GIPMC
  • Contact Us
img

Certified Information Systems Penetration Tester (CISPT)

Course Description:

Information security, also known as InfoSec, is about protecting information from being accessed, used, or changed by people who shouldn't have access to it. This applies to all kinds of data, whether it's stored electronically or physically. Information Security Testing and Assessment involves identifying different security weaknesses in your technology systems. These weaknesses, discovered during the assessment, are vulnerabilities that could be exploited by someone or something malicious to access your private data. Security testing is a process used to uncover flaws in the security measures of an information system, ensuring that data is protected and the system functions correctly. However, passing security testing doesn't guarantee that no flaws exist or that the system meets all security requirements. Security requirements typically include aspects like confidentiality, integrity, authentication, availability, authorization, and non-repudiation. The specific security re

$ 800.00 $ 585.00
Add to Cart
Buy Now

Browse Certifications Info

Certification Overview

Information security, also known as InfoSec, is about protecting information from being accessed, used, or changed by people who shouldn't have access to it. This applies to all kinds of data, whether it's stored electronically or physically. Information Security Testing and Assessment involves identifying different security weaknesses in your technology systems. These weaknesses, discovered during the assessment, are vulnerabilities that could be exploited by someone or something malicious to access your private data. Security testing is a process used to uncover flaws in the security measures of an information system, ensuring that data is protected and the system functions correctly. However, passing security testing doesn't guarantee that no flaws exist or that the system meets all security requirements. Security requirements typically include aspects like confidentiality, integrity, authentication, availability, authorization, and non-repudiation. The specific security requirements tested depend on what's implemented in the system. Security testing can have different meanings and be done in various ways, so having a Security Taxonomy helps clarify these approaches and meanings by providing a foundational framework to start from.

E-Course Duration: 30 to 35 Hours

Download Sample Exam

Exam Information

  • The test has 100 multiple-choice questions. To pass, you need to get at least 70 of them right, which is 70% of the total.

  • The exams are done online and monitored through a webcam, so as long as you have a good internet connection, you can take them from anywhere and at any time.

  • The exam lasts for 2 hours, which is the same as 120 minutes.

  • During the exam with ProctorU, you can't use any outside sources of information. They'll tell you what materials you're allowed to use, like your ID.

  • If you don't pass the exam on your second try, you need to wait at least fourteen (14) days before trying again for the third time or any time after that. You can take the exam as many times as you need to.

  • The Certified Information Systems Penetration Tester (CISPT)® certification lasts forever.

  • CISPT® is a Registered Trademark of GIPMC.

  • N/A

  • Note: Completing the E-Course is necessary to obtain the Certified Information Systems Penetration Tester (CISPT)® Certification. After finishing the E-Course, you'll get a GIPMC Learner ID.
Download Brochure

Course Outline

Module Information - 1

    • Module 1 - Security Risks
    • Module 2 - Asset Identification
    • Module 3 - Assessing Risk Analysis Effectiveness
    • Module 4 - Information Security Policies and Procedures
    • Module 5 - Analysis of Information Security Policies and Procedures
    • Module 6 - Security Auditing and Its Role in Security Testing
    • Module 7 - Security Risk Assessment
    • Module 8 - Security Triad
    • Module 9 - Introduction to Security Testing
    • Module 10 - The Purpose of Security Testing
    • Module 11 - The Organizational Context
    • Module 12 - Security Testing Objectives
    • Module 13 - The Difference between Information Assurance and Security Testing
    • Module 14 - The Scope and Coverage of Security Testing Objectives
    • Module 15 - Analysis of Security Approaches
    • Module 16 - Analysis of Failures in Security Test Approaches
    • Module 17 - Stakeholder Identification

Module Information - 2

     

    • Module 18 - Improving the Security Testing Practices
    • Module 19 - Security Test Process Definition
    • Module 20 - Lifecycle Alignment and Security Testing Tasks
    • Module 21 - Security Test Planning
    • Module 22 - Security Test Design
    • Module 23 - Implementing Policy-Based Security Tests
    • Module 24 - Security Test Execution
    • Module 25 - Security Test Evaluation
    • Module 26 - Security Test Maintenance
    • Module 27 - Role of Security Testing in a Lifecycle
    • Module 28 - The Role of Security Testing in Design
    • Module 29 - The Role of Security Testing in Implementation Activities
    • Module 30 - Component Test Analysis & Design
    • Module 31 - Analyzing Component Test Results
    • Module 32 - Component Integration Test Analysis & Design
    • Module 33 - The Role of Security Testing in System and Acceptance Test Activities
    • Module 34 - Definition of Security-Oriented Acceptance Criteria

Module Information - 3

     

    • Module 35 - The Role of Security Testing in Maintenance
    • Module 36 - Testing the Effectiveness of System Hardening
    • Module 37 - Authentication and Authorization
    • Module 38 - Firewalls and Network Zones
    • Module 39 - Encryption, Intrusion Detection, Malware Scanning and Data Obfuscation
    • Module 40 - Training
    • Module 41 - Security Awareness
    • Module 42 - Attack Motivations
    • Module 43 - Social Engineering and Security Awareness
    • Module 44 - Revising Security Expectations
    • Module 45 - Security Test Reporting
    • Module 46 - Reporting Security Test Status
    • Module 47 - Reporting Security Test Results
    • Module 48 - Types and Purposes of Security Test Tools
    • Module 49 - Tool Selection
    • Module 50 - Open Source Tools
    • Module 51 - Benefits of Standards
    • Module 52 - Applying Security Standards

Target Audience

  • This certification is the most advanced information systems testing training in Information Security industry for IT managers, security consultants, security analysts, IT professionals, network engineers and anyone having prior ethical hacking knowledge.
  • People in managerial positions related to PCI DSS compliance, Project managers, Fraud management and prevention staff, Information security managers and officers, payment application vendors.
Subscribe

Join Our Newsletter Now

Subscribe to GIPMC mailing list to receive update on new Certifications, Special Offers and Discount Information.