| Description |
1 online resource |
|
text file |
| Series |
All-in-one |
|
All-in-one certification series.
|
| Contents |
Cover -- Title Page -- Copyright Page -- Dedication -- Contents -- Acknowledgments -- Introduction -- Chapter 1 Building a Lab -- Creating a Kali Linux Virtual Machine -- Creating a Metasploitable Virtual Machine -- Testing External Connectivity from Kali Linux -- Testing External Connectivity from Metasploitable -- Testing Communication Between Kali Linux and Metasploitable -- Creating a Windows Virtual Machine -- Testing Communication Between Windows, Kali Linux, and Metasploitable VMs -- Linux and Windows Commands -- Chapter Review -- Questions -- Answers -- References and Further Reading |
|
Chapter 2 Intrusion Analysis and Incident Handling -- Incident Handling Introduction -- Incident Handling Phases -- Preparation -- Building a Team -- Collecting Organizational Information -- Responding to an Incident -- Hardware -- Software -- Identification -- Incident Sources -- Data Collection for Incident Response -- Windows Investigations -- Linux Investigations -- Containment -- Tracking and Communicating an Incident -- Containment Strategies -- Eradication -- Recovery -- Lessons Learned -- Chapter Review -- Questions -- Answers -- References and Further Reading |
|
Chapter 3 Information Gathering -- Public Website Searching -- Netcraft -- the Harvester -- Wget -- Social Media Searching -- Defending Against Public Website and Social Media Searching -- Using Search Engines for Information Gathering -- Search Engine Query Examples -- Viewing Deleted Content Through the Wayback Machine -- Using Tools for Search Engine Information Gathering Automation -- Recon-NG -- Metagoofil -- Exiftool -- FOCA (Fingerprinting Organizations with Collected Archives) -- SearchDiggity -- Defending Against Search Engine Information Gathering -- Whois Lookups |
|
Performing Whois Lookups Using IANA and Regional Registries -- Performing Whois Lookups Using Online Tools -- Performing Whois Lookups Using the Command Line -- Defending Against Whois Lookups -- DNS Lookups -- Performing DNS Lookups Using Online Tools -- Nslookup -- Dig -- Host -- DNSRecon -- Defending Against DNS Lookups -- War Dialing -- Defending Against War Dialing -- War Driving -- Wireless Network Introduction -- Airmon-ng -- Kismet -- InSSIDer -- Other Tools Worth Checking -- Defending Against War Driving -- General-Purpose Information Gathering Tools -- Maltego -- Shodan -- Maps |
|
Spokeo -- Grayhat Warfare -- Chapter Review -- Questions -- Answers -- References and Further Reading -- Chapter 4 Scanning, Enumeration, and Vulnerability Identification -- Introduction to ARP, ICMP, IP, TCP, and UDP -- ARP -- ICMP -- IP -- TCP -- UDP -- Network Mapping -- Arp-scan -- Ping -- Traceroute -- Zenmap -- Defending Against Network Mapping -- Port Scanning -- Nmap -- Hping3 -- Additional Scanning Tools -- Proxy Utilization -- IDS/IPS Evasion -- Defending Against Port Scanning and IDS Evasion -- Vulnerability Identification -- Nessus -- Defending Against Vulnerability Identification |
| Summary |
This self-study guide delivers complete coverage of every topic on the GIAC Certified Incident Handler exam Prepare for the challenging GIAC Certified Incident Handler exam using the detailed information contained in this effective exam preparation guide. Written by a recognized cybersecurity expert and seasoned author, GCIH GIAC Certified Incident Handler All-in-One Exam Guide clearly explains all of the advanced security incident handling skills covered on the test. Detailed examples and chapter summaries throughout demonstrate real-world threats and aid in retention. You will get online access to 300 practice questions that match those on the live test in style, format, and tone. Designed to help you prepare for the exam, this resource also serves as an ideal on-the-job reference. Covers all exam topics, including: Intrusion analysis and incident handling Information gathering Scanning, enumeration, and vulnerability identification Vulnerability exploitation Infrastructure and endpoint attacks Network, DoS, and Web application attacks Maintaining access Evading detection and covering tracks Worms, bots, and botnets Online content includes: 300 practice exam questions Test engine that provides full-length practice exams and customizable quizzes. |
| Subject |
Computer security -- Examinations -- Study guides.
|
|
Electronic data processing personnel -- Certification -- Study guides.
|
|
Sécurité informatique -- Examens -- Guides de l'étudiant. |
|
Computer security -- Examinations |
|
Electronic data processing personnel -- Certification |
| Genre |
examination study guides.
|
|
Examinations
|
|
Study guides
|
|
Examinations.
|
|
Study guides.
|
|
Guides de l'étudiant.
|
| ISBN |
9781260461633 (electronic bk.) |
|
1260461637 (electronic bk.) |
| Standard No. |
1260461637 |
|
9781260461633 |
|
More Resources