CompTIA

CYS4710 - Advanced Penetration Testing

(ANC-CYS4710.AB1)
Lessons
Lab
TestPrep
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Introduction to Ethical Hacking, Penetration Testing, Planning and Scoping

  • Understanding Ethical Hacking and Penetration Testing
  • Exploring Penetration Testing Methodologies
  • Building Your Own Lab
  • Comparing and Contrasting Governance, Risk, and Compliance Concepts
  • Explaining the Importance of Scoping and Organizational or Customer Requirements
  • Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity
2

Information Gathering, Vulnerability Scanning and Social Engineering Attacks

  • Performing Passive Reconnaissance
  • Performing Active Reconnaissance
  • Understanding the Art of Performing Vulnerability Scans
  • Understanding How to Analyze Vulnerability Scan Results
  • Pretexting for an Approach and Impersonation
  • Social Engineering Attacks
  • Physical Attacks
  • Social Engineering Tools
  • Methods of Influence
3

Exploiting Wired, Wireless Networks, and Application-Based Vulnerabilities

  • Exploiting Network-Based Vulnerabilities
  • Exploiting Wireless Vulnerabilities
  • Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10
  • How to Build Your Own Web Application Lab
  • Understanding Business Logic Flaws
  • Understanding Injection-Based Vulnerabilities
  • Exploiting Authentication-Based Vulnerabilities
  • Exploiting Authorization-Based Vulnerabilities
  • Understanding Cross-Site Scripting (XSS) Vulnerabilities
  • Understanding Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery Attacks
  • Understanding Clickjacking
  • Exploiting Security Misconfigurations
  • Exploiting File Inclusion Vulnerabilities
  • Exploiting Insecure Code Practices
4

Cloud, Mobile, IoT Security and Performing Post-Exploitation Techniques

  • Researching Attack Vectors and Performing Attacks on Cloud Technologies
  • Explaining Common Attacks and Vulnerabilities Against Specialized Systems
  • Creating a Foothold and Maintaining Persistence After Compromising a System
  • Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration
5

Reporting, Communication, Tools and Code Analysis

  • Comparing and Contrasting Important Components of Written Reports
  • Analyzing the Findings and Recommending the Appropriate Remediation Within a Report
  • Explaining the Importance of Communication During the Penetration Testing Process
  • Explaining Post-Report Delivery Activities
  • Understanding the Basic Concepts of Scripting and Software Development
  • Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code

1

Information Gathering, Vulnerability Scanning and Social Engineering Attacks

  • Performing a UDP Scan Using Nmap
  • Using Nmap for User Enumeration
  • Using BeEF
  • Using the SET Tool to Plan an Attack
2

Exploiting Wired, Wireless Networks, and Application-Based Vulnerabilities

  • Exploiting SMTP
  • Exploiting SNMP
  • Exploiting a Website Using SQL Injection
  • Performing Session Hijacking Using Burp Suite
3

Cloud, Mobile, IoT Security and Performing Post-Exploitation Techniques

  • Understanding Local Privilege Escalation
  • Using dig and nslookup Commands
  • Hiding Text Using Steganography
  • Using the Metasploit RDP Post-Exploitation Module
4

Reporting, Communication, Tools and Code Analysis

  • Whitelisting an IP Address in the Windows Firewall

Related Courses

All Courses