- Assess network risk in line with NSA IAM government standards
- Explains systematic use of tools for network penetration testing and assessment
- Comprehensive in scope of information
- Detailed, but concise. This book assumes a certain level of knowledge on the part of the reader
- Very good coverage of a systematic means of using various tools to assess your network security
- Short but thorough. The book packs a lot of information into a concise amount of space
- McNab assumes familiarity on the part of the reader including TCP/IP, FTP, HTTP, SMTP, and *Nix
- Makes a good complement to a book such as Hacking Exposed or O'Reilly's Security Warrior
This is based at least in part on capitalizing on the success of Hacking Exposed and other such books, but is also more or less dictated by the security environment. There are always new vulnerabilities and new exploits and new techniques to identify and take advantage of weaknesses, so there is always a need for another book in this genre or at least updated versions of the existing books.
Many of the books available in this area are thick compendiums with complete details of vulnerabilities and a discussion of how one might break a computer with that vulnerability. What sets Network Security Assessment apart is that McNab spends significantly less time explaining the vulnerabilities in detail, and instead invests more time in explaining precisely how to perform the vulnerability or penetration testing to see if your system has that vulnerability.
While much of this book has been covered in past titles, this book covers a broader range of tools and a broader range of vulnerabilities than many of its counterparts. It also does so in a more systematic way designed to show the reader how to conduct a network security assessment by CESG CHECK or NSA IAM standards.
Even if you have read Hacking Exposed or Counter Hack or the like, this book makes a great addition to your library and helps you to apply the knowledge differently.