Читать книгу CompTIA Pentest+ Certification For Dummies - Glen E. Clarke - Страница 10

Part 1

Planning and Information Gathering

IN THIS PART …

Learn the basics of penetration testing and penetration testing terminology.

Explore the four major phases to CompTIA’s penetration testing process: planning and scoping; information gathering and vulnerability identification; attacks and exploits; and reporting and communication.

Understand the importance of planning for the penetration test and how not planning properly can result in crashing the customer’s systems or network and triggering intrusion detection systems, and create legal problems.

Learn how to scope the project, identify rules of engagement, define targets, and handle scope creep.

Discover the tools you can use to uncover information about the organization or company for which you are conducting a pentest, such as email addresses and phone numbers of employees, public IP addresses, target systems, and open ports.

Find out the difference between passive and active information gathering.

Learn how to perform vulnerability scans to identify the weaknesses that exist within your target systems and how to exploit them.