Penetration Testing Engineer

The National Institute of Standards and Technology (NIST), an agency of the U.S. Department of Commerce, provides several insightful definitions of ‘penetration testing’. Hence, we define penetration testing according to the Technical Guide to Information Security Testing and Assessment (NIST SP 800-115). It describes penetration testing as an ‘authorised test where ethical hackers mimic real-life attacks to bypass and infiltrate the security features of an application, system, network and other would-be entry points’.

This free online course highlights the benefits of penetration testing, including how it can help improve business continuity, justify security investments and satisfy the prerequisites for cybersecurity insurance. Study the three types of penetration testing, the exploit and vulnerability lifecycle, zero-day hacks and pen testing methodologies, including the Information Systems Security Assessment Framework (ISSAF). Moreover, we will explore the tools for hacking information, how to detect live systems and some foolproof ‘social engineering’ techniques.

Finally, you will learn about banner grabbing and enumeration techniques and the process and benefits of the vulnerability assessment (VA). We will present real-world demonstrations of ethical and unethical methods for hacking an operating system. You will learn about exploit development, sniffing and evasion techniques and assessing and hacking web technologies. Depending on the objectives of an organisation, you will see how to present the outcome of a pen test to the appropriate authorities to help them make strategic cybersecurity improvements and prioritise related remediation efforts. By taking the online course, you will learn how to intelligently manage risk, protect the corporate image and prevent clients and partners from potential financial damage. Start learning now.