קורסים מקצועיים למתקדמים

סייבר ואבטחת מידע

Penetration Testing

מספר הקורס 71587

למה ללמוד בג'ון ברייס?
  • למידה חדשנית ודינמית עם כלים מתקדמים בשילוב סימולציות, תרגול וסביבות מעבדה
  • מגוון הכשרות טכנולוגיות עם תכנים המותאמים להתפתחות הטכנולוגית ולביקוש בתעשיית ההייטק
  • מובילים את תחום ההכשרות לעולם ההייטק והטכנולוגיה כבר 30 שנה, עם קהילה של עשרות אלפי בוגרים
  • אתם בוחרים איך ללמוד: פרונטאלית בכיתה, מרחוק ב- Live Class או בלמידה עצמית

המועדים הקרובים

קורס לקבוצות

הקורס נפתח במתכונת של קבוצה בלבד, בהתאמה אישית לארגונים.
לפרטים נוספים: Muzman@johnbryce.co.il

ניתן לפתוח את הקורס בהתאמה אישית ומלאה לצרכי הארגון, במועדים ומערכי לימוד גמישים בשילוב תכנים ייעודים.

משך הקורס

שעות אקדמיות:

40

מספר מפגשים:

קורס בוקר:

5

מספר מפגשים:

קורס בוקר:

5

מתכונת הקורס

הקורסים המוזמנים לארגונים מותאמים באופן אישי ומלא לצרכי הארגון, מערכי הלימוד גמישים וניתן לשלב בהם תכנים רלוונטיים וייעודיים.

Overview

Network Penetration testers face a combination of intrusion detection systems, host-based protection, hardened systems, and analysts that pour over data collected by their security information management systems.

Penetration tests help find flaws in the system to take appropriate security measures to protect the data and maintain functionality. This training will provide the student with a steppingstone on running penetration testing in practice and taking on the complex task of effectively targeting and planning a penetration attack on a traditionally secured environment.

The course helps prepare for the certification exams CEH (EC|Council), PenTest+ (CompTIA), and GPEN (SANS).

On Completion, Delegates will be able to

Become familiar with Penetration Tools?

Test existing security weaknesses

Gather information

Bypass security and attack the network

Who Should Attend

Security Analysts

Risk Managers

Security Officers

System Managers

Architects

Penetration Testers

תכנית הלימודים

Full syllabus
PDF להורדה

Module 1: Planning and Collecting Information

Before the penetration testing team could analyze and conduct a series of tests and attacks, the team needs to gather data to construct a better action plan. In this module, the student will go through the basics of information gathering and reconnaissance.

  • Passive Information Gathering
    • The OSINT Framework
    • Monitoring Personal and Corporate Blogs
    • Google-Dorks
  • Active Information Gathering
    • NMAP Ports Scanning
    • DNS Enumeration
  • Identifying vulnerability and exploits
    • NSE Scripting
    • Banner-Grabbing Methods
    • Vulnerabilities Detection Methods
    • Shodan Search Engine
    • Finding Exploits
    • GitHub Tools
    • Automating the Scanning

Module 2: Gaining Access and Post-Exploitation

In this module, the students will learn to use their knowledge in the first two phases to gain access, either using an existing exploit or brute-forcing them into the network. After gaining control of the target, the students will learn to abuse existing services to elevate their permissions.

Module 3: Maintaining-Access and Covering Tracks

While gaining access to a system could be relatively easy, maintaining control on the target without being noticed by the System Administrators would be hard. In this module, the students will learn how to use existing components to maintain their network control. Also, the students will learn the basics of removing all semblance of detection.

  • Maintaining-Access
    • Backdooring
    • Advanced Netcat Usage
    • Abusing Crontab and Bashrc
  • Covering Tracks
    • Camouflaging the Backdoors
    • Detecting Log Collectors
    • Restoring the System to Order
  • Researching Security Solutions   
    • Creating Research Labs
Prerequisites

Basic knowledge of:

  • Linux
  • Network Security (Course 71583)
  • Network Forensics (Course 71586)
סימולטור - Cyberium Arena '

The courses at John Bryce Training allow you to gain experience with unique simulators and hands-on practice labs that include a variety of scenarios. Students are given the opportunity to put in practice what they have learned in order to retain all the relevant skills and information they were given throughout the course, this way upgrading their knowledge and expertise.

The simulator that is used in the hands on practice labs is The Cyberium system. This is an advanced cyber scenario simulator which has been developed by cyber experts who have been constantly involved in cyber training and in giving knowledge gaps solutions in the field of cyber. The simulator includes two main types of scenarios – educational and realistic.

Each educational scenario is focused on a different aspect of the course and simulates a specific aspect of the training topics. Each issue or topic taught in the course has a point exercise that allows the student to focus on it and deeply learn it.

The realistic scenarios simulate possible or past incidents related to Information Security. This includes everything from topics such as the Regulation of Cyber Systems to Attacks by Terrorist Hacker Organizations. These scenarios are broader than the educational exercises and require more of a systemic, strategic and comprehensive vision.

After each scenario, the system automatically generates detailed reports that serve as immediate feedback that allows the student and lecturer to measure the abilities, strengths, and weaknesses of the participant.

 

Schedule Appointment

Fill out the form below, and we will be in touch shortly.

לא הצלחנו לאתר את הטופס.

בודק...