Vanaf € 422,29 € 349,00

Vanaf € 422,29 € 349,00

Extra opties

1 x Training: CompTIA PenTest+ (PT0-002)   + € 422,29 € 349,00
€ 349,00
Incl. BTW

Snel navigeren naar:

  • Inhoud
  • Voordelen
  • Specificaties
  • Reviews
  • More information
  • FAQ

Productinformatie

Het nieuwe PenTest+ (PT0-002) examen gaat in oktober 2021 van start!

Penetratietests zijn een gecoördineerde en gesimuleerde cyberaanvallen die worden gebruikt om de beveiliging van een computersysteem of computernetwerk te evalueren. Deze training helpt je om je voor te bereiden op het CompTIA PenTest+ (PT0-002) certificeringsexamen.

Je begint met het verkennen van de basisprincipes van penetratietesten, inclusief een vergelijking van governance-, risico- en compliance-concepten. Je leert hoe je een ethische hackmentaliteit kunt ontwikkelen door integriteit en professionaliteit te behouden tijdens penetratietestoefeningen. Je leert hoe je informatie kunt verzamelen met behulp van verschillende passieve verkenningstechnieken, zoals DNS-lookups, cryptografische fouten en scraping op sociale media. Na passieve verkenning ga je ontdekken hoe je actieve verkenningstechnieken kunt gebruiken, zoals telling en websiteverkenning, die vaak worden gebruikt om informatie te verzamelen over hosts, services en websites

Je leert om de instellingen van de kwetsbaarheidsscanner te configureren en doelen te scannen op kwetsbaarheden. Je zal de verschillende soorten scanmethoden verkennen, evenals tools voor het testen van kwetsbaarheden en algemene scanthema's. Netwerkaanvallen worden vaak uitgevoerd om ongeautoriseerde toegang te krijgen tot het netwerk van een organisatie, met als doel het uitvoeren van kwaadaardige activiteiten of het stelen van gegevens. Je leert hoe je aanvalsvectoren onderzoekt en netwerk- en applicatiegebaseerde aanvallen uitvoert, evenals aanvallen op Cloud technologieën. Vervolgens verken je veelvoorkomende aanvalsmethoden voor draadloze netwerken, waaronder afluisteren, gegevensmodificatie, gegevenscorruptie, relay-aanvallen, spoofing, jamming, on-path en capture-handshakes.

Social engineering omvat de psychologische manipulatie van mensen en wordt gebruikt om hen te misleiden om informatie te onthullen of bepaalde acties uit te voeren. Je leert hoe social engineering-aanvallen worden uitgevoerd en hoe ze door aanvallers kunnen worden gebruikt. Cybercriminelen gebruiken post-exploitatietechnieken om een niveau van toegang te behouden terwijl ze andere acties proberen uit te voeren tijdens een open sessie. Je leert over post-exploitatie technieken en tools.

Ten slotte wordt een schriftelijk eindrapport opgesteld door een penetratietester of testteam om alle bevindingen en aanbevelingen voor de klant te documenteren. Je leert de essentiële componenten van een schriftelijk rapport, evenals het belang van communicatie tijdens het penetratietestproces

Inhoud van de training

CompTIA PenTest+ (PT0-002)

33 uur

CompTIA PenTest+ (PT0-002): Scoping & Engagement

  • Penetration testing is a coordinated and simulated cyberattack

  • used to evaluate the security of a computer system or computer
  • network. The initial and critical planning phase of penetration
  • testing is key to a successful engagement process. In this course,
  • you'll explore the fundamentals of penetration testing, including a
  • comparison of governance, risk, and compliance concepts. You'll
  • examine legal concepts such as service level agreements, statements
  • of work, non-disclosure agreements, and master service agreements.
  • You'll learn the importance of scoping and organizational and
  • customer requirements, including common standards and
  • methodologies, rules of engagement, environmental considerations,
  • target list definition, and scope of the engagement validation.
  • This course is one of a collection that helps prepare learners for
  • the CompTIA PenTest+ (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Professionalism & Integrity

