CompTIA PenTest+: Scoping & Engagement

CompTIA PenTest+
  • 15 Videos | 1h 30m 14s
  • Includes Assessment
  • Earns a Badge
Penetration testing is a coordinated and simulated cyberattack used to evaluate the security of a computer system or computer network. The initial and critical planning phase of penetration testing is key to a successful engagement process. In this course, you'll explore the fundamentals of penetration testing, including a comparison of governance, risk, and compliance concepts. You'll examine legal concepts such as service level agreements, statements of work, non-disclosure agreements, and master service agreements. You'll learn the importance of scoping and organizational and customer requirements, including common standards and methodologies, rules of engagement, environmental considerations, target list definition, and scope of the engagement validation. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-002) certification exam.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    recognize compliance considerations such as Payment Card Industry Data Security Standard (PCI DSS) and General Data Protection Regulation (GDPR)
    list geographical location restrictions such as country limitations, tool restrictions, local laws, and local government requirements
    describe when to use service level agreements (SLAs)
    recognize the importance of protecting confidentiality during penetration testing exercises
    recognize what details should be included in a penetration testing statement of work
    recognize key components of a non-disclosure agreement
    list the benefits of defining a master server agreement prior to penetration testing
  • describe how to use approval forms to document the permission to attack
    recognize common standards and methodologies including MITRE ATT&CK, Open Web Application Security Project (OWASP), and the National Institute of Standards and Technology (NIST)
    recognize how clearly defined rules of engagement can help document the expectations of penetration testing
    recognize environmental considerations such as network, application, and cloud
    recognize how to define target lists such as wireless networks, domain, and physical locations
    recognize how to validate the scope of engagement using strategies such as time management and client contract review
    summarize the key concepts covered in this course

IN THIS COURSE

  • Playable
    1. 
    Course Overview
    1m 24s
    UP NEXT
  • Playable
    2. 
    Regulatory Compliance Considerations
    8m 32s
  • Locked
    3. 
    Geographical Location Restrictions
    7m 59s
  • Locked
    4. 
    Service Level Agreements
    7m 57s
  • Locked
    5. 
    Confidentiality Protection
    4m 46s
  • Locked
    6. 
    Penetration Testing Statement of Work
    5m 30s
  • Locked
    7. 
    Defining Non-disclosure Agreements
    5m 8s
  • Locked
    8. 
    Working with Master Service Agreements
    5m 1s
  • Locked
    9. 
    Obtaining Permission to Attack
    5m 48s
  • Locked
    10. 
    Standards and Methodologies
    5m 24s
  • Locked
    11. 
    Rules of Engagement
    6m 14s
  • Locked
    12. 
    Environmental Considerations
    4m 42s
  • Locked
    13. 
    Defining Target Lists
    5m 53s
  • Locked
    14. 
    Validating Scope of Engagement
    8m 19s
  • Locked
    15. 
    Course Summary
    1m 8s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE