The Most Respected Qualification and Validation for Penetration Testing Professionals
This Mandatory QPTL course validates your excellence in security penetration training and education. Your Q/PTL license holds you in high respect among your peers. The Qualified/ Penetration Tester License standardizes methodology and best practices for penetration testing professionals. The learning objective of a Q/TPL Qualified/ Penetration Tester License is to ensure that each professional licensed by SU follows a mandatory code of ethics, best practices and compliance in the sphere of penetration testing and ensures each professional can validate their Q/PTL skills from an authorized source. The Qualified Penetration Tester License class trains security professionals to analyze the network and software vulnerabilities of a network exhaustively to improve security. SU’s license vouches for their professionalism and expertise. SU courses and certificate programs of mastery are designed to provide you with an immersive learning experience -- from hands-on workshops, certifications, with deep dives on a particular cyber security topic or technology. Every class is structured to give you expertise in critical areas that you can immediately put to use.
Detailed Resume with professional experience, transcript or certifications with references. Agree to SU Code of Ethics. Attend Q/PTL Workshop. A practical provides adequate evidence to support the claim of knowing something.
Class Fee: |
$4,500 |
Time: |
72 hrs |
Learning Level: |
Intermediate |
Contact Hours: |
72 hrs |
Prerequisites: |
Understanding of TCP/IP Protocols |
Credits: |
30 CPE |
Method of Delivery: |
Residential (100% face-to-face) or Hybrid |
Instructor: |
TBD |
Method of Evaluation: |
95 % attendance 2. 100 % completion of Lab |
Grading: |
Pass = Attendance+ labs & quizzes Fail > 95% Attendance |
Sample Job Titles:
Blue Team Technician
Certified TEMPEST Professional
Certified TEMPEST Technical Authority
Close Access Technician
Computer Network Defense (CND) Auditor
Compliance Manager
Ethical Hacker
Governance Manager
Information Security Engineer
Internal Enterprise Auditor
Network Security Engineer
Penetration Tester
Red Team Technician
Reverse Engineer
Risk/Vulnerability Analyst
Technical Surveillance Countermeasures Technician
Vulnerability Manager
This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.
Text Materials: labs, SU Pen Testing Materials, resource CD’s and attack handouts.Machines a Dual Core 4M Ram, 350 Gig drives, running MS OS, linux, and VMWare Workstation
Tools for class -Whois, Google Hacking, Nslookup , Sam Spade, Traceroute , NMap , HTTrack , Superscan , Nessus,saint PSTool, Nbtstat, Solarwinds ,Netcat , John the ripper , Nikto/Wikto ,Web Scarab , HTTP Tunnel (hts.exe) , LCP ,Cain and Abel, Ettercap system hacking ,John the Ripper Wireshark sniffers, TCP dump, D sniff , tcpdump, Metasploit, ISS exploit, web app,Core Impact , Snort , Infostego, Etherape ,Firefox with plugins (Hackbar, XSSme...) ,, ebgoat, X Wget, Cyrpto tool, 'Curl'
KU Outcomes:
- Students will be able to describe potential system attacks and the actors that might perform them.
- Students will be able to describe cyber defense tools, methods and components.
- Students will be able to apply cyber defense methods to prepare a system to repel attacks.
- Students will be able to describe appropriate measures to be taken should a system compromise occur.
LPT Training 9 Lecture 21 hrs labs
Learning Objectives
PTL is a professional qualification that is used to measure penetration testing skills.
Perform fuzz testing to enhance your company's SDL process
Exploit network devices and assess network application protocols
Escape from restricted environments on Linux and Windows
Test cryptographic implementations
Model the techniques used by attackers to perform 0-day vulnerability discovery and exploit development
Develop more accurate quantitative and qualitative risk assessments through validation
Demonstrate the needs and effects of leveraging modern exploit mitigation controls
Reverse engineer vulnerable code to write custom exploits
CLICK TO ROLL DOWN OUR CLASS SYLLABUS
Lesson Plan Lesson I
Introduction to Ethical Hacking, Ethics and Legality
1.1. Ethical Hacking terminology
1.2. Importance of Information Security in Today’s World
1.3. Identifying different types of hacking technologies
1.4. Elements of Security, confidentiality, authenticity, integrity, availability
1.5. Evolution of Technology
1.6. Essential terminologies
1.7. Five Stages of Assessment & Hacking
1.7.1. Passive and active reconnaissance
1.7.2. Scanning
1.7.3. Gaining assess
1.7.4. Maintaining access
1.7.5. Covering tracks
1.8. Types of Hacker Classes
1.8.1. Ethical Hacker and Crackers
1.8.2. What do Ethical hackers do?
1.8.3. Goals hackers try to achieve
1.8.4. Security, functionality, and ease of use triangle
1.8.5. Operating System Level Attacks
1.8.6. Application Level Attacks
1.9. Skills required to become an ethical hacker
1.10. Vulnerability Research
1.11. Ways to conduct ethical hacking
1.11.1. Creating a Security Evaluation Plan
1.11.2. Types of ethical hacks
1.11.3. Testing types
1.11.4. Ethical Hacking Report
1.12. Legal implications of hacking
1.13. Computer Crimes and Implications
1.14. Understanding 18.U.S.C.-1029 and 1030 U.S. Federal Law
1.15. International Cyber Laws
2.
