Ethical Hacking and CompTIA PenTest+ – Total Seminars

Description

Ethical Hacking and CompTIA PenTest+ – Total Seminars

---

From Mike Meyers & Total Seminars: Michael Solomon on ethical hacking & high-level penetration testing. Hack like a pro.

Mike Meyers and the Total Seminars Team, your source for best-selling cybersecurity courses, brings you this ethical hacking and penetration testing course with your instructor Michael Solomon, Ph.D., CISSP, PMP, CISM.

With 30+ years of experience in security, privacy, blockchain, and data science, and an energetic presentation style, Michael takes his proficiency in network penetration testing and consolidates it into this informative and engaging course.

WHY SHOULD I TAKE THIS COURSE?

Did you know penetration testers’ average salary is $71,929?* And this career is in one of the fastest-growing job markets**.

Whether you’re looking to pass the CompTIA PenTest+ certification exam, take your next step in the CompTIA Cybersecurity Pathway, or you’re just looking to learn some awesome ethical hacking skills, you’re in the right place.

Keep in mind there’s much more to being an ethical hacker than what’s covered here, including how to secure a network, however, this course focuses on how to be a pentester. A pen tester plans and scopes a pen test engagement with a client, finds vulnerabilities, exploits them to get into a network, then reports on those findings to the client.

This course shows you how to:

• Use the tools you’ll need to scan networks, crack passwords, analyze and intercept traffic, discover code vulnerabilities, and compromise resources
• Recognize vulnerabilities within a system, running exploits, and suggest solutions to a client to remediate the weak points
• Work within a virtual environment to practice your pen-testing skills, including using Oracle VM manager, Kali Linux, Metasploitable, and DVWA
• Scope, plan and execute a pen test engagement from start to finish

WHAT’S COVERED?

Exam Domain – Percentage of Exam

1.0 Planning and Scoping – 15%

• Explain the importance of planning for an engagement
• Explain key legal concepts
• Explain the importance of scoping an engagement properly
• Explain the key aspects of compliance-based assessments

2.0 Information Gathering and Vulnerability Identification – 22%

• Given a scenario, conduct information gathering using appropriate techniques
• Given a scenario, perform a vulnerability scan
• Given a scenario, analyze vulnerability scan results
• Explain the process of leveraging information to prepare for exploitation
• Explain weaknesses related to specialized systems

3.0 Attacks and Exploits – 30%

• Compare and contrast social engineering attacks
• Given a scenario, exploit network-based vulnerabilities
• Given a scenario, exploit wireless and RF-based vulnerabilities
• Given a scenario, exploit application-based vulnerabilities
• Given a scenario, exploit local host vulnerabilities
• Summarize physical security attacks related to facilities
• Given a scenario, perform post-exploitation techniques

4.0 Penetration Testing Tools – 17%

• Given a scenario, use Nmap to conduct information gathering exercises
• Compare and contrast various use cases of tools
• Given a scenario, analyze tool output or data related to a penetration test
• Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell)

5.0 Reporting and Communication – 16%

• Given a scenario, use report writing and handling best practices
• Explain post-report delivery activities
• Given a scenario, recommend mitigation strategies for discovered vulnerabilities
• Explain the importance of communication during the penetration testing process

EXAM INFO

Exam code: PT0-001

Max. 85 questions (performance-based and multiple choice)

Length of exam: 165 minutes

Passing score: 750 (on a scale of 100-900)

Exam voucher cost: $349 ($329 on our website)

Recommended experience: Network+, Security+ or equivalent knowledge, minimum 3-4 years hands-on information security or related experience (no required prerequisites to sit for the PenTest+ exam)

HOW DO I TAKE THE COMPTIA PENTEST+ EXAM?

Buy an exam voucher (get your discount PenTest+ voucher at Total Seminars’ website), schedule your exam on the Pearson VUE website, then take the exam at a qualifying Pearson VUE testing center.

WHAT’S THE BIG DEAL ABOUT THE COMPTIA PENTEST+, ANYWAY?

CompTIA’s PenTest+ is the only penetration testing exam taken at a Pearson VUE testing center with both hands-on, performance-based questions and multiple-choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.***

Penetration testing and information security is one of the fastest-growing job category according to the U.S. Bureau of Labor Statistics. It predicts that roles requiring these skills will see 28 percent overall growth by 2026.**

COMPTIA PENTEST+ VS. EC-COUNCIL CEH CERTIFICATIONS

• The CompTIA PenTest+ is your quickest and most cost-effective route to a pen testing certification.
• The PenTest+ includes the latest mobile and cloud penetration testing skills, including IoT, as well as traditional desktop & server systems (CEH covers only traditional desktop & server systems).
• The PenTest+ better matches employer needs by covering not just technical topics, but also business processes, project flow, best practices, and professionalism in pen testing (CEH is strictly technical).
• The PenTest+ exam voucher costs $349 (or $329 on our website), compared to the CEH $1150 non-member plus application fee.***

