Learning Nessus for Penetration Testing
暫譯: 學習 Nessus 進行滲透測試

Master how to perform IT infrastructure security vulnerability assessments using Nessus with tips and insights from real-world challenges faced during vulnerability assessment

Overview

• Understand the basics of vulnerability assessment and penetration testing as well as the different types of testing
• Successfully install Nessus and configure scanning options
• Learn useful tips based on real-world issues faced during scanning
• Use Nessus for compliance checks

In Detail

IT security is a vast and exciting domain, with vulnerability assessment and penetration testing being the most important and commonly performed security activities across organizations today. The Nessus tool gives the end user the ability to perform these kinds of security tests quickly and effectively.

Nessus is a widely used tool for vulnerability assessment, and Learning Nessus for Penetration Testing gives you a comprehensive insight into the use of this tool. This book is a step-by-step guide that will teach you about the various options available in the Nessus vulnerability scanner tool so you can conduct a vulnerability assessment that helps to identify exposures in IT infrastructure quickly and efficiently. This book will also give you an insight into penetration testing and how to conduct compliance checks using Nessus.

This book starts off with an introduction to vulnerability assessment and penetration testing before moving on to show you the steps needed to install Nessus on Windows and Linux platforms.

Throughout the course of this book, you will learn about the various administrative options available in Nessus such as how to create a new user. You will also learn about important concepts like how to analyze results to remove false positives and criticality. At the end of this book, you will also be introduced to the compliance check feature of Nessus and given an insight into how it is different from regular vulnerability scanning.

Learning Nessus for Penetration Testing teaches you everything you need to know about how to perform VA/PT effectively using Nessus to secure your IT infrastructure and to meet compliance requirements in an effective and efficient manner.

What you will learn from this book

• Understand the basics of vulnerability assessment and penetration testing
• Install Nessus on Windows and Linux platforms
• Set up a scan policy based on the type of infrastructure you are scanning
• Configure a scan by choosing the right policy and options
• Understand the difference between credentialed and non-credentialed scans
• Analyze results from a severity, applicability, and false positive perspective
• Perform penetration tests using Nessus output
• Perform compliance checks using Nessus and understand the difference between compliance checks and vulnerability assessment

Approach

This book is a friendly tutorial that uses several examples of real-world scanning and exploitation processes which will help get you on the road to becoming an expert penetration tester.

Who this book is written for

Learning Nessus for Penetration Testing is ideal for security professionals and network administrators who wish to learn how to use Nessus to conduct vulnerability assessments to identify vulnerabilities in IT infrastructure quickly and efficiently.