Length: 3 Days
Print Friendly, PDF & Email

5G Penetration Testing and Ethical Hacking Training

The primary objective of penetration testing is to identify security weaknesses, although penetration testing can also be used to test an organization’s security policy, its adherence to compliance requirements, its employees’ security awareness and the organization’s ability to identify and respond to security incidents.

This procedure has become increasingly useful for organizations concerned about cyber-attacks, breaches and security compliance in general.

More and more organizations are turning to penetration testing and ethical hackers due to incessant warnings from cybersecurity professionals about the vulnerabilities of 5G architecture – especially as how it relates to the massive interconnectivity of Internet of Things (IoT) devices. While IoT advances technology, it also creates many more portals of entry for cybercriminals.

Consequently, 5G and its known vulnerabilities has opened up a significant job niche for the professional ethical hacker whose task it is to investigate the system or network for weak points that malicious hackers can exploit or destroy.

These “white hat” hackers for hire, typically look for information about security weaknesses that are identified or exploited through penetration testing. A report is then aggregated and provided to the organization’s IT and network system managers, enabling them to make strategic decisions and prioritize remediation efforts.

Ethical hackers then collect and analyze the information to figure out ways to strengthen the security of the system/network/applications. By doing so, they can improve the security footprint so that it can better withstand attacks or divert them.

The benefits of 5G penetration testing are considerable including avoiding service disruptions. Be it a security fault, a disruption in the application performance, or any other interference, conducting testing can assist in dodging service disturbances.

The inability to identify any such errors may not only damage the organization’s reputation but also lead to a loss of loyal customers, incur unanticipated fines and financial instability.

Several different methods of pen testing are currently used by cybersecurity conscious organizations including external testing. This is where pen testing targets the assets of a company that are visible on the internet, such as the web application itself, the company website, and email and domain name servers (DNS). The goal is to gain access and extract valuable data.

Today, ethical hackers have a large assortment of automated testing tools to choose from to make the modern pentester’s job faster, better and smarter.

For example, network mapper (nmap) is a staple software used by ethical hackers for penetration testing. Organizations such as insurance agencies, internet cartographers and even risk scorers scan the entire IPv4 range regularly with specialized port-scanning software to map the public security posture of enterprises both large and small.

5G Penetration Testing and Ethical Hacking Training Course by Tonex

5G Penetration Testing and Ethical Hacking Training prepares participants to conduct successful 5G penetration testing and ethical hacking. Participants will learn about tools and techniques to analyze 5G vulnerabilities, how to perform detailed 5G reconnaissance, exploit target 5G networks and systems to gain access, IoT security testing and mitigation, and scan target 5G networks. ENISA’s threat landscape for 5G Networks and NIST 5G cybersecurity/RMF prepares you with a secure evolution to 5G. This project-based workshop style 5G cybersecurity training will identify several 5G use case (network slices) scenarios and demonstrate for each one how to strengthen the 5G architecture components to mitigate identified risks and meet cybersecurity compliance requirements.

Hands-on exercises and analysis will assist you to conduct a penetration 5G pen test against a sample 5G RAN, MEC, mobile core, IP core networks and cloud platforms.

Who Should Attend 5G Penetration Testing and Ethical Hacking Training?

  • Cybersecurity consultants
  • Security professionals
  • 5G Penetration testers
  • 5G Ethical hackers
  • 5G Network and System Defenders to learn about offensive methodologies, tools, and techniques applied to 5G systems
  • Red Team members
  • Blue Team members
  • Forensics specialists
  • Penetration testers
  • Security analysts
  • Anyone with a desire to learn 5G penetration testing skills.

