• Online, Self-Paced
Course Description

This 14-video course explores benefits to an organization and the role of penetration testing to protect digital assets and networks. In this course, learners observe how to manage and analyze testing results. You will examine several testing methods, including black box, white box, and grey box testing. Next, you will learn about rules of engagement documents, which is executed prior to starting the penetrations testing. This document outlines rules around the test, and the importance of setting stopping points within a penetration test, and when to stop a penetration test. Explore test findings management, risk, risk tolerance, and how to align recommendations to an organization's needs and goals. You will learn about risk tolerance from a privacy and intellectual property perspective, and how to create good test reports for clients. You will learn to categorize your findings by using CVE (Common Vulnerabilities and Exposure) database, or the CVE details. Finally, you will learn how to communicate needed changes, and to emphasize the importance of further testing after recommendations are implemented.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operational Planning
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Systems Analysis
  • Threat Analysis
  • Vulnerability Assessment and Management