1.0 – Mobile Devices
• What are we covering?
• 1.1 Given a scenario, install and configure laptop hardware and components
• 1.2 Given a scenario, install components within the display of a laptop
• 1.3 Given a scenario, use appropriate laptop features
• 1.4 Compare and contrast characteristics of various types of other mobile
devices
• 1.5 Given a scenario, connect and configure accessories and ports of other
mobile devices
• 1.6 Given a scenario, configure basic mobile device network connectivity and
application support
• 1.7 Given a scenario, use methods to perform mobile device synchronization
2.0 Networking
• What are we covering?
• 2.1 Compare and contrast TCP and UDP ports, protocols and their purpose
• 2.2 Compare and contrast common networking hardware devices
• 2.3 Given a scenario, install and configure a basic wired/wireless SOHO
network
• 2.4 Compare and contrast wireless networking protocols
• 2.5 Summarize the properties and purposes of services provided by
networked hosts
• 2.6 Explain common network configuration concepts
• 2.7 Compare and contrast internet connection types, network types and their
features
• 2.8 Given a scenario, use appropriate networking tools
3.0 Hardware
• What are we covering?
• 3.1 Explain basic cable types, features and their purposes
• 3.2 Identify common connector types
• 3.3 Given a scenario, install RAM types
• 3.4 Given a scenario, select, install and configure storage devices
• 3.5 Given a scenario, install and configure motherboards, CPUs and add-on
cards
• 3.6 Explain the purposes and uses of various peripheral types
• 3.7 Summarize power supply types and features
• 3.8 Given a scenario, select and configure appropriate components for a
custom PC configuration to meet customer specifications/needs
• 3.9 Given a scenario, install and configure common devices
• 3.10 Given a scenario, configure SOHO multifunction devices/printers and
settings
• 3.11 Given a scenario, install and maintain various print technologies
4.0 Virtualization and Cloud Computing
• 4.1 Compare and contrast cloud computing concepts
• 4.2 Given a scenario, set up and configure client-side virtualization
5.0 Hardware and Network Troubleshooting
• What are we covering?
• 5.1 Given a scenario, use the best practice methodology to resolve problems
• 5.2 Given a scenario, troubleshoot problems related to motherboards, RAM,
CPUs and power
• 5.3 Given a scenario, troubleshoot hard drives and RAID arrays
• 5.4 Given a scenario, troubleshoot video, projector and display issues
• 5.5 Given a scenario, troubleshoot common mobile device issues while
adhering to the appropriate procedures
• 5.6 Given a scenario, troubleshoot printers
• 5.7 Given a scenario, troubleshoot common wires and wireless network
problems

Module 1 – Operation Systems
• Compare and contrast common operating system types and their purposes
• Compare and contrast features of Microsoft Windows versions
• Summarize general OS installation considerations and upgrade methods
• Given a scenario, use appropriate Microsoft command line tools
• Given a scenario, use Microsoft operating system features and tools
• Given a scenario, use Microsoft Windows Control Panel utilities
• Summarize application installation and configuration concepts
• Given a scenario, configure Microsoft Windows networking on a client/desktop
• Given a scenario, use features and tools of the Mac OS and Linux client/desktop operating
systems
Module 2 – Security
• Summarize the importance of physical security measures
• Explain logical security concepts
• Compare and contrast wireless security protocols and authentication methods
• Given a scenario, detect, remove, and prevent malware using appropriate tools and methods
• Compare and contrast social engineering, threats, and vulnerabilities
• Compare and contrast the differences of basic Microsoft Windows OS security settings
• Given a scenario, implement security best practices to secure a workstation
• Given a scenario, implement methods for securing mobile devices
• Given a scenario, implement appropriate data destruction and disposal methods
• Given a scenario, configure security on SOHO wireless and wired networks
Module 3 – Software Troubleshooting
•Given a scenario, troubleshoot Microsoft Windows OS problems
• Given a scenario, troubleshoot and resolve PC security issues
• Given a scenario, use best practice procedures for malware removal
• Given a scenario, troubleshoot mobile OS and application issues
• Given a scenario, troubleshoot mobile OS and application security issues
Module 4 – Operational Procedures
•Compare and contrast best practices associated with types of documentation
• Given a scenario, implement basic change management best practices
• Given a scenario, implement basic disaster prevention and recovery methods
• Explain common safety procedures • Explain environmental impacts and appropriate controls
• Explain the processes for addressing prohibited content/activity, and privacy, licensing, and
policy concepts
• Given a scenario, use proper communication techniques and professionalism
• Identify the basics of scripting • Given a scenario, use remote access technologies

