OBJECTIFS DE LA FORMATION
- Apporter une méthodologie de pentest étape par étape
- Apprendre à mener de vrais pentests professionnels
Public visé
Administrateurs réseau / sytème
Administrateurs pare-feu
Analystes sécurité
Professionnels d'évaluation des
risques
Pré-requis
Les stagiaires doivent posséder une
expérience des systèmes d’exploitation
Windows et/ou UNIX/LINUX, ainsi que
des connaissances en réseau et TCP/IP
• La certification CEH est un pré-requis
vivement recommandé
CONTENU DE LA FORMATION
Plan de cours
- 1. Introduction to Penetration Testing and Méthodologies
- 2. Penetration Testing Scoping and Engagement Methodology
- 3. Open Source Intelligence (OSINT) Methodology
- 4. Social Engineering Penetration Testing Methodology
- 5. Network Penetration Testing Methodology- External
- 6. Network Penetration Testing Methodology- Internal
- 7. Network Penetration Testing Methodology- Perimeter Devices
- 8. Web Application Penetration Testing Methodology
- 9. Database Penetration Testing Methodology
- 10 .Wireless Penetration Testing Methodology
- 11. Cloud Penetration Testing Methodology
- 12. Report Writing and Post Testing Actions
Modules en auto-apprentissage
- 1. Penetration Testing Essential Concepts
- 2. Password Cracking Penetration Testing
- 3. Denial-of-Service Penetration Testing
- 4. Stolen Laptop, PDAs and Cell Phones Penetration Testing
- 5. Source Code Penetration Testing
- 6. Physical Security Penetration Testing
- 7. Surveillance Camera Penetration Testing
- 8. VoIP Penetration Testing
- 9. VPN Penetration Testing
- 10. Virtual Machine Penetration Testing
- 11. War Dialing
- 12. Virus and Trojan Detection
- 13. Log Management Penetration Testing
- 14. File Integrity Checking
- 15. Telecommunication and Broadband Communication Penetration Testing
- 16. Email Security Penetration Testing
- 17. Security Patches Penetration Testing
- 18. Data Leakage Penetration Testing
- 19. SAP Penetration Testing
- 20. Standards and Compliance
- 21. Information System Security Principles
- 22. Information System Incident Handling and Response
- 23. Information System Auditing and Certification