Penetration Testing: Protecting Networks and Systems

Penetration testing is the simulation of an unethical attack of a computer system or other facility in order to prove the vulnerability of that system in the event of a real attack. The Certified Penetration Testing Engineer (CPTE) examination is a widely recognized certification for penetration testers. Penetration Testing: Protecting networks and systems is a preparation guide for the CPTE examination. It describes the range of techniques employed by professional pen testers, and also includes advice on the preparation and delivery of the test report. The author's in-the-field experiences, combined with other real-world examples, are used to illustrate common pitfalls that can be encountered during testing and reporting. Special attention is also paid to new technologies that improve business operations, but which can create new vulnerabilities, such as employee remote access, wireless communications and public-facing web applications. This book will give you a better understanding of how to conduct a penetration test, and also how to deliver a client-focused report that assesses the security of the system and whether the level of risk to the organization is within acceptable levels. Kevin Henry has 35 years' experience working on computer systems, initially as a computer operator, and then in various programmer and analyst roles, before moving into audit and security. Kevin currently provides security auditing, training and educational programs for major clients and governments around the world and is a frequent speaker on the security conference circuit. A business-aligned approach to penetration testing!