• Intro Network Plus N10-007
• Basic networking
• Activity basic networking
• OSI model
• Exploring the OSI model act
• Protocol and ports
• Activity examining protocols and ports
• Connection oriented vs connectionless
• Activity comparing TCP and UDP
• Internet protocol (IP)
• Activity examining the lower layer protocols
• Layer 7 remote control protocols
• Layer 7 file transfer protocols
• Layer 7 file transfer protocols
• Layer 7 messaging protocols
• Activity examining messaging protocols
• Layer 7 web traffic protocols
• layer 7 streaming media protocols
• Layer 7 infrastructure management protocols
• Switching
• Activity creating collision and broadcast domains
• Interface properties and segmentation
• Activity creating a basic network segment
• Switching part 2
• Activity switching
• Switching loop management
• Activity managing switching loops
• VLANs
• Activity creating VLANs
• Routing
• Activity examining ARP
• IP addressing basics
• Activity configuring IP
• Routers
• Activity setting up a router
• Routing basics
• Activity adding static routes
• VLAN routing
• Activity routing between VLANs
• NAT/PAT
• Activity configuring NAT/PAT
• Routing protocols
• Activity configuring a routing protocol
• Firewalls
• Activity configuring firewalls
• Advanced switching and routing concepts
• Activity exploring IPv6
• Performance concepts
• IP addressing
• Subnetting
• Activity learning to subnet
• Address assignments
• Network types and topologies
• Wireless topologies
• Network types
• Technologies that facilitate the internet of things (IoT)
• Wireless technologies
• 802.11 standards
• Wi-Fi frequencies
• Wi-Fi antenna concepts
• Bluetotoh
• Cellular
• Activity using an RF spectrum analyzer
• Cloud concepts
• Activity exploring cloud services
• Network services
• Activity setting up DNS
• DHCP service
• Activity setting up DHCP
• NTP

• Infrastructure
• Activity testing a fiber optic cable
• Plenum vs. PVC
• Activity crimping on an RJ-45 connector
• Transceivers
• Activity terminating cable to a 110 block
• Copper cable standards
• Activity creating a crossover cable
• Ethernet deployment standards
• Network device placement and installation
• Repeater
• Router
• Modem
• Activity setting up a WAP
• Firewall
• Media converter
• Advanced network devices
• Wireless controller
• Proxy server
• Activity configuring proxy settigns
• VPN concentrator
• Virtual networking components
• Network storage types
• WAN technologies
• Transmission mediums
• Activity configuring WAN links
• Termination

• Change management
• IDF-MDF documentation
• Labeling
• Logical vs physical diagrams
• Network operations documentation
• Rack diagrams
• Standard operation procedures
• Using documentation act
• Wiring and ports locations
• Continuity and disaster
• MTTR mean time repair
• Recovery
• Backing up your data act
• Event management
• Metrics
• Scanning monitoring patching
• Testing the network act
• HTTPS management
• Out of band management
• RDP
• Remote access methods
• Remote file access
• making remote connections act
• SSH
• VNC
• Policies and best practices
• Creating policies and procedures act

Physical Security Devices
• Detection
• Prevention
Authentication and Access Control
• Authorization, Authentication, and Accounting
• Multifactor Authentication
• Access Control
• Activity: Examining Access Control Mechanisms
Basic Wireless Network Security
• WPA
• WPA2
• TKIP-RC4
• CCMP-AES
• Authentication and Authorization
• Geofencing
• Activity: Demonstrating the Need for Wireless Security
Common Network Attacks
• DoS
• Social Engineering
• Insider Threat
• Logic Bomb
• Rogue Access Point
• Evil Twin
• War-driving
• Phishing
• Ransomware
• DNS Poisoning
• ARP Poisoning
• Spoofing
• Deauthentication
• Brute Force
• VLAN Hopping
• Man-in-the-Middle
• Exploits vs. Vulnerabilities
• Activity Conducting a Phishing Attack
Network Device Hardening
• Changing Default Credentials
• Avoiding Common Passwords
• File Hashing
• Generating New Keys
• Activity Supporting Secure Authentication and Encryption
• Upgrading Firmware
• Patching and Updates
• Disabling Unnecessary Services
• Using Secure Protocols
• Disabling Unused Ports
Common Mitigation Techniques
• Signature Management
• Device Hardening
• Change Native VLAN
• Switchport Protection
• Network Segmentation
• Privileged User Account
• File Integrity Monitoring
• Role Separation
• Restricting Access Via ACLs
• Honeypot/Honeynet
• Penetration Testing
• Activity: Implementing a Honeypot

Network Troubleshooting Methodology
• Identify the Problem
• Establish a Theory of Probable Cause
• Test the Theory to Determine the Cause
• Establish a Plan of Action to Resolve the Problem and Identify Potential Effects
• Implement the Solution or Escalate as Necessary
• Verify Full System Functionality and , if Applicable, Implement Preventive Measures
• Document Findings, Actions, and Outcomes
Using the Appropriate Tool
• Hardware Tools – Basic Hand Held
• Hardware Tools – Analyzers
• Activity: Troubleshooting with Hardware Tools
• Software Tools – Testers and Analyzers
• Activity: Troubleshooting with Software Tools
• Software Tools – Command Line
• Activity: Using Command Line Tools
Troubleshoot Wired Connectivity and Performance
• Signal Issues:
• Attenuation
• Latency
• Jitter
• Crosstalk
• EMI
• Activity Troubleshooting Signal Problems
• Physical Issues:
• Open/short
• Incorrect pin-out
• Incorrect Cable Type
• Bad Port
• Damaged cable
• Bent pins
• Transceiver Issues:
• Transceiver mismatch
• TX/RX reverse
• Duplex/speed mismatch
• Activity: Troubleshooting Transceiver Problems
• Traffic Flow Issues:
• Bottleneck
• VLAN mismatch
• Network connection LED status indicators
Troubleshoot Wireless Connectivity and Performance
• Signal Loss:
• Attenuation
• Reflection
• Refraction
• Absorption
• Latency & Jitter
• Antenna Issues:
• Incorrect antenna type
• Incorrect antenna placement
• Incorrect WAP type
• WAP Issues:
• Interference
• Channel overlap
• Overcapacity
• Distance limitations
• Frequency mismatch
• Power levels
• Signal-to-noise ratio
• WAP Misconfiguration:
• Wrong SSID
• Wrong passphrase
• Security type mismatch
• Activity Troubleshooting WAP Issues
Troubleshoot Common Network Service Issues
• Common Network Issues:
• Physical Connectivity
• Incorrect IP Address
• Incorrect Gateway
• Incorrect Netmask
• Names Not Resolving
• Untrusted SSL Certificate
• DCP Issues:
• Duplicate IP Addresses
• Expired IP Address
• Rogue DHCP
• Exhausted DHCP Scope
• Firewall/ACL Issues:
• Blocked TCP/UDP Ports
• Incorrect Host-based Firewall Settings
• Incorrect ACL Settings
• Advanced Network Issues:
• DNS Server Issues
• Duplicate MAC Addresses
• Incorrect Time
• Unresponsive Service
• Hardware Failure
• Activity Case Study: Troubleshooting an Unusual Network Issue