  • Penetration testers must be ethical in order to avoid any

  • illegal activities and to best serve clients. In this course,
  • you'll learn how to develop and demonstrate an ethical hacking
  • mindset by maintaining integrity and professionalism during
  • penetration testing exercises. You'll explore the importance of
  • performing background checks on penetration testing team members
  • and adhering to the scope of engagement. You'll then examine how to
  • identify, handle, and report on security breaches and potential
  • findings of a criminal nature. You'll learn how to limit the use of
  • tools for a particular engagement and invasiveness based on scope.
  • Lastly, you'll learn the importance of maintaining data and
  • information confidentiality of data and information and explore
  • risks to penetration testing team members. This course is one of a
  • collection that helps prepare learners for the CompTIA PenTest+
  • (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Passive Reconnaissance

  • One of the main responsibilities of a penetration tester is to

  • gather information by way of reconnaissance. Simply put,
  • reconnaissance is the process of collecting as much information as
  • possible about a target. In this course, you'll learn how to gather
  • information using various passive reconnaissance techniques such as
  • DNS lookups, cryptographic flaws, and social media scraping. You'll
  • learn how to differentiate between cloud and self-hosted
  • reconnaissance and examine valuable data found in password dumps,
  • metadata, and public source-code repositories. You'll also explore
  • how to use open source intelligence techniques, tools, and sources
  • to exploit weaknesses and gather intelligence. This course will
  • help prepare learners for the CompTIA PenTest+ PT0-002
  • certification exam.

CompTIA PenTest+ (PT0-002): Active Reconnaissance

  • Active reconnaissance requires a penetration tester to engage

  • and interact with the targeted system to gather information and
  • identify vulnerabilities. To do this, penetration testers can use
  • several different methods including automated scanning and manual
  • testing techniques. In this course, you'll learn how to use active
  • reconnaissance techniques such as enumeration and web site
  • reconnaissance, which are commonly used to gather intelligence
  • about hosts, services, and web sites. You'll also learn about
  • packet crafting, tokens, wardriving, network traffic, active
  • fingerprinting, and defense detection and avoidance techniques.
  • This course is one of a collection that helps prepare learners for
  • the CompTIA PenTest+ (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Vulnerability Scanning

  • Vulnerability scanning is a process used to assess systems for

  • known weaknesses. In this course, you'll learn how to configure
  • vulnerability scanner settings and scan targets for
  • vulnerabilities. You'll explore the different types of scanning
  • methods, as well as vulnerability testing tools and common scanning
  • themes. Next, you'll learn how to perform a scan analysis. You'll
  • also examine the Nmap utility, which is designed to discover hosts
  • and services on a computer network. You'll move on to explore Nmap
  • Scripting Engine scripts and the numerous switches included in the
  • Nmap utility that can helpful in penetration testing. Lastly,
  • you'll learn about vulnerability testing tools that can help
  • facilitate automation. This course is one of a collection that
  • helps prepare learners for the CompTIA PenTest+ (PT0-002)
  • certification exam.

CompTIA PenTest+ (PT0-002): Network Attacks & Exploits

  • Network attacks are commonly performed to gain unauthorized

  • access to an organization's network, with a goal of performing
  • malicious activity or stealing data. In this course, you'll learn
  • how to research attack vectors and perform network attacks. You'll
  • learn about password attacks such as password spraying, hash
  • cracking, brute force, and dictionary. You'll explore how to
  • perform common network attacks such as ARP poisoning, on-path,
  • kerberoasting, virtual local area network hopping, as well as
  • Link-Local Multicast Name Resolution and NetBIOS Name Service
  • poisoning. Finally, you'll explore common network attack tools such
  • as Metasploit, Netcat, and Nmap. This course is one of a collection
  • that helps prepare learners for the CompTIA PenTest+ (PT0-002)
  • certification exam.

