Enterprise Penetration Testing and Continuous Monitoring The Art of Hacking

سامانه مانیتورینگ امنیتی Penetration Testing سکوی کاملی برای مانیتور و کنترل سیستم‌ها می باشد. این سامانه تمامی جنبه‌های یک سیستم تشخیص/جلوگیری از نفوذ(IDS/IPS)، مانیتورینگ فایل‌های ثبت وقایع، مدیریت وقایع/رویدادهای امنیتی(SIM/SEM) را با هم در یک راه حل ساده و قدرتمند جمع آوری کرده است. اهمیت مانیتورینگ شبکه بحث بسیار مهمی می باشد که کارشناسان امنیت IT در پی راه های مختلفی جهت برقراری این امنیت می باشند. نرم افزارهای مختلفی بر اساس حمله های گوناگون مانند IDS، DDOS، Back door طراحی شده است که هر کدام در مواجه با شبکه های مختلف و تغییر توپولوژی به مشکلات بسیار بزرگی برخورد کرده است.

by Omar Santos
Publisher: Cisco Press
Release Date: April 2018
ISBN: 9780134854748
Topics: Security

Video Description
This course is a complete guide to help you get up and running with your Penetration Testing career. You will learn the key tenets and fundamentals of ethical hacking and security penetration testing techniques. You will also explore professional networking and security topics, including an introduction to the world of white hat hacking, reconnaissance, Kali Linux, exploitation, and post-exploitation techniques. This course provides step-by-step real-life scenarios. You will see firsthand how an ethical hacker performs initial reconnaissance of a victim, how to assess systems, network security controls, and security posture.

Rough Cuts / Sneak Peek:
The Rough Cuts/Sneak Peek program provides early access to Pearson products and is exclusively available to Safari subscribers. Content for titles in this program is made available throughout the development cycle, so products may not be complete, edited, or finalized, including post-production editing.

Table of Contents
Introduction
Enterprise Penetration Testing and Continuous Monitoring The Art of Hacking: Introduction 00:02:25
Lesson 1: Introduction to Enterprise Penetration Testing and Continuous Monitoring
Learning objectives 00:01:14
1.1 Introducing Red Teams and Enterprise Hacking 00:05:43
1.2 Understanding Enterprise Wide Penetration Testing 00:08:14
1.3 Understanding the Difference Between Red and Blue Teams 00:02:54
1.4 Exploring How to Plan and Fund a Red Team 00:03:23
1.5 Surveying Operational Processes and Policies for the Red Team 00:03:52
1.6 Understanding How to Create and Hire the Red Team 00:02:29
1.7 Understanding Red Team Collaboration 00:02:45
Lesson 2: External and Internal Reconnaissance
Learning objectives 00:00:33
2.1 Understanding the Red Team Environment 00:20:50
2.2 Understanding Passive Recon 00:02:39
Lesson 3: Enterprise Social Engineering
Learning objectives 00:00:25
3.1 Surveying Social Engineering Methodologies 00:04:13
3.2 Understanding How to Target Employees 00:02:51
3.3 Exploiting Social Engineering Tools 00:08:02
Lesson 4: Network and Vulnerability Scanning
Learning objectives 00:00:43
4.1 Exploring Network and Vulnerability Scanning Methodologies 00:03:51
4.2 Understanding the Operational Impact of Enterprise-wide Scanning 00:09:40
4.3 Understanding Scanning Tools 00:04:34
4.4 Exploring How to Automate Scans 00:07:42
4.5 Using Shodan and Its API 00:03:30
4.6 Exploring Vulnerability Scanners 00:10:22
4.7 Understanding Binary and Source Code Scanners 00:02:45
4.8 Understanding How to Perform Continuous Monitoring 00:03:33
Lesson 5: Web App Testing
Learning objectives 00:00:31
5.1 Exploring How to Target Hosts 00:05:36
5.2 Exploring Web App Testing Essential Tools 00:07:38
5.3 Understanding Enterprise Application Continuous Testing 00:03:37
Lesson 6: Internal Testing
Learning objectives 00:00:22
6.1 Understanding How to Initially Get on the Network 00:02:52
6.2 Understanding What Hosts to Target and the Scope of the Testing 00:06:37
6.3 Exploring the Hidden Cost of Open Source Software 00:04:04
6.4 Learning How to Host Enterprise Capture the Flag Events 00:03:17
Lesson 7: Privilege Escalation
Learning objectives 00:00:34
7.1 Learning Privilege Escalation Methodologies 00:06:51
7.2 Understanding Lateral Movement 00:04:15
7.3 Surveying Privilege Escalation Essential Tools 00:02:37
Lesson 8: Enterprise Secrets, Post Exploitation, and Data Exfiltration
Learning objectives 00:01:00
8.1 Understanding Persistent Access 00:02:03
8.2 Learning How to Achieve Domain Admin Access 00:02:54
8.3 Understanding How to Compromise User Credentials 00:05:25
8.4 Surveying Password Cracking & Reporting 00:02:58
8.5 Understanding That Domain Admin Is Not the End Goal 00:01:08
8.6 Searching for Sensitive Data 00:04:37
8.7 Understanding Data Exfiltration Techniques 00:07:44
8.8 Understanding How to Cover Your Tracks 00:04:01
Lesson 9 Cloud Services
Learning objectives 00:00:27
9.1 Understanding the Challenge of Testing Cloud Services 00:03:50
9.2 Exploring How to Test in the Cloud 00:03:33
Lesson 10 Reporting & Continuous Evaluation
Learning objectives 00:00:28
10.1 Surveying Final Reports for Transactional Penetration Testing Events 00:04:25
10.2 Surveying Continouos Reporting for Enterprise Continuous Monitoring 00:01:50
Summary
Enterprise Penetration Testing and Continuous Monitoring The Art of Hacking: Summary 00:01:48