CEH v11 certified ethical hacker study guide

CEH v11 certified ethical hacker study guide

Detalles Bibliográficos
Otros Autores: Messier, Ric, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Hoboken, New Jersey : John Wiley & Sons [2021]
Edición:2nd ed
Materias:
Computer networks > Security measures.
Computer networks > Security measures > Examinations > Study guides.
Electronic data processing personnel > Certification.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009634661206719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • About the Author
  • Contents at a Glance
  • Contents
  • Introduction
  • What Is a CEH?
  • The Subject Matter
  • About the Exam
  • Who Is Eligible
  • Exam Cost
  • About EC-Council
  • Using This Book
  • Objective Map
  • Let's Get Started!
  • Assessment Test
  • Answers to Assessment Test
  • Assessment Test
  • Answers to Assessment Test
  • Chapter 1 Ethical Hacking
  • Overview of Ethics
  • Overview of Ethical Hacking
  • Methodologies
  • Cyber Kill Chain
  • Attack Lifecycle
  • Methodology of Ethical Hacking
  • Reconnaissance and Footprinting
  • Scanning and Enumeration
  • Gaining Access
  • Maintaining Access
  • Covering Tracks
  • Summary
  • Chapter 2 Networking Foundations
  • Communications Models
  • Open Systems Interconnection
  • TCP/IP Architecture
  • Topologies
  • Bus Network
  • Star Network
  • Ring Network
  • Mesh Network
  • Hybrid
  • Physical Networking
  • Addressing
  • Switching
  • IP
  • Headers
  • Addressing
  • Subnets
  • TCP
  • UDP
  • Internet Control Message Protocol
  • Network Architectures
  • Network Types
  • Isolation
  • Remote Access
  • Cloud Computing
  • Storage as a Service
  • Infrastructure as a Service
  • Platform as a Service
  • Software as a Service
  • Internet of Things
  • Summary
  • Review Questions
  • Chapter 3 Security Foundations
  • The Triad
  • Confidentiality
  • Integrity
  • Availability
  • Parkerian Hexad
  • Risk
  • Policies, Standards, and Procedures
  • Security Policies
  • Security Standards
  • Procedures
  • Guidelines
  • Organizing Your Protections
  • Security Technology
  • Firewalls
  • Intrusion Detection Systems
  • Intrusion Prevention Systems
  • Endpoint Detection and Response
  • Security Information and Event Management
  • Being Prepared
  • Defense in Depth
  • Defense in Breadth
  • Defensible Network Architecture
  • Logging
  • Auditing
  • Summary
  • Review Questions.
  • Chapter 4 Footprinting and Reconnaissance
  • Open Source Intelligence
  • Companies
  • People
  • Social Networking
  • Domain Name System
  • Name Lookups
  • Zone Transfers
  • Passive DNS
  • Passive Reconnaissance
  • Website Intelligence
  • Technology Intelligence
  • Google Hacking
  • Internet of Things (IoT)
  • Summary
  • Review Questions
  • Chapter 5 Scanning Networks
  • Ping Sweeps
  • Using fping
  • Using MegaPing
  • Port Scanning
  • Nmap
  • masscan
  • MegaPing
  • Metasploit
  • Vulnerability Scanning
  • OpenVAS
  • Nessus
  • Looking for Vulnerabilities with Metasploit
  • Packet Crafting and Manipulation
  • hping
  • packETH
  • fragroute
  • Evasion Techniques
  • Protecting and Detecting
  • Summary
  • Review Questions
  • Chapter 6 Enumeration
  • Service Enumeration
  • Remote Procedure Calls
  • SunRPC
  • Remote Method Invocation
  • Server Message Block
  • Built-in Utilities
  • nmap Scripts
  • NetBIOS Enumerator
  • Metasploit
  • Other Utilities
  • Simple Network Management Protocol
  • Simple Mail Transfer Protocol
  • Web-Based Enumeration
  • Summary
  • Review Questions
  • Chapter 7 System Hacking
  • Searching for Exploits
  • System Compromise
  • Metasploit Modules
  • Exploit-DB
  • Gathering Passwords
  • Password Cracking
  • John the Ripper
  • Rainbow Tables
  • Kerberoasting
  • Client-Side Vulnerabilities
  • Living Off the Land
  • Fuzzing
  • Post Exploitation
  • Evasion
  • Privilege Escalation
  • Pivoting
  • Persistence
