Final Exam: Ethical Hacker

WHAT YOU WILL LEARN

• 

  Identify and implement specific responses to risk
  

  describe and use dread, pasta, and other risk models
  

  recognize account creation concepts
  

  describe incident response concepts
  

  execute basic metasploit commands
  

  conduct recovery and remediation activities
  

  describe pci-dss standards and integrate them into ethical hacking
  

  interpret and apply nist 800-12
  

  create a response plan for physical incidents
  

  configure the firewall in windows 10 and windows server 2019
  

  apply the ptes to ethical hacking to plan, execute, and report on your ethical hacking project
  

  describe security devices and how they relate to ethical hacking
  

  recognize types of malware
  

  properly classify and describe different types of incidents
  

  describe malware threats
  

  apply the nsa-iam to ethical hacking to plan, execute, and report on your ethical hacking project
  

  configure windows defender
  

  create a response plan for cyber incidents
  

  use owasp zap to scan a target web site
  

  describe the shodan search engine, its purpose and usage, and the role it plays in ethical hacking and penetration testing
  

  use vega to scan a target web site
  

  design access control and account management processes
  

  use multiple informational web sites to gain information about a target
  

  describe nmap and how it can be used
  

  describe abac and its advantages over standard access control
  

  use shodan to gather information about vulnerabilities
  

  recognize sql injection and variations
  

  recognize nmap and how it can be used
  

  use nmap to scan a target system or network
  

  use web sites to gain information about a target
• 

  describe sql injection and variations
  

  employ nist 800-26 standards to manage it security
  

  describe and implement mac, dac, and rbac
  

  assess security vulnerabilities using cvss
  

  describe types of malware
  

  describe antivirus concepts and implement an av strategy
  

  recall the basics of metasploit
  

  execute basic sql injection
  

  evaluate security in accordance with iso/iec 18045
  

  describe the usage of siem and deploy siem systems
  

  utilize ids/ips and describe its relation to ethical hacking
  

  describe ids/ips and describe its relation to ethical hacking
  

  describe and apply basic incident response forensics including evidence handling and basic techniques
  

  implement basic snort ids
  

  apply risk management standards according to nist 800-37
  

  describe secure software concepts
  

  use common windows hacking techniques
  

  properly apply filtering and data validation
  

  apply basic incident response forensics including imaging a drive and basic legal standards
  

  utilize the cia triangle and the mccumber cube to assess risks and threats
  

  correctly deploy firewall solutions and describe their relevance to ethical hacking
  

  calculate risk levels in a quantitative manner
  

  describe cross-site scripting
  

  describe how steganography works
  

  describe and implement iso 27001
  

  conduct an after-action review of incident response
  

  recognize types of dos and associated countermeasures
  

  describe the cobit 5 standard
  

  describe nist 800-14 security protocols
  

  use common steganography tools