Footprinting and Social Engineering
2.1. Footprinting
2.1.1. Define footprinting
2.1.2. Describe the information gathering methodology
2.1.3. Describe competitive intelligence
2.1.4. Foot printing tools
2.1.5. Understand Whois and A RIN Lookups
2.1.6. Identify different types on DNS records
2.1.7. Understand how traceroute is used in footprinting
2.1.8. Understand how E-mail tracking works
2.1.9. Understand how web spiders work
2.2. Social Engineering
2.2.1. What is Social Engineering?
2.2.2. Common types of attacks
2.2.3. Understand Insider attacks
2.2.4. Understand Identity theft
2.2.5. Describe Phishing attacks
2.2.6. Understand online scams
2.2.7. Understand URL obfuscation
2.2.8. Social engineering countermeasures
Lesson Plan Lesson 2
3.
Scanning and Enumeration
3.1. Scanning
3.1.1. Define port scanning, network scanning, and vulnerability scanning
3.1.2. Understand the CEH methodology
3.1.3. Understand Ping Sweep techniques
3.1.4. Understand Nmap command switches
3.1.5. Understand SYN, Stealth, XMAS, NULL, IDLE, and FIN scans
3.1.6. List TCP communication flag types
3.1.7. Understand war dialing techniques
3.1.8. Understand banner grabbing and OS fingerprinting techniques
3.1.9. Understand how proxy servers are used in launching an attack
3.1.10. How do Anonymizers work
3.1.11. Understand HTTP tunneling techniques
3.1.12. Understand IP spoofing techniques
3.2. Enumeration
3.2.1. What is enumeration
3.2.2. What is meant by null sessions
3.2.3. Null Session Countermeasures
3.2.4. What is SNMP enumeration
3.2.5. SNTP enumeration countermeasures
3.2.6. Windows 2000 DNS Zone transfer
3.2.7. UNIX enumeration
3.2.8. What are the steps involved in performing enumeration
Lesson Plan Lesson 3
4.
System Hacking
4.1. Understand password cracking techniques
4.2. Password cracking countermeasures
4.3. Understand different types of passwords
4.3.1. Passive online attacks
4.3.2. Active online attacks
4.3.3. Offline attacks
4.3.4. Non-electronic attacks
4.4. Understanding Keyloggers and other spyware technologies
4.5. Understand escalating privileges
4.5.1. Executing applications
4.5.2. Buffer overflows
4.6. Understanding rootkits
4.6.1. Planting rootkits on Windows 2000 and XP machines
4.6.2. Rootkit embedded TCP/IP stack
4.6.3. Rootkit countermeasures
4.7. Understanding how to hide files
4.7.1. NTFS File Streaming
4.7.2. NTFS Stream countermeasures
4.8. Understanding steganography Technologies
4.9. Understanding How to cover your tracks and erase evidence – Covert hacking
4.9.1. Disabling Auditing
4.9.2. Clearing the event log
5.
Trojans, Backdoors, Viruses, and Worms
5.1. Trojans and Backdoors
5.1.1. What is a trojan
5.1.2. What is meant by overt and covert channels
5.1.3. List the different types of Trojans
5.1.4. How do reverse-connecting Trojans work
5.1.5. Understand how the netcat Trojan works
5.1.6. What are the indications of a trojan attack
5.1.7. What is meant by “Wrapping”?
5.1.8. Trojan construction kit and trojan makers
5.1.9. What are countermeasure techniques in preventing Trojans
5.1.10. Understand trojan-evading techniques
5.1.11. System file verification sub-objective to trojan countermeasures
5.2. Viruses and worms
5.2.1. Understand the difference between a virus and a worm
5.2.2. Understand the types of viruses
5.2.3. Understand antivirus evasion techniques
5.2.4. Understand virus detection methods
6.
Sniffers
6.1. Understand the protocols susceptible to sniffing
6.2. Understand active and passive sniffing
6.3. Understand ARP poisoning
6.4. Understand ethereal capture and display filters
6.5. Understand MAC flooding
6.6. Understand DNS spoofing techniques
6.7. Describe sniffing countermeasures
7.
