CSX PENETRATION TESTING OVERVIEW
The Cybersecurity Nexus (CSX) Penetration Testing Overview (CPTO) course provides students an introductory understanding of penetration testing and ethical hacking. Students will work with real systems in real environments and will leverage real vulnerability analysis and exploitation tools in a live environment. Upon completion, students will understand the overall concepts guiding penetration testing from a practical, hands-on vantage point.
CONTENUTO:
Introduction to Penetration Testing (Lesson)
- Ethical hacking overview
- Methodology overview
- Essential hacking tools
- Key Linux commands
Linux Shell and Commands (Lab/Instructional)
The Unix bourne-again shell, also known as Bash, is a command processor that runs in the Kali Linux terminal. Bash scripting and command execution is the foundation of penetration testing.
TCP/IP Basics (Lesson)
- Discuss network vulnerabilities and network-based attacks
- Understand the roles of TCP/IP protocol
- Understand basic commands to obtain network and process information
- Learn network-based commands
TCP/IP Basics (Lab/Instructional)
In Linux, viewing and configuring network connections is not only a fundamental aspect of computer and network security, but it is also an essential piece of the penetration testing infrastructure.
Reconnaissance (Lesson)
- Learn information gathering techniques
- Learn Reconnaissance tools
- Identify and map networks
- Leverage packet analysis tools
Packet Inquiry (Lab/Instructional)
Wireshark is a free and open source network protocol analyzer that is both efficient and effective. In Kali Linux, packets are captured in Wireshark by penetration testers and cybersecurity professionals on a daily basis.
Network Discovery (Lab/Instructional)
Again, Wireshark is a free and open source network protocol analyzer that is both efficient and effective. It is necessary for penetration testers to understand the packets that are traversing through a network segment while discovering network hosts and navigating to websites.
Enumeration (Lesson)
- Learn how to leverage enumeration tools
- Identify specific services in relation to their ports and states
- Understand the relationship between packets and traffic types
- Learn the importance of the three-way handshake
Service Enumeration (Lab/Instructional)
The CLI tool, nmap, and its GUI counterpart, Zenmap, are both extremely important when it comes to identifying and enumerating network hosts, ports and services, and more.
Vulnerability Identification (Lesson)
- Identify vulnerabilities
- Leverage vulnerability assessment tools
- Understand Metasploit
- Leverage Metasploit
Network Vulnerability Identification (Lab/Instructional)
Metasploit is a software project that is arranged for penetration testing. Metasploit provides essential information about computer and network security vulnerabilities and helps users exploit machines.
Network Vulnerability Exploitation (Lab/Instructional)
Using the results of an exploit to enable another exploit is something penetration testers do on a daily basis. Once their exploits take them deep enough into a remote system, using MySQL syntax to navigate a MySQL database can be a crucial skill when they're in search of information.
Reporting (Lesson)
- Verify findings
- Review configurations
- Conduct root cause analysis
Security Controls (Lesson)
- Analyze network security assessment areas
- Learn security architecture and design
- understand firewall technologies
- Analyze IDS and IPS
Evidence Removal (Lab/Instructional)
Removing evidence, also known as covering your tracks, is the last step in penetration testing. Although it is the last step, it is by far not the least important.
CPTO Challenge 1 (Lab/Challenge)
This challenge is based on the first four labs of this series. This lab reflects the Identify domain of penetration testing.
CPTO Challenge 2 (Lab/Challenge)
This challenge is based on the last four labs of this series. This lab reflects the Identify, Detect, and Recover domains of penetration testing.
- Ethical hacking overview
- Methodology overview
- Essential hacking tools
- Key Linux commands
Linux Shell and Commands (Lab/Instructional)
The Unix bourne-again shell, also known as Bash, is a command processor that runs in the Kali Linux terminal. Bash scripting and command execution is the foundation of penetration testing.
TCP/IP Basics (Lesson)
- Discuss network vulnerabilities and network-based attacks
- Understand the roles of TCP/IP protocol
- Understand basic commands to obtain network and process information
- Learn network-based commands
TCP/IP Basics (Lab/Instructional)
In Linux, viewing and configuring network connections is not only a fundamental aspect of computer and network security, but it is also an essential piece of the penetration testing infrastructure.
