Comptia Pentest+ Study Guide

Prepare for success on the new PenTest+ certification exam and an exciting career in penetration testing In the revamped Second Edition of CompTIA PenTest+ Study Guide: Exam PT0-002, veteran information security experts Dr. Mike Chapple and David Seidl deliver a comprehensive roadmap to the foundati...

Descripción completa

Detalles Bibliográficos
Otros Autores:	Chapple, Mike, author (author), Seidl, David, author
Formato:	Libro electrónico
Idioma:	Inglés
Publicado:	Indianapolis, Indiana : John Wiley and Sons [2021]
Edición:	2nd ed
Materias:	Computer security > Examinations > Study guides. Penetration testing (Computer security) > Examinations > Study guides. Hackers > Examinations > Study guides. Computer networks > Examinations > Study guides.
Ver en Biblioteca Universitat Ramon Llull:	https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009645674706719

Tabla de Contenidos:

Cover
Title Page
Copyright Page
Acknowledgments
About the Authors
About the Technical Editor
Contents at a Glance
Contents
Introduction
CompTIA
The PenTest+ Exam
Study and Exam Preparation Tips
Taking the Exam
After the PenTest+ Exam
What Does This Book Cover?
Objective Mapping
Study Guide Elements
Interactive Online Learning Environment
CompTIA PenTest+ Certification Exam Objectives
1.0 Planning and Scoping
2.0 Information Gathering and Vulnerability Scanning
3.0 Attacks and Exploits
4.0 Reporting and Communication
5.0 Tools and Code Analysis
Assessment Test
Answers to Assessment Test
Chapter 1 Penetration Testing
What Is Penetration Testing?
Cybersecurity Goals
Adopting the Hacker Mindset
Ethical Hacking
Reasons for Penetration Testing
Benefits of Penetration Testing
Regulatory Requirements for Penetration Testing
Who Performs Penetration Tests?
Internal Penetration Testing Teams
External Penetration Testing Teams
Selecting Penetration Testing Teams
The CompTIA Penetration Testing Process
Planning and Scoping
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Tools and Code Analysis
The Cyber Kill Chain
Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and Control
Actions on Objectives
Tools of the Trade
Reconnaissance
Vulnerability Scanners
Social Engineering
Credential Testing Tools
Debuggers and Software Testing Tools
Network Testing
Remote Access
Exploitation
Steganography
Cloud Tools
Summary
Exam Essentials
Lab Exercises
Activity 1.1: Adopting the Hacker Mindset
Activity 1.2: Using the Cyber Kill Chain
Review Questions
Chapter 2 Planning and Scoping Penetration Tests.
Scoping and Planning Engagements
Assessment Types
Known Environments and Unknown Environments
The Rules of Engagement
Scoping Considerations-A Deeper Dive
Support Resources for Penetration Tests
Penetration Testing Standards and Methodologies
Key Legal Concepts for Penetration Tests
Contracts
Data Ownership and Retention
Permission to Attack (Authorization)
Environmental Differences and Location Restrictions
Regulatory Compliance Considerations
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 3 Information Gathering
Footprinting and Enumeration
OSINT
Location and Organizational Data
Infrastructure and Networks
Security Search Engines
Google Dorks and Search Engine Techniques
Password Dumps and Other Breach Data
Source Code Repositories
Passive Enumeration and Cloud Services
Active Reconnaissance and Enumeration
Hosts
Services
Networks, Topologies, and Network Traffic
Packet Crafting and Inspection
Enumeration
Information Gathering and Code
Avoiding Detection
Information Gathering and Defenses
Defenses Against Active Reconnaissance
Preventing Passive Information Gathering
Summary
Exam Essentials
Lab Exercises
Activity 3.1: Manual OSINT Gathering
Activity 3.2: Exploring Shodan
Activity 3.3: Running an Nmap Scan
Review Questions
Chapter 4 Vulnerability Scanning
Identifying Vulnerability Management Requirements
Regulatory Environment
Corporate Policy
Support for Penetration Testing
Identifying Scan Targets
Determining Scan Frequency
Active vs. Passive Scanning
Configuring and Executing Vulnerability Scans
Scoping Vulnerability Scans
Configuring Vulnerability Scans
Scanner Maintenance
Software Security Testing
Analyzing and Testing Code.
Web Application Vulnerability Scanning
Developing a Remediation Workflow
Prioritizing Remediation
Testing and Implementing Fixes
Overcoming Barriers to Vulnerability Scanning
Summary
Exam Essentials
Lab Exercises
Activity 4.1: Installing a Vulnerability Scanner
Activity 4.2: Running a Vulnerability Scan
Activity 4.3: Developing a Penetration Test Vulnerability Scanning Plan
Review Questions
Chapter 5 Analyzing Vulnerability Scans
Reviewing and Interpreting Scan Reports
Understanding CVSS
Validating Scan Results
False Positives
Documented Exceptions
Understanding Informational Results
Reconciling Scan Results with Other Data Sources
Trend Analysis
Common Vulnerabilities
Server and Endpoint Vulnerabilities
Network Vulnerabilities
Virtualization Vulnerabilities
Internet of Things (IoT)
Web Application Vulnerabilities
Summary
Exam Essentials
Lab Exercises
Activity 5.1: Interpreting a Vulnerability Scan
Activity 5.2: Analyzing a CVSS Vector
Activity 5.3: Developing a Penetration Testing Plan
Review Questions
Chapter 6 Exploiting and Pivoting
Exploits and Attacks
Choosing Targets
Enumeration
Identifying the Right Exploit
Exploit Resources
Exploitation Toolkits
Metasploit
PowerSploit
BloodHound
Exploit Specifics
RPC/DCOM
PsExec
PS Remoting/WinRM
WMI
Fileless Malware and Living Off the Land
Scheduled Tasks and cron Jobs
SMB
DNS
RDP
Apple Remote Desktop
VNC
SSH
Network Segmentation Testing and Exploits
Leaked Keys
Leveraging Exploits
Common Post-Exploit Attacks
Cross Compiling
Privilege Escalation
Social Engineering
Escaping and Upgrading Limited Shells
Persistence and Evasion
Scheduled Jobs and Scheduled Tasks
Inetd Modification
Daemons and Services.
Backdoors and Trojans
Data Exfiltration and Covert Channels
New Users
Pivoting
Covering Your Tracks
Summary
Exam Essentials
Lab Exercises
Activity 6.1: Exploit
Activity 6.2: Discovery
Activity 6.3: Pivot
Review Questions
Chapter 7 Exploiting Network Vulnerabilities
Identifying Exploits
Conducting Network Exploits
VLAN Hopping
DNS Cache Poisoning
On-Path Attacks
NAC Bypass
DoS Attacks and Stress Testing
Exploit Chaining
Exploiting Windows Services
NetBIOS Name Resolution Exploits
SMB Exploits
Identifying and Exploiting Common Services
Identifying and Attacking Service Targets
SNMP Exploits
SMTP Exploits
FTP Exploits
Kerberoasting
Samba Exploits
Password Attacks
Stress Testing for Availability
Wireless Exploits
Attack Methods
Finding Targets
Attacking Captive Portals
Eavesdropping, Evil Twins, and Wireless On-Path Attacks
Other Wireless Protocols and Systems
RFID Cloning
Jamming
Repeating
Summary
Exam Essentials
Lab Exercises
Activity 7.1: Capturing Hashes
Activity 7.2: Brute-Forcing Services
Activity 7.3: Wireless Testing
Review Questions
Chapter 8 Exploiting Physical and Social Vulnerabilities
Physical Facility Penetration Testing
Entering Facilities
Information Gathering
Social Engineering
In-Person Social Engineering
Phishing Attacks
Website-Based Attacks
Using Social Engineering Tools
Summary
Exam Essentials
Lab Exercises
Activity 8.1: Designing a Physical Penetration Test
Activity 8.2: Brute-Forcing Services
Activity 8.3: Using BeEF
Review Questions
Chapter 9 Exploiting Application Vulnerabilities
Exploiting Injection Vulnerabilities
Input Validation
Web Application Firewalls
SQL Injection Attacks
Code Injection Attacks.
Command Injection Attacks
LDAP Injection Attacks
Exploiting Authentication Vulnerabilities
Password Authentication
Session Attacks
Kerberos Exploits
Exploiting Authorization Vulnerabilities
Insecure Direct Object References
Directory Traversal
File Inclusion
Privilege Escalation
Exploiting Web Application Vulnerabilities
Cross-Site Scripting (XSS)
Request Forgery
Clickjacking
Unsecure Coding Practices
Source Code Comments
Error Handling
Hard-Coded Credentials
Race Conditions
Unprotected APIs
Unsigned Code
Steganography
Application Testing Tools
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)
Mobile Tools
Summary
Exam Essentials
Lab Exercises
Activity 9.1: Application Security Testing Techniques
Activity 9.2: Using the ZAP Proxy
Activity 9.3: Creating a Cross-Site Scripting Vulnerability
Review Questions
Chapter 10 Attacking Hosts, Cloud Technologies, and Specialized Systems
Attacking Hosts
Linux
Windows
Cross-Platform Exploits
Credential Attacks and Testing Tools
Credential Acquisition
Offline Password Cracking
Credential Testing and Brute-Forcing Tools
Wordlists and Dictionaries
Remote Access
SSH
NETCAT and Ncat
Metasploit and Remote Access
Proxies and Proxychains
Attacking Virtual Machines and Containers
Virtual Machine Attacks
Containerization Attacks
Attacking Cloud Technologies
Attacking Cloud Accounts
Attacking and Using Misconfigured Cloud Assets
Other Cloud Attacks
Tools for Cloud Technology Attacks
Attacking Mobile Devices
Attacking IoT, ICS, Embedded Systems, and SCADA Devices
Attacking Data Storage
Summary
Exam Essentials
Lab Exercises
Activity 10.1: Dumping and Cracking the Windows SAM and Other Credentials.
Activity 10.2: Cracking Passwords Using Hashcat.

Comptia Pentest+ Study Guide

Ejemplares similares