COURSE OUTLINE

ETHICAL HACKING EC
UR
ITY TES
TI
N

G
S
Certified Security

AS
RT I F I E D

S O C I AT E
Testing Associate (CSTA)

CE
•

•
ET
HI G
C AL IN
H AC K

CORE-LEVEL COURSE Cost: £3,250.00 + VAT Duration: 5 days

This infrastructure ethical COURSE OVERVIEW KEY BENEFITS

hacking course is our most Our five-day ethical hacking training This course will provide you with the
course is a hands-on journey into the following:
popular core-level zzAn understanding of the risks and
hacking mind-set, examining and
technical course for people practically applying the tools and how to mitigate them
from a wide variety of techniques that an external threat may zzLearn a number of methodologies

use to launch “infrastructure” attacks for undertaking an infrastructure

network related and
on your organisation. penetration test
security roles across all zzAcquire effective techniques to identify

industry sectors looking to The various stages of that attack, or exploits and vulnerabilities
equally a penetration test, are explored zzImprove your ability to respond
develop their own
from initial information gathering, target effectively to cyber threats
capability to support their scanning and enumeration through to zzValuable preparation and hands-on

organisation’s in-house gaining access, exploitation, privilege practice in preparation for the CREST
cyber team. escalation and retaining access. Practical Registered Penetration Tester (CRT)
in-depth hands-on exercises using examination
various tools reinforce the theory as you
experiment with a Windows 2012 domain WHO SHOULD ATTEND
I found it all very (server and workstation) plus a Linux The course is ideally suited to anyone
interesting, the hardware server. looking to improve their career prospects
and software system was or transitioning into a cyber security role,
excellent; everything The course demonstrates cyber-attack including:
worked as planned. The techniques but this is always done with zzNetwork engineers

content was extremely defence in mind and countermeasures zzSystems administrators

are discussed throughout, enabling zzSystems architects or developers

relevant to our
delegates to identify the threats and zzIT security officers
organisation."
understand the strategies, techniques zzInformation security professionals
CSTA Delegate
and policies required to defend their zzBudding penetration testers
SuperWebs Ltd
critical information.
PREREQUISITES
THE SKILLS YOU WILL LEARN Basic understanding of TCP/IP
zzYou will learn a series of attack networking
methodologies and gain practical zzAre you familiar with the OSI model?

experience using a range of tools to zzCan you name a layer 2 and layer 3

undertake an infrastructure penetration protocol?

test across a multi-OS environment zzWhat function does ARP perform?

zzOnce you are able to identify and zzCan you describe at a high-level how a

exploit vulnerabilities in a safe manner, request reaches a web server through

you will be introduced to a range of Ethernet, IP and TCP?
defensive countermeasures, allowing zzHow does a system know whether or not

you to protect your network and a gateway is required?

respond to cyber threats zzWhat is a TCP port?

To find out if our cyber training is right for you, or to make a booking,
call our education team on 01763 285 285 or email
[email protected]
 COURSE OUTLINE

ETHICAL HACKING EC
UR
ITY TES
TI
N

G
S
Certified Security

AS
RT I F I E D

S O C I AT E
Testing Associate (CSTA)

CE
•

•
ET
HI G
C AL IN
H AC K

CORE-LEVEL COURSE Cost: £3,250.00 + VAT Duration: 5 days

Be comfortable with Windows SYLLABUS

and Linux command line. As a 1. Introduction c. Password Cracking – John The
guideline, you should be able to a. Motivations behind hacking Ripper, Cain, Rainbow tables
tick off the following (without b. The hacking scene d. Brute-Force Password Attacks
heavy recourse to Google): c. Methodology e. Attacks on Cached Domain
zzUnderstand how switches Credentials
change the way commands work 2. Networking Refresher f. Token Stealing – PsExec,
zzHow does adding > affect a a. Sniffing Traffic – Wireshark, Incognito, local admin to domain
command? Ettercap admin
zzUnderstand the difference g. Pass the Hash
between cd /folder/file and cd 3. Information Discovery
folder/file (i.e. what does / at the a. Information Gathering – wget, 8. Attacking Linux
front of the path do?) metadata, pdfinfo and extract a. Linux User Enumeration
zzUnderstand the difference b. DNS – dig, zone transfers, b. Linux Exploitation without
between ../file and ./file DNSenum and Fierce Metasploit
zzUnderstand how to pull up c. Online Password Cracking –
built-in help for a command 4. Target Scanning Medusa
a. Host Discovery – Nmap and d. User Defined Functions
WHAT QUALIFICATION Netdiscover e. ARP Poisoning Man in the Middle
WILL I RECEIVE? b. Port Scanning with Nmap – – clear-text protocols, secured
Those delegates successfully Connect, SYN and UDP scans, protocols
passing the exam at the end OS detection
of the course will be awarded c. Banner Grabbing – Amap, Netcat, 9. Privilege Escalation – Linux
PA's Certified Security Testing Nmap, Nmap scripts (NSE) a. Exploiting sudo through File
Associate (CSTA) qualification. Permissions
5. Vulnerability Assessment b. Exploiting SUID and Flawed
a. Nikto Scripts – logic errors
b. Nessus c. Further Shell Script Flaws –
command injection, path exploits
6. Attacking Windows d. Privilege Escalation via NFS
a. Windows Enumeration – (SNMP, e. Cracking Linux Passwords
IPC$)
b. Enum4linux 10. Pivoting the Connection
c. RID Cycling – Enum4linux, Cain a. Pivoting with Meterpreter
d. Metasploit b. Port Forwarding
PA Consulting e. Client-side Exploits – Internet
Global Innovation & Technology Centre Back Explorer, Metasploit Auxiliary 11. Retaining Access
Lane, Melbourn
modules a. Netcat as a Backdoor
Herts, SG8 6DP, United Kingdom
tel: +44(0) 1763 285285
b. Dark Comet RAT – Metasploit
email: [email protected] 7. Privilege Escalation – Windows Handlers, a full end-to-end attack
www: cybereducation.paconsulting.com a. Information Gathering with
Meterpreter – Stuxnet exploit, 12. Covering Tracks
Meterpreter scripts a. Alternative Data Streams
b. Privilege Escalation – Keylogging, b. Dark Comet
Service Configuration
To find out if our cyber training is right for you, or to make a booking, call our
education team on 01763 285 285 or email [email protected]