CompTIA PenTest+ (PT0-002): Wireless Attacks

  • The goal of a wireless network attack is generally to capture

  • information sent across the network. In this course, you'll learn
  • how to research attack vectors and perform wireless attacks. You'll
  • explore common wireless network attack methods including
  • eavesdropping, data modification, data corruption, relay attacks,
  • spoofing, jamming, on-path, and capture handshakes. You'll then
  • learn about common network attacks such as evil twin, bluejacking,
  • bluesnarfing, radio-frequency identification cloning, amplification
  • attacks, and Wi-Fi protected setup PIN attacks. Lastly, you'll
  • discover how to use aircrack-ng suite and amplified antenna
  • wireless network attack tools. This course is one of a collection
  • that helps prepare learners for the CompTIA PenTest+ (PT0-002)
  • certification exam.

CompTIA PenTest+ (PT0-002): Application-based Attacks

  • Application-based attacks are designed to deliberately cause a

  • fault in a computer's operating system or applications. In this
  • course, you'll learn how to research attack vectors and perform
  • application-based attacks. You'll explore the benefits of the OWASP
  • Top 10 standard awareness document, which is used to present the
  • most critical security risks to web applications. You'll examine
  • application-based attacks such as server-side request forgery,
  • business logic flaws, and injection attacks. You'll move on to
  • learn about application vulnerabilities such as race conditions,
  • lack of code signing, and session attacks, as well as the
  • characteristics of API attacks such as Restful, Soap, and
  • Extensible Markup Language-Remote Procedure Call. Lastly, you'll
  • learn about application-based attack tools and resources. This
  • course is one of a collection that helps prepare learners for the
  • CompTIA PenTest+ (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Attacks on Cloud Technologies

  • Penetration testers need to account for all types of systems

  • available in an environment. In addition to servers and network
  • appliances, this can also include cloud-based systems. In this
  • course, you'll learn how to research attack vectors and perform
  • attacks on cloud technologies. You'll explore common cloud-based
  • attacks, such as credential harvesting, privilege escalation, and
  • account takeovers. You'll learn how to identify misconfigured cloud
  • assets, including identity and access management and
  • containerization technologies. You'll move on to explore how cloud
  • malware injection, denial of service, and side-channel attacks can
  • exploit a system. Lastly, you'll learn about common cloud tools
  • such as the software development kit. This course is one of a
  • collection that helps prepare learners for the CompTIA PenTest+
  • (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Attacks on Specialized Systems

  • Specialized systems by nature can be very challenging for

  • penetration testers. They can use proprietary operating systems and
  • file systems, and may require advanced reverse engineering and
  • sandbox analysis. However, specialized systems are also very
  • susceptible when it comes to weaknesses and vulnerabilities. In
  • this course, you'll learn how to identify common attacks and
  • vulnerabilities against specialized systems, including mobile
  • systems and Internet of Things devices. You'll also explore common
  • vulnerabilities, including data storage system vulnerabilities,
  • management interface vulnerabilities, vulnerabilities related to
  • virtual environments, and vulnerabilities related to containerized
  • workloads. This course is one of a collection that helps prepare
  • learners for the CompTIA PenTest+ (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Social Engineering Attacks

  • Social engineering involves the psychological manipulation of

  • people and it's used to trick them into divulging information or
  • performing certain actions. In this course, you'll learn how social
  • engineering attacks are performed and how they can be used by
  • attackers. You'll explore the pretext for a social engineering
  • approach, as well as various social engineering attacks such as
  • e-mail phishing, vishing, short message service, phishing,
  • universal serial bus drop key, and watering hole. You'll then learn
  • about tailgating, dumpster diving, shoulder surfing, and badge
  • cloning physical attack methods. Lastly, you'll examine social
  • engineering impersonation techniques, methods of influence, and
  • tools. This course is one of a collection that helps prepare
  • learners for the CompTIA PenTest+ (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Post-Exploitation Techniques

