Penetration Testing - Protecting Networks and Systems

Description

The fundamentals of penetration testing explained

In this book, the author covers the penetration test process: reconnaissance, enumeration, vulnerability assessment and the eventual launch of an attack. He explains how to prepare the test report, focusing on what information to include in the report and how best to present it to the client. The book also discusses the potential dangers of new technology adopted to improve business operations (e.g. employee remote access, wireless communications, public-facing web applications), but, at the same time, creating new vulnerabilities.

Focusing on the techniques

Avoiding a detailed, technical analysis of the tools currently used by today’s pen testers, which often come in and out of fashion, the book instead focuses on the range of techniques employed by professional pen testers. The author draws on his wealth of experience and provides real-world examples to give readers a practical understanding of how to conduct a penetration test. He also explains how to deliver a client-focused report that assesses the security of the system and whether the level of risk to the organisation is within acceptable levels.

Contents

1. Introduction to Penetration Testing
2. Preparing to Conduct a Penetration Test
3. Reconnaissance
4. Active Reconnaissance and Enumeration
5. Vulnerability Assessments
6. Hacking Windows and UNIX
7. Launching the Attack
8. Attacking Web Applications
9. Preparing the Report

About the Author

Kevin Henry has 35 years’ experience working on computer systems, initially as an operator on the largest mini-computer installation in Canada, and then in various programmer and analyst roles before moving into computer audit and security. Kevin provides security auditing, training and educational programs for major clients and governments around the world, and is a frequent speaker on the security conference circuit.

Customer Reviews

(0# of Ratings:)