From the course: Complete Guide to Cybersecurity: A Practical Approach
Join today to access over 24,400 courses taught by industry experts.
Planning and scoping a penetration testing assessment
From the course: Complete Guide to Cybersecurity: A Practical Approach
Planning and scoping a penetration testing assessment
“
- [Instructor] All right, let's go over some of the details related to planning and scoping a pen testing assessment. And this also applies for a red team assessment as well, right? At the end of the day, you actually have to have an initial client meeting. And whenever I put here client meeting, that can be your boss. If you're a full-time employee at a company, it can be your chief information security officer or you know, a director of cybersecurity or whatever the title of that person actually has, right? But at the end of the day, what you have to do is understand what is the goal that they're trying to achieve with that pen test, right? There are a few questions that you always should ask. What are the key assets that you're concerned about? What are the things that you actually want to find vulnerabilities? What are the types of attacks and threats that you're most concerned on? And do you have any type of compliance requirements? And remember earlier in the course I mentioned…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Watch this course anytime, anywhere.
Get started with a free trial today.
Contents
-
-
Module 1: Cybersecurity fundamentals introduction56s
-
Learning objectives48s
-
Understanding the security concepts of information assurance9m 4s
-
Understanding the risk management process12m 50s
-
Understanding security controls2m 37s
-
Understanding governance processes6m 36s
-
Building your cybersecurity lab4m 59s
-
-
-
(Locked)
Learning objectives30s
-
(Locked)
Understanding physical access controls4m 42s
-
(Locked)
Exploring the principle of least privilege3m 6s
-
(Locked)
Understanding the concept of segregation of duties2m 13s
-
(Locked)
Introducing discretionary access control (DAC)5m 7s
-
(Locked)
Understanding mandatory access control (MAC)6m 9s
-
(Locked)
Understanding role-based access control (RBAC)1m 38s
-
(Locked)
-
-
(Locked)
Learning objectives40s
-
(Locked)
Software defined networking security4m 14s
-
(Locked)
Understanding the threats against SDN solutions2m 21s
-
(Locked)
Introducing network programmability8m 25s
-
(Locked)
Introducing SD-WAN and modern architectures3m 21s
-
(Locked)
Surveying the OWASP Top 103m 40s
-
(Locked)
-
-
(Locked)
Learning objectives45s
-
(Locked)
Introducing cryptography and cryptanalysis2m 52s
-
(Locked)
Understanding encryption protocols9m 54s
-
(Locked)
Describing hashing algorithms2m 50s
-
(Locked)
Introducing public key infrastructure (PKI)1m 37s
-
(Locked)
Introducing certificate authorities (CAs) and certificate enrollment8m 11s
-
(Locked)
Surveying SSL and TLS implementations5m 54s
-
(Locked)
Surveying IPsec implementations and modern VPN implementations5m 42s
-
(Locked)
-
-
(Locked)
Module 2: Incident response, digital forensics, and threat hunting introduction39s
-
(Locked)
Learning objectives54s
-
(Locked)
Exploring how to get started in incident response6m 6s
-
(Locked)
Understanding the incident response process5m 46s
-
(Locked)
Defining playbooks and run book automation (RBA)10m 29s
-
(Locked)
Understanding cyber threat intelligence (CTI)10m 23s
-
(Locked)
Understanding data normalization3m 1s
-
(Locked)
Deconstructing universal data formats and 5-tuple correlation1m 19s
-
(Locked)
Understanding security monitoring fundamentals6m 32s
-
(Locked)
Surveying security monitoring tools13m 33s
-
(Locked)
-
-
(Locked)
Learning objectives40s
-
(Locked)
Introducing digital forensics9m 10s
-
(Locked)
Introducing reverse engineering6m 30s
-
(Locked)
Understanding evidence preservation and chain of custody8m 9s