  • Cybercriminals use post-exploitation techniques to maintain a

  • level of access while they attempt to perform other actions during
  • an open session. In this course, you'll learn about
  • post-exploitation techniques and tools. You'll explore common
  • post-exploitation tools such as Empire, Mimikatz, and BloodHound.
  • Next, you'll examine post-exploitation techniques such as lateral
  • movement, privilege escalation, and upgrading a restrictive shell.
  • You'll learn techniques used to maintain foothold and persistence
  • using trojans, backdoors, and daemons. Finally, you'll learn
  • detection avoidance techniques, as well as enumeration techniques
  • used to extract users, groups, forests, sensitive data, and
  • unencrypted files. This course is one of a collection that helps
  • prepare learners for the CompTIA PenTest+ (PT0-002) certification
  • exam.

CompTIA PenTest+ (PT0-002): Written Reports

  • A final written report is prepared by a penetration tester or

  • testing team to document all findings and recommendations for the
  • client once the engagement has completed. In this course, you'll
  • learn the critical components of a written report, as well as the
  • importance of communication during the penetration testing process.
  • You'll explore how to analyze and report on findings, and how to
  • securely distribute of the final product. Next, you'll examine
  • common content to include in a written report such as an executive
  • summary, scope details, methodology, findings, and conclusion.
  • Lastly, you'll learn the steps required to properly analyze the
  • findings and recommend the appropriate remediation within a report.
  • This course is one of a collection that helps prepare learners for
  • the CompTIA PenTest+ (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Penetration Testing Tools

  • A penetration tester's toolkit should include a wide range of

  • tools and may vary based on the penetration testing engagement
  • requirements. In this course, you'll explore use cases of tools
  • required during the different phases of a penetration test. You'll
  • examine scanner tools such as Nikto, SQLmap, and WPScan, as well as
  • credential testing tools and debuggers. You'll learn about
  • open-source intelligence tools, as well as wireless and networking
  • tools such as Wireshark. Next, you'll explore web application,
  • social engineering, remote access tools, and other miscellaneous
  • tools. Lastly, you'll learn about common steganography tools and
  • cloud tools. This course is one of a collection that helps prepare
  • learners for the CompTIA PenTest+ (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Communication & Post-Report Activities

  • During penetration testing, tester activities can leave behind
  • remnants that may alter a system. Any action performed during
  • testing should be clearly documented. Upon completion of testing,
  • penetration testers should perform a series of post-report delivery
  • activities that include removing shells, removing tester created
  • credentials, and removing any penetration testing tools. In this
  • course, you'll explore post-report delivery activities such as
  • post-engagement cleanup, client acceptance, lessons learned,
  • attestation of findings, as well as data destruction processes and
  • best practices. You'll also learn the importance of communication
  • during the penetration testing process. This course is one of a
  • collection that helps prepare learners for the CompTIA PenTest+
  • (PT0-002) certification exam.

CompTIA PenTest+ (PT0-002): Analyzing Tool & Script Output

  • Scripting languages can be used by penetration testers to help

  • automate the execution of common tasks and increase the depth and
  • scope of testing coverage. In this course, you'll learn the basic
  • concepts of scripting and software development. Explore logic
  • constructs concepts such as loops and conditionals, as well as the
  • following operators; Boolean, string, and arithmetic. Discover
  • other basic concepts of scripting including data structures,
  • libraries, classes, procedures, and functions. You then explore how
  • to analyze a script or code sample for use in a penetration test.
  • Discover shells, programming languages, and exploit codes, and
  • learn how to identify opportunities for automation. This course is
  • one of a collection that helps prepare learners for the CompTIA
  • PenTest+ (PT0-002) certification exam.

Kenmerken

Engels (US)
33 uur
Security Specialist
180 dagen online toegang
HBO

Meer informatie

Extra product informatie 0
Doelgroep Securityspecialist
Voorkennis

Je beschikt over CompTIA Network+, CompTIA Security+ of gelijkwaardige kennis.

