GPEN GIAC Certified Penetration Tester All-in-One Exam Guide
- 7h 51m
- Bill MacCormack, Ray Nutting
- McGraw-Hill/Osborne
- 2021
This effective study guide provides 100% coverage of every topic on the GPEN GIAC Penetration Tester exam
This effective self-study guide fully prepares you for the Global Information Assurance Certification’s challenging Penetration Tester exam, which validates advanced IT security skills. The book features exam-focused coverage of penetration testing methodologies, legal issues, and best practices. GPEN GIAC Certified Penetration Tester All-in-One Exam Guide contains useful tips and tricks, real-world examples, and case studies drawn from authors’ extensive experience. Beyond exam preparation, the book also serves as a valuable on-the-job reference.
Covers every topic on the exam, including:
- Pre-engagement and planning activities
- Reconnaissance and open source intelligence gathering
- Scanning, enumerating targets, and identifying vulnerabilities
- Exploiting targets and privilege escalation
- Password attacks
- Post-exploitation activities, including data exfiltration and pivoting
- PowerShell for penetration testing
- Web application injection attacks
- Tools of the trade: Metasploit, proxies, and more
About the Authors
Raymond Nutting, CompTIA PenTest+™, CISSP-ISSEP, is a published author and security practitioner with over 20 years of experience in the field of information security. He is the co-owner and founder of nDepth Security, a managed security service provider that specializes in penetration testing. Ray holds numerous industry-recognized certifications and has presented at various conferences and events throughout his career.
William MacCormack, GPEN, GSE, is a reformed systems administrator who has worked in IT for over 15 years and is currently a penetration tester for a small cybersecurity firm located in Columbia, MD. He currently teaches penetration testing at a local community college and in his free time mentors high school students beginning their cybersecurity education.
In this Book
-
Introduction
-
Planning and Preparation
-
Reconnaissance
-
Initial Access
-
Execution
-
Persistence, Privilege Escalation, and Evasion
-
Credential Access
-
Discovery and Lateral Movement
-
Data Collection and Exfiltration
-
Writing and Communicating the Pentest Report
-
Glossary