Wednesday, December 31, 2008

CEH or Pro Tools 101 Official Courseware Second Edition

CEH: Official Certified Ethical Hacker Review Guide

Author: Kimberly Graves

Prepare for the CEH certification exam with this official review guide and learn how to identify security risks to networks and computers. This easy-to-use guide is organized by exam objectives for quick review so you’ll be able to get the serious preparation you need for the challenging Certified Ethical Hacker certification exam 312-50. As the only review guide officially endorsed by EC-Council, this concise book covers all of the exam objectives and includes a CD with a host of additional study tools.



Table of Contents:
Introduction     xv
Introduction to Ethical Hacking, Ethics, and Legality     1
Understanding Ethical Hacking Terminology     2
Identifying Different Types of Hacking Technologies     3
Understanding the Different Phases Involved in Ethical Hacking and Listing the Five Stages of Ethical Hacking     4
Passive and Active Reconnaissance     5
Scanning     5
Gaining Access     5
Maintaining Access     6
Covering Tracks     6
What Is Hacktivism?     6
Listing Different Types of Hacker Classes     6
Ethical Hackers and Crackers-Who Are They?     7
What Do Ethical Hackers Do?     8
Goals Attackers Try to Achieve     8
Security, Functionality, and Ease of Use Triangle     9
Defining the Skills Required to Become an Ethical Hacker     10
What Is Vulnerability Research?     10
Describing the Ways to Conduct Ethical Hacking     11
Creating a Security Evaluation Plan     11
Types of Ethical Hacks     12
Testing Types     12
Ethical Hacking Report     13
Understanding the Legal Implications of Hacking     13
Understanding 18 U.S.C. [Section]1029 and 1030 U.S. Federal Law     14
Exam Essentials     14
Review Questions     16
Answers to Review Questions     18
Footprinting and Social Engineering     19
Footprinting     20
Define the Term Footprinting     20
Describe the Information Gathering Methodology     21
Describe Competitive Intelligence     22
Understand DNS Enumeration     23
Understand Whois and ARIN Lookups     24
Identify Different Types of DNS Records     27
Understand How Traceroute Is Used in Footprinting     28
Understand How E-Mail Tracking Works     29
Understand How Web Spiders Work     29
Exam Essentials     29
Social Engineering     30
What Is Social Engineering?     30
What Are the Common Types Of Attacks?     32
Understand Insider Attacks     33
Understand Identity Theft     33
Describe Phishing Attacks     34
Understand Online Scams     34
Understand URL Obfuscation     35
Social-Engineering Countermeasures     35
Exam Essentials     36
Review Questions     37
Answers to Review Questions     40
Scanning and Enumeration     41
Scanning     42
Define the Terms Port Scanning, Network Scanning, and Vulnerability Scanning     42
Understand the CEH Scanning Methodology     43
Understand Ping Sweep Techniques     44
Understand Nmap Command Switches     46
Understand Syn, Stealth, Xmas, Null, Idle, and Fin Scans     48
List TCP Communication Flag Types     49
Understand War-Dialing Techniques     51
Understand Banner Grabbing and OS Fingerprinting Techniques     52
Understand How Proxy Servers Are Used in Launching an Attack     53
How Do Anonymizers Work?     53
Understand HTTP Tunneling Techniques     54
Understand IP Spoofing Techniques     54
Exam Essentials     55
Enumeration     55
What Is Enumeration?     56
What Is Meant by Null Sessions?     56
What Is SNMP Enumeration?     58
Windows 2000 DNS Zone Transfer     59
What Are the Steps Involved in Performing Enumeration?     60
Exam Essentials     60
Review Questions     62
Answers to Review Questions     66
System Hacking      67
Understanding Password-Cracking Techniques     68
Understanding the LanManager Hash     69
Cracking Windows 2000 Passwords     70
Redirecting the SMB Logon to the Attacker     70
SMB Redirection     71
SMB Relay MITM Attacks and Countermeasures     71
NetBIOS DoS Attacks     72
Password-Cracking Countermeasures     72
Understanding Different Types of Passwords     74
Passive Online Attacks     74
Active Online Attacks     75
Offline Attacks     77
Nonelectronic Attacks     78
Understanding Keyloggers and Other Spyware Technologies     78
Understand Escalating Privileges     79
Executing Applications     80
Buffer Overflows     80
Understanding Rootkits     81
Planting Rootkits on Windows 2000 and XP Machines     81
Rootkit Embedded TCP/IP Stack     82
Rootkit Countermeasures     82
Understanding How to Hide Files     83
NTFS File Streaming     83
NTFS Stream Countermeasures     83
Understanding Steganography Technologies     84
Understanding How to Cover Your Tracks and Erase Evidence     85
Disabling Auditing     85
Clearing the Event Log     86
Exam Essentials     86
Review Questions     87
Answers to Review Questions     89
Trojans, Backdoors, Viruses, and Worms     91
Trojans and Backdoors     92
What Is a Trojan?     93
What Is Meant by Overt and Covert Channels?     94
List the Different Types of Trojans     94
How Do Reverse-Connecting Trojans Work?     94
Understand How the Netcat Trojan Works     96
What Are the Indications of a Trojan Attack?     97
What Is Meant by "Wrapping"?     97
Trojan Construction Kit and Trojan Makers     97
What Are the Countermeasure Techniques in Preventing Trojans?     98
Understand Trojan-Evading Techniques     98
System File Verification Subobjective to Trojan Countermeasures     99
Viruses and Worms     99
Understand the Difference between a Virus and a Worm     99
Understand the Types of Viruses     100
Understand Antivirus Evasion Techniques     101
Understand Virus Detection Methods     101
Exam Essentials     101
Review Questions      103
Answers to Review Questions     106
Sniffers     107
Understand the Protocols Susceptible to Sniffing     108
