C)PTC Certified Penetration Testing Consultant



Similar documents
Certified Penetration Testing Consultant

InfoSec Academy Pen Testing & Hacking Track

"Charting the Course...

IPv6 Security. Scott Hogg, CCIE No Eric Vyncke. Cisco Press. Cisco Press 800 East 96th Street Indianapolis, IN USA

Interconnecting Cisco Networking Devices Part 2

IP(v6) security. Matěj Grégr. Brno University of Technology, Faculty of Information Technology. Slides adapted from Ing.

Presentation_ID. 2001, Cisco Systems, Inc. All rights reserved.

Securing Cisco Network Devices (SND)

Security of IPv6 and DNSSEC for penetration testers

How To Learn Cisco Cisco Ios And Cisco Vlan

: Interconnecting Cisco Networking Devices Part 2 v1.1

Linux Network Security


IINS Implementing Cisco Network Security 3.0 (IINS)

Vulnerabili3es and A7acks

NETWORK SECURITY (W/LAB) Course Syllabus

Certified Ethical Hacker Exam Version Comparison. Version Comparison

CCIE Security Written Exam ( ) version 4.0

Local Area Networks. LAN Security and local attacks. TDC 363 Winter 2008 John Kristoff - DePaul University 1

Securing end devices

IPv6 Security Best Practices. Eric Vyncke Distinguished System Engineer

Implementing Cisco IOS Network Security

Network Access Security. Lesson 10

OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS

IPv6 Fundamentals, Design, and Deployment

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

Interconnecting Cisco Network Devices 1 Course, Class Outline

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

CCNP: Implementing Secure Converged Wide-area Networks

CYBERTRON NETWORK SOLUTIONS

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Course Title: Penetration Testing: Security Analysis

CCNA Security 1.1 Instructional Resource

BUY ONLINE AT:

Implementing Cisco IOS Network Security v2.0 (IINS)

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

IMPLEMENTING CISCO SWITCHED NETWORKS V2.0 (SWITCH)

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

CS5008: Internet Computing

Securing IPv6. What Students Will Learn:

Lecture 17 - Network Security

Course Contents CCNP (CISco certified network professional)

SSVVP SIP School VVoIP Professional Certification

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

ASM Educational Center (ASM) Est. 1992

(d-5273) CCIE Security v3.0 Written Exam Topics

IPv6 Security Analysis

CERTIFIED PENETRATION TESTING CONSULTANT

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Table of Contents. Introduction

CTS2134 Introduction to Networking. Module Network Security

Cisco CCNP Implementing Secure Converged Wide Area Networks (ISCW)

Data Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles.

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

SonicOS 5.9 / / 6.2 Log Events Reference Guide with Enhanced Logging

Cisco Certified Network Expert (CCNE)

Network Security IPv4 + IPv6

Cisco Which VPN Solution is Right for You?

Chapter 8 Phase3: Gaining Access Using Network Attacks

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

Network Security and Penetration Testing

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Voice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

SECURITY IN AN IPv6 WORLD MYTH & REALITY. SANOG XXIII Thimphu, Bhutan 14 January 2014 Chris Grundemann

Configuring the Transparent or Routed Firewall

Security vulnerabilities in the Internet and possible solutions

IPV6 流 量 分 析 探 讨 北 京 大 学 计 算 中 心 周 昌 令

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Firewalls, Tunnels, and Network Intrusion Detection

Building Secure Network Infrastructure For LANs

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Description: Objective: Attending students will learn:

CEH Version8 Course Outline

Securing IP Networks with Implementation of IPv6

Introduction about cisco company and its products (network devices) Tell about cisco offered courses and its salary benefits (ccna ccnp ccie )

ICSA Labs Network Protection Devices Test Specification Version 1.3

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

Chapter 1 Network Security

Tools for Attacking Layer 2 Network Infrastructure

TABLE OF CONTENTS NETWORK SECURITY 2...1

Network Security Fundamentals

Packet Capture. Document Scope. SonicOS Enhanced Packet Capture

Networking 4 Voice and Video over IP (VVoIP)

: Interconnecting Cisco Networking Devices Part 2 v2.0 (ICND2)

Network Security and Firewall 1

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Exploiting First Hop Protocols to Own the Network. Rocket City TakeDownCon Paul Coggin Senior Principal Cyber Security

Lab VI Capturing and monitoring the network traffic

Matt Ryanczak Network Operations Manager

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

3.5 IPv6 Forum Certified Security Course, Engineer, Trainer & Certification (GOLD)

Security for 802 Access Networks: A Problem Statement

Transcription:

C)PTC Certified Penetration Testing Consultant Course Details Course Code: Duration: Notes: C)PTC 4 days This course syllabus should be used to determine whether the course is appropriate for the students, based on their current skills and technical training needs. Course content, prices, and availability are subject to change without notice. Terms and Conditions apply Elements of this syllabus are subject to change. About this Course The Certified Penetration Testing Consultant course is our advanced course in our penetration testing track. The C)PTC is designed for cyber security professionals and IT network administrators who are interested in conducting Penetration tests against large network infrastructures, such as large corporate networks. The training starts with capturing and analyzing basic packets and continues with Layer2 attack vectors; Layer3 based attacks, including both IPv4 and IPv6 stacks, routing protocol attacks (OSPF, BGP, etc); Service Provider level attacks related with very common used MPLS; how to use relays and pivots; VPN attacks including IPSEC protocol suite; SSL attacks; and finally covers NIDS/NIPS evasion and implementation techniques. At the completion of each module, students are going to be able to practice their knowledge with the lab exercises that are specifically prepared for the covered materials during the theory. Who Should Attend The Certified Penetration Testing Consultant course is the most advnaced training in mile2 s line of penetration testing courses and certifications. The course prepares students to consult organizations of any size on security by performing penetration test. We assume that people taking this course understand penetration testing and are looking to enhance their skills to the next level. We strongly encourage passing the C)PTE: Certified Penetration Testing Engineer Exam before taking this course or having the equivalent industry experience. Course Content With 8 Modules and 8 appendices, the C)PTC will bring your penetration testing skillset to the next level and prepare you to consult organizations on sucrity issues. Prerequisites C)PTE: Penetration Testing Engineer Or equivalent experience Academy IT Pty Ltd Harmer House Level 2, 5 Leigh Street ADELAIDE 5000 Email: sales@academyit.com.au Web: www.academyit.com.au Phone: 08 7324 800 Brian: 0400 112 083 Exam Information The Certified Penetration Testing Consultant exam is a 6 hour practical in which you will be conducting both a Vulnerability Assessment and a Full Penetration Test on two IPs. You will then be given 60 days to turn in a written Penetration Test report that will be analyzed by our team of experts. You are required to find at least 80% of the vulnerabilities and then manually test to see if they are legitimate. The report will need to be professionally written, grammatically correct and accurate. This exam is a Pass or Fail.

Modules Packet Capturing Packet Capturing Packet capturing using libpcap Capturing using ncap Packet Capturing Software Windump / TCPDump Usage Usage Windump & PS Wireshark General Settings Preferences Capture Settings Interface Options Column Settings Name Resolution Settings Panes Capture Options Menu Shortcuts Follow TCP Stream Expert Infos Packet Reassembly Capturing VOIP Calls VOIP Call Filtering Call Setup Playing the call Saving the call into a file SMB Export HTTP Export Layer2 Attacks Why Layer2? FBI/CSI Risk Assessment Ethernet Frame Formats Different Types of attacks Switch Learning Process Excessive Flooding Macof Cisco Switches Bridging Table Capacities Mac Flooding Alternative: Mac Spoofing Attacks Spanning Tree Basics Frame Formats Dissectoring Main BPDU Formats yersinia STP Attacks supported in yersinia Becoming Root Bridge VLANs Basic Trunk Port Defined Dynamic Trunking Protocol (Cisco) VLAN Hopping Attack Double Tagging How DHCP operates? DHCP Request/Reply Types DHCP Fields DHCP Starvation Attack Rogue DHCP Server Attack ARP Function Review Risk Analysis of ARP ARP Spoofing Attack Tools ARP Cache Poisoning How PoE works? Risk Analysis for PoE Layer3 Attacks on Cisco Based Infrastructures Layer 3 protocols Protocols: BGP BGP MD5 crack Protocols: BGP BGP Route Injection MP-BGP Route Injection Protocols: OSPF Protocols: ISIS Protocols: HSRP/VRRP DDoS detection DDoS prevention Ingress/egress filtering Worm detection and protection DDoS/worm research/future MPLS Bi-directional MPLS-VPN traffic redirection Some More MPLS Attacks MPLS Router integrity checking Pivoting & Replays Pivoting Netcat Backdoors with nc Netcat Basic Usage Persistent Listeners Shovel a shell Shovel a file netcat port scanner Relays Simple Netcat Relay Two-Way Netcat Relay The Newbie Approach

Named Pipes I/O Streams and Redirection Relay Scenario 1 Two-Way NC Relay with Named Pipe Relay Scenario 2 Relay Scenario 3 IPv6 Attacks IPv4 IPv6 IPv4 & IPv6 Headers IPv6 Header Format End-to-End Principle Differences with End-to-End End point filters Merging IPSEC and Firewall functions Scanning ICMPv6 ICMPv6 Neighbor Discovery IPv6 Attack Tools DAD DoS Attack DAD DoS Attack Auto-Configuration Mechanisms Autoconfiguration SLAAC, DHCPv6 Auto-Configuration IPv4 & IPv6 ICMPv6 Types Neighbor Discovery ND spoofing http://www.thc.org/thc-ipv6 Dos-new-ipv6 (THC) Parasite6 (THC) Redir6 (THC) Fake_router6 IPv6 in Today s Network Extension Headers Routing Header Different Types of Routing Header RH0 (Deprecated by RFC 5095) Format Routing Header 0 Attack Layer 3-4 Spoofing Transition Mechanism Threats IPv6 Firewalls Making existing tools work Summary VPN Attacks VPNs VPN Comparison IPSec Detecting IPSec VPNs AH versus ESP Tunnel mode versus Transport mode Main mode versus aggressive mode IKE Main Mode IKE Aggressive Mode IPv4 Header Authentication Header AH Transport Mode AH Tunnel Mode Authentication Algorithms AH and NAT ESP with Authentication ESP in Transport Mode ESP in Tunnel Mode IKE IKE-Scan IKE-SCAN Aggressive Mode Main Mode Aggressive Mode ID Aggressive Mode PSK Attacks Aggressive PSK Cracking Aggressive Mode ID Enumeration Main Mode PSK Attacks Main Mode PSK Cracking Main Mode Policy Enumeration IKECrack IKEProbe IKE-PROBE Other VPN Flaws Insecure Storage of Credentials on VPN Clients Username Enumeration Defeating SSL Outline How SSL Works Certificate Types Certificate Chaining Chain of trust Verifying a Certificate Chain Certificate Chain That Cannot be Verified What if Basic Constraints Then the story started SSLSNIFF Running SSLSNIFF Setting up IPTABLES Running Arpspoof SSLSTRIP How SSL connection is initiated: SSLSTRIP

How does it look like? With SSLSTRIP Running SSLSTRIP Combining this technique with homograph attack Certificates Certificate Enrollment Request PKCS#10 Certificate (Subjects) CN Encoding PKCS #10 SUBJECT PKCS #10 Certificate Signing Request Disadvantages Universal Wildcard More Weird Stuff What do we have to worry about? Certificate Revocation Defeating OCSP OCSP-Aware SSLSNIFF Updates Update-Aware SSLSNIFF Snort What is Snort? Snort Architecture Packet Sniffing Preprocessors Detection Engine Alerting Components Three major modes Using Snort as Packet Sniffer Packet Sniffing Snort as Packet Logger Snort as NIDS Snort Rule Tree Decoding Ethernet Packet Preprocessor Layout Parts of a Rule Outputs IDS/IPS Evasion Evasion Networking Standards Evasion Principles Evasion Layers Layer 2 Layer 3-4 Fragmentation Fragmentation Attacks Ping O' Death More Malicious Fragments Fragmentation-Based Techniques Sending Overlapping Fragments Different Reassembly Timeout Sending Fragment with Different TTLs Labs Insertion Attacks Protocol Violation Layer 5-7 Layer 5-7 SMB Evasions SMB based vulnerabilities How can IDS control SMB sessions? DCERPC Evasions How DCERPC works: DCERPC Bind Evasions DCERPC Call Evasions DCERPC Transport Evasions Obfuscation Client Side Attack Evasions Unicode UTF-8 Overlong Strings Javascript Evasions Base64 your HTML Encryption DoS Attacks Failure Points Alert Management Hardware Limitations Session Tracking Pattern Matching Signature Matching 1. Working with Captured Files 2. Layer 2 Attacks 3. Attacking Routing Protocols 4. Using Pivot Machines 5. IPv6 Attacks 6. VPN Attack 7. Defeating SSL, Decrypting Traffic and main in the middle attacks 8. NIDS/NIPS

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information