Cursos
ENISA Profiles » Penetration Tester
Value: 1700 €
Timetable:
Monday, Wendsday and Thrusday from 18:00 H to 22:00 H
Format: Online
N. Hours: 30 H
During: 4 weeks
- Alternative Title(s)
- Pentester
- Ethical Hacker
- Vulnerability Analyst
- Cybersecurity Tester
- Offensive Cybersecurity Expert
- Defensive Cybersecurity Expert
- Red Team Expert
- Red Teamer
- Summary Statement
Assess the effectiveness of security controls, reveals and utilise cybersecurity vulnerabilities, assessing their criticality if exploited by threat actors.
- Mission
Plans, designs, implements and executes penetration testing activities and attack scenarios to evaluate the effectiveness of deployed or planned security measures. Identifies vulnerabilities or failures on technical and organisational controls that affect the confidentiality, integrity and availability of ICT products (e.g. systems, hardware, software and services).
- Deliverable(s)
- Vulnerability Assessment Results Report
- Penetration Testing Report
- Main Task(s)
- Identify, analyse and assess technical and organisational cybersecurity vulnerabilities
- Identify attack vectors, uncover and demonstrate exploitation of technical cybersecurity vulnerabilities
- Test systems and operations compliance with regulatory standards
- Select and develop appropriate penetration testing techniques
- Organise test plans and procedures for penetration testing
- Establish procedures for penetration testing result analysis and reporting
- Document and report penetration testing results to stakeholders
- Deploy penetration testing tools and test programs
- Key Skill(s)
- Develop codes, scripts and programmes
- Perform social engineering
- Identify and exploit vulnerabilities
- Conduct ethical hacking
- Think creatively and outside the box
- Identify and solve cybersecurity-related issues
- Communicate, present and report to relevant stakeholders
- Use penetration testing tools effectively
- Conduct technical analysis and reporting
- Decompose and analyse systems to identify weaknesses and ineffective controls
- Review codes assess their security
- Key Knowledge
- Cybersecurity attack procedures
- Information technology (IT) and operational technology (OT) appliances
- Offensive and defensive security procedures
- Operating systems security
- Computer networks security
- Penetration testing procedures
- Penetration testing standards, methodologies and frameworks
- Penetration testing tools
- Computer programming
- Computer systems vulnerabilities
- Cybersecurity recommendations and best practices
- Cybersecurity-related certifications
- e-Competences (from e-CF)
B.2. Component Integration (Level 4)
B.3. Testing (Level 4)
B.4. Solution Deployment (Level 2)
B.5. Documentation Production (Level 3)
E.3. Risk Management (Level 4)
Documentação
