This course explores the foundational concepts, methods and techniques in preparing and conducting penetration tests. Throughout the course you will be introduced to various tools as well as unravel complex methods for exploiting client-side, service side and privilege escalation attacks. Most importantly you will learn how to construct a final report outlining discovered vulnerabilities, make suggested recommendations to remediate and/or mitigate those vulnerabilities. You will also learn how to describe the findings in a way that non-technical personnel understand the ramifications of these vulnerabilities in a business sense.
- How computers, networks, software applications, data communications, databases and the Internet all work together to create the cyber world.
- How networks, applications and user platforms such as personal computers and smartphones are vulnerable to cyber attack.
- How to utilize basic principles of design configurations and controls to protect information from attack.
- How to respond to harm occurring on an organization’s information in real-time.
- The concept of “defense-in-depth.”
- Security documentation and the role of documentation in information assurance.