Pen Testing
Mastering the Leadership of a Professional Penetration Testing.
Summary
This five-day intensive course enables participants to develop the necessary expertise to lead a professional penetration test using a mix of practical techniques and management skills.
The course has been designed by Industry experts with in-depth experience in the Penetration Testing fields. Unlike other certifications, this course focuses specifically on the knowledge and skills needed by a professional looking to lead or take part in a penetration test. We drill down into the latest technical knowledge, tools, and techniques in key areas including Infrastructure, Web Applications, and Mobile security as well as Social Engineering. In addition, the course focuses on how to practically apply what has been learned on current day-to-day penetration testing and does not expand on unrelated, dated, or unnecessary theoretical concepts.
Along with the in-depth technical hands-on skills, we teach our participants the management skills they need to lead a penetration test taking into account business risk and key business issues, allowing individuals who complete the course to have the right blend of the real business and technical competencies needed to be respected, understood and professional penetration tester.
On day four of the course, delegates get to use the skills learned in a comprehensive capture-the-flag penetration testing exercise.
Who should attend?
Security professionals wanting to gain formal penetration testing skills.
IT staff looking to enhance their technical skills and knowledge.
Auditors looking to understand the penetration testing processes.
IT and Risk Managers seeking a more detailed understanding of the appropriate and beneficial use of penetration tests.
Incident handlers and Business Continuity professionals looking to use testing as part of their testing regimes.
Learning objectives
• To be able to interpret and illustrate the main Penetration Testing Concepts and Principles.
• To understand the core technical knowledge needed to organize and carry out an effective set of tests.
• To learn how to effectively plan a penetration test and identify a scope that is suitable and appropriate based on risk.
• To learn the practical hands-on skills and relevant tools and techniques to conduct penetration testing effectively.
• To effectively manage the time and resources needed to scale a specific Penetration Test.
Course Agenda
Day 1: Introduction to penetration testing, ethics, planning, and scoping.
• Penetration testing principles.
• Legal and ethical issues.
• Fundamental principles of information security and risk management.
• Penetration testing approaches.
• Phases of penetration testing.
• Management of a penetration test.
Day 2: Technical foundation knowledge and techniques (with practical exercises in all areas).
• Network and Infrastructure Security.
• Web Application Security.
• Mobile Application Security.
• Social Engineering.
Day 3: Conducting a penetration test using tools and techniques, and review of testing areas.
• Conducting a penetration test – Infrastructure testing.
• Conducting a penetration test – Web application penetration testing.
• Conducting a penetration test – Social engineering testing.
• Conducting a penetration test – Physical security testing.
Day 4: Analyzing results from testing, reporting, and follow up.
• Documentation of the test quality review and reporting.
• Action plans and follow-up.
• Managing a test programme.
• Practical Capture the flag exercises – A 3 hour in class penetration test to be carried out by the delegates.
Day 5: Certification Exam
Prerequisites
Basic knowledge of Penetration Testing is recommended.
Educational approach
This training is based on both, theory and practice:
• Sessions of lectures illustrated with examples based on real cases.
• Practical exercises based on a full case study and lab environment to carry out tests using real tools and techniques.
• Review exercises to assist the exam preparation.
Examination and Certification
• The “PECB Certified Lead Pen Test Professional” exam fully meets the requirements of the PECB Examination and Certification Program (ECP).
• The “PECB Certified Lead Pen Test Professional” exam is available in different languages ( the complete list of languages can be found in the examination application form).
• Duration: 3 hours.
• For more information, refer to the section on PECB Certified Lead Pen Test Professional Exam.
General Information
Certification fees are included in the exam price.
A student manual containing over 450 pages of information and practical examples will be distributed to the participants.
A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants.
In a case of failure of the exam,participants are allowed to retake the exam for free under certain conditions.
For more, please visit PECB.