EC-Council, Cyber Security

EC-Council Certified Pentration Testing Professional (inclusive of certification exam voucher)

CH-CPENT

Type

Virtual

Classroom ILT

Skill Level

EC-Council: Advanced

Available dates

Learning Path

Cybersecurity

Virtual

Duration

5 Days

1 Day

TYPE

Virtual

Classroom ILT

LEARNING PATH

Cybersecurity

SKILL LEVEL

EC-Council: Advanced

DURATION

5 Days

AVAILABLE DATES

Choose date

From: R27 500,00

Price excluding VAT

Introduction

EC Council’s Certified Penetration Testing Professional (CPENT) is a rigorous Penetration Testing program that, unlike contemporary Penetration Testing courses, teaches you how to perform an effective Penetration test across filtered networks. CPENT is a multidisciplinary course with extensive hands-on training in a wide range of crucial skills, including advanced Windows attacks, Internet of Things (IoT) and Operational Technology (OT) systems, filtered network bypass techniques, exploit writing, single and double pivoting, advanced privilege escalation, and binary exploitation.

Audience profile

Ethical Hackers
Penetration Testers
Network Server Administrators
Firewall Administrators
Security Testers
System Administrators and Risk Assessment Professionals
Cybersecurity Forensic Analyst
Cyberthreat Analyst
Cloud Security Analyst
Information Security Analyst
Application Security Analyst
Cybersecurity Assurance Engineer
Security Operations Center (SOC) Analyst
Technical Operations Network Engineer
Information Security Engineer
Network Security Penetration Tester
Network Security Engineer
Information Security Architect

Pre-requisites

The knowledge and skills that a learner must have before attending this course is as follows:

Certified Network Defender CND certification
Certified Ethical Hacker CEH certification
Certified Ethical Hacker CEH practical completion

Course objectives

Upon completing this course, the learner will have the following knowledge and skills:

Advanced windows attacks
Attacking systems
Writing exploits: Advanced Binaries Exploitation
Bypassing a filtered network
Pentesting operational technology (OT)
Access hidden networks with pivoting
Double Pivoting
Privilege Escalation
Evading Defence mechanisms
Attack automation with scripts
Build your armoury: Weaponize your exploits
Write professionally reports

Course content

Module 01: Introduction to Penetration Testing and Methodologies
Penetration Testing Concepts	Guidelines and Recommendations for Penetration Testing
LPT Penetration Testing Methodology
Module 02: Penetration Testing Scoping and Engagement
Request for Proposal	Time/Location
Preparing Response Requirements for Proposal Submission	Frequency of meetings
Setting the Rules of Engagement	Time of Day
Establishing Communication Lines	Identifying Personnel for Assistance
Timeline	Handling Legal Issues in Penetration Testing Engagement
Preparing for the Test	Handling Scope Creeping During Pen Testing
Module 03: Open Source Intelligence (OSINT)
OSINT through the WWW	OSINT through DNS Interrogation
OSINT through Website Analysis	Automating the OSINT Process using Tools/Frameworks/Scripts
Module 04: Social Engineering Penetration Testing
Social Engineering Penetration Testing Concepts	Social Engineering Penetration Testing Using Physical Attack Vector
Social Engineering Penetration Testing Using E-mail Attack Vector	Reporting and Countermeasures / Recommendations
Social Engineering Penetration Testing Using Telephone Attack Vector
Module 05: Network Penetration Testing – External
Network Penetration Testing	Vulnerability Research
Port Scanning	Exploit Verification
OS and Service Fingerprinting
Module 06: Network Penetration Testing – Internal
Internal Network Penetration Testing	Vulnerability Assessment
Footprinting	Windows Exploitation
Network Scanning	Unix/Linux Exploitation
OS and Service Fingerprinting	Other Internal Network Exploitation Techniques
Enumeration	Automating Internal Network Penetration Test Effort
Post Exploitation	Advanced Tips and Techniques
Module 07: Network Penetration Testing – Perimeter Devices
Assessing Firewall Security Implementation	Assessing Security of Routers
Assessing IDS Security Implementation	Assessing Security of Switches
Module 08: Web Application Penetration Testing
White-Box or Black-Box?	Test for SQL Injection Vulnerabilities
Web Application Penetration Testing	Test for XSS Vulnerabilities
Discover Web Application Default Content	Test for Parameter Tampering
Discover Web Application Hidden Content	Test for Weak Cryptography Vulnerabilities
Conduct Web Vulnerability Scanning	Tests for Security Misconfiguration Vulnerabilities
Test for Client-Side Attack	Tests for Broken Authentication and Authorization Vulnerabilities
Tests for Broken Session Management Vulnerabilities	Test for Web Services Security
Test for Business Logic Flaws	Test for Web Server Vulnerabilities
Test for Thick Clients Vulnerabilities	WordPress Testing
Module 09: Wireless Penetration Testing
Wireless Local Area Network (WLAN) Penetration Testing	NFC Penetration Testing
RFID Penetration Testing
Module 10: IoT Penetration Testing
IoT Attacks and Threats	IoT Penetration Testing
Module 11: OT and SCADA Penetration Testing
OT/SCADA Concepts	ICS and SCADA Pen Testing
Modbus
Module 12: Cloud Penetration Testing
Cloud Computing Security and Concerns	Azure Specific Penetration Testing
Cloud Penetration Testing	Google Cloud Platform Specific Penetration Testing
AWS Specific Penetration Testing
Module 13: Binary Analysis and Exploitation
Binary Coding Concepts	Binary Analysis Methodology
Module 14: Report Writing and Post Testing Actions
Penetration Testing Report: An Overview	Post-Testing Actions for Organisations
Phases of Report Development	Penetration Testing Report Analysis
Report Components	Penetration Testing Report Delivery
Appendix A: Penetration Testing Essential Concepts
Computer Network Fundamentals	TCP/IP Protocol Suite: Link Layer Protocols
TCP/IP Protocol Suite	IP Addressing and Port Numbers
TCP/IP Protocol Suite: Application Layer Protocols	Network Terminology
TCP/IP Protocol Suite: Transport Layer Protocols	Network Security Controls
TCP/IP Protocol Suite: Internet Layer Protocols	Network Security Web Application Devices
Network File System (NFS)	Windows Security
Unix/Linux Security	Virtualization
Web Server	Web Markup and Programming Languages
Application Development Framework and their Vulnerabilities	Web API’s
Web Subcomponents	Web Application Security Mechanisms
Working of Most Common Information Security Attacks	Information Security Standards, Laws, and Acts
Appendix B: Fuzzing
Appendix C: Mastering Metasploit Framework
Appendix D: PowerShell Scripting
Appendix E: BASH Environment and Scripting
Appendix F: Python Environment and Scripting
Appendix G: Perl Environment and Scripting
Appendix H: Ruby Environment and Scripting
Appendix I: Active Directory Penetration Testing
Appendix J: Database Penetration Testing
Information Reconnaissance	Database Exploitation: Oracle
Database Enumeration: Oracle	Database Exploitation: MS SQL Server
Database Enumeration: MS SQL Server	Database Exploitation: MySQL
Database Enumeration: MySQL	Vulnerability and Exploit Research
Appendix K: Mobile Device Penetration Testing
Why Mobile Device Penetration Testing?	Server-side Infrastructure Penetration Testing
Communication Channel Penetration Testing	Application Penetration Testing
Appendix L: CEH Refresher
Network Penetration Testing: External	Network Penetration Testing: Perimeter Devices
Network Penetration Testing: Internal	Web Application Penetration Testing
Windows Exploitation	Wireless Penetration Testing
Other Internal Network Exploitation Techniques	Cloud Penetration Testing
Advanced Tips and Techniques

