June 2012
Intermediate to advanced
234 pages
3h 39m
English
Overview
Preparation for the Certified Penetration Testing Engineer (CPTE) examination
Penetration testing is the simulation of an unethical attack of a computer system or other facility to prove how vulnerable that system would be in the event of a real attack. The Certified Penetration Testing Engineer (CPTE) examination provides a widely recognized certification for penetration testers.
The fundamentals of penetration testing
This book is a preparation guide for the CPTE examination, yet is also a general reference for experienced penetration testers, ethical hackers, auditors, security personnel and anyone else involved in the security of an organization's computer systems.
Key areas covered include:
- The primary phases of pen testing – reconnaissance, enumeration, vulnerability assessment and the eventual launch of an attack.
- The preparation of the test report – what information to include in the report and how best to present it to the client.
- The introduction of new technology – how it can improve business operations (e.g. employee remote access, wireless communications, public-facing web applications), but, at the same time, create new vulnerabilities.
Focusing on the techniques
This book avoids a detailed analysis of the tools currently used by today's pen testers, which often come in and out of fashion, and, instead, focuses on the range of techniques employed by professional pen testers around the world.
The author draws on his wealth of experience and provides real-world examples to illustrate the most common pitfalls that can be encountered during both the testing phase and also when delivering the final report.
A successful penetration test not only discovers the vulnerabilities of a system but also determines the level of risk that those vulnerabilities pose to the organization. Readers of this book will gain a better understanding of how to conduct a penetration test, and also how to deliver a client-focused report that assesses the security of the system and whether the level of risk to the organization is within acceptable levels.
Who should read this book?
This book should be read by many, including Penetration Testers, or those studying for the CPTE Exam and Ethical Hackers. Penetration testing is an essential component in any ISO27001 ISMS – so Auditors, Security Officers and Security Personnel should also read this book to understand the vital role Penetration Testing plays in protecting organisations from cyber attacks.
A business-aligned approach to penetration testing - Better defend your systems, intellectual property and values with this essential guide!
"Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.