Ontwikkel je van Penetration Tester tot SecOps Engineer (incl. begeleiding)
Security Specialist
46 uur
Engels (US)

Ontwikkel je van Penetration Tester tot SecOps Engineer (incl. begeleiding)

Snel navigeren naar:

  • Informatie
  • Inhoud
  • Kenmerken
  • Meer informatie
  • Reviews
  • FAQ

Productinformatie

Ben jij zowel geïnteresseerd in IT security als IT operations? Wil jij bijdragen aan betere beveiling én betere operationele prestraties van een organisatie? Dan is een baan als SecOps Engineer misschien voor jou weggelegd! Het primaire doel van SecOps is om proces inefficiënties van traditionele enterprise security en operations teams te verminderen door ze verantwoordelijkheid, processen, tools en informatie te laten delen, wat leidt tot verbeterde beveiliging en operationele prestaties. In dit ontwikkelpad verken jij de verschillende rollen om jezelf te ontwikkelen van Penetration Tester naar SecOps Engineer.

Wanneer je kiest voor dit ontwikkelpad, krijg jij:

  • toegang tot de trainingen en LiveLabs rond de rollen van Penetration Tester, Incident Response Leader, Ethical Hacker en SecOps Engineer. Daarnaast krijg je toegang tot nog veel meer trainingen, proefexamens, bootcamps, e-books enzovoort.
  • begeleiding van ons Learning & Development team, samen met jou stellen we doelen, maken we een planning en monitoren we je voortgang.

Penetration Tester

In het eerste onderdeel ligt de focus op de basisprincipes van penetratietesten, beveiligingsmaatregelen, gedrag van eindgebruikers, fysieke en Wi-Fi-pen-testen, en geavanceerde pen-testtechnieken.

Incident Response Leader

Vervolgens leer je meer over respons bij incidenten, preventieve probleemoplossing, beveiliging van netwerkapparatuur, monitoring van systeemconfiguratie, patchbeheer en conformiteit met regelgeving.

Ethical Hacker

In dit onderdeel ga je aan de slag met Ethical Hacking.

SecOps Engineer

Tot slot ga je aan de slag met SecOps Engineering. Je komt meer te weten over veilig coderen, cloud en IoT beveiliging en bedreigingsbeperking.

Inhoud van de training

Ontwikkel je van Penetration Tester tot SecOps Engineer (incl. begeleiding)

46 uur

Penetration Testing Fundamentals

  • Delve into the world of penetration testing and examine the

  • common types of penetration testing and the important role they
  • play in protecting your company's assets and networks from exploits
  • and attacks. Explore methods for gathering information,
  • vulnerability scanning, common exploits and vulnerabilities, and
  • methods and techniques for preventing these exploits.

Pen Testing Awareness: Results Management

Pen Testing Awareness: Results Management

Security Measures: Implementing Security Controls

Explore the use of security controls with the NIST Cybersecurity Framework. Examine the anatomy of security controls, from common to the advanced and complex. Discover how to test and monitor security controls, including some of the most basic quick win controls for several control types. In addition, control policies within the NIST Cybersecurity Framework, how security controls contribute to the ISO 27002 standard in compliance, risk management scenarios, and how security controls are enforced and implemented are also covered.

Pen Testing: End-user Behavior

Explore the limitations of penetration testing, as well as how end-user behavior affects this process. Discover how human error can cause data breaches and the importance of end-user awareness. Examine tools used to perform user behavior analytics, social engineering attacks and countermeasures, and how to create penetration testing reports.

Physical Penetration Testing

Discover the importance of physical penetration testing and the steps for performing a physical penetration test. Examine lock picking techniques and the benefits of dumpster diving. Finally, explore how to protect sensitive data, penetration testing tools and techniques, and the different types of penetration tests.

Wi-Fi Penetration Testing

Discover how to recognize the vulnerabilities in wireless networks. Examine the tests used to determine if specific vulnerabilities can be exploited in a wireless network and how test results can be used to enhance your company's security policy.

