{"id":7888,"date":"2022-07-08T08:46:52","date_gmt":"2022-07-08T07:46:52","guid":{"rendered":"https:\/\/cyberschool.univ-rennes.fr\/?page_id=7888"},"modified":"2026-03-12T14:29:48","modified_gmt":"2026-03-12T13:29:48","slug":"security-policies-and-pentest","status":"publish","type":"page","link":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/","title":{"rendered":"Security Policies and Pentest"},"content":{"rendered":"\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Teaching goals<\/h2>\n                        <div class=\"contain-txt\">\n<div class=\"contain-txt\">\n<ul>\n<li>Permettre aux \u00e9tudiants de conna\u00eetre les concepts de l\u2019analyse de risque et de la mise en \u0153uvre d\u2019une politique de s\u00e9curit\u00e9 de syst\u00e8me d\u2019information.<\/li>\n<li>Ma\u00eetriser les d\u00e9marches n\u00e9cessaires pour maintenir en condition de s\u00e9curit\u00e9 des syst\u00e8mes d\u2019information.<\/li>\n<li>Apprendre \u00e0 expliquer la politique de s\u00e9curit\u00e9 aupr\u00e8s des acteurs de la gouvernance et des acteurs techniques de l\u2019entreprise.<\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n\n\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Course description<\/h2>\n                        <div class=\"contain-txt\">\n<div class=\"contain-txt\">\n<p>Les \u00e9tudiants parcourent les concepts suivants : Politique de s\u00e9curit\u00e9, gestion du risque, analyse et sc\u00e9nario de la menace, biens primordiaux.<\/p>\n<p>Ce module est divis\u00e9 en deux parties :<\/p>\n<p><b>Partie A<\/b>: Risk analysis: Comprendre les concepts de l\u2019analyse de risque en cybers\u00e9curit\u00e9<\/p>\n<p><b>Partie B <\/b>: Security policy\u00a0:\u00a0 Comprendre l\u2019attaque pour mieux se d\u00e9fendre<\/p>\n<p>Cette partie de la formation vise \u00e0 r\u00e9aliser une prestation de test d\u2019intrusion pour une entreprise fictive. Ce test est r\u00e9alis\u00e9 sur un r\u00e9seau d\u2019entreprise virtualis\u00e9 comprenant une trentaine de machines et composants r\u00e9seau. Cet exercice permet aux \u00e9tudiants de d\u00e9couvrir et d\u2019approfondir de nombreux concepts organisationnels et techniques.<\/p>\n<p>Pour ce faire, l\u2019\u00e9tudiant doit adopter une approche pragmatique pour d\u00e9tecter et \u00e9valuer les risques li\u00e9s aux vuln\u00e9rabilit\u00e9s d\u00e9tect\u00e9es.<\/p>\n<p>Ces r\u00e9sultats sont ensuite restitu\u00e9s dans un rapport de test d\u2019intrusion.<\/p>\n<\/div>\n<\/div>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section class=\"tuiles\">\n    <div class=\"container\">\n                <div class=\"bloc\">\n            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Keywords<\/h2>\n            <div class=\"contain-txt\">\n<div class=\"contain-txt\">\n<p>Risk analysis- Security policy<\/p>\n<p>Pentest \u2013 network<\/p>\n<\/div>\n<\/div>\n\n                    <\/div>\n                <div class=\"bloc\">\n            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Prerequisites<\/h2>\n            <p>Fondamentaux des syst\u00e8mes d\u2019information, Linux (Kali), Network, Windows.<\/p>\n\n                    <\/div>\n            <\/div>\n<\/section>\n\n\n\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Bibliography<\/h2>\n                        <div class=\"contain-txt\">\n<div class=\"contain-txt\">\n<p><b>Partie A : Comprendre les concepts de l\u2019analyse de risque en cyber s\u00e9curit\u00e9<\/b><\/p>\n<ul>\n<li aria-level=\"1\">An Introduction to ISO 27001, ISO 27002\u2026.ISO 27008, by The ISO 27000 Directory<\/li>\n<li aria-level=\"1\">Cybers\u00e9curit\u00e9 : Analyser les risques, mettre en \u0153uvre les solutions (6\u00e8me \u00e9dition), by Solange Ghernaouti, 2019<\/li>\n<li aria-level=\"1\">EBIOS \u2013 Expression des besoins et identification des objectifs de s\u00e9curit\u00e9, by Agence nationale de la s\u00e9curit\u00e9 des syst\u00e8mes d\u2019information (ANSSI), 2011<\/li>\n<li aria-level=\"1\">S\u00e9curit\u00e9 informatique : Pour les DSI, RSSI et administrateurs (5\u00e8me \u00e9dition), by Laurent Bloch, Christophe Wolfhugel, Ary Kokos, G\u00e9r\u00f4me Billois, Arnaud Soulli\u00e9, Alexandre Anzala-Yamajako and Thomas Debize, 2016<\/li>\n<\/ul>\n<p><b>Partie B : Comprendre l\u2019attaque pour mieux se d\u00e9fendre<\/b><\/p>\n<ul>\n<li aria-level=\"1\">Metasploit \u2013 The Penetration Tester\u2019s Guide, by David Kennedy, Jim O\u2019Gorman, Devon Kearns, and Mati Aharoni, 2011<\/li>\n<li aria-level=\"1\">Nmap 6 \u2013 Network exploration and security auditing Cookbook, by Paulino Calderon Pale, 2012<\/li>\n<li aria-level=\"1\">Rtfm: Red Team Field Manual, by Ben Clark, 2014<\/li>\n<li aria-level=\"1\">Penetration Testing \u2013 A Hands-On Introduction to Hacking, by Georgia Weidman, 2014.<\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n        <\/div>\n    <\/div>\n<\/section>\n\n\n\n<section class=\"txt\">\n    <div class=\"container\">\n        <div class=\"bloc-txt\">\n                            <h2><span class=\"elipse\"><\/span><span class=\"trait\"><\/span>Biographies<\/h2>\n                        <p><strong>Thibaud Badouard<\/strong> est Responsable de la S\u00e9curit\u00e9 des Syst\u00e8mes d\u2019Information<span aria-hidden=\"true\"> au sein de l\u2019\u00e9quipe de s\u00e9curit\u00e9 op\u00e9rationnelle du GIP RENATER o\u00f9 il exerce un large spectre de missions techniques et organisationnelles.<\/span><\/p>\n<p><strong>J\u00e9r\u00e9my Agez<\/strong> est auditeur Pentester confirm\u00e9 chez Orange Cyberdefense.<\/p>\n\n        <\/div>\n    <\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":8,"featured_media":0,"parent":11707,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.13 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Security Policies and Pentest - CyberSchool<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Policies and Pentest - CyberSchool\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/\" \/>\n<meta property=\"og:site_name\" content=\"CyberSchool\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CSchoolRennes\/\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-12T13:29:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cyberschool.univ-rennes.fr\/app\/uploads\/2021\/02\/cover-social-network.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@CSchoolRennes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/\",\"url\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/\",\"name\":\"Security Policies and Pentest - CyberSchool\",\"isPartOf\":{\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/#website\"},\"datePublished\":\"2022-07-08T07:46:52+00:00\",\"dateModified\":\"2026-03-12T13:29:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Education\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Master\u2019s and postgraduate programmes\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Master\u2019s Cybersecurity, Science of Software and Hardware Security\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Study programme of the Master\u2019s Cybersecurity, Science of Software and Hardware Security\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/\"},{\"@type\":\"ListItem\",\"position\":6,\"name\":\"Security Policies and Pentest\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/#website\",\"url\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/\",\"name\":\"CyberSchool\",\"description\":\"Just another WordPress site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Policies and Pentest - CyberSchool","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/","og_locale":"en_US","og_type":"article","og_title":"Security Policies and Pentest - CyberSchool","og_url":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/","og_site_name":"CyberSchool","article_publisher":"https:\/\/www.facebook.com\/CSchoolRennes\/","article_modified_time":"2026-03-12T13:29:48+00:00","og_image":[{"width":1500,"height":500,"url":"https:\/\/cyberschool.univ-rennes.fr\/app\/uploads\/2021\/02\/cover-social-network.jpeg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@CSchoolRennes","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/","url":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/","name":"Security Policies and Pentest - CyberSchool","isPartOf":{"@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/#website"},"datePublished":"2022-07-08T07:46:52+00:00","dateModified":"2026-03-12T13:29:48+00:00","breadcrumb":{"@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/security-policies-and-pentest\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/"},{"@type":"ListItem","position":2,"name":"Education","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/"},{"@type":"ListItem","position":3,"name":"Master\u2019s and postgraduate programmes","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/"},{"@type":"ListItem","position":4,"name":"Master\u2019s Cybersecurity, Science of Software and Hardware Security","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/"},{"@type":"ListItem","position":5,"name":"Study programme of the Master\u2019s Cybersecurity, Science of Software and Hardware Security","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/"},{"@type":"ListItem","position":6,"name":"Security Policies and Pentest"}]},{"@type":"WebSite","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/#website","url":"https:\/\/cyberschool.univ-rennes.fr\/en\/","name":"CyberSchool","description":"Just another WordPress site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cyberschool.univ-rennes.fr\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/7888"}],"collection":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/comments?post=7888"}],"version-history":[{"count":12,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/7888\/revisions"}],"predecessor-version":[{"id":18452,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/7888\/revisions\/18452"}],"up":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/11707"}],"wp:attachment":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/media?parent=7888"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}