Scribd
Upload
307 views

Penetrating Networks For CompTIA PenTest+

Want to explore the fundamentals of penetration testing and vulnerability assessment and management? CompTIA PenTest+ features the management skills used to analyze vulnerabilities, verify applications, and report penetration test outcomes.

Uploaded by

Abhi pal
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
307 views

Penetrating Networks For CompTIA PenTest+

Want to explore the fundamentals of penetration testing and vulnerability assessment and management? CompTIA PenTest+ features the management skills used to analyze vulnerabilities, verify applications, and report penetration test outcomes.

Uploaded by

Abhi pal
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 54

Penetrating Networks

for CompTIA PenTest+

Michael Govinda
NetCom Learning

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


AGENDA

Penetration Testing and its benefits

Pentesting Standards and Frameworks

Processes & Tools Commonly Used for Pentesting

Guidelines for Planning Pentest Engagements

Guidelines for Scoping and Negotiating Pentest Engagements

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


PENETRATION TESTING

• Vulnerability assessment: The practice of evaluating a computer, network, or application


to identify potential weaknesses.
• Penetration testing (pen testing): The practice of evaluating a computer, network, or
application to identify potential vulnerabilities, and then exploiting them to gain
unauthorized access to key systems and data and culminating in the production of
evidence and a report.

Vulnerability Assessment
Penetration Testing

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


BENEFITS OF PENTESTING

• Testing cyber-defense capabilities.


• Revealing vulnerabilities.
• Finding and plugging security holes before they can be
exploited.
• Supporting risk management.
• Enhancing QA.
• Ensuring business continuity.
• Protecting clients, partners, and others.
• Protecting organizational reputation.
• Ensuring regulatory compliance.
• Maintaining trust.
• Identifying ROI.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


PENTESTING STANDARDS AND FRAMEWORKS
Standard or
Description
Framework
• Developed by UK government.
CHECK framework • Intended to ensure that government agencies and public entities can contract with
government-approved pen testers.
OWASP testing • Developed by Open Web Application Security Project.
framework • Covers all sorts of software testing, including pen testing.
• Open Source Security Testing Methodology Manual
OSSTMM • Pronounced “awstem.“
• Security testing and analysis for better operational security.
• Penetration Testing Execution Standard
• Developed by security service practitioners.
PTES
• Basic lexicon and guidelines for pen tests.
• General standard; the PTES Technical Guide provides specifics.
• Technical Guide to Information Security Testing and Assessment.
• Developed by NIST.
NIST SP 800-115
• Practical recommendations for designing, implementing, and maintaining pen test
processes and procedures.
© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266
PROCESSES COMMONLY USED FOR PENTESTING (SLIDE 1 OF 2)

Cyber Attack PenTest

Planning

Reconnaissance Reconnaissance

Scanning Scanning

Gaining Access Gaining Access

Maintaining Access Maintaining Access

Covering Tracks Covering Tracks


Analysis

Reporting

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


PROCESSES COMMONLY USED FOR PENTESTING (SLIDE 2 OF 2)

Planning Can include project scope, logistics, and other preliminary activities.

Reconnaissance Passive and active information gathering.

Scanning Deeper than reconnaissance, begins vulnerability assessment.

Gaining Access Begin exploit based on information from earlier stages.

Maintaining Access Ensure continuing access and find new targets.

Covering Tracks Destroy evidence of exploits.

Analysis Identify vulnerabilities, causes, and recommendations for correction.

Reporting Official communication to stakeholders.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TOOLS COMMONLY USED IN PENTESTING (SLIDE 1 OF 4)
Tool Type Examples
• Nmap
• Nikto
Scanning tools • OpenVAS
• SQLmap
• Nessus
• Hashcat
• Medusa
• THC-Hydra
• CeWL
Credential testing • John the Ripper
tools • Cain and Abel
• Mimikatz
• Patator
• Dirbuster
• W3AF
© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266
TOOLS COMMONLY USED IN PENTESTING (SLIDE 2 OF 4)
Tool Type Examples
• OLLYDBG
• Immunity debugger
Debugging tools • GDB
• WinDBG
• IDA
• Findbugs and findsecbugs
• Peach
Software assurance
• AFL
tools
• SonarQube
• YASCA
• Whois
• Nslookup
• FOCA
• theHarvester
OSINT tools
• Shodan
• Maltego
• Recon-ng
• Censys

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TOOLS COMMONLY USED IN PENTESTING (SLIDE 3 OF 4)
Tool Type Examples
• Aircrack-ng
• Kismet
Wireless tools
• WiFite
• WiFi-Pumpkin
• OWASP ZAP
Web proxy tools
• Burp Suite
Social engineering • SET
tools • BeEF
• SSH
Remote access • Ncat
tools • Netcat
• Proxychains

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TOOLS COMMONLY USED IN PENTESTING (SLIDE 4 OF 4)

Tool Type Examples


• Wireshark
Networking tools
• Hping
• Drozer
Mobile tools • APKX
• APK Studio
• Searchsploit
• Powersploit
Miscellaneous • Responder
tools • Impacket
• Empire
• Metasploit Framework

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


COMMUNICATION AND THE PENTESTING PROCESS

• Communication path, or chain of command.


