Transcription
Certified Penetration TestingEngineerDescription:A Certified Penetration Testing Engineer imagines all of the ways that a hackercan penetrate a data system. You have to go beyond what you learned as anEthical Hacker because pen testing explores technical and non-technical waysof breaching security to gain access to a system. Our C)PTE course is built onproven hands-on methods utilized by our international group of vulnerabilityconsultants.In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning,Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniquesmalicious hackers are using to acquire and destroy data. Additionally, you will learn more about thebusiness skills needed to identify protection opportunities, justify testing activities and optimizesecurity controls appropriate to the business needs in order to reduce business risk.Annual Salary Potential 84,314 AVG/yearKey Course InformationLive Class Duration: 5 DaysCEUs: 40Language: EnglishClass Formats Available:Instructor LedSelf-StudyLive Virtual TrainingSuggested Prerequisites:- Mile2 C)PEH or equivalent knowledge- 12 months of Networking Experience- Sound Knowledge of TCP/IP- Basic Knowledge of Linux- Microsoft Security experienceModules/LessonsModule 1 - Business & TechnicalLogistics of Pen TestingModule 2 -Information GatheringReconnaissance -Passive (ExternalOnly)Module 3 - Detecting Live SystemsModule 4 - Banner Grabbing andEnumerationModule 5 - AutomatedVulnerability AssessmentModule 6 -Hacking an OSModule 7 -Advanced Assessmentand Exploitation TechniquesModule 8 -Evasion TechniquesModule 9 - Hacking withPowerShellModule 10 - Networks and SniffingModule 11 - Hacking Web TechModule 12- Mobile and loTHackingModule 13 - Report Writing BasicsHands-On LabsLab 1 – Introduction to PenTesting SetupLab 2 – Linux FundamentalsLab 3 – Using Tools for ReportingLab 4 – Information GatheringLab 5 – Detecting Live SystemsLab 6 – EnumerationLab 7 – Vulnerability AssessmentsLab 8 – Software Goes UndercoverLab 9 – System Hacking (Windows)Lab 10 – System Hacking (Linux)Lab 11 – Advanced Vulnerabilityand Exploitation TechniquesLab 12 – Network Sniffing/IDSLab 13 – Attacking DatabasesLab 14 – Attacking WebApplicationspg. 1www.mile2.com10213 Wilsky Blvd, Tampa, FL 33625813-920-6779
Certified Penetration TestingEngineerUpon CompletionUpon completion, the CertifiedPenetration Testing Engineer,C)PTE, candidate will have solidknowledge of testing and reportingprocedures which will preparethem for upper management roleswithin a cybersecurity system.They will be able to competentlytake the C)PTE exam.Who Should Attend Pen TestersSecurity OfficersEthical HackersNetwork AuditorsVulnerability assessorsSystem Owners andManagersCyber Security EngineersAccreditationsExam InformationThe Certified Penetration TestingEngineer exam is taken onlinethrough Mile2’s LearningManagement System and isaccessible on you Mile2.comaccount. The exam will takeapproximately 2 hours and consistof 100 multiple choice questions.A minimum grade of 70% isrequired for certification.Re-CertificationRequirementsAll Mile2 certifications will beawarded a 3-year expiration date.There are two requirements tomaintain Mile2 certification:1) Pass the most currentversion of the exam for yourrespective existingcertification2) Earn and submit 20 CEUs peryear in your Mile2 account.Course FAQ’sQuestion: Do I have to purchase acourse to buy a certificationexam?Answer: NoQuestion: Do all Mile2 coursesmap to a role-based career path?Answer: Yes. You can findthe career path and other coursesassociated with it atwww.mile2.com.Question: Are all coursesavailable as self-study courses?Answer: Yes. There ishowever 1 exception. The RedTeam vs Blue Team course is onlyavailable as a live class.Question: Are Mile2 coursestransferable/shareable?Answer: No. The coursematerials, videos, and exams arenot meant to be shared ortransferred.Course and Certification Learning Optionspg. 2www.mile2.com10213 Wilsky Blvd, Tampa, FL 33625813-920-6779
Certified Penetration TestingEngineerDetailed Outline:Module 1 – Business and Technical Logistics of Pen Testing Section 1 – What is Penetration Testing?Section 2 – Today’s ThreatsSection 3 – Staying up to DateSection 4 – Pen Testing MethodologySection 5 – Pre-Engagement ActivitiesModule 2 – Information Gathering Reconnaissance- Passive (External Only) Section 1 – What are we looking for? Section 2 – Keeping Track of what we find! Section 3 – Where/How do we find this Information? Section 4 – Are there tools to help? Section 5 - CountermeasuresModule 3 – Detecting Live Systems – Reconnaissance (Active) Section 1 – What are we looking for? Section 2 – Reaching Out! Section 3 – Port Scanning Section 4 – Are there tools to help? Section 5 - CountermeasureModule 4 – Banner Grabbing and Enumeration Section 1 – Banner Grabbing Section 2 - EnumerationModule 5 – Automated Vulnerability Assessment Section 1 – What is a Vulnerability Assessment? Section 2 – Tools of the Trade Section 3 – Testing Internal/External Systems Section 4 – Dealing with the ResultsModule 6 – Hacking Operating Systems Section 1 – Key Loggers Section 2 - Password Attacks Section 3 – Rootkits & Their Friendspg. 3www.mile2.com10213 Wilsky Blvd, Tampa, FL 33625813-920-6779