1.1 Introduction
1.2 Types Of Malware- Part 1
1.3 Types Of Malware- Part 2
1.4 Types Of Attacks- Part 1
1.5 Types Of Attacks- Part 2
1.6 Types Of Attacks- Part 3
1.7 Types Of Attacks- Part 4
1.8 Types Of Attacks- Part 5
1.9 Threat Actors- Part 1
1.10 Threat Actors- Part 2
1.11 Penetration Testing And Vulnerability Scanning- Part 1
1.12 Penetration Testing And Vulnerability Scanning- Part 2
1.13 Impact Of Vulnerabilities- Part 1
1.14 Impact Of Vulnerabilities- Part 2

2.1 Networking Hardware And Software- Part 1
2.2 Networking Hardware And Software- Part 2
2.3 Networking Hardware And Software- Part 3
2.4 Networking Hardware And Software- Part 4
2.5 Networking Hardware And Software- Part 5
2.6 Networking Hardware And Software- Part 6
2.7 Security Assessment- Part 1
2.8 Security Assessment- Part 2
2.9 Troubleshooting Issues- Part 1
2.10 Troubleshooting Issues- Part 2
2.11 Securing Mobile Devices- Part 1
2.12 Securing Mobile Devices- Part 2
2.13 Securing Mobile Devices- Part 3
2.14 Securing Mobile Devices- Part 4
2.15 Secure Protocols- Part 1
2.16 Secure Protocols- Part 2

3.1 Secure Network Architecture- Part 1
3.2 Secure Network Architecture- Part 2
3.3 Secure System Designs- Part 1
3.4 Secure System Designs- Part 2
3.5 Secure Staging Deployment Concepts
3.6 Embedded Systems- Part 1
3.7 Embedded Systems- Part 2
3.8 Application Development And Deployment- Part 1
3.9 Application Development And Deployment- Part 2
3.10 Application Development And Deployment- Part 3
3.11 Physical Security Controls- Part 1
3.12 Physical Security Controls- Part 2
3.13 Physical Security Controls- Part 3
3.14 Cloud Virtualization- Part 1
3.15 Cloud Virtualization- Part 2

4.1 Identity And Access Management- Part 1
4.2 Identity And Access Management- Part 2
4.3 Identity And Access Services- Part 1
4.4 Identity And Access Services- Part 2
4.5 Management Controls- Part 1
4.6 Management Controls- Part 2
4.7 Account Management Practices- Part 1
4.8 Account Management Practices- Part 2
4.9 Account Management Practices- Part 3

5.1 Organizational Security- Part 1
5.2 Organizational Security- Part 2
5.3 Business Impact Analysis Concepts- Part 1
5.4 Business Impact Analysis Concepts- Part 2
5.5 Risk Management- Part 1
5.6 Risk Management- Part 2
5.7 Incident Response Procedures- Part 1
5.8 Incident Response Procedures- Part 2
5.9 Forensics- Part 1
5.10 Forensics- Part 2
5.11 Disaster Recovery- Part 1
5.12 Disaster Recovery- Part 2
5.13 Types Of Control- Part 1
5.14 Types Of Control- Part 2
5.15 Data Security And Privacy Practices- Part 1
5.16 Data Security And Privacy Practices- Part 2

6.1 Cryptographic Basics- Part 1
6.2 Cryptographic Basics- Part 2
6.3 Cryptographic Basics- Part 3
6.4 Cryptographic Algorithms- Part 1
6.5 Cryptographic Algorithms- Part 2
6.6 Wireless Security- Part 1
6.7 Wireless Security- Part 2
6.8 Implementing PKI- Part 1
6.9 Implementing PKI- Part 2
6.10 Implementing PKI- Part 3
6.11 Conclusion

