CSX Penetration & Vulnerability Tester Pathway

Learn, test, and earn three of ISACA’s most prestigious certificates in less than 6 months.

Difficulty: Multilevel CSF Domain: All domains

$1,439.00

Price represents the non member rate.

Buy Now
or pay later by invoice

Save 20% through 31 October 2019 at 11:59pm CDT/UTC-5.

Regular price is US$1499 for ISACA members and US$1799 for non-members.


CSX Penetration & Vulnerability Tester Pathway


Career Objective: Penetration Tester | Application Security Architect | Application Security Analyst | Senior Penetration Tester | Security Analyst III

Average Salary: $102k            Job Openings: 10,000

What is a Pen Tester?

Penetration and vulnerability testers analyze, protect, and defend against cyber-related attacks. They ethically hack systems to expose vulnerabilities and determine whether unauthorized or malicious activity is possible and to what extent it could cause harm.

Why CSX?

The CSX Penetration Testing training package provides individuals with the targeted skill set required to technically perform cybersecurity penetration and vulnerability tests within organizations worldwide. Course content is enhanced by live lab environments, wherein you are tasked to identify, scan, and exploit real targets through leveraging multiple hacking tools and techniques. Each lab sharpens your skill set and prepares them for a career in penetration testing.

Included in the training package are specific focuses in overall penetration testing methodologies, vulnerability identification and exploitation, and multi-hop system exploitations.

  • A skills assessment will help you identify strengths, weaknesses and knowledge gaps, to focus your training.
  • In the CSX Penetration Testing Overview Course, learn the comprehensive process of hacking, from beginning to end, by hunting organizational systemic weaknesses and cunningly exploiting vulnerabilities blindly overlooked by IT technicians.
  • In the CSX Vulnerability and Exploitation Course, both the content and labs ratchet higher, increasing in difficulty, but providing more significant target skills.
  • In the CSX Advanced Exploitation Course, you will learn to deftly perform multi-hop exploitation attacks, which create deeper points of presence within a targeted system.
  • Each of the focus areas include highly tuned labs within a live environment wherein you learn through hands-on application and real-time scoring.
  • Three certificate exams provide the opportunity to prove new skills and earn the following certificates: CSX Penetration Testing Overview (CPTO) Certificate, CSX Vulnerability and Exploitation (CVEC) Certificate, CSX Advanced Exploitation (CAEC) Certificate.
  • Six-month access to train and test on your schedule, 24/7.

Continuing Professional Education (CPE) Credit Count: 86

This training is recommended for individuals with a fundamental knowledge of cybersecurity including the skills covered in CSX Fundamentals, CSX Technical Foundations, and CSX Cybersecurity Practitioner.

This Package Includes:

COURSE LESSON INSTRUCTIONAL LAB
Introduction to Penetration Testing Linux Shell and Commands
TCP/IP Basics TCP/IP Basics
Reconnaissance Packet Inquiry
Network Discovery
Enumeration Service Enumeration
Vulnerability Identification Network Vulnerability Identification
Network Vulnerability Exploitation
Reporting
Security Controls
Evidence Removal
FINAL CHALLENGE CPTO Challenge 1
CPTO Challenge 2

EXAM

The CSX Penetration Testing Overview Certificate Exam assesses candidates understanding of network reconnaissance, footprinting, vulnerability scanning, and system exploitation. The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment. It contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.

Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:

  • Perform system and network information gathering techniques
  • Identify and map networks of interest
  • Conduct Network Discovery and foot-printing techniques
  • Identify and enumerate TCP/IP services
  • Identify and exploit network vulnerabilities
  • Analyze network security areas
  • Understand and leverage firewall technologies
  • Assess wireless security

Students must be comfortable leveraging Linux terminal tools and interfaces.

COURSE LESSON INSTRUCTIONAL LAB
Open Source Research Footprinting
Initial Vulnerability Scanning Initial Vulnerability Scanner Setup
Vulnerability Identification Vulnerability Analysis
Basic Exploitation Initial Exploitation
Privilege Escalation Privilege Escalation
Backdoor Implants Backdoor Implementation
Covering Tracks Covering Tracks
System Exploration Deeper Exploration
FINAL CHALLENGE CVEC Challenge

EXAM

The CSX Vulnerability and Exploitation Certificate Exam assesses candidates understanding of network and system vulnerability scanning, scanner implementation and usage, vulnerability analysis, exploitation, privilege escalation, backdoor implants, and track obfuscation. The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment. It contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.

Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:

  • Scan and enumerate a network
  • Conduct a vulnerability scan
  • Conduct vulnerability analysis
  • Exploit a designated system
  • Escalate privileges on a system
  • Implement a backdoor
  • Cover the tracks of an exploitation

Students must be comfortable leveraging Linux terminal tools and interfaces.

COURSE LESSON INSTRUCTIONAL LAB
Pivoting and Tunneling
SSH Tunneling
SSH Tunnel Implementation
Multiple SSH Tunnel Exploitation Implementation
Metasploit PortProxy Metasploit PortProxy Implementation
Meterpreter Autoroute Implementation Autoroute Implementation
FINAL CHALLENGE Network Assessment

EXAM

The CSX Advanced Exploitation Certificate Exam assesses candidates understanding and implementation of exploiting a compromised system and gaining deeper access to a compromised network through leveraging additional exploits. The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment. It contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.

Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:

  • Conduct in-depth system and network information gathering techniques
  • Identify and map networks of interest
  • Conduct Network Discovery and foot-printing techniques
  • Identify and enumerate vulnerable TCP/IP services
  • Conduct multi-level internal and external exploitations of key systems
  • Perform multi-hop exploitations
  • Exploit and subvert firewall technologies
  • Assess wireless security

Students must be comfortable leveraging Linux terminal tools and interfaces.

LAB TITLE LEVEL
Chrome Extension Testing
Initializing Honeypots
Man-in-the-Middle Detection
Securing Web Browsers
Intermediate
Intermediate
Intermediate
Intermediate
Applying Snort Rules and Classifying Processes
Browser Attacks (Advanced)
Harvesting DNS and Focusing Web Searches
Session Hijacking
SQL Injection
SQL Injection Challenge Lab
Advanced
Advanced
Advanced
Advanced
Advanced
Advanced

The CSX Penetration & Vulnerability Tester training package hones skills in the five NIST domains of cybersecurity: Identify, Protect, Detect, Respond, and Recover.


Need training for a team? Contact us for group pricing.