  • Covering Tracks
  • Summary
  • Review Questions
  • Chapter 8 Malware
  • Malware Types
  • Virus
  • Worm
  • Trojan
  • Botnet
  • Ransomware
  • Dropper
  • Malware Analysis
  • Static Analysis
  • Dynamic Analysis
  • Creating Malware
  • Writing Your Own
  • Using Metasploit
  • Obfuscating
  • Malware Infrastructure
  • Antivirus Solutions
  • Persistence
  • Summary
  • Review Questions
  • Chapter 9 Sniffing
  • Packet Capture
  • tcpdump
  • tshark.
  • Wireshark
  • Berkeley Packet Filter
  • Port Mirroring/Spanning
  • Packet Analysis
  • Spoofing Attacks
  • ARP Spoofing
  • DNS Spoofing
  • sslstrip
  • Spoofing Detection
  • Summary
  • Review Questions
  • Chapter 10 Social Engineering
  • Social Engineering
  • Pretexting
  • Social Engineering Vectors
  • Physical Social Engineering
  • Badge Access
  • Man Traps
  • Biometrics
  • Phone Calls
  • Baiting
  • Phishing Attacks
  • Website Attacks
  • Cloning
  • Rogue Attacks
  • Wireless Social Engineering
  • Automating Social Engineering
  • Summary
  • Review Questions
  • Chapter 11 Wireless Security
  • Wi-Fi
  • Wi-Fi Network Types
  • Wi-Fi Authentication
  • Wi-Fi Encryption
  • Bring Your Own Device
  • Wi-Fi Attacks
  • Bluetooth
  • Scanning
  • Bluejacking
  • Bluesnarfing
  • Bluebugging
  • Mobile Devices
  • Mobile Device Attacks
  • Summary
  • Review Questions
  • Chapter 12 Attack and Defense
  • Web Application Attacks
  • XML External Entity Processing
  • Cross-Site Scripting
  • SQL Injection
  • Command Injection
  • File Traversal
  • Web Application Protections
  • Denial-of-Service Attacks
  • Bandwidth Attacks
  • Slow Attacks
  • Legacy
  • Application Exploitation
  • Buffer Overflow
  • Heap Spraying
  • Application Protections and Evasions
  • Lateral Movement
  • Defense in Depth/Defense in Breadth
  • Defensible Network Architecture
  • Summary
  • Review Questions
  • Chapter 13 Cryptography
  • Basic Encryption
  • Substitution Ciphers
  • Diffie-Hellman
  • Symmetric Key Cryptography
  • Data Encryption Standard
  • Advanced Encryption Standard
  • Asymmetric Key Cryptography
  • Hybrid Cryptosystem
  • Nonrepudiation
  • Elliptic Curve Cryptography
  • Certificate Authorities and Key Management
  • Certificate Authority
  • Trusted Third Party
  • Self-Signed Certificates
  • Cryptographic Hashing
  • PGP and S/MIME
  • Disk and File Encryption
  • Summary
  • Review Questions.
  • Chapter 14 Security Architecture and Design
  • Data Classification
  • Security Models
  • State Machine
  • Biba
  • Bell-LaPadula
  • Clark-Wilson Integrity Model
  • Application Architecture
  • n-tier Application Design
  • Service-Oriented Architecture
  • Cloud-Based Applications
  • Database Considerations
  • Security Architecture
  • Summary
  • Review Questions
  • Chapter 15 Cloud Computing and the Internet of Things
  • Cloud Computing Overview
  • Cloud Services
  • Shared Responsibility Model
  • Public vs. Private Cloud
  • Cloud Architectures and Deployment
  • Responsive Design
  • Cloud-Native Design
  • Deployment
  • Dealing with REST
  • Common Cloud Threats
  • Access Management
  • Data Breach
  • Web Application Compromise
  • Credential Compromise
  • Insider Threat
  • Internet of Things
  • Operational Technology
  • Summary
  • Review Questions
  • Appendix Answers to Review Questions
  • Chapter 2: Networking Foundations
  • Chapter 3: Security Foundations
  • Chapter 4: Footprinting and Reconnaissance
  • Chapter 5: Scanning Networks
  • Chapter 6: Enumeration
  • Chapter 7: System Hacking
  • Chapter 8: Malware
  • Chapter 9: Sniffing
  • Chapter 10: Social Engineering
  • Chapter 11: Wireless Security
  • Chapter 12: Attack and Defense
  • Chapter 13: Cryptography
  • Chapter 14: Security Architecture and Design
  • Chapter 15: Cloud Computing and the Internet of Things
  • Index
  • Comprehensive Online Learning Environment
  • Register and Access the Online Test Bank
  • EULA.

Ejemplares similares