Practical Foundations in Cybersecurity
  • 🖌️Practical Foundations in Cybersecurity
  • 1. IT career planning
    • Introduction - IT career planning
    • IT career paths – everything you need to know
    • Job roles in IT and cybersecurity
    • How to break into information security
    • The Security Operations Center (SOC) career path
    • The GRC analyst role
    • How to get CCNA certification
    • Job search strategy
  • 2. Introduction to cybersecurity
    • Introduction - Introduction to cybersecurity
    • Foundational cybersecurity concepts and practices
      • Information security definition
      • Confidentiality, integrity, and availability of information
      • Risk, threat, vulnerability
    • The cybersecurity threat landscape
    • Common cyber attacks
    • Risk mitigation methods
    • Network security risk mitigation best practices
  • 3. Cybersecurity GRC
    • Introduction - Cybersecurity GRC
    • Cybersecurity GRC
  • 4. Networking fundamentals
    • Introduction - Networking fundamentals
    • How data flow through the Internet
    • Network devices and their functions
    • The Open Systems Interconnection (OSI) model
    • Host to host communication in networking
    • How switches facilitate communication
    • How routers facilitate communication
    • Network protocols and their functions
    • OSI model layers and security threats
  • 5. Wireless security and cryptography
    • Introduction - Wireless security and cryptography
    • SSL/TLS cryptography
    • Wireless network security
    • Hashing algorithms and message integrity
    • Cryptographic encryption and confidentiality
    • The SSL/TLS handshake
    • Message signing using asymmetric keys
    • Authentication methods
    • Replay attacks and anti-replay methods
    • Generating and applying an RSA key
    • IEEE 802.11 authentication methods
    • IEEE 802.11 privacy and integrity methods
    • Authentication and encryption in WPA, WPA2, and WPA3
  • 6. Practical foundations in ethical hacking
    • Introduction - Practical foundations in ethical hacking
    • What is professional ethical hacking
    • The perils of unethical hacking
    • Defensive security vs offensive security
    • Defensive cybersecurity technologies
    • Phases of the penetration testing process
    • Types of penetration testing
    • Pentesting methodologies, frameworks, and technologies
    • Common attack targets
  • 7. Conclusion
    • Introduction - Conclusion
    • Final words
Powered by GitBook
On this page
  • Types of penetration testing
  • References
  1. 6. Practical foundations in ethical hacking

Types of penetration testing

This section explores six types of penetration testing, including vulnerabilities targeted/attack vectors and technologies used, and differentiates between black box and white box penetration testing

• Describe types of penetration testing: network, wireless, web application, physical, social engineering, and cloud.

• Compare black box penetration testing and white box penetration testing methods.

Types of penetration testing

• Reconnaissance or Open Source Intelligence (OSINT) gathering

• Network penetration testing

• Wireless network penetration testing

• Website/web application

• Physical penetration testing

• Social engineering

• Cloud penetration testing

References

Cipher. (n.d.). The types of pentests you must know about. Retrieved January 21, 2020, from https://cipher.com/blog/the-types-of-pentests-you-must-know-about/

PreviousPhases of the penetration testing processNextPentesting methodologies, frameworks, and technologies

Last updated 1 day ago