Certified Ethical Hacker
|
|
- Elijah Garrett
- 8 years ago
- Views:
Transcription
1 Certified Ethical Hacker Authrized EC Cuncil Versin 9 Class Descriptin This class will immerse the students int an interactive envirnment where they will be shwn hw t scan, test, hack and secure their wn systems. The lab intensive envirnment gives each student in-depth knwledge and practical experience with the current essential security systems. Students will begin by understanding hw perimeter defenses wrk and then be lead int scanning and attacking their wn netwrks, n real netwrk is harmed. Students then learn hw intruders escalate privileges and what steps can be taken t secure a system. Students will als learn abut Intrusin Detectin, Plicy Creatin, Scial Engineering, DDS Attacks, Buffer Overflws and Virus Creatin. When a student leaves this intensive 5 day class they will have hands n understanding and experience in Ethical Hacking. This curse prepares yu fr EC- Cuncil ANSI accredited Certified Ethical Hacker exam Audience This curse will significantly benefit security fficers, auditrs, security prfessinals, site administratrs, and anyne wh is cncerned abut the integrity f the netwrk infrastructure. Curse Details Intrductin t Ethical Hacking 1. Intrductin t Ethical Hacking Internet is Integral Part f Business and Persnal Life - What Happens Online in 60 Secnds Infrmatin Security Overview Case Study ebay Data Breach Ggle Play Hack The Hme Dept Data Breach Year f the Mega Breach Data Breach Statistics Tel E. Fairview Ave Ste 12, Meridian, ID 83642
2 Malware Trends in 2014 Essential Terminlgy Elements f Infrmatin Security The Security, Functinality, and Usability Triangle Infrmatin Security Threats and Attack Vectrs Mtives, Gals, and Objectives f Infrmatin Security Attacks Tp Infrmatin Security Attack Vectrs Infrmatin Security Threat Categries Types f Attacks n a System Operating System Attacks Examples f OS Vulnerabilities Miscnfiguratin Attacks Applicatin-Level Attacks Examples f Applicatin-Level Attacks Shrink Wrap Cde Attacks Infrmatin Warfare Hacking Cncepts, Types, and Phases What is Hacking Wh is a Hacker? Hacker Classes Hacking Phases Recnnaissance Scanning Gaining Access Maintaining Access Clearing Tracks Ethical Hacking Cncepts and Scpe What is Ethical Hacking? Why Ethical Hacking is Necessary Scpe and Limitatins f Ethical Hacking Skills f an Ethical Hacker Infrmatin Security Cntrls Infrmatin Assurance (IA) Infrmatin Security Management Prgram Threat Mdeling Enterprise Infrmatin Security Architecture (EISA) Page 2 f 46
3 Netwrk Security Zning Defense in Depth Infrmatin Security Plicies Types f Security Plicies Examples f Security Plicies Privacy Plicies at Wrkplace Steps t Create and Implement Security Plicies HR/Legal Implicatins f Security Plicy Enfrcement Physical Security Physical Security Cntrls Incident Management Incident Management Prcess Respnsibilities f an Incident Respnse Team What is Vulnerability Assessment? Types f Vulnerability Assessment Netwrk Vulnerability Assessment Methdlgy Vulnerability Research Vulnerability Research Websites Penetratin Testing Why Penetratin Testing Cmparing Security Audit, Vulnerability Assessment, and Penetratin Testing Blue Teaming/Red Teaming Types f Penetratin Testing Phases f Penetratin Testing Security Testing Methdlgy Penetratin Testing Methdlgy Infrmatin Security Laws and Standards Payment Card Industry Data Security Standard (PCI-DSS) ISO/IEC 27001:2013 Health Insurance Prtability and Accuntability Act (HIPAA) Sarbanes Oxley Act (SOX) The Digital Millennium Cpyright Act (DMCA) and Federal Infrmatin Security Management Act (FISMA) Cyber Law in Different Cuntries Page 3 f 46
