SPTE

EXAM CODES S09-010

About Penetration

Penetration Testing

Digital technologies have brought about unprecedented transformation in the way we live, work, and communicate. Businesses are being disrupted everywhere. Almost everything we do is generating data, making the data a precious commodity. There’s a growing concern for data security as the risk and dangers of our data becoming exposed steadily increases. If a system is not secured, then any attacker can disrupt or gain unauthorized access to that system. Security risk is normally an accidental error that occurs while developing and implementing the software. For example, configuration errors, design errors, and software bugs, etc. Penetration testing normally evaluates a system's ability to protect its networks, applications, endpoints and users from external or internal threats.

Penetration testing is a type of security testing that is performed to discover security vulnerabilities in a network, application or system. It also attempts to protect the security controls and ensures only authorized access. Penetration testing is an essential step that needs to be performed regularly for securing the uninterrupted functioning of a system.

Penetration testing is one of the important skills expected from every IT security position like network administrators and security professionals. Star Penetration Testing Experts (SPTE) is a comprehensive certification program that will take the learners through everything they need to know about penetration testing and ethical hacking. It helps learners master the skillset they need to establish a successful career as a penetration tester.  SPTE explains different facets of pen testing, which are majorly used for preparing a defence mechanism of network systems. The program discusses latest techniques that are applied by security experts and ethical hackers during pen testing.

Audience

Intermediate – Advanced

Course Objectives

In this course, you will learn about:

  • Penetration testing
  • Information gathering from different sources
  • Analysis and documentation based on information gathered
  • Hacking systems/web apps to prepare for their defence
  • Securing the system from future attacks
  • Metasploit exploitation
  • Firewall and IDS for securing network systems
  • Post exploitation procedures
  • Security design principles

Course Outcome

After completing this course, you will be able to:

  • Gather sensitive information in websites
  • Identify the reasons of vulnerabilities
  • Hack web applications with vulnerabilities and patch them
  • Use penetration testing tools to exploit vulnerable systems
  • Demonstrate how to crack passwords given the hashes in password file
  • Perform exploitation with Metasploit
  • Configure firewall and IDS for secure network systems
  • Employ security design principles for securing network systems

Table Of Contents Outline

  1. Introduction to Penetration Testing (Pen Testing)
  2. Information Gathering
  3. Scanning the Systems to Know the Loop Holes
  4. Applying Enumeration Techniques on the Network Systems
  5. Performing the Threat and Vulnerabilities Assessment Using Metasploit
  6. Exploiting the Systems to Prepare for Defence
  7. Exploiting Web Apps
  8. Preventing Systems Using Strong Passwords Techniques
  9. Performing Pen Testing on Mobile Devices
  10. Advanced Exploitation Techniques
  11. Performing Analysis and Documentation

Exam Details


Exam Codes SPTE S09-010 (Academy customers use the same codes)
Launch Date Aug 01 2017
Exam Description After completing this course, attendees will be able to implement an incident management policies and techniques, and learn to deal with different security issues. They will be able to handle malicious code attacks and mitigates the threats by preparing the reports of the attacks and perform analysis on it to create a proper incident response and recovery system for future.
Number of Questions 90
Type of Questions MULTIPLE CHOICE
Length of Test 180 Minutes
Passing Score 70%
Recommended Experience EHE (Ethical Hacking Expert), System Administrator, Network Server Administrator, Firewall Administrator, Security Tester, risk assessment professional and web security administrator.
Languages English

Star Certification Account