Het is aan te raden om minimaal 3-4 jaar hands-on ervaring te hebben op het gebied van information security of gerelateerde ervaring.

resultaat

Na succesvolle afronding ben je bekend met de concepten en methodologieën met betrekking tot penetratietesten. Tevens ben je klaar voor het CompTIA PenTest+ (PT0-002) certificeringsexamen.

Positieve reacties van cursisten

Ontwikkel je tot data analist

Service is echt heel goed. Snel, klantvriendelijk, weten waar ze over praten en denken met je mee met oplossingen. Daarnaast hebben ze ook een goed leerplatform om je studie te volgen en na elke module een korte toets om te zien hoeveel je ervan heb begrepen en je kan de status zien hoeveel tijd je hebt besteed aan je studie. Ik waardeer ze enorm en ik raad elke ICT'er aan om met hen in zee te gaan om je studie te volgen.

- Emilio Jones

Training: Introduction to SQL

Eén training geprobeerd en deze naar tevredenheid gevolgd. Een module werkte in eerste instantie niet, maar na contact opgenomen te hebben met klantenservice kreeg ik snel antwoord met een oplossing.

- Lars van der Spek

Training: Certified Ethical Hacker (CEHv12) - incl. examen

Eerste keer dat ik een online training heb gedaan en zou zo weer een training volgen via icttraningen.nl

- Jerry Jialal

Training: Microsoft Managing Modern Desktops (exam MD-101)

Het resultaat van de groep is absoluut bevredigend. Ik ga in ieder geval geen ander meer bellen.

- Antoine Evertze, Sales Engineer bij Chubb

Training: PRINCE2® 6e editie Foundation- incl. examen

Als er wat is staan ze altijd voor me klaar. Ik word meteen geholpen als ik bel.

- E. Zeijlmans, P&O adviseur bij Parnassia Groep

Training: ITIL® 4 Foundation - incl. examen

Wij zijn gebaat bij mensen die bijblijven in hun vakgebied en continu getriggerd worden.

- W. van Uijthoven, IT manager bij gemeente Arnhem

Training: Excel 2013 Compleet

Ik heb al eens eerder een training gehad via icttrainingen.nl en dat was een erg leerzame, leuke ervaring. Nu heb ik via het werk een online cursus en deze lijkt tot nu toe ook erg leerzaam.

- Michelle Brierley

Hoe gaat het te werk?

1

Training bestellen

Nadat je de training hebt besteld krijg je bevestiging per e-mail.

2

Toegang leerplatform

In de e-mail staat een link waarmee je toegang krijgt tot ons leerplatform.

3

Direct beginnen

Je kunt direct van start. Studeer vanaf nu waar en wanneer jij wilt.

4

Training afronden

Rond de training succesvol af en ontvang van ons een certificaat!

Veelgestelde vragen

Veelgestelde vragen

Op welke manieren kan ik betalen?

Je kunt bij ons betalen met iDEAL, PayPal, Creditcard, Bancontact en op factuur. Betaal je op factuur, dan kun je met de training starten zodra de betaling binnen is.

Hoe lang heb ik toegang tot de training?

Dit verschilt per training, maar meestal 180 dagen. Je kunt dit vinden onder het kopje ‘Kenmerken’.

Waar kan ik terecht als ik vragen heb?

Je kunt onze Learning & Development collega’s tijdens kantoortijden altijd bereiken via support@icttrainingen.nl of telefonisch via 026-8402941.

Background Frame
Background Frame

Onbeperkt leren

Met ons Unlimited concept kun je onbeperkt gebruikmaken van de trainingen op de website voor een vast bedrag per maand.

Bekijk de voordelen

Heb je nog twijfels?

Of gewoon een vraag over de training? Blijf er vooral niet mee zitten. We helpen je graag verder. Daar zijn we voor!

Contactopties