5G Penetration Testing and Ethical Hacking Training Course Benefits:

  • Learn about 5G use cases, network, functions, architecture, systems, interfaces and data structure
  • Learn the methodologies, tools and hacking techniques used by 5G penetration testers
  • Explore 5G ethical hacking skills including forensics and data extraction methods
  • Gain the skills of a professional 5G security tester
  • 5G Penetration Testing and Ethical Hacking Training prepares you to conduct successful 5G RAN and core penetration testing and ethical hacking projects. Our elite team includes 5G and mobile cyber experts and SMEs, learning specialists and top-ranked security consultants and instructors, and 5G cybersecurity industry leaders.

What You Will Learn

Participants will learn about 5G vulnerabilities and tools/techniques to mitigate them.

With comprehensive coverage of network architecture, interfaces, protocols, tools, techniques, and methodologies for 5G network penetration testing, 5G Penetration Testing and Ethical Hacking Training truly prepares you to conduct high-value penetration testing 5G projects covering all the 5G Use Cases including: Enhanced Mobile broadband (eMBB), Ultra-reliable low latency Communications and Massive IoT.

Below are characteristics of these use cases:

5G Enhanced Mobile Broadband (eMBB) brings the promise of high speed and dense broadband to the subscriber. With gigabit speeds, 5G provides an alternative to traditional fixed line services. Fixed wireless access based on mmWave radio technologies enables the density to support high bandwidth services such as video over a 5G wireless connection. To support eMBB use cases, the mobile core must support the performance density and scalability required.

Ultra-reliable low latency Communications (Robotics, Factory Automation): Ultra-Reliable Low Latency Communications (URLLC) focuses on mission critical services such as augment and virtual reality, tele-surgery and healthcare, intelligent transportation, autonomous driving and industry automation. Traditionally over a wired connection, 5G offers a wireless equivalent to these extremely sensitive use cases. URLLC often requires the mobile core User Plane Function (UPF) to be located geographically closer to then end user in a Control and User plane Separation (CUPS) architecture to achieve the latency requirements.

Massive IoT: Massive IoT in 5G addresses the need to support billions of connections with a range of different services. IoT services range from devices sensors requiring relatively low bandwidth to connected cars which require a similar service to a mobile handset. Network slicing provides a way for service providers to enable Network as a Service (NaaS) to enterprises; giving them the flexibility to manage their own devices and services on the 5G network.

Key Objectives & Gained Skill:

The goal of this practical course is to give the participant a strong and intuitive understanding of what cybersecurity in the 5G systems is and how the security functions are implemented in the 5G, 5G NR, Cloud RAN, MEC, 5GC, Service Based Architecture (SBA), HTTP2/JSON, REST API, and network slices. We will create pen tests and evaluate security principles, vulnerabilities, attack vectors and mitigation.

5G penetration test cases will be simulated and performed to evaluate the security of the 5G network and related systems. Participants will identify both 5G weaknesses and vulnerabilities, including the potential for unauthorized parties to gain access to the 5G network, system’s features and data, as well as strengths, enabling a full risk assessment to be completed using RMF framework.

Course Topics and Modules

Introduction to 5G Networks and Systems

  • 5G 101
  • 3GPP 5G-NR
  • Principles of mmWave
  • 5G Communications Overview
  • Channels and Carriers
  • 5G Access Techniques
  • 5G Services
  • 5G NR  Standalone (NSA)
  • 5G NR  Non-Standalone (SA)

5G Network and System Architecture

  • 5G Architectural Components
  • 5G system performance
  • The 5G System Survey
  • Principles of 5G Core (5GC)
  • Service-Based Architecture (SBA)
  • Network Slicing
  • NFV and SDN
  • Multi-Access Edge Computing (MEC)
  • Quick Compare: Verizon, AT&T, T-Mobile, Sprint, others

