|
This course is designed to take an individual with knowledge of the basic security auditing toolset to the next and higher level. Many courses teach "how to hack"; the C2PTC course teaches "the business of penetration testing". The course delivers advanced and cutting edge techniques for auditing a broad range of security controls (including Physical and User Security) with "hands-on" laboratories designed by real world security auditors. The C2PTC course also delivers the "business side" of penetration testing, including RFPs, Authorisation, Security Policy Review, and Compliance & Documentation skills required.
The C2PTC courseware is constantly updated (with updates available to past students) to reflect the most current security issues and known exploits; this is the way of the CCFAi-Certified Penetration Testing Consultant.
|
|
Course Number: C2PTConsultant
Duration: 5 days
Data structure
Languages: English
Format:Instructor-led Course (lecture and labs)
C2PTC- Professional Course Prerequisites:
- CPTS, GIAC, or equivalent knowledge
- A minimum of 24 months experience in Networking Technologies
- Sound knowledge of TCP/IP
- Computer hardware knowledge
- Experience as a Support Professional or Consultant
Student Materials:
- Student Workbook
- Student Reference Manual
- Software/Tools DVD(s)
|
|
|
|
|
|
|
|
|
|
C2PTC- Professional Certification Exam:
C2PTE – Practical Exam
|
|
|
BENEFITS OF C2PTC PROFESSIONAL COURSE
The C2PTCONSULTANT course provides attendees with the unique opportunity to perform all stages of an actual penetration test within a controlled classroom environment. Hands-on laboratories have been researched and developed by leading security professionals from around the world and are continuously updated. The C2PTCONSULTANT will cover much more in-depth attacks, techniques, technologies and countermeasures than foundation Penetration Testing and Ethical Hacking courses such as CPTS, CEH and OSPT. Participants of the C2PTCONSULTANT course will have the ability to complete laboratories in all of the following areas:
- Perform a penetration test and submit a deliverable report
- Capture and replay VoIP traffic
- Find and exploit databases with SQL Injection vulnerabilities
- Manipulate prices on ecommerce websites
- Obtain and transfer information via Bluetooth enabled telephones
- Tools and resources for picking simple and complex locks
- Techniques for Wireless Site Sur vey ing and Cracking WEP/WPA keys
- Additionally, attendees will be qualified to confidently undertake the upcoming C2PTCONSULTANT practical examination.
|
|
COURSE OVERVIEW
This course is designed to take an individual with knowledge of the basic security auditing toolset to the next and higher level. Many courses teach “how to hack”; the C2PTCONSULTANT course teaches “the business of penetration testing”. The course delivers advanced and cutting edge techniques for auditing a broad range of security controls (including Physical and User Security) with “hands-on” laboratories designed by real world security auditors.
The C2PTCONSULTANT course also delivers the “business side” of penetration testing, including RFPs, Authorization, Security Policy Review and Compliance. The C2PTCONSULTANT courseware is constantly updated (with updates available to past students) to reflect the most current security issues and known xploits; this is the way of the CCFAI-Certified Penetration Testing Expert.
The C2PTCONSULTANT course also delivers the “business side” of penetration testing, including RFPs, Authorization, Security Policy Review and Compliance. The C2PTCONSULTANT courseware is constantly updated (with updates available to past students) to reflect the most current security issues and known xploits; this is the way of the CCFAI-Certified Penetration Testing Expert.
|
|
UPON COMPLETION OF C2PTC - PROFESSIONAL COURSE
A CCFAI-Certified Penetration Testing Expert is a security professional with the ability to plan, manage and perform a penetration test. The designation “Expert” is related to the depth and breadth of understanding required to manage a project involving multiple team members, manage the client's expectations and deliver an audit of security controls that is thorough, well documented and ethically sound.
|
|
| MODULES FOR C2PTE -CCFAi-Certified Penetration Testing Consultant Course |
CCFAi-Certified Penetration Testing Consultant-MODULE 1: Introduction & Pen Test Overview
|
CCFAi-Certified Penetration Testing Consultant -MODULE 1: Introduction & Pen Test Overview
|
- Authorization
- Defining Boundaries
- Objectives and Scope of the Pen Test
- Plan of Attack
- Gathering Information
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 2: ACCESS CONTROLS
|
CCFAi-Certified Penetration Testing Consultant -MODULE 2: ACCESS CONTROLS
|
- Reconnaissance
- Information Gathering
- Scanning
- Enumeration
- Vulnerability Assessments
- Exploiting Systems
- Back Doors/Root Kits
- Covering Tracks
- Wireless Attacks
To ensure that students gain as much as possible from the C2PTCONSULTANT course, we start with a refresher on all tools and techniques covered in 'foundation' hacking courses such as CPTS, CEH and OSPT. The subjects covered include information gathering, scanning, enumeration, vulnerability assessments, exploiting systems, packet interception/analysis and wireless detection techniques. Some of the tools the student will use include Sam Spade, SmartWhois, nmap, hping2, xprobe2, RPCclient, LophtCrack, Cain & Abel, Metasploit, Ethereal, Netstumbler, Wellenreiter etc.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 3: Core Impact -- Initial Pen Test
|
CCFAi-Certified Penetration Testing Consultant -MODULE 3: Core Impact -- Initial Pen Test
|
|
This lesson will instruct in the use of Core Technologies, market leading commercial penetration testing application. This tool will allow the penetration tester to quickly build up a security snapshot of the target network. From here, the tester will then move onto more advanced manual methods to complete the test. The hands-on laboratory will allow the student to use Core Impact to perform a Rapid Pen Test.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 4: External/DMZ
|
CCFAi-Certified Penetration Testing Consultant -MODULE 4: External/DMZ
|
|
The first point of contact with a target network will predominantly be through the De-Militarized Zone. This whole section is dedicated to the exploits that apply to this part of the Attack Surface. It is sub-sectioned into:
- DNS/Mail/Web/VPN Servers
- Database Mining-SQL Injection
Database Mining is the process of attacking a database server through the front end. In this section, we open up anetwork through a SQL server web interface running on a web server inside the DMZ. Laboratory: Students will be thrust into an online banking environment and will successfully exploit the database front-end to bypass authorization, elevate accountprivileges, transfer money and manipulate cookies by employing an advanced 'SQL Injection' technique known as 'Blind SQL Injection'. Other attack methods will include VPN IPSEC PSK cracking, circumventing DNS, Mail and Web servers using the latest techniques.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 5: Wireless Site Surveying
|
CCFAi-Certified Penetration Testing Consultant -MODULE 5: Wireless Site Surveying
|
|
During this module, the students will learn all about the current security mechanisms employed to secure wireless networks, WEP/WPA/WPA2 and 802.11x. After talking about the security of these networks, we cover the attacks to bypass all of the security.
