Time: 120 Minutes
Passing Score: 75%
Format: Pearson VUE with questions derived from a large pool of questions which are randomly selected
Other Requirements: Passing grade on hands-on labs
Editors’ Quick Thoughts
Updated November 29, 2011: Mile2 had 2 certs for network pen testing, CPTS & CPTE for ‘specialist’ and ‘expert.’ They’ve recently changed the names around a bit to ‘engineer’ and ‘consultant.’ Thus the new names are Certified Penetration Testing Engineer (CPTE) which was formerly known as CPTS. And the Certified Penetration Testing Consultant (CPTC) has now taken the place of CPTE. As we learn more we’ll be sure to keep you updated.
From the Horse’s Mouth (Mile2’s Web Site Content):
The CPTConsultant course provides attendees with the unique opportunity to perform all stages of an actual penetration test within a controlled classroom environment. Hands-on laboratories have been researched and developed by leading security professionals from around the world and are more advanced than what can be found through typical security courses or online universities. The CPTConsultant will cover much more in-depth attacks, techniques, technologies and countermeasures than foundation Penetration Testing and Ethical Hacking courses such as CPTEngineer, CEH and OSPT.
Participants of the CPTConsultant course will have the ability to complete laboratories in all of the following areas:
• Perform a penetration test and submit a deliverable report
• Capture and replay VoIP traffic
• Find and exploit databases with SQL Injection vulnerabilities
• Manipulate prices on e-commerce websites
• Obtain and transfer information via Bluetooth enabled telephones
• Tools and resources for picking simple and complex locks
• Techniques for Wireless Site Surveying and Cracking WEP/WPA key
• Each day ends with a Capture the Flag Competition to ensure that participants retain the daily objectives.
• Additionally, attendees will be qualified to confidently undertake the CPTConsultant practical examination.
This course is designed to take an individual with knowledge of the basic security auditing toolset to the next and higher level. Many courses teach “how to hack”; the CPTConsultant course teaches “the business of penetration testing”. The course delivers advanced and cutting edge techniques for auditing a broad range of security controls (including Physical and User Security) with “hands-on” laboratories designed by real world security auditors.
The CPTConsultant course also delivers the “business side” of penetration testing, including RFPs, Authorization, Security Policy Review and Compliance. The CPTConsultant courseware is constantly updated (with updates available to past students) to reflect the most current security issues and known exploits; this is the way of the Certified Penetration Testing Consultant.
A Certified Penetration Testing Consultant is a security professional with the ability to plan, manage and perform a penetration test. The designation “Consultant” is related to the depth and breadth of understanding required to manage a project involving multiple team members, manage the client’s expectations and deliver an audit of security controls that is thorough, well documented and ethically sound.
Certified Penetration Testing Consultant Module Topics:
Module 1: Introduction and Pen Test Overview
Module 2: Refresher: The Attack Stage
Module 3: Core Impact: Initial Pen Test
Module 4: External/DMZ Assessments
Module 5: Wireless Site Surveying
Module 6: Attacking Bluetooth Devices
Module 7: Programming 101
Module 8: Internal Pen Testing
Module 9: Physical Security
Module 10: After the Pen Test
More from Mile2.