OSSTMM Professional Security Tester Accredited Certification (OPST)
Do you need to see our Exam and Training Schedule?
The OPST is a certification of applied knowledge designed to improve the work done as a professional security tester. This is an important certification for those who want or need to prove they can walk the walk in security testing, the discipline which covers network auditing, ethical hacking, web application testing, intranet application testing, and penetration testing. And it is a critical, eye-opening class for security auditors, network engineers, system and network administrators, developers, network architects, security analysts, and truly anyone who works in IT from systems to networks.
OPST certified personnel are in-demand around the world as the need to assure one can provide technical security skills and ability grows. This challenging certification is provided in technical schools, colleges, universities, and through training partners, all certified by ISECOM to assure consistency, quality, and focus. For this reason, ISECOM can assure any organization on a certified person's level of applied security testing knowledge and their exposure to the appropriate and ethical behavior outlined in the OSSTMM's Rules of Engagement.
ISECOM recommends students have good knowledge of how networking protocols work, a good understanding of how various security devices and programs work, a user level skill with LINUX, and basic experience with server operations/administration particularly in setting up and running daemons and services.
It is important the student selects a training course right for their skill level. Longer courses will provide a great deal more practice, examples, and coaching while shorter classes are more suited to those with more practical experience. Classes range from as much as 60 hours over 30 days to as short as 8 hours in a single day. Talk with the regional ISECOM Certified Training Partner for assistance in choosing the right length of class.
The general course is designed to teach resourcefulness, the scientific method, and the OSSTMM methodology through security testing exercises with an internet-based test network. While practicing elements of security testing, the student is prepared to manage the daily changes in security knowledge with the fundamentals of critical security thinking.
The general course design is as an all-practice course to support the provided theory. It is to learn how to do security testing properly, factually, and scientifically through coaching, examples, and skill tests. The scope of the exam requires self-sufficiency and resourcefulness, therefore the student can expect the training to focus on mastering the topics efficiently. The class prepares the student for successfully navigating the exam and to successfully apply it immediately on the job.
ISECOM provides certification of course trainers and certification of the students who successfully pass the exam. Courses are provided by certified training partners as well as recognized educational institutions under the ISECOM Academic Alliance program. ISECOM does not influence course schedules, course length, provided materials, or course pricing.
The exam acknowledges the skill and ability to apply security and networking knowledge in a scientific manner as required for testing data network security according to the OSSTMM as well as certify ones ability to work professionally as an OSSTMM Auditor or any other facet within the discipline of security testing.
The OPST exam requires a total of 140 answers within 4 hours. The purpose of the exam is to show the extent of security testing accuracy while maintaining efficiency. While it is an open book exam, no communication of any type is allowed. Each question is in the format of multiple-choice multiple-answer. The exam combines paper-based questions with real-time tests performed over the internet of a single vector (internet to DMZ). The choice of tools, materials, and techniques is made by the test taker at the time of the exam.
OPST certification requires a grade of D (60%) or better for certification. Each certificate is accompanied by a transcript which reflects the grade and areas of strengths and weaknesses. The grade of A (90% or better) includes a seal of excellence.
The exam requires mastering the application of the following security testing skills:
- Rules of Engagement
The ability to apply the rules of engagement, as outlined in the latest version of the OSSTMM, to various scenarios.
The ability to properly and legally determine the target scope through public services, determine types of hosting, service providers, peering partners, and any active intrusion detection or service redundancy implementations.
The ability to quickly assess flaws or limitations in the network between the tester and the target, gage appropriate testing speed and efficiency, decipher network and service protection techniques and loss controls. The ability to quickly and scientifically develop new test types and evaluations to assess uncalculated test responses and anomalies.
The ability to accurately and efficiently send and receive packets of any type in the myriad of ways required by the OSSTMM. The ability to use any appropriate packet tool while understanding the functioning of the tool and its limitations. The ability to recognize enumeration techniques, flaws, and fallacies.
The ability to operate within established loss controls (ie. ssl encryption, load balancing, port forwarding, NAT, etc.) to identify services, applications, and protocols. The ability to properly and independently choose the appropriate tool and protocol for each test.
The ability to correctly and accurately identify operating system types and versions through packet and service data correlation with and without the use of fingerprinting tools. The ability to discover unknowns and satisfactorily explain anomalies in a scientific manner.
The ability to apply scientific methodology to the process of vulnerability and weakness identification and verification for an accurate determination of security limitations. The ability to map known exploits to services. The ability to discover exploits of known vulnerabilities for verification. The ability to classify new security limitations appropriately.