Week 1 of Target Enumeration focuses on information gathering to learn as much as possible about the target business and how it operates. Week 2 of Target Enumeration focuses on scanning perimeter and internal network devices looking for weaknesses. A great deal of the information gathered in Week 1 will be used to develop the attack methodology that will be validated during Week 2 of Target Enumeration.

At the conclusion of Week 1 the student will be able to:

• Identify critical information assets of an organization

• Explain how attackers use publicly available information to develop attacks

• Detail where information resides on the Internet that may be of use to attackers

• Determine methods to prevent information leakage

• List information targets of mainline attackers

At the conclusion of Week 2 the student will be able to:

• Explain the purpose of network scanning

• Identify vulnerabilities of interest to an attacker

• List methods to preclude an attacker from gaining valuable information relating to the network

• Identify activities that would identify a scanning effort is underway against a network

• Explain how network design can prevent an attacker from gaining an understanding of the network

• List security controls that prevent network scanning tools from obtaining information about the network that can be used to develop attack plans

Please Note: This course is Phase 1 of 4 in the Red Team Practitioner© program in developing a Cyber Jedburgh Workforce.