• Online, Self-Paced

Operations security or OPSEC is a topic of security method for helping with the penetration testing workflow. In this course, OPSEC for Penetration Testers, you'll follow the story of a penetration tester that will test the security of a website. In each of the engagement phases, (pre-engagement, the penetration test itself, and post-engagement) the types of data and corresponding risks will be discussed. This includes communication with the stakeholders, a typical pen testers' work environment, as well as the tools being used. Throughout the course, the topics will cover the major scenarios penetration testers face in the real world. By the end of this course, you'll have an understanding of how OPSEC can fit into the penetration testing workflow.

Learning Objectives

  • OPSEC and the Penetration Testing Workflow
  • Setting up a Secure Penetration Testing Environment
  • Identifying and Mitigating Risks While Testing
  • Wrapping up Penetration Testing Engagements Securely

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.