You’ve done everything you can to logically secure your systems, along with layering in user education and providing physical security. However, the only way to know if your defenses will hold is to test them. This course looks at one of the most important skills of any IT security professional: penetration testing. Penetration testing is the process to check if a computer, system, network, or web application has any vulnerabilities. Cybersecurity expert Lisa Bock reviews the steps involved in performing a worthwhile penetration test, including auditing systems, listing and prioritizing vulnerabilities, and mapping out attack points a hacker might target. She also defines the various types of “pen” tests—such as black, grey, and white box; announced vs. unannounced; and automated vs. manual testing—and the techniques and blueprints a pen tester should use to test everything from Wi-Fi to VoIP. Finally, she discusses how to choose and work with an outsourced pen-testing organization, which can bring a valuable outsider’s perspective to your IT security efforts.
Topics include:
Auditing security mechanisms
Locating vulnerabilities
Exploring types of penetration testing
Pen testing techniques
Following a pen-testing blueprint
Testing physical, wireless, website, database, and email security
Outsourcing penetration testing
