CompTIA PenTest+: Testing Frameworks & Methodologies

CompTIA PenTest+    |    Intermediate
  • 13 videos | 1h 11m 41s
  • Earns a Badge
Organizations need to be aware of the guidelines and tools for conducting penetration tests. There are many penetration testing (pen testing) frameworks and methodologies that are helpful and, in this course, you'll compare and contrast these different options. First, explore common frameworks including Open Source Security Testing Methodology Manual (OSSTMM), Council of Registered Ethical Security Testers (CREST), Penetration Testing Execution Standard (PTES), MITRE ATT&CK, and OWASP Mobile Application Security Verification Standard (MASVS). Additionally, discover threat modeling frameworks including Damage potential, Reproducibility, Exploitability, Affected users, Discoverability (DREAD), Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege (STRIDE), and Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE). This course is one of a collection that helps prepare learners for the CompTIA PenTest+ (PT0-003) certification exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Outline best practices for open source security testing methodology manual (osstmm)
    Recognize tactics and techniques of mitre att&ck and discuss how they are used by cyber adversaries
    Outline the open web application security project (owasp) standard
    Outline the owasp mobile application security verification standard (masvs) standard
    Outline the purdue model as it applies to penetration testing
    Recognize key elements of the council of registered ethical security testers (crest) standard
  • Identify the penetration testing execution standard (ptes)
    Identify elements of the information systems security assessment framework (issaf)
    Recognize the damage potential, reproducibility, exploitability, affected users, discoverability (dread) threat model framework
    Outline the spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege (stride) framework
    Outline the operationally critical threat, asset, and vulnerability evaluation (octave) threat model framework
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 22s
    In this video, you will discover the key concepts covered in this course. FREE ACCESS
  • 7m 44s
    In this video, find out how to outline best practices for Open Source Security Testing Methodology Manual (OSSTMM) . FREE ACCESS
  • Locked
    3.  MITRE ATT&CK Guidelines
    5m 48s
    In this video, you will learn how to recognize tactics and techniques of MITRE ATT&CK and discuss how they are used by cyber adversaries. FREE ACCESS
  • Locked
    4.  Open Web Application Security Project Top 10
    6m 37s
    Discover how to outline the open web application security project (OWASP) standard. FREE ACCESS
  • Locked
    5.  OWASP Mobile Application Security Verification Standard
    4m 27s
    Learn how to outline the OWASP mobile application security verification standard (MASVS) standard. FREE ACCESS
  • Locked
    6.  The Purdue Model
    7m 35s
    During this video, you will learn how to outline the Purdue model as it applies to penetration testing. FREE ACCESS
  • Locked
    7.  Council of Registered Ethical Security Testers
    6m 14s
    Upon completion of this video, you will be able to recognize key elements of the Council of Registered Ethical Security Testers (CREST) standard. FREE ACCESS
  • Locked
    8.  Penetration Testing Execution Standard
    6m 6s
    In this video, find out how to identify the Penetration Testing Execution Standard (PTES). FREE ACCESS
  • Locked
    9.  Information Systems Security Assessment Framework
    6m 6s
    After completing this video, you will be able to identify elements of the Information Systems Security Assessment Framework (ISSAF). FREE ACCESS
  • Locked
    10.  DREAD Threat Model Framework
    6m 18s
    Upon completion of this video, you will be able to recognize the Damage potential, Reproducibility, Exploitability, Affected users, Discoverability (DREAD) threat model framework. FREE ACCESS
  • Locked
    11.  STRIDE Threat Model Framework
    6m 4s
    After completing this video, you will be able to outline the Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege (STRIDE) framework. FREE ACCESS
  • Locked
    12.  OCTAVE Threat Model Framework
    6m 36s
    Upon completion of this video, you will be able to outline the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) threat model framework. FREE ACCESS
  • Locked
    13.  Course Summary
    44s
    In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course CompTIA PenTest+: Cleanup & Restoration
Course CompTIA PenTest+: Collaboration & Communication Activities
Rating 4.0 of 1 users Rating 4.0 of 1 users (1)
Course CompTIA PenTest+: Applying Enumeration Techniques
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)