4 2. Ftprinting and Recnnaissance Ftprinting Cncepts What is Ftprinting? Objectives f Ftprinting Ftprinting Methdlgy Ftprinting thrugh Search Engines Finding Cmpany s Public and Restricted Websites Determining the Operating System Cllect Lcatin Infrmatin Peple Search: Scial Netwrking Services Peple Search Online Services Gather Infrmatin frm Financial Services Ftprinting thrugh Jb Sites Mnitring Target Using Alerts Infrmatin Gathering Using Grups, Frums, and Blgs Ftprinting using Advanced Ggle Hacking Techniques Ggle Advance Search Operatrs Finding Resurces Using Ggle Advance Operatr Ggle Hacking Database (GHDB) Infrmatin Gathering Using Ggle Advanced Search Ftprinting thrugh Scial Netwrking Sites Cllect Infrmatin thrugh Scial Engineering n Scial Netwrking Sites Infrmatin Available n Scial Netwrking Sites Website Ftprinting Website Ftprinting using Web Spiders Mirrring Entire Website Website Mirrring Tls Extract Website Infrmatin frm Mnitring Web Updates Using Website Watcher Ftprinting Web Updates Mnitring Tls Tracking Cmmunicatins Cllecting Infrmatin frm Header Page 4 f 46
5 Tracking Tls Cmpetitive Intelligence Cmpetitive Intelligence Gathering Cmpetitive Intelligence - When Did this Cmpany Begin? Hw Did it Develp? Cmpetitive Intelligence - What Are the Cmpany's Plans? Cmpetitive Intelligence - What Expert Opinins Say Abut the Cmpany Mnitring Website Traffic f Target Cmpany Tracking Online Reputatin f the Target WHOIS Ftprinting Tls fr Tracking Online Reputatin f the Target WHOIS Lkup WHOIS Lkup Result Analysis WHOIS Lkup Tls WHOIS Lkup Tls fr Mbile DNS Ftprinting Extracting DNS Infrmatin DNS Interrgatin Tls Netwrk Ftprinting Lcate the Netwrk Range Tracerute Tracerute Analysis Tracerute Tls Ftprinting thrugh Scial Engineering Ftprinting thrugh Scial Engineering Cllect Infrmatin Using Eavesdrpping, Shulder Surfing, and Dumpster Diving Ftprinting Tls Ftprinting Tl Malteg Recn-ng Additinal Ftprinting Tls Ftprinting Cuntermeasures Ftprinting Penetratin Testing Ftprinting Pen Testing Page 5 f 46
6 Ftprinting Pen Testing Reprt Templates 3. Scanning Netwrks Overview f Netwrk Scanning TCP Cmmunicatin Flags TCP/IP Cmmunicatin Creating Custm Packet Using TCP Flags CEH Scanning Methdlgy Check fr Live Systems Checking fr Live Systems - ICMP Scanning Ping Sweep Check fr Open Prts Ping Sweep Tls SSDP Scanning Scanning IPv6 Netwrk Scanning Tl Nmap Hping2 / Hping3 Hping Cmmands Scanning Techniques TCP Cnnect / Full Open Scan Stealth Scan (Half-pen Scan) Inverse TCP Flag Scanning Xmas Scan ACK Flag Prbe Scanning IDLE/IPID Header Scan IDLE Scan: Step 1 IDLE Scan: Step 2 and 3 UDP Scanning ICMP Ech Scanning/List Scan Scanning Tl: NetScan Tls Pr Scanning Tls Scanning Tls fr Mbile Page 6 f 46