• Communication with client counterparts.
• Communication within the pen testing team.
• What information to communicate and when.
• Regular process briefings.
• Within the team.
• With the client.
• Clear identification of the reasons behind
communication actions.
• Possible adjustments to the engagement.
• Disclosure of findings.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


CONTRACT TYPES

MSA
Master service agreement An agreement that establishes precedence and guidelines for any business documents that are
executed between two parties.

NDA
Non-disclosure agreement A business document that stipulates the parties will not share confidential information,
knowledge, or materials with unauthorized third parties.

SOW
Statement of work A business document that defines the highest level of expectations for a contractual
arrangement.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


AUTHORIZATIONS

• Written authorization to conduct pen testing activities.


• Document is often a SOW addendum.
• Control liability of pen testers.
• Third-party service providers.
• Contents:
• Proper signing authority (statement and signature).
• Identification of individuals who can perform the pen
test.
• What networks, hosts, and applications can be tested.
• Time limits.
• Legal review.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


LEGAL RESTRICTIONS

• Export restrictions.
• Local and national governmental restrictions.
• Corporate or organizational policies.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TARGET AUDIENCE TYPES

• Types of information systems being tested will affect


the target audience composition.
• Hosts
• Networks
• Web servers
• Applications
• Databases
• Combination of upper management, IT management,
IT personnel, and others.
• Technical and non-technical people.
• Is the testing team internal or external?

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


BUDGET

• Services provided must be worth the money that is


spent.
• Budget has a significant effect on the pen test’s scope.
• Service provider/pen tester:
• Minimize expenses of testing.
• Maximize revenue/compensation.
• Provide acceptable QoS to client.
• Service consumer/client:
• Minimize costs.
• Maximize volume/depth of testing.
• Maximize QoS.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TECHNICAL CONSTRAINTS

• What is to be tested?
• What is not to be tested?
• What cannot be tested?
• Budgetary considerations. Headquarters

• Examples:
• Fragile legacy server
• Third-party hosted website
• Offshore data center

Satellite Office

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


RULES OF ENGAGEMENT

• Rules of engagement: In pen testing, a document or section of a document that outlines


how the pen testing is to be conducted.
Component Description
• List of tasks that make up the engagement and who performs them.
Timeline • Adjustable progress indicator.
• Often in Gantt chart format.
• Where test team is in relation to client properties.
Test team location
• Multiple locations, countries, and technologies should be considered.
Temporal restrictions Days and times individual tests can be performed.
• What client personnel are in the know?
Transparency
• What resources will be provided to the testers?
• What gets tested?
• Acceptable social engineering test.
Test boundaries
• Acceptable physical security tests.
• Restrictions on invasive attacks.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


IMPACT ANALYSIS

• What effect will the pen test have on normal business


operations?
• Potential impact:
• Target type
• Criticality
• Testing approach
• Unforeseen issues.
• Risk management is a team effort.
• Triggers, escalation procedures, and timelines.
• Prioritization of pen test results.

Low Impact High Impact

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


REMEDIATION TIMELINE

• Implementing solutions to eliminate vulnerabilities.


• What should be handled first?
• High-risk
• Low-cost
• Other
• Where does risk acceptance come into play?

High Risk Low Risk

Test Date 1 Week 2 Weeks 3 Weeks 1 Month 6 Months 1 Year

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


DISCLAIMERS

• Point-in-time assessment
• Comprehensiveness
• Others?

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


GUIDELINES FOR PLANNING PENTEST ENGAGEMENTS

• Be sure that you understand the target audience.


• Identify the resources and requirements that will govern and facilitate the
pentest engagement.
• Determine any budget restrictions that might affect the engagement.
• Document any technical constraints that will affect the engagement.
• Clearly define the rules of engagement.
• Develop impact analysis and remediation timelines.
• Identify any disclaimers that will affect the engagement.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


SCOPING

Scope: In a pen test engagement, the boundaries that describe the extent of the
engagement, including what specific systems are to be tested, to what degree the
systems should be tested, and how the pen testers should spend their time.

