• Online, Self-Paced

Some of the best tools for improving security can also be in the wrong hands. This course identifies penetration testing methods and tools, as well as vulnerability scanners. This course will prepare you for the Security+ SY0-501 exam.

Learning Objectives

Penetration Testing Concepts

  • start the course
  • compare active vs. passive reconnaissance
  • describe a pivot
  • specify initial exploitation
  • define persistence
  • recognize escalation of privilege
  • compare black vs. gray vs. white box

Vulnerability Scanning Concepts

  • compare pen testing vs. vulnerability scanning
  • passively test security controls
  • identify vulnerability
  • identify lack of security controls
  • identify common misconfigurations
  • compare intrusive vs. non-intrusive
  • compare credentialed vs. non-credentialed
  • describe false positives

Practice: Pen testing and Scanning

  • recognize penetration testing and vulnerability scanning methods

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Analysis
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Exploitation Analysis
  • Test and Evaluation
  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.