SecOps Literacy (Beginner Level)

Topics covered

• compare vulnerability to penetration testing and describe the function of each
• describe active information gathering along with methods and techniques for collecting information
• describe black box penetration testing and why it may be used
• describe common client-side attacks such as Cross-Site Scripting attacks and methods to help prevent them
• describe common password attacks and methods for preventing them
• describe common web cyber attacks and countermeasures to prevent these attacks
• describe cryptography and its four goals
• describe grey box penetration testing and why it may be used
• describe how to find a vulnerability using scanners and other techniques
• describe passive information gathering and methods for collecting information
• describe port forwarding and how it can be used as an exploit
• describe the cause of buffer overflow and how this exploit can be used for attacks
• describe the common types of penetration and the importance of testing each type
• describe the different types of IT governance frameworks
• describe the purpose of network tunneling and why it is important for penetration testing
• describe user privilege escalation and methods that can be used to protect your system from security attacks
• describe what penetration testing is and why it is important to the organization
• describe white box penetration testing and why it may be used
• differentiate between malware types and recognize some of the consequences of using targeted malware
• differentiate between scanning and enumeration
• differentiate between symmetric and asymmetric cryptography
• distinguish between governance and management
• identify the various roles and responsibilities of senior management in governance
• recognize how to choose a password cracking technique