| day 1 |
Information Security and Data Protection- Kick off
- Physical and information security
- Username, password, MFA, access and authorisation
- Patching
- Encryption
- HW/SW Configuration
- Backup, duplication, recovery
|  |
Checks- RACI, training
- Logging
- Penetration testing (Red, Blue and Purple team)
- Attestation
- Type of Audits
|  |
Security Breach- Phishing (spam, e-mail phishing, smishing, vishing, pharming)
- Malware, vulnerability, exploit
- Intranet, internet, VPN, cloud, deep net, dark net, RaaS
- White, gray and black hat hacker
- Incident: intrusion and security breach
|  |
| day 2 |
PenTest: Planning and Scoping- Importance of scoping
- Legal concepts
- Defining scope and objectives
- Compliance-based assessment
|  |
PenTest: Information Gathering and Vulnerabilities- OSINT
- Information Gathering techniques
- Vulnerability scanning
- Analyzing vulnerability scan results
- Evaluating and ranking vulnerabilities
- Weaknesses related to specialized systems
|  |
| day 3 |
PenTest: Attacks and Exploits- Social engineering techniques
- Exploiting network vulnerabilities
- Wireless and RF vulnerabilities
- Exploiting application vulnerabilities
- Exploiting local machines vulnerabilities
- Attack of security of physical facilities
- After exploit activities
|  |
PenTest: Testing Tools- Penetration Testing Tools
- Analyze tool output related to a penetration test
- Basic scripting knowledge
|  |
| day 4 |
PenTest: Hands-on Labs- Click jacking
- OSINT
- netcat, nmap
- Password cracking
- Social engineering techniques
|  |
PenTest: Report Writing and Best Practices.- Data normalisation
- Post-report delivery activities
- Mitigation strategies for discovered vulnerabilities
- The importance of communication during the penetration testing process
|  |
Summary |  |
BAHACO GDPR AI Cloud Ltd.
Address: 1/3 Tulipán utca, Pápa, 8500, Hungary
E-mail: workshop [at] bahaco.hu
Internet: https://www.bahaco.eu
VAT number: 28809355-2-19
Companies Court Nr.: 19-09-521486 | 
Workshop |
English