PTS: Network Perimeter Testing

Penetration Testing Network Perimeter Testing


Course Description

The Security Analyst Series from EC-Council | Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis, as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure.

Penetration testing is the exploitation of vulnerabilities present in an organization's network. It simulates methods that intruders use to gain unauthorized access to an organization’s networked systems and then compromise them. Penetration testers may use proprietary and/or open source tools to test known technical vulnerabilities in networked systems.  Apart from automated techniques, penetration testing training involves manual techniques for conducting targeted testing on specific systems to ensure that there are no security flaws that may have gone undetected earlier.

Become a Penetration Tester


 

Join Network & Perimeter Testing Course Training From EC-Council's Penetration Testing Series

 

Who Should Attend

This course will significantly benefit the security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

  • Duration: 2 days (9:00AM – 5:00PM)
  • CPE/ECE Qualification: 2 ECE Credits awarded for attendance (1 for each 8 hour class day)
  • Program Cost: $750 USD
  • Supplement Cost (Courseware & Certificate exam Access): $75 USD
  • Bundle Price: $799 USD
  • Getting Started: Find Training Click HERE
  • Corporate Trainers interested in setting up internal company training programs, click here

 

 

What’s included?

  • Physical Course ware
  • 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate

Related Certificates:

  • Penetration Testing: Security Analysis
  • Penetration Testing: Communication Media Testing
  • Penetration Testing: Network Threat Testing
  • Penetration Testing: Procedures & Methodologies

Course Briefing

Advanced Googling

This module explains the advanced features of the search engine “Google”. It also gives a comprehensive explanation on Site Operator, intitle:index.of, error | warning, Google Advanced Search Form, categorization of the operators , viewing live web cams , locating the source code with common strings , locating the vulnerable targets , locating targets via demonstration pages, locating targets via source code, vulnerable web application examples, locating targets via CGI scanning, a single CGI scan-style query, directory listings, web server software error messages, and the Goolag scanner.


 

 















Routers and Switches Penetration Testing

This module discusses the need for router testing and various issues involved in it, and aims to give a single point reference for router security assessment and countermeasures for the identified weaknesses. It gives the list of steps for Router Penetration Testing and also steps for Testing Switches.


 













Firewall Penetration Testing

This module explains what a firewall is and the importance of it. It also explains the various features of firewall and its functioning. This module gives a comprehensive view of the possible vulnerabilities in a firewall and the tests that help discover the vulnerabilities.

 














IDS Penetration Testing

Intrusion Detection Systems (IDS) is a software/hardware that detects and logs inappropriate, incorrect, or anomalous activity. IDSes are typically characterized based on the source of the data they monitor. This module gives a brief introduction about various Intrusion Detection Systems and their benefits. It also explains Wireless Intrusion Detection Systems and various IDS testing tools. This module explains IDS Penetration testing steps. It also discusses in detail about Traffic IQ Professional.

 














Physical Security and Stolen Laptop, PDA, and Cell Phone Penetration Testing

Physical security defends the organization from attackers trying to access a resource or information stored on media of the organization. Cyber security development focuses on mitigating attacks to computer networks as well as preventing the physical attacks. Business executives are increasingly reliant on laptops, PDAs, and cell phones for their portability, and the ability to work on the go. Losing such a device could result in losing the important financial information, trade secrets, and other personal information. This module discusses various steps in the penetration testing of physical security and a stolen laptop, PDA, or cell phone and how attackers gather information from a stolen device.

 

E-Mail Security Penetration Testing

This module explains about email accounts which are a storage area for people to store their private information, including their business data. The module discusses phishing, an Internet scam used to force the users to give their personal and confidential information, and spamming which is the process of populating the user’s inbox with unsolicited or junk email. The module familiarizes with HTA (HTML Application) file extensions, which consist of commands that can perform anything on the computer once executed and the attachment which can bypass the security settings on the network. It also gives brief introduction to PhishTank SiteChecker which blocks phishing pages, SpoofGuard which prevents from malicious attacks, and SpamExperts Destop which blocks spam.

 

Security Patches Penetration Testing

This module explains Patch Management, a part of system management that involves the acquisition, testing, and installation of patches to an administrated computer system. . The module talks about PVG (Patch and vulnerability group) which is created by the organization. PVG uses OS, application patching, automated patch management tools, and configuration changes to eradicate vulnerabilities. It also familiarizes with patch testing in non production system and vender authentication mechanism prior to installation of the patches.