Cantitate/Preț
Produs

CEH: Certified Ethical Hacker Version 8 Study Guide

De (autor)
Notă GoodReads:
en Limba Engleză Carte Paperback – 14 Oct 2014

Includes Real–World Scenarios, Hands–On Exercises, and Access to Exam Prep Software Featuring:
+ Practice Test Environment
+ Hundreds of Practice Questions
+ Electronic Flashcards
+ Chapter Review Questions
+ Glossary of Key Terms
Complete Preparation for the Certified Ethical Hacker Exam Version 8
This in–depth study guide prepares you for the unique and challenging Certified Ethical Hacker version 8 (CEHv8) exam. IT security expert Sean–Philip Oriyano has compiled a comprehensive overview of the CEH certification requirements with a concise and easy–to–follow approach to this difficult exam. Essential topics like intrusion detection, DDoS attacks, buffer overflows, and virus creation are covered in detail. This DoD 8570.1–compliant study guide from Sybex includes:
Full coverage of all exam topics in a systematic approach, so you can be confident you re getting the instruction you need for the exam
Practical hands–on exercises to reinforce critical skills
Real–world scenarios that put what you ve learned in the context of actual job roles
Challenging review questions in each chapter to prepare you for exam day
Exam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the exam
A handy section that maps every official exam objective to the corresponding chapter in the book so you can track your exam prep objective by objective
Sybex Exam Prep Tools
Go to www.sybex.com/go/cehv8 for access to a full set of study tools to help you prepare for the exam, including:

  • Chapter review questions
  • Full–length practice exams
  • Hundreds of electronic flashcards
  • Glossary of key terms

Includes coverage of all exam objectives, including these key topics:

  • Introduction to Ethical Hacking
  • Footprinting and Reconnaissance
  • Scanning Networks
  • Enumeration
  • System Hacking
  • Trojans and Backdoors
  • Viruses and Worms
  • Sniffers
  • Social Engineering
  • Denial of Service
  • Session Hijacking
  • Hacking Webservers
  • Hacking Web Applications
  • SQL Injection
  • Hacking Wireless Networks
  • Evading IDS, Firewalls, and Honeypots
  • Buffer Overflow
  • Cryptography
  • Penetration Testing
Citește tot Restrânge

Preț: 14583 lei

Preț vechi: 18229 lei
-20%

Puncte Express: 219

Preț estimativ în valută:
2983 3515$ 2665£

Cartea nu se mai tipărește

Doresc să fiu notificat când acest titlu va fi disponibil:

Preluare comenzi: 021 569.72.76

Specificații

ISBN-13: 9781118647677
ISBN-10: 111864767X
Pagini: 504
Ilustrații: illustrations
Dimensiuni: 187 x 235 x 25 mm
Greutate: 0.68 kg
Editura: Sybex
Locul publicării: Hoboken, United States

Public țintă

Individuals self–studying for the CEHv8 exam who need a concise guide on how to using hacking tools and understanding the hacking process.  Also, those either with 2+ years of IT security experience or have attended a EC–Council course, and are looking for an exam preparation tool, or need to update their CEH certification. Finally, ideal for test takers looking for extra practice material.

Textul de pe ultima copertă

Includes Real–World Scenarios, Hands–On Exercises, and Access to Exam Prep Software Featuring:
+ Practice Test Environment
+ Hundreds of Practice Questions
+ Electronic Flashcards
+ Chapter Review Questions
+ Glossary of Key Terms
Complete Preparation for the Certified Ethical Hacker Exam Version 8
This in–depth study guide prepares you for the unique and challenging Certified Ethical Hacker version 8 (CEHv8) exam. IT security expert Sean–Philip Oriyano has compiled a comprehensive overview of the CEH certification requirements with a concise and easy–to–follow approach to this difficult exam. Essential topics like intrusion detection, DDoS attacks, buffer overflows, and virus creation are covered in detail. This DoD 8570.1–compliant study guide from Sybex includes:
Full coverage of all exam topics in a systematic approach, so you can be confident you re getting the instruction you need for the exam
Practical hands–on exercises to reinforce critical skills
Real–world scenarios that put what you ve learned in the context of actual job roles
Challenging review questions in each chapter to prepare you for exam day
Exam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the exam
A handy section that maps every official exam objective to the corresponding chapter in the book so you can track your exam prep objective by objective
Sybex Exam Prep Tools
Go to www.sybex.com/go/cehv8 for access to a full set of study tools to help you prepare for the exam, including:

  • Chapter review questions
  • Full–length practice exams
  • Hundreds of electronic flashcards
  • Glossary of key terms

Includes coverage of all exam objectives, including these key topics:

