Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
How to Test the Security of Networks and Services
- Penetration testing – what is it?
- Penetration test versus audit – similarities, differences, and what is appropriate?
- Practical challenges – what can go wrong?
- Test scope – what exactly are we checking?
- Sources of best practices and recommendations
Penetration Testing – Reconnaissance
- OSINT – obtaining information from open sources
- Passive and active methods of network traffic analysis
- Identification of services and network topology
- Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on testing
Penetration Testing – Vulnerability Identification
- System and version identification
- Identifying vulnerabilities in systems, infrastructure, and applications
- Vulnerability assessment – "what will it hurt?"
- Exploit sources and possibilities for customization
Penetration Testing – Attack and Control
- Types of attacks – how they are conducted and their consequences
- Attacks using remote and local exploits
- Attacks on network infrastructure
- Reverse shell – how to manage a compromised system
- Privilege escalation – how to become an administrator
- Ready-made "hacking tools"
- Analyzing a compromised system – interesting files, saved passwords, private data
- Special cases: web applications, WiFi networks
- Social engineering – how to "break" a human if the system cannot be broken?
Penetration Testing – Cover-tracing and Maintaining Access
- Logging and activity monitoring systems
- Cleaning logs and erasing traces
- Backdoor – how to leave yourself an open entry
Penetration Testing – Summary
- Report preparation and its structure
- Report submission and consultation
- Verification of recommendations implementation
Requirements
- Knowledge of basic computer networking concepts (IP addressing, Ethernet, essential services such as DNS, DHCP) and operating systems.
- Familiarity with Windows and Linux (basic administration, command-line terminal).
Target Audience
- Personnel responsible for network and service security;
- Network and system administrators wishing to learn security testing methods;
- Anyone interested in the topic.
28 Hours