• Crucial step in contract negotiations.


• Scope forms the basis of the SOW.
• Defines appropriate targets and limitations.
• What happens when something outside the scope is discovered?
• Pen test team response and escalation when necessary.

In Scope

Out of Scope

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


END GOALS AND DELIVERABLES

• Identify why the testing is needed.


• Compliance or legal requirement?
• Need and desire for improving organizational security?
• End goals might be adjusted during the scoping process.
• Main deliverable is an actionable report.
• Describes tests performed, vulnerabilities identified, analysis, and mitigation
suggestions.
• Translate technical findings to potential organizational risk.
• Threat ranking: probability x impact

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TYPES OF ASSESSMENTS

• Goal- or objective-based:
• What needs protection?
• Compliance-based:
• Industry or governmental mandate.
• Red team

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


COMPLIANCE-BASED ASSESSMENTS

• Normally assessed using audits of administrative, technical, and physical


controls.
• Takes precedence over organizational policy.
• What to look for: Clear objectives based on regulations.
• How to look: Possible rules for completing the assessment.
• Focus:
• Password policies
• Data isolation
• Key management
• Limitations:
• Network access
• Storage access

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TYPES OF STRATEGIES

Pentest Strategy Description


• No information is provided to the pen tester.
• Simulates an outsider attack with basic reconnaissance.
Black box test
• AKA zero knowledge test, because the tester must gather information about the target and verify the scope.
• Few have knowledge of the test.
• Some information is provided to the pen tester.
• Simulates an internal attack with limited knowledge.
Gray box test
• AKA partial knowledge test, because the pen tester uses reconnaissance to gain more information about
the target.
• Comprehensive information is provided to the pen tester.
• Simulates an insider attack with full knowledge.
White box test
• Opposite of a black box test.
• Reconnaissance phase might be unnecessary.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TYPES OF THREAT ACTORS (SLIDE 1 OF 2)

• Threat actor: An entity partially or wholly responsible for an incident that affects or
can affect an organization’s security.
• Script kiddies: Novice or inexperienced hackers with limited technical knowledge
who rely on automated tools to hack into targets.
• Hacktivists: Hackers who gain unauthorized access to and cause disruption in a
computer system in an attempt to achieve political or social change.
• APT: A threat that uses multiple attack vectors to gain unauthorized access to
sensitive resources.
• Insider threats: Present and past employees, contractors, partners, and any entities
that have access to proprietary or confidential information and whose actions result
in compromised security.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TYPES OF THREAT ACTORS (SLIDE 2 OF 2)

Tier Description
Those who invest a relatively small amount of money to use off-the-shelf tools to exploit known
I
vulnerabilities.
Those who invest a relatively small amount of money to develop their own tools to exploit
II
known vulnerabilities.
Those who invest millions of dollars to discover unknown vulnerabilities that enable them to
III
steal personal and corporate data that they can sell to other criminal elements.
Organized, highly technical, proficient, well-funded professionals who work in teams to discover
IV
new vulnerabilities and develop new exploits.
Nation states that invest billions to create vulnerabilities by influencing commercial products
V
and services.
Nation states that invest billions to carry out a combination of cyber, military, and intelligence
VI
operations to achieve a political, military, or economic goal.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


RISK RESPONSES

Risk Response Description


• Action taken to ensure that risk has been completely eliminated or reduced to zero.
Avoidance
• Terminating the process, activity, or application that is the source of the risk.
• Responsibility for risk management moved to another entity.
Transference
• Insurance company, cloud service provider, or other outsourcing provider.
• Controls and countermeasures implemented to reduce the likelihood and impact of
Mitigation risk.
• Goal is to reduce potential effects to within acceptable risk thresholds.
• Risks are identified and analyzed and deemed to be within established limits.
Acceptance
• No additional action required.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TOLERANCE TO IMPACT

• Pen testing will affect performance.


• Networks
• Hosts
• Applications
• Balance the need for testing with continuity of business operations.
• Determine which business operations and assets can be tested, and which should
be left alone.

In Scope Out of Scope


• Network storage • E-commerce servers
• Intranet • Customer-facing websites
• Product databases • Email servers
• Employee email accounts • R&D network
• Time-tracking app

32

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


SCHEDULING

• Timeline to define when events should occur.


• Specify test days and hours, as well as duration.
• DDoS to take place for up to one week, but only between 12:00 and 3:00 A.M.
• Start date: 7/23/2018
• End date: 7/30/2018
• Notifications to client stakeholders.

