CHAPTER 1 Hacking: The Next Generation
Profiles and Motives of Different Types of Hackers
A Look at the History of Computer Hacking
Ethical Hacking and Penetration Testing
Ethical Hackers and the C-I-A Triad
The Role of the Law and Ethical Standards
Exploring the OSI Reference Model
Mapping the OSI Model to Functions and Protocols
TCP/IP: A Layer-by-Layer Review
Physical or Network Access Layer
CHAPTER 3 Cryptographic Concepts
Symmetric and Asymmetric Cryptography
What Is an Algorithm or Cipher?
Purpose of Public Key Infrastructure
The Role of Certificate Authorities (CAs)
Hard Drive and Mobile Device Encryption
Perimeter Intrusion Detection and Assessment System (PIDAS)
Doors, Mantraps, and Turnstiles
Alarms and Intrusion Detection
Closed-Circuit TV (CCTV)/Remote Monitoring
Avoiding Common Threats to Physical Security
Natural, Human, and Technical Threats
Physical Keystroke Loggers and Sniffers
Wireless Interception and Rogue Access Points
CHAPTER 5 Footprinting Tools and Techniques
The Information-Gathering Process
The Information on a Company Website
Discovering Financial Information
Exploring Domain Information Leakage
Internet Assigned Numbers Authority (IANA)
Tracking an Organization’s Employees
Exploiting Insecure Applications
Wardriving and Related Activities
CHAPTER 7 Enumeration and Computer System Hacking
Commonly Attacked and Exploited Services
How to Perform Enumeration Tasks
CHAPTER 8 Wireless Vulnerabilities
The Importance of Wireless Security
Common Support and Availability
A Brief History of Wireless Technologies
Working with and Securing Bluetooth
The Importance of Authentication
Misconfigured Security Settings
Use Protection for Transmitted Data
CHAPTER 9 Web and Database Attacks
Vulnerabilities of Web Servers
Denial of Service (DoS) Attack
Distributed Denial of Service (DDoS) Attack
Structured Query Language (SQL) Injections
Cross-Site Scripting (XSS) Attack
Locating Databases on the Network
Database Server Password Cracking
Locating Vulnerabilities in Databases
Methods to Get Trojans onto a System
Known Symptoms of an Infection
Detection of Trojans and Viruses
Using Wrappers to Install Trojans
CHAPTER 11 Sniffers, Session Hijacking, and Denial of Service Attacks
Thwarting Session Hijacking Attacks
Denial of Service (DoS) Attacks
Distributed Denial of Service (DDoS) Attacks
Some Characteristics of DDoS Attacks
Botnets and the Internet of Things (IoT)
CHAPTER 12 Linux and Penetration Testing
Some of the Basics of Working with Linux
The Basic Command Structure of Linux
Types of Social Engineering Attacks
Technology and Social Engineering
Your Browser as a Defense Against Social Engineering
Other Good Practices for Safe Computing
Know What the Web Knows About You
Creating and Managing Your Passwords
Social Engineering and Social Networking
Questions to Ask Before You Post
An Overview of the Risks in Social Networking
Social Networking in a Corporate Setting
Particular Concerns in a Corporate Setting
Incident Response Policies, Procedures, and Guidelines
Phases of an Incident and Response
The Role of Business Continuity Plans
Planning for Disaster and Recovery
Preparation and Staging of Testing Procedures
Evidence Handling and Administration
Evidence Collection Techniques
Security Reporting Options and Guidelines
Requirements of Regulated Industries
CHAPTER 15 Defensive Technologies
Analysis of Information Collected
3.135.207.129