This intermediate Penetration Testing Planning and Scoping prepares security technicians to decide what networks, applications, databases, accounts, people, controls and assets will be targeted in a given penetration test and define them for the testers.
Doing a penetration test without enough planning and scoping ahead of time would be a lot like walking back to the parking lot to make sure you locked your car doors, but then also checking the car door of every other car in the parking lot and every parking lot in the city. In other words, a penetration test is a good way to double-check your network's security posture but if you're not careful, you can waste a lot of time and money when you do it. You can include networks or devices you're not interested in, or you can check for vulnerabilities you've already identified or that you know aren't valid.
This Penetration Testing Planning and Scoping training covers how to identify stakeholders, gather information, assess needs, balance costs, and plan the scope of a penetration test.
For anyone who leads an IT team, this security training can be used to onboard new security technicians, curated into individual or team training plans, or as a penetration testing reference resource.
Penetration Testing Planning and Scoping: What You Need to Know
For any security technician looking to improve their proficiency with planning and scoping for pen testing, this security course covers topics such as:
- Identifying stakeholders with input as to ideal scope of pen test
- Incorporating the balance of pen test cost with security gains into determination of scope
- Gathering sufficient information to adequately scope tests
- Specifying limits and meaningful parameters on penetration tests
Who Should Take Penetration Testing Planning and Scoping Training?
This Penetration Testing Planning and Scoping training is considered specialist training, which means it was designed for security technicians with at least a year of experience with planning and scoping for pen testing and experienced pen testers looking to validate their security skills.
New or aspiring security technicians. If you're a brand new security technician, this Penetration Testing Planning and Scoping training could help make sure that your first penetration test isn't far more expensive than you'd anticipated. But if you're a completely new security technician, you probably won't be running a penetration test on your own. If you know you'll be running pen tests or a part of teams planning them, this training is a great start to your security technician career.
Experienced security technicians. This Penetration Testing Planning and Scoping training is perfect for experienced security technicians who are trying to move into penetration testing or who have recently started performing them in their job. Although you won't learn how to perform every part of a pen test with this training, you will become specialized in keeping your team's penetration tests inside parameters and on-target.