Skip to content
  • Home
    • About The Cyber Scheme
    • Testimonials
    • Contact Us
    • Charity Partners
    • The Small Print
      • Joining Instructions
      • Terms & Conditions
      • Complaints
      • Code of Ethics
      • Code of Conduct
      • Privacy Policy
  • Exams
    • Exams provided by The Cyber Scheme
    • CHECK Exams
      • CHECK overview
      • CSTM Exam
      • CSTL INF Exam
      • CSTL Web App Exam
    • Book an Exam
    • Cyber Advisor
  • Training
    • Training with The Cyber Scheme
      • Training overview
      • CSTM Training
      • Advanced Mentoring
      • Grow Your Own
  • Sponsorship
    • Become a sponsor
    • Current Sponsors
    • Sponsor Portal
  • Education
    • Industry FAQs
    • The Cyber Challenge
  • Resources
    • Articles and Blogs
    • Learning Resources
    • Industry Updates
Menu
  • Home
    • About The Cyber Scheme
    • Testimonials
    • Contact Us
    • Charity Partners
    • The Small Print
      • Joining Instructions
      • Terms & Conditions
      • Complaints
      • Code of Ethics
      • Code of Conduct
      • Privacy Policy
  • Exams
    • Exams provided by The Cyber Scheme
    • CHECK Exams
      • CHECK overview
      • CSTM Exam
      • CSTL INF Exam
      • CSTL Web App Exam
    • Book an Exam
    • Cyber Advisor
  • Training
    • Training with The Cyber Scheme
      • Training overview
      • CSTM Training
      • Advanced Mentoring
      • Grow Your Own
  • Sponsorship
    • Become a sponsor
    • Current Sponsors
    • Sponsor Portal
  • Education
    • Industry FAQs
    • The Cyber Challenge
  • Resources
    • Articles and Blogs
    • Learning Resources
    • Industry Updates

Understanding the CSTM Syllabus: Networking

  • By Emily Kinsella
  • January 12, 2023
  • 10:46 am
  • Uncategorised
blog image networking

This article highlights the key areas of networking you need to understand to pass the CSTM exam. Our full syllabus can be found on our website showing all key areas of knowledge for CSTM. The Cyber Scheme‘s CSTM training maps the CSTM syllabus and will give you the confidence to sit our NCSC-accredited exam knowing the topics and knowledge domains that are likely to come up.

Book here for our CSTM training

Network Architecture

  • Can interpret logical network diagrams.
  • Understands the various networks types that could be encountered during a penetration test:• CAT 5 / Fibre • 10/100/1000baseT • Wireless (802.11).
  • Understand the difference between LAN and WAN.
  • Understand internal (RFC 1918) IP ranges.
  • Understand basic subnetting.
  • Understand basics of IPv6 addressing.
  • Understand the security implications of copper cables vs fibre.
  • Understands the security benefitsof tiered architectures, DMZs and air gaps.
  • Understands the security implications of shared mediaand can exploit its vulnerabilities during a penetration test.
  • Understands the security implications of switched networks.
  • Understands the security implications of VLANS.

Network Routing

  • Understand default gateways and static routes.
  • Demonstrate ability to configure static IPs and routes.

Network Mapping

  • Can demonstrate the mapping of a network using a range of tools, such as traceroute and ping, and by querying active searches, such as DNS and SNMP servers.
  • Can accurately identify all hosts on a target network that meet a defined set of criteria, e.g.. to identify all FTP servers or CISCO routers.
  • Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices.

Management Protocols

  • Understands and can demonstrate the use of protocols often used for the remote management of devices, including:

• Telnet • SSH 16 • HTTP/HTTPS• SNMP • Cisco Reverse Telnet

• TFTP • NTP • RDP •VNC

  • Can analyse e-mail headers to identify system information.
  • Can present the map as a logical network diagram, detailing all discovered subnets and interfaces, including routers, switches, hosts and other devices.

Traffic Analysis

  • Can intercept and monitor network traffic, capturing it to disk in a format required by analysis tools (e.g. PCAP).
  • Understands and can demonstrate how network traffic can be analysed to recover user account credentials and detect vulnerabilities that may lead to the compromise of a target device.

Configuration

  • Understands configuration files of Cisco routers and switches and can advise on how their security can be approved(most common features, such as access-lists and enabled services).
  • Can interpret the configuration files of other network devices,including those produced by a variety of vendors(most common features, such as access-lists and enabled services).

Routers & Switchers

Understands and can demonstrate the exploitation of vulnerabilities in routers and switches, including the use of the following protocols:• Telnet • SSH • HTTP/HTTPS • TFTP • SNMP

VOIP

Understands VolP services, such as SIP, and can identify and fingerprint devices offering these services.

Facebook
Twitter
LinkedIn
Email
WhatsApp
Emily Kinsella

Emily Kinsella

All Posts »
PrevPreviousWhy Are There Less Women In Cyber Security?
NextYour IoT Devices Are a Cybersecurity Weak LinkNext

Partnerships and accreditations

Email us   |   Floor 7, Eagle Tower, Montpellier Drive, Cheltenham GL50 1TA   |  Privacy Policy   |   Booking Conditions

Facebook Twitter Linkedin