Intro to 5G Security

  • 5G Network IDs
  • 5G Security Requirements by 3GPP
  • Requirements on the UE
  • Requirements on the gNB
  • Requirements on the ng-eNB
  • Requirements on the AMF
  • Requirements on the SEAF
  • Requirements on the UDM
  • Core network security
  • Trust boundaries
  • Visibility and configurability
  • Requirements for algorithms, and algorithm selection
  • 5G Systems Attacks
  • 5G System Vulnerabilities
  • Threat Assessment
  • Attackers and Assets
  • Attack Surface
  • Attack Trees
  • Security Policy
  • Backdoors
  • Denial of Service (DOS)
  • Defensive Architectures
  • Defensive Hardware Interfaces
  • Public Key Cryptography (PKI)
  • Protecting Data In Motion
  • Secure Software Process

5G System Vulnerability Analysis

  • 5G System and Network Attacks
  • Exploiting 5G Systems and Devices
  • The Stages of System Exploitation
  • Initial Reconnaissance
  • Exploitation
  • Firmware Unpacking and Modification
  • Detecting
  • Extracting
  • Analysis
  • Modification and Creation of new firmware
  • Hacking/exploitation techniques, tools and entry points
  • Defensive technologies

Cybersecurity Attacks and Best Mitigation Practices for 5G Systems

  • Non-Invasive Hardware Reverse Engineering
  • Component identification
  • Interface Analysis
  • Communications Protocols Sniffing
  • Decoding and Deciphering Captured Bits
  • Critical Data Identification and Detection
  • Component Removal and Replacement
  • Electronics and Circuit analysis
  • Security Measures

 5G Zero Trust Architecture

  • What is 5G “Zero Trust”?
  • 5G network architecture and Zero Trust
  • Zero Trust as a strategic initiative
  • Tools to prevent successful data breaches
  • Eliminating the concept of trust rooted in the principle of “never trust
  • Zero Trust to protect 5G environment
  • Leveraging 5G network segmentation
  • Preventing lateral movement
  • Providing Layer 7 5G threat prevention
  • 5G user-access control
  • Deploying 5G Zero Trust
  • Steps to Zero Trust
  • Identify the protect 5G surface
  • Map the 5G transaction flows
  • Build a Zero Trust 5G architecture
  • Create 5G Zero Trust policy
  • Monitor and maintain 5G Zero Trust environment

5G Cybersecurity Assessment 

  • Assessing cyber-related information and control systems to relevant regulations, standards and guidance
  • Gap analysis to unveil security holes
  • real-time situational awareness
  • Insider and external threat protection
  • System hardening and active defenses for comprehensive protection of 5G system 5G environment
  • 5G cybersecurity patching

5G Pentest Workshop

  • Overview of Risk Management Framework (RMF)
  • RMF as a set of criteria that dictate how United States government IT systems must be architected, secured, and monitored
  • RMF and National Institute of Standards and Technology (NIST) foundation for any data security strategy.
  • Evaluate 5G system security vulnerabilities
  • Key Issues
  • Embedded SIM Security
  • 5G Autonomous Driving Security Solutions
  • Critical 5G Security Controls Planning, Implementing and Auditing
  • Top 5G Mitigation Strategies Implementing and Auditing
  • Advanced 5G Security Principles
  • 5G Intrusion Detection
  • 5G Hacker Tools, Techniques, Exploits and Incident Handling
  • Issues with Access Network Flash Network Traffic
  • Radio interface key management
  • User plane integrity
  • Security measures
  • DOS Attacks Against Network Infrastructure
  • Overload of the signaling plane security issues
  • Bulk configuration security issues
  • 5G Security Domains
  • 5G Security Requirements from 3GPP
  • 5G IoT Exploitation
  • 5G Cloud RAN Exploitation
  • 5G SBA/HTTP2/JSON/REST API Exploitation
  • Security Enforcement Points
  • 5G Architecture (RAN, IP Core, Mobile Core, Transport, Etc.)
  • 5G Pen Test Planning
  • 5G Pen Test Scoping, and Recon
  • Inventory of potential 5G vulnerabilities
  • High Value 5G Penetration Test
  • RMF Control Functions applied to 5G

5G Penetration Testing and Ethical Hacking Training

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.