The RCCE Level 2 Rocheston Certified Cybersecurity Engineer (Penetration Testing) course is an advanced, comprehensive, and highly specialized program that equips cybersecurity professionals with the knowledge and skills required to excel in penetration testing.
This course stands out for its extensive coverage of advanced penetrating testing techniques.
Part 1: Cyber Range Exercises
In this part, students engage in capture-the-flag-style exercises where they attack machines with varying vulnerabilities. The cyber range comprises more than 100 machines with diverse vulnerability configurations. This hands-on approach enables students to:
- Gain real-world experience in identifying and exploiting vulnerabilities
- Understand how attackers think and strategize
- Develop the ability to prioritize and remediate vulnerabilities e actively
- Enhance their problem-solving and critical thinking skills
Part 2: ZombieCop. Run
ZombieCop.Run Red Team / Blue Team Exercises
This part involves students dividing into red and blue teams and attacking more than
100 targets. The benefits of conducting these exercises include:
Learning to collaborate and communicate effectively within a team. Understanding the defense strategies employed by the blue team. Gaining insights into the offensive tactics used by the red team. Developing a well-rounded understanding of both attack and defense methodologies.
Part 3: Vulnerability Vines
Rocheston's Vines is a full-scale vulnerability assessment and penetration testing tool that students will learn to implement within their organizations to secure their networks.
Vines covers a wide range of security aspects, such as DevSecOps, IAM,
vulnerability scanning, cloud firewall, zero-trust, VPN, and more.
Students will receive in-depth training on how to use Vines effectively.
Part 4: JuggyBank Project
You will be intimately involved in a thorough penetration testing process for JuggyBank.
This real-world project is designed to deliver holistic understanding of testing procedures, implementation of security measures, and subsequent defensive actions needed to secure JuggyBank.
Each phase of this project, from execution to analysis, will enlighten you about the practical aspects of penetration testing in detail. You will gain a realistic perspective of potential cybersecurity threats faced by banking institutions like JuggyBank
Learning Objectives
1. Master advanced penetration testing techniques 2. Learn sophisticated and extremely advanced phishing techniques 3. Understand and perform advanced blockchain exploits 4. Develop skills in red/blue team operations 5. Utilize AI and Machine Learning in cybersecurity contexts 6. Conduct advanced network penetration testing 7. Perform web application security testing 8. Master mobile application security testing 9. Understand and implement cloud security testing 10. Learn about IoT security testing 11. Develop skills in social engineering techniques 12. Understand and apply advanced cryptography concepts 13. Learn about quantum computing in the context of cybersecurity
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.