How to look at your network through a hacker’s eyes… and close the doors on unauthorized penetration.

The Mandatory Q/ISP Certificate Program of Mastery Q/SA- Q/PTL Qualified/ Security Analyst Penetration Tester certification class & Q/PTL Qualified/ Penetration Tester License validation lab prepares you to learn "how to do Vulnerability Analysis" & "how to report" how compromised the network can be. You learn SU's Vulnerability Analysis & Penetration Testing process and methodology while doing "no harm".  SU courses and certificate programs of mastery are designed to provide you with an immersive learning experience -- from hands-on workshops, certifications, with deep dives on a particular cyber security topic or technology. Every class is structured to give you expertise in critical areas that you can immediately put to use.

The majority of the class consists of probing target networks, gaining user-level access and demonstrating just how compromised the network can be. SU teaches you the red team skills like leaving an innocuous file on a secure part of a network as a calling card, as if to say, “This is your friendly red team. We danced past the comical precautionary measures you call security hours ago. This file isn't doing anything, but if we were anywhere near as evil as the hackers we're simulating, it might just be deleting the very secrets you were supposed to be protecting. Have a nice day!”

The Mandatory Q/SA® - Q/PTL® is the only security skills assessment certification that validates your Qualified/ Security Analyst Penetration Tester skills. There is only one way to get a Q/PTL Qualified/ Penetration License - you EARN one, not buy one.  

To achieve your Mandatory Q/PTL you must perform a real penetration test the last day of class and report back a “Practical”, fully detailed management report. Your report is due to SU 60 days from the start of class. This practical shows your penetration testing skills and valids them beyond question. Nightly exercise are no walk in the park, each Q/PTL session increases in complexity and scope. The more skilled the security team becomes, the more complex the target range.

This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.

KU Outcomes:

• Students will be able to describe potential system attacks and the actors that might perform them.
• Students will be able to describe cyber defense tools, methods and components.
• Students will be able to apply cyber defense methods to prepare a system to repel attacks.
• Students will be able to describe appropriate measures to be taken should a system compromise occur.

Systems Security Analysis - Conducts and documents the systems integration, testing, operations, maintenance, and security of an information environment. Coordinates threat and mitigation strategies across the enterprise

Text Materials: labs, SU Pen Testing Materials, resource CD’s and attack handouts.
Machines a Dual Core 18M Ram, 1TGig drives, running MS OS, linux, and VMWare Workstation

Tools for class - Whois, Google Hacking, Nslookup, Sam Spade, Traceroute, NMap, HTTrack, Superscan, Nessus, PSTool, Nbtstat, Solarwinds, Netcat, John the ripper, Nikto/Wikto, Web Scarab, HTTP Tunnel (hts.exe), LCP , Cain and Abel, Ettercap system hacking, John the Ripper Wireshark  sniffers, TCP dump, D sniff, tcpdump, Metasploit, ISS exploit, web app,Core Impact, Snort, Infostego, Etherape, Firefox with plugins (Hackbar, XSSme...), ebgoat, X Wget, Cyrpto tool, 'Curl'

Who Should Attend System and Network Administrators, Security Personnel, Auditors, and Consultants concerned with network security.

Learning Objectives

• Develop tailored focused, well defined rules of engagement for penetration testing projects- conducted in a safe manner
• Conduct reconnaissance using metadata, search engines, & public  information to understand the target environment
• Utilize a scanning tool such as Nmap to conduct comprehensive network sweeps, port scans, OS finger- printing, and version scanning to develop a map of target environments
• Learn how to properly execute Nmap, and sripts to extract information from target systems
• Configure and launch a vulnerability scanners, like Nessus, Metaspolit, to discovery vulnerabilities in un/authenticated and scans safely, and customize the output from such tools to represent the business risk to the organization
• Analyze the output of scanning tools to manually verify findings and perform false positive reduction using connection-making tools such as Netcat and packet crafting tools such as Scapy
• Utilize the Windows and Linux command likes to plunder target systems for vital information that can further the overall penetration test progress, establish pivots for deeper compromise, and help determine business risks
• Configure an exploitation tool such as Metasploit to scan, exploit, and then pivot through a target environment
• Conduct comprehensive password attacks against an environment, including automated password guessing (while avoiding account lockout), traditional pass- word cracking, rainbow table password cracking, and pass-the-hash attacks
• Utilize wireless attack tools for Wifi networks to discover access points and clients (actively and passively), crack WEP/WPA/WPA2 keys, and exploit client machines included within a projects scope
• Launch web application vulnerability scanners such as ZAP and then manually exploit Cross-Site Request Forgery, Cross-Site Scripting, Command Injection, and risk faced by an organization.

Grades -All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between.

Books - No books are required for this course. However, you may want to supplement your preparation for or review of some lectures with self-assigned readings relevant to those lectures' content from either of the books below. The first is intended for those inexperienced in (or less comfortable with the idea of) hacking. The second is intended for those experienced in (or more comfortable with the idea of) hacking. Both are available at sites like Amazon.com. Both are avail at the SU Hacker Library. Realize that free, if not superior, resources can be found on the SU website.

Those Less Comfortable - Hacking for Dummies, Kevin Beaver - Publication Date: January 29, 2013 | ISBN-10: 1118380932 | Edition: 4

For Those More Comfortable The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy by Patrick Ngebretson (Jun 24, 2013)
The book below is recommended for those interested in understanding how their own computers work for personal edification

How Computers Work, Ninth Edition Ron White Que Publishing, 2007 ISBN 0-7897-3613-6
This last book below is recommended for aspiring hackers, those interested in programming techniques and low-level optimization of code for applications beyond the scope of this course. Hacker’s Delight, Second Edition Henry S. Warren Jr. Addison-Wesley, 2012 ISBN 0-321-84268-5