Final Exam: Penetration Tester
1 Video | 30m 32s
- Includes Assessment
- Earns a Badge
Final Exam: Penetration Tester will test your knowledge and application of the topics presented throughout the Penetration Tester track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.
WHAT YOU WILL LEARN
capture and analyze network traffic using Wiresharkcompare vulnerability to penetration testing and describe the function of eachdescribe active information gathering along with methods and techniques for collecting informationdescribe black box penetration testing and why it may be useddescribe common client-side attacks such as Cross-Site Scripting attacks and methods to help prevent themdescribe common web cyber attacks and countermeasures to prevent these attacksdescribe cryptography and its four goalsdescribe defensive and quick win controls for the major control types, how they are compromised, and steps for root cause analysisdescribe grey box penetration testing and why it may be useddescribe how to assess security controls, including establishing security metrics for risk management framework and reportingdescribe how to find a vulnerability using scanners and other techniquesdescribe how to perform social engineering penetration testingdescribe how to protect sensitive data with security testing and the five penetration testing rules of engagementdescribe how to set expectations and why it is importantdescribe passive information gathering and methods for collecting informationdescribe penetration testing tools that are used by professional hackersdescribe security controls in relation to the overall NIST Cybersecurity Framework and how security controls are relevant in SecOpsdescribe the cause of buffer overflow and how this exploit can be used for attacksdescribe the CIS critical security controls and how they are implementeddescribe the common types of penetration and the importance of testing each typedescribe the different categories of findingsdescribe the goals of social engineering penetration testsdescribe the importance of physical penetration testing and why organizations must perform penetration testingdescribe the importance of setting stopping points and when to stop a penetration testdescribe the importance of working with management to conduct further testing after recommendations are implementeddescribe the limitations of penetration testing and challenges for organizationsdescribe the major security control types and the components of a security controldescribe the processes used to undermine a Wi-Fi client's vulnerabilitiesdescribe the purpose and results of dumpster diving and how to protect against this form of attackdescribe the role of end-user awareness in preventing cybersecurity attacks and during penetration testing
describe the rules of engagement and how they are useddescribe the steps necessary to implement a physical penetration testing program and the phases of penetration testingdescribe tips and tricks for preventing social engineering attacksdescribe user privilege escalation and methods that can be used to protect your system from security attacksdescribe various areas where security controls are commonly useddescribe various complex security controls and how they are implemented, including industrial and government security controls and baselinesdescribe what penetration testing is and why it is important to the organizationdescribe what should be documented during a penetration test and why it is importantdescribe when to use security controls and how they are enforceddescribe white box penetration testing and why it may be useddifferentiate between malware types and recognize some of the consequences of using targeted malwaredifferentiate between scanning and enumerationdifferentiate between symmetric and asymmetric cryptographyidentify different lock pick tools and why lock picking is important in cybersecurityidentify how to recognize and prevent tailgating and recognize the risks that it exposesidentify how to translate penetration testing results into a formalized report that can be used for the end-user awareness programidentify penetration testing types and describe their reliance on end-user behavioridentify the business need to provide Wi-Fi access for internal employees and external partners and recognize the categories of wireless threats that can compromise networksidentify the role of human error in causing data breachesidentify the types of penetration testing and common terminologyidentify the vulnerabilities and processes used to undermine an unsecured Wi-Fi hotspotidentify web application security testing methodologies and the five stages of OPSECinvestigate security controls when one fails and describe how to mitigate the outcomelist the vulnerabilities of WEP security and identify how they can be exploitedoutline the steps used to perform a Denial of Service attack against a wireless networkrecognize how to choose a password cracking techniquerecognize social engineering attacks, and how to they relate to penetration testingrecognize the built-in sniffing capabilities of Wi-Fi used for penetration testingrecognize wireless security technologies such as WEP, WPA/2/3, and the vulnerabilities they have that could be exploitedstep through the process to perform rough AP analysis
IN THIS COURSE
1.Penetration Tester33sUP NEXT
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platformDigital badges are yours to keep, forever.