Request It Save to My Lists Export Return to Browse
     
Limit search to available items
Previous Record Next Record
  Permalink    
Book Cover
Book
Author Simpson, Michael T., 1954- author

Title Hands-on ethical hacking and network defense / Michael T. Simpson, Nicholas D. Antill.
Edition Third edition
Published Boston, MA, USA : Cengage Learning, [2017]

Copies

Location Call no. Vol. Availability
 MELB  005.8 Sim/Hoe 2017  AVAILABLE
Description xxii, 426 pages ; 24 cm
Contents Machine generated contents note: ch. 1 Ethical Hacking Overview -- Introduction to Ethical Hacking -- The Role of Security and Penetration Testers -- Penetration-Testing Methodologies -- Certification Programs for Network Security Personnel -- What You Can Do Legally -- Laws of the Land -- Is Port Scanning Legal? -- Federal Laws -- What You Cannot Do Legally -- Get It in Writing -- Ethical Hacking in a Nutshell -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 2 TCP/IP Concepts Review -- Overview of TCP/IP -- The Application Layer -- The Transport Layer -- The Internet Layer -- IP Addressing -- CIDR Notation -- Planning IP Address Assignments -- IPv6 Addressing -- Overview of Numbering Systems -- Reviewing the Binary Numbering System -- Reviewing the Octal Numbering System -- Reviewing the Hexadecimal Numbering System -- Reviewing the Base-64 Numbering System -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 3 Network and Computer Attacks -- Malicious Software (Malware) -- Viruses -- Macro Viruses -- Worms -- Trojan Programs -- Spyware -- Adware -- Protecting Against Malware Attacks -- Educating Your Users -- Intruder Attacks on Networks and Computers -- Denial-of-Service Attacks -- Distributed Denial-of-Service Attacks -- Buffer Overflow Attacks -- Eavesdropping -- Man-in-the-Middle -- Network Session Hijacking -- Addressing Physical Security -- Keyloggers -- Behind Locked Doors -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 4 Footprinting and Social Engineering -- Using Web Tools for Footprinting -- Conducting Competitive Intelligence -- Analyzing a Company's Web Site -- Using Other Footprinting Tools -- Using E-mail Addresses -- Using HTTP Basics -- Other Methods of Gathering Information -- Using Domain Name System Zone Transfers -- Introduction to Social Engineering -- The Art of Shoulder Surfing -- The Art of Dumpster Diving -- The Art of Piggybacking -- Phishing -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 5 Port Scanning -- Introduction to Port Scanning -- Types of Port Scans -- Using Port-Scanning Tools -- Nmap -- Nessus and Open VAS (or Greenbone Security Assistant) -- Conducting Ping Sweeps -- Fping -- Hping -- Crafting IP Packets -- Understanding Scripting -- Scripting Basics -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 6 Enumeration -- Introduction to Enumeration -- Enumerating Windows Operating Systems -- NetBIOS Basics -- NetBIOS Null Sessions -- NetBIOS Enumeration Tools -- Additional Enumeration Tools -- Enumerating *nix Operating System -- *nix Enumeration -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 7 Programming for Security Professionals -- Introduction to Computer Programming -- Programming Fundamentals -- Learning the C Language -- Anatomy of a C Program -- Understanding HTML Basics -- Creating a Web Page with HTML -- Understanding Perl -- Background on Perl -- Understanding the Basics of Perl -- Understanding the BLT of Perl -- Understanding Object-Oriented Programming Concepts -- Components of Object-Oriented Programming -- An Overview of Ruby -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 8 Desktop and Server OS Vulnerabilities -- Windows OS Vulnerabilities -- Windows File Systems -- Remote Procedure Call -- NetBIOS -- Server Message Block -- Common Internet File System -- Null Sessions -- Web Services -- MS SQL Server -- Buffer Overflows -- Passwords and Authentication -- Tools for Identifying Vulnerabilities in Windows -- Built-in Windows Tools -- Best Practices for Hardening Windows Systems -- Patching Systems -- Antivirus Solutions -- Enable Logging and Review Logs Regularly -- Disable Unused Services and Filtering Ports -- Other Security Best Practices -- Linux OS Vulnerabilities -- Samba -- Tools for Identifying Linux Vulnerabilities -- More Countermeasures Against Linux Attacks -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 9 Embedded Operating Systems: The Hidden Threat -- Introduction to Embedded Operating Systems -- Windows and Other Embedded Operating Systems -- Other Proprietary Embedded OSs -- *Nix Embedded OSs -- Vulnerabilities of Embedded OSs -- Embedded OSs Are Everywhere -- Embedded OSs Are Networked -- Embedded OSs Are Difficult to Patch -- Embedded OSs Are in Networking Devices -- Embedded OSs Are in Network Peripherals -- Supervisory Control and Data Acquisition Systems -- Cell Phones, Smartphones, and PDAs -- Rootkits -- Best Practices for Protecting Embedded OSs -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 10 Hacking Web Servers -- Understanding Web Applications -- Web Application Components -- Using Scripting Languages -- Connecting to Databases -- Understanding Web Application Vulnerabilities -- Application Vulnerabilities and Countermeasures -- Web Application Test Execution -- Tools for Web Attackers and Security Testers -- Web Tools -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 11 Hacking Wireless Networks -- Understanding Wireless Technology -- Components of a Wireless Network -- Understanding Wireless Network Standards -- The 802.11 Standard -- An Overview of Wireless Technologies -- Additional IEEE 802.11 Projects -- Understanding Authentication -- The 802.1X Standard -- Understanding Wardriving -- How It Works -- Understanding Wireless Hacking -- Tools of the Trade -- Countermeasures for Wireless Attacks -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 12 Cryptography -- Understanding Cryptography Basics -- History of Cryptography -- Understanding Symmetric and Asymmetric Algorithms -- Symmetric Algorithms -- Asymmetric Algorithms -- Digital Signatures -- Sensitive Data Encryption -- Hashing Algorithms -- Understanding Public Key Infrastructure -- Components of PKI -- Understanding Cryptography Attacks -- Birthday Attack -- Mathematical Attack -- Brute-Force Attack -- Man-in-the-Middle Attack -- SSL/TLS Downgrade Attack -- Dictionary Attack -- Replay Attack -- Understanding Password Cracking -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects -- ch. 13 Network Protection Systems -- Understanding Network Protection Systems -- Understanding Routers -- Understanding Basic Hardware Routers -- Understanding Access Control Lists -- Understanding Firewalls -- Understanding Firewall Technology -- Implementing a Firewall -- Understanding the Cisco Adaptive Security Appliance Firewall -- Using Configuration and Risk Analysis Tools for Firewalls and Routers -- Understanding Intrusion Detection and Prevention Systems -- Network-Based and Host-Based IDSs and IPSs -- Web Filtering -- Security Operations Center -- Understanding Honeypots -- How Honeypots Work -- Chapter Summary -- Key Terms -- Review Questions -- Case Projects
Notes "Information security"--Cover
Includes index
Subject Penetration testing (Computer security)
Hackers.
Computer security.
Author Antill, Nicholas, author
ISBN 1285454618
9781285454610
  Permalink