Detecting Common Router, Switch, and Firewall Weaknesses
Putting Up General Network Defenses
Understanding the Implications of Wireless Network Vulnerabilities
Choosing Your Tools
Discovering Wireless Networks
Discovering Wireless Network Attacks and Taking Countermeasures
Sizing Up Mobile Vulnerabilities
Cracking Laptop Passwords
Cracking Phones and Tablets
Introducing Windows Vulnerabilities
Choosing Tools
Gathering Information About Your Windows Vulnerabilities
Detecting Null Sessions
Checking Share Permissions
Exploiting Missing Patches
Running Authenticated Scans
Understanding Linux Vulnerabilities
Choosing Tools
Gathering Information About Your System Vulnerabilities
Finding Unneeded and Unsecured Services
Securing the .rhosts and hosts.equiv Files
Assessing the Security of NFS
Checking File Permissions
Finding Buffer Overflow Vulnerabilities
Checking Physical Security
Performing General Security Tests
Patching
Introducing Messaging System Vulnerabilities
Recognizing and Countering Email Attacks
Understanding VoIP
Choosing Your Web Security Testing Tools
Seeking Out Web Vulnerabilities
Minimizing Web Security Risks
Uncovering Mobile App Flaws
Diving Into Databases
Following Best Practices for Minimizing Database Security Risks
Opening Up About Storage Systems
Following Best Practices for Minimizing Storage Security Risks
Pulling the Results Together
Prioritizing Vulnerabilities
Creating Reports
Turning Your Reports into Action
Patching for Perfection
Hardening Your Systems
Assessing Your Security Infrastructure
Automating the Security Assessment Process
Monitoring Malicious Use
Outsourcing Security Assessments
Instilling a Security-Aware Mindset
Keeping Up with Other Security Efforts
Cultivate an Ally and a Sponsor
Don’t Be a FUDdy-Duddy
Demonstrate That the Organization Can’t Afford to Be Hacked
Outline the General Benefits of Security Testing
Show How Security Testing Specifically Helps the Organization
Get Involved in the Business
Establish Your Credibility
Speak on Management’s Level
Show Value in Your Efforts
Be Flexible and Adaptable
The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods
IT Governance and Compliance Are More Than High-Level Checklist Audits
Vulnerability and Penetration Testing Complements Audits and Security Evaluations
Customers and Partners Will Ask How Secure Your Systems Are
The Law of Averages Works Against Businesses
Security Assessments Improve Understanding of Business Threats
If a Breach Occurs, You Have Something to Fall Back On
In-Depth Testing Brings Out the Worst in Your Systems
Combined Vulnerability and Penetration Testing Is What You Need
Proper Testing Can Uncover Overlooked Weaknesses
Not Getting Approval
Assuming That You Can Find All Vulnerabilities
Assuming That You Can Eliminate All Vulnerabilities
Performing Tests Only Once
Thinking That You Know It All
Running Your Tests Without Looking at Things from a Hacker’s Viewpoint
Not Testing the Right Systems
Not Using the Right Tools
Pounding Production Systems at the Wrong Time
Outsourcing Testing and Not Staying Involved
Advanced Malware
Bluetooth
Certifications
Databases
Denial of Service (DoS) Protection
Exploits
General Research Tools
Hacker Stuff
Keyloggers
Laws and Regulations
Linux
Live Toolkits
Log Analysis
Messaging
Miscellaneous
Mobile
Networks
Password Cracking
Patch Management
Security Education and Learning Resources
Security Methods and Models
Social Enginering and Phishing
Source Code Analysis
Statistics
Storage
System Hardening
User Awareness and Training
Voice over Internet Protocol
Vulnerability Databases
Websites and Applications
Windows
Wireless Networks
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
Take Dummies with you everywhere you go! Go to our Website Like us on Facebook Follow us on Twitter Watch us on YouTube Join us on LinkedIn Pin us on Pinterest Circle us on google+ Subscribe to our newsletter Create your own Dummies book cover Shop Online WILEY END USER LICENSE AGREEMENT Go to www.wiley.com/go/eula to access Wiley’s ebook EULA.