Understands and can demonstrate the exploitation of vulnerabilities in routers and switches, including the use of the following protocols: • Telnet • SSH • HTTP/HTTPS • TFTP • SNMP
Can interpret the configuration files of other network devices, including those produced by a variety of vendors(most common features, such as access-lists and enabled services)
Industry Roles:
Assessment Methods:
Understands configuration files of Cisco routers and switches and can advise on how their security can be approved(most common features, such as access-lists and enabled services)
Understands and can demonstrate how network traffic can be analysed to recover user account credentials and detect vulnerabilities that may lead to the compromise of a target device
Industry Roles:
Assessment Methods:
Can intercept and monitor network traffic, capturing it to disk in a format required by analysis tools (e.g. PCAP)
Understands and can demonstrate the use of protocols often used for the remote management of devices, including: • Telnet • SSH 16 • HTTP/HTTPS • SNMP • Cisco Reverse Telnet • TFTP • NTP • RDP • VNC
Industry Roles:
Assessment Methods:
Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices
Can demonstrate the mapping of a network using a range of tools, such as traceroute, traceroute and ping, and by querying active searches, such as DNS and SNMP servers
Industry Roles:
Assessment Methods:
Understand and exploit PXE
Industry Roles:
Assessment Methods:
Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices
Industry Roles:
Assessment Methods:
Can accurately identify all hosts on a target network that meet a defined set of criteria, e.g.. to identify all FTP servers or CISCO routers
Understands the core principles and concepts of a Software Defined Network (SDN), including: • Disassociation of data plane and control plane • The role of controllers in the control plane and commonly associated weaknesses • The role and common security risks of the application plane, the northbound API and common SDN applications
Industry Roles:
Assessment Methods:
Understands the security implications of shared media and can exploit its vulnerabilities during a penetration test
Industry Roles:
Assessment Methods:
Understands the security implications of VLANS
Industry Roles:
Assessment Methods:
Understands the security implications of switched networks
Industry Roles:
Assessment Methods:
Understands the security benefitsof tiered architectures, DMZs and air gaps
Industry Roles:
Assessment Methods:
Understand the security implications of copper cables vs fibre
Industry Roles:
Assessment Methods:
Understand basics of IPv6 addressing
Industry Roles:
Assessment Methods:
Understand basic subnetting
Industry Roles:
Assessment Methods:
Understand internal (RFC 1918) IP ranges
Industry Roles:
Assessment Methods:
Understand the difference between LAN and WAN
Industry Roles:
Assessment Methods:
Understands the various networks types that could be encountered during a penetration test: • CAT 5 / Fibre • 10/100/1000baseT • Wireless (802.11)
Industry Roles:
Assessment Methods:
Can interpret logical network diagrams
Industry Roles:
Assessment Methods:
Please wait...
We’re just personalising the exam topics applicable to you