List of events Date and time Client


restrictions stakeholder
notifications

33

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


SCOPE CREEP

Scope creep: The condition that occurs when a client requests additional services after a
SOW has been signed and the project scope has been documented and agreed upon.
• Any type of project, not just pen testing.
• Takes resources and effort away from the items documented in the SOW.
• Less time unless you add more testers.
• Less diligent testing is possible.
• Testing organization can be forced to take a financial loss.
• Legal protection might be affected.
• Try to get another agreement to cover the additional work.
• Extra time.
• Extra money.
• Possible reduction in costs for client.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


GUIDELINES FOR SCOPING AND NEGOTIATING PENTEST
ENGAGEMENTS (SLIDE 1 OF 2)
• Determine the types of assessments you want to conduct.
• Clearly define the end goals of the engagement.
• Determine what testing strategy you need to use.
• Determine what types of threat actors you want to emulate.
• Capabilities and intent.
• Consider recommending threat modeling.
• Clear definition of objectives and expectations.
• Identify all targets and the risk tolerance associated with each.
• Conventional and specialized systems.

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


GUIDELINES FOR SCOPING AND NEGOTIATING PENTEST
ENGAGEMENTS (SLIDE 2 OF 2)
• Account for existing controls and scenarios.
• Org policies and security exceptions.
• Whitelists and/or blacklists.
• Certificate and public key pinning.
• NAC devices and controls.
• Premerger or supply chain security testing.
• Create, maintain, and adhere to a comprehensive schedule.
• Avoid scope creep.
• Use disclaimer language to protect the test team.
• Use a scoping checklist.
• Identify each deliverable.
• Documents
• Meetings

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TEAM PREPARATION (SLIDE 1 OF 2)

• Prepare the client.


• Gather technical points of contact.
• Inform key IT personnel.
• Verify the existence of current, verified backups of all critical systems.
• Verify client personnel are aware of possible risks and will work with the pen test team to
restore crashed or compromised systems.
• Warn against stopgap security measures implemented before testing begins.

37

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


TEAM PREPARATION (SLIDE 2 OF 2)

• Prepare the pentest team.


• Clarify scope and limitations.
• Verify testers know the objectives and deliverables.
• Verify testers have contact information and escalation procedures available.
• Have testers document all actions and outcomes in a central repository.
• Verify testers have documented authorization for pen test activities.
• Verify the project lead is managing the engagement schedule properly.
• Verify testers know to report accidents or errors immediately.

38

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


DATA COLLECTION AND DOCUMENTATION (SLIDE 1 OF 2)

• Follow a plan that maps pen tests to identified objectives.


• Verify all tests contribute to the client organization’s goals.
• Document everything, including mistakes and accidents.
• Keep documentation clear, concise, and objective.
• Use a central repository to store test data.
• Collect as much data as you can.
• Upload test results and data in their original format.

39

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


DATA COLLECTION AND DOCUMENTATION (SLIDE 2 OF 2)

• Record the steps taken to collect data.


• Verify enough data is collected to analyze.
• Keep original copies of all data.
• If prior or current hacking activity is discovered, note that in your findings.
• Ongoing activity should be flagged for escalation.
• If problems outside the engagement scope are discovered, document them and
forward to your supervisor.
• Only pursue them if explicitly told to do so.

40

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


CONTINGENCY PLANNING

• Pentest team uses hacking tools.


• Problems will arise during testing.
• Targeted systems or collateral damage.
• Testing adds a stress load to systems, which can crash if they are already unstable.
• Current, verified backups a must.
• Established contingency plan helps restore services relatively quickly.
• Reboot systems.
• Reload VM snapshots.

41

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


ESCALATION PATH FOR COMMUNICATIONS

• Alleviates the need for pen testers to make risky or possibly damaging decisions
without input from other stakeholders.
• A clear chain of command provides the starting point for escalating issues.
• Team members report issues only to those who are above them in the chain of
command.
• Encourage the client organization to appoint a point person who is the counterpart
of the pen test project supervisor.
• Always have a supervisor on duty.
• Train team members:
• Check in with the lead, especially at the start and end of a specific task.
• Notify the lead when anomalies are discovered.
• Notify the lead if out-of-scope issues arise.
• Refrain from action on out-of-scope issues until authorized to act.

42

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


GO LIVE

• The actual “green light” to start the testing.


• Date and time for Go Live is usually kept secret.
• In some cases, information gathering might start before Go Live date.
• Passive reconnaissance
• OSINT

Point in time Go Live date and Information


for the test to time might be gathering might
begin. secret. start first.

