Length: 3 Days
Print Friendly, PDF & Email

5G Penetration Testing and Ethical Hacking Training

As organizations plot strategies to combat 5G cyber-attacks, many are turning to 5G penetration testing and ethical hacking.

Ethical hacking, also known as penetration testing or pen testing, is legally breaking into computers and devices to test an organization’s defenses.

Typically, the information about security weaknesses that are identified or exploited through penetration testing is aggregated and provided to the organization’s IT and network system managers, enabling them to make strategic decisions and prioritize remediation efforts.

Equally salient, a penetration test can also highlight weaknesses in a company’s security policies. For instance, although a security policy focuses on preventing and detecting an attack on an enterprise’s systems, that policy may not include a process to expel a hacker.

Ethical hackers aim to investigate the system or network for weak points that malicious hackers can exploit or destroy. They collect and analyze the information to figure out ways to strengthen the security of the system/network/applications. By doing so,  they can improve the security footprint so that it can better withstand attacks or divert them.

Ethical hackers check for key vulnerabilities such as:

  • Injection attacks
  • Changes in security settings
  • Exposure of sensitive data
  • Breach in authentication protocols
  • Components used in the system or network that may be used as access points

Penetration testers often use automated tools to uncover standard application vulnerabilities. Penetration tools scan code in order to identity malicious code in applications that could result in a security breach. Pen testing tools examine data encryption techniques and can identify hard-coded values, such as usernames and passwords, to verify security vulnerabilities in the system.

Cybersecurity professionals recommend that organizations perform penetration regularly – at least yearly. It’s also a good idea to do a penetration test when an organization modifies end-user policies, establishes new offices, adds new applications or makes important upgrades or modifications to its applications or infrastructures.

5G Penetration Testing and Ethical Hacking Training Course by Tonex

5G Penetration Testing and Ethical Hacking Training prepares participants to conduct successful 5G penetration testing and ethical hacking. Participants will learn about tools and techniques to analyze 5G vulnerabilities, how to perform detailed 5G reconnaissance, exploit target 5G networks and systems to gain access, IoT security testing and mitigation, and scan target 5G networks. ENISA’s threat landscape for 5G Networks and NIST 5G cybersecurity/RMF prepares you with a secure evolution to 5G. This project-based workshop style 5G cybersecurity training will identify several 5G use case (network slices) scenarios and demonstrate for each one how to strengthen the 5G architecture components to mitigate identified risks and meet cybersecurity compliance requirements.

Hands-on exercises and analysis will assist you to conduct a penetration 5G pentest against a sample 5G RAN, MEC, mobile core, IP core networks and cloud platforms.

Who Should Attend 5G Penetration Testing and Ethical Hacking Training?

  • Cybersecurity consultants
  • Security professionals
  • 5G Penetration testers
  • 5G Ethical hackers
  • 5G Network and System Defenders to learn about offensive methodologies, tools, and techniques applied to 5G systems
  • Red Team members
  • Blue Team members
  • Forensics specialists
  • Penetration testers
  • Security analysts
  • Anyone with a desire to learn 5G penetration testing skills.

5G Penetration Testing and Ethical Hacking Training Course Benefits:

  • Learn about 5G use cases, network, functions, architecture, systems, interfaces and data structure
  • Learn the methodologies, tools and hacking techniques used by 5G penetration testers
  • Explore 5G ethical hacking skills including forensics and data extraction methods
  • Gain the skills of a professional 5G security tester
  • 5G Penetration Testing and Ethical Hacking Training prepares you to conduct successful 5G RAN and core penetration testing and ethical hacking projects. Our elite team includes 5G and mobile cyber experts and SMEs, learning specialists and top-ranked security consultants and instructors, and 5G cybersecurity industry leaders.

What You Will Learn

Participants will learn about 5G vulnerabilities and tools/techniques to mitigate them.

With comprehensive coverage of network architecture, interfaces, protocols, tools, techniques, and methodologies for 5G network penetration testing, 5G Penetration Testing and Ethical Hacking Training truly prepares you to conduct high-value penetration testing 5G projects covering all the 5G Use Cases including: Enhanced Mobile broadband (eMBB), Ultra-reliable low latency Communications and Massive IoT.

Below are characteristics of these use cases:

5G Enhanced Mobile Broadband (eMBB) brings the promise of high speed and dense broadband to the subscriber. With gigabit speeds, 5G provides an alternative to traditional fixed line services. Fixed wireless access based on mmWave radio technologies enables the density to support high bandwidth services such as video over a 5G wireless connection. To support eMBB use cases, the mobile core must support the performance density and scalability required.

Ultra-reliable low latency Communications (Robotics, Factory Automation): Ultra-Reliable Low Latency Communications (URLLC) focuses on mission critical services such as augment and virtual reality, tele-surgery and healthcare, intelligent transportation, autonomous driving and industry automation. Traditionally over a wired connection, 5G offers a wireless equivalent to these extremely sensitive use cases. URLLC often requires the mobile core User Plane Function (UPF) to be located geographically closer to then end user in a Control and User plane Separation (CUPS) architecture to achieve the latency requirements.

Massive IoT: Massive IoT in 5G addresses the need to support billions of connections with a range of different services. IoT services range from devices sensors requiring relatively low bandwidth to connected cars which require a similar service to a mobile handset. Network slicing provides a way for service providers to enable Network as a Service (NaaS) to enterprises; giving them the flexibility to manage their own devices and services on the 5G network.

