Cyber Security, EC-Council, EC-Council Self-Paced

EC-Council Certified Penetration Testing Professional – Self-Paced (Incl. Exam Voucher)

CH-CPENT-SP

Type

Skill Level

EC-Council: Advanced

Available dates

Learning Path

Cybersecurity

Virtual

Duration

1 Year

1 Day

LEARNING PATH

Cybersecurity

SKILL LEVEL

EC-Council: Advanced

DURATION

1 Year

AVAILABLE DATES

Choose date

R26 400,00

Price excluding VAT

Introduction

EC Council’s Certified Penetration Testing Professional (CPENT) is a rigorous Penetration Testing program that, unlike contemporary Penetration Testing courses, teaches you how to perform an effective Penetration test across filtered networks. CPENT is a multidisciplinary course with extensive hands-on training in a wide range of crucial skills, including advanced Windows attacks, Internet of Things (IoT) and Operational Technology (OT) systems, filtered network bypass techniques, exploit writing, single and double pivoting, advanced privilege escalation, and binary exploitation.

The key to being a highly skilled Penetration Tester is to go up against various targets that are configured in a variety of ways. The CPENT consists of entire network segments that replicate an enterprise network — this is not a computer game simulation; this is an accurate representation of an enterprise network that will present the latest challenges to the Penetration Tester.

Audience profile

Ethical Hackers
Penetration Testers
Network Server Administrators
Firewall Administrators
Security Testers
System Administrators and Risk Assessment Professionals
Cybersecurity Forensic Analyst
Cyberthreat Analyst
Cloud Security Analyst
Information Security Analyst
Application Security Analyst
Cybersecurity Assurance Engineer
Security Operations Center (SOC) Analyst
Technical Operations Network Engineer
Information Security Engineer
Network Security Penetration Tester
Network Security Engineer
Information Security Architect

Pre-requisites

The knowledge and skills that a learner must have before attending this course is as follows:

Certified Network Defender CND certification
Certified Ethical Hacker CEH certification
Certified Ethical Hacker CEH practical completion

What is EC-Council iLearn?

iLearn is EC Council’s online, self-paced option which means that all of the same modules taught in the live course are recorded and presented in a streaming video format. A certification candidate can set their own learning pace by pausing the lectures and returning to their studies as their schedule permits! This all-inclusive training program provides the benefits of classroom training at your own pace.

What is included?

Streaming video training modules – 1 year access
Official EC-Council E-Courseware – 1 year access
iLabs, Virtual Lab Platform – 6 months access
One Certification exam voucher
One Certificate of Attendance

How to Access the iLearn Portal?

All learning resources will be released directly to the delegate and a notification will be shared via email after your booking is complete. You may then login anytime to https://iclass.eccouncil.org/my-courses/

Course objectives

Upon completing this course, the learner will have the following knowledge and skills:

Advanced windows attacks
Attacking systems
Writing exploits: Advanced Binaries Exploitation
Bypassing a filtered network
Pentesting operational technology (OT)
Access hidden networks with pivoting
Double Pivoting
Privilege Escalation
Evading Defence mechanisms
Attack automation with scripts
Build your armoury: Weaponize your exploits
Write professionally reports

