1 Training on CREST Practitioner Security Analyst (CPSA) Objectives This programme introduces to you to the CPSA, CREST Practitioner Security Analyst, and certification. This instructor led course covers both the technical concepts and the practical knowledge covered in the certification. On top of the lecture-based teaching, we offer in-class labs to reinforce the concepts learnt. After taking this course, you will have the basic understanding of the CPSA certification. Day 1 Introduce what penetration testing (pen-testing) is. It will cover the fundamental knowledge such as Law & Compliance, different types of pen-testing, and assessment methodologies. Introduce the network security assessment methodology, the TCP/IP protocol suite and the cryptography. We conduct practical labs such as network scanning. Day 2 Introduce the knowledge in carrying security assessment on both the Windows and the UNIX systems. Practical labs will also be included. Day 3 Introduce the assessment methodologies on web-based applications. Candidates are required to bring their own laptop for the practical exercises Speakers Harris RAMLI Senior Security Engineer, ASTRI CISSP, CISA, OSCP, OSWP, OSCE, CRT Harris has extensive hands-on experience working in penetration testing, information security advisory, and general IT control reviews. He has led several high profile technical security reviews and penetration testing engagements for mainly financial services clients in the APAC region. Dr. Mole T.Y. WONG Dr. Mole T.Y. WONG is a senior software engineer of ASTRI Security Lab (ASL). Mole is currently overseeing the software development process in ASL. Before joining ASTRI, Mole was a senior lecturer at The Chinese University of Hong Kong (CUHK). Mole is an exceptional teacher. He has received several teaching awards, including the most prestigious VC Exemplary Teaching Award in 2010. Target Audience Entry requirements IT professional, including, but not limited to, system administrators, application / system developers, IT security officer; Experienced in using UNIX / Windows systems. Code : HP-P17-0610 Date : 30 June; 7 & 14 July 2017 (Friday) Venue : 3/F Guangdong Investment Tower, 148 Connaught Road Central, Hong Kong Fee : HK$ 7,500 per participant Enquiries : programme@hkib.org (Enrollment Enquiries) ; 1
Objectives 2 Training on CREST Certified Simulated Attack Manager (CCSAM) and CREST Certified Simulated Attack Specialist (CCSAS) CREST Certified Simulated Attack Manager (CCSAM) Understand the steps required to simulate an advanced cyber attack, including planning, execution and clean-up. Gain knowledge of tactics used by real-life attackers and how these can be safely simulated. Discuss the risks of performing simulated attacks and actions that can be taken to mitigate these risks. Develop your knowledge of the CCASP/CREST code of ethics and how this applies to executing simulated attacks. CREST Certified Simulated Attack Specialist (CCSAS) Understand how to perform a red-team simulated attack exercise from planning, through execution to delivery and lateral movement. Identify the tools that you will need to successfully run a simulated attack exercise. Consider the risks to client's systems from executing a simulated attack and be able to list some measures you can take to minimise these risks. Learn how to identify and exploit weaknesses on the internal network whilst minimising the chance of discovery. Test yourself against a real-life exercise. CREST Certified Simulated Attack Manager (CCSAM) The CCSAM is designed for people running and overseeing simulated attack exercises. It will cover the theoretical aspects of executing simulated attacks, sometimes known as "red-teaming", together with common tactics used by attackers. The focus will be on the methodology, techniques and procedures that would be needed to execute a simulated attack. It will cover what can go wrong in executing a simulated attack and how to manage these risks. CREST Certified Simulated Attack Specialist (CCSAS) This course is designed to introduce you to the techniques used to simulate advanced attacks against client's networks. The focus will be on executing the tactics used by real threat groups in the wild such as spear-phishing and browser based attacks, followed by operating covertly within a client's network. These simulations are sometimes referred to as "red-teaming". It covers exploitation of the human factor to gain a foothold on clients networks, how to establish communications in modern corporate networks and how to exploit weaknesses within internal networks from outside the perimeter. The course will focus primarily on corporate Windows networks with common security controls in place, including detective and monitoring controls. The content of this programme is designed to help participants prepare for the CREST CCSAM and/or CCSAS exams and will cover a significant portion of the syllabus. 2