Module 1: Threat Management
1.1 Introduction
1.2 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 1
1.3 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes
1.4 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes
1.5 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 4
1.6 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 5
1.7 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 6
1.8 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 7
1.9 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 8
1.10 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 9
1.11 Given a scenario, analyze the results of a network
reconnaissance Part 1
1.12 Given a scenario, analyze the results of a network
reconnaissance Part 2
1.13 Given a scenario, analyze the results of a network
reconnaissance Part 3
1.14 Given a scenario, analyze the results of a network
reconnaissance Part 4
1.15 Given a scenario, analyze the results of a network
reconnaissance Part 5
1.16 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 1
1.17 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 2
1.18 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 3
1.19 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 4
1.20 Explain the purpose of practices used to secure a corporate environment Part 1
1.21 Explain the purpose of practices used to secure a corporate environment Part 2
1.22 Explain the purpose of practices used to secure a corporate environment Part 3
1.23 Explain the purpose of practices used to secure a corporate environment Part 4

2.1 Given a scenario, implement an information security
vulnerability management process Part 1
2.2 Given a scenario, implement an information security
vulnerability management process Part 2
2.3 Given a scenario, implement an information security
vulnerability management process Part 3
2.4 Given a scenario, implement an information security
vulnerability management process Part 4
2.5 Given a scenario, implement an information security
vulnerability management process Part 5
2.6 Given a scenario, implement an information security
vulnerability management process Part 6
2.7 Given a scenario, implement an information security
vulnerability management process Part 7
2.8 Given a scenario, analyze the output resulting from a
vulnerability scan Part 1
2.9 Given a scenario, analyze the output resulting from a
vulnerability scan Part 2
2.10 Compare and contrast common vulnerabilities found in
the following targets within an organization Part 1
2.11 Compare and contrast common vulnerabilities found in
the following targets within an organization Part 2
2.12 Compare and contrast common vulnerabilities found in
the following targets within an organization Part 3

3.1 Given a scenario, distinguish threat data or behavior to
determine the impact of an incident Part 1
3.2 Given a scenario, distinguish threat data or behavior to
determine the impact of an incident Part 2
3.3 Given a scenario, distinguish threat data or behavior to
determine the impact of an incident Part 3
3.4 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 1
3.5 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 2
3.6 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 3
3.7 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 4
3.8 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 5
3.9 Explain the importance of communications during the
incident response process
3.10 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 1
3.11 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 2
3.12 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 3
3.13 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 4
3.14 Summarize the incident recovery and post-incident response process Part 1
3.15 Summarize the incident recovery and post-incident response process Part 2
3.16 Summarize the incident recovery and post-incident response process Part 3
3.17 Summarize the incident recovery and post-incident response process Part 4

4.1 Explain the relationship between frameworks, common
policies, controls, and procedures Part 1
4.2 Explain the relationship between frameworks, common
policies, controls, and procedures Part 2
4.3 Explain the relationship between frameworks, common
policies, controls, and procedures Part 3
4.4 Explain the relationship between frameworks, common
policies, controls, and procedures Part 4
4.5 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 1
4.6 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 2
4.7 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 3
4.8 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 4
4.9 Given a scenario, review security architecture and make
recommendations to implement compensating controls Part 1
4.10 Given a scenario, review security architecture and make
recommendations to implement compensating controls Part 2
4.11 Given a scenario, review security architecture and make
recommendations to implement compensating controls Part 3
4.12 Given a scenario, use applications security best practices
while participating in the Software Development Life Cycle
(SDLC) Part 1
4.13 Given a scenario, use applications security best practices
while participating in the Software Development Life Cycle
(SDLC) Part 2
4.14 Overview
4.15 Conclusion

1. Intro
2. Models Part 1
3. Models Part2
4. Service And Delivery Models
5. Terms And Characteristics
6. Objects Storage Concepts

1. Virtualization
2. Install Configure Manage VM And Devices
(Hands on Snapshots & Cloning)
Demo
3. Backups (Hands on Virtual Network Interface Cards) Demo
4. Virtual Disks (Hands on Virtual Disks) Demo
5. Virtual Switches
6. Virtual Resource Migration
7. Benefits Of Virtualization In A Cloud Environment
8. Compare And Contrast Virtual Environment

1. Infrastructure
2. Different Access Protocols
3. Explain Storage Configuration
4. File Systems Types
5. Executing Storage Provisioning
6. Network Share Demo
7. Implement Appropriate Network Configurations
8. Importance Of Network Optimization
9. Troubleshoot Basic Network Configuration Part 1
10. Troubleshoot Basic Network Configuration Part 2
11. Troubleshoot Commands Part 1
12. Troubleshoot Commands Part 2
13. Troubleshoot Commands Part 3
14. Explain Common Network Protocols
15. Common Hardware Resources

1. Resource Management Part 1
2. Resource Management Part 2
3. Establishing Baselines And Thresholds
4. Appropriately Allocate Physical Host Resources Part 1
5. Appropriately Allocate Physical Host Resources Part 2
6. Appropriately Allocate Virtual Guest Resources Part 1
7. Appropriately Allocate Virtual Guest Resources Part 2
8. Use Appropriate Tools For Remote Access

1. Security Part 1
2. Security Part 2
3. Storage Security Concepts And Methods
4. Different Encryption Technologies
5. Identify Access Control Methods

1. Systems Management Part 1
2. Systems Management Part 2
3. Diagnose Remediate And Optimize Part 1
4. Diagnose Remediate And Optimize Part 2
5. Common Performance Concepts Part 1
6. Common Performance Concepts Part 2
7. Testing Techniques

1. Business Continuity In Cloud Part 1
2. Business Continuity In Cloud Part 2
3. Solutions To Meet Availability Requirements
4. Conclusion

