Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
How to Test Network and Service Security
- Penetration testing – what is it?
- Penetration testing vs. audit – similarities, differences, what is appropriate?
- Practical issues – what can go wrong?
- Test scope – what do we want to check?
- Sources of best practices and recommendations.
Penetration Testing – Reconnaissance
- OSINT – obtaining information from open sources.
- Passive and active network traffic analysis methods.
- Identification of services and network topology.
- Security systems (firewalls, IPS/IDS systems, WAF, etc.) and their impact on tests.
Penetration Testing – Vulnerability Discovery
- Identifying systems and their versions.
- Finding vulnerabilities in systems, infrastructure, and applications.
- Vulnerability assessment – "what will hurt?"
- Exploit sources and customization possibilities.
Penetration Testing – Attack and Gaining Control
- Types of attacks – how they are conducted and their outcomes.
- Attacks using remote and local exploits.
- Attacks on network infrastructure.
- Reverse shell – how to manage a captured system.
- Privilege escalation – how to become an administrator.
- Ready-to-use "hacking tools".
- Analyzing a captured system – interesting files, saved passwords, private data.
- Special cases: web applications, WiFi networks.
- Social engineering – how to "break" a person if the system cannot be compromised?
Penetration Testing – Covering Tracks and Maintaining Access
- Logging and activity monitoring systems.
- Clearing logs and covering tracks.
- Backdoors – how to leave yourself an open entry point.
Penetration Testing – Summary
- Report preparation and its structure.
- Report handover and consultation.
- Verification of recommendation implementation.
Requirements
- Knowledge of fundamental computer networking topics (IP addressing, Ethernet, basic services – DNS, DHCP) and operating systems.
- Knowledge of Windows and Linux (basic administration, system terminal).
Target Audience
- Individuals responsible for network and service security,
- Network and system administrators wishing to learn security testing methods,
- Anyone interested in the topic.
28 Hours
