GCPM

The GIAC Global Certified Penetration Tester (GCPT) exam, not GCPM (there's no such GIAC certification as GCPM), focuses on practical, hands-on penetration testing skills. The main points covered are extensive and can be grouped into these key areas:

• Information Gathering and Reconnaissance: This involves techniques to discover information about the target system or network, including active and passive reconnaissance, footprinting, and vulnerability scanning.

• Network Attacks and Exploitation: This section heavily emphasizes exploiting network vulnerabilities. Expect questions on:

  • TCP/IP: A deep understanding of the TCP/IP protocol suite is crucial.
  • Network Mapping: Techniques used to discover and map network devices and their configurations.
  • Vulnerability Scanning: Using automated tools to identify potential weaknesses in systems and applications.
  • Exploiting Network Vulnerabilities: This includes buffer overflows, SQL injection, cross-site scripting (XSS), and other common network-based attacks.
  • Wireless Attacks: Concepts and techniques for attacking wireless networks like WEP, WPA, and WPA2.

• Web Application Attacks and Exploitation: This is a major portion of the exam. Expect questions on:

  • OWASP Top 10: A thorough understanding of the OWASP Top 10 web application security risks is essential.
  • Cross-Site Scripting (XSS): Different types of XSS attacks and how to exploit them.
  • SQL Injection: Various techniques used to inject malicious SQL code.
  • Cross-Site Request Forgery (CSRF): Understanding how CSRF works and how to exploit it.
  • Broken Authentication and Session Management: Exploiting weaknesses in authentication and session management mechanisms.
  • Web Application Firewalls (WAFs): Bypassing or evading WAFs.

• System Attacks and Exploitation: This section focuses on attacking individual operating systems and applications:

  • Operating System Hardening: Understanding how to secure various operating systems.
  • Local Privilege Escalation: Gaining elevated privileges on compromised systems.
  • Post-Exploitation: Actions taken after successfully compromising a system.
  • Malware Analysis: Basic malware analysis techniques.

• Reporting and Documentation: The exam assesses your ability to clearly and concisely document your findings, including methodologies, tools used, and vulnerabilities discovered. This is crucial for communicating effectively with clients and management.

• Legal and Ethical Considerations: A strong understanding of the legal and ethical implications of penetration testing is essential. This includes adhering to contracts, obtaining proper authorization, and respecting the law.

The GCPT exam is highly practical, requiring hands-on experience. Simply reading about these topics is not sufficient; you need practical experience performing penetration tests using various tools and techniques to successfully pass. GIAC's website provides a detailed exam blueprint offering a more precise breakdown of the exam's content and weighting.