1 - Planning and Scoping Penetration Tests
Introduction to Penetration Testing ConceptsPlan a Pen Test EngagementScope and Negotiate a Pen Test EngagementPrepare for a Pen Test Engagement
2 - Conducting Passive Reconnaissance
Gather Background InformationPrepare Background Findings for Next Steps
3 - Performing Non-Technical Tests
Perform Social Engineering TestsPerform Physical Security Tests on Facilities
4 - Conducting Active Reconnaissance
Scan NetworksEnumerate TargetsScan for VulnerabilitiesAnalyze Basic Scripts
5 - Analyzing Vulnerabilities
Analyze Vulnerability Scan ResultsLeverage Information to Prepare for Exploitation
6 - Penetrating Networks
Exploit Network-Based VulnerabilitiesExploit Wireless and RF-Based VulnerabilitiesExploit Specialized Systems
7 - Exploiting Host-Based Vulnerabilities
Exploit Windows-Based VulnerabilitiesExploit *nix-Based Vulnerabilities
8 - Testing Applications
Exploit Web Application VulnerabilitiesTest Source Code and Compiled Apps
9 - Completing Post-Exploit Tasks
Use Lateral Movement TechniquesUse Persistence TechniquesUse Anti-Forensics Techniques
10 - Analyzing and Reporting Pen Test Results
Analyze Pen Test DataDevelop Recommendations for Mitigation StrategiesWrite and Handle ReportsConduct Post-Report-Delivery Activities
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course.
This course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-001, or who plan to use PenTest+ as the foundation for more advanced security certifications or career roles. Individuals seeking this certification should have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management.
To ensure your success in this course, you should have:
Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.
Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.
You can obtain this level of skills and knowledge by taking the CompTIA Security+ Certification course or by obtaining the appropriate industry certification.