Course Title: Penetration Testing: Network & Perimeter Testing



Similar documents
Course Title: Penetration Testing: Communication Media Testing, 1st Edition

Course Title: Penetration Testing: Network Threat Testing, 1st Edition

Course Title Penetration Testing: Procedures & Methodologies

Course Title: Penetration Testing: Security Analysis

Course Title: Disaster Recovery, 1st Edition

Cautela Labs Cloud Agile. Secured.

Hackers are here. Where are you?

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Information Security Services

EC-Council Certified Security Analyst (ECSA)

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

Hackers are here. Where are you?

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

SANS Top 20 Critical Controls for Effective Cyber Defense

The Business Case for Security Information Management

Critical Controls for Cyber Security.

SPEAR PHISHING UNDERSTANDING THE THREAT

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

How To Prevent Hacker Attacks With Network Behavior Analysis

Security Management. Keeping the IT Security Administrator Busy

Analyze. Secure. Defend. Do you hold ECSA credential?

Network Defense Specialist. Course Title: Network Defense Specialist: Securing and Troubleshooting Network Operating Systems

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

Information Technology Security Review April 16, 2012

Penetration Testing //Vulnerability Assessment //Remedy

Vulnerability Assessment and Penetration Testing

SecurityMetrics Vision whitepaper

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Data Management & Protection: Common Definitions

Server Protection Policy 1 1. Rationale 1.1. Compliance with this policy will help protect the privacy and integrity of data created by and relating

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

Streamlining Web and Security

External Supplier Control Requirements

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

Rational AppScan & Ounce Products

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Payment Card Industry (PCI) Penetration Testing Standard

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Penetration testing & Ethical Hacking. Security Week 2014

Chapter 9 Firewalls and Intrusion Prevention Systems

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Global Partner Management Notice

Simplifying Security & Compliance Innovating IT Managed Services. Data Security Threat Landscape and IT General Controls

How To Protect A Web Application From Attack From A Trusted Environment

Cyber Security Metrics Dashboards & Analytics

Course Title: Virtualization Security, 1st Edition

Quarterly Report: Symantec Intelligence Quarterly

INTRODUCTION TO PENETRATION TESTING

Chapter 4 Application, Data and Host Security

Office of Inspector General

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

Where every interaction matters.

Host/Platform Security. Module 11

Effective Software Security Management

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

Cisco Advanced Services for Network Security

TSA audit - How Well Does It Measure Network Security?

Penetration Testing in Romania

Cisco Security Optimization Service

Network/Cyber Security

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

Course Title: Computer Forensic Specialist: Data and Image Files

Penetration Testing Report Client: Business Solutions June 15 th 2015

Patch and Vulnerability Management Program

The Importance of Cybersecurity Monitoring for Utilities

93% of large organisations and 76% of small businesses

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

A Case for Managed Security

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

How To Audit The Mint'S Information Technology

Critical Security Controls

Understanding Security Testing

4. Getting started: Performing an audit

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

Penetration Testing. Presented by

Information Security Organizations trends are becoming increasingly reliant upon information technology in

How To Protect Your Network From Attack From Outside From Inside And Outside

Network Security Audit. Vulnerability Assessment (VA)

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Professional Penetration Testing Techniques and Vulnerability Assessment ...

White Paper. Information Security -- Network Assessment

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

CORE IMPACT AND THE CONSENSUS AUDIT GUIDELINES (CAG)

PENETRATION TESTING GUIDE. 1

Fighting Advanced Threats

Cyber Essentials KAMI VANIEA 2

Certified Secure Computer User

Incident Response Plan for PCI-DSS Compliance

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

IIABSC Spring Conference

Security-as-a-Service (Sec-aaS) Framework. Service Introduction

Transcription:

Course Title: Penetration Testing: Network & Perimeter Testing Page 1 of 7

Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis, as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure. Penetration testing is the exploitation of vulnerabilities present in an organization's network. It simulates methods that intruders use to gain unauthorized access to an organization s networked systems and then compromise them. Penetration testers may use proprietary and/or open source tools to test known technical vulnerabilities in networked systems. Apart from automated techniques, penetration testing involves manual techniques for conducting targeted testing on specific systems to ensure that there are no security flaws that may have gone undetected earlier. Certificate Info Penetration Testing: Network & Perimeter Testing Who Should Attend? This course will significantly benefit Network administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment professionals. Course Duration: 2 days (9:00 5:00) CPE/ECE Qualification 16 ECE Credits awarded for attendance (1 for each classroom hour) Suggested Retail: $799 USD Page 2 of 7

Required Courseware: Visit www.cengage.com/community/eccouncil and click on Training Workshops for ordering details. What s included? Physical Courseware 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate Course + Supplement Cost: See the Training Workshops section at www.cengage.com/community/eccouncil for current pricing information. Related Certificates: Penetration Testing: Security Analysis Penetration Testing: Communication Media Testing Penetration Testing: Network Threat Testing Penetration Testing: Procedures & Methodologies Page 3 of 7

1. Advanced Googling Course Briefing: This module explains the advanced features of the search engine Google. It also gives a comprehensive explanation on Site Operator, intitle:index.of, error warning, Google Advanced Search Form, categorization of the operators, viewing live web cams, locating the source code with common strings, locating the vulnerable targets, locating targets via demonstration pages, locating targets via source code, vulnerable web application examples, locating targets via CGI scanning, a single CGI scan-style query, directory listings, web server software error messages, and the Goolag scanner 2. Routers and Switches Penetration Testing This module discusses the need for router testing and various issues involved in it, and aims to give a single point reference for router security assessment and countermeasures for the identified weaknesses. It gives the list of steps for Router Penetration Testing and also steps for Testing Switches. 3. Firewall Penetration Testing This module explains what a firewall is and the importance of it. It also explains the various features of firewall and its functioning. This module gives a comprehensive view of the possible vulnerabilities in a firewall and the tests that help discover the vulnerabilities. 4. IDS Penetration Testing Intrusion Detection Systems (IDS) is a software/hardware that detects and logs inappropriate, incorrect, or anomalous activity. IDSes are typically characterized based on the source of the data they monitor. This module gives a brief introduction about various Intrusion Detection Systems and their benefits. It also explains Wireless Intrusion Detection Systems and various IDS testing tools. This module explains IDS Penetration testing steps. It also discusses in detail about Traffic IQ Professional. 5. Physical Security and Stolen Laptop, PDA, and Cell Phone Penetration Testing Physical security defends the organization from attackers trying to access a resource or information stored on media of the organization. Cyber security development focuses on mitigating attacks to computer networks as well as preventing the physical attacks. Business executives are increasingly reliant on laptops, PDAs, and cell phones for their portability, and the ability to work on the go. Losing such a device could result in losing the important financial information, trade secrets, and other personal information. This module discusses various steps in the penetration testing of physical security and a stolen laptop, PDA, or cell phone and how attackers gather information from a stolen device. 6. E-Mail Security Penetration Testing This module explains about email accounts which are a storage area for people to store their private information, including their business data. The module discusses phishing, an Internet scam used to Page 4 of 7

force the users to give their personal and confidential information, and spamming which is the process of populating the user s inbox with unsolicited or junk email. The module familiarizes with HTA (HTML Application) file extensions, which consist of commands that can perform anything on the computer once executed and the attachment which can bypass the security settings on the network. It also gives brief introduction to PhishTank SiteChecker which blocks phishing pages, SpoofGuard which prevents from malicious attacks, and SpamExperts Destop which blocks spam. 7. Security Patches Penetration Testing This module explains Patch Management, a part of system management that involves the acquisition, testing, and installation of patches to an administrated computer system.. The module talks about PVG (Patch and vulnerability group) which is created by the organization. PVG uses OS, application patching, automated patch management tools, and configuration changes to eradicate vulnerabilities. It also familiarizes with patch testing in non production system and vender authentication mechanism prior to installation of the patches. Page 5 of 7

Course Outline: Chapter 1: Advanced Googling Introduction to Advanced Googling Common Queries Google Advanced Search Form Queries Other Useful Google Searches Chapter 2: Routers and Switches Penetration Testing Introduction to Routers and Switches Penetration Testing Steps for Router Penetration Testing Testing Switches Chapter 3: Firewall Penetration Testing Introduction to Firewall Penetration Testing Firewall Logging Functionality Periodic Review of Information Security Policies Firewall Implementation Maintenance and Management of Firewalls Types of Firewalls Firewall Limitations Steps for Conducting Firewall Penetration Testing Chapter 4: IDS Penetration Testing Types of Intrusion Detection Systems IDS Testing Tools Techniques Used to Evade Intrusion Detection Systems IDS Penetration-Testing Steps Chapter 5: Physical Security and Stolen Laptop, PDA, and Cell Phone Penetration Testing Introduction to physical Security Steps in Conducting Physical Security Penetration Testing Laptop, PDA, and Cell Phone Theft Laptop, PDA, and Cell Phone Penetration-Testing Steps Chapter 6: E-Mail Security Penetration Testing Introduction to E-Mail Security Penetration Testing Page 6 of 7

Obtaining an E-Mail ID Steps for E-Mail Penetration Testing Antiphishing Tools Antispam Tools Chapter 7: Security Patches Penetration Testing Introduction to Security Patches Penetration Testing Patch Management Patch and Vulnerability Group (PVG) Penetration-Testing Steps Patch Management Tools Page 7 of 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information