  • Introduction to Ethical Hacking
  • Footprinting and Reconnaissance
  • Scanning Networks
  • Enumeration
  • System Hacking
  • Trojans and Backdoors
  • Viruses and Worms
  • Sniffers
  • Social Engineering
  • Denial of Service
  • Session Hijacking
  • Hacking Webservers
  • Hacking Web Applications
  • SQL Injection
  • Hacking Wireless Networks
  • Evading IDS, Firewalls, and Honeypots
  • Buffer Overflow
  • Cryptography
  • Penetration Testing

Cuprins

Introduction xxi
Assessment Test xxx
Chapter 1 Getting Started with Ethical Hacking 1
Hacking: A Short History 2
The Early Days of Hacking 2
Current Developments 3
Hacking: Fun or Criminal Activity? 4
The Evolution and Growth of Hacking 6
What Is an Ethical Hacker? 7
Ethical Hacking and Penetration Testing 10
Hacking Methodologies 15
Vulnerability Research and Tools 18
Ethics and the Law 18
Summary 20
Exam Essentials 20
Review Questions 21
Chapter 2 System Fundamentals 25
Exploring Network Topologies 26
Working with the Open Systems Interconnection Model 30
Dissecting the TCP/IP Suite 33
IP Subnetting 35
Hexadecimal vs. Binary 35
Exploring TCP/IP Ports 37
Domain Name System 39
Understanding Network Devices 39
Routers and Switches 39
Working with MAC Addresses 41
Proxies and Firewalls 42
Intrusion Prevention and Intrusion Detection Systems 43
Network Security 44
Knowing Operating Systems 46
Windows 46
Mac OS 47
Linux 48
Backups and Archiving 49
Summary 49
Exam Essentials 50
Review Questions 51
Chapter 3 Cryptography 55
Cryptography: Early Applications and Examples 56
History of Cryptography 57
Tracing the Evolution 58
Cryptography in Action 59
So How Does It Work? 60
Symmetric Cryptography 61
Asymmetric, or Public Key, Cryptography 62
Understanding Hashing 68
Issues with Cryptography 69
Applications of Cryptography 71
IPSec 71
Pretty Good Privacy 73
Secure Sockets Layer (SSL) 74
Summary 75
Exam Essentials 75
Review Questions 76
Chapter 4 Footprinting and Reconnaissance 81
Understanding the Steps of
Ethical Hacking 82
Phase 1: Footprinting 82
Phase 2: Scanning 83
Phase 3: Enumeration 83
Phase 4: System Hacking 83
What Is Footprinting? 84
Why Perform Footprinting? 84
Goals of the Footprinting Process 85
Terminology in Footprinting 87
Open Source and Passive Information Gathering 87
Active Information Gathering 87
Pseudonymous Footprinting 88
Internet Footprinting 88
Threats Introduced by Footprinting 88
The Footprinting Process 88
Using Search Engines 89
Location and Geography 91
Social Networking and Information Gathering 91
Financial Services and Information Gathering 92
The Value of Job Sites 92
Working with E–mail 93
Competitive Analysis 94
Google Hacking 95
Gaining Network Information 96
Social Engineering: The Art of Hacking Humans 96
Summary 97
Exam Essentials 97
Review Questions 98
Chapter 5 Scanning Networks 103
What Is Network Scanning? 104
Checking for Live Systems 106
Wardialing 106
Wardriving 108
Pinging 108
Port Scanning 110
Checking for Open Ports 110
Types of Scans 112
Full Open Scan 112
Stealth Scan, or Half–open Scan 112
Xmas Tree Scan 113
FIN Scan 114
NULL Scan 114
ACK Scanning 115
UDP Scanning 115
OS Fingerprinting 116
Banner Grabbing 117
Countermeasures 118
Vulnerability Scanning 119
Drawing Network Diagrams 119
Using Proxies 120
Setting a Web Browser to Use a Proxy 121
Summary 122
Exam Essentials 122
Review Questions 123
Chapter 6 Enumeration of Services 127
A Quick Review 128
Footprinting 128
Scanning 128
What Is Enumeration? 129
Windows Basics 130
Users 130
Groups 131
Security Identifiers 132
Services and Ports of Interest 132
Commonly Exploited Services 133
NULL Sessions 135
SuperScan 136
The PsTools Suite 137
Enumeration with SNMP 137
Management Information Base 138
SNScan 139
Unix and Linux Enumeration 139
finger 140
rpcinfo 140
showmount 140
Enum4linux 141
LDAP and Directory Service Enumeration 141
Enumeration Using NTP 142
SMTP Enumeration 143
Using VRFY 143
Using EXPN 144
Using RCPT TO 144
SMTP Relay 145
Summary 145
Exam Essentials 146
Review Questions 147
Chapter 7 Gaining Access to a System 151
Up to This Point 152
System Hacking 154
Authentication on Microsoft Platforms 165
Executing Applications 169
