certcube Associate pentester v2.0
Certcube Associate pentester is a real-world training program for beginners Who wants to join the Cybersecurity domain. Cybersecurity is a multi-layered domain, For beginners, it’s very much difficult to choose the right area of cybersecurity as per their interest. To solve this issue we have focused on every single state of this domain which is required to start learning about a field.
Many of the high-profile businesses need Infosec professionals to scale up the business and defending information technology. Some of the top fortune 500 Companies like Apple, Google, and others are hiring certified ethical hackers to pentest their security measures to help them find loopholes and to make their products more trustworthy. They often offer many funds to anyone who can find a weakness.
The candidate will start learning with the layer blended approach like the Starting from the basics of networking, Cybersecurity standards, and global frameworks to understand the working flaw of the cybersecurity team. Also, we have focused on different areas Like Internal Network & External Network Security, Web application critical threats, Mobile Application Security, Cloud Risk & AUDIT and SOC to detect the anomalies the infrastructure.
We will start by building up your basics and take your skills to an intermediate level with this real-world focused approach. Many Case Studies and use- cases will be coverup as per the specific domain in the curriculum.
REAL LIFE CASE STUDIES
INDUSTRY DRIVEN CERTIFICATION
STUDENT LEARNING KIT
- What is Information Security?
- Role of Information Security in Today’s Era
- The ‘AIC’ Triad
- The ‘AAA’
- The DIKW model
- What is Hacking?
- Types of cybersecurity teams
- Assessment Phases
- Gaining Access
- Maintaining Access
- Clearing Tracks
- RoE and Scope of the project Concepts
- Scope and Limitations of Pentester
- Skills measurement of certified professionals
- Vulnerability Assessment
- What is VA?
- Types of VA
- Vulnerability Scoring Systems
- Common Vulnerability Scoring System (CVSS)
- Common Vulnerabilities and Exposures (CVE)
- National Vulnerability Database (NVD)
- VA Reports & Analysis of Reports
- Penetration Testing
- Why Penetration Testing
- Types of Penetration Testing
- Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
- Concept of Red Teaming/Blue Teaming
- Identity and Access Management (IAM)
- Data Leakage
- Data Backup
- Data Recovery
- Role of AI/ML in Cyber Security
- Information Security Policies
- Information Security Laws & Standards
- Subnetting and NAT networks
- TCP/IP based stack models
- Hands-on lab – Windows OS basics and CLI usage
- Hands-on lab – Pentesting box customization and command kung-fu
- Social Engineering
- Techniques in Social Engineering
- Shoulder Surfing
- Dumpster Diving
- Reverse Social Engineering
- Hands-on lab – Social Engineering Toolkit and Gophish customizations
- Hands-on lab – Phishing User Credentials using Kingphisher Framework
- Hans on lab – Spear phishing assessment scenarios
- Techniques in Social Engineering
- What is Reconnaissance?
- Concept of Footprinting
- Footprinting Goal
- Ways to Footprint
- Google Dorks
- Google Hacking Database
- Gathering Information via People Services
- Gathering Information via Job Sites
- Gathering Information via Financial Services, e.g. Google Finances
- Gathering Information via Alerts, e.g., Google Alerts
- Gathering Information via blogs & other public websites
- Gathering Information via Social Media Platforms
- Website Footprinting
- Email Footprinting
- Competitive Intelligence
- WHOIS Footprinting
- DNS Footprinting
- Network Footprinting
- Hands-on Lab – OSINT Framework
- Hands-on Lab – Recon-ng
- What is Reconnaissance?
- Enumerating various enterprise TCP and UDP services
- Network packet sniffing & customization with Scapy
- Different Scanning Techniques in NMAP
- Advance NMAP
- Port Scanning Countermeasures
- Hands on lab – Enumeration and Scanning of various services
- Hands on lab – VA Tools
- Qualys Vulnerability Management
- Nessus Professional
- Retina CS
- Microsoft Baseline Security Analyzer (MBSA)
- AVDS – Automated Vulnerability Detection System
- Exploitation & Post-Exploitation Concepts
- Metasploit Exploit Framework
- Shellcode generation
- Hands on labs – Assessments of various Lab machines
- Attacking 802.11 based Networks
- Attacking Open Wireless Network
- De-authenticating users
- Module SSID – Security through Obscurity
- Defeating MAC Filtering
- Hands on lab – Wi-Fi phishing
- Concept of IVs
- Hands-on lab – WPA/WPA2 Cracking
- Understanding PSK, TKIP, EAP, PEAP
- Hands-on lab – EvilTwin Attack
- Global Standards/Frameworks
- Hands-on Lab – Command & code injection
- Hands-on Lab – LFI and RFI attacks
- Hands-on Lab – SQL Injection attacks
- Hands-on lab – Web Application Scanners
- Open source Tools and Testing Methodologies
- OWASP OWTF
- OWASP ZAP
- Introduction to android
- Android Architecture
- Command Loopholes in Apps
- Challenges of Android Security
- Threat vs Opportunity
- Mobile Top 10 Attacks
- Hands-on lab – Exercises with custom android pentesting OS
- How to Defend Against Android Hacking
- Guidelines for Secure Android App development
- Introduction to Cloud Computing
- Cloud Deployment Models
- NIST Cloud Deployment Reference Architecture
- Cloud Computing Benefits
- Separation of Responsibilities in Cloud
- Hands-on lab – Cloud Security Tools
- Cloud Penetration Testing
- What is Cloud Pen Testing?
- Key Considerations for Pen Testing in the Cloud
- Recommendations for Cloud Testing
- Introduction to SOC
- SIEM basics
- Logs and correlation
- Splunk Fundamentals
- Hands on lab – Splunk Deployment
- Network Monitoring
- enterprise event management
- Final Overall labs Assessment workshop
- Day 1
- Day 2
who should attend this training?
- Network Associates
- System Administrators
- Network Administrators
- System Architects
- Data Center Admins
- System Auditors
what is duration of this training
The duration of windows security and administration is 50 hours.
How many days classes with be organized in a week ?
The instructor-led sessions are based on 3 days a week with 2 hours of duration.
Weekend Sessions are also available for working professionals.
Can i take a demo before the training ??
yes, you can take a free demo and complimentary assistance for your career with our specialist trainers.
Any prerequisite for Windows security and active automation training ?
The person should familiar with basic windows administration and implmenetation
How to register for this training ?
Please drop your inquiry at [email protected] or call +919999508202 for more assistance .
Can i take training in fast-track mode ?
Yes, we have 7 days of sessions for fast track mode learners.
For more info about Certcube
connect with us
Whats Next ?
IF you want to upgrade your skills after certified ethical hacker then please Checkout the advanced training modules .
together Let’s Create the future
Top 10 certified ethical hacker training institute in Delhi for online & Classroom training .