• Online, Self-Paced
Course Description

Operations security or OPSEC is a topic of security method for helping with the penetration testing workflow. In this course, OPSEC for Penetration Testers, you'll follow the story of a penetration tester that will test the security of a website. In each of the engagement phases, (pre-engagement, the penetration test itself, and post-engagement) the types of data and corresponding risks will be discussed. This includes communication with the stakeholders, a typical pen testers' work environment, as well as the tools being used. Throughout the course, the topics will cover the major scenarios penetration testers face in the real world. By the end of this course, you'll have an understanding of how OPSEC can fit into the penetration testing workflow.

Learning Objectives

  • OPSEC and the Penetration Testing Workflow
  • Setting up a Secure Penetration Testing Environment
  • Identifying and Mitigating Risks While Testing
  • Wrapping up Penetration Testing Engagements Securely

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.