*www.cyberdegrees.org

**US Bureau of Labor Statistics, www.bls.gov

***www.comptia.org

Lifetime support – Download unlimited when you buy Ethical Hacking and CompTIA PenTest+ – Total Seminars Course at Course Farm. The market leader in online learning – Offers a variety of diverse topics: Internet Marketing, Forex & Trading, NLP & Hypnosis, SEO – Traffic, …

Course Curriculum

Chapter 1: Planning and Scoping

• 01 – Planning a Pen Test (8:54)
• 02 – Rules of Engagement (10:41)
• 03 – Resources and Budget (7:21)
• 04 – Impact and Constraints (5:17)
• 05 – Support Resources (13:26)
• 06 – Legal Groundwork (11:57)
• 07 – Scope Considerations (10:51)
• 08 – Lab Environment Setup (23:53)
• 09 – Project Strategy and Risk (9:24)
• 10 – Scope Vulnerabilities (13:32)
• 11 – Compliance-Based Assessments (5:25)
• Planning and Scoping Quiz

Chapter 2: Surveying the Target

• 01 – Scanning and Enumeration (4:35)
• 02 – Scanning Demo (10:59)
• 03 – Packet Investigation (8:03)
• 04 – Packet Inspection Demo (6:02)
• 05 – Application and Open-Source Resources (11:52)
• 06 – Vulnerability Scanning (8:50)
• 07 – Vulnerability Scanning Demo (16:31)
• 08 – Target Considerations Part 1 (9:00)
• 08 – Target Considerations Part 2 (6:39)
• 09 – Nmap Timing and Performance Options (6:43)
• 10 – Prioritization of Vulnerabilities (9:17)
• 11 – Common Attack Techniques (12:17)
• 12 – Credential Attacks (14:41)
• 13 – Weaknesses in Specialized Systems (18:08)
• Surveying the Target Quiz

Chapter 3: Selection Your Attack Vector

• 01 – Remote Social Engineering (6:50)
• 02 – Spear Phishing Demo (10:19)
• 03 – In-Person Social Engineering (12:00)
• 04 – Network-Based Exploits (7:19)
• 05 – FTP Exploit Demo (8:28)
• 06 – Man-in-the-middle Exploits (7:18)
• 07 – Wireless Exploits (13:29)
• 08 – Application Exploits, Part 1 (5:41)
• 09 – SQL Injection Demo (8:48)
• 10 – Application Exploits, Part 2 (8:14)
• 11 – Application Exploits, Part 3 (9:15)
• 12 – Cross-Site Scripting Demo (7:11)
• 13 – Code Vulnerabilities – Part 1 (7:59)
• 13 – Code Vulnerabilities – Part 2 (8:49)
• 14 – Local Host Vulnerabilities (5:08)
• 15 – Privilege Escalation (Linux) (9:49)
• 16 – Privelege Escalation (Windows) (6:17)
• 17 – Misc. Privilege Escalation (8:07)
• 18 – Misc. Local Host Vulnerabilities (8:17)
• 19 – Physical Security (11:27)
• 20 – Post-Explitation Techniques (11:23)
• 21 – Persistence and Stealth (10:55)
• Selecting Your Attack Vector Quiz

Chapter 4: Selecting Pen Testing Tools

• 01 – Nmap Scoping and Output Options – Part 1 (9:59)
• 01 – Nmap Scoping and Output Options – Part 2 (11:15)
• 02 – Pen Testing Toolbox (6:59)
• 03 – Using Kali Linux (6:27)
• 04 – Scanners and Credential Tools (10:22)
• 05 – Code-Cracking Tools (4:35)
• 06 – Open-Source Research Tools (6:36)
• 07 – Wireless and Web Pen Testing Tools (11:03)
• 08 – Remote Access Tools (6:28)
• 09 – Analyzers and Mobile Pen Testing Tools (2:43)
• 10 – Other Pen Testing Tools (4:37)
• 11 – Using Scripting in Pen Testing (12:46)
• 12 – Bash Scripting Basics (15:10)
• 13 – Bash Scripting Techniques (10:21)
• 14 – PowerShell Scripts (4:16)
• 15 – Ruby Scripts (6:43)
• 16 – Python Scripts (5:59)
• 17 – Scripting Languages Comparison (11:06)
• Selecting Pen Testing Tools Quiz

Chapter 5: Reporting and Communication

• 01 – Writing Reports – Part 1 (8:00)
• 01 – Writing Reports – Part 2 (11:15)
• 02 – Post-Report Activities (5:36)
• 03 – Mitigation Strategies (5:13)
• 04 – Communications (9:54)
• Reporting and Communication Quiz