Penetration Testing
Content Areas Assessed
| Penetration Testing Fundamentals | The individual understands the phases, process, and methodology of a penetration test, and the practical application of penetration testing techniques. |
| Cornerstone Penetration Testing | The individual demonstrates a solid grasp of common knowledge areas for penetration testers. The candidate will be familiar with common penetration testing tools, and can perform basic penetration testing tasks. |
| Advanced Penetration Testing Principles | The individual can demonstrate a progressive and compound of penetration testing methodology. The candidate can combine multiple knowledge areas to complete more complex tasks involving the analysis or exploitation of a target. |
For more information, please contact us at cybertalent@sans.org
Format
- Web-based tool
- 30 question assessment
- 60 minutes allowed for completion
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
Digital Forensics
Content Areas Assessed
| Digital Forensic Foundations | The individual will be familiar with fundamental digital forensic methodology and the practical application of examination techniques which include the collection, preservation and analysis of common digital file systems, applications and volatile artifacts. |
| Cornerstone Digital Forensics | The individual will demonstrate an understanding of the essentials of a digital forensics practice. These individuals approach engagements with the technical ability to perform reliable and repeatable examinations of digital assets. The individual will be familiar with the process and practice of preserving, collecting and examining physical devices, volatile evidence and network infrastructure elements. |
| Advanced Digital Forensics Principles | The individual will demonstrate a progressive and compound understanding of advanced digital forensics techniques and methodology. These individuals will be familiar with the protocols and actions required to lead complex digital engagements involving the detection and examination of malware, malicious network events and host based artifact analysis. |
For more information, please contact us at cybertalent@sans.org
Format
- Web-based tool
- 30 question assessment
- 60 minutes allowed for completion
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
Cyber Defense
Content Areas Assessed
| Information Security Foundations | The individual will demonstrate understanding of the fundamental concepts of information security, including defense-in-depth, secure configuration, network design and hardware. |
| Cornerstone Information Security | The individual will demonstrate understanding of the practice of information security including limitation of network services, ports, and protocols,demonstrate knowledge of firewall principles and basic Configuration, and the concept of least privilege |
| Advanced Information Security Principles | The individual will demonstrate understanding of a progressive and compound understanding of advanced information security techniques and methodologies, including OS security, threat and vulnerability assessments, and encryption. |
For more information, please contact us at cybertalent@sans.org
Format
- Web-based tool
- 30 question assessment
- 60 minutes allowed for completion
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
Application Security
Content Areas Assessed
| Common Web Application Attacks | Current, working knowledge of the OWASP Top 10 and mitigation techniques |
| Web Application Architecture Security |
|
| Web Technologies and Services |
|
| Secure Coding Principles and Software Development Lifecycle |
|
| Secure Coding Practice |
|
For more information, please contact us at cybertalent@sans.org
Application Security Domains
| Application Security Domains | The examinee will understand the details of common web application attacks. |
| Web Application Architecture Security |
The examinee will understand web application architecture. |
| Web Technologies and Services |
The examinee will understand web technologies and services including REST, Javascript, and AJAX |
| Secure Coding Principles and Software Development Lifecycle |
The examinee will understand secure coding principles and the software development lifecycle. |
| Secure Coding Practice |
The candidate will understand the practice of secure coding including Input Validation, Session Management, Access Control, and Authentication. |
NOTE: The assessment will contain code samples in many languages including C, PHP, Java, .Net, and SQL. Primary platform aside, SANS believes a person specializing in application security should be able to spot core security flaws in any common language they are likely to encounter.
Format
- Web-based tool
- 30 question assessment
- 60 minutes allowed for completion
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
Industrial Control Systems
Content Areas Assessed
| Industrial Control System Foundations | The examinee will demonstrate understanding of the fundamental concepts of information security, including defense-in-depth, secure configuration, network design and hardware. |
| Cornerstone Industrial Control System Principles | The examinee will demonstrate understanding of the practice of information security including limitation of network services, ports, protocols, demonstrated knowledge of firewall principles and basic configuration, and the principle of least privilege. |
| Advanced Industrial Control System Principles | The examinee will demonstrate understanding of a progressive and compound understanding of advanced information security techniques and methodologies, including OS security, threat and vulnerability assessments, and encryption. |
For more information, please contact us at cybertalent@sans.org
Format
- Web-based tool
- 30 question assessment
- 60 minutes allowed for completion
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
Management
Content Areas Assessed
| Information Security Fundamentals | The examinee will demonstrate understanding of the fundamental concepts of information security. |
| Information Security Management | The examinee will demonstrate familiarity with the practice of information security management and understanding of associated issues. |
| Core Management and Leadership | The examinee will demonstrate understanding of generally accepted management and leadership principles, tools, and techniques. |
For more information, please contact us at cybertalent@sans.org
Format
- Web-based tool
- 30 question assessment
- 60 minutes allowed for completion
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
CyberTalent Enhanced
Content Areas Assessed
| Aptitude | |
|---|---|
| Information Security Aptitude | The aptitude of the candidate toward general information security principles will be measured. |
| Basic InfoSec Skills | |
| Networking Concept Domain | High scoring candidates will demonstrate a thorough understanding of networking design, hardware, and common protocols such as Ipv4, IPv6, TCP, UDP, and ICMP, and will be able to read network packets. |
| Defense in Depth Domain | High scoring candidates will demonstrate a thorough understanding of defense-in-depth such as anti-malware, access control, authentication, and application security. |
| Internet Security Technologies Domain | High scoring candidates will demonstrate a thorough understanding of common Internet security technologies such as firewalls, and processes such as vulnerability management, intrusion detection and prevention, and risk management. |
| Communications Security Domain | High scoring candidates will demonstrate a thorough understanding of communications security including cryptography, VPNs, PKI, and data encryption. |
| Operating Systems Security Domain | High scoring candidates will demonstrate a thorough understanding of common operating system security for Windows and Linux, auditing, permissions, and security configuration. |
For more information, please contact us at cybertalent@sans.org
Format
- Web-based tool
- 25 Skill-based questions
- 25 Aptitude-based questions
- 120 minutes allowed for completion
Easy to Use Reporting
- Online reports summarize individual results and your department's skill portfolio. Reports are easily accessible online.
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
Information Security Aptitude Assessments
Information Security Aptitude Assessments
| Identifying High-Potential Talent | Talent: A natural ability or aptitude. A capacity for achievement and success. Everyone is looking for cyber talent, and the SANS CyberTalent Aptitude Assessment identifies individuals with high potential. It uses objective data to measure an individual's aptitude and capacity for achievement in cyber. |
| Elements of Potential Success in Cyber | In broad terms, the types of elements the assessment aims to measure include technical comprehension, problem solving, and knowledge application. It measures them with a unique combination that assesses both common aptitude attributes and unique cybersecurity-specific attributes identified by SANS experts and aptitude researchers. |
| Correlation with GIAC Certification Success | Performance on the CyberTalent Aptitude Assessment is an indicator of success in training and certification. Results have shown a high correlation with success in GIAC certifications. |
For more information, please contact us at cybertalent@sans.org
Format
- Web-based tool
- 30 question assessment
- 60 minutes allowed for completion
Easy to Use Reporting
- Online reports summarize individual results and your department's skill portfolio. Reports are easily accessible online.
Pricing
- CyberTalent Assessments are sold in packs of 25 or greater. The CyberTalent Enhanced (CTE) Assessment is $200 per assessment and all other CyberTalent Assessments are $150 per assessment.
