There are good penetration testers and then there are great penetration testers.
Unless you are bent on being nothing other than the best in penetration testing, don't bother registering for this program, as you are probably not cut out for it.
We know that the only way to find out what you are made of is by testing you at the brink of exhaustion which is why the LPT (Master) exam is 18 hours long!
Your pentesting skills will be challenged over three levels, each with three challenges, against a multi-layered network architecture with defense-in-depth controls. You will be required to make knowledgeable decisions under immense pressure at critical stages while selecting your approach and exploits.
As you progress along these levels, you will need to maneuver web application, network, and host penetration testing tools and tricks in an internal and external context to ultimately pwn the hosts and exfiltrate data required for the completion of the challenges.
The exam will require you to demonstrate mastery of deploying advanced pen testing techniques and tools including multi-level pivoting, OS vulnerabilities exploits, SSH tunnelling, host-based application exploits, privilege escalation, web server and web application exploitation such as arbitrary local and remote file upload, SQL injection and parameter manipulation, etc all in a real life scenario on hardened machines, networks, and applications.
You will be facing the ticking clock and there's no time to hesitate. There's no time for second-guessing. Try either of these and be prepared to fail!
And you must know that while you are racing against time, you will be under the watchful eyes of the Institute of Information Technology proctors who will be online and live! This added pressure will test your mental strength.
Learning Objectives
Being an LPT (Master) means that you can find chinks in the armor of defense-in-depth network security models with the help of network pivoting, making exploit codes work in your favor, or by writing Bash, Python, Perl, and Ruby scripts. The exam demands that you think on your feet, be creative in your approach, and not rely on the conventional techniques. Outsmarting and out maneuvering the adversary is what sets you apart from the crowd. This completely hands-on exam offers a challenge like no other by simulating a complex network of a multi-national organization in real time. This experience will test your perseverance and focus by forcing you to outdo yourself with each new challenge.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Risk Management
- Software Development
- Systems Development
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.