Final Exam: Ethical Hacker


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

Final Exam: Ethical Hacker will test your knowledge and application of the topics presented throughout the Ethical Hacker track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.



Expected Duration (hours)
0.0

Lesson Objectives

Final Exam: Ethical Hacker

  • apply basic incident response forensics including imaging a drive and basic legal standards
  • apply risk management standards according to NIST 800-37
  • apply the NSA-IAM to ethical hacking to plan, execute, and report on your ethical hacking project
  • apply the PTES to ethical hacking to plan, execute, and report on your ethical hacking project
  • assess security vulnerabilities using CVSS
  • calculate risk levels in a quantitative manner
  • conduct an after-action review of incident response
  • conduct recovery and remediation activities
  • configure the firewall in Windows 10 and Windows Server 2019
  • configure Windows Defender
  • correctly deploy firewall solutions and describe their relevance to ethical hacking
  • create a response plan for cyber incidents
  • create a response plan for physical incidents
  • describe ABAC and its advantages over standard access control
  • describe and apply basic incident response forensics including evidence handling and basic techniques
  • describe and implement ISO 27001
  • describe and implement MAC, DAC, and RBAC
  • describe and use DREAD, PASTA, and other risk models
  • describe antivirus concepts and implement an AV strategy
  • describe cross-site scripting
  • describe how steganography works
  • describe IDS/IPS and describe its relation to ethical hacking
  • describe incident response concepts
  • describe malware threats
  • describe NIST 800-14 security protocols
  • describe NMAP and how it can be used
  • describe PCI-DSS standards and integrate them into ethical hacking
  • describe secure software concepts
  • describe security devices and how they relate to ethical hacking
  • describe SQL injection and variations
  • describe the COBIT 5 standard
  • describe the Shodan search engine, its purpose and usage, and the role it plays in ethical hacking and penetration testing
  • describe the usage of SIEM and deploy SIEM systems
  • describe types of malware
  • design access control and account management processes
  • employ NIST 800-26 standards to manage IT security
  • evaluate security in accordance with ISO/IEC 18045
  • execute basic Metasploit commands
  • execute basic SQL Injection
  • identify and implement specific responses to risk
  • implement basic Snort IDS
  • interpret and apply NIST 800-12
  • properly apply filtering and data validation
  • properly classify and describe different types of incidents
  • recall the basics of Metasploit
  • recognize account creation concepts
  • recognize NMAP and how it can be used
  • recognize SQL injection and variations
  • recognize types of DoS and associated countermeasures
  • recognize types of malware
  • use common steganography tools
  • use common Windows hacking techniques
  • use multiple informational web sites to gain information about a target
  • use NMAP to scan a target system or network
  • use OWASP ZAP to scan a target web site
  • use Shodan to gather information about vulnerabilities
  • use Vega to scan a target web site
  • use web sites to gain information about a target
  • utilize IDS/IPS and describe its relation to ethical hacking
  • utilize the CIA triangle and the McCumber cube to assess risks and threats

    • Course Number:
    it_feptsoe_03_enus

    Expertise Level
    Intermediate