| |
| Certified Professional Testing Consultant Training |
| |
| QUICK FACTS – CPEH (Certified Professional Testing Consultant Training)
|
Description
|
This course is designed to take an individual with knowledge of the basic security auditing toolset to the next and higher level. |
Requirements |
- A minimum of 24 months experience in Networking Technologies
- Sound knowledge of TCP/IP
- Computer hardware knowledge
- Experience as aSupport Professional or Consultant
|
Training Cost |
Rs. 50,000 |
Duration |
40 hrs. |
Certification Exam |
Certified Penetration Testing Consultant (CPTC) |
Certification Cost |
Included in the training fee. |
Career Options |
|
|
| |
| |
| Course Overview: |
| This course is designed to take an individual with knowledge of the basic security auditing toolset to the next and higher level. Many courses teach “how to hack”; the CPTCONSULTANT course teaches “the business of penetration testing”. The course delivers advanced and cutting edge techniques for auditing a broad range of security controls (including Physical and User
Security) with “hands-on” laboratories designed by real world security auditors. |
| |
| BENEFITS OF THIS COURSE |
| |
The CPTCONSULTANT course provides attendees with the unique opportunity to perform all stages of an actual penetration test within a controlled classroom environment. Hands-on laboratories have been researched and developed by leading security professionals from around the world and are continuously updated. The CPTCONSULTANT will cover much more in-depth attacks, techniques, technologies and countermeasures than foundation Penetration Testing and Ethical Hacking courses such as CPTS, CEH and OSPT. Participants of the CPTCONSULTANT course will have the ability to complete laboratories in all of the following area
- Perform a penetration test and submit a deliverable report
- Capture and replay VoIP traffic
- Find and exploit databases with SQL Injection vulnerabilities
- Manipulate prices on ecommerce websites
- Obtain and transfer information via Bluetooth enabled telephones
- Tools and resources for picking simple and complex locks
- Techniques for Wireless Site Sur vey ing and Cracking WEP/WPA keys
- Additionally, attendees will be qualified to confidently undertake the upcoming CPTCONSULTANT practical examination.
|
| |
| Course Material |
| |
| |
MODULE 1: Introduction & Pen Test Overview |
| |
MODULE 2: Refresher - The Attack Stage |
| |
MODULE 3: Core Impact - Initial Pen Test |
| |
MODULE 4: External/DMZ |
| |
MODULE 5: Wireless Site Surveying |
| |
MODULE 6: Attacking Bluetooth Devices |
| |
MODULE 7: Programming 101 |
| |
MODULE 8: Internal Pen Testing |
| |
MODULE 9: Physical Security |
| |
MODULE 10: After the Pen Test |
|
| MODULE 1: Introduction & Pen Test Overview |
- Authorization
- Defining Boundaries
- Objectives and Scope of the Pen Test
- Plan of Attack
- Gathering Information
- Memory Devices
|
| |
| MODULE 2: Refresher - The Attack Stage |
- Reconnaissance
- Information Gathering
- Scanning
- Enumeration
- Vulnerability Assessments
- Exploiting Systems
- Back Doors/Root Kits
- Covering Tracks
- Wireless Attacks
|
| MODULE 3: Core Impact -- Initial Pen Test |
This lesson will instruct in the use of Core Technologies, market leading commercial penetration testing application. This tool will allow the penetration tester to quickly build up a security snapshot of the target network. From here, the tester will then move onto more advanced manual methods to complete the test. The hands-on laboratory will allow the student to use Core
Impact to perform a Rapid Pen Test. |
| |
| MODULE 4: External/DMZ |
The first point of contact with a target network will predominantly be through the De-Militarized Zone. This whole section is dedicated to the exploits that apply to this part of the Attack Surface. It is sub-sectioned into:
- DNS/Mail/Web/VPN Servers
- Database Mining-SQL Injection
|
| |
| MODULE 5: Wireless Site Surveying |
| During this module, the students will learn all about the current security mechanisms employed to secure wireless networks, WEP/WPA/WPA2 and 802.11x. After talking about the security of these networks, we cover the attacks to bypass all of the security. |
| |
| MODULE 6: Attacking Bluetooth Devices |
| As more and more Bluetooth devices appear on the corporate network, the professional penetration tester has to enhance his/her skills to encompass this technology. PDAs, cell phones and other BT devices are all vulnerable to attacks. The hands-on laboratory will teach the students the practical skills required to discover BT devices and retrieve personal information from cell phones and even make phone calls on somebody else's bill! The tool set includes BTscanner, ghettotooth, redfang and bluesnarfer. |
| |
| MODULE 7: Programming 101 |
| This module is not designed as a “learn programming in one easy step” as that is not possible. We focus our students' efforts on checking code obtained from underground websites so that it will compile correctly and perform the actions it is meant to. We cannot use a new tool on a client network without first ensuring it is safe. |
| |
| MODULE 8: Internal Pen Testing |
Once inside the external defences, the penetration tester has a whole different set of techniques and tools to use. This module is dedicated to internal testing. It is subsectioned into:
- Database Servers
- Network Attacks
- Password Retrieval and Cracking
|
| MODULE 9: Physical Security |
Physical access to a client's building can offer the penetration tester a whole host of powerful attack vectors. This module will teach the student how to gain access by picking the door locks and padlocks securing the building. Yes, you read correctly! By the end of the hands on laboratory, student will be able to open most common types of pin tumbler door locks and 90% of padlocks available on the market, thus being able to play a greater part is their respective organizations physical security
policies. Most 'Ethical Hacking' courses talk about the theory of physical access; the CPTCONSULTANT covers the practical art of physical access. |
| |
| MODULE 10: After the Pen Test |
Laboratory: Presentation of the Penetration Test Report
- Most lessons have hands-on laboratories.
- Laboratories will change continuously, adapting to changes in the security industry.
- Mile2 consultants working in the security field will be dynamically implementing new scenarios that are over and above the base laboratories used in student workbooks.
- Please note that this is not a class that will explain the very intricacies of each and every tool. The software is mostly open source and underground software which leaves us with no guarantee of compatibly.
- Mile2 consultants constantly test most of the tools used in this class; however, we may use a tool that is not tested in the environment we have at our partner's site.
- We will be using a large array of Operating Systems that are set-up to be used in different ways, perhaps to attack or to use as a hacker box.
VMware is used very often in the class. It would be helpful if you download a trial version prior to the class. |
| |
 Call us now on
9310851102
9310851103
9310851104
9310851113
011-43380000
011-43380001 |
|
|
| |
| |
|
| |