CompTIA

CYBR 4547 Advanced Penetration Testing

(MTC-CYBR4547.AE1)
Lessons
Lab
TestPrep
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Today's Cybersecurity Analyst

  • Building a Secure Network
  • Cybersecurity Objectives
  • Privacy vs. Security
  • Evaluating Security Risks
  • Secure Endpoint Management
  • Penetration Testing
  • Reverse Engineering
  • Efficiency and Process Improvement
  • The Future of Cybersecurity Analytics
  • Summary
  • Lab Exercises
2

System and Network Architecture

  • Infrastructure Concepts and Design
  • Operating System Concepts
  • Logging, Logs, and Log Ingestion
  • Network Architecture
  • Identity and Access Management
  • Encryption and Sensitive Data Protection
  • Summary
  • Lab Exercises
3

Malicious Activity

  • Analyzing Network Events
  • Investigating Host-Related Issues
  • Investigating Service- and Application-Related Issues
  • Determining Malicious Activity Using Tools and Techniques
  • Summary
  • Lab Exercises
4

Threat Intelligence

  • Threat Data and Intelligence
  • Threat Classification
  • Applying Threat Intelligence Organizationwide
  • Summary
  • Lab Exercises
5

Reconnaissance and Intelligence Gathering

  • Mapping, Enumeration, and Asset Discovery
  • Passive Discovery
  • Summary
  • Lab Exercises
6

Designing a Vulnerability Management Program

  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Developing a Remediation Workflow
  • Overcoming Risks of Vulnerability Scanning
  • Vulnerability Assessment Tools
  • Summary
  • Lab Exercises
7

Analyzing Vulnerability Scans

  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
  • Summary
  • Lab Exercises
8

Responding to Vulnerabilities

  • Analyzing Risk
  • Managing Risk
  • Implementing Security Controls
  • Threat Classification
  • Managing the Computing Environment
  • Software Assurance Best Practices
  • Designing and Coding for Security
  • Software Security Testing
  • Policies, Governance, and Service Level Objectives
  • Summary
  • Lab Exercises
9

Building an Incident Response Program

  • Security Incidents
  • Phases of Incident Response
  • Building the Foundation for Incident Response
  • Creating an Incident Response Team
  • Classifying Incidents
  • Attack Frameworks
  • Summary
  • Lab Exercises
10

Incident Detection and Analysis

  • Indicators of Compromise
  • Investigating IoCs
  • Evidence Acquisition and Preservation
  • Summary
  • Lab Exercises
11

Containment, Eradication, and Recovery

  • Containing the Damage
  • Incident Eradication and Recovery
  • Validating Data Integrity
  • Wrapping Up the Response
  • Summary
  • Lab Exercises
12

Reporting and Communication

  • Vulnerability Management Reporting and Communication
  • Incident Response Reporting and Communication
  • Summary
  • Lab Exercises
13

Performing Forensic Analysis and  Techniques for Incident Response

  • Building a Forensics Capability
  • Understanding Forensic Software
  • Conducting Endpoint Forensics
  • Network Forensics
  • Cloud, Virtual, and Container Forensics
  • Post-Incident Activity and Evidence Acquisition
  • Forensic Investigation: An Example
  • Summary
  • Lab Exercises

1

Today's Cybersecurity Analyst

  • Creating a Firewall Rule
  • Setting Up a Honeypot on Kali Linux
2

System and Network Architecture

  • Installing Docker
  • Viewing the Windows File Registry
  • Installing the AD FS Role
  • Examining PKI Certificates
3

Malicious Activity

  • Confirming the Spoofing Attack in Wireshark
  • Performing a DoS Attack with the SYN Flood
  • Using Social Engineering Techniques to Plan an Attack
  • Using Performance Monitor
  • Performing a Memory-Based Attack
  • Using Command-line Tools
  • Analyzing Malware Using Virustotal
  • Using TCPdump to Capture Packets
  • Enabling Logging for Audited Objects
  • Examining Audited Events
  • Capturing a Packet Using Wireshark
4

Threat Intelligence

  • Examining MITRE ATT&CK
5

Reconnaissance and Intelligence Gathering

  • Footprinting a Website
  • Performing an Intense Scan in Zenmap
  • Using Shodan to Find Webcams
  • Using Recon-ng to Gather Information
  • Identifying Search Options in Metasploit
  • Performing Reconnaissance on a Network
  • Scanning the Local Network
  • Using the hping Program
  • Making Syslog Entries Readable
  • Performing Zone Transfer Using dig
  • Using the netstat Command
  • Using the whois Program
  • Using nslookup for Passive Reconnaissance
6

Designing a Vulnerability Management Program

  • Using OWASP ZAP
  • Consulting a Vulnerability Database
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Vulnerability Scanning Using OpenVAS
  • Performing Session Hijacking Using Burp Suite
  • Using Nikto
7

Analyzing Vulnerability Scans

  • Exploiting LFI and RFI Vulnerabilities
  • Exploiting a Website Using SQL Injection
  • Conducting CSRF Attacks
  • Defending Against a Buffer Overflow Attack
  • Understanding Local Privilege Escalation
  • Performing a MITM Attack
  • Detecting Rootkits
  • Attacking a Website Using XSS Injection
8

Incident Detection and Analysis

  • Creating a Forensic Image with FTK Imager
9

Performing Forensic Analysis and  Techniques for Incident Response

  • Using EnCase Imager
  • Observing an MD5-Generated Hash Value
  • Analyzing Forensics with Autopsy
  • Observing a SHA256-Generated Hash Value
  • Cracking Passwords Using Cain and Abel
  • Completing the Chain of Custody
  • Finding Hard Drives on the System

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

Related Courses

All Courses
We use cookies for improving site experience and analytics. Learn More