Course Overview
As organizations scramble to protect themselves and their customers against privacy or security breaches, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company.
Who Should Attend?
- Penetration Tester
- Vulnerability Tester
- Security Analyst (II)
- Vulnerability Assessment Analyst
- Network Security Operations
- Application Security Vulnerability
Pre-requisite
- Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.
- Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.
Course Outlines
- Introduction to Penetration Testing Concepts
- Plan a Pen Test Engagement
- Scope and Negotiate a Pen Test Engagement
- Prepare for a Pen Test Engagement
- Gather Background Information
- Prepare Background Findings for Next Steps
- Perform Social Engineering Tests
- Perform Physical Security Tests on Facilities
- Scan Networks
- Enumerate Targets
- Scan for Vulnerabilities
- Analyze Basic Scripts
- Analyze Vulnerability Scan Results
- Leverage Information to Prepare for Exploitation
- Exploit Network-Based Vulnerabilities
- Exploit Wireless and RF-Based Vulnerabilities
- Exploit Specialized Systems
- Exploit Windows-Based Vulnerabilities
- Exploit *Nix-Based Vulnerabilities
- Exploit Web Application Vulnerabilities
- Test Source Code and Compiled Apps
- Use Lateral Movement Techniques
- Use Persistence Techniques
- Use Anti-Forensics Techniques
- Analyze Pen Test Data
- Develop Recommendations for Mitigation Strategies
- Write and Handle Reports
- Conduct Post-Report-Delivery Activities