Covering Your Tracks 170
Summary 172
Exam Essentials 173
Review Questions 174
Chapter 8 Trojans, Viruses, Worms, and Covert Channels 179
Malware 180
Malware and the Law 182
Categories of Malware 183
Viruses 184
Worms 190
Spyware 192
Adware 193
Scareware 193
Trojans 194
Overt and Covert Channels 203
Summary 205
Exam Essentials 205
Review Questions 206
Chapter 9 Sniffers 209
Understanding Sniffers 210
Using a Sniffer 212
Sniffing Tools 213
Wireshark 214
TCPdump 218
Reading Sniffer Output 221
Switched Network Sniffing 224
MAC Flooding 224
ARP Poisoning 225
MAC Spoofing 226
Port Mirror or SPAN Port 227
On the Defensive 227
Mitigating MAC Flooding 228
Detecting Sniffing Attacks 230
Exam Essentials 230
Summary 230
Review Questions 231
Chapter 10 Social Engineering 235
What Is Social Engineering? 236
Why Does Social Engineering Work? 237
Why is Social Engineering Successful? 238
Social–Engineering Phases 239
What Is the Impact of Social Engineering? 239
Common Targets of Social Engineering 240
What Is Social Networking? 241
Mistakes in Social Media and Social Networking 243
Countermeasures for Social Networking 245
Commonly Employed Threats 246
Identity Theft 250
Protective Measures 250
Know What Information Is Available 251
Summary 252
Exam Essentials 252
Review Questions 254
Chapter 11 Denial of Service 259
Understanding DoS 260
DoS Targets 262
Types of Attacks 262
Buffer Overflow 267
Understanding DDoS 271
DDoS Attacks 271
DoS Tools 273
DDoS Tools 273
DoS Defensive Strategies 276
Botnet–Specific Defenses 277
DoS Pen Testing Considerations 277
Summary 277
Exam Essentials 278
Review Questions 279
Chapter 12 Session Hijacking 283
Understanding Session Hijacking 284
Spoofing vs. Hijacking 286
Active and Passive Attacks 287
Session Hijacking and Web Apps 288
Types of Application–Level Session Hijacking 289
A Few Key Concepts 292
Network Session Hijacking 294
Exploring Defensive Strategies 302
Summary 302
Exam Essentials 303
Review Questions 304
Chapter 13 Web Servers and Web Applications 309
Exploring the Client–Server Relationship 310
The Client and the Server 311
Closer Inspection of a Web Application 311
Vulnerabilities of Web Servers and
Applications 313
Common Flaws and Attack Methods 316
Summary 323
Exam Essentials 323
Review Questions 324
Chapter 14 SQL Injection 329
Introducing SQL Injection 330
Results of SQL Injection 332
The Anatomy of a Web Application 333
Databases and Their Vulnerabilities 334
Anatomy of a SQL Injection Attack 336
Altering Data with a SQL
Injection Attack 339
Injecting Blind 341
Information Gathering 342
Evading Detection Mechanisms 342
SQL Injection Countermeasures 343
Summary 344
Exam Essentials 344
Review Questions 345
Chapter 15 Wireless Networking 349
What Is a Wireless Network? 350
Wi–Fi: An Overview 350
The Fine Print 351
Wireless Vocabulary 353
A Close Examination of Threats 360
Ways to Locate Wireless Networks 364
Choosing the Right Wireless Card 365
Hacking Bluetooth 365
Summary 367
Exam Essentials 368
Review Questions 369
Chapter 16 Evading IDSs, Firewalls, and Honeypots 373
Honeypots, IDSs, and Firewalls 374
The Role of Intrusion Detection Systems 374
Firewalls 379
What s That Firewall Running? 382
Honeypots 383
Run Silent, Run Deep: Evasion Techniques 383
Evading Firewalls 385
Summary 388
Exam Essentials 388
Review Questions 389
Chapter 17 Physical Security 393
Introducing Physical Security 394
Simple Controls 394
Dealing with Mobile Device Issues 397
Securing the Physical Area 401
Defense in Depth 408
Summary 409
Exam Essentials 409
Review Questions 410
Appendix A Answers to Review Questions 415
Appendix B About the Additional Study Tools 437
Index 441


Notă biografică

Sean–Philip Oriyano CEH, CEI, CISSP, is cofounder and vice president of Sonwell & Oriyano, LLC, an IT security consulting and training company based in Las Vegas. Oriyano is a 20–year veteran of the IT industry and is currently an instructor who specializes in infrastructure and security topics for various public and private entities. Sean has served as an IT security instructor for the US Air Force, Navy, and Army at locations both in North America and internationally.