43

© 1998-2020 NetCom Learning www.netcomlearning.com | [email protected] | 1-888-563-8266


RECORDED WEBINAR VIDEO

To watch the recorded webinar video for live demos, please access the link:
http://tiny.cc/3ogdpz

© 1998-2020 NetCom Learning www.netcomlearning.com || [email protected] || 1-888-563-8266


ABOUT NETCOM LEARNING

100K+ 12K+ 3500


Professionals Corporate IT, Business &
trained clients Soft Skills courses

96% 8.6/9 20+ NetCom Learning is an award-winning


global leader in managed learning
Of customers Instructor Leadingvendors services, training and talent development.
recommend us to others evaluations recognitions
Founded : 1998
Headquarters : New YorkCity

Delivery Capability : Worldwide


Microsoft’s 80% Top20 CEO : RussellSarder
Worldwide training Trained of the ITTraining
partner of the year Fortune 100 Company

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
RECOMMENDED COURSES

NetCom Learning offers a comprehensive portfolio for Security Courses


COMPTIA

» COMPTIA SECURITY+ CERTIFICATION PREP (EXAM SY0-501) – Class Scheduled on June 08


» COMPTIA PENTEST+ CERTIFICATION PREP (EXAM PT0-001) – Class Scheduled on June 08
» COMPTIA CYBERSECURITY ANALYST (CYSA+) CERTIFICATION PREP (EXAM CS0-001) – Class Scheduled on June 29
» COMPTIA ADVANCED SECURITY PRACTITIONER (CASP+) CERTIFICATION PREP (EXAM CAS-003) – Class Scheduled on July 20

CISSP

» CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) – Class Scheduled on June 22

MILE2

» MILE2 CERTIFIED PENETRATION TESTING ENGINEER (C)PTE) - SPECIALIZED – Class Scheduled on June 15
» MILE2 CERTIFIED INCIDENT HANDLING ENGINEER (C)IHE) - SPECIALIZED – Class Scheduled on June 15
» MILE2 CERTIFIED INFORMATION SYSTEMS SECURITY OFFICER (C)ISSO) - FOUNDATIONAL – Class Scheduled on June 22
» MILE2 CERTIFIED VULNERABILITY ASSESSOR (C)VA) - FUNDAMENTAL – Class Scheduled on July 13

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
RECOMMENDED MARKETING ASSETS

You can also access the below Marketing Assets


» Free On-Demand Training- Red Team VS Blue Team LIVE Cybersecurity Battle | CySA+ & PenTest+ Skills
» Free On-Demand Training- Getting Started With CompTIA PenTest+
» Blog - 5 Reasons Why Penetration Testing Is Imperative for Your Organization
» Blog - CySA+ v/s PenTest+: Which CompTIA Security Skill Will You Need to Learn First
» Blog - CompTIA Security+ Certification For Enterprise Network Security: Advantages
» Blog - Understanding CISSP Certification Domains

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
UPCOMING WEBINARS

• The Future of IT Service Management (ITSM) with ITIL® 4


• Analytics in the Cloud with Tableau on AWS
• Gain the Cloud Advantage: Level-up Your (or Your Teams') Skills with Microsoft Azure
Role-Based Certifications
• Secrets to Become a Network Engineer in a Programmable Age
• Adobe Illustrator Fundamentals - Walkthrough of the Latest Features and Best Practices
• Present Your Data Effectively With Microsoft Excel and PowerPoint
• Prevent Unauthorized Access to Your Systems and Applications with Security Automation

& More

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
PROMOTIONS

Save up to 60% on our Virtual Instructor-Led Training courses!


Get the most out of our Virtual Instructor-Led Training (vILT) deals and upskill at special discounts on individual
courses. With vILT, make your learning flexible, convenient, and immersive. View Offer

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
PROMOTIONS

Buy More to Save More!


Now fulfill all your training needs without disturbing your business funds. Choose from the bundle of our Learning
Saving Pass (LSP) pre-pay plans and get up to 100% value back on your investment. Unlock Now

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
PROMOTIONS

Worry-Free Training with Price Match Guarantee


Our Price Match Guarantee ensures that we'll match the offers of any other authorized training provider if you
succeed at finding anyone offering the same publicly scheduled class within 30 days of our schedule at a lower
regular price. Learn More

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
FOLLOW US ON

LinkedIn Instagram Twitter YouTube

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
BUILDING AN INNOVATIVE LEARNING ORG.

A BOOK FROM RUSSELL SARDER,


CEO AT NETCOM LEARNING

A framework to build a smarter


workforce, adapt to change and
drive growth.

DOWNLOAD e-book

© 1998-2019
1998-2020NetCom
NetCom Learning
Learning www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
Thank you

1998-2019 NetCom Learning


© 1998-2020 www.netcomlearning.com
www.netcomlearning.com || [email protected] || 1-888-563-8266
|

You might also like