عنوان
پدید آورنده
موضوع
رده
QA76.9.A25
QA76
.
9
.
A25
کتابخانه
محل استقرار
1484222830
9781484222836
9781484222829
b431523
From hacking to report writing :
[Book]
an introduction to security and penetration testing /
Robert Svensson
1 online resource (xxii, 190 pages) :
illustrations (some color)
Includes index
At a Glance; Contents; About the Author; About the Technical Reviewer; Acknowledgments; Preface; Chapter 1: Introduction; Why Security Testing Is Important; Vulnerabilities Are Everywhere; Not Only Hackers Exploit Vulnerabilities; What Is a Security Test?; The Inevitable Weakness of Any Security Test; What's In a Name?; The World's First Security Test; Who Are These Hackers Anyway?; State-Sponsored Actors; Two Examples of State-Sponsored Hacking; Computer Criminals; The SpyEye Botnet; Hacktivists; Welcome to the Central Stupidity Agency; Insider; Edward Snowden; Script Kiddies
A Note on NotesSoftware Versioning and Revision Control Systems; Use a Jump Server; Screen; Know Which System You're Testing; The Habit of Saving Complex Commands; Be Verifiable; Visually Recording Your Work; Tools of the Trade; The Worst Tools One Can Possibly Imagine; Bash Lovely Bash; Keep a Command Log; The Security Tester's Software Setup; Virtual Machines for Security Testing; When to Use Hacker Distributions; Metasploit; Don't Be Volatile; End-of-the-Day Checklists; Keep Secrets Safe; Keep Your Backups Secure; Get Liability Insurance
Automated Vulnerability Scanners (and When to Use Them)The Google Proxy Avoidance Service; When to Connect Via VPN; Summary; Chapter 5: Security Test Execution; Security Test Execution; The Technical Security Test Process; The Layered Approach; The Layered Approach by Example; Identify; Footprinting; Scanning; Enumeration; Exploit; Report; The Circular Approach; When to Use What Approach; The Layered Approach; The Circular Approach; Expecting the Unexpected; The Pre-Security Test System Q&A Taken with a Grain of Salt
Examples of Script KiddiesWhat Is a Threat?; Threats and Threat Agents; Summary; Chapter 2: Security Testing Basics; Types of Security Tests; The Knowledge Factor vs. The Guesswork Factor; On The Job: When Black Box Testing Goes Wrong; Social Engineering; What Is a Vulnerability?; Uncovering Vulnerabilities; The Vulnerability Wheel and the Heartbleed Bug; The Vulnerability Wheel by Example; Zero Day Exploits; How Vulnerabilities Are Scored and Rated; A Real-World Example Using CVSS; Software Development Life Cycle and Security Testing; How Security Testing Can Be Applied to the SDLC
Security MetricsWhat Is Important Data?; Client-Side vs. Server-Side Testing; Summary; Chapter 3: The Security Testing Process; The Process of a Security Test; The Initialization Phase; Setting the Scope; Setting the Scope Using Old Reports; Helping the Client to Set a Good Scope; Pre Security Test System Q Statement of Work; Statement of Work Example: Organization XYZ; Get Out of Jail Free Card; Security Test Execution; Security Test Report; Summary; Chapter 4: Technical Preparations; Collecting Network Traffic; Software Based; Hardware Based; Inform The CSIRT; Keep Track of Things
To Test Production Systems or to Not Test Productions Systems -- That Is the Question
0
8
8
8
8
8
Computer networks-- Security measures
Computer security
COM-- 043050
005
.
8
23
QA76
.
9
.
A25
Svensson, Robert
Ohio Library and Information Network
20161209100125.1
pn
مطالعه متن کتاب [Book]
Y
