Successful completion of this exam will demonstrate a candidate's ability to analyze exploits of different types of vulnerabilities of various services (protocols such as: HTTP, HTTPS, ICP, HTCP, WCCP, SOCKS, PHP, CGI, ODBC, HTML, and XML) and technologies (such as: Web Servers, Database Servers, Windows, Linux, and Embedded Devices). The candidate shall demonstrate the ability to recognize the toolkits, malicious code, and techniques used for exploitation. The candidate's understanding of the associated risks, effects, severity, and the prevention, mitigation, and recovery methods for different exploits will also be demonstrated.
Successful completion of this exam will demonstrate the candidate's ability to understand at a high level the methods in securing web services and preventing web services related attacks. The candidate shall be familiar with toolkits, malicious code, and techniques used for exploitation upon completion.