Learn, test, and earn three of ISACA’s most prestigious certificates in less than 6 months.
Difficulty: Multilevel CSF Domain: All domainsCareer Objective: Penetration Tester | Application Security Architect | Application Security Analyst | Senior Penetration Tester | Security Analyst III
Average Salary: $102k Job Openings: 10,000
Penetration and vulnerability testers analyze, protect, and defend against cyber-related attacks. They ethically hack systems to expose vulnerabilities and determine whether unauthorized or malicious activity is possible and to what extent it could cause harm.
The CSX Penetration Testing training package provides individuals with the targeted skill set required to technically perform cybersecurity penetration and vulnerability tests within organizations worldwide. Course content is enhanced by live lab environments, wherein you are tasked to identify, scan, and exploit real targets through leveraging multiple hacking tools and techniques. Each lab sharpens your skill set and prepares them for a career in penetration testing.
Included in the training package are specific focuses in overall penetration testing methodologies, vulnerability identification and exploitation, and multi-hop system exploitations.
Continuing Professional Education (CPE) Credit Count: 86
This training is recommended for individuals with a fundamental knowledge of cybersecurity including the skills covered in CSX Fundamentals, CSX Technical Foundations, and CSX Cybersecurity Practitioner.
COURSE LESSON | INSTRUCTIONAL LAB |
---|---|
Introduction to Penetration Testing | Linux Shell and Commands |
TCP/IP Basics | TCP/IP Basics |
Reconnaissance | Packet Inquiry Network Discovery |
Enumeration | Service Enumeration |
Vulnerability Identification | Network Vulnerability Identification Network Vulnerability Exploitation |
Reporting Security Controls | Evidence Removal |
FINAL CHALLENGE | CPTO Challenge 1 CPTO Challenge 2 |
EXAM
The CSX Penetration Testing Overview Certificate Exam assesses candidates understanding of network reconnaissance, footprinting, vulnerability scanning, and system exploitation. The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment. It contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.
Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:
Students must be comfortable leveraging Linux terminal tools and interfaces.
COURSE LESSON | INSTRUCTIONAL LAB |
---|---|
Open Source Research | Footprinting |
Initial Vulnerability Scanning | Initial Vulnerability Scanner Setup |
Vulnerability Identification | Vulnerability Analysis |
Basic Exploitation | Initial Exploitation |
Privilege Escalation | Privilege Escalation |
Backdoor Implants | Backdoor Implementation |
Covering Tracks | Covering Tracks |
System Exploration | Deeper Exploration |
FINAL CHALLENGE | CVEC Challenge |
EXAM
The CSX Vulnerability and Exploitation Certificate Exam assesses candidates understanding of network and system vulnerability scanning, scanner implementation and usage, vulnerability analysis, exploitation, privilege escalation, backdoor implants, and track obfuscation. The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment. It contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.
Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:
Students must be comfortable leveraging Linux terminal tools and interfaces.
COURSE LESSON | INSTRUCTIONAL LAB |
---|---|
Pivoting and Tunneling SSH Tunneling | SSH Tunnel Implementation Multiple SSH Tunnel Exploitation Implementation |
Metasploit PortProxy | Metasploit PortProxy Implementation |
Meterpreter Autoroute Implementation | Autoroute Implementation |
FINAL CHALLENGE | Network Assessment |
EXAM
The CSX Advanced Exploitation Certificate Exam assesses candidates understanding and implementation of exploiting a compromised system and gaining deeper access to a compromised network through leveraging additional exploits. The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment. It contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.
Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:
Students must be comfortable leveraging Linux terminal tools and interfaces.
LAB TITLE | LEVEL |
---|---|
Chrome Extension Testing Initializing Honeypots Man-in-the-Middle Detection Securing Web Browsers | Intermediate Intermediate Intermediate Intermediate |
Applying Snort Rules and Classifying Processes Browser Attacks (Advanced) Harvesting DNS and Focusing Web Searches Session Hijacking SQL Injection SQL Injection Challenge Lab | Advanced Advanced Advanced Advanced Advanced Advanced |
The CSX Penetration & Vulnerability Tester training package hones skills in the five NIST domains of cybersecurity: Identify, Protect, Detect, Respond, and Recover.