We may earn an affiliate commission when you visit our partners.
Mike Woolard
Penetration testing is a proven tool in the fight against those who want to attack us. This course will teach you the steps to prepare for and what to expect during the pentest to make the most effective use of time and money.
Read more
Penetration testing is a proven tool in the fight against those who want to attack us. This course will teach you the steps to prepare for and what to expect during the pentest to make the most effective use of time and money.
Read more
Penetration testing is a proven tool in the fight against those who want to attack us. This course will teach you the steps to prepare for and what to expect during the pentest to make the most effective use of time and money.
Having a third party test your controls and try to poke a hole into your network is only as effective as you make it. In this course, Information and Cyber Security GRC: Commission and Manage Penetration Tests, you’ll learn to prepare your organization and conduct an effective and productive pen test. First, you’ll explore pre-engagement activities to prepare the organization. Next, you’ll discover activities to further benefit from an ongoing engagement. Finally, you’ll learn how to ready resources and use the results of the test to your organizations benefit. When you’re finished with this course, you’ll have the skills and knowledge of commissioning and managing a penetration test needed to effectively further your security posture and strengthen your systems and networks.
This course is no longer available. Find something similar by browsing:
Penetration Testing
Network Security
Information Security Management
Risk Management
Compliance
Cybersecurity Frameworks
Register for this course and see more details by visiting:
OpenCourser.com/course/2was9d/information
What's inside
Syllabus
Course Overview
Pentest Methodology
Supplier Selection
Pre-engagement
Read more
Syllabus
Course Overview
Pentest Methodology
Supplier Selection
Pre-engagement
Read more
Traffic lights
Traffic lights
Read about what's good
what should give you pause and
possible dealbreakers
Teaches skills, knowledge, and tools that are useful for personal growth and development
Explores x, which is standard in industry y
Builds a strong foundation for beginners
Teaches skills, knowledge, and/or tools that are highly relevant in an academic setting
Examines x, which is highly relevant to y
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Reviews summary
Managing penetration tests for grc professionals
According to students, this course offers a largely positive and comprehensive overview for those looking to manage and commission penetration tests from a GRC perspective. Learners highlight its practical advice on various stages, from supplier selection and scoping to post-engagement reporting. While some prospective students initially sought technical depth in penetration testing, reviewers clarify that the course is not for hands-on testers but for managers, GRC professionals, and leaders. The instructor is frequently praised for being clear and concise, making complex topics accessible and the content well-organized.
Well-organized and easy to understand.
"The course is well-organized."
"The course provides a structured approach to a complex topic."
"The course demystifies the entire process for non-technical leadership."
Instructor is clear, concise, and knowledgeable.
"The instructor was clear and concise, making complex topics easy to digest."
"The instructor explains things very well."
"It’s well-paced and the instructor is knowledgeable."
Provides actionable insights for managing pen tests.
"The content on scoping and vendor selection was incredibly helpful and practical."
"I appreciated the focus on pre-engagement activities and post-engagement reporting. It helped me structure my approach at work."
"I particularly liked the sections on contract negotiation and what questions to ask potential vendors."
"The practical advice on defining scope and interpreting reports is invaluable."
Course is for GRC/management, not technical testers.
"This course is exactly what I needed to understand the GRC side of penetration testing. As a security manager, I don't perform the tests..."
"Good course for GRC professionals. It clarifies the process of managing pen tests from a business perspective, not a technical one."
"I was expecting more technical depth, but this course is definitely for managers... Good for its intended audience."
"If you're a hands-on cybersecurity person, this is not for you. It's more for compliance officers or project managers."
Does not cover hands-on penetration testing techniques.
"If you're looking to learn how to *do* a pen test, this isn't it. My mistake for not reading the description more carefully."
"Disappointed. I thought this would teach me offensive security techniques, but it's all about paperwork and managing external teams."
"Covers essential aspects for managing pentests. It doesn't go deep into technical details, which is fine as it's intended for GRC."
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Information and Cyber Security GRC: Commission and Manage Penetration Tests with these
activities:
Read 'Penetration Testing: A Hands-on Guide'
Show steps
Gain foundational knowledge and practical techniques in penetration testing from industry experts
View
Penetration Testing: A Hands-On Introduction to...
