Certified Penetration Testing Consultant

 

 

The vendor-neutral Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in taking an in-depth look into specific Penetration tests and techniques against operating systems. This course will teach you the necessary skills to work as a penetration testing team, the exploitation process, how to create a buffer overflow against programs running on Windows and Linux while subverting features such as DEP and ASLR. This course will guide you through the OWASP Top 10, teach you how to create shellcode to gain remote code execution, as well as, teach you to build and understand different proof of concept code based on exploits pulled from exploit-db and testing using a debugger. The course starts by explaining how to build the right penetration testing team, covers scanning with NMAP, leading into the exploitation process, a little fuzzing with spike to help guide our proof of concept code, writing buffer overflows, understanding OWASP, Linux stack smashing, Windows exploit protection and getting around those protection methods, a section on report writing, and capping off the course with a scenario that will test your skills as a penetration testing team.

Become a Certified Penetration Testing Consultant 

 

Buy Exam Buy Ultimate Self Study Register For Class

Exam Information

The Certified Penetration Testing Consultant exam consists of two parts. Part 1 is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions. Part 2 is a multi-hour practical exam in which students are expected to penetrate between 3 - 5 targets (2 buffer overflows (ASLR and DEP enabled for one), 1 Linux local exploit + priv esc and 1 web exploit) and then create and provide a detailed penetration testing report to mile2.

 

Accreditations & Acknowledgements

Mile2 is: 

• ACCREDITED by the NSA CNSS 4011-4016
• MAPPED to NIST / Homeland Security NICCS's Cyber Security Workforce Framework
• APPROVED on the the FBI Cyber Security Certification Requirement list (Tier 1-3)

Key Data Course Title: C)PTC V2 Duration: 5 Days Language: English  Class Format: Instructor-led classroom Live Online Training Prerequisites: C)PTE or equivalent knowledge A minimum of 24 months of experience in Networking Technologies Sound knowledge of TCP/IP Computer hardware knowledge Student Materials: Student Workbook Student Lab guide Exam Prep Guide Certification Exams: Mile2 C)PTC CPEs: 40

Course Outline Module 1 - Pen Testing Team Formation Module 2 – NMAP Automation Module 3 - Exploitation Process Module 4 - Fuzzing with Spike Module 5 - Simple Buffer Overflow Module 6 - Stack Based Windows Buffer Overflow Module 7 - Web Application Security and Exploitation Module 8 - Linux Stack Smashing & Scanning Module 9 - Linux Address Space Layout Randomization Module 10 - Windows Exploit Protection Module 11 - Getting AroundSEH ASLR Module 12 - Penetration Testing Report Writing  Who Should Attend? IS Security Officers Cyber Security Managers / Admins Penetration Testers Ethical Hackers Auditors Lab Outline Lab 1 – Skills Assessment Lab 2 – Automation Breakdown Lab 3 – Fuzzing with Spike Lab 4 – Let's Crash and Callback Lab 5 – MiniShare for the Win Lab 6 – Stack Overflow. Did we get root? Lab 7 – Defeat Me and Lookout ASLR Lab 8 – Time to overwrite SEH and ASLR

 

    Download Course Outline