1.1 Introduction
1.2 Over-The-Air-Technologies
1.3 WIMAX
1.4 802.11 Wireless Technologies-Part 1
1.5 802.11 Wireless Technologies-Part 2
1.6 Radio Frequency
1.7 RF Power Fun
1.8 Antennas
1.9 Issues With RF
1.10 NON 802.11 Wireless
1.11 Governing Bodies And Regulations

2.1 Network Foundations Part 1
2.2 Network Foundations Part 2
2.3 Network Foundations Part 3
2.4 Network Foundations Part 4
2.5 OSI Model Review
2.6 Wireless Terms And Terminology Part 1
2.7 Wireless Terms And Terminology Part 2
2.8 Wireless Media And Communication
2.9 Unified Wireless Architecture
2.10 SSIDs And VLANs

3.1 Mobile Device Management Part 1
3.2 Mobile Device Management Part 2
3.3 Profiles And Polices Part 1
3.4 Profiles And Polices Part 2
3.5 Enterprise Mail And Messaging
3.6 Wireless Site Surveys Part 1
3.7 Wireless Site Surveys Part 2
3.8 Wireless Site Surveys Part 3
3.9 Wireless Site Surveys Part 4
3.10 802.11 Wireless Device Management Part 1
3.11 802.11 Wireless Device Management Part 2

4.1 Mobile Device Security
4.2 Network Security 101
4.3 Security Protocols Part 1
4.4 Security Protocols Part 2
4.5 Security Protocols Part 3
4.6 EAP Overview
4.7 Encryption Overview Part 1
4.8 Encryption Overview Part 2
4.9 Common Security Troubleshooting
4.10 Wireless Risks Part 1
4.11 Wireless Risks Part 2
4.12 Other Risks

5.1 Wireless Troubleshooting Part 1
5.2 Wireless Troubleshooting Part 2
5.3 Wireless Troubleshooting Part 3
5.4 Conclusion

Intro

1. Introduction

2. Introduction to Building Labs

3. Things You Need To Do

4. Install Demo Virtual Box

Instructions 

1. Navigation

2. Commands with Lab Demo

3. Internal and External Commands

4. Overview of Shell Commands Tricks

5. Exploring Shell Configuration

6. Stream Redirection

7. Overview of Processing Text Using Filters

8. Overview File-Viewing Commands

9. Overview Using Grep

10. Syntax and Summary

11. Overview of Exam Essentials

2.1 Managing Software
2.2 Overview Using RPM
2.3 RPM Part 2
2.4 Overview Using Cpio
2.5 Overview Using Debian and Apt_cache
2.6 Using Apt-get
2.7 Debian Tools
2.8 Managing Shared Libraries
2.9 Overview Locating Library Files
2.10 Foreground and Background Processes
2.11 Managing Software Summary

3.1 Configuring Hardware
3.2 Configuring Devices
3.3 Configuring USB
3.4 Configuring Hard Disk
3.5 Designing Hard Disk Layout
3.6 Logical Volume Management
3.7 Creating Partitions Filesystems
3.8 Overview Using Fdisk
3.9 Overview Common Filesystem Types
3.10 Creating Filesystem
3.11 Maintaining Filesystem Health
3.12 Configuring Hardware Summary

4.1 Managing Files
4.2 File Archiving Commands
4.3 Managing Files Ownership
4.4 Managing Disk Quotas
4.5 Directories and Content
4.6 Overview Tools for Locating Files
4.7 Overview of Exam Essentials

5.1 Booting Linux and Editing Files
5.2 Boot and Reboot
5.3 Understanding the Boot Process
5.4 Runlevels Process
5.5 Managing Runlevel Services
5.6 Editing with Vi
5.7 Booting Summary

6.1 X Windows Systems
6.2 X Configuration Options
6.3 X Configuration Options part 2
6.4 Configuring X Fonts
6.5 Configuring Xft Fonts
6.6 Overview Managing GUI Logins
6.7 Using X for Remote Access
6.8 X Accessibility
6.9 Addition Assistive Technologies
6.10 Configuring Localization and Internationalization
6.11 Querying and Setting Your Locale
6.12 Configuring Printing
6.13 Configuring Printing part 2
6.14 Using Web-based CUPS Utilities

7.1 Administering
7.2 Directly Modifying Account Configuration
7.3 Components of Account
7.4 Adding Groups
7.5 Tuning User and System Environments
7.6 Reviewing Log File Contents
7.7 Maintaining System Time
7.8 Admin Summary

8.1 Basic Networking
8.2 Network Addressing
8.3 Network Addressing Part 2
8.4 DNS Data Flow Zone and Resolution
8.5 Network Ports
8.6 Connections
8.7 Testing Connectivity
8.8 Wireshark Demo
8.9 Basic Networking Summary

9.1 Scripts E-mail and Databases
9.2 Writing Scripts
9.3 Writing Scripts Part 2
9.4 Managing E-mail
9.5 Managing Data with SQL
9.6 Advantages of Database
9.7 Scripts Summary

10.1 Security
10.2 Controlling Access Via TCP Wrappers
10.3 Configuring Xinetd
10.4 Uninstalling Or Reconfiguring Servers
10.5 Tools for Managing Passwords
10.6 Configuring SSH
10.7 SSH Keys
10.8 Controlling SSH Access
10.9 Using GPG
10.10 Security Summary

