Detect
Protect
Build
Insights
About
Digital Threat Digest Insights Careers Let's talk

Ethical Hacking Associate

Our CREST-Approved and NCSC-Certified Ethical Hacking Associate training teaches participants the practitioner skills required to effectively operate as a junior member of a Penetration Testing or Red Team.

Banned.png?auto=compress%2cformat&fit=crop&fm=webp&h=0&ixlib=php-3.1

It may also be beneficial for junior team members within other technical roles who have these duties. Participants will then be able to support other senior members of relevant cyber security teams.

Training is aligned to support individuals seeking to undertake the CREST Practitioner Security Analyst (CPSA) exam.

This training can be delivered virtually, at our London or Bristol facilities, or at our clients’ premises; training is typically for group bookings only.

Certification

NCSC Assured & Crest Approved Training

NCSC Assured Training at Application Level with IISP Core Skills A6, B1, D1, D2, G1.

CREST-Approved Training.

Aim

Demonstrably use your newly acquired penetration testing skills as a professional cyber security practitioner in a real-world security testing engagement.

Audience

IT professionals who wish to understand ethical hacking techniques and begin adding security/penetration testing to their skillset in order to fulfil security testing responsibilities. Examples might include:

  • Systems Administrators
  • Information Security Specialists
  • Vulnerability Assessors
  • Penetration Testers
  • Security Assessors
  • Junior Red Team /Penetration Testing team members
Learning outcomes
  • Demonstrate use of current techniques used by industry qualified cyber-security penetration testers.
  • Analyse an organisation’s communication networks through the eyes of an attacker.
  • Determine and highlight various risks associated with security testing.
  • Interpret vulnerability scan results to identify vulnerabilities and their levels of criticality in relation to an organisation.
  • Conduct application vulnerability assessments and understanding their results.
  • Remotely exploit and establish persistence on a target.
  • Identify cyber security threats which may jeopardize the organization or its stakeholders’ interests.
  • Learn how to manage operational stakeholders.
  • Present clear and concise technical documentation to technical and non-technical third parties.
Prerequisites
  • In-depth knowledge of networking and the TCP protocol.
  • Experience of Windows and Linux operating systems.
  • Some familiarity or experience using the command line with Linux and Windows.
  • Ideally CompTIA Network+ and Security+ training/qualification.
  • Knowledge of business practices within your organisation, your organisation’s risk management processes and any IT user security policies.
  • For virtual/remote training a good internet connection/sufficient bandwidth is required, with full audio and video capability.
Syllabus

This training can be tailored to an industry or for a defined audience with various durations. Example topics typically include:

  • Penetration Testing
  • Understanding Risk Requirements
  • Defining the ‘Scope’
  • Planning and Management
  • Hacker Methodologies
  • Networking
  • Scanning
  • ARP
  • DNS
  • Malware
  • Malware Taxonomy
  • Malware Analysis
  • Scanning and Enumeration
  • Scanning
  • Encryption
  • Vulnerabilities
  • Exploitation
  • Metasploit
  • Web Application Vulnerabilities
  • Social Engineering
  • Vulnerability Scanners
  • Report Writing
  • Security Policies
  • CPSA Practice Exam Preparation
  • PGI Assessment