Penetration Testing: Setting the Scope and Rules of Engagement

Penetration testing is in high demand. This course will teach you what a penetration test consists of, as well as how to deliver a professional penetration testing engagement for paying customers.
Course info
Level
Intermediate
Updated
May 23, 2017
Duration
2h 24m
Table of contents
Description
Course info
Level
Intermediate
Updated
May 23, 2017
Duration
2h 24m
Description

Penetration testing is in high demand with the need to meet compliance standards and combat security breaches. In this course, Penetration Testing: Setting the Scope and Rules of Engagement, you'll learn fundamental knowledge and gain the ability to scope a penetration testing engagement with paying customers. First, you'll explore how penetration tests are structured. Next, you'll dive into learning the tools and methodologies used to execute professional penetration tests. Finally, you'll discover how to structure deliverables in the form of work breakdown structures and final reports for your customers. When you're finished with this course, you'll have the necessary knowledge to structure penetration testing engagements needed to organize and deliver a successful and professional penetration testing engagement.

About the author
About the author

Chad has been in the Cyber Security industry for over 15 years. He's taught Microsoft Engineering courses as a Certified trainer. He's managed teams of security engineers and analysts for an Internet banking provider. He's been an information security consultant working for companies including SAP, Microsoft and Oracle.

More from the author
Transcript
Transcript

Hi everyone, my name is Chad Russell , welcome to my course, Penetration Testing: Setting the Scope and Rules of Engagement.

I’m a Cloud Platform Security Consultant at Oracle Corporation and founder of webofsecurity.com.

This course introduces you to the penetration testing process and shows you how to structure and deliver a professional penetration test to paying customers. You will learn how to scope the business and technical components of an engagement and set expectations with your customers.

I’ll introduce you to pen testing tools and techniques specific to networks, hosts, applications and mobile devices testing.

Some of the major topics that I’ll cover with you include:

  1. Establishing Goals, Objectives, and Deliverables for Pen Testing Engagements
  2. Scoping Technical Aspects of the Engagement Concepts: Network scope. IP addresses, device types, vulnerability testing. Timing. Privilege escalation. Active vs. Passive testing (scanning, enumeration, exploitation and exfiltration)
  3. How to navigate cloud providers, managed security service providers and ISPs when pen testing customer networks
  4. You’ll learn how to structure an executive summary and technical report as part of your final deliverables when closing out a paid penetration testing engagement with a customer
By the end of this course, you will know how to structure, plan and execute a success penetration testing engagement for paying customers.

Join me on this journey to learn how to define and deliver penetration tests with thePenetration Testing: Setting the Scope and Rules of Engagement course, at Pluralsight.