课程概况
I’ve heard this before – “I’m not sure my computer security practices are working”. I reply “Have you tested them?” This course is the fourth and final course in the Practical Computer Security specialization. In this course, you’ll learn how to proactively test what you have put in place to protect your data. In the first week you’ll be able to discuss the basics of deterrents and how to “trick” attackers into believing they’ve hit a goldmine of data away from your real systems. In week 2, you’ll be able to understand and discuss the steps of penetration testing methodology. In week 3, you will be able to understand and apply what you have learned on your own systems to test whether your systems are secure or not. In week 4, we’ll discuss planning for your own methodology that you can apply to your own systems. And finally in week 5, we’ll finish up with a project that will allow you to test your skills in a safe environment.
课程大纲
Information Sharing and Threat Intelligence
This module covers information sharing. Information sharing is an important tool to help organizations gather information from others so they can protect themselves.
Penetration Testing - Methodology
This module will cover the pen testing methodology. Not following a pen testing methodology may lead to false positives or worse, false negatives in a testing scenario.
Common Pen Testing Tools
This module will cover some of the tools used in the penetration testing methodology. These are just common tools used to gain information, find exploits and compromise systems. There are many more tools out there, but these are the most commonly used.
Proactive computer security management
This module will cover some of the other issues and concerns for those interested in proactive security. Legal issues are important for any level of management and administration to be concerned with. Planning goes a long way toward effective proactive computer security.
Exploiting OWASP Top 20 Controls
This is the course project. The goal is for you to compromise or gain data from a test system.
