Penetration testing is the simulation of an unethical attack of a computer system or other facility to prove how vulnerable that system would be in the event of a real attack. The Certified Penetration Testing Engineer (CPTE) examination provides a widely recognized certification for penetration testers.The fundamentals of penetration testing:
Penetration Testing: Protecting Networks and Systems is a preparation guide for the CPTE examination, yet is also a general reference for experienced penetration testers, ethical hackers, auditors, security personnel and anyone else involved in the security of an organizations computer systems.Key areas covered include:
Focusing on the techniques
- The primary phases of pen testing reconnaissance, enumeration, vulnerability assessment and the eventual launch of an attack
- The preparation of the test report What information to include in the report and how best to present it to the client
- The introduction of new technology how it can improve business operations (e.g. employee remote access, wireless communications, public-facing web applications), but, at the same time, create new vulnerabilities.
This book avoids a detailed analysis of the tools currently used by todays pen testers, which often come in and out of fashion, and, instead, focuses on the range of techniques employed by professional pen testers around the world.Who should read this book?
Penetration Testing: Protecting Networks and Systems should be read by many, including Penetration Testers, or those studying for the CPTE Exam and Ethical Hackers. Penetration testing is an essential component in any ISO27001 ISMS - so Auditors, Security Officers and Security Personnel should also read this book to understand the vital role Penetration Testing plays in protecting organisations from cyber attacks.