Final Exam: Ethical Hacker
Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level
Overview/Description
Final Exam: Ethical Hacker will test your knowledge and application of the topics presented throughout the Ethical Hacker track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.
Expected Duration (hours)
0.0
Lesson Objectives Final Exam: Ethical Hacker
apply basic incident response forensics including imaging a drive and basic legal standards
apply risk management standards according to NIST 800-37
apply the NSA-IAM to ethical hacking to plan, execute, and report on your ethical hacking project
apply the PTES to ethical hacking to plan, execute, and report on your ethical hacking project
assess security vulnerabilities using CVSS
calculate risk levels in a quantitative manner
conduct an after-action review of incident response
conduct recovery and remediation activities
configure the firewall in Windows 10 and Windows Server 2019
configure Windows Defender
correctly deploy firewall solutions and describe their relevance to ethical hacking
create a response plan for cyber incidents
create a response plan for physical incidents
describe ABAC and its advantages over standard access control
describe and apply basic incident response forensics including evidence handling and basic techniques
describe and implement ISO 27001
describe and implement MAC, DAC, and RBAC
describe and use DREAD, PASTA, and other risk models
describe antivirus concepts and implement an AV strategy
describe cross-site scripting
describe how steganography works
describe IDS/IPS and describe its relation to ethical hacking
describe incident response concepts
describe malware threats
describe NIST 800-14 security protocols
describe NMAP and how it can be used
describe PCI-DSS standards and integrate them into ethical hacking
describe secure software concepts
describe security devices and how they relate to ethical hacking
describe SQL injection and variations
describe the COBIT 5 standard
describe the Shodan search engine, its purpose and usage, and the role it plays in ethical hacking and penetration testing
describe the usage of SIEM and deploy SIEM systems
describe types of malware
design access control and account management processes
employ NIST 800-26 standards to manage IT security
evaluate security in accordance with ISO/IEC 18045
execute basic Metasploit commands
execute basic SQL Injection
identify and implement specific responses to risk
implement basic Snort IDS
interpret and apply NIST 800-12
properly apply filtering and data validation
properly classify and describe different types of incidents
recall the basics of Metasploit
recognize account creation concepts
recognize NMAP and how it can be used
recognize SQL injection and variations
recognize types of DoS and associated countermeasures
recognize types of malware
use common steganography tools
use common Windows hacking techniques
use multiple informational web sites to gain information about a target
use NMAP to scan a target system or network
use OWASP ZAP to scan a target web site
use Shodan to gather information about vulnerabilities
use Vega to scan a target web site
use web sites to gain information about a target
utilize IDS/IPS and describe its relation to ethical hacking
utilize the CIA triangle and the McCumber cube to assess risks and threats
Course Number: it_feptsoe_03_enus
Expertise Level
Intermediate