National CAE Designated Institution
  • Online, Instructor-Led

This course explores the foundational concepts, methods and techniques in preparing and conducting penetration tests. Throughout the course you will be introduced to various tools as well as unravel complex methods for exploiting client-side, service side and privilege escalation attacks. Most importantly you will learn how to construct a final report outlining discovered vulnerabilities, make suggested recommendations to remediate and/or mitigate those vulnerabilities. You will also learn how to describe the findings in a way that non-technical personnel understand the ramifications of these vulnerabilities in a business sense.

Learning Objectives

  • How computers, networks, software applications, data communications, databases and the Internet all work together to create the cyber world.
  • How networks, applications and user platforms such as personal computers and smartphones are vulnerable to cyber attack.
  • How to utilize basic principles of design configurations and controls to protect information from attack.
  • How to respond to harm occurring on an organization’s information in real-time.
  • The concept of “defense-in-depth.”
  • Security documentation and the role of documentation in information assurance.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.