Penetration Testing Planning and Scoping Online Training

    Taught by
    Bob SalmansBob Salmans
    Shawn PowersShawn Powers
    UPDATED: February 26, 2021
    Intermediate

    This Penetration Testing Planning and Scoping training covers how to decide what networks, applications, databases, accounts, people, controls, and assets will be targeted in a given penetration test and define them for the testers. A penetration test is a good way to double-check your network's security posture but if you're not careful, you can waste a lot of time and money when you do it. You can include networks or devices you're not interested in, or you can check for vulnerabilities you've already identified or that you know aren't valid.

    Start a free week

    Subscription options

    $59.00

    Access all premium content with a free week!

    • Quizzes
    • CyberVista® IT practice exams
    • Coaching
    • IT learner community
    Start a free week
    G2 Logo
    4.5 reviews stars

    What you'll learn

    • Identifying stakeholders with input as to ideal scope of pen test
    • Incorporating the balance of pen test cost with security gains into determination of scope
    • Gathering sufficient information to adequately scope tests
    • Specifying limits and meaningful parameters on penetration tests

    FAQs

    What is meant by penetration testing planning and scoping?

    Planning and scoping are two of the essential steps in doing a penetration test, as they lay out the expectations and parameters of the test. Penetration test planning involves strategizing the approach that will be taken, including defining objectives, determining timelines, and selecting the right methods. Penetration scoping delineates boundaries and depth: what systems, networks and vulnerabilities to test for. Good planning and scoping provides exceptionally valuable insights for networks.

    What is the primary purpose of Pentesting?

    The primary purpose of penetration testing (pentesting) is to identify vulnerabilities before a bad actor can find and exploit them. Penetration testing is done by simulating a real-world attack, usually without informing the network's cybersecurity team. This helps to assess the effectiveness of the network's security measures as well as their resilience against attacks. Penetration testing planning and scoping is a crucial part of the process, ensuring maximum accuracy and relevance.

    Why would a company conduct a penetration test within their environment?

    Penetration testing's best attribute is the reason a company would conduct one inside their own environment: they're proactive. Penetration tests reveal weaknesses in a network's security posture early, giving the security team time to address the vulnerability before anything has gone wrong. Like an army defending a castle, penetration tests reveal where the defenders should build higher walls, reinforce gates, and stockpile ammunition, and not find out during a siege.

    Who should take this course on planning and scoping penetration tests?

    This course covers a specific part of performing penetration tests, the planning and scoping phase. That means it's a good course for cybersecurity professionals who are hoping to get involved with pentests, as well as experienced cybersecurity professionals who want to brush up on that one part of the skill they've already developed. This course helps security analysts, ethical hackers and information security managers define test objectives, scope assessments and select methodologies.

    Is this penetration testing planning and scoping course associated with any certifications?

    This penetration testing planning and scoping course is primarily a skills-based course focused on giving you simulated experience planning and scoping a pen test. Because what you'll learn applies in multiple settings and is useful no matter what hardware or software combination the target network uses, it is helpful information if you're planning on earning the PenTest+ from CompTIA. Additionally, Security+ will be much easier after taking this course.

    Who is this for?

    This Penetration Testing Planning and Scoping training is considered specialist training, which means it was designed for security technicians with at least a year of experience with planning and scoping for pen testing and experienced pen testers looking to validate their security skills.

    target-audience-face-3target-audience-face-6target-audience-face-12

    What our learners say

    • When learning a new technology, people sometimes build a wall that complicates the learning process because of the unknown. I like tearing down that wall — and having people fall in love with that technology.

      Lalo Nunez | CBT Nuggets trainer since 2020

    • CBT Nuggets is exactly what I needed.

      Thomas S. | Systems Engineer & Consultant

    • It feels like the best and the brightest people are training with you — and they are just hanging out with you and showing you the ropes.

      John McCann | IT manager and CBT Nuggets learner
    Study plan

    Download the free Penetration Testing Planning and Scoping study plan to complete this course in about 3 hours.

    Download study plan

    Related Topics

    Related Courses

    Get CBT Nuggets IT training news and resources

    I have read and understood the privacy policy and am able to consent to it.

    Follow us

    Let's chat!

    Sales | Support | General
    © 2024 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522