Pen Testing: Advanced Pen Testing Techniques

  • Explore advanced penetration testing tools and techniques used

  • to find vulnerabilities, sniff network traffic, deal with
  • cryptography, and crack passwords. Discover the benefits of using
  • the Python programming language to build scripts and deliver tools,
  • and examine common techniques used to find weaknesses in both Linux
  • and Windows-based systems.

Final Exam: Penetration Tester

Final Exam: Penetration Tester will test your knowledge and application of the topics presented throughout the Penetration Tester track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Policy & Governance: Incident Response

  • Discover the importance of an incident response plan, including

  • how to draft the plan and engage in incident response. Explore
  • different scenarios and what roles are needed to manage an incident
  • response team. Examine the notion of the Computer Security Incident
  • Response Team and how the team effectively responds to incidents.
  • How incident response policies can provide IT governance and
  • compliance in today's cyber world and best practices for staying
  • compliant with ISO and other compliance standards is also
  • covered.

Planning Measures: Incident Response Planning

  • Explore the process of recovering from security related

  • incidents such as malware, data leakage, or stolen equipment.
  • Examine how to develop plans, policies, and procedures and how to
  • form a team with well defined roles to execute these plans.
  • Finally, examine how all these components are coordinated in
  • practice when an incident event occurs.

Preemptive Troubleshooting: Concepts & Strategies

  • Explore preemptive troubleshooting concepts and strategies and

  • how they apply to cybersecurity. Discover tools to help assist in
  • troubleshooting, such as indicators and threat hunting. Dive into
  • scenarios a SOC would typically engage in when troubleshooting
  • network issues and system compromise. Examine best practices,
  • including spotting weak passwords or hardware and software
  • vulnerabilities, and security policies and procedures to keep
  • systems secure.

Security Best Practices: Network Appliance Security

Explore security best practices, top security risks, the importance of securing network appliances, and how to secure them. Examine risks and best practices for transitioning to the cloud, traditional infrastructure deficiencies, and how to deal with de-perimeterization problems. Various security architecture models, including the Zero Trust Architecture, are also covered.

Monitoring & Securing System Configuration

In this course, you'll learn how to drive system configuration monitoring using continuous monitoring tools to keep systems secure. You'll explore the concept and importance of monitoring system configuration within an organization for incident response. Next, you'll examine tools and strategies you can use to identify common issues, such as identifying weak passwords or common devices that use default credentials. You'll explore processes for operating and maintaining monitoring systems, including the use of security controls and assessments to ensure the incident response team remains compliant. Finally, you'll discover how to identify and interpret report findings from monitoring result, how to work with a monitoring program for system configuration, and how to recognize monitoring program challenges and possible solutions for incident response.

Security Strategy: Patch Management Strategies

Discover how patch management strategies are an important part of an overall security strategy, beginning with basic patch management concepts and how to prioritize what to patch and when. Examine best practices, what to do when vendor-specific issues occur, and how to get issues patched before they become a threat. Explore various tools and techniques used to patch and harden systems and the process of implementing patches, including automating the process to make things easier for the day-to-day SecOps professional. Look at how to analyze and assess patches before implementation to prevent any unknowns or issues. Finally, how patch management fits into the Agile software development process and how to implement patches in a serverless architecture are also covered.

Regulation Conformance for Incidence Response

Cybersecurity is a growing concern for organizations, especially in government and in private sectors. Policies and regulations that need to be conformed to and practiced in the industry are also important considerations for incident response leaders. Explore regulation conformance for incident response, including how to build and apply a conformance plan in the workplace. Examine industry standards, how to apply techniques in regulation conformance, and how to handle incidents that require specific regulation conformance. Discover how to document incidents following the appropriate standards and how to provide a conformance plan that follows regulations and standards for the organization.

Incident Response Leader

Incident Response Leader Perform tasks commonly completed by Incident Response Leaders tasks such as implementing data governance, deploying software and hardware patches, and implementing monitoring, controls and backups. Then, test your skills by answering assessment questions after responding to an active threat and performing a root cause analysis on an active threat on both a Windows system and a cloud based system. This lab is part of the Incident Response Leader track of the Skillsoft Aspire Penetration Tester to SecOps Engineer journey.

