Thursday, March 15, 2012

[discussion_vu] Network Vulnerability Assessment and Penetration Testing Workshop

NETWORK VULNERABILITY

ASSESSMENT & PENETRATION TESTING

March 26-28, 2012

 

COURSE DESCRIPTION

 

The training will take students into the realm of real-world hacking. Discover how

hackers really work and execute - from this perspective, students will be able to

understand hackers' styles and techniques - enabling them to strategize how to

defend their corporate networks.

 

Fully understand the importance and business value of Penetration Testing, determine

assets that requires security assessment, conduct Vulnerability Assessments, develop

and execute Penetration Testing workplans, utilize security tools, manage security

changes in a corporate setting and generate and analyze technical and managerial

reports.

 

WORKSHOP OUTLINE

Module 1: Network Security Testing Overview 

  • Network Security Testing Methodologies
    • The Open Source Security Testing Methodology (OSSTMM)
    • The Information Systems Security Assessment Framework (ISSAF)
    • The NIST Guideline on Network Security Testing (SP 800-115)
  • Information Security Testing TechniquesPhases in Network Security Testing
    • Passive and Active
    • DEMO: Passive and Active Gathering/Scanning
    • White-Box and Black-Box Approach
    • Blue Team and Red Team
  • Legal Perspective

Module 2: Footprinting and Information Gathering

  • How information about a target may be gathered discreetly
  • Acquiring target information (Passive Reconnaissance)
  • Scanning and enumerating resources (Active Reconnaissance)
    • Network Mapping
    • Operating System and Services banner grabbing
    • Operating System and Services Fingerprinting

 

Module 3: Vulnerability Assessments (VA) Concept

  • Definition of Risk, Vulnerability and Threat
  • Risk Assessment
  • Vulnerability Assessment Methodology
  • Common Vulnerabilities and Exposure (CVE) list
  • Vulnerability Assessment tools
  • LAB: Vulnerability Scanner

Module 4: Windows Enumeration and Hacking

  • Microsoft NetBIOS Names
  • NetBIOS Name Service Enumeration
  • LAB: NetBIOS Enumeration 
  • Microsoft RPC Services
  • LAB: RPC Enumeration
  • Microsoft SMB
  • Enumerating Shares
  • Enumerating Users, Group, SID (Security Principals)
  • Automated SMB Enumeration Tools
  • LAB: SMB Enumeration (via Null Session)
  • SNMP Protocol
  • LAB: SNMP Enumeration
  • Windows DNS Enumeration
  • Directory Service Enumeration
  • LAB: Automated Windows Enumeration Tools


Module 5: Firewall & IDS Evasion

Module 6: Exploits

 *This is only a partial course outline, for complete details, please contact the undersigned. 

Training Investment Fee:

P20, 000 +VAT


Training Package:s

Training Materials
Certificate of Completion
Meals (Lunch and AM/PM Snacks)

 

Duration        : 3 Days

Time               : 9:00 am to 5:00 pm

Venue            : TBA

 

 

REGISTER NOW

 

Limited Seats Only!!

________________________________________

For reservation / inquiry please call us

Tel. 654.9537

­­­­­­­­­­­_____________________________________________

Look for Judy

Or text / call 0926.1069134

judy@bitshieldsecurity.com

 

We customized trainings based on our clients' needs!!

 

 

 

Payment Details:


Bank Deposit:   Banco de Oro - Reposo Branch
                         Account Name: Security Consulting, Inc.
                         Account No. 417800-9134

please email the softcopy of the registration form at judy@bitshieldsecurity.com

 

 

If you have other concerns, please do not hesitate to contact us and we will be glad to assist you.

 

Thank you very much and we are looking forward to have you as one of our attendees in the future.

 

 

Truly yours,
Judy Ann Raon | Account Executive |Information Security Training
BITSHIELD SECURITY CONSULTING, INC.
Tel:    (+632) 654-9537
Mobile: +63926-1069134
Email:  judy@bitshieldsecurity.com
URL:     www.bitshieldsecurity.com
       

"Protecting your information assets is our business"

 

We practice ethical email distribution. Please accept our sincere apologies if you have received this e-mail in an unsolicited manner. If you don't want to receive from us, kindly reply with the subject "Unsubscribe" to judy@bitshieldsecurity.com

 

 

 




--
You received this message because you are subscribed to the Google Groups "Virtual University of Pakistan" group.
To post to this group, send email to discussion_vu@googlegroups.com.
To unsubscribe from this group, send email to discussion_vu+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/discussion_vu?hl=en.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

PAID CONTENT