Course Schedule
Dec 23, 2023 | Saturday and Sunday | 9:00 AM - 12:00 PM EST | - |
Course Curriculum
Course Curriculum
Module 1 Overview of Enterprise Applications and N-Tier Infrastructure
Module 2 Operating System –Windows Server 2012/2016, UNIX
Module 3 Networking, Active Directory and DNS
Module 4 Power Shell Scripting, Batch Scripting
Module 5 Incident, Problem and Change Management Process
Module 6 Infrastructure setup
- Installation of Virtual Machine on Physical Server
- Installation of Virtual Machine on Cloud
- Configure VPN
- Connect Remote Windows Servers
- Connect Remote Unix Server
Module 7
-
Identifying Security Fundamentals
- Identify Information Security Concepts
- Identify Security Controls
- Identify Authentication and Authorization Concepts
- Identify Cryptography Concepts
Module 8
- Analyzing Risk
- Analyze Organizational Risk
- Analyze the Business Impact of Risk
Module 9
- Identifying Security Threats
- Identify Social Engineering Attacks
- Identify Malware
- Identify Software-Based Threats
- Identify Network-Based Threats
- Identify Wireless Threats
- Identify Physical Threats
Module 10
- Conducting Security Assessments
- Identify Vulnerabilities
- Assess Vulnerabilities
- Plan for remediation of findings
Module 11
- IDS, Firewalls, and Honeypots
- IDS
- Firewalls
- Honeypots
- Configuring IDS and Honeypots
Module 12
- Cryptography
- Algorithm Cryptography
- Algorithm and Hash Cryptography
- Cryptography Tools
- PKI, Disk Encryption, Email Encryption
- Cryptography Lab
Module 13
- Vulnerability Scanning
- Vulnerability Scanning Overview and Considerations 206
- How Vulnerability Scanners Work
- Manual vs. Automated Scanning
- Internet scanning vs Internal Scanning
- Authenticated vs Unauthenticated Scanning
- Vulnerability Scanning with Nessus
- Authenticated Scanning With Nessus
- Vulnerability Scanning with Nmap
Module 14
- Web Application Attacks
- Web Application Assessment Methodology
- Web Application Enumeration
- Inspecting URLs
- Inspecting Page Content
- Viewing Response Headers
- Inspecting Sitemaps
- Locating Administration Consoles
- Web Application Assessment Tools
- DIRB
- Burp Suite
- Nikto
- Exploiting Web-based Vulnerabilities
- Exploiting Admin Consoles
- Cross-Site Scripting (XSS)
- Directory Traversal Vulnerabilities
- File Inclusion Vulnerabilities
- SQL Injection
Module 15
- Password Attacks
- Wordlists
- Standard Wordlists
- Brute Force Wordlists
- Common Network Service Attack Methods
- HTTP htaccess Attack with Medusa
- Remote Desktop Protocol Attack with Crowbar
- SSH Attack with THC-Hydra
- HTTP POST Attack with THC-Hydra
- Leveraging Password Hashes
- Retrieving Password Hashes
- Passing the Hash in Windows
- Password Cracking
Module 16
- Active Directory Attacks
- Active Directory Theory
- Active Directory Enumeration
- Active Directory Authentication
- NTLM Authentication
- Kerberos Authentication
- Cached Credential Storage and Retrieval
- Service Account Attacks
- Low and Slow Password Guessing
- Active Directory Lateral Movement
- Pass the Hash
- Overpass the Hash
- Pass the Ticket
- Distributed Component Object Model
- Active Directory Persistence
- Golden Tickets
- Domain Controller Synchronization
Module 17
- Network Penetration Test
- Plan for Network Penetration Testing
- External Network Penetration Testing
- Internal Network Penetration Testing
- Wireless Network Penetration Testing
- Foot printing
- Scanning and Enumeration
- System Hacking
- Malware
- Sniffing
- Social Engineering
- Denial of Service
- Session Hijacking
Module 18
- Application Penetration Test
- Plan for application Penetration Testing
- External Application Penetration Testing
- Internal Application Penetration Testing
- Web Servers and Apps
- SQL Injection
- OWASP top 10
Module 19
- Network exploitation
- FTP Exploits
- Man-in-the middle exploits
- Wireless Exploits
- Application Exploits
- SQL Injection
- Code Vulnerabilities
- Local Host Vulnerabilities
- Privileged Escalation (Unix)
- privileged Escalation (Windows)
Module 20
-
Penetration Tet Reports
- Network Penetration Test Report
- Application Penetration Test Report
Module 21
- Remediation
- Design remediation strategy
Module 22
- Boot Camp – PenTest+
- Preparation for CompTIA PenTest+ exam
Module 23 Job Support
- Resume Writing
- Project Analysis
- Interview Preparation
- Mock Interview
- Job Support
Description
News of large-scale cybersecurity threats and cyberattacks dominate the headlines all too often in today’s Information Age: hackers exploiting vulnerabilities of a retail giant, foreign influence in elections, and new forms of ransomware underscore the importance of preparing for these types of emerging threats. As businesses, governments, financial institutions, and public sector organizations collect, store, and process vast amounts of sensitive and valuable data, those organizations become targets of groups seeking to wreak havoc on vulnerable systems and potentially disrupt everyday business functions. As a result, penetration tests and ethical hacking have become a fundamental component of business operations. Most businesses must conduct network and application penetration tests to identify the security gaps in the network infrastructure and remediate the applications to ensure the protection of data and networks.
Digital Point Technologies offers an online course on Penetration Testing and Ethical Hacking Training that equips students with a comprehensive understanding of conducting a successful penetration test. The course will help students assess and mitigate specific vulnerabilities within an organization’s networks, systems, and data to provide the knowledge and skills to protect the integrity, security, and confidentiality of their digital assets.
Why Perform Regular Penetration Testing?
Identify unknown flaws or vulnerabilities that can result in a breach or disclosure
Discover vulnerabilities that traditional control-based testing methodologies can potentially miss
Validate, understand, and prepare for known risks to your organization
Update and maintain regulatory or compliance controls
Avoid costly downtime because of a security breach
Develop a roadmap to remediate vulnerabilities and address risk
Manage risk on an ongoing basis, as you make changes to your business or network
What a Penetration Testing Do?
Identify security vulnerabilities present in your network
Understand the contextualized risk, primary threats, critical functions, and security violations
Acquire a foothold on internal and external threats
Get a clear picture of where you must shore up your security weaknesses
Proactively protect your network from most critical vulnerabilities
Help analyze, prioritize, address, and remediate identified network security flaw
Course Catalog
Please Click to View The Catalog : Download