Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
In this course you’ll gain a hacker’s-eye-view of your network and technology infrastructure.
Full Description:
In this five-day course — the most robust and in-depth of its kind — you’ll gain a hacker’s-eye-view of your network and technology infrastructure. You’ll uncover the hackers’ favorite penetration techniques and how to protect against them. You’ll learn how to gather viable data on your network’s vulnerabilities using tools like Saint, NMAP, Nessus, SOLARWINDS, App Detective and more. You will cover techniques for assessing the security posture of firewalls and other perimeter defenses, and explore exploits that can breach firewalls in specific configurations. You will get proven tips on building a powerful network testing tool kit using both freeware and commercial tool alternatives so that you can frequently test for exploited TCP/IP network and computing platform-specific security vulnerabilities.
You’ll analyze the results, prioritize the high-value targets, and turn it all into a workable action plan in class. You will examine related vulnerabilities in the underlying operating system and connected TCP/IP application services. You will learn how to use commercial and freely available tools to test Web server configurations and uncover weaknesses in Web servers and browsers. You’ll also learn how to build and maintain a target list, perform remote and host assessments in our Hands-On Labs!
After all this, it’s the hackers who will have to beware when it comes to your network.
Course Fee: $2,495
Time: 8:30am - 4pm
Location: Click here to view the course schedule
Learning Level: Intermediate
CPE Credits 40
Prerequisites: Basic competency with TCP/IP networking. Knowledge of Linux optional.
Key topics:
• Pinpointing high-value targets
• Hands-On Labs for using Tools for detecting vulnerabilities
• Best-practice analysis techniques
• Protecting results confidentiality with PGP
• Reporting test findings for implementation
Who should attend:
System and Network Administrators, Security Personnel, Auditors, and
Consultants concerned with network security.
Phase I — Gather the Data
A first look at a network site, from the eyes of a potential hacker. The simple, and often overlooked, things that tell hackers if a site is worth a penetration attempt.
Phase II — Penetrate the Network
How hackers get past the security and into the data.
• Non-intrusive target search
• Intrusive target search
• Data analysis
Network Discovery Tools and Techniques: Hands-On Exercises
• Discovery/profiling objectives
• Locating Internet connections
• Host-locating techniques: manual and automated
• Operating system footprinting
• Evaluating Windows and Unix-based network discovery software tools
• Evaluating Windows and Unix-based application scanning software tools
• Review Step-by-step process of each scanning and profiling tool
• Directory services: DNS, DHCP, BOOTP, NIS
• Look-up services: finger, whois, search engines
• Remote sessions: telnet, "r" commands, X-Windows
• File sharing and messaging: FTP, TFTP, World Wide Web
• Windows Server Message Block (SMB), Network File
• Systems (NFS), and e-mail
• Sample exploits using common TCP/IP and NetBIOS utility software
Phase III — Analyze the Results
Tips and techniques for effective, actionable penetration test analysis.
• Identifying network services
• Pinpointing vulnerabilities
• Demonstrating risks
• Reviewing reports and screens from prominent discovery/profiling tools
• Analyzing current configuration
Real-World Scenarios
• Abusive e-mail
• Embezzlement
• Pornography
• Denial-of-service
• Web defacement
• Trojan Horse
Phase IV — Write the Report
How to combine methodology, results, and analysis into a report that generates management attention and buy-in… and provides clear, workable action items.
In-Class Exercises
• Building and maintaining a target list
• Conducting multiple non-intrusive and intrusive target searches
• Tools and techniques for testing for Web site vulnerabilities
• Probing and attacking network firewalls
• Performing multiple remote target assessment
• Performing multiple host assessment
• Writing up the final report
Duration:
5 Days
Price:
$2,495
Submitted by: admin
Hits: 0
Security University's Network Penetration Testing Methods Course Web Page
|
