Some of the best tools for improving security can also be in the wrong hands. This course identifies penetration testing methods and tools, as well as vulnerability scanners. This course will prepare you for the Security+ SY0-501 exam.
Learning Objectives
Penetration Testing Concepts
- start the course
- compare active vs. passive reconnaissance
- describe a pivot
- specify initial exploitation
- define persistence
- recognize escalation of privilege
- compare black vs. gray vs. white box
Vulnerability Scanning Concepts
- compare pen testing vs. vulnerability scanning
- passively test security controls
- identify vulnerability
- identify lack of security controls
- identify common misconfigurations
- compare intrusive vs. non-intrusive
- compare credentialed vs. non-credentialed
- describe false positives
Practice: Pen testing and Scanning
- recognize penetration testing and vulnerability scanning methods
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cyber Defense Analysis
- Cyber Defense Infrastructure Support
- Cybersecurity Management
- Exploitation Analysis
- Test and Evaluation
- Vulnerability Assessment and Management
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.