Lead Pen Test Professional

Lead Pen Test Professional training enables you to develop the necessary expertise to lead a professional penetration test by using a mix of practical techniques and management skills. 

Certification and examination fees 

are included in the price of the training course

Training material containing

over 450 pages of information and practical examples will be distributed

An attestation of course completion worth 

31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.

In case candidates fail the exam

they can retake it within 12 months following the initial attempt for free. This applies only to the candidates who have attended the training course.

 Why should you attend?

Lead Pen Test Professional training enables you to develop the necessary expertise to lead a professional penetration test by using a mix of practical techniques and management skills.

This course is designed by industry experts with in-depth experience in the Penetration Testing field. Unlike other trainings, this training course is focused specifically on the knowledge and skills needed by professionals looking to lead or take part in a penetration test. It drills down into the latest technical knowledge, tools and techniques in key areas including infrastructure, Web Application security, Mobile security and Social Engineering. In addition, this course concentrates on how to practically apply what is learned on current day-to-day penetration testing and does not expand on unrelated, dated or unnecessary theoretical concepts.

Along with the in-depth hands-on practical skills, this training course equips you with the management skills you need to lead a penetration test, taking into account business risks and key business issues. The individuals who complete the course have the right blend of the real business and technical competencies needed to be a respected, understood and professional penetration tester. On the last day of the training course, you will get to use the skills learned in a comprehensive capture and flag penetration testing exercises.

Who should attend

  • IT professionals looking to enhance their technical skills and knowledge
  • Auditors looking to understand the Penetration Testing processes
  • IT and Risk managers seeking a more detailed understanding of the appropriate and beneficial use of Penetration Tests
  • Incident handlers and Business Continuity professionals looking to use testing as part of their testing regimes
  • Penetration testers
  • Ethical hackers
  • Cybersecurity professionals
Learning objectives

  • Learn how to interpret and illustrate the main Penetration Testing concepts and principles
  • Understand the core technical knowledge needed to organize and carry out an effective set of Pen Tests
  • Learn how to effectively plan a Penetration Test and identify a scope which is suitable and appropriate based on risk
  • Acquire hands-on practical skills and knowledge on relevant tools and techniques used to efficiently conduct a Penetration Testing
  • Learn how to effectively manage the time and resources needed to scale a specific Penetration Test
Educational approach
  • This training is based on both theory and best practices used in Pen Testing
  • Lecture sessions are illustrated with examples based on case studies
  • Practical exercises are based on a case study which includes role playing and discussions
  • Practical tests are similar to the Certification Exam
Prerequisites

A fundamental understanding of Penetration Testing and comprehensive knowledge of Cybersecurity.

Examination

The “PECB Certified Lead Pen Test Professional” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

  1. Fundamental principles and concepts in Penetration Testing
  2. Technical foundations for Penetration Testing
  3. Scoping and planning a Penetration Test
  4. Conducting a Penetration Test including test types, tools and methods
  5. Specific Penetration Testing types and techniques (infrastructure, application, mobile technology and social engineering)
  6. Analyzing results and the reporting process
  7. Penetration Test follow up
For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

Certification

After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about Pen Testing certifications and the PECB certification process, please refer to the Certification Rules and Policies.

The requirements for PECB Pen Testing Professional Certifications are:

Credential

Exam

Professional experience

PTMS project experience

Other requirements

PECB Certified Provisional Pen Test Professional

PECB Certified Lead Pen Test Professional exam or equivalent

None

None

Signing PECB Code of Ethics

PECB Certified Pen Test Professional

PECB Certified Pen Test Professional exam or equivalent

Two years: One year of work experience in Pen Testing

Pen Testing activities: a total of 200 hours

Signing the PECB Code of Ethics

PECB Certified Lead Pen Test Professional

PECB Certified Lead Pen Test Professional exam or equivalent

Five years: Two years of work experience in Pen Testing

Pen Testing activities: a total of 300 hours

Signing the PECB Code of Ethics


To be considered valid, these activities should follow best practices and include the following:

1. Understanding an organization and its context
2. Defining a Pen Testing approach
3. Selecting a Pen Test methodology
4. Defining Pen Test criteria
5. Identification of assets, threats, existing controls, vulnerabilities and consequences (impacts)
6. Assessing consequences
7. Evaluating Pen Test scenarios
8. Evaluating Pen Test treatment options
9. Selecting and implementing controls
10. Performing a Pen Test review


 course agenda 1

Day 1

Introduction to Penetration Testing, ethics, planning and scoping
 2

Day 2

Technical foundation, knowledge and techniques (with practical exercises in all areas)
 3

Day 3

Conducting a Penetration Test (using tools and techniques) and reviewing testing areas
 4

Day 4

Analyzing results from testing, reporting and follow up
 5

Day 5

Certification Exam

Turn threats into opportunities

Provide a safe and sustainable business environment for your company. We help build a resilient and reliable digital landscape, even in the face of changing threats.

KPMG Baltics OÜ

+372 626 8700
cyber@kpmg.ee
Ahtri 4, 10151 Tallinn, Estonia
 ${item.title}
KPMG Baltics KPMG Global Privacy KPMG IT Audit
Email again:

Analysis of employee awareness

Analysis of employee awareness focuses on mapping the skills and increasing the competencies of the weakest link in cyber security: the users, the employees.
Email again:

Threat assessment

Threat assessment is a tactical and technical service that allows a company to get a quick overview of external threats.
Email again:

Maturity assessment

Maturity assessment helps plan IT investments and design further steps to mitigate vulnerabilities and ensure better security.
Email again: