Operations security or OPSEC is a topic of security method for helping with the penetration testing workflow. In this course, OPSEC for Penetration Testers, you'll follow the story of a penetration tester that will test the security of a website. In each of the engagement phases, (pre-engagement, the penetration test itself, and post-engagement) the types of data and corresponding risks will be discussed. This includes communication with the stakeholders, a typical pen testers' work environment, as well as the tools being used. Throughout the course, the topics will cover the major scenarios penetration testers face in the real world. By the end of this course, you'll have an understanding of how OPSEC can fit into the penetration testing workflow.
Learning Objectives
- OPSEC and the Penetration Testing Workflow
- Setting up a Secure Penetration Testing Environment
- Identifying and Mitigating Risks While Testing
- Wrapping up Penetration Testing Engagements Securely
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Vulnerability Assessment and Management
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.