CompTIA PenTest+: Governance, Risk, & Compliance

CompTIA PenTest+    |    Intermediate
  • 14 videos | 1h 20m 21s
  • Includes Assessment
  • Earns a Badge
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
Penetration testing (pen testing) is often a multi-step process involving many parties. It is important for testers to recognize the importance of scoping, as well as the organizational and customer requirements and demands. In this course, you will explore common pre-engagement activities for penetration testers, including scope definition, regulations such as the Payment Card Industry Data Security Standard (PCI DSS) and General Data Protection Regulation (GDPR), frameworks and standards, and rules of engagement. Then you will examine target selection, assessment types, and agreement types, like Terms of Service (ToS), service-level, and confidentiality and nondisclosure. Next, you will discover key elements of the shared responsibility model. Finally, investigate legal and ethical considerations including authorization letters, mandatory reporting requirements, and risk to the penetration tester. This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-003) certification exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Provide an overview of the pci dss, including principles and requirements
    Outline the principles of the gdpr including requirements and risk of non-compliance
    Define target lists such as wireless networks, domain, and physical locations
    Provide an overview of assessment types including web, network, mobile, cloud, application programming interface (api), application, and wireless
    Provide an overview of tos agreements, including examples of and risks associated with tos agreements
    Define slas and describe when to use them
  • Outline key components of confidentiality and nondisclosure agreements
    Provide an overview of the details that should be included in a penetration testing sow
    List the benefits of defining a master service agreement prior to penetration testing
    Describe how to use approval forms to document the permission to attack
    Provide an overview of the shared responsibility model, including typical service provider and customer responsibilities, benefits, and best practices
    Outline legal and ethical considerations, including authorization letters, mandatory reporting requirements, and risk to the penetration tester
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 9s
    In this video, we will discover the key concepts covered in this course. FREE ACCESS
  • 7m 28s
    After completing this video, you will be able to provide an overview of the PCI DSS, including principles and requirements. FREE ACCESS
  • Locked
    3.  General Data Protection Regulation (GDPR)
    6m 42s
    Upon completion of this video, you will be able to outline the principles of the GDPR including requirements and risk of non-compliance. FREE ACCESS
  • Locked
    4.  Define Target Lists
    7m 38s
    After completing this video, you will be able to define target lists such as wireless networks, domain, and physical locations. FREE ACCESS
  • Locked
    5.  Assessment Types
    6m 33s
    Upon completion of this video, you will be able to provide an overview of assessment types including web, network, mobile, cloud, application programming interface (API), application, and wireless. FREE ACCESS
  • Locked
    6.  Terms of Service (ToS) Agreements
    6m 19s
    After completing this video, you will be able to provide an overview of ToS agreements, including examples of and risks associated with ToS agreements. FREE ACCESS
  • Locked
    7.  Service-level Agreements (SLAs)
    6m 44s
    In this video, we will define SLAs and describe when to use them. FREE ACCESS
  • Locked
    8.  Confidentiality and Nondisclosure Agreements
    6m 19s
    Upon completion of this video, you will be able to outline key components of confidentiality and nondisclosure agreements. FREE ACCESS
  • Locked
    9.  Statement of Work (SOW)
    6m 25s
    After completing this video, you will be able to provide an overview of the details that should be included in a penetration testing SOW. FREE ACCESS
  • Locked
    10.  Master Service Agreement
    6m 16s
    Upon completion of this video, you will be able to list the benefits of defining a master service agreement prior to penetration testing. FREE ACCESS
  • Locked
    11.  Permission to Attack
    6m 7s
    After completing this video, you will be able to describe how to use approval forms to document the permission to attack. FREE ACCESS
  • Locked
    12.  Shared Responsibility Model
    6m 14s
    Upon completion of this video, you will be able to provide an overview of the shared responsibility model, including typical service provider and customer responsibilities, benefits, and best practices. FREE ACCESS
  • Locked
    13.  Legal and Ethical Considerations of Penetration Testing
    5m 41s
    After completing this video, you will be able to outline legal and ethical considerations, including authorization letters, mandatory reporting requirements, and risk to the penetration tester. FREE ACCESS
  • Locked
    14.  Course Summary
    47s
    In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course CompTIA A+ Core 2: Social Engineering Attacks
Rating 4.2 of 107 users Rating 4.2 of 107 users (107)
Course CompTIA Data+: Data Analysis Types & Techniques
Rating 4.6 of 15 users Rating 4.6 of 15 users (15)
Course CompTIA Data+: Data Governance
Rating 4.9 of 10 users Rating 4.9 of 10 users (10)