Understands VolP services, such as SIP, and can identify and fingerprint devices offering these services

Understands and can demonstrate the exploitation of vulnerabilities in routers and switches, including the use of the following protocols:
• Telnet
• SSH
• HTTP/HTTPS
• TFTP
• SNMP

Can interpret the configuration files of other network devices, including those produced by a variety of vendors(most common features, such as access-lists and enabled services)

–

Understands configuration files of Cisco routers and switches and can advise on how their security can be approved(most common features, such as access-lists and enabled services)

Understands network access control systems, such as 802.1x and MAC address filtering, and can Understands and can demonstrate how network traffic can be analysed to recover user account credentials and detect vulnerabilities that may lead to the compromise of a target device

–

Can intercept and monitor network traffic, capturing it to disk in a format required by analysis tools (e.g. PCAP)

Can analyse e-mail headers to identify system information

–

Understands and can demonstrate the use of protocols often used for the remote management of devices, including:
• Telnet
• SSH 16
• HTTP/HTTPS
• SNMP
• Cisco Reverse Telnet
• TFTP
• NTP
• RDP
• VNC

–

Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices

Can demonstrate the mapping of a network using a range of tools, such as traceroute, traceroute and ping, and by querying active searches, such as DNS and SNMP servers

–

Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices

–

Can accurately identify all hosts on a target network that meet a defined set of criteria, e.g.. to identify all FTP servers or CISCO routers

Understand default gateways and static routes

–

Demonstrate ability to configure static IPs and routes

Understands the security implications of shared media and can exploit its vulnerabilities during a penetration test

–

Understands the security implications of VLANS

–

Understands the security implications of switched networks

–

Understands the security benefits of tiered architectures, DMZs and air gaps

–

Understand the security implications of copper cables vs fibre

–

Understand basics of IPv6 addressing

–

Understand basic subnetting

–

Understand internal (RFC 1918) IP ranges

–

Understand the difference between LAN and WAN

–

Understands the various networks types that could be encountered during a penetration test: • CAT 5 / Fibre • 10/100/1000baseT • Wireless (802.11)

–

Can interpret logical network diagrams