Laboratory: Most corporate wireless networks are now protected with encryption such as Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA). The auditing of these networks requires the tester to attempt to break that encryption. This is exactly what the student will do! We use advanced techniques to break WEP encryption by re-injecting encrypted packets back onto the network and cracking the key in as little as 10 minutes. The tool set the student will become expert with includes kismet, airodump, aireplay, aircrack and cowpatty.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 6: Attacking Bluetooth Devices
|
CCFAi-Certified Penetration Testing Consultant -MODULE 6: Attacking Bluetooth Devices
|
|
As more and more Bluetooth devices appear on the corporate network, the professional penetration tester has to enhance his/her skills to encompass this technology. PDAs, cell phones and other BT devices are all vulnerable to attacks. The hands-on laboratory will teach the students the practical skills required to discover BT devices and retrieve personal information from cell phones and even make phone calls on somebody else's bill! The tool set includes BTscanner, ghettotooth, redfang and bluesnarfer.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 7: Programming 101
|
CCFAi-Certified Penetration Testing Consultant -MODULE 7: Programming 101
|
|
This module is not designed as a âlearn programming in one easy stepâ as that is not possible. We focus our students' efforts on checking code obtained from underground websites so that it will compile correctly and perform the actions it is meant to. We cannot use a new tool on a client network without first ensuring it is safe.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 8: Internal Pen Testing
|
CCFAi-Certified Penetration Testing Consultant -MODULE 8: Internal Pen Testing
|
|
Once inside the external defences, the penetration tester has a whole different set of techniques and tools to use. This module is dedicated to internal testing. It is subsectioned into:
- Database Servers
- Network Attacks
- Password Retrieval and Cracking
Having a direct connection to a database server will allow many more attack vectors such as database discovery, enumeration and direct exploits like buffer overflows. We cover the market leading database servers (MS SQL, Oracle etc) and also talk about hardening these servers.
Laboratory: ARP Cache Poisoning, SSH/SSL Man-In-The- Middle Attacks, Voice Over IP interception and DNS Poisoning, Protocol Analysis, Password Cracking (Dictionary/Brute Force/Hybrid/Rainbow Tables), Buffer Overflow/Heap Overflow/Stack Overflow Exploits are just some of the attacks in this module, all of which will enable the penetration tester to expose the weaknesses of the network.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 9: Physical Security
|
CCFAi-Certified Penetration Testing Consultant -MODULE 9: Physical Security
|
|
Physical access to a client's building can offer the penetration tester a whole host of powerful attack vectors. This module will teach the student how to gain access by picking the door locks and padlocks securing the building. Yes, you read correctly! By the end of the hands on laboratory, student will be able to open most common types of pin tumbler door locks and 90% of padlocks available on the market, thus being able to play a greater part is their respective organizations physical security policies. Most 'Ethical Hacking' courses talk about the theory of physical access; the C2PTCONSULTANT covers the practical art of physical access.
|
|
|
CCFAi-Certified Penetration Testing Consultant -MODULE 10: After the Pen Test
|
CCFAi-Certified Penetration Testing Consultant -MODULE 10: After the Pen Test
|
|
Laboratory: Presentation of the Penetration Test Report
- Most lessons have hands-on laboratories.
- Laboratories will change continuously, adapting to changes in the security industry.
- CyberCrime Fighters Association International -(CCFAI)consultants working in the security field will be dynamically implementing new scenarios that are over and above the base laboratories used in student workbooks.
- Please note that this is not a class that will explain the very intricacies of each and every tool. The software is mostly open source and underground software which leaves us with no guarantee of compatibly.
- CyberCrime Fighters Association International -(CCFAI) consultants constantly test most of the tools used in this class; however, we may use a tool that is not tested in the environment we have at our partner's site.
- We will be using a large array of Operating Systems that are set-up to be used in different ways, perhaps to attack or to use as a hacker box.
VMware is used very often in the class. It would be helpful if you download a trial version prior to the class.
|
|
|
|
C2PTConsultant may be taken as a standalone course but is often taken in conjunction with C2PTEngineer.
THE EXAM: While not an official part of the C2PTConsultant class, it is worth noting the difference between the C2PTEngineer exam and the C2PTConsultant exam. The C2PTEngineer exam is a traditional multiple choice test taken in a proctored test environment. The C2PTConsultant exam involves performing a realistic but simulated penetration test and producing a professional report as a final deliverable to the instructor. The student’s pass/fail grade comes from whether or not they were able to adequately perform and report the outcomes of the simulated penetration test.
|
Download PDF
|
 GO TO TOP |