Final Exam: Incident Response Leader

Final Exam: Incident Response Leader will test your knowledge and application of the topics presented throughout the Incident Response Leader track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Ethical Hacker: Risk Assessment

  • Ultimately, ethical hacking is about testing the risk level an

  • organization has. In order to perform effective, professional
  • ethical hacking, a knowledge of risk is essential. Explore risk
  • assessment concepts, including risk calculations, responses, and
  • models. Discover how to use the Common Vulnerability Scoring System
  • and how to apply risk management concepts and evaluate risk in
  • accordance with common standards.

Ethical Hacker: Incident Response

  • Ethical hacking is a means to avoid incidents and to discover

  • them before they are realized. Often, ethical hacking is part of
  • the response to an incident, so an understanding of incident
  • handling is important for the ethical hacker. Explore the
  • foundational concepts of incident response, including incident
  • classification, recovery and remediation, and after action
  • review.

Ethical Hacker: Security Standards

Ethical hacking is not just random hacking attempts. It is a systematic testing of the target's security. For that reason, an understanding of security standards and formal testing methodologies is critical. Examine key security standards including penetration testing standards.

Ethical Hacker: Secure Technology & Applications

  • Security devices and software are the technical aspect of

  • security. An ethical hacker must be familiar with security
  • technology in order to effectively conduct tests of the target
  • organization's network. Explore security device and software
  • concepts, firewall types and usage, SIEM systems, IDS/IPS,
  • antivirus strategies, Windows Firewall, and how to implement
  • Snort.

Ethical Hacker: Account Creation

Account management and access control are fundamental to security, and it's vital to understand these technologies as an ethical hacker. Explore account creation concepts, standard access control models, attribute-based access control, and how to design account and access control.

Ethical Hacker: Scanning

One of the early stages in ethical hacking is reconnaissance of the target. Explore various scanning tools and techniques used in ethical hacking, including NMAP, OWASP ZAP, Vega, Shodan, and specialized Google searches.

Ethical Hacker: Hacking Techniques

Ultimately, ethical hacking is about hacking, so the ethical hacker must have some hands-on hacking skills. Explore fundamental hacking techniques, including SQL injection, cross-site scripting, malware, using viruses, DoS attacks, steganography, using Metasploit, and Windows hacking.

Ethical Hacker

  • Perform tasks commonly completed by Ethical Hackers such as disaster recovery configuration and testing, digital forensics, and data exfiltration. Then, test your skills by answering assessment questions after scanning websites and conducting SQL injections, as well as employing common hacking techniques to gain access to Windows and Linux machines.
  • This lab provides access to tools typically used by Ethical Hackers, including:
  • - ownCloud
  • - Wireshark
  • - Autopsy
  • - Vega
  • - Nikto
  • This lab is part of the Ethical Hacker track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Final Exam: Ethical Hacker

Final Exam: Ethical Hacker will test your knowledge and application of the topics presented throughout the Ethical Hacker track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

SecOps Engineer: System Infrastructure Security

  • Explore SecOps engineering concepts, including why you should

  • harden your infrastructure and operating systems to mitigate
  • threats. Discover how to analyze Windows 10 issues, use security
  • devices, and implement intrusion detection and prevention systems.
  • In addition, Windows Server hardening, proper firewall placement,
  • and using and deploying honeypots effectively is covered.

SecOps Engineer: Secure Coding

  • Discover how to protect your software by applying secure coding

  • practices. Explore key concepts, including filtering, validation,
  • and the CERT Top 10 Secure Coding Practices. Examine methods for
  • securing software deployment and continuous delivery, as well as
  • secure software metrics and secure coding with C#, Python, and
  • Java.

SecOps Engineer: Security Engineering

Explore cybersecurity engineering concepts, including security modeling techniques and the Security Modeling Language. Discover how to analyze and use security metrics, analyze failures, integrate systems engineering into cybersecurity operations, and apply security requirements engineering techniques.

