Final Exam: Penetration Tester

Intermediate
  • 1 Video | 30m 32s
  • Includes Assessment
  • Earns a Badge
Likes 6 Likes 6
Final Exam: Penetration Tester will test your knowledge and application of the topics presented throughout the Penetration Tester track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

WHAT YOU WILL LEARN

  • capture and analyze network traffic using Wireshark
    compare vulnerability to penetration testing and describe the function of each
    describe active information gathering along with methods and techniques for collecting information
    describe black box penetration testing and why it may be used
    describe common client-side attacks such as Cross-Site Scripting attacks and methods to help prevent them
    describe common web cyber attacks and countermeasures to prevent these attacks
    describe cryptography and its four goals
    describe defensive and quick win controls for the major control types, how they are compromised, and steps for root cause analysis
    describe grey box penetration testing and why it may be used
    describe how to assess security controls, including establishing security metrics for risk management framework and reporting
    describe how to find a vulnerability using scanners and other techniques
    describe how to perform social engineering penetration testing
    describe how to protect sensitive data with security testing and the five penetration testing rules of engagement
    describe how to set expectations and why it is important
    describe passive information gathering and methods for collecting information
    describe penetration testing tools that are used by professional hackers
    describe security controls in relation to the overall NIST Cybersecurity Framework and how security controls are relevant in SecOps
    describe the cause of buffer overflow and how this exploit can be used for attacks
    describe the CIS critical security controls and how they are implemented
    describe the common types of penetration and the importance of testing each type
    describe the different categories of findings
    describe the goals of social engineering penetration tests
    describe the importance of physical penetration testing and why organizations must perform penetration testing
    describe the importance of setting stopping points and when to stop a penetration test
    describe the importance of working with management to conduct further testing after recommendations are implemented
    describe the limitations of penetration testing and challenges for organizations
    describe the major security control types and the components of a security control
    describe the processes used to undermine a Wi-Fi client's vulnerabilities
    describe the purpose and results of dumpster diving and how to protect against this form of attack
    describe the role of end-user awareness in preventing cybersecurity attacks and during penetration testing
  • describe the rules of engagement and how they are used
    describe the steps necessary to implement a physical penetration testing program and the phases of penetration testing
    describe tips and tricks for preventing social engineering attacks
    describe user privilege escalation and methods that can be used to protect your system from security attacks
    describe various areas where security controls are commonly used
    describe various complex security controls and how they are implemented, including industrial and government security controls and baselines
    describe what penetration testing is and why it is important to the organization
    describe what should be documented during a penetration test and why it is important
    describe when to use security controls and how they are enforced
    describe white box penetration testing and why it may be used
    differentiate between malware types and recognize some of the consequences of using targeted malware
    differentiate between scanning and enumeration
    differentiate between symmetric and asymmetric cryptography
    identify different lock pick tools and why lock picking is important in cybersecurity
    identify how to recognize and prevent tailgating and recognize the risks that it exposes
    identify how to translate penetration testing results into a formalized report that can be used for the end-user awareness program
    identify penetration testing types and describe their reliance on end-user behavior
    identify the business need to provide Wi-Fi access for internal employees and external partners and recognize the categories of wireless threats that can compromise networks
    identify the role of human error in causing data breaches
    identify the types of penetration testing and common terminology
    identify the vulnerabilities and processes used to undermine an unsecured Wi-Fi hotspot
    identify web application security testing methodologies and the five stages of OPSEC
    investigate security controls when one fails and describe how to mitigate the outcome
    list the vulnerabilities of WEP security and identify how they can be exploited
    outline the steps used to perform a Denial of Service attack against a wireless network
    recognize how to choose a password cracking technique
    recognize social engineering attacks, and how to they relate to penetration testing
    recognize the built-in sniffing capabilities of Wi-Fi used for penetration testing
    recognize wireless security technologies such as WEP, WPA/2/3, and the vulnerabilities they have that could be exploited
    step through the process to perform rough AP analysis

IN THIS COURSE

  • Playable
    1. 
    Penetration Tester
    33s
    UP NEXT

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Likes 0 Likes 0  
Likes 0 Likes 0  
Likes 3 Likes 3