-
(Locked)
Collecting evidence from endpoints and servers6m 7s
-
(Locked)
Collecting evidence from mobile and IoT devices5m 2s
-
(Locked)
Exploring memory analysis with Volatility7m 56s
-
(Locked)
-
-
(Locked)
Module 3: Ethical hacking, penetration testing, and bug hunting introduction41s
-
(Locked)
Learning objectives47s
-
(Locked)
How to start a career in ethical hacking5m 7s
-
(Locked)
Understanding the difference between traditional pen testing, bug bounties, and red team assessments6m 45s
-
(Locked)
Exploring bug bounty programs9m 34s
-
(Locked)
Understanding the ethical hacking and bug hunting methodology11m 39s
-
(Locked)
Planning and scoping a penetration testing assessment5m 9s
-
(Locked)
-
-
(Locked)
Learning objectives1m 14s
-
(Locked)
Understanding information gathering and vulnerability identification2m 27s
-
(Locked)
Introducing open source intelligence (OSINT) techniques14m 39s
-
(Locked)
Performing DNS-based passive recon9m 2s
-
(Locked)
Identifying cloud vs. self-hosted assets7m 13s
-
(Locked)
Introducing Shodan, Maltego, AMass, Recon-NG, and other recon tools17m 34s
-
(Locked)
Surveying password dumps, file metadata, and public source-code repositories10m 53s
-
(Locked)
Introduction to Google hacking and search engine reconnaissance5m 26s
-
(Locked)
-
-
(Locked)
Learning objectives44s
-
(Locked)
Introduction to host and service enumeration6m 35s
-
(Locked)
Mastering Nmap24m 34s
-
(Locked)
Performing website and web application reconnaissance10m 22s
-
(Locked)
Discovering cloud assets7m 2s
-
(Locked)
Crafting packets with Scapy to perform reconnaissance5m 48s
-
(Locked)
-
-
(Locked)
Learning objectives53s
-
(Locked)
Performing on-path attacks5m 43s
-
(Locked)
Exploring the OWASP Top 10 risks in web applications6m 17s
-
(Locked)
Exploiting cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities16m 47s
-
(Locked)
Understanding server-side request forgery (SSRF) vulnerabilities10m 6s
-
(Locked)
Hacking databases23m 2s
-
(Locked)
Exploiting wireless vulnerabilities16m 54s
-
(Locked)
Exploiting buffer overflows and creating payloads24m 4s
-
(Locked)
-
-
(Locked)
Learning objectives1m 4s
-
(Locked)
Avoiding detection and evading security tools4m 26s
-
(Locked)
Introduction to lateral movement and exfiltration3m 32s
-
(Locked)
Exploring command and control (C2) techniques7m 54s
-
(Locked)
Understanding living-off-the-land and fileless malware4m 52s
-
(Locked)
Best practices when creating pen testing and bug bounty reports11m 24s
-
(Locked)
Understanding post-engagement cleanup4m 22s
-
(Locked)
-
-
(Locked)
Module 4: Cloud, DevOps, and IoT security introduction40s
-
(Locked)
Learning objectives34s
-
(Locked)
Introducing the different cloud deployment and service models4m 32s
-
(Locked)
Surveying patch management in the cloud13m 54s
-
(Locked)
Performing security assessments in cloud environments5m 58s
-
(Locked)
Exploring cloud logging and monitoring methodologies4m 10s
-
(Locked)
-
-
(Locked)
Module 5: AI security, ethics, and privacy: Balancing innovation with protection introduction33s
-
(Locked)
Learning objectives47s
-
(Locked)
Surveying the AI landscape and use cases6m 25s
-
(Locked)
Exploring LLMs, ChatGPT, Co-pilot and more7m 16s
-
(Locked)
Understanding the importance of AI security8m 53s
-
(Locked)
Exploring the OWASP Top 10 for LLMs11m 20s
-
(Locked)
-
-
(Locked)
Learning objectives52s
-
(Locked)
Exploring the secure AI development lifecycle8m 11s
-
(Locked)
Understanding privacy-preserving AI techniques5m 53s
-
(Locked)
Understanding robustness and resilience in AI models2m 2s
-
(Locked)
Surveying AI security best practices4m 23s
-
(Locked)
Exploring AI security tools and frameworks4m 51s
-
(Locked)
Understanding the legal landscape and potential new regulations4m 47s
-
(Locked)
Investigating ethical implications of artificial intelligence5m 6s
-
(Locked)