Reconnaissance (Lesson)
- Learn information gathering techniques
- Learn Reconnaissance tools
- Identify and map networks
- Leverage packet analysis tools
Packet Inquiry (Lab/Instructional)
Wireshark is a free and open source network protocol analyzer that is both efficient and effective. In Kali Linux, packets are captured in Wireshark by penetration testers and cybersecurity professionals on a daily basis.
Network Discovery (Lab/Instructional)
Again, Wireshark is a free and open source network protocol analyzer that is both efficient and effective. It is necessary for penetration testers to understand the packets that are traversing through a network segment while discovering network hosts and navigating to websites.
Enumeration (Lesson)
- Learn how to leverage enumeration tools
- Identify specific services in relation to their ports and states
- Understand the relationship between packets and traffic types
- Learn the importance of the three-way handshake
Service Enumeration (Lab/Instructional)
The CLI tool, nmap, and its GUI counterpart, Zenmap, are both extremely important when it comes to identifying and enumerating network hosts, ports and services, and more.
Vulnerability Identification (Lesson)
- Identify vulnerabilities
- Leverage vulnerability assessment tools
- Understand Metasploit
- Leverage Metasploit
Network Vulnerability Identification (Lab/Instructional)
Metasploit is a software project that is arranged for penetration testing. Metasploit provides essential information about computer and network security vulnerabilities and helps users exploit machines.
Network Vulnerability Exploitation (Lab/Instructional)
Using the results of an exploit to enable another exploit is something penetration testers do on a daily basis. Once their exploits take them deep enough into a remote system, using MySQL syntax to navigate a MySQL database can be a crucial skill when they're in search of information.
Reporting (Lesson)
- Verify findings
- Review configurations
- Conduct root cause analysis
Security Controls (Lesson)
- Analyze network security assessment areas
- Learn security architecture and design
- understand firewall technologies
- Analyze IDS and IPS
Evidence Removal (Lab/Instructional)
Removing evidence, also known as covering your tracks, is the last step in penetration testing. Although it is the last step, it is by far not the least important.
CPTO Challenge 1 (Lab/Challenge)
This challenge is based on the first four labs of this series. This lab reflects the Identify domain of penetration testing.
CPTO Challenge 2 (Lab/Challenge)
This challenge is based on the last four labs of this series. This lab reflects the Identify, Detect, and Recover domains of penetration testing.
ESAME:
The CSX Penetration Testing Overview Certificate Exam assesses candidates understanding of network reconnaissance, footprinting, vulnerability scanning, and system exploitation. The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment.
This two-hour exam contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.
Continuing Professional Education (CPE) Credit Count: 4 (2 CPEs per examination hour) when a passing score is achieved.
Objectives:
Candidates must complete tasks of varying duration with minimal instruction while navigating between multiple virtual machines and are expected to demonstrate an ability to:
- Perform system and network information gathering techniques;
- Identify and map networks of interest;
- Conduct Network Discovery and foot-printing techniques;
- Identify and enumerate TCP/IP services;
- Identify and exploit network vulnerabilities;
- Analyze network security areas;
- Understand and leverage firewall technologies;
- Assess wireless security;
Students must be comfortable leveraging Linux terminal tools and interfaces.
This two-hour exam contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.
Continuing Professional Education (CPE) Credit Count: 4 (2 CPEs per examination hour) when a passing score is achieved.
Objectives:
Candidates must complete tasks of varying duration with minimal instruction while navigating between multiple virtual machines and are expected to demonstrate an ability to:
- Perform system and network information gathering techniques;
- Identify and map networks of interest;
- Conduct Network Discovery and foot-printing techniques;
- Identify and enumerate TCP/IP services;
- Identify and exploit network vulnerabilities;
- Analyze network security areas;
- Understand and leverage firewall technologies;
- Assess wireless security;
Students must be comfortable leveraging Linux terminal tools and interfaces.
LIVELLO:
BEGINNERDOMINIO:
DETECTPREZZO:
400,00 € + IVA
PREZZO ESAME:
250,00 € + IVA