Course content

Module 01: Introduction to Penetration Testing and Methodologies
Penetration Testing Concepts	Guidelines and Recommendations for Penetration Testing
LPT Penetration Testing Methodology
Module 02: Penetration Testing Scoping and Engagement
Request for Proposal	Time/Location
Preparing Response Requirements for Proposal Submission	Frequency of meetings
Setting the Rules of Engagement	Time of Day
Establishing Communication Lines	Identifying Personnel for Assistance
Timeline	Handling Legal Issues in Penetration Testing Engagement
Preparing for the Test	Handling Scope Creeping During Pen Testing
Module 03: Open Source Intelligence (OSINT)
OSINT through the WWW	OSINT through DNS Interrogation
OSINT through Website Analysis	Automating the OSINT Process using Tools/Frameworks/Scripts
Module 04: Social Engineering Penetration Testing
Social Engineering Penetration Testing Concepts	Social Engineering Penetration Testing Using Physical Attack Vector
Social Engineering Penetration Testing Using E-mail Attack Vector	Reporting and Countermeasures/Recommendations
Social Engineering Penetration Testing Using Telephone Attack Vector
Module 05: Network Penetration Testing – External
Network Penetration Testing	Vulnerability Research
Port Scanning	Exploit Verification
OS and Service Fingerprinting
Module 06: Network Penetration Testing – Internal
Internal Network Penetration Testing	Vulnerability Assessment
Footprinting	Windows Exploitation
Network Scanning	Unix/Linux Exploitation
OS and Service Fingerprinting	Other Internal Network Exploitation Techniques
Enumeration	Automating Internal Network Penetration Test Effort
Post Exploitation	Advanced Tips and Techniques
Module 07: Network Penetration Testing – Perimeter Devices
Assessing Firewall Security Implementation	Assessing Security of Routers
Assessing IDS Security Implementation	Assessing Security of Switches
Module 08: Web Application Penetration Testing
White-Box or Black-Box?	Test for SQL Injection Vulnerabilities
Web Application Penetration Testing	Test for XSS Vulnerabilities
Discover Web Application Default Content	Test for Parameter Tampering
Discover Web Application Hidden Content	Test for Weak Cryptography Vulnerabilities
Conduct Web Vulnerability Scanning	Tests for Security Misconfiguration Vulnerabilities
Test for Client-Side Attack	Tests for Broken Authentication and Authorization Vulnerabilities
Tests for Broken Session Management Vulnerabilities	Test for Web Services Security
Test for Business Logic Flaws	Test for Web Server Vulnerabilities
Test for Thick Clients Vulnerabilities	WordPress Testing
Module 09: Wireless Penetration Testing
Wireless Local Area Network (WLAN) Penetration Testing	NFC Penetration Testing
RFID Penetration Testing
Module 10: IoT Penetration Testing
IoT Attacks and Threats	IoT Penetration Testing
Module 11: OT and SCADA Penetration Testing
OT/SCADA Concepts	ICS and SCADA Pen Testing
Modbus
Module 12: Cloud Penetration Testing
Cloud Computing Security and Concerns	Azure Specific Penetration Testing
Cloud Penetration Testing	Google Cloud Platform Specific Penetration Testing
AWS Specific Penetration Testing
Module 13: Binary Analysis and Exploitation
Binary Coding Concepts	Binary Analysis Methodology
Module 14: Report Writing and Post Testing Actions
Penetration Testing Report: An Overview	Post-Testing Actions for Organisations
Phases of Report Development	Penetration Testing Report Analysis
Report Components	Penetration Testing Report Delivery
Appendix A: Penetration Testing Essential Concepts
Computer Network Fundamentals	TCP/IP Protocol Suite: Link Layer Protocols
TCP/IP Protocol Suite	IP Addressing and Port Numbers
TCP/IP Protocol Suite: Application Layer Protocols	Network Terminology
TCP/IP Protocol Suite: Transport Layer Protocols	Network Security Controls
TCP/IP Protocol Suite: Internet Layer Protocols	Network Security Web Application Devices
Network File System (NFS)	Windows Security
Unix/Linux Security	Virtualization
Web Server	Web Markup and Programming Languages
Application Development Framework and their Vulnerabilities	Web API’s
Web Subcomponents	Web Application Security Mechanisms
Working of Most Common Information Security Attacks	Information Security Standards, Laws, and Acts
Appendix B: Fuzzing
Appendix C: Mastering Metasploit Framework
Appendix D: PowerShell Scripting
Appendix E: BASH Environment and Scripting
Appendix F: Python Environment and Scripting
Appendix G: Perl Environment and Scripting
Appendix H: Ruby Environment and Scripting
Appendix I: Active Directory Penetration Testing
Appendix J: Database Penetration Testing
Information Reconnaissance	Database Exploitation: Oracle
Database Enumeration: Oracle	Database Exploitation: MS SQL Server
Database Enumeration: MS SQL Server	Database Exploitation: MySQL
Database Enumeration: MySQL	Vulnerability and Exploit Research
Appendix K: Mobile Device Penetration Testing
Why Mobile Device Penetration Testing?	Server-side Infrastructure Penetration Testing
Communication Channel Penetration Testing	Application Penetration Testing
Appendix L: CEH Refresher
Network Penetration Testing: External	Network Penetration Testing: Perimeter Devices
Network Penetration Testing: Internal	Web Application Penetration Testing
Windows Exploitation	Wireless Penetration Testing
Other Internal Network Exploitation Techniques	Cloud Penetration Testing
Advanced Tips and Techniques

Associated Certifications & Exam

CPENT is a fully online, remotely proctored practical exam that evaluates candidates through a challenging 24-hour performance-based, hands-on exam.

The exam is broken into two practical exams of 12 hours each that will test your perseverance and focus by forcing you to outdo yourself with each new challenge.

Candidates have the option to choose either two 12-hour exams or one 24-hour exam.

Exam Details	CPENT practical Exam
Exam Title	CPENT Exam Session 1	CPENT Exam Session 2
Number of Questions/Practical Challenges	5 Challenges (100 Pts)	5 Challenges (100 Pts)
Test Duration	12 Hours	12 Hours
Test Format
Test Delivery	ECC EXAM portal	ECC EXAM portal
Availability	ECC EXAM	ECC EXAM portal
Exam Prefix	412-80 (ECC EXAM)	412-80 (ECC EXAM)
Passing Score	70%	70%

Pen Test Report Submission (Within 7 days of Session 2)

On successful completion of this course students will receive a Torque IT attendance certificate.

Note:

When you attend any authorised EC Council training course at Torque IT you will receive the associated examination voucher as part of your course material. Your certification examination voucher can be used to book and pay for your certification examination at an Authorised EC Council Testing Center (ETC) only. If you are not able to sit your certification examination at Torque IT, and you have no other ETC locally available, you do have the ability to convert your examination voucher into a Pearson VUE examination voucher (Remote Procuring Services), at an additional cost.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

EC-Council Certified Penetration Testing Professional – Self-Paced (Incl. Exam Voucher)

Type

Skill Level

Available dates

Learning Path

Duration

LEARNING PATH

SKILL LEVEL

DURATION

AVAILABLE DATES

Price excluding VAT

Introduction

Audience profile

Pre-requisites

What is EC-Council iLearn?

What is included?

How to Access the iLearn Portal?

Course objectives

Course content

Associated Certifications & Exam

contact

Vendor
Authorised

Details

Menu

newsletter

EC-Council Certified Penetration Testing Professional – Self-Paced (Incl. Exam Voucher)

Type

Skill Level

Available dates

Learning Path

Duration

LEARNING PATH

SKILL LEVEL

DURATION

AVAILABLE DATES

Price excluding VAT

Introduction

Audience profile

Pre-requisites

What is EC-Council iLearn?

What is included?

How to Access the iLearn Portal?

contact

Vendor Authorised

Details

Menu

newsletter

Vendor
Authorised