Koulutukset

Ota yhteyttä

Myyntipalvelu

Myynti

010 4321 001 Ota yhteyttä

Kesto: 5 päivää
Veroton hinta (+ alv 24 %): 3 003 €

Tästä asiakaskohtainen toteutus?

Toteutamme koulutuksia myös asiakaskohtaisina. Jätä yhteystietosi, ja tehdään juuri teille sopiva toteutus.

Tästä koulutuksesta ei alennuksia. 

Osallistumista ei voi maksaa koulutuskortilla.


Paikka ja päiväys

Online
2.9 – 6.9
English English
Ilmoittaudu
14.10 – 18.10
English English
Ilmoittaudu
21.10 – 25.10
English English
Ilmoittaudu
4.11 – 8.11
English English
Ilmoittaudu
9.12 – 13.12
English English
Ilmoittaudu
16.12 – 20.12
English English
Ilmoittaudu
6.1 – 10.1
English English
Ilmoittaudu
10.2 – 14.2
English English
Ilmoittaudu
9.3 – 13.3
English English
Ilmoittaudu

Jaa

Lataa pdf-muodossa

CREST Registered Penetration Tester

The CRT course leads to the CREST Registered Tester (CRT) examination, which is recognised by the NCSC as providing the minimum standard for CHECK Team Member status and is designed to assess a candidate’s ability to carry out basic vulnerability assessment and penetration testing tasks.

The CREST Registered Tester exam is a practical assessment, where the candidate will be expected to find known vulnerabilities across common network, application and database technologies aimed at assessing the candidate’s technical knowledge of penetration testing methodology and skills against reference networks, hosts and applications.

A pass at CPSA level is a pre-requisite for the Registered Tester examination and success at both CPSA and CRT will confer the CREST Registered status to the individual. An individual passing the CPSA but failing the practical element, which is this CRT exam, will still retain the CPSA Practitioner certificate and may apply to re-take the CRT practical exam at a later date, when they feel that they are ready to do so. Individuals who pass the CRT exam can request that their information be provided to the NCSC to be considered for CHECK Team Member Status. CPSA is available as a separate course.

Target Audience

  • Aspiring information security personnel who wish to be part of a PenTest team
  • System administrators who are responding to attacks
  • Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics
  • Government departments who wish to raise and baseline skills across all security teams
  • Law enforcement officers or detectives who want to expand their investigative skills
  • Information security managers who would like to brush up on the latest techniques and processes inorder to understand information security implications
  • Anyone meeting the pre-requisites who is considering a career in Penetration Testing

Prerequisites

A pass at CPSA level is a pre-requisite for the Registered Tester examination.

Objectives:

The course consists of nine modules:

  • Module 1 – Core Technical Skills
  • Module 2 – Background Information Gathering & Open Source
  • Module 3 – Networking Equipment
  • Module 4 – Microsoft Windows Security Assessment
  • Module 5 – Unix Security Assessment
  • Module 6 – Web Technologies
  • Module 7 – Web Testing Techniques
  • Module 8 – Databases
  • Module 9 - Preparation for the CRT exam

Assessment

Continual assessment, with topic quizzes, module tests and practical exercises ensure that you understand the knowledge and learn the skills delivered in each module.

Course Outline:

MODULE 1 - Core Technical Skills

  • Network Mapping & Target Identification
  • Interpreting Tool Output
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating Unknown Services
  • File System Permissions

MODULE 2 - Background Information Gathering & Open Source

  • Domain Name Server (DNS)

MODULE 3 - Networking Equipment

  • Management Protocols

MODULE 4 - Microsoft Windows Security Assessment

  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Vulnerabilities
  • Common Windows Applications

MODULE 5 - Unix Security Assessment

  • User Enumeration
  • Unix Vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11

MODULE 6 - Web Technologies

  • Web Server Operation
  • Web Servers & their Flaws
  • Web Protocols
  • Web Application Serers

MODULE 7 - Web Testing Techniques

  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation

MODULE 8 - Databases

  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity
  • RPC services
  • SSH

MODULE 9 - Preparation for CRT exam

  • CRT - Examination Guidance
  • CRT - Practice Exam

The course PenTesting tools and VMs all pre-downloaded and provided on a USB stick (over 70Gb). These are yours to keep so you can re-run the course as many times as you wish or use them for future reference.

Yhteistyössä