Hacking For Dummies. Kevin Beaver
Читать онлайн книгу.
href="#u552ca2bb-24da-521d-9947-ca59d08b416a">Part 6: Security Testing Aftermath Chapter 17: Reporting Your Results Pulling the Results Together Prioritizing Vulnerabilities Creating Reports Chapter 18: Plugging Your Security Holes Turning Your Reports into Action Patching for Perfection Hardening Your Systems Assessing Your Security Infrastructure Chapter 19: Managing Security Processes Automating the Security Assessment Process Monitoring Malicious Use Outsourcing Security Assessments Instilling a Security-Aware Mindset Keeping Up with Other Security Efforts
11 Part 7: The Part of Tens Chapter 20: Ten Tips for Getting Security Buy-In Cultivate an Ally and a Sponsor Don’t Be a FUDdy-Duddy Demonstrate That the Organization Can’t Afford to Be Hacked Outline the General Benefits of Security Testing Show How Security Testing Specifically Helps the Organization Get Involved in the Business Establish Your Credibility Speak on Management’s Level Show Value in Your Efforts Be Flexible and Adaptable Chapter 21: Ten Reasons Hacking Is the Only Effective Way to Test The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods IT Governance and Compliance Are More Than High-Level Audits Vulnerability and Penetration Testing Complements Audits and Security Evaluations Customers and Partners Will Ask How Secure Your Systems Are The Law of Averages Works Against Businesses Security Assessments Improve Understanding of Business Threats If a Breach Occurs, You Have Something to Fall Back On In-Depth Testing Brings Out the Worst in Your Systems Combined Vulnerability and Penetration Testing Is What You Need Proper Testing Can Uncover Overlooked Weaknesses Chapter 22: Ten Deadly Mistakes Not Getting Approval Assuming That You Can Find All Vulnerabilities Assuming That You Can Eliminate All Vulnerabilities Performing Tests Only Once Thinking That You Know It All Running Your Tests Without Looking at Things from a Hacker’s Viewpoint Not Testing the Right Systems Not Using the Right Tools Pounding Production Systems at the Wrong Time Outsourcing Testing and Not Staying Involved
12
Appendix: Tools and Resources
Bluetooth
Certifications
Databases
Denial of Service (DoS) Protection
Exploits
Firewall Rulebase Analyzers
General Research and OSINT Tools
Hacker and Security Testing Publications
Internet of Things
Keyloggers
Laws and Regulations
Linux
Live Toolkits
Log Analysis
Messaging
Miscellaneous
Mobile
Networks
Password Cracking
Patch Management
Security Education and Learning Resources
Security Frameworks
Security Reports and Statistics
Social