on Amazon
Show steps
-
Purchase or borrow the book and set aside dedicated time for reading
-
Read each chapter thoroughly, taking notes and highlighting important concepts
-
Complete the exercises and examples provided in the book to reinforce your understanding
-
Discuss the book's content with peers or mentors to expand your perspectives
Create a personalized pentesting resource library
Show steps
Organize and expand your learning resources for easy access and ongoing reference
Show steps
-
Collect course materials, notes, presentations, and any relevant online resources
-
Use a digital or physical system to organize your resources into categories and subcategories
-
Add personal notes, annotations, and summaries to enhance your understanding
-
Regularly review and update your resource library to keep it current and relevant
Develop a pentest plan
Show steps
Gain a comprehensive understanding of pentest methodology by creating a detailed plan
Show steps
-
Gather necessary information about the target system, network, and business objectives
-
Define pentest scope, including target assets, testing techniques, and timeline
-
Identify potential risks and vulnerabilities based on the target's security posture
-
Develop a testing methodology and select appropriate tools and techniques
-
Outline communication protocols, reporting format, and risk assessment criteria
Three other activities
Expand to see all activities and additional details
Show all six activities
Join a study group
Show steps
Improve your learning experience by sharing notes, insights, and questions with peers
Show steps
-
Reach out to classmates through online forums or discussion boards
-
Schedule regular meetings to discuss course material, review assignments, and prepare for exams
-
Actively participate in group discussions and contribute your own perspectives and questions
Follow online tutorials on pentesting tools and techniques
Show steps
Enhance your practical skills and stay updated on latest tools and techniques
Show steps
-
Identify reputable sources for pentesting tutorials, such as online academies, vendor documentation, or YouTube channels
-
Select tutorials that align with your learning goals and skill level
-
Follow the tutorials step-by-step, taking notes and practicing the demonstrated techniques
-
Experiment with different tools and techniques in a controlled environment
Practice pentesting scenarios
Show steps
Enhance your practical skills by simulating real-world pentesting situations
Show steps
-
Set up a virtual lab environment for pentesting practice
-
Identify a target system or network and define the scope of the pentest
-
Execute penetration testing techniques, such as vulnerability scanning, network analysis, and exploitation
-
Document your findings, including identified vulnerabilities and recommendations for remediation
Read 'Penetration Testing: A Hands-on Guide'
Show steps
Gain foundational knowledge and practical techniques in penetration testing from industry experts
View
Penetration Testing: A Hands-On Introduction to...
on Amazon
Show steps
Show steps
Show steps
- Purchase or borrow the book and set aside dedicated time for reading
- Read each chapter thoroughly, taking notes and highlighting important concepts
- Complete the exercises and examples provided in the book to reinforce your understanding
- Discuss the book's content with peers or mentors to expand your perspectives
Create a personalized pentesting resource library
Show steps
Organize and expand your learning resources for easy access and ongoing reference
Show steps
Show steps
Show steps
- Collect course materials, notes, presentations, and any relevant online resources
- Use a digital or physical system to organize your resources into categories and subcategories
- Add personal notes, annotations, and summaries to enhance your understanding
- Regularly review and update your resource library to keep it current and relevant
Develop a pentest plan
Show steps
Gain a comprehensive understanding of pentest methodology by creating a detailed plan
Show steps
Show steps
Show steps
- Gather necessary information about the target system, network, and business objectives
- Define pentest scope, including target assets, testing techniques, and timeline
- Identify potential risks and vulnerabilities based on the target's security posture
- Develop a testing methodology and select appropriate tools and techniques
- Outline communication protocols, reporting format, and risk assessment criteria
Three other activities
Expand to see all activities and additional details
Show all six activities
Join a study group
Show steps
Improve your learning experience by sharing notes, insights, and questions with peers
Show steps
Show steps
Show steps
- Reach out to classmates through online forums or discussion boards
- Schedule regular meetings to discuss course material, review assignments, and prepare for exams
- Actively participate in group discussions and contribute your own perspectives and questions
Follow online tutorials on pentesting tools and techniques
Show steps
Enhance your practical skills and stay updated on latest tools and techniques
Show steps
Show steps
Show steps
- Identify reputable sources for pentesting tutorials, such as online academies, vendor documentation, or YouTube channels
- Select tutorials that align with your learning goals and skill level
- Follow the tutorials step-by-step, taking notes and practicing the demonstrated techniques
- Experiment with different tools and techniques in a controlled environment
Practice pentesting scenarios
Show steps
Enhance your practical skills by simulating real-world pentesting situations
Show steps
Show steps
Show steps
- Set up a virtual lab environment for pentesting practice
- Identify a target system or network and define the scope of the pentest
- Execute penetration testing techniques, such as vulnerability scanning, network analysis, and exploitation
- Document your findings, including identified vulnerabilities and recommendations for remediation
Career center
Learners who complete Information and Cyber Security GRC: Commission and Manage Penetration Tests will develop knowledge and skills
that may be useful to these careers:
Penetration Tester
Penetration Tester
Penetration Testers are responsible for conducting penetration tests on an organization's computer networks and systems. This course can help you prepare for and manage penetration tests, which are an important part of a Penetration Tester's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Penetration Tester.
