Hands-On Vulnerability Assessment: Protecting Your Organization

What is this course about?

In this course, you run vulnerability* scans and observe exploits* to better secure networks, servers and workstations. You learn to assess the risk to your enterprise from specific vulnerabilities and to continually control your exposure to current security threats. Throughout this course, extensive hands-on exercises provide you with practical experience assessing recent vulnerabilities and analyzing "in the wild"* exploits.

Who will benefit from this course?

This course is valuable for those involved in securing enterprise systems. Typical participants include network and system administrators, technical managers, auditors, developers, computer security personnel, officers with direct involvement in security and those involved in cybersecurity measures and implementation.

What background do I need?

It is assumed that you have a basic understanding of network security and security issues. For example, you should understand:

• TCP/IP networking
• Network security goals and concerns
• The roles of firewalls and intrusion detection systems

Course 468, System and Network Security: A Comprehensive Introduction, provides the necessary background.

What types of vulnerability are covered in this course?

This course focuses on vulnerabilities that affect network infrastructures, servers, and workstations. You explore vulnerabilities introduced by software errors, problems inherent in core network protocols, and risks resulting from insecure system configurations.

Will I learn what methods attackers use to break into systems?

Yes. You learn how attackers conduct reconnaissance, assess system vulnerabilities and deploy exploits.

Will I learn hacking techniques?

Yes. You learn the basics about exploits that lead to denial-of-service (DoS), unauthorized system access, data eavesdropping and other cybersecurity compromises. You learn how servers are "rooted" by privilege escalation and SQL injection. You also conduct directory transversal, buffer overflows and cross-site scripting attacks.

Will I learn how to use vulnerability scanners?

Yes! You learn in detail the use and configuration of ISS Internet Scanner, eEye Retina Scanner, and the popular scanner, Nessus.

Will I learn how to hack?

No. In this course, you observe an array of exploits to demonstrate how attacks work, so that scanners can be used more effectively. The overall goal of the course is to discover vulnerabilities and prevent hacking.

Will this course help me prepare for the CISSP Certification examination?

Yes, this course helps you prepare for multiple domains on the CISSP Certification exam. For more information, please refer to the CISSP Q&A.

Does this course provide me with (ISC)² continuing professional education (CPE) credits?

Yes! Learning Tree, in agreement with (ISC)², is a recognized "Trusted CPE Provider." This course provides you with 23 "A-level" CPE credits toward maintaining your CISSP Certification. Please see the CISSP Q&A for more information on the continuing education requirements of (ISC)².

Glossary

Exploit:  - a program or technique that takes advantage of a vulnerability in software that can be used for breaking security or otherwise attacking a host.

Vulnerability:  - a flaw or weakness in a system's design, implementation or operation and management that can be exploited to violate the system's security.

In the Wild:  - a live exploit in active use. In the Wild does not refer to in-lab testing or discovery.

How much time is devoted to each topic?

Times, including the workshops, are estimates; exact times may vary according to the needs of each class.

What kinds of hands-on exercises are in the course?

Approximately 40 percent of class time is spent on hands-on exercises. The exercises are designed to give you hands-on experience assessing vulnerabilities and analyzing attack methods and exploit scenarios. You configure and run several powerful vulnerability scanners and compare the reports generated by various types of scans. In addition, you execute many exploits and observe their operation, assess impact and learn how the vulnerability may be detected.

I'm attending this course from work using AnyWare - Learning Tree's web-based remote attendance platform. How will that impact what I learn?

You will participate fully in the course and acquire the same knowledge and skills as your classmates who participate in the classroom. You will have the same course materials, be able to easily communicate back and forth and ask questions of your instructors and peers, and you will control an in-classroom workstation dedicated entirely to you. Your instructor will be able to see exactly what you're doing and can interactively offer concrete help.

Are the tools based on UNIX/Linux or Windows platforms?

Both UNIX/Linux and Windows-based tools are used throughout the course. Exercises are performed using Red Hat Linux and Windows XP/2003.

Will I learn defensive measures in this course?

You learn general defenses for a wide range of vulnerabilities and exploits. This course helps you determine how to prioritize your defensive efforts so that the most severe risks may be addressed early. You see how proactive measures can prevent many attacks. This course does not provide detailed steps for configuring Web servers, firewalls, or Intrusion Detection Systems (IDS). These topics are covered in other courses within the security curriculum, such as Course 940, Securing Web Applications, Services and Servers: Hands-On.

How is this course different from Course 537?

Course 537, Penetration Testing: Tools and Techniques, focuses on learning and practicing a hacking methodology useful for testing network security. It involves intelligence gathering, scanning and exploitation of systems and networks. While Course 589 focuses on detection and remediation of vulnerabilities for your organization, Course 537 concentrates on exploitation and hacking techniques in a case study form.

How does this course relate to other Learning Tree courses?

• 537, Penetration Testing: Tools and Techniques enables you to deploy ethical hacking to expose weaknesses in your organization and select countermeasures
• 940, Securing Web Applications, Services and Servers: Hands-On provides in-depth, hands-on experience securing Web-based applications and host servers within your organization

Many Learning Tree courses provide college credit and industry continuing education credits. You can also earn a Learning Tree Professional Certification in your area of expertise and prepare for popular industry certifications. See below for continuing professional development credits associated with this course.

	This course qualifies for 2 semester hours of college credit as certified by the American Council on Education's College Credit Recommendation Service (ACE CREDIT). Read More...
	This course qualifies for 23 CPE credits from the National Association of State Boards of Accountancy CPE program. Read More...