CSTM.png

Cyber Scheme Team Member
Exam Preparation

(CSTM)

NCSC (National Cyber Security Centre) mandates that all government penetration testing work must be conducted by organisations that have achieved CHECK status. NCSC deem the CSTM exam to be equivalent to the standard required for a CHECK Team Member (CTM).

 

Candidates entering the class will be introduced to the highly technical world of penetration testing. Whether you are manipulating network traffic to grab passwords with Ettercap, network mapping with Nmap or seeking out vulnerabilities with Metasploit – you will find yourself in a fascinating and engaging environment that will prepare you for the role of pen tester.

During the CSTM course, candidates are taught the theoretical & practical aspects of penetration testing in a real-life, hands-on scenario. You will take part in a mock penetration test against a fictitious client; however, the tools and techniques used will be real. From the moment candidates enter the class, they will be introduced to the highly technical world of penetration testing.

The weekends with a full practical day, allowing candidates to consolidate the skills gained.

Who is the CSTM for?

IT professionals in public or private enterprise are involved in or interested in vulnerability/penetration testing and IT security who wish to test their penetration testing skills to a standard accredited by NCSC/GCHQ.

Qualification

Successful candidates will receive a ‘Certificate of Attainment’ issued by the Cyber Scheme valid for 3 years. The CSTM is a recognised equivalency to CHECK Team Member under the NCSC CHECK Scheme and is a requirement to obtain this status, but please note that CTM status may only be provided by NCSC, subject to status and employment, following successful completion of this examination.

Objectives

  • Information security in the corporate world

  • Professionalism and communication skills

  • Ethics and the law

  • Core network protocols

  • Network enumeration and network mapping

  • Network device management and exploitation

  • Service enumeration

  • Service topology/dependency mapping

  • Application enumeration and profiling

  • Application and operating system management

  • Application and operating system exploitation

Skills Covered

All learning units are undertaken alongside practical exercises within the Merimetso labs.

  • User/Stakeholder Engagement for a Penetration Test

    • Scoping Out a Penetration Test

    • Legal and Ethical

      • Computer Misuse Act

      • Data Protection and GDPR

    • Understand Risk and Risk Management

    • Record Keeping and Report Writing

      • How to analyse and present your results

    • Supply Chain Security

  • Core Technologies

    • Networking

      • The OSI Network Model

      • The TCP/IP Protocol Suite

      • Network Architectures and Network Configuration

      • Network Routing and Network Management Protocols

      • Network Mapping and Traffic Analysis

      • Routers, Switches and Firewalls

    • Cryptography

    • Operating Systems

      • Microsoft Windows

      • Unix and Linux

    • Penetration Testing Methodologies

      • Using Nessus and Metasploit

    • Hardware security

    • Physical Security

  • Information Gathering and Open Source Intelligence

    • Networking and DNS, WHOIS

    • Website Analysis and Search Engines

    • Port Scanning and Banner Grabbing using NMAP

    • Phishing and Social Engineering

  • Microsoft Windows Security

    • Microsoft Windows Operating Architecture

    • Reconnaissance and Enumeration

    • Microsoft Active Directory, Exchange and SharePoint

    • Microsoft Windows Applications

    • File Systems Security and File Permissions

    • Password Security and Password Cracking

    • Remote and Local Vulnerabilities

    • Post-Exploitation and Pivoting

    • Patch Management and Desktop Lockdown

  • Unix/Linux Security

    • The UNIX/Linux Operating Architecture

    • Reconnaissance and Enumeration

    • Network Services

    • File Systems Security and File Permissions

    • Password Security and Password Cracking

    • Remote and Local Vulnerabilities

    • Post-Exploitation and Pivoting

    • Patch Management and Desktop Lockdown

  • Database Security

    • Reconnaissance and Enumeration

    • Remote and Local Vulnerabilities

    • Post-Exploitation and Pivoting

  • Web Security

    • Web Architectures, Protocols and Methods

    • The OWASP Top ten

    • Testing Web APIs and Web Services, SOAP, Thrift and REST

  • Container and Cloud Security

    • Container and Cloud Architecture (AWS and Azure)

    • Container and Cloud Security

    • Authorisation and Identify Management

    • Logging and Monitoring

  • Secure Development Operations

    • Secure Code Practices

    • Security as Code

    • Infrastructure as Code

    • Secure Code Repository

Prerequisites

Candidates undertaking CSTM will be expected to have at least the following:

  • Experience of Windows and Linux operating systems in a networked environment

  • CLI skills, including navigating file systems and manipulating files and directories for both Windows and Linux

  • Ability to interrogate network systems for basic information, such as IP address and MAC address

  • Knowledge of network fundamentals (IP addressing, subnets, routing)

  • Familiarity with TCP/IP stack and OSI model

  • Knowledge of common Internet protocols (HTTP, FTP, DNS etc.)