Certified Penetration TestingEngineer Section 4 – Clearing TracksModule 7 – Advanced Assessment and Exploitation Techniques Section 1 – Buffer Overflow Section 2 - Exploits Section 3 – Exploit FrameworkModule 8 – Evasion Techniques Section 1 – Evading Firewall Section 2 - Evading Honeypots Section 3 – Evading IDSModule 9 – Hacking with PowerShell Section 1 – PowerShell – A Few Interesting Items Section 2 – Finding Passwords with PowerShellModule 10 – Networks and Sniffing Section 1 - Sniffing TechniquesModule 11 – Accessing and Hacking Web Techniques Section 1 - OWASP Top 10 Section 2 – SQL Injection Section 3 - XSSModule 12 – Mobile and IoT Hacking Section 1 – What devices are we talking about? Section 2 – What is the risk? Section 3 – Potential Avenues to Attack Section 4 – Hardening Mobile/IoT DevicesModule 13 – Report Writing Basics Section 1 – Report Components Section 2 – Report Results Matrix Section 3 - Recommendationspg. 4www.mile2.com10213 Wilsky Blvd, Tampa, FL 33625813-920-6779
Certified Penetration TestingEngineerDetailed Lab Outline:Course IntroductionLab 1 – Introduction to Pen Testing SetupSection 1 – Recording IPs and Logging into the VMsb. Section 2 – Researcha.Lab 2 – Linux FundamentalsSection 1 – Command Line Tips & Tricksb. Section 2 - Linux Networking for Beginnersc. Section 3 – Using FTP during a pentesta.Lab 3 – Using tools for reportinga.Section 1 – Setting up and using magictreeLab 4 – Information Gatheringb.c.d.e.f.g.Section 1 – Google QueriesSection 2 – Searching PastebinSection 3 – MaltegoSection 4 – People Search Using the Spokeo Online ToolSection 5 – Recon with FirefoxSection 6 – DocumentationLab 5 – Detecting Live Systems - Scanning Techniquesa.b.c.d.e.f.g.Section 1 – Finding a target using Ping utilitySection 2 – Footprinting a Target Using nslookup ToolSection 3 – Scanning a Target Using nmap ToolsSection 4 – Scanning a Target Using Zenmap ToolsSection 5 – Scanning a Target Using hping3 UtilitySection 6 – Make use of the telnet utility to perform banner grabbingSection 7 – DocumentationLab 6 – EnumerationSection 1 – OS Detection with Zenmapb. Section 2 – Enumerating a local system with Hyenac. Section 3 – Enumerating services with nmapa.pg. 5www.mile2.com10213 Wilsky Blvd, Tampa, FL 33625813-920-6779
Certified Penetration TestingEngineerd. Section 4 – DNS Zone Transfere. Section 5 – LDAP EnumerationLab 7 – Vulnerability AssessmentsSection 1 – Vulnerability Assessment with SAINTb. Section 2 – Vulnerability Assessment with OpenVASa.Lab 8 – Software Goes Undercovera. Section 1 – Creating a VirusLab 9 – System Hacking – Windows HackingSection 1 – System Monitoring and Surveillancec. Section 2 – Hiding Files using NTFS Streamsd. Section 3 – Find Hidden ADS Filese. Section 4 – Hiding Files with Stealth Toolsf. Section 5 – Extracting SAM Hashes for Password crackingg. Section 6 – Creating Rainbow Tablesh. Section 7 – Password Crackingi. Section 8 – Mimikatzb.Lab 10 – System Hacking – Linux/Unix HackingSection 1 – Taking Advantage of Misconfigured Servicesb. Section 2 – Cracking a Linux Passwordc. Section 3 – Setting up a Backdoora.Lab 11 – Advanced Vulnerability and Exploitation TechniquesSection 1 – Metasploitable Fundamentalsb. Section 2 – Metasploit port and vulnerability scanningc. Section 3 – Client-side attack with Metasploitd. Section 4 – Armitagea.Lab 12 – Network Sniffing/IDSSection 1 – Sniffing Passwords with Wiresharkb. Section 2 – Performing MitM with Cainc. Section 3 – Performing MitM with sslstripa.pg. 6www.mile2.com10213 Wilsky Blvd, Tampa, FL 33625813-920-6779
Certified Penetration TestingEngineerLab 13 – Attacking DatabasesSection 1 – Attacking MySQL Databaseb. Section 2 – Manual SQL Injectiona.Lab 14 – Attacking Web Applicationsa.b.Section 1 – Attacking with XSSSection 2 – Attacking with CSRFpg. 7www.mile2.com10213 Wilsky Blvd, Tampa, FL 33625813-920-6779
Certified Penetration Testing Engineer . account. The exam will take . required for certification. associated with it at All Mile2 certifications will be . however 1 exception. The Red . C. Upon completion, the Certified Penetration Testing Engineer, C)PTE, candidate will have solid knowledge of testing and reporting procedures which will .
