully prepares you for the Global Information Assurance Certification's challenging Penetration Tester exam, which validates advanced IT security skills. The book features exam-focused coverage of penetration testing methodologies, legal issues, and best practices. GPEN GIAC Certified Penetration Tester All-in-One Exam Guide contains useful tips and tricks, real-world examples, and case studies drawn from authors' extensive experience. Beyond exam preparation, the book also serves as a valuable on-the-job reference. Covers every topic on the exam, including: Pre-engagement and planning activities Reconnaissance and open source intelligence gathering Scanning, enumerating targets, and identifying vulnerabilities Exploiting targets and privilege escalation Password attacks Post-exploitation activities, including data exfiltration and pivoting PowerShell for penetration testing Web application injection attacks Tools of the trade: Metasploit, proxies, and more Online content includes: 230 accurate practice exam questions Test engine containing full-length practice exams and customizable quizzes. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Penetration testing (Computer security) |x Examinations |v Study guides. | |
| 650 | 0 | |a Computer security |x Examinations |v Study guides. | |
| 650 | 6 | |a Tests d'intrusion |x Examens |v Guides de l'étudiant. | |
| 650 | 6 | |a Sécurité informatique |x Examens |v Guides de l'étudiant. | |
| 650 | 7 | |a Computer security |x Examinations |2 fast | |
| 655 | 7 | |a Study guides |2 fast | |
| 700 | 1 | |a Ahmed, Mirza. | |
| 700 | 1 | |a MacCormack, William. | |
| 776 | 0 | 8 | |i Print version: |a Nutting, Raymond |t GPEN GIAC Certified Penetration Tester All-In-One Exam Guide |d New York : McGraw-Hill Education,c2020 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781260456752/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH37856863 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6403798 | ||
| 938 | |a YBP Library Services |b YANK |n 17129301 | ||
| 994 | |a 92 |b IZTAP | ||