
CSTL Networking
Please click on the following tabs to reveal the knowledge depth required for a successful pass of the CSTL exam.
You will be given a random selection of questions. Please note exam content is subject to change due to circumstances beyond our control – use this as a guide and email us if you have any queries.
- Can interpret logical network diagrams.
- Understands the various networks types that could be encountered during a penetration test:
• CAT 5 / Fibre • 10/100/1000baseT • Wireless (802.11). - Understand the difference between LAN and WAN.
- Understand internal (RFC 1918) IP ranges.
- Understand basic subnetting.
- Understand basics of IPv6 addressing.
- Understand the security implications of copper cables vs fibre.
- Understands the security benefits of tiered architectures, DMZs and air gaps.
- Understands the security implications of shared media and can exploit its vulnerabilities during a penetration test.
- Understands the security implications of switched networks.
- Understands the security implications of VLANS.
- Understands the core principles and concepts of a Software Defined Network (SDN), including:
• Disassociation of data plane and control plane
• The role of controllers in the control planeand commonly associated weaknesses
• The role and common security risks of the application plane, the northbound API and common SDN applications.
- Understand default gateways and static routes.
- Demonstrate ability to configure static IPs and routes.
- Understands network routing andits associated protocols, including:
• RIP• OSPF • EIGRP • BGP • IGMP
- Understands the security attributesof these protocols.
- Can demonstrate the mapping of a network using a range of tools, such as traceroute and ping, and by querying active searches, such as DNS and SNMP servers.
- Can accurately identify all hosts on a target network that meet a defined set of criteria, e.g. to identify all FTP servers or CISCO routers.
- Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices.
- Understand and exploit PXE.
Understands and can demonstrate the use of protocols often used for the remotemanagement of devices, including:
• Telnet • SSH 16 • HTTP/HTTPS• SNMP • Cisco Reverse Telnet
• TFTP • NTP • RDP •VNC
Can analyse e-mail headers to identify system information.
Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices.
Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices.
- Can intercept and monitor network traffic, capturing it to disk in a format required by analysis tools (e.g. PCAP).
- Understands and can demonstrate how network traffic can be analysed to recover user account credentials and detect vulnerabilities that may lead to the compromise of a target device.
- Understands configuration files of Cisco routers and switches and can advise on how their security can be approved(most common features, such as access-lists and enabled services).
- Can interpret the configuration files of other network devices,including those produced by a variety of vendors(most common features, such as access-lists and enabled services).
-
- Understands and can demonstrate the exploitation of vulnerabilities in routers and switches, including the use of the following protocols:• Telnet • SSH • HTTP/HTTPS • TFTP • SNMP
- Understands VolP services, such as SIP, and can identify and fingerprint devices offering these services.