In this module, you will learn how to identify and mitigate security risks.
1. Summarize business and industry influences and associated security risks.
• In this topic, you will learn about risk management, emerging business strategies, security
concerns of integrating diverse industries, internal and external influences, and the impact
of de-perimeterization on an organization’s security.
2. Compare and contrast security, privacy policies and procedures based on organizational
requirements
• In this topic, you will learn about policy and process life cycle management, supporting
legal compliance, common security-related business documents and their requirements,
general privacy principles, and developing standard security practice policies.
3. Given a scenario, execute risk mitigation strategies and controls
• In this topic, you will learn how to implement CIA in data categorization, impact-level
decisions, and control implementation. You will learn about extreme scenario planning,
making risk determinations, translating technical risks into business terms and
recommending a risk strategy and management process. You will also learn about
continuous process improvement, business continuity planning, IT governance, and
enterprise resilience.
4. Analyze risk metric scenarios to secure the enterprise
• In this topic, you will review the effectiveness of, and deconstruct, existing security
controls, test and analyze security solutions, compare benchmarks to baselines, interpret
cybersecurity trend data, and use judgment to solve problems.

1. Analyze a scenario and integrate network and security components, concepts and architectures
to meet security requirements
• In this topic, you will learn about physical and virtual network and security devices,
application- and protocol-aware technologies, advanced network design concepts and
device configuration, and complex network security solutions. You will also learn about
software-defined networking, network management tools, security zones and network
access control, other network-enabled devices, and critical infrastructure.
2. Analyze a scenario to integrate security controls for host devices to meet security requirements
• In this topic, you will learn about Trust OS, endpoint security, host hardening, boot loader
protection, hardware vulnerabilities, and terminal services.
3. Analyze a scenario to integrate security controls for mobile and small form factor devices to
meet security requirements
• In this topic, you will learn about enterprise mobility management including security and
privacy concerns. You will also learn about wearable technology.
4. Given software vulnerability scenarios, select appropriate security controls
• In this topic, you will learn about application security design considerations, specific
application issues, sandboxing and encrypted enclaves, database activity monitoring,
web application firewalls, client-side and server-side processing, OS vulnerabilities, and
firmware vulnerabilities.

1. Given a scenario, conduct a security assessment using the appropriate methods
• In this topic, you will learn about security assessment methodologies and types.
2. Analyze a scenario or output, and select the appropriate tool for a security assessment
• In this topic, you will learn about network, host, and physical security tool types.
3. Given a scenario, implement incident response and recovery procedures
• In this topic, you will learn about e-discovery, data breaches, incident detection and
emergency response, tools for incident response, incident severity and post-incident
response.

1. Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise
architecture
• In this topic, you will adapt data flow security to meet changing business needs,
incorporate standards, address interoperability and resilience issues, describe data security
considerations, and explain resource provisioning. You will also learn about design
considerations during mergers and demergers, secure network segmentation, logical and
physical deployment diagrams, and security implications in storage and enterprise
application integration.
2. Given a scenario, integrate cloud and virtualization technologies into a secure enterprise
architecture
• In this topic, you will learn about technical deployment models, virtualization, cloud
services, the risk of comingling hosts with different security requirements, data security
considerations and resource provisioning/deprovisioning.
3. Given a scenario, integrate and troubleshoot advanced authentication and authorization
technologies to support enterprise security objectives
• In this topic, you will learn about authentication, authorization, attestation, identity
proofing, identity propagation, federation, and trust models.
4. Given a scenario, implement cryptographic techniques
• In this topic, you will learn about different cryptographic techniques and
implementations.
5. Given a scenario, select the appropriate control to secure communications and collaboration
solutions
• In this topic, you will learn about remote access and unified collaboration tools

In this topic, you will update your knowledge of managing Windows 10 in an enterprise, including
managing a mobile workforce and an overview of Enterprise Mobility + Security.
1. Given a scenario, apply research methods to determine industry trends and their impact to the
enterprise
• In this topic, you will learn about performing ongoing research including threat
intelligence, emerging tools, and the global IA industry/community.
2. Given a scenario, implement security activities across the technology life cycle
• In this topic, you will learn about the SDLC and other systems/software development
methodologies, adapt solutions to address emerging threats, and asset management.
3. Explain the importance of interaction across diverse business units to achieve security goals
• In this topic, you will learn how to interpret and communicate security goals with diverse
stakeholders, provide guidance to staff and senior management on security processes
and controls, and establish security collaboration and a governance committee.

In this module, you will learn how to work with a client and prepare for a penetration testing engagement. The topics are:

1. Penetration Testing Overview
• In this topic, you will learn what a penetration test is, the steps taken to prepare for a
pentest, tools used, communicating with the client and your team, and pen testing
standards and frameworks.
2. Engagement Planning
• In this topic, you will learn about the logistics of planning for a pentest engagement
including setting scope, determining end goals and deliverables, assessment types, threat
modeling, and scheduling.
3. Engagement Documents
• In this topic, you will learn about documentation required for a professional pentest
engagement including contracts, authorizations, rules of engagement, impact analysis,
disclaimers, and support resources.
4. Prepare to Go Live
• In this topic, you will prepare both the client and your team to start the actual test

In this module, you will learn how to gather background information on your target. The topic is:
1. OSINT
• In this topic, you will learn about passive reconnaissance through open source intelligence
gathering, including using websites, social media, Google hacking, DNS querying, and
other tools.
• Activities include using Whois, Google Hacking Database, theHarvester, Recon-ng, FOCA,
dig, nslookup, and Shodan