Understand Active and Passive Sniffing     109
Understand ARP Poisoning     110
Understand Ethereal Capture and Display Filters     110
Understand MAC Flooding     111
Understand DNS Spoofing Techniques     111
Describe Sniffing Countermeasures     113
Exam Essentials     114
Review Questions     115
Answers to Review Questions     117
Denial of Service and Session Hijacking     119
Denial of Service     120
Understand the Types of DoS Attacks     120
Understand How DDoS Attacks Work     122
Understand How BOTs/BOTNETs Work     123
What Is a "Smurf" Attack?     124
What Is "SYN" Flooding?     124
Describe the DoS/DDoS Countermeasures     124
Session Hijacking     125
Understand Spoofing vs. Hijacking     125
List the Types of Session Hijacking     126
Understand Sequence Prediction     126
What Are the Steps in Performing Session Hijacking?     128
Describe How You Would Prevent Session Hijacking     129
Exam Essentials     130
Review Questions     131
Answers to Review Questions     135
Hacking Web Servers, Web Application Vulnerabilities, and Web-Based Password Cracking Techniques     137
Hacking Web Servers     138
List the Types of Web Server Vulnerabilities     138
Understand the Attacks against Web Servers     139
Understand IIS Unicode Exploits     139
Understand Patch Management Techniques     140
Describe Web Server Hardening Methods     140
Web Application Vulnerabilities     141
Understanding How Web Applications Work     141
Objectives of Web Application Hacking     142
Anatomy of an Attack     142
Web Application Threats     142
Understand Google Hacking     143
Understand Web Application Countermeasures     143
Web-Based Password Cracking Techniques     144
List the Authentication Types     144
What Is a Password Cracker?     144
How Does a Password Cracker Work?     144
Understand Password Attacks: Classification     145
Understand Password-Cracking Countermeasures     145
Exam Essentials     145
Review Questions     147
Answers to Review Questions     149
SQL Injection and Buffer Overflows     151
SQL Injection     152
What Is SQL Injection?     152
Understand the Steps to Conduct SQL Injection     152
Understand SQL Server Vulnerabilities     153
Describe SQL Injection Countermeasures     153
Buffer Overflows     154
Identify the Different Types of Buffer Overflows and Methods of Detection     154
Overview of Stack-Based Buffer Overflows     154
Overview of Buffer Overflow Mutation Techniques     155
Exam Essentials     155
Review Questions     156
Answers to Review Questions     158
Wireless Hacking     159
Overview of WEP, WPA Authentication Mechanisms, and Cracking Techniques     160
Overview of Wireless Sniffers and Locating SSIDs, MAC Spoofing     162
Understand Rogue Access Points     163
Understand Wireless Hacking Techniques     163
Describe the Methods Used to Secure Wireless Networks     164
Exam Essentials     164
Review Questions     165
Answers to Review Questions      167
Physical Security     169
Physical Security Breach Incidents     170
Understanding Physical Security     171
What Is the Need for Physical Security?     171
Who Is Accountable for Physical Security?     172
Factors Affecting Physical Security     172
Exam Essentials     172
Review Questions     174
Answers to Review Questions     176
Linux Hacking     177
Linux Basics     178
Understand How to Compile a Linux Kernel     179
Understand GCC Compilation Commands     180
Understand How to Install Linux Kernel Modules     180
Understand Linux Hardening Methods     181
Exam Essentials     182
Review Questions     183
Answers to Review Questions     185
Evading IDSs, Honeypots, and Firewalls     187
List the Types of Intrusion Detection Systems and Evasion Techniques     188
List the Firewall Types and Honeypot Evasion Techniques     189
Exam Essentials     191
Review Questions     192
Answers to Review Questions     194
Cryptography     195
Overview of Cryptography and Encryption Techniques      196
Describe How Public and Private Keys Are Generated     197
Overview of the MD5, SHA, RC4, RC5, and Blowfish Algorithms     197
Exam Essentials     198
Review Questions     199
Answers to Review Questions     201
Penetration Testing Methodologies     203
Defining Security Assessments     204
Overview of Penetration Testing Methodologies     204
List the Penetration Testing Steps     205
Overview of the Pen-Test Legal Framework     206
List the Automated Penetration Testing Tools     207
Overview of the Pen-Test Deliverables     208
Exam Essentials     208
Review Questions     209
Answers to Review Questions     211
Glossary     213
Index     225

New interesting textbook: Bowl Food or Soils for Fine Wines

Pro Tools 101 Official Courseware, Second Edition

Author: Digidesign

Digidesign's Official Pro Tools 101 Courseware takes a comprehensive approach to learning the fundamentals of Pro Tools|HD, Pro Tools LE, or Pro Tools M-Powered systems. Now updated for Pro Tools 7.4 software, this new edition from the definitive authority on Pro Tools covers everything you need to know to complete a Pro Tools project. Learn to build sessions that include multitrack recordings of live instruments, MIDI sequences, software synthesizers and samplers, and audio looping with REX or ACID files. Through hands-on tutorials, develop essential techniques for recording, editing, and mixing. The included DVD-ROM offers tutorial files and videos, plug-in installers, and a variety of Pro Tools sessions. Developed as the foundation course of the official Digidesign Training and Education program, the guide can be used to learn on your own or to pursue formal Pro Tools certification through a Digidesign-authorized school. Join the ranks of audio professionals around the world as you unleash the creative power of your Pro Tools system.



No comments:

Post a Comment