Cybersecurity Analyst
Cybersecurity Analyst
Cybersecurity Analysts are responsible for protecting an organization's computer networks and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help you prepare for and manage penetration tests, which are an important part of a Cybersecurity Analyst's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Cybersecurity Analyst.
Information Security Analyst
Information Security Analyst
An Information Security Analyst is responsible for the planning, implementation, and management of security measures to protect an organization's information systems and data. This course can help you prepare for and manage penetration tests, which are an important part of an Information Security Analyst's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as an Information Security Analyst.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for overseeing an organization's information security program. This course can help you prepare for and manage penetration tests, which are an important part of an Information Security Manager's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as an Information Security Manager.
Security Consultant
Security Consultant
Security Consultants help organizations to improve their security posture. This course can help you prepare for and manage penetration tests, which are an important part of a Security Consultant's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Security Consultant.
IT Auditor
IT Auditor
IT Auditors are responsible for evaluating an organization's information systems and controls. This course can help you prepare for and manage penetration tests, which are an important part of an IT Auditor's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as an IT Auditor.
Incident Responder
Incident Responder
Incident Responders are responsible for responding to security incidents. This course can help you prepare for and manage penetration tests, which are an important part of an Incident Responder's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as an Incident Responder.
Security Architect
Security Architect
Security Architects are responsible for designing and implementing an organization's security architecture. This course can help you prepare for and manage penetration tests, which are an important part of a Security Architect's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Security Architect.
Network Security Engineer
Network Security Engineer
Network Security Engineers are responsible for designing, implementing, and maintaining an organization's network security infrastructure. This course can help you prepare for and manage penetration tests, which are an important part of a Network Security Engineer's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Network Security Engineer.
Malware Analyst
Malware Analyst
Malware Analysts are responsible for analyzing malware and developing countermeasures. This course can help you prepare for and manage penetration tests, which are an important part of a Malware Analyst's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Malware Analyst.
Digital Forensics Investigator
Digital Forensics Investigator
Digital Forensics Investigators are responsible for investigating computer crimes and recovering digital evidence. This course can help you prepare for and manage penetration tests, which are an important part of a Digital Forensics Investigator's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Digital Forensics Investigator.
Compliance Manager
Compliance Manager
Compliance Managers are responsible for ensuring that an organization complies with all applicable laws and regulations. This course can help you prepare for and manage penetration tests, which are an important part of a Compliance Manager's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Compliance Manager.
Risk Manager
Risk Manager
Risk Managers are responsible for identifying, assessing, and mitigating risks to an organization. This course can help you prepare for and manage penetration tests, which are an important part of a Risk Manager's job. By taking this course, you will learn how to select a supplier, scope the test, and interpret the results. This knowledge and skills will help you to be more effective in your role as a Risk Manager.
Data Analyst
Data Analyst
Data Analysts are usually responsible for using data to improve business processes. A penetration test is not typically part of their job, but this course may be useful for performing analysis in connection with a penetration test. This course can help you prepare for and manage these analytical tasks by providing you with real-world experience and insights. By taking this course, you can improve your understanding of how to process and interpret data, which is a critical skill for Data Analysts.
Business Analyst
Business Analyst
Business Analysts typically document processes, perform cost/benefit analyses, and manage projects. Though not typically involved in penetration testing, this course may be useful if you eventually want to work in security. This course can help you to be more effective in your role as a Business Analyst by providing you with real-world experience and insights. By taking this course, you can improve your understanding of how to analyze business processes and data, which are critical skills for Business Analysts.
For more career information including salaries, visit:
OpenCourser.com/course/2was9d/information
Reading list
We've selected six books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Information and Cyber Security GRC: Commission and Manage Penetration Tests.
Provides a comprehensive overview of information security management, from the basics to advanced topics. It valuable resource for anyone who wants to learn more about this critical field of study and prepare for the CISM certification.
Provides a comprehensive overview of network security assessment, from planning and scoping to reporting and response. It valuable resource for anyone who wants to learn more about this critical security practice and prepare for the OSCP certification.
Provides a comprehensive overview of cryptography and network security, from the basics to advanced topics. It valuable resource for anyone who wants to learn more about this critical field of study.
Provides a comprehensive overview of Metasploit, from the basics to advanced topics. It valuable resource for anyone who wants to learn more about this critical penetration testing tool.
Provides a comprehensive overview of exploitation, from the basics to advanced topics. It valuable resource for anyone who wants to learn more about this critical security practice.
Provides a comprehensive overview of computer security, from the basics to advanced topics. It valuable resource for anyone who wants to learn more about this critical field of study.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/2was9d/information
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser