Assessing competence in IoT/ICS hacking at Practitioner level
“The virtual hands-on training labs are a great way to learn about different ICS protocols and technologies that IT security professionals might not be so used too, and is a great starting point for understanding how to exploit and secure these environments.”
CSIP candidate
Our innovative, practical CSIP Assessment – built into the end of our CSIP training course.
Candidates who attend our 3.5 day hacking course will benefit from being assessed and certified at the end of their training; this exam is also available to anyone who wishes their competency in IoT/ICS testing to be certified at Practitioner Level. Please get in touch if you’d like to discuss whether the training and/or exam are right for you.
The assessment will encompass a two hour practical exam covering the enumeration and exploitation of IoT hardware and ICS (in a virtualised factory scenario).
Candidates must be able to demonstrate:
- An understanding of the fundamental principles of electrical engineering.
- An understanding of passive analysis techniques and when to apply them.
- Ability to accurately record and research information about their targets using a mix of offline and online resources.
- Ability to identify and leverage Hardware Debug Interfaces.
- Ability to increase on device capability and enumerate targets.
- Ability to classify devices in an ICS network against the purdue model.
- Knowledge of the type of devices likely found in an ICS environment.
- An understanding of the Modbus protocol.
- Ability to leverage Modbus to alter logic in ICS applications.
Successful completion of the assessment will be certified by The Cyber Scheme and a CSIP certificate issued by our IoT Assessor Alex Teague PCSP. This will provide a pathway to more advanced IoT hacking courses and assessments currently in development.