CSTA Exam Syllabus

• Hackers and Hacking
• Motivations behind hacking
• The hacking scene
• Methodology
• Networking Refresher
• Sniffing traffic
• Information Discovery
• Useful information
• Sources – websites, metadata, search engines, DNS, social engineering
• Target Scanning
• Host discovery
• Port scanning techniques
• Banner grabbing
• Vulnerability Assessment
• Causes of vulnerabilities
• The classic buffer overflow
• Vulnerability tracking
• Scanning
• Client-side vulnerabilities
• Attacking Windows
• Windows enumeration
• Metasploit
• Client-side exploits
• Privilege Escalation – Windows
• Local information gathering
• Metasploit’s Meterpreter
• Keyloggers
• Password storage
• Password extraction
• Password cracking techniques
• Cached Domain Credentials
• Windows network authentication

CSTAs learn through hands-on practical exercises in an advanced custom-built lab environment on the CSTA Ethical Hacking Hands-On training course.

Who Is The CSTA Certification For?

The course is ideally suited to anyone with responsibility for, or with an interest in the security of IT systems, such as:

• System Administrators
• Auditors
• IT security Officers
• Information security professionals
• Budding Penetration Testers

‘As a qualified MOD DV Cleared Security Pentester and Auditor, the CSTA course was extremely valuable in reinforcing my hands-on knowledge by giving me new insights and techniques into the daily challenges of pentesting, particularly in the areas of SQL Injection and IIS exploitation. The course has provided me with an excellent foundation of knowledge that I can build on in the future’