Denial of Service and Session Hijacking
7.1. Denial of Service
7.1.1. Understand the types of DoS attacks
7.1.2. Understand how DDoS attacks work
7.1.3. Understand how BOTs/BOTNETs work
7.1.4. What is a “Smurf” attack
7.1.5. What is “SYN” flooding
7.1.6. Describe the DoS/DDos countermeasures
7.2. Session Hijacking
7.2.1. Understand spoofing vs. hijacking
7.2.2. List types of session hijacking
7.2.3. Understand sequence prediction
7.2.4. What are the steps in performing session hijacking
7.2.5. Describe how to prevent session hijacking
Lesson Plan Lesson 4
8.
Hacking Web Servers, Web Application Vulnerabilities, and Web-based Password Cracking Techniques-
8.1. Hacking Web Servers
8.1.1. List the types of web server vulnerabilities
8.1.2. Understand the attacks against web servers
8.1.3. Understand IIS Unicode exploits
8.1.4. Understand patch management techniques
8.1.5. Describe web server hardening methods
8.2. Web application vulnerabilities
8.2.1. Understanding how web applications work
8.2.2. Objectives of web application hacking
8.2.3. anatomy of an attack
8.2.4. Web application threats
8.2.5. Understand Google hacking
8.2.6. Understand web application countermeasures
8.3. Web-Based password cracking techniques
8.3.1. List the authentication types
8.3.2. What is a Password Cracker?
8.3.3. How does a Password Cracker work?
8.3.4. Understand password attacks: classification
8.3.5. Understand password-cracking countermeasures
9.
SQL Injection and Buffer Overflows
9.1. SQL Injection
9.1.1. What is SQL injection
9.1.2. Understand the steps to conduct SQL injection
9.1.3. Understand SQL server vulnerabilities
9.1.4. Describe SQL Injection countermeasures
9.2. Buffer Overflows
9.2.1. Identify different types of buffer overflows and methods of detection
9.2.2. Overview of stack-based buffer overflows
9.2.3. Overview of buffer overflow mutation techniques
10.
Wireless Hacking
10.1. Overview of WEP, WPA Authentication mechanisms and cracking techniques
10.2. Overview of wireless sniffers and locating SSIDs, MAC spoofing
10.3. Understand rogue access points
10.4. Understand wireless hacking techniques
10.5. Describe the methods used to secure wireless networks
11.
Physical Security
11.1. Technical Security
11.2. Operational Security & Infosec
11.3. Physical security breach incidents
11.4. Understanding physical security
11.5. What is the need for physical security
11.6. Security Roles and Responsibilities
11.6.1. Administrative and Personnel Security
11.6.2. Security Planning & Implementation
11.7. Securing transmission media
11.7.1. Tempest Security
11.8. Securing Storage media
11.9. Securing Equipment
11.10. Securing Facilities
11.11. Factors affecting physical security
Lesson Plan Lesson 5
12.
Linux Hacking
12.1. Linux basics
12.2. Understand how to compile a Linux kernel
12.3. Understand GCC compilation commands
12.4. Understand how to install Linux kernel modules
12.5. Understand Linux hardening methods
13.
Evading IDS’s, Honeypots, and Firewalls
13.1. Types of intrusion detection systems and evasion techniques
13.2. Firewall types and Honeypot evasion techniques
14.
15. Cryptography
15.1. Overview of cryptography and encryption techniques
15.2. Describe how public and private keys are generated
15.3. Overview of the MD5, SHA, RC4, RC5, and Blowfish algorithms
16.
Penetration Testing Methodologies
16.1. Defining security assessments
16.2. Overview of penetration testing methodologies
16.3. List the penetration testing steps
16.4. Overview of the Pen-Test legal framework
16.5. Overview of the Pen-Test deliverables
17.
Risk & Vulnerability Surveys and Assessments
Information Gathering
Vulnerability Analysis
External Penetration Testing
Internal Network Penetration Testing
Router Penetration Testing
Firewall Penetration Testing
IDS Penetration Testing
Wireless Network Penetration Testing
Denial of Service Penetration Testing
Password Cracking Penetration Testing
Social Engineering Penetration Testing
Application Penetration Testing
Physical Security Penetration Testing
Database Penetration testing
VPN Penetration Testing
Penetration Testing Report Analysis, Penetration Testing Report and Documentation Writing, Penetration Testing Deliverables and Conclusion -
50 Question Online SUT Exam 1PM 3 Hr Penetration Test 2-5pn 1 hr gather data 6pm
Grades - All students must ordinarily take all quizzes, labs, final exam and submit the practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President.
Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while you’re mitigating the threat step by step
Books - No books are required for this course. However, you may want to supplement your preparation by using tube videos.