CPENT: The Ultimate Pentesting Certification

1
www.infosectrain.com
CPENT (Certified Penetration Testing
Professional) The Ultimate Pentesting
Certification
2
InfosecTrain
About Us
InfosecTrain is one of the finest Security and
Technology Training and Consulting organization,
focusing on a range of IT Security Trainings and
Information Security Services. InfosecTrain was
established in the year 2016 by a team of
experienced and enthusiastic professionals, who
have more than 15 years of industry experience.
We provide professional training, certification
consulting services related to all areas of
Information Technology and Cyber Security.
3
(No Transcript)
4
Course Description

• EC-Council has introduced its new CPENT
  certification as the Ultimate Penetration
  Certification.
• The announcement comes along with the retirement
  of 2 of EC-Councils Programs ECSA ( EC-Council
  Certified Security Analyst) and APT.
• The certification attempts to narrow the skill
  gaps and map the job role of a penetration tester
  and security analyst. It also tries to provide
  real-world experience to the challenge takers.
  Out-of-box thinking is required as the challenges
  follow a progressive approach where the next
  challenge is more challenging than the previous
  one.

• CCISO Certification

5
Course Objectives

• CPENT certification consists of 14 modules and
  tests the abilities of a penetration tester in
  almost all the vectors of cybersecurity, some of
  which have been introduced for the first time in
  any penetration certification. Provided is a list
  of the domains
• Introduction to Penetration Testing
• Penetration Testing Scoping and Engagement
• Open Source Intelligence (OSINT)
• Social Engineering Penetration Testing
• Network Penetration Testing External
• Network Penetration Testing Internal
• Network Penetration Testing Perimeter Devices
• Web Application Penetration Testing
• Wireless Penetration Testing
• IoT Penetration Testing
• OT/SCADA Penetration Testing

6

• Binary Analysis and Exploitation
• Report Writing and Post Testing Actions

7

8
Whats Different?

• Advanced Windows Attacks The challenge aims to
  test the knowledge of PowerShell of the
  candidate, where the latter is required to use
  PowerShell bypass techniques along with other
  methods to gain access to a windows machine that
  has defenses in place.
• Attacking IoT Systems CPENT is the first
  certification to introduce hacking IoT devices
  that starts with searching the device, gaining
  access, identifying firmware, extraction, and
  performing reverse engineering.
• Advanced Binaries Exploitation Penetration
  testers are required to gain access to the system
  and look for flawed binaries, use reverse
  engineering, and write exploits for privilege
  escalation.
• Bypassing a Filtered Network In a segmented
  architecture, the challenger has to identify the
  filtering of the architecture then leverage this
  to gain access to the web applications by
  compromising it and then extract the required
  data

9
Pentesting Operational Technology (OT) The
challenge is again a first of its kind in a
penetration testing certification. The tester has
to gain access to a dedicated OT network and
perform modifications in the existing data by
penetrating from the IT network side.Access
Hidden Networks With Pivoting Tester has to
penetrate into the direct network by identifying
the filtering rules and then attempt pivots,
through a filter, into the hidden network using
single pivoting methods.Double
Pivoting Quoting EC-Council CPENT is the first
certification in the world that requires you to
access hidden networks using double pivoting.
This challenge tests the skills of the tester as
the pivot has to be set up manually.Attack
Automation with Scripts The challenge requires
the tester to use advanced penetration techniques
and scripting using languages like Perl, Python,
Ruby, PowerShell, BASH, and use techniques like
Metasploit and Fuzzing techniques.Weaponize
Your Exploits This provides a chance to the
testers to use their coding skills, carry their
own tools to complete the challenge.Apart from
these, the challenges also require the testers to
evade various defense mechanisms, use the latest
methods for privilege escalation and summarize
everything in a report that, in the real world,
could be presented to the client/higher
management to take vital business decisions.

10
Target Audience

• Penetration Testers
• Ethical Hackers
• Information security Consultant
• Security Testers
• Security Analysts
• Security Engineers
• Network Server Administrators
• Firewall Administrators
• System Administrators
• Risk Assessment Professionals

11
Pre-Requisite

• CPENT certification Course NeedsExtensive
  knowledge of penetration testing across multiple
  disciplines extending from windows, IoTs, inline
  defenses to automation, operational technology,
  and advanced skills in binary exploitation. The
  certification tests the knowledge of tester not
  only on automated tools but manual testing skills
  as well.
• Exam InfoCPENT is an entirely practical exam
  which is conducted online and is proctored
  remotely. The exam duration is 24 hours. The
  candidates have two options to proceed with the
  exam. They can either take the exam in one go,
  i.e., 24 hours straight, or go for 2-12 hour
  exams. Candidates are required to submit their
  penetration testing reports within 7 days post
  the completion of the exam.

12
(No Transcript)
13
ABOUT OUR COMPANY
OUR CONTACT
InfosecTrain welcomes overseas customers to come
and attend training sessions in destination
cities across the globe and enjoy their learning
experience at the same time.
 44 7451208413
https//www.facebook.com/Infosectrain/
sales_at_infosectrain.com
https//www.linkedin.com/company/infosec-train/
www.infosectrain.com
https//www.youtube.com/c/InfosecTrain