Certified Network Pentester (CNPen)

Certified Network Pentester (CNPen) is an intermediate-level exam to test a candidate’s knowledge on the core concepts of network security. Candidates must be able to demonstrate practical knowledge to conduct an internal and external network pentest to pass this exam.
Note: The CNPen exam is also listed in the preferred pathway for SynAck’s SRT criteria.

£250.00

Testimonials

Quentin S. <span class="cFlag">🇫🇷</span>
Quentin S. 🇫🇷
Tests d'intrusion | OSINT | GEOINT | Synoslabs
CNPen
Read More
I am pleased to announce that I am now #certified Network Pentester (#CNPEN) by The SecOps Group 🚀. The exam lasts 4 hours and consists of 15 practice questions that must be answered. Without going into too much detail, this can range from operating a #webapp through open source #OSINT research and then ending with enumeration and operation on an Active Directory domain. The level required is not extremely high but it always feels good to go over the basics and gain experience with this type of certification.
Mason Schmidt <span class="cFlag">🇺🇸</span>
Mason Schmidt 🇺🇸
Senior Penetration Tester
CNPen
Read More
I was able to take advantage of the The SecOps Group sale on pen testing exams the other day and decided to give this one a go with no study time... That was a mistake!! Needless to say I was sweating bullets towards the end of it. Overall a great exam experience and would highly recommend to those that are looking to demonstrate their network penetration testing knowledge. I will definitely be doing some studying before I move onto the Appsec exam!
Rodolphe Ghio <span class="cFlag">🇫🇷</span>
Rodolphe Ghio 🇫🇷
App Security Engineer @ Squad for CMA-CGM
CNPen
Read More
Thrilled to share I've successfully earned the Certified Network Pentester certification with merit from The SecOps Group! This journey has sharpened my skills across a broad spectrum of cybersecurity domains, including: OSINT Techniques & Network Mapping, Brute-force & Vulnerability Exploitation, Unix/Linux & Windows Vulnerabilities, Credential Security, Advanced Attack Strategies, Network Defense.
Elzer P. <span class="cFlag">🇵🇦</span>
Elzer P. 🇵🇦
Red Team Ops | Pentester | Cyber Security Specialist | OSCP | CRTP | CRTO | CNPEN
CAPen
Read More
It was an intense 4 hours of hacking (high level), but it was worth the effort! Thanks to the team The SecOps Group for this challenging and gratifying experience.
Previous
Next
What is the Certified Network Pentester (CNPen) exam?

Certified Network Pentester (CNPen) is an intermediate-level exam to test a candidate’s knowledge on the core concepts of network security. Candidates must be able to demonstrate practical knowledge to conduct an internal and external network pentest to pass this exam.

Who should take this exam?

CNPen is intended to be taken by pentesters, security architects, SOC analysts, red and blue team members and any network security enthusiast, who wants to evaluate and advance their knowledge.

What is the format of the exam?

CNPen is an intense 4 hour long practical exam. It requires candidates to solve a number of challenges, identify and exploit various vulnerabilities and obtain flags. The exam can be taken online, anytime (on-demand) and from anywhere. Candidates will need to connect to the exam VPN server to access the infrastructure set up for the exam.

What is the pass criteria for the exam?

The pass criteria are as follows:

  • Candidates scoring over 60% marks will be deemed to have successfully passed the exam.
  • Candidates scoring over 75% marks will be deemed to have passed with a merit.
What is the experience needed to take the exam?

This is an intermediate-level exam. Candidates should have prior knowledge and experience of network pentesting and familiarity with its common tactics, techniques and procedures. They should be able to demonstrate their practical knowledge on Network security topics by completing a series of tasks on identifying and exploiting vulnerabilities that have been created in the exam environment to mimic the real world scenarios.

Note: As this is an intermediate-level exam, a minimum of two years of professional pentesting/bug-bounty experience is recommended.

What will the candidates get?

On completing the exam, each candidate will receive:

  • A certificate with their pass/fail and merit status.
  • The certificate will contain a code/QR link, which can be used by anyone to validate the certificate.
What is the exam retake policy?

Candidates, who fail the exam, are allowed 1 free exam retake within the exam fees.

What are the benefits of this exam?

The exam will allow candidates to demonstrate their skills in network pentesting. This will help them to advance in their career.

How long is the certificate valid for?

The certificate does not have an expiration date. However, the passing certificate will mention the details of the exam such as the exam version and the date. As the exam is updated over time, candidates should retake the newer version as per their convenience.

Will you provide any training that can be taken prior to the exams?

Being an independent certifying authority, we (The SecOps Group) do not provide any training for the exam. Candidates should carefully go over each topic listed in the syllabus and make sure they have adequate understanding, required experience and practical knowledge of these topics. Further, the following independent resources can be utilised to prepare for the exams.

Exam syllabus

The exam will cover the following topics:

Common OSINT Techniques
Network Mapping and Target Identification
Brute-force Attacks
Vulnerability Identification and Exploitation using Common Hacking Tools
Application Server Flaws
Insecure Protocols
*nix Vulnerabilities
Insecure File permissions
Security Misconfigurations Leading to Privilege Escalation Attacks
Windows Active Directory Attacks (on-premise)
OS Credential Dumping and Replay
Kerberoasting; Golden and Silver Tickets
Password Attacks and Password Cracking
Administrative Shares Exploitation
Persistence Techniques
Lateral Movements
Common Security Weaknesses affecting Cloud Services

Certified Network Pentester (CNPen)

certified-network-pentester