Starting FromRM 3500.005 Days
HRDF SBL Claimable
Lunch & refreshment provided
Certificate of Attendance available
All of our private classes are customized to your organization's needs.
Click on the button below to send us your details and you will be contacted shortly.
Security remains one of the hottest topics in IT and other industries. It seems that each week brings news of some new breach of privacy or security. As organizations scramble to protect themselves and their customers, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to some general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company.
This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course.
This course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-001, or who plan to use PenTest+ as the foundation for more advanced security certifications or career roles. Individuals seeking this certification should have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management.
To ensure your success in this course, you should have:
• Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.
• Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.
You can obtain this level of skills and knowledge by taking the CompTIA® Security+® (Exam SY0-501) course or by obtaining the appropriate industry certification.
This program will be conducted with interactive lectures, PowerPoint presentation, discussion and practical exercise.
After you complete this course, you will be able to plan, conduct, analyze, and report on penetration tests.
• Plan and scope penetration tests.
• Conduct passive reconnaissance.
• Perform non-technical tests to gather information.
• Conduct active reconnaissance.
• Analyze vulnerabilities.
• Penetrate networks.
• Exploit host-based vulnerabilities.
• Test applications.
• Complete post-exploit tasks.
• Analyze and report pen test results.
• Introduction to Penetration Testing Concepts
• Gather Background Information
• Prepare Background Findings for Next Steps
• Perform Social Engineering Tests
• Perform Physical Security Tests on Facilities
• Scan Networks
• Enumerate Targets
• Scan for Vulnerabilities
• Analyze Basic Scripts
• Analyze Vulnerability Scan Results
• Leverage Information to Prepare for Exploitation
• Exploit Network-Based Vulnerabilities
• Exploit Wireless and RF-Based Vulnerabilities
• Exploit Specialized Systems
• Exploit Windows-Based Vulnerabilities
• Exploit *nix-Based Vulnerabilities
• Exploit Web Application Vulnerabilities
• Test Source Code and Compiled Apps
• Use Lateral Movement Techniques
• Use Persistence Techniques
• Use Anti-Forensics Techniques
• Analyze Pen Test Data
• Develop Recommendations for Mitigation Strategies
• Write and Handle Reports
• Conduct Post-Report-Delivery Activities
Ong Kian BoonHave been working in the IT industry since 2004 and exposed to all the common challenges faced by IT and security professionals. With years of experience working with business and management, IT service delivery and end users, he understands the importance of business value, infrastructure efficiency, user productivity as well as the protection of all these assets.Having started training with Info Trek in 2009, he has been sharing his passion and experiences in Microsoft infrastructure servers, Cisco routing and switching, as well as Novell SuSE Linux. He also specialises in security implementations and audit as no implementation can survive without it.