NIT315, Network Exploitation Techniques (NET)
Who Should Attend:
Training is available to DoD and federal law enforcement intrusion analysts.
Prerequisites:
TT110 (INCH), RT120 (CIRC), FT210 (WFE-E) or
FT215 (WFE-FTK) and one of the following:
IT250 (FISE), IT260 (FIWE) or IT270 (FILE) or Test Outs
Duration:
5 Days
Course Description:
Students are exposed to the concepts and fundamentals of network and host exploitation
techniques used by the targets of their investigations. This course also provides students
with examples of data left behind by attacks and how to implement their own testing environment
for use during investigations.
Objectives:
Given several scenarios, students will be able to:
- Explain high level network exploitation goals and processes
- Implement their own testing and evaluation environment
- Describe the most common exploitation techniques
- Execute network exploitation techniques to find, compromise and maintain control of a remote computer
- Describe the typical traces left by their actions
Topics Covered
Network exploitation strategies
- Introduction, Basic Definitions, Intrusion Goals and an Overview of the Intrusion Process
- Network Architecture and Attack Vectors
- Attack Platforms
- Documentation
Reconnaissance
- Methods, Indirect and Direct Reconnaissance
Attack Methods
- Excessive Input and Authentication Attacks
- Web Page Components
- Code and Command Injection
Entrenchment Methods
- Goals, Strategies and Tools, Control, Persistent Indicators, Memory Space
- Active Directory and Enterprise Network Entrenchment
Abuse Methods
- Goals, Strategies and Tools
- Data Theft
- Attack Pivots