SecOps Engineer: Cloud & IoT security

Explore cloud and IoT security concepts, including common threats. Examine cloud architecture, types, and uses, as well as how to apply cloud security methods and techniques. Discover how to implement IoT security for a wide range of IoT devices.

SecOps Engineer: Threat Mitigation

Discover how to recognize and analyze common threats, such as malware, denial of service, social engineering, phishing, and insecure protocols. Examine how to integrate your analysis into mitigating these types threats and how to effectively use cyberthreat intelligence resources.

SecOps Engineer

  • Perform tasks commonly completed by SecOps Engineers such as configuring intrusion detection and prevention, Windows and network hardening, and creating and monitoring a honeypot. Then, test your skills by answering assessment questions after configuring items to protect against ransomware and denial of service attacks, configure auditing to detect insider threats, and impllement controls to protect insecure and legacy systems.
  • This lab provides access to tools typically used by SecOps Engineers, including:
  • - OPN SEnse
  • - SPLUNK SIEM platform
  • - ownCloud
  • - FastNetMon DdoS Mitigation
  • - Wazuh
  • This lab is part of the SecOps Engineer track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Final Exam: SecOps Engineer

Final Exam: SecOps Engineer will test your knowledge and application of the topics presented throughout the SecOps Engineer track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Kenmerken

Docent inbegrepen
Bereidt voor op officieel examen
Engels (US)
46 uur
Security Specialist
365 dagen online toegang
HBO

Meer informatie

Doelgroep Securityspecialist, Tester
Voorkennis

Je hebt basiskennis van penetratie testing en ethical hacking.

Resultaat

Na het doorlopen van dit ontwikkelpad heb jij jezelf ontwikkeld tot SecOps Engineer.

Positieve reacties van cursisten

Training: Leidinggeven aan de AI transformatie

Nuttige training. Het bestelproces verliep vlot, ik kon direct beginnen.

- Mike van Manen

Onbeperkt Leren Abonnement

Onbeperkt Leren aangeschaft omdat je veel waar voor je geld krijgt. Ik gebruik het nog maar kort, maar eerste indruk is goed.

- Floor van Dijk

Training: Leidinggeven aan de AI transformatie

Al jaren is icttrainingen.nl onze trouwe partner op het gebied van kennisontwikkeling voor onze IT-ers. Wij zijn blij dat wij door het platform van icttrainingen.nl maatwerk en een groot aanbod aan opleidingen kunnen bieden aan ons personeel.

- Loranne, Teamlead bij Inwork

Hoe gaat het te werk?

1

Training bestellen

Nadat je de training hebt besteld krijg je bevestiging per e-mail.

2

Toegang leerplatform

In de e-mail staat een link waarmee je toegang krijgt tot ons leerplatform.

3

Direct beginnen

Je kunt direct van start. Studeer vanaf nu waar en wanneer jij wilt.

4

Training afronden

Rond de training succesvol af en ontvang van ons een certificaat!

Veelgestelde vragen

Veelgestelde vragen

Op welke manieren kan ik betalen?

Je kunt bij ons betalen met iDEAL, PayPal, Creditcard, Bancontact en op factuur. Betaal je op factuur, dan kun je met de training starten zodra de betaling binnen is.

Hoe lang heb ik toegang tot de training?

Dit verschilt per training, maar meestal 180 dagen. Je kunt dit vinden onder het kopje ‘Kenmerken’.

Waar kan ik terecht als ik vragen heb?

Je kunt onze Learning & Development collega’s tijdens kantoortijden altijd bereiken via support@icttrainingen.nl of telefonisch via 026-8402941.

Background Frame
Background Frame

Onbeperkt leren

Met ons Unlimited concept kun je onbeperkt gebruikmaken van de trainingen op de website voor een vast bedrag per maand.

Bekijk de voordelen

Heb je nog twijfels?

Of gewoon een vraag over de training? Blijf er vooral niet mee zitten. We helpen je graag verder. Daar zijn we voor!

Contactopties