Speakers Sam Kitchen Sam is a double CREST Certified Tester with over 6 years experience in red teaming, web application, mobile application and infrastructure penetration testing. He also holds both of CREST s Simulated Attack certifications for delivering advanced threat-intelligence led penetration tests. He has delivered training courses both externally and internally within a global consultancy firm, where he currently runs the graduate training course on ethical hacking. Kit Barnes Kit is a Crest Certified Simulated Attack Manager (CCSAM) with over 6 years experience spanning red teaming, penetration testing and incident response. He currently focuses on leading complex threat intelligence driven red team exercises and physical social engineering. He has delivered several training courses and workshops in the fields of red team management. Target Audience Entry requirements: 1. Participants should possess a minimum of at least five (5) years of hands-on experience on cybersecurity assessments and related areas such as: penetration tests on networks, web apps or mobile apps; cybersecurity vulnerability research on Windows, Unix, Linux security and administration; and/or the usage of security tools and scripting languages for conducting cybersecurity assessments. 2. Participants should have passed, or be capable of passing, the CREST Certified Tester (CCT) Infrastructure level examination before attending this course. 3. Candidates should be familiar with working with Linux and Windows systems, including the ability to write reasonably complex command line scripts on both. 4. Participants will be required to submit a description of the relevant work experience and certification certificates and will be assessed by CREST independently for fulfilling the entry requirements upon registration. 5. Participants must bring a laptop suitable for use on the course or they will not be able to join in the group exercises. This means: at least 8GB RAM and 30GB HDD space; ability to connect to 802.11n wireless networks; Kali Linux OS -OR- VMware Player virtualization software installed and working and able to plug in and read from a USB HDD. *Please refer to CREST s website for more details about CCSAM and CCSAS. Code : HP-P17-0812 Date : 7-11 August 2017 (Monday - Friday) Venue : Hong Kong Applied Science and Technology Research Institute Company Limited 5th Floor, Photonics Centre, 2 Science Park East Avenue Hong Kong Science Park, New Territories, Shatin, Hong Kong Fee : HK $42,500 Enquiries : programme@hkib.org (Enrollment Enquiries) ; 3
Objectives 3 Training on CREST Registered Tester (CRT) and CREST Certified Infrastructure Tester (CCT ICE) Understand the techniques used in both basic and advanced ethical hacking activities. Gain hands on experience with a variety of tools applicable to all phases of an ethical hacking engagement. Identify common issues encountered during different phases of an ethical security test and ways to work around them. Test yourself against a real-life vulnerable network in a Capture-The-Flag (CTF) challenge at the end of the CCT ICE course. Gain valuable insight into CREST certifications. This course will cover advanced penetration testing techniques against Windows and Linux networks. We will cover the penetration testing lifecycle from network mapping and reconnaissance through to exploitation and post-exploitation activities. The course will introduce participants to methodologies and tools used throughout the phases of a penetration test and how to use them effectively. We will also look at common issues participants might encounter and how to work around them. The content of this programme is designed to help participants prepare for the CREST CRT and/or CCT ICE exams and will cover a significant portion of the syllabus. Speakers Sam Kitchen Sam is a double CREST Certified Tester with over 6 years experience in red teaming, web application, mobile application and infrastructure penetration testing. He also holds both of CREST s Simulated Attack certifications for delivering advanced threat-intelligence led penetration tests. He has delivered training courses both externally and internally within a global consultancy firm, where he currently runs the graduate training course on ethical hacking. Ryan Sui Ryan has achieved both CREST Certified Web application and infrastructure qualifications and has over 10 years experience in information security. He also has a large variety of penetration testing experience having been continuously CCT certified for 6 years. He has developed training courses and delivers web application training courses externally 4