Associated Certifications & Exam

CPENT is a fully online, remotely proctored practical exam that evaluates candidates through a challenging 24-hour performance-based, hands-on exam
The exam is broken into two practical exams of 12 hours each that will test your perseverance and focus by forcing you to outdo yourself with each new challenge
Candidates have the option to choose either two 12-hour exams or one 24-hour exam

Exam Details	CPENT practical Exam
Exam Title	CPENT Exam Session 1	CPENT Exam Session 2
Number of Questions/Practical Challenges	5 Challenges (100 Pts)	5 Challenges (100 Pts)
Test Duration	12 Hours	12 Hours
Test Format
Test Delivery	ECC EXAM portal	ECC EXAM portal
Availability	ECC EXAM	ECC EXAM portal
Exam Prefix	412-80 (ECC EXAM)	412-80 (ECC EXAM)
Passing Score	70%	70%

Pen Test Report Submission (Within 7 days of Session 2)

On successful completion of this course students will receive a Torque IT attendance certificate.

Note:

When you attend any authorised EC Council training course at Torque IT you will receive the associated examination voucher as part of your course material. Your certification examination voucher can be used to book and pay for your certification examination at an Authorised EC Council Testing Center (ETC) only. If you are not able to sit your certification examination at Torque IT, and you have no other ETC locally available, you do have the ability to convert your examination voucher into a Pearson VUE examination voucher (Remote Procuring Services), at an additional cost.

EC-Council Overview

To beat a hacker, you need to think like one…

Ethical Hacking is the process of proactively penetrating systems, to which one has official permission to do so, with a view to determining whether vulnerabilities exist and then to undertake the necessary preventive, corrective, and protective countermeasures before an actual compromise to the systems can occur.

Torque IT’s authorised EC-Council training, and associated certification, solutions empower you to identify vulnerabilities and to assess the security posture of target systems. EC-Council certifications are universally recognised as demonstrating a high level of expertise and credibility for individuals and the organisations that employ them.

Torque IT being an EC-Council Accredited Training Center (ATC) has been the recipient of EC-Council’s most prestigious ATC of the year awards for 2016, 2014 and EC-Council’s Circle of Excellence Awards for 2015.

These achievements reflect our commitment to providing you with quality skills development, enablement, training, and certification solutions that demonstrate exceptional quality, depth and breadth.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

EC-Council Certified Pentration Testing Professional (inclusive of certification exam voucher)

Type

Skill Level

Available dates

Learning Path

Duration

TYPE

Virtual

Classroom ILT

LEARNING PATH

SKILL LEVEL

DURATION

AVAILABLE DATES

Price excluding VAT

EC-Council Overview

contact

Vendor
Authorised

Details

Menu

newsletter

EC-Council Certified Pentration Testing Professional (inclusive of certification exam voucher)

Type

Skill Level

Available dates

Learning Path

Duration

TYPE

Virtual

Classroom ILT

LEARNING PATH

SKILL LEVEL

DURATION

AVAILABLE DATES

Price excluding VAT

EC-Council Overview

contact

Vendor Authorised

Details

Menu

newsletter

Vendor
Authorised