Module 3 – Active Reconnaissance
In this module, you will learn how to actively search for targets. The topics are:
1. Host Discovery and Port Scanning
• In this topic, you will learn about the different tools and methods for discovering target
systems and the services they provide.
• Activities include using the command line, nmap, and Metasploit.
2. Enumeration
• In this topic, you will learn how to obtain additional information from network services,
Windows and Linux systems, as you prepare to exploit those systems.
• Activities include using Windows and Linux command line commands, nmap, netcat,
telnet, rpcclient, dirbuster, and Metasploit.
3. Vulnerability Scanning
• In this topic, you will use different types of scans including packet crafting to discover
exploitable vulnerabilities on hosts, websites, network services, and network devices.
• Activities include using OpenVAS, nmap NSE scripts, Metasploit Pro, sqlmap, Nikto,
MBSA, hping3, airmon-ng, aircrack-ng, Fern Wi-Fi Cracker, mdk3, and Kismet.
Module 4 – Physical Security
In this module, you will learn how to test physical security controls. The topic is:
1. Physical Security Tests
• In this topic, you will learn about ways to circumvent physical security controls to gain
access to restricted areas.
• Activities include RFID badge cloning
Module 5 – Social Engineering
In this topic, you will learn about social engineering. The topic is:
1. Social Engineering Attacks
• In this topic, you will learn how to execute both technical and non-technical social
engineering attacks.
• Activities include using msfvenom and Metasploit for USB stick baiting, and the Kali Social
Engineering Toolkit for website login cloning, phishing, and credential interception.

Module 6 – Vulnerability Scan Analysis
In this module, you will learn how to examine vulnerability scan results to choose the best exploit against
discovered targets. The topic is:
1. Vulnerability Scan Results
• In this topic, you will learn how to assess vulnerability scan results, weed out false
positives, adjudicate and prioritize findings, and map vulnerabilities to exploits. You will
also learn about both the value and limits of using automated vulnerability scans in your
pentest engagement.
• Activities include using Metasploit Pro to validate vulnerability scan findings and
determine the appropriate exploit modules that can be used to penetrate the
vulnerable systems.
Module 7 – Password Cracking
In this module, you will learn the basics of password cracking. The topic is:
1. Password Cracking Types
• In this topic, you will learn about dictionary, rainbow table, and brute force attacks. You
will learn how to brute force network service authentication, intercept a network
authentication, and pass-the-hash.
• Activities include using Medusa, John-the-Ripper, Wireshark, and Metasploit.
NOTE: You will learn additional password cracking techniques in subsequent modules.
Module 8 – Penetrating Wired Networks
In this module, you will learn how to penetrate a wired Ethernet network. The topic is:
1. Common Network Exploits
• In this topic, you will learn how to sniff wired network activity, intercept file transfers,
read transmitted email, conduct Man-in-the-Middle attacks using ARP poisoning, hijack
TCP sessions, execute network-based denial-of-service attacks, and exploit common
network services.
• Activities include using Wireshark, ettercap, Low Orbit Ion Cannon, nmap, the
Searchsploit database, gcc, and Metasploit.
Module 9 – Penetrating Wireless Networks
In this module, you will learn how attack wireless networks. The topic is:
1. Wireless Network Exploits
• In this topic you will learn how to sniff and jam Wi-Fi networks, crack WEP, WPA/WPA2
and WPS, conduct Evil Twin attacks, and attack BlueTooth.
• Activities include using Netcut, Wireshark, and airmon-ng, besside-ng, bettercap, and
Wi-Fi Pumpkin.

Module 10 – Windows Exploits
In this module, you will learn how to exploit Windows hosts. The topics are:
1. Common Windows-Based Vulnerabilities
• In this topic you will learn about common Windows vulnerabilities, exploits, and
payloads.
• Activities include using Metasploit, the Searchsploit database, and command-line
commands.
2. Password Cracking in Windows
• In this topic, you will learn about cracking Windows passwords.
• Activities include using Cain & Abel, John-the-Ripper and L0pht 7
3. Windows Components
• In this topic, you will learn how to exploit standard Windows components including
default protocols and configurations, the file system, the kernel, and memory. You will
also learn how to leverage these components to escalate privilege on a compromised
host.
• Activities include using Metasploit and the Searchsploit database.
4. Windows Accounts
• In this topic you will learn how to exploit default and user-defined Windows accounts.
• Activities include using Metasploit and command-line commands.
5. Sandboxes
• In this topic, you will learn about using sandboxing to contain hacking attempts.
Module 11 – Linux Exploits
In this module, you will learn how to hack Linux systems. The topics are:
1. Common Linux/Unix-Based Vulnerabilities
• In this topic you will learn about common Linux vulnerabilities, exploits, and payloads.
• Activities include using Metasploit, the Searchsploit database, and command-line
commands.
2. Password Cracking in Linux
• In this topic you will learn how to crack Linux passwords.
• Activities include using command-line commands, unshadow, and John-the-Ripper.
3. Vulnerable Linux Components
• In this topic, you will learn how to exploit standard Linux components including default
protocols and configurations, the file system, the kernel, and memory. You will also
learn how to leverage these components to escalate privilege on a compromised host.
• Activities include using command-line commands, Metasploit and the Searchsploit
database.
4. Linux Accounts
• In this topic, you will learn how to attack default Linux accounts.
• Activities include using Linux bash commands.
Module 12 – Mobile Devices
In this module, you will learn how to attack mobile devices. The topics are:
1. Android Exploits
• In this topic, you will learn how to exploit common Android vulnerabilities
• Activities include using msfvenom and Metasploit to compromise and remotely control
an Android phone.
2. Apple Exploits
• In this topic, you will learn how to exploit common Apple vulnerabilities
• Activities include using nmap and WinSCP to access a compromised iPhone.