Target Audience Entry requirements: 1. Participants should possess a minimum of at least two (2) years of hands-on experience on cybersecurity assessments and related areas such as: Penetration tests on networks, web apps or mobile apps; Cybersecurity vulnerability research on Windows, Unix, Linux security and administration; and/or The usage of security tools and scripting languages for conducting cybersecurity assessments. 2. Participants will be required to submit a description of the relevant work experience and certification certificates and will be assessed by CREST independently for fulfilling the entry requirements upon registration. 3. Participants MUST bring a laptop suitable for use on the course or they will not be able to join in the group exercises. This means: At least 8GB RAM and 30GB HDD space; Ability to connect to 802.11n wireless networks; Kali Linux OS -OR- VMware Player virtualization software installed and working and able to plug in and read from a USB HDD. *Please refer to CREST s website for more details about CRT and CCT ICE. CRT Training (2 Days) CCT ICE Training (3 Days) Code : HP-P17-0813 HP-P17-0814 Date : 14-15 August 2017 (Mon & Tue) 16-18 August 2017 (Wed Fri) Venue : Hong Kong Applied Science and Technology Research Institute Company Limited 5th Floor, Photonics Centre, 2 Science Park East Avenue Hong Kong Science Park, New Territories, Shatin, Hong Kong Fee : HK $10,000 HK $25,000 Enquiries : programme@hkib.org (Enrollment Enquiries) ; 5
Objectives 4 Training on CREST Certified Web Application Tester (CCT Web App) Understand the techniques used in web application tests. Gain an understanding on how to efficiently pinpoint and exploit vulnerabilities in web applications. Identify common issues encountered during different phases of an application test and ways to work around them. Test yourself against a real-life vulnerable web application in a real-life challenge. This three-day course will cover penetration testing techniques against web applications as well as the web application testing lifecycle from mapping and identifying threats within an application through to exploitation and logic flaws. It also enables candidates to gain understanding in exploitation of injection and scripting vulnerabilities such as SQL injection and cross-site scripting. The qualified trainers will also describe some common web application vulnerabilities, including those in the OWASP Top 10 and other prevention methods and how to quickly and efficiently pinpoint and exploit vulnerabilities in web applications. Speaker Ryan Sui Ryan has achieved both CREST Certified Web application and infrastructure qualifications and has over 10 years experience in information security. He also has a large variety of penetration testing experience having been continuously CCT certified for 6 years. He has developed training courses and delivers web application training courses externally 6
Target Audience Entry requirements: 1. We recommend that participants have around 2 years experience on web application cybersecurity assessments and related areas such as: penetration tests on networks, web apps or mobile apps; basic understanding of JavaScript, HTML, SSL and the HTTP Protocol basic understanding of the use of an intercepting proxy for web application assessment participants MUST bring a laptop (NOT a tablet or chromebook) and have administrative control over the laptop (allowing them to install Java) Participants with 1 year or less nearly always get a lot out of the course, but are unlikely to be able to take and pass the CREST CCT Web Application exam after the course. 2. Participants will be required to submit a description of the relevant work experience and certification certificates and will be assessed by CREST independently for fulfilling the entry requirements upon registration. 3. Participants must bring a laptop suitable for use on the course or they will not be able to join in the group exercises. This means: At least 8GB RAM and 30GB HDD space; Ability to connect to 802.11n wireless networks; Kali Linux OS -OR- VMware Player virtualization software installed and working and able to plug in and read from a USB HDD. *Please refer to CREST s website for more details about CCT Web App. Code : HP-P17-0819 Date : 21 23 August 2017 (Monday Wednesday) Venue : Hong Kong Applied Science and Technology Research Institute Company Limited 5th Floor, Photonics Centre, 2 Science Park East Avenue Hong Kong Science Park, New Territories, Shatin, Hong Kong Fee : HK $25,000 Enquiries : programme@hkib.org (Enrollment Enquiries) ; 7