Foreword xxiIntroduction xxiiiChapter 1 Fundamental Networking and Security Tools 1Ping 1IPConfig 4NSLookup 7Tracert 9NetStat 10PuTTY 14Chapter 2 Troubleshooting Microsoft Windows 17RELI 18PSR 19PathPing 21MTR 23Sysinternals 24The Legendary God Mode 28Chapter 3 Nmap--The Network Mapper 31Network Mapping 32Port Scanning 34Services Running 36Operating Systems 38Zenmap 39Chapter 4 Vulnerability Management 43Managing Vulnerabilities 43OpenVAS 46Nexpose Community 50Chapter 5 Monitoring with OSSEC 57Log-Based Intrusion Detection Systems 57Agents 61Adding an Agent 63Extracting the Key for an Agent 64Removing an Agent 64Log Analysis 65Chapter 6 Protecting Wireless Communication 67802.11 67inSSIDer 70Wireless Network Watcher 71Hamachi 72Tor 78Chapter 7 Wireshark 83Wireshark 83OSI Model 86Capture 89Filters and Colors 92Inspection 93Chapter 8 Access Management 97AAA 98Least Privilege 99Single Sign-On 101JumpCloud 103Chapter 9 Managing Logs 109Windows Event Viewer 110Windows PowerShell 112BareTail 116Syslog 117SolarWinds Kiwi 120Chapter 10 Metasploit 125Reconnaissance 127Installation 128Gaining Access 135Metasploitable2 139Vulnerable Web Services 144Meterpreter 146Chapter 11 Web Application Security 147Web Development 148Information Gathering 151DNS 153Defense in Depth 155Burp Suite 156Chapter 12 Patch and Configuration Management 165Patch Management 166Configuration Management 173Clonezilla Live 179Chapter 13 Securing OSI Layer 8 187Human Nature 188Human Attacks 192Education 193The Social Engineer Toolkit 195Chapter 14 Kali Linux 205Virtualization 206Optimizing Kali Linux 219Using Kali Linux Tools 221Maltego 222Recon-ng 223Sparta 225MacChanger 225Nikto 226Kismet 227WiFite 228John the Ripper 229Hashcat 230Chapter 15 CISv7 Controls and Best Practices 235CIS Basic Controls--The Top Six 236Inventory and Control of Hardware Assets 236Inventory and Control of Software Assets 238Continuous Vulnerability Management 239Controlled Use of Administrative Privileges 240Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 241Maintenance, Monitoring, and Analysis of Audit Logs 246In Conclusion 248Index 249

Nadean H. Tanner has been in the technology industry for over 20 years in a variety of positions from marketing to training to web development to hardware. She has worked in academia as an IT director and a postgraduate technology instructor. She has also been a trainer and consultant in advanced cybersecurity for Fortune 500 companies as well as the U.S. Department of Defense.