Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Provider Logo

Ethical Hacking: Penetration Testing

via LinkedIn Learning

Overview

The only way to know your systems are secure is to test them. Learn how to use penetration testing to check for vulnerabilities in computers, networks, applications, email, and people.

You've done everything you can to logically secure your systems, along with layering in user education and providing physical security. However, the only way to know if your defenses will hold is to test them. This course looks at one of the most important skills of any IT security professional: penetration testing. Penetration testing is the process to check if a computer, system, network, or web application has any vulnerabilities. Cybersecurity expert Lisa Bock reviews the steps involved in performing a worthwhile penetration test, including auditing systems, listing and prioritizing vulnerabilities, and mapping out attack points a hacker might target. She also defines the various types of "pen" tests—such as black, grey, and white box; announced vs. unannounced; and automated vs. manual testing—and the techniques and blueprints a pen tester should use to test everything from Wi-Fi to VoIP. Finally, she discusses how to choose and work with an outsourced pen-testing organization, which can bring a valuable outsider's perspective to your IT security efforts.

Syllabus

Introduction
  • Testing an organization's defenses
  • Getting the most out of this course
  • Hacking ethically
1. Organizational Penetration Testing
  • Understanding penetration testing
  • Auditing security mechanisms
  • Managing risk
  • Locating security vulnerabilities
  • Identifying the attack vectors
  • Challenge: Compare pen tests from a vulnerability scan
  • Solution: Compare pen tests from a vulnerability scan
2. Types of Penetration Testing
  • Black, gray, and white-box testing
  • Checking from the outside in
  • Looking inside the organization
  • Testing using other methods
3. Pen Testing Techniques
  • Following a structured plan
  • Planning the pen test
  • Attacking the system
  • Delivering the results
  • Challenge: Explain the NIST Framework five core functions
  • Solution: Explain the NIST Framework five core functions
4. Pen Testing Blueprint
  • Checking physical security
  • Wireless penetration testing
  • Breach the website and the database
  • Leaking data via email or VoIP
  • Social engineering
5. Outsourcing Penetration Testing
  • Defining the project scope
  • Outsourcing penetration testing
  • Hiring consultants
  • Agreeing on terms
Conclusion
  • What's next

Taught by

Lisa Bock

Related Courses

Reviews

0.0 rating, based on 0 reviews

Start your review of Ethical Hacking: Penetration Testing

Never stop learning Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free