This course introduces penetration testing as a means for organizations to build a stronger information security profile. This course presents the penetration testing process, as well as a view into the tools that are used in the industry and how they can be applied.
In the course project, Penetration Testing Plan: Creating Rules of Engagement and Scope for Penetration Testing, students create the rules of engagement and scoping documentation for a case study company. Students will complete a series of assignments that provide hands-on experience in working through the penetration testing planning process and in documenting such plans for an organization.
Course Learning Objectives
- Evaluate legal and ethical issues surrounding penetration testing.
- Classify the phases of penetration testing.
- Analyze how reconnaissance can be used in a penetration test.
- Plan for scanning tools and techniques to form the basis of the later penetration testing phases.
- Explain the place of system exploitation in penetration testing, differentiating web exploitation from system exploitation.
- Design methods to maintain access to a compromised system, and when this technique might be used.
- Create a rules of engagement and scoping document for conducting a penetration test at an organization.
The CISSP All-in-One Exam Guide is a required resource that you will use throughout this set of specialization courses for Cyber Security. It is listed as a required text in all Cyber Security courses. You only need to purchase it once, unless later editions of the guide are released as you pursue the specialization.