CompTIA

CSC-260ᅠEthical Hacking & Intrusion Detection

(TUI-CSC-260.AB1) / ISBN : 978-1-64459-786-6
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Instructor-Led (Add-on)
Get A Free Trial

Skills You’ll Get

Get the support you need. Enroll in our Instructor-Led Course.

Download Course Outline

1

Penetration Testing through Vulnerability Scoring

  • The Goals of the CompTIA PenTest+ Certification
  • The Exam Objectives (Domains)
  • Steps to Earning the PenTest+ Certification
  • Facts About the PenTest+ Exam
  • About the CompTIA PenTest+ PT0-002 Cert Guide
  • Understanding Ethical Hacking and Penetration Testing
  • Exploring Penetration Testing Methodologies
  • Building Your Own Lab
  • Comparing and Contrasting Governance, Risk, and Compliance Concepts
  • Explaining the Importance of Scoping and Organizational or Customer Requirements
  • Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity
  • Performing Passive Reconnaissance
  • Performing Active Reconnaissance
  • Understanding the Art of Performing Vulnerability Scans
  • Understanding How to Analyze Vulnerability Scan Results
2

Social Engineering and Exploiting Wired and Wireless Networks

  • Pretexting for an Approach and Impersonation
  • Social Engineering Attacks
  • Physical Attacks
  • Social Engineering Tools
  • Methods of Influence
  • Exploiting Network-Based Vulnerabilities
  • Exploiting Wireless Vulnerabilities
  • Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10
  • How to Build Your Own Web Application Lab
  • Understanding Business Logic Flaws
  • Understanding Injection-Based Vulnerabilities
  • Exploiting Authentication-Based Vulnerabilities
  • Exploiting Authorization-Based Vulnerabilities
  • Understanding Cross-Site Scripting (XSS) Vulnerabilities
  • Understanding Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery Attacks
  • Understanding Clickjacking
  • Exploiting Security Misconfigurations
  • Exploiting File Inclusion Vulnerabilities
  • Exploiting Insecure Code Practices
3

Cloud, Mobile, and IoT Security

  • Researching Attack Vectors and Performing Attacks on Cloud Technologies
  • Explaining Common Attacks and Vulnerabilities Against Specialized Systems
  • Creating a Foothold and Maintaining Persistence After Compromising a System
  • Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration
4

Reporting and Communication

  • Comparing and Contrasting Important Components of Written Reports
  • Analyzing the Findings and Recommending the Appropriate Remediation Within a Report
  • Explaining the Importance of Communication During the Penetration Testing Process
  • Explaining Post-Report Delivery Activities
  • Understanding the Basic Concepts of Scripting and Software Development
  • Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code

1

Penetration Testing through Vulnerability Scoring

  • Performing Zone Transfer Using dig
  • Using dnsrecon
  • Using Recon-ng to Gather Information
  • Performing Reconnaissance on a Network
  • Performing a UDP Scan Using Nmap
  • Using Nmap for User Enumeration
  • Using Nmap for Network Enumeration
  • Performing Nmap SYN Scan
  • Conducting Vulnerability Scanning Using Nessus
2

Social Engineering and Exploiting Wired and Wireless Networks

  • Using BeEF
  • Using the SET Tool to Plan an Attack
  • Using the EternalBlue Exploit in Metasploit
  • Simulating the DDoS Attack
  • Performing a DHCP Starvation Attack
  • Understanding the Pass-the-hash Attack
  • Performing ARP Spoofing
  • Exploiting SMTP
  • Exploiting SNMP
  • Searching Exploits Using searchsploit
  • Exploiting SMB
  • Conducting a Cross Site Scripting (XXS) attack
  • Using curl to Make the HTTP GET Request
  • Capturing Network Packets Using tcpdump
  • Exploiting Command Injection Vulnerabilities
  • Exploiting a Website Using SQL Injection
  • Performing Session Hijacking Using Burp Suite
  • Cracking Passwords
  • Conducting a Cross-Site Request Forgery Attack
3

Cloud, Mobile, and IoT Security

  • Understanding Local Privilege Escalation
  • Using OWASP ZAP
  • Using the Task Scheduler
  • Writing Bash Shell Script
  • Performing a Scan in Zenmap
  • Using dig and nslookup Commands
  • Creating Reverse and Bind Shells Using Netcat
  • Hiding Text Using Steganography
  • Using the Metasploit RDP Post-Exploitation Module
4

Reporting and Communication

  • Finding Live Hosts by Using the Ping Sweep in Python
  • Whitelisting an IP Address in the Windows Firewall
  • Viewing Exploits Written in Perl
  • Viewing the Effects of Hostile JavaScript in the Browser
  • Using Meterpreter to Display the System Information
  • Performing Vulnerability Scanning Using OpenVAS
  • Enumerating Data Using enum4linux
  • Using Maltego to Gather Information
  • Cracking a Linux Password Using John the Ripper

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

Related Courses

All Courses
We use cookies for improving site experience and analytics. Learn More