Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 237 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
237
Dung lượng
7,96 MB
Nội dung
[...]... PenetrationTesting Wireless Network Denial of Service Penetration TestingPenetrationTesting Firewall PenetrationTesting IDS PenetrationTesting Cont’d Application PenetrationTesting Cont’d Social Engineering Physical Security Password Cracking PenetrationTesting Stolen Laptop, PDAs, and Cell Phones Penetration TestingPenetrationTesting Database Penetrationtesting VoIP PenetrationTesting Virus... Wardialing VPN PenetrationTesting Log Management PenetrationTesting File Integrity Checking Bluetooth and Handheld Device Penetration TestingPenetrationTesting End Here Data Leakage PenetrationTesting Figure 1-1 Security Patches PenetrationTesting E-Mail Security PenetrationTesting Methodologies make penetrationtesting more reliable Telecommunication and Broadband Communication Penetration Testing. .. Certified Security Analyst certification exam Books in Series: • Penetration Testing: Security Analysis/1435483669 • Penetration Testing: Procedures and Methodologies/1435483677 • Penetration Testing: Network and Perimeter Testing/ 1435483685 • Penetration Testing: Communication Media Testing/ 1435483693 • Penetration Testing: Network Threat Testing/ 1435483707 Procedures and Methodologies Procedures and... benefits of a penetration test • Conduct passive reconnaissance • Explain the functions of the three phases of a penetration test • Illustrate the profile of a good penetration tester • Outline basic penetrationtesting methodologies Key Terms Black-box testing a type of penetrationtesting in which the tester has no information or assistance from the client Gray-box testing a type of penetration testing. .. vulnerabilities Penetration Testing 1-5 Announced Testing/ Unannounced Testing Announced Testing Announced testing is an attempt to compromise systems on the client’s network with the full cooperation and knowledge of the IT staff This type of testing examines the existing security infrastructure for possible vulnerabilities Announced penetrationtesting helps a penetration tester in the following ways: • A penetration. .. the penetration testing Unannounced Testing Unannounced testing is an attempt to compromise systems on the client’s networks without the knowledge of IT security personnel Unannounced penetrationtesting is quite effective for testing the security of an organization against social-engineering attempts In unannounced penetration testing, only the top management is aware of these tests Unannounced penetration. .. organization’s information systems and steal important information PenetrationTesting Consultants The quality of the penetration test is directly proportional to the kind of expertise that the penetrationtesting agency has Any penetrationtesting task is successful only if qualified penetration testers with enough skill perform the test A penetration test of a corporate network examines numerous different... Services identification • Vulnerability research and verification • Application testing and code review • Router testing • Firewall testing • Intrusion-detection-system testing • Trusted-systems testing 1-12 Chapter 1 • Password cracking • Denial-of-service testing • Containment-measures testing • Information security: Penetrationtesting to check the security of sensitive information of the organization... may be ensured by: • Request testing • Guided suggestion testing • Trust testing • Wireless security: A penetration tester should perform the following tasks to check the security of wireless devices and networks: • Wireless-networks testing • Cordless-communications testing • Privacy review • Infrared-systems testing • Communications security: The following penetrationtesting methods are used for... thorough penetration test Discussion includes legal requirements, rules of engagement, how to plan and schedule a test, how to perform vulnerability analysis, external and internal penetration testing, and techniques to conduct an advanced penetration test Chapter Contents Chapter 1, PenetrationTesting Methodologies, explains the fundamentals of penetrationtesting including what make a good penetration . Series: • Penetration Testing: Security Analysis/1435483669 • Penetration Testing: Procedures and Methodologies/1435483677 • Penetration Testing: Network and Perimeter Testing/ 1435483685 • Penetration. Network and Perimeter Testing/ 1435483685 • Penetration Testing: Communication Media Testing/ 1435483693 • Penetration Testing: Network Threat Testing/ 1435483707 Procedures and Methodologies Procedures. pen- etration test. Chapter Contents Chapter 1, Penetration Testing Methodologies, explains the fundamentals of penetration testing including what make a good penetration test, common techniques, and