the most trusted source for computer security training, certification and research
select a course
Global Information Assurance Certification

SANS training is like a catalyst. It not only boosts your knowledge but also inspires you to learn more.
-Tan Koon Yaw, IDA

SECURITY 560

Network Penetration Testing and Ethical Hacking

6 CPE Credits Per Day

NOTE: Includes access to the Virtual Training Lab


IMPORTANT NOTE: SANS Security 560 is one of the most technically rigorous courses offered by the SANS Institute. Attendees are expected to have a working knowledge of TCP/IP, cryptographic routines such as DES, AES, and MD5, and the Windows and Linux command lines before they step into class. Although SANS Security 401 (Security Essentials) and then next SANS Security 504 (Hacker Techniques, Exploits, and Incident Handling) are not pre-requisites for 560, these courses cover the groundwork that all 560 attendees are expected to know. While 560 is technically in-depth, it is important to note that programming knowledge is NOT required for the course.

Find Security Flaws Before the Bad Guys Do

Security vulnerabilities, such as weak configurations, unpatched systems, and botched architectures, continue to plague organizations. Enterprises need people who can find these flaws in a professional manner to help eradicate them from our infrastructures. Lots of people claim to have penetration testing, ethical hacking, and security assessment skills, but precious few can apply these skills in a methodical regimen of professional testing to help make an organization more secure. This class covers the ingredients for successful network penetration testing to help attendees improve their enterprise's security stance.

We address detailed pre-test planning, including setting up an effective penetration testing infrastructure and establishing ground rules with the target organization to avoid surprises and misunderstanding. Then, we discuss a time-tested methodology for penetration and ethical hacking across the network, evaluating the security of network services and the operating systems behind them.

Attendees will learn how to perform detailed reconnaissance, learning about a target's infrastructure by mining blogs, search engines, and social networking sites. We'll then turn our attention to scanning, experimenting with numerous tools in hands-on exercises. Our exploitation phase will include the use of exploitation frameworks, stand-alone exploits, and other valuable tactics, all with hands-on exercises in our lab environment. The class also discusses how to prepare a final report, tailored to maximize the value of the test from both a management and technical perspective. The final portion of the class includes a comprehensive hands-on exercise, conducting a penetration test against a hypothetical target organization, following all of the steps.

The course also describes the limitations of penetration testing techniques and other practices that can be used to augment penetration testing to find vulnerabilities in architecture, policies, and processes. We also address how penetration testing should be integrated as a piece of a comprehensive enterprise information security program.

Differentiators

This SANS course differs from other penetration testing and ethical hacking courses in several important ways:

  • We get deep into the tools arsenal with numerous hands-on exercises that show subtle, less-well-known, and undocumented features that are incredibly useful for professional penetration testers and ethical hackers.
  • The course discusses how the tools interrelate with each other in an overall testing process. Rather than just throwing up a bunch of tools and playing with them, we analyze how to leverage information from one tool to get the most bang out of the next tool.
  • We focus on the workflow of professional penetration testers and ethical hackers, proceeding step-by-step discussing the most effective means for conducting projects.
  • The sessions address common pitfalls that arise in penetration tests and ethical hacking projects, providing real-world strategies and tactics for avoiding these problems to maximize the quality of test results.
  • We cover several timesaving tactics based on years of in-the-trenches experience from real penetration testers and ethical hackers, actions that might take hours or days unless you know the little secrets we'll cover that will let you surmount a problem in minutes.
  • The course stresses the mind-set of successful penetration testers and ethical hackers, which involves balancing the often contravening forces of creative "outside-the-box" thinking, methodical trouble-shooting, carefully weighing risks, following a time-tested process, painstakingly documenting results, and creating a high quality final report that achieves management and technical buy-in.
  • We also analyze how penetration testing and ethical hacking should fit into a comprehensive enterprise information security program.

Who Should Attend?

Security personnel whose job involves assessing target networks and systems to find security vulnerabilities. The course is ideally suited for system administrators, technical auditors, professional penetration testers, and consultants who want technical depth and hands-on experience with penetration testing and ethical hacking tools.

Author Statement

Successful penetration testers don't just throw a bunch of hacks against an organization and regurgitate the output of their tools. Instead, they need to understand how these tools work indepth, and conduct their test in a careful, professional manner. This course explains the inner workings of numerous tools and their use in effective network penetration testing and ethical hacking projects. When teaching the class, I particularly enjoy the numerous hands-on exercises culminated with a final pen-testing extravaganza lab.
- Ed Skoudis

SECURITY 560 :: Network Penetration Testing and Ethical Hacking
SANS 2009 Orlando, FL March 02, 2009 - March 09, 2009
SANS Security East 2009 New Orleans, LA May 04, 2009 - May 12, 2009
SANS Cyber Defense Initiative 2008 Washington, DC December 10, 2008 - December 16, 2008
SANS Vancouver 2008 Vancouver, BC November 17, 2008 - November 22, 2008
SANS Security West 2009 Las Vegas, NV January 24, 2009 - February 01, 2009
Community SANS Portland 2009 Portland, OR March 09, 2009 - March 14, 2009
Community SANS Lake Tahoe 2008 Lake Tahoe, CA December 08, 2008 - December 13, 2008
Community SANS Los Angeles 2009 Los Angeles, CA February 16, 2009 - February 21, 2009
Community SANS Raleigh Durham Winter 2008 Raleigh Durham , NC December 01, 2008 - December 06, 2008
SANS London 2008 London, United Kingdom December 01, 2008 - December 09, 2008
SANS Phoenix 2009 Phoenix, AZ March 23, 2009 - March 30, 2009
SANS Tysons Corner 2009 Tysons Corner, VA April 14, 2009 - April 22, 2009
SANS Toronto 2009 Toronto, ON May 05, 2009 - May 13, 2009
Mentor Session - Security 560 Raleigh, NC February 17, 2009 - April 21, 2009
Mentor Session - Security 560 Englewood, CO March 17, 2009 - May 19, 2009
Community SANS Atlanta 2009 Atlanta, GA February 02, 2009 - February 07, 2009
SANS@Home - Security 560 - Ed Skoudis, John Strand Webcast Classroom Training, VA January 13, 2009 - February 19, 2009
SANS Process Control & SCADA Security Summit 2009 Lake Buena Vista, FL February 01, 2009 - February 09, 2009
SANS Secure Europe 2009 - Amsterdam Amsterdam, Netherlands May 11, 2009 - May 23, 2009
Mentor Session - Security 560 Germantown, MD April 13, 2009 - June 15, 2009
SANS OnDemand Online Anytime
SANS SelfStudy Books and .MP3s Only Anytime