.

How useful is this for a real world penetration tester?

<<

galaril

Newbie
Newbie

Posts: 5

Joined: Tue Dec 25, 2007 11:17 pm

Post Tue Dec 25, 2007 11:37 pm

How useful is this for a real world penetration tester?

I am a an security professional in the financial institution space and am interested in the CPTS. In my work I am involved in risk assessments and also alot of penetration testing including web app vulnerability scanning. I looking to take the course by Mile2 to get more structured exposer to alot of the tools especially the main ones like NMAP,Nesses, password crackers etc. . I have heard some differnt things such as the CPTS focus a lot on the manual exploit techniques such as creating your own scripts  inPERL or soemthing like that. In my position most of our projects don't allow a ton of time to work on these more time consuming manual procedures and we have to rely mostly on scanning tools and analysis the output. Does the CPTS fit this type of purpose well? Does the course even go into analysis of the otput at all? Or is it primarily jsut show you how to install ,configure and run multiple tools?
I have also looked at the SANS GIAC couses like the Certified networkand system auditor course or the GCIH. GCIH has alot of info but I haven't heard too much on the GSNA.
<<

LSOChris

Post Wed Dec 26, 2007 6:42 am

Re: How useful is this for a real world penetration tester?

did you look at the objectives?
<<

galaril

Newbie
Newbie

Posts: 5

Joined: Tue Dec 25, 2007 11:17 pm

Post Wed Dec 26, 2007 9:42 pm

Re: How useful is this for a real world penetration tester?

Yes, and to be honest it is marketing material from Miles2 I am trying to get actual insight from people who have taken these courses.
<<

LSOChris

Post Wed Dec 26, 2007 10:09 pm

Re: How useful is this for a real world penetration tester?

the OBJECTIVES shouldnt be marketing hype they are the objectives.  the rest, well maybe.

http://www.mile2.com/Certified_Penetrat ... _CPTS.html

if you have the budget, you're better off with a SANS course over CEH or CPTS especially since it looks like you are doing more compliance scanning than real penetration testing the GCIH is a good place to start.

'The world does not need any more "ethical hackers". What is needed is more people who know the six steps for properly handling an incident' - Ed Skoudis

-Chris
Last edited by LSOChris on Wed Dec 26, 2007 10:16 pm, edited 1 time in total.
<<

galaril

Newbie
Newbie

Posts: 5

Joined: Tue Dec 25, 2007 11:17 pm

Post Thu Dec 27, 2007 1:10 am

Re: How useful is this for a real world penetration tester?

Thnaks for the info Chris and I not sure where the scanning that we do falls as far as being compliance scanning or real pen testing. All I know is my firm sells this service as pen testing though it is generally related to a larger project scope such as annual compliance etc. Also, a good protion of it is application vulnerability testing but in any case I am going to take the GCIH course. I forgot to mention that for me taking the exam and getting the actual certification is secondary to the course and the knowledge learned from the course and it's material. So for example I doubt I would ever really care to take the CPTS exam though I would probably take SANS CERT test just ecause they are well respected.
<<

ligallama

Newbie
Newbie

Posts: 1

Joined: Mon Feb 04, 2008 9:08 am

Post Tue Feb 05, 2008 10:21 am

Re: How useful is this for a real world penetration tester?

hi to all,
Am interesting on penetration test specialist,
but I cant afford the training costs.and its real my desire to know this interesting course i ever seen.
I did cisco CCNA,CCDA,CCNP and pix firewall advanced four year back
and i didnt practice to my office becouse they dont have much complex networking.
but they focus to pen tester.And i feel like I can fit to this rather than finding someone else from outside the company.

so anybody who will be able to support me with all tools,technics and related materials,I will appriciate.

Am waiting for any body.

with best regards
ralph
<<

bigwhiff

Newbie
Newbie

Posts: 14

Joined: Mon Jan 28, 2008 2:29 am

Location: Alaska

Post Tue Feb 05, 2008 3:16 pm

Re: How useful is this for a real world penetration tester?

Hi,

I would strongly recommend the GCIH exam and class structure over the CEH.  With limited study you can complete the CEH after the GCIH class you couldn't pass the GCIH after a CEH. At least not with limited effort.

-Jack
Jack Campbell
CCNP CCDP GCIH GHTQ C|EH
http://secauditor.wordpress.com

Return to CPTE - Certified Penetration Testing Engineer

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software