Network Vulnerability Assessment Professional (Security+/PenTest+)

This course is no longer offered. See all available Cybersecurity certifications.

On this accelerated 7-day CompTIA Network Vulnerability Assessment Professional (CNVP) course, you'll get the knowledge and skills required to identify, exploit, report, and manage vulnerabilities on a network and how to troubleshoot security incidents within an organisation.

Combining theory and practice from official CompTIA Security+ and PenTest+ curricula, your expert instructor will guide you through how to provide infrastructure and operational security through risk analysis and mitigation. You'll learn about the following CompTIA Security+ topics:

• Network Security
• Compliance and Operational Security
• Threats and Vulnerabilities
• Application, Data and Host Security
• Access Control and Identity Management
• Cryptography

You'll build on the security knowledge gained from Security+ and learn up-to-date penetration testing skills to determine how resilient a network is to attacks.

On accelerated PenTest+ course, you'll also learn how to:

• customise assessment frameworks
• report penetration test findings
• communicate recommended strategies

Immersing you in the course through our unique Lecture | Lab | Review technique, you'll get a minimum of 12 hours quality training per day.

Train at twice the speed on this official CompTIA course

Firebrand is an Authorised CompTIA Platinum Partner. This means you'll get access to experienced instructors and up-to-date course material, officially approved by CompTIA.

During the course, you'll prepare for and sit the following CompTIA Security+ and PenTest+exams, covered by your Certification Guarantee.

• Exam SY0-501
• Exam PT0-001

Upon successful completion of all exams, you will achieve the Security+ and PenTest+ credentials as well as the aligned CNVP Stackable Certification - proving your skills as a Security Analytics Professional.

Security+

1.0 Threats, Attacks and Vulnerabilities

• 1.1 Given a scenario, analyse indicators of compromiseand determine the type of malware.
• 1.2 Compare and contrast types of attacks.
• 1.3 Explain threat actor types and attributes.
• 1.4 Explain penetration testing concepts.
• 1.5 Explain vulnerability scanning concepts.
• 1.6 Explain the impact associated with types of vulnerabilities.

2.0 Technologies and Tools

• 2.1 Install and configure network components, both hardwareandsoftware-based, to support organisational security.
• 2.2 Given a scenario, use appropriate software toolsto assess the security posture of an organisation.
• 2.3 Given a scenario, troubleshoot common security issues.
• 2.4 Given a scenario, analyse and interpret output from security technologies.
• 2.5 Given a scenario, deploy mobile devices securely.
• 2.6 Given a scenario, implement secure protocols.

3.0 Architecture and Design

• 3.1 Explain use cases and purpose for frameworks, bestpractices and secure configuration guides.
• 3.2 Given a scenario, implement secure network architecture concepts.
• 3.3 Given a scenario, implement secure systems design.
• 3.4 Explain the importance of secure staging deployment concepts.
• 3.5 Explain the security implications of embedded systems.
• 3.6 Summarise secure application development and deployment concepts.
• 3.7 Summarise cloud and virtualisation concepts.
• 3.8 Explain how resiliency and automation strategies reduce risk.
• 3.9 Explain the importance of physical security controls.

4.0 Identity and Access Management

• 4.1 Compare and contrast identity and access management concepts.
• 4.2 Given a scenario, install and configure identity and access services.
• 4.3 Given a scenario, implement identity and access management controls.
• 4.4 Given a scenario, differentiate common account management practices.

5.0 Risk Management

• 5.1 Explain the importance of policies, plans andprocedures related to organisational security.
• 5.2 Summarise business impact analysis concepts.
• 5.3 Explain risk management processes and concepts.
• 5.4 Given a scenario, follow incident response procedures.
• 5.5 Summarise basic concepts of forensics.
• 5.6 Explain disaster recovery and continuity of operation concepts.
• 5.7 Compare and contrast various types of controls.
• 5.8 Given a scenario, carry out data security and privacy practices.

6.0 Cryptography and PKI

• 6.1 Compare and contrast basic concepts of cryptography.
• 6.2 Explain cryptography algorithms and their basic characteristics.
• 6.3 Given a scenario, install and configure wireless security settings.
• 6.4 Given a scenario, implement public key infrastructure.

PenTest+

1. Planning and Scoping

• Explain the importance of planning for an engagement
• Explain key legal concepts.
• Explain the importance of scoping an engagement properly.
• Explain the key aspects of compliance-based assessments.

2. Information Gathering and Vulnerability Identification

• Given a scenario, conduct information gathering using appropriate techniques
• Given a scenario, perform a vulnerability scan.
• Given a scenario, analyse vulnerability scan results
• Explain the process of leveraging information to prepare for exploitation.
• Explain weaknesses related to specialised systems

3. Attacks and Exploits

• Compare and contrast social engineering attacks
• Given a scenario, exploit network-based vulnerabilities
• Given a scenario, exploit wireless and RF-based vulnerabilities
• Given a scenario, exploit application-based vulnerabilities
• Given a scenario, exploit local host vulnerabilities
• Summarise physical security attacks related to facilities
• Given a scenario, perform post-exploitation techniques

4. Penetration Testing Tools

• Given a scenario, use Nmap to conduct information gathering exercises
• Compare and contrast various use cases of tools
• Given a scenario, analyse tool output or data related to a penetration test
• Given a scenario, analyse a basic script (limited to Bash, Python, Ruby, and PowerShell)

5. Reporting and Communication

• Given a scenario, use report writing and handling best practices
• Explain post-report delivery activities
• Given a scenario, recommend mitigation strategies for discovered vulnerabilities
• Explain the importance of communication during the penetration testing process

You‚ll sit the following exams at the Firebrand Training Centre during the course, covered by your Certification Guarantee:

• CompTIA Security+ Exam SY0-501
• Duration: 90 minutes
• Passing score: 750, graded on a scale of 100 - 900
• Exam format: Multiple choice and performance-based
• Languages: English, Japanese, Portuguese and Simplified Chinese

• CompTIA PenTest+ Exam PT1-001
• Number of questions: Maximum of 110 questions
• Type of questions: Multiple choice and performance based
• Exam duration: 165 Minutes
• Languages: English

In addition to official course material and exams at the Firebrand Training Centre during your course, you'll receive:

• Professor Messer - CompTIA SY0-501 Security+ Course Notes
• Firebrand Value Add material

Before attending the course, it is recommended that you have:

• previously attended the CompTIA A+ and/or CompTIA Network+ course
• two years of experience in IT administration with a security focus
• an understanding of operating systems and knowledge of Windows-based systems such as Windows 7 or Windows 8.1
• the ability to identify basic network components and their roles, including routers, switches, firewalls and server roles. Some firewall configuration experience would be beneficial
• a basic understanding of Wireless networks
• a basic understanding of the OSI Model and TCP/IP including IPv4 subnetting

Although not compulsory, this level of knowledge and expertise will place you in a strong position to be successful on the course.

Seven reasons why you should sit your course with Firebrand Training

• Two training options. Choose between residential classroom-based and online courses
• You'll be certified fast. With us, you’ll be trained in record time
• Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
• Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
• You’ll learn more. A day with a traditional training provider generally runs from 9am–5pm, with a nice long break for lunch. With Firebrand, you’ll get at least 12 hours/day of quality learning time with your instructor
• You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
• You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals

*For residential training only. Doesn't apply for online courses
**Some exceptions apply. Please refer to the Exam Track or speak with our experts

Are you ready for the course? 

Get access to free practice tests for your course  Free Practice Test