ABOUT THE COURSE
Penetration testing is the process of attempting to gain access to resources without knowledge of usernames,passwords and other normal means of access. If the focus is on computer resources,then examples of a successful penetration would be obtaining or subverting confidential documents, pricelists, databases and other protected information.
The main thing that separates a penetration tester from an attacker is permission. The penetration tester will have permission from the owner of the computing resources that are being tested and will be responsible to provide a report. The goal of a penetration test is to increase the security of the computing resources being tested.
In many cases,a penetration tester will be given user-level access and in those cases,the goal would be to elevate the status of the account or user other means to gain access to additional information that a user of that level should not have access to.
Some penetration testers are contracted to find one hole,but in many cases,they are expected to keep looking past the first hole so that additional vulnerabilities can be identified and fixed. It is important for the pen-tester to keep detailed notes about how the tests were done so that the results can be verified and so that any issues that were uncovered can be resolved.
It’s important to understand that it is very unlikely that a pen-tester will find all the security issues. As an example,if a penetration test was done yesterday,the organization may pass the test.However, today is Microsoft’s “patch Tuesday”and now there’s a brand new vulnerability in some Exchange mail servers that were previously considered secure,and next month it will be something else. Maintaining a secure network requires constant vigilance.
What You Will Learn
The following tables list Microsoft Certifications by name and describe how they enable IT professionals to display and validate their skills and experience.
Who Should Attend
|Module 01:||Perform Pen-Testing|
|Module 02:||Find Holes Now Before Somebody Else Does|
|Module 03:||Report Problems to Management|
|Module 04:||Verify Secure Configuration|
|Module 05:||Security Training for Network Staff|
|Module 06:||Discover Gaps in Compliance|
|Module 07:||Testing New Techonology|
|Module 08:||Pen-Testing Tools and Reporting|
|Module 09:||Reconnaissaince Tools|
|Module 12:||Packet Manipulation and Password Cracking Tools|
|Module 13:||Exploitation Tools|
|Module 14:||Metasploit Version 2.5|
|Module 15:||Security Forest Exploitation Framework|
|Module 16:||Core Impact(Version 5.1)|
|Module 17:||The Penetration Testing Report|
|Module 18:||Analysis of Core Impact|
|Module 19:||Analysis of Core Impact|
|Module 20:||Detailed Review of Test Lab|
|Module 21:||Review of Core Impact|