GPEN Certification Bulletin
(Part 2 of Candidate Handbook)
- Type:
- Certification
- Target:
- The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.
- Requirements:
- 1 proctored exam - 150 questions - 4-hour time limit - 70% (105 of 150 questions) minimum passing score
- Renewal:
- Every 4 years
The topic areas for each exam part follow:
| Exam Certification Objectives | Certification Objective Outcome Statement |
|---|---|
Cain | The candidate will be able to discuss how to use Cain to crack passwords during a pen-test |
Command Injection | The candidate will be able to discuss the basic concepts associated with command injection attacks. |
Command Shell vs. Terminal Access | The candidate will be able to discuss the difference between shell and terminal access and the advantages of each |
Cross Site Request Forgery | The candidate will be able to discuss what XSRF attacks are and how they can be used during a pen-test |
Cross Site Scripting | The candidate will be able to discuss what XSS attacks are and how they can be used during a pen-test |
Enumerating Users | The candidate will be able to discuss common ways to enumerate users during a pen-test and why it is important to do so |
Exploitation Fundamentals | The candidate will be able to discuss the fundamental concepts associated with the exploitation phase of a pen-test |
Finding Vulnerabilities with Search Engines | The candidate will be able to discuss how search engines can be used to find vulnerabilities during a pen-test |
John the Ripper | The candidate will be able to discuss how to use John the Ripper to crack passwords during a pen-test |
Legal Issues | The candidate will be able to discuss some of the legal issues that surround pen-testing |
Metasploit | The candidate will be able to discuss what Metasploit is and how it can be used during a pen-test |
Moving Files with Exploits | The candidate will be able to discuss how to use exploits to move files between remote systems |
Network Sweeping and Tracing | The candidate will be able to discuss the value of network sweeping and tracing as part of a pen-test |
Nikto | The candidate will be able to discuss how to use Nikto as part of a pen-test |
Non-Metasploit Exploits | The candidate will be able to discuss how to use non-Metasploit exploits during a pen-test |
Obtaining Password Hashes | The candidate will be able to discuss the various ways to obtain password hashes from a target system during a pen-test |
OS and Version Detection | The candidate will be able to discuss the purpose of OS and version detection during a pen-test |
Paros | The candidate will be able to discuss how to use Paros during a pen-test to look for web-based weaknesses |
Pass-the-Hash Attacks | The candidate will be able to discuss how Pass-the-Hash attacks work and how to use it during a pen-test |
Password Attack Fundamentals | The candidate will be able to discuss various ways to attack passwords during a pen-test |
Password Formats | The candidate will be able to discuss the various types of password formats that are encountered during a pen-test |
Password Guessing with THC-Hydra | The candidate will be able to discuss how to use THC-Hydra to obtain passwords during a pen-test |
Pen-testing Foundations | The candidate will be able to discuss the fundamental concepts associated with pen-testing |
Pen-testing Methodologies and Infrastructure | The candidate will be able to discuss the various pen-testing methodologies and how to setup a pen-testing environment. |
Pen-testing Process | The candidate will be able to discuss the pen-testing process |
Pen-Testing via the Windows Command Line | The candidate will be able to discuss how the Windows command line can be used during a pen-test |
Pen-testing with Netcat | The candidate will be able to discuss how to use Netcat during a pen-test |
Port Scanning | The candidate will be able to discuss how to conduct port scans and their purpose during a pen-test |
Rainbow Tables | The candidate will be able to discuss how to use Rainbow Tables during a pen-test |
Reconnaissance Foundations | The candidate will be able to discuss the fundamental concepts associated with the reconnaissance phase of a pen-test. |
Reconnaissance Using WHOIS and DNS | The candidate will be able to discuss how WHOIS and DNS reconnaissance can be used during a pen-test. |
Reporting the Results | The candidate will be able to discuss the proper way to report the results of a pen-test |
Running Windows Commands Remotely | The candidate will be able to discuss how to remotely run commands on Windows systems during a pen-test |
Scanning Fundamentals | The candidate will be able to discuss the fundamental concepts associated with the scanning phase of a pen-test |
SQL Injection | The candidate will be able to discuss what SQL Injection attacks are and how they can be used during a pen-test |
Vulnerability Scanning | The candidate will be able to discuss the importance of vulnerability scanning and how to interpret the results. |
Web-based Reconnaissance | The candidate will be able to discuss how web-based reconnaissance can be used during a pen-test. |
Wireless Crypto and Client Attacks | The candidate will be able to discuss the various types of wireless cryptographic and client attacks that can be used during a pen-test |
Wireless Fundamentals | The candidate will be able to discuss the fundamental concepts associated with wireless networks as they relate to a pen-test |
Where to Get Help
Training is available from a variety of resources including on line, course attendance at a live conference, and self study.
Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.
Finally, college level courses or study through another program may meet the needs for mastery.
The procedure to contest exam results can be found at http://www.giac.org/grievance.php.
