Категории

CEHv9 Certified Ethical Hacker Version 9 Study Guide

Сумата се прибавя директно в кошницата

32.00лв

Описание

Contents

Introduction xxi

Assessment Test xxxii

Chapter 1 Introduction to Ethical Hacking 1

Hacking: the Evolution 3

The Early Days of Hacking 3

Current Developments 4

Hacking: Fun or Criminal Activity? 5

The Evolution and Growth of Hacking 7

So, What Is an Ethical Hacker? 9

What Are Your Responsibilities? 9

Code of Conduct and Ethics 11

Ethical Hacking and Penetration Testing 12

Hacking Methodologies 17

Vulnerability Research and Tools 21

What Is Incident Response? 21

Business Continuity Plan 26

Ethics and the Law 33

Summary 34

Exam Essentials 35

Review Questions 36

Chapter 2 System Fundamentals 39

Exploring Network Topologies 40

Working with the Open Systems Interconnection Model 44

Dissecting the TCP/IP Suite 47

IP Subnetting 49

Hexadecimal vs. Binary 49

Exploring TCP/IP Ports 50

Domain Name System 53

Understanding Network Devices 53

Routers and Switches 53

Working with MAC Addresses 55

Proxies and Firewalls 56

Intrusion Prevention and Intrusion Detection Systems 57

Network Security 58

Knowing Operating Systems 60

Microsoft Windows 60

Mac OS 61

Android 62

Linux 62

Backups and Archiving 63

Summary 64

Exam Essentials 65

Review Questions 66

Chapter 3 Cryptography 71

Cryptography: Early Applications and Examples 73

History of Cryptography 73

Tracing the Evolution 75

Cryptography in Action 76

So How Does It Work? 77

Symmetric Cryptography 77

Asymmetric, or Public Key, Cryptography 80

Understanding Hashing 86

Issues with Cryptography 88

Applications of Cryptography 89

IPsec 90

Pretty Good Privacy 92

Secure Sockets Layer 93

Summary 94

Exam Essentials 94

Review Questions 95

Chapter 4 Footprinting 99

Understanding the Steps of Ethical Hacking 100

Phase 1: Footprinting 100

Phase 2: Scanning 101

Phase 3: Enumeration 101

Phase 4: System Hacking 102

What Is Footprinting? 102

Why Perform Footprinting? 103

Goals of the Footprinting Process 103

Terminology in Footprinting 106

Open Source and Passive Information Gathering 106

Passive Information Gathering 106

Pseudonymous Footprinting 106

Internet Footprinting 107

Threats Introduced by Footprinting 107

The Footprinting Process 108

Using Search Engines 108

Google Hacking 108

Public and Restricted Websites 111

Location and Geography 112

Social Networking and Information Gathering 113

Financial Services and Information Gathering 116

The Value of Job Sites 116

Working with Email 117

Competitive Analysis 118

Gaining Network Information 119

Social Engineering: the Art of Hacking Humans 120

Summary 121

Exam Essentials 121

Review Questions 123

Chapter 5 Scanning 127

What Is Scanning? 128

Types of Scans 129

Checking for Live Systems 130

Wardialing 131

Using Ping 133

Hping3: the Heavy Artillery 134

Checking the Status of Ports 135

The Family Tree of Scans 138

Full-Open Scan 138

Stealth or Half-Open Scan 138

Xmas Tree Scan 139

FIN Scan 140

NULL Scan 141

Idle Scanning 142

ACK Scanning 143

UDP Scanning 144

OS Fingerprinting 145

Active Fingerprinting with Nmap 146

Passive Fingerprinting an OS 147

Banner Grabbing 149

Countermeasures 151

Vulnerability Scanning 151

Mapping the Network 152

Using Proxies 153

Setting a Web Browser to Use a Proxy 154

Summary 155

Exam Essentials 155

Review Questions 156

Chapter 6

Chapter 7

Enumeration 159

A Quick Review 160

Footprinting 160

Scanning 161

What Is Enumeration? 161

About Windows Enumeration 163

Users 163

Groups 164

Security Identifiers 166

Linux Basic 168

Users 168

Services and Ports of Interest 169

Commonly Exploited Services 170

NULL Sessions 173

SuperScan 174

DNS Zone Transfers 174

The PsTools Suite 177

Using finger 178

Enumeration with SNMP 178

Management Information Base 179

SNScan 180

Unix and Linux Enumeration 180

finger 180

rpcinfo 181

showmount 181

enum4linux 181

LDAP and Directory Service Enumeration 182

JXplorer 183

Preventing LDAP Enumeration 183

Enumeration Using NTP 184

SMTP Enumeration 184

Using VRFY 185

Using EXPN 185

Using RCPT TO 186

SMTP Relay 186

Summary 187

Exam Essentials 187

Review Questions 189

System Hacking 193

Up to This Point 194

Footprinting 194

Scanning 195

Enumeration 195

System Hacking 196

Password Cracking 196

Authentication on Microsoft Platforms 209

Executing Applications 213

Covering Your Tracks 215

Summary 217

Exam Essentials 218

Review Questions 219

Malware 223

Malware 224

Malware and the Law 226

Categories of Malware 227

Viruses 228

Worms 234

Spyware 236

Adware 237

Scareware 237

Ransomware 238

Trojans 238

Overt and Covert Channels 247

Summary 249

Exam Essentials 250

Review Questions 251

Sniffers 255

Understanding Sniffers 256

Using a Sniffer 259

Sniffing Tools 259

Wireshark 260

Tcpdump 264

Reading Sniffer Output 266

Switched Network Sniffing 270

MAC Flooding 270

ARP Poisoning 271

MAC Spoofing 272

Port Mirror or SPAN Port 272

On the Defensive 273

Mitigating MAC Flooding 274

Detecting Sniffing Attacks 275

Summary 275

Exam Essentials 276

Review Questions 277