Certification name: ICSI | CWPT Certified Web Penetration Tester
Overview:
The ICSI | CWPT Certified Web Penetration Tester certification confirms the holder’s ability to properly conduct a web penetration test based on industry standards, including identifying the insecurities, vulnerabilities and exploits that lie within web applications.
Topics covered:
- Web application overview
- Scanning and exploiting web applications
- Username enumeration and password attacks
Who will benefit from this course:
- Penetration testers
- Ethical hackers
- Web application developers
Exam certification objectives:
After the successful completion of the exam, students will be able to understand and where applicable apply the following:
- Port Scanning, Enumeration and Application Fingerprinting: Identify open ports, the service and version that runs on each open port.
- Web Application SQL Injection Attacks: Use techniques to identify and exploit SQL injection attacks.
- User Enumeration and Password Attacks: Identify valid users using different techniques and brute force login credentials.
- Web Application Testing Tools: Demonstrate an understanding of tools and techniques required to perform web application testing against web applications.
- Web Application Enumeration: Identify the different web server versions and HTTP methods.
- XSS, XXE and Path Traversal: Identify cross-site scripting (XSS), XML external entity (XXE) and path traversal vulnerabilities.
Exam Details:
Exam code: CPT-WEB
Number of questions: 25
Type of questions: Performance-based multiple choice
Test duration: 2 Hours
Passing score: 70%
Language: English
Exam provider:
All ICSI Certification exams are web-based and required to be remote proctored through ProctorU.
Cost: GBP 200
Renewal:
Every three years