Course Description
Description
The Certified Penetration Testing Engineer course trains students on the 5 key elements of penetration testing: information gathering, scanning, enumeration, exploitation and reporting. Ethical hacking is the art of using these penetration testing techniques to identify and repair the latest vulnerabilities in a system to make sure it is secure. Malicious hackers use these same techniques to find the same vulnerabilities except they exploit the vulnerabilities giving them access to the businesses network. Once inside, hackers can access private information, such as usernames, passwords, credit card numbers, and social security numbers of clients and employees. It’s very likely this data will be held for ransom or sold off on a black market. Hackers are constantly looking for new companies they can exploit; when they come across yours, will they be able to gain access? Certified Penetration Testing Engineers are the solution to prevent this from happening to businesses they serve.
With our proprietary penetration testing lab exercises, students will spend about 20 hours getting real-world penetration testing experience. They'll know what they are learning and they'll know how to use it after course. Our instructors will also provide real life examples of when to use the techniques that are being taught. There is no better way to learn the art of penetration testing.
This course also enhances the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk.
Accreditation
The National Security Agency has validated the CISSO for the following security standards:
NSTISSI – 4011: National Training Standard for Information Systems Security (INFOSEC)
CNSSI – 4012: National Information Assurance Training Standard for Senior Systems Managers
At Course Completion
Students will:
- Have knowledge to perform penetration test
- Have knowledge to accurately report on their findings from examinations
- Be ready to sit for the CPTE Exam
Audience
The CPTE is a course on penetration testing designed for those who already have a basic understanding of cyber security. We recommend an understanding of how computers are networked and how they interact with the internet (TCP/IP). Some of the tools we will use are only developed for Linux; therefor having experience with Linux is a plus. We recommend having the previously mentioned experience or you can prepare to take the course by completing the CISSO: Certified Information Systems Officer course as a prerequisite. People who are in or are going into the following professional roles will especially benefit from our course:
Penetration Testing Consultant Security Analyst/Consultant Security Architect
Chief Information Security Officer Security Auditor IT Management
Prerequisites
A minimum of 12 months experience in networking technologies
Sound knowledge of TCP/IP
Knowledge of Microsoft packages
Network+, Microsoft, Security+
Basic Knowledge of Linux is essential
C)VA/C)PEH or equivalent knowledge
Course Outline
With 15 up-to-date Modules and 16 Labs, the CPTE will not only teach you the know-how of penetration testing, but you'll have real-world experience to solidify what you have learned.
MODULES
- Logistics of Penetration Testing
- Linux Fundamentals
- Information Gathering
- Detecting Live System
- Enumeration
- Vulnerability Assessments
- Malware Goes Undercover
- Windows Hacking
- Hacking UNIX/Linux
- Advanced Exploitation Techniques
- Pen Testing Wireless Networks
- Networks, Sniffing, IDS
- Injecting the Database
- Attacking Web Technologies
- Project Documentation
A1. Understanding Penetration Testing
A2. Financial Sector Regulations
A3. Access Controls
A4. Protocols
A5. Cryptography
A6. Economics and Law
LABS
- Getting Set Up
- Linux Fundamentals
- Information Gathering
- Detecting Live Systems
- Reconnaissance
- Vulnerability Assessment
- Malware
- Window Hacking
- Hacking UNIX/Linux
- Advanced Exploitation Techniques
- Attacking Wireless Networks
- Networks, Sniffing and IDS
- Database Hacking
- Hacking Web Applications
A5: Cryptography
Post-Class Core Impact