Module 13 – Specialized Systems
In this module, you will learn about specialized systems. The topics are:
1. ICS
• In this topic, you will learn about common vulnerabilities of industrial control ICS and
SCADA systems
2. Embedded Systems
• In this topic, you will learn about common vulnerabilities of embedded systems such as
point-of-sale and real-time operating systems
• Activities include using a Raspberry PI to attack an internal network.
3. 13.3 IoT
• In this topic, you will learn about common and emerging threats related to the Internet
of Things
4. 13.4 Hardware Attacks
• In this topic, you will learn about additional hardware-based attacks that can be
conducted against specialized systems.
Module 14 – Scripts
In this module, you will learn the basics of scripting, as pertains to penetration testing. The topics are:
1. Scripting Basics
• In this topic, you will learn about the basics of Bash, PowerShell, Python, and Ruby
scripting
2. Common Scripting Elements
• In this topic, you will learn about common scripting elements found in all of the scripting
languages including variables, substitution, arrays, operations, logic, and error handling.
• Activities include writing simple scripts.
Module 15 – Application Testing
In this module you will learn about testing application code for vulnerabilities. The topics are:
1. Static Code Analysis
• In this topic, you will learn how to analyze static, non-running code
2. Dynamic Code Analysis
• In this topic, you will learn how to test running code.
• Activity includes fuzz testing an application for potential buffer overflow vulnerabilities.
3. Reverse Engineering
• In this topic, you will learn about application reverse-engineering techniques including
de-compilation, disassembly, and debugging.

Module 16 – Web App Exploits
In this module, you will learn how to exploit web apps. The topics are:
1. Common Web Application Vulnerabilities
• In this topic, you will learn how to exploit authentication, authorization,
misconfigurations, browser sessions, and insecure code.
2. Injection Attacks
• In this topic, you will learn about various injection techniques.
• Activities include using a browser, sqlmap, and Metasploit to inject code and SQL
commands into a web app form.
3. Cross-Site Attacks
• In this topic, you will learn how to conduct Cross-Site Scripting and Cross-Site Request
Forgery attacks.
• Activities include using a browser and other tools to perform XSS attacks.
4. Other Web-Based Attacks
• In this topic, you will learn how to conduct other types of web-based attacks including
clickjacking, file inclusion, and webshells.
Module 17 – Lateral Movement
In this module, you will learn how to move around in a compromised network. The topic is:
1. Lateral Movement Techniques
• In this topic, you will learn how to use lateral movement techniques including migrating
malicious code to another process, pivoting, and using proxy chains.
• Activities include using Metasploit to migrate code and pivot through the target
network, and Armitage Team Server to pass control to another attacker.
Module 18 – Persistence
In this module, you will learn how to maintain control of a compromised system. The topics are:
1. Persistence Techniques
• In this topic, you will learn about common persistence techniques.
2. Backdoors
• In this topic, you will learn how to plant persistent back doors on a compromised
system.
• Activities include using ProRAT Trojan builder
3. Bind and Reverse Shells
• In this topic, you will learn the difference between bind and reverse shells, and when it
is appropriate to use either.
• Activities include using Metasploit to create bind and reverse connections to a
compromised target.
4. Netcat
• In this topic, you will learn how to use netcat to set up a persistent back door.
• Activities include using netcat to launch both bind and reverse shells.
5. Scheduled Tasks
• In this topic, you will learn how to maintain persistence through scheduled tasks.
• Activities include using the task scheduler to regularly launch a netcat session that
exfiltrates updated data out of the target and back to the attacker.

Module 19 – Cover Your Tracks
In this module, you will learn how to remove evidence of your hacking activities. The topic is:
1. Anti-forensics Techniques
• In this topic, you will learn how to hide malicious activity from a forensic investigator
• Activities include clearing logs, changing file timestamps, and impersonating another
user when conducting malicious activity.
Module 20 – The Report
In this module, you will learn how to analyze your pentest findings and write a report as the final
deliverable for your client. The topics are:
1. Data Analysis
• In this topic, you will categorize and prioritize the data you have collected during the
penetration test.
2. Recommendations
• In this topic, you will formulate recommendations for the client based on the data you
collected during the penetration test.
3. Writing the Report
• In this topic, you will normalize the data you have collected, and organize it into an
actionable report aimed at multiple audiences.
4. Handling the Report
• In this topic, you will securely hand over the report to your client.
• The activity includes examining real world report examples.
Module 21 – Post Engagement Cleanup
In this module, you will learn about the tasks you must perform after completing a professional
penetration test. The topic is:
1. Post Engagement Activities
• In this topic, you will learn about the cleanup tasks required after a typical pentest
engagement, including removing artifacts, client acceptance of the findings, lessons
learned, and follow up actions.