PTS: Network Perimeter Testing

Penetration Testing Network Threat Testing


Course Description

The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced Penetration testing training and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis, as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series, along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure.

PENETRATION TESTING: NETWORK THREAT TESTING coverage includes penetration testing of denial of service, password cracking, applications, database, viruses and Trojans, log management, data leakage and file integrity
 

 

Become a Penetration Tester


 

Courseware - Network Threat Testing in Penetration Testing

Who should Attend

This course will significantly benefit the security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

  • Duration: 2 days (9:00AM – 5:00PM)
  • CPE/ECE Qualification: 2 ECE Credits awarded for attendance (1 for each 8 hour class day)
  • Program Cost: $750 USD
  • Supplement Cost (Courseware & Certificate exam Access): $75 USD
  • Bundle Price: $799 USD
  • Getting Started: Find Training Click HERE
  • Corporate Trainers interested in setting up internal company training programs, click here

 

 

What’s included?

  • Physical Courseware
  • 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate

Related Certificates:

  • Penetration Testing: Security Analysis
  • Penetration Testing: Network and Perimeter Testing
  • Penetration Testing: Communication Media Testing
  • Penetration Testing: Procedures & Methodologies

 


Course Briefing

Advanced Googling

This module explains the advanced features of the search engine “Google”. It also gives a comprehensive explanation on Site Operator, intitle:index.of, error | warning, Google Advanced Search Form, categorization of the operators , viewing live web cams , locating the source code with common strings , locating the vulnerable targets , locating targets via demonstration pages, locating targets via source code, vulnerable web application examples, locating targets via CGI scanning, a single CGI scan-style query, directory listings, web server software error messages, and the Goolag scanner.


 

 















Routers and Switches Penetration Testing

This module discusses the need for router testing and various issues involved in it, and aims to give a single point reference for router security assessment and countermeasures for the identified weaknesses. It gives the list of steps for Router Penetration Testing and also steps for Testing Switches.


 













Firewall Penetration Testing

This module explains what a firewall is and the importance of it. It also explains the various features of firewall and its functioning. This module gives a comprehensive view of the possible vulnerabilities in a firewall and the tests that help discover the vulnerabilities.

 














IDS Penetration Testing

Intrusion Detection Systems (IDS) is a software/hardware that detects and logs inappropriate, incorrect, or anomalous activity. IDSes are typically characterized based on the source of the data they monitor. This module gives a brief introduction about various Intrusion Detection Systems and their benefits. It also explains Wireless Intrusion Detection Systems and various IDS testing tools. This module explains IDS Penetration testing steps. It also discusses in detail about Traffic IQ Professional.

 














Physical Security and Stolen Laptop,
PDA, and Cell Phone Penetration Testing

Physical security defends the organization from attackers trying to access a resource or information stored on media of the organization. Cyber security development focuses on mitigating attacks to computer networks as well as preventing the physical attacks. Business executives are increasingly reliant on laptops, PDAs, and cell phones for their portability, and the ability to work on the go. Losing such a device could result in losing the important financial information, trade secrets, and other personal information. This module discusses various steps in the penetration testing of physical security and a stolen laptop, PDA, or cell phone and how attackers gather information from a stolen device.

 

E-Mail Security Penetration Testing

This module explains about email accounts which are a storage area for people to store their private information, including their business data. The module discusses phishing, an Internet scam used to force the users to give their personal and confidential information, and spamming which is the process of populating the user’s inbox with unsolicited or junk email. The module familiarizes with HTA (HTML Application) file extensions, which consist of commands that can perform anything on the computer once executed and the attachment which can bypass the security settings on the network. It also gives brief introduction to PhishTank SiteChecker which blocks phishing pages, SpoofGuard which prevents from malicious attacks, and SpamExperts Desktop which blocks spam.

 

Security Patches Penetration Testing

This module explains Patch Management, a part of system management that involves the acquisition, testing, and installation of patches to an administrated computer system. . The module talks about PVG (Patch and vulnerability group) which is created by the organization. PVG uses OS, application patching, automated patch management tools, and configuration changes to eradicate vulnerabilities. It also familiarizes with patch testing in non production system and vender authentication mechanism prior to installation of the patches.