Key Objectives & Gained Skill:

The goal of this practical course is to give the participant a strong and intuitive understanding of what cybersecurity in the 5G systems is and how the security functions are implemented in the 5G, 5G NR, Cloud RAN, MEC, 5GC, Service Based Architecture (SBA), HTTP2/JSON, REST API, and network slices. We will create pentests and evaluate security principles, vulnerabilities, attack vectors and mitigation.

5G penetration test cases will be simulated and performed to evaluate the security of the 5G network and related systems. Participants will identify both 5G weaknesses and vulnerabilities, including the potential for unauthorized parties to gain access to the 5G network, system’s features and data, as well as strengths, enabling a full risk assessment to be completed using RMF framework.

Course Topics and Modules

Introduction to 5G Networks and Systems

  • 5G 101
  • 3GPP 5G-NR
  • Principles of mmWave
  • 5G Communications Overview
  • Channels and Carriers
  • 5G Access Techniques
  • 5G Services
  • 5G NR  Standalone (NSA)
  • 5G NR  Non-Standalone (SA)

5G Network and System Architecture

  • 5G Architectural Components
  • 5G system performance
  • The 5G System Survey
  • Principles of 5G Core (5GC)
  • Service-Based Architecture (SBA)
  • Network Slicing
  • NFV and SDN
  • Multi-Access Edge Computing (MEC)
  • Quick Compare: Verizon, AT&T, T-Mobile, Sprint, others

Intro to 5G Security

  • 5G Network IDs
  • 5G Security Requirements by 3GPP
  • Requirements on the UE
  • Requirements on the gNB
  • Requirements on the ng-eNB
  • Requirements on the AMF
  • Requirements on the SEAF
  • Requirements on the UDM
  • Core network security
  • Trust boundaries
  • Visibility and configurability
  • Requirements for algorithms, and algorithm selection
  • 5G Systems Attacks
  • 5G System Vulnerabilities
  • Threat Assessment
  • Attackers and Assets
  • Attack Surface
  • Attack Trees
  • Security Policy
  • Backdoors
  • Denial of Service (DOS)
  • Defensive Architectures
  • Defensive Hardware Interfaces
  • Public Key Cryptography (PKI)
  • Protecting Data In Motion
  • Secure Software Process

5G System Vulnerability Analysis

  • 5G System and Network Attacks
  • Exploiting 5G Systems and Devices
  • The Stages of System Exploitation
  • Initial Reconnaissance
  • Exploitation
  • Firmware Unpacking and Modification
  • Detecting
  • Extracting
  • Analysis
  • Modification and Creation of new firmware
  • Hacking/exploitation techniques, tools and entry points
  • Defensive technologies

Cybersecurity Attacks and Best Mitigation Practices for 5G Systems

  • Non-Invasive Hardware Reverse Engineering
  • Component identification
  • Interface Analysis
  • Communications Protocols Sniffing
  • Decoding and Deciphering Captured Bits
  • Critical Data Identification and Detection
  • Component Removal and Replacement
  • Electronics and Circuit analysis
  • Security Measures

 5G Zero Trust Architecture

  • What is 5G “Zero Trust”?
  • 5G network architecture and Zero Trust
  • Zero Trust as a strategic initiative
  • Tools to prevent successful data breaches
  • Eliminating the concept of trust rooted in the principle of “never trust
  • Zero Trust to protect 5G environment
  • Leveraging 5G network segmentation
  • Preventing lateral movement
  • Providing Layer 7 5G threat prevention
  • 5G user-access control
  • Deploying 5G Zero Trust
  • Steps to Zero Trust
  • Identify the protect 5G surface
  • Map the 5G transaction flows
  • Build a Zero Trust 5G architecture
  • Create 5G Zero Trust policy
  • Monitor and maintain 5G Zero Trust environment

5G Cybersecurity Assessment 

  • Assessing cyber-related information and control systems to relevant regulations, standards and guidance
  • Gap analysis to unveil security holes
  • real-time situational awareness
  • Insider and external threat protection
  • System hardening and active defenses for comprehensive protection of 5G system 5G environment
  • 5G cybersecurity patching

5G Pentest Workshop

  • Overview of Risk Management Framework (RMF)
  • RMF as a set of criteria that dictate how United States government IT systems must be architected, secured, and monitored
  • RMF and National Institute of Standards and Technology (NIST) foundation for any data security strategy.
  • Evaluate 5G system security vulnerabilities
  • Key Issues
  • Embedded SIM Security
  • 5G Autonomous Driving Security Solutions
  • Critical 5G Security Controls Planning, Implementing and Auditing
  • Top 5G Mitigation Strategies Implementing and Auditing
  • Advanced 5G Security Principles
  • 5G Intrusion Detection
  • 5G Hacker Tools, Techniques, Exploits and Incident Handling
  • Issues with Access Network Flash Network Traffic
  • Radio interface key management
  • User plane integrity
  • Security measures
  • DOS Attacks Against Network Infrastructure
  • Overload of the signaling plane security issues
  • Bulk configuration security issues
  • 5G Security Domains
  • 5G Security Requirements from 3GPP
  • 5G IoT Exploitation
  • 5G Cloud RAN Exploitation
  • 5G SBA/HTTP2/JSON/REST API Exploitation
  • Security Enforcement Points
  • 5G Architecture (RAN, IP Core, Mobile Core, Transport, Etc.)
  • 5G Pen Test Planning
  • 5G Pen Test Scoping, and Recon
  • Inventory of potential 5G vulnerabilities
  • High Value 5G Penetration Test
  • RMF Control Functions applied to 5G

5G Penetration Testing and Ethical Hacking Training

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.