7 Prt Scanning Cuntermeasures Scanning Beynd IDS IDS Evasin Techniques SYN/FIN Scanning Using IP Fragments Banner Grabbing Banner Grabbing Tls Banner Grabbing Cuntermeasures Disabling r Changing Banner Hiding File Extensins frm Web Pages Scan fr Vulnerability Vulnerability Scanning Vulnerability Scanning Tl Nessus GAFI LanGuard Qualys FreeScan Netwrk Vulnerability Scanners Vulnerability Scanning Tls fr Mbile Draw Netwrk Diagrams Drawing Netwrk Diagrams Netwrk Discvery Tl Netwrk Tplgy Mapper OpManager and NetwrkView Netwrk Discvery and Mapping Tls Netwrk Discvery Tls fr Mbile Prepare Prxies Prxy Servers Prxy Chaining Prxy Tl Prxy Switcher Prxy Wrkbench TOR and CyberGhst Prxy Tls Prxy Tls fr Mbile Free Prxy Servers Intrductin t Annymizers Censrship Circumventin Tl: Tails Page 7 f 46
8 G-Zapper Annymizers Annymizers fr Mbile Spfing IP Address IP Spfing Detectin Techniques Direct TTL Prbes IP Identificatin Number TCP Flw Cntrl Methd IP Spfing Cuntermeasures Scanning Pen Testing 4. Enumeratin Enumeratin Cncepts What is Enumeratin? Techniques fr Enumeratin Services and Prts t Enumerate NetBIOS Enumeratin NetBIOS Enumeratin Tl SuperScan Hyena Winfingerprint NetBIOS Enumeratr and Nsauditr Netwrk Security Auditr Enumerating User Accunts Enumerating Shared Resurces Using Net View SNMP Enumeratin Wrking f SNMP Management Infrmatin Base (MIB) SNMP Enumeratin Tl OpUtils Engineer s Tlset SNMP Enumeratin Tls LDAP Enumeratin LDAP Enumeratin Tl: Sfterra LDAP Administratr LDAP Enumeratin Tls Page 8 f 46
9 NTP Enumeratin NTP Enumeratin Cmmands NTP Enumeratin Tls SMTP Enumeratin SMTP Enumeratin Tl: NetScanTls Pr Telnet Enumeratin DNS Zne Transfer Enumeratin Using NSLkup Enumeratin Cuntermeasures SMB Enumeratin Cuntermeasures Enumeratin Pen Testing 5. System Hacking Infrmatin at Hand Befre System Hacking Stage System Hacking: Gals CEH Hacking Methdlgy (CHM) CEH System Hacking Steps Cracking Passwrds Passwrd Cracking Types f Passwrd Attacks Nn-Electrnic Attacks Active Online Attack Dictinary, Brute Frcing and Rule-based Attack Passwrd Guessing Default Passwrds Active Online Attack: Trjan/Spyware/Keylgger Example f Active Online Attack Using USB Drive Hash Injectin Attack Passive Online Attack Wire Sniffing Man-in-the-Middle and Replay Attack Offline Attack Page 9 f 46
10 Rainbw Attacks Tls t Create Rainbw Tables: rtgen and Winrtgen Distributed Netwrk Attack Elcmsft Distributed Passwrd Recvery Micrsft Authenticatin Hw Hash Passwrds Are Stred in Windws SAM? NTLM Authenticatin Prcess Kerbers Authenticatin Passwrd Salting pwdump7 and fgdump Passwrd Cracking Tls L0phtCrack and Ophcrack Cain & Abel and RainbwCrack Passwrd Cracking Tls Passwrd Cracking Tl fr Mbile: FlexiSPY Passwrd Grabber Hw t Defend against Passwrd Cracking Implement and Enfrce Strng Security Plicy CEH System Hacking Steps Escalating Privileges Privilege Escalatin Privilege Escalatin Using DLL Hijacking Privilege Escalatin Tl: Active@ Passwrd Changer Privilege Escalatin Tls Hw t Defend Against Privilege Escalatin Executing Applicatins RemteExec PDQ Deply DameWare Remte Supprt Keylgger Types f Keystrke Lggers Hardware Keylggers Keylgger: All In One Keylgger Keylggers fr Windws Keylgger fr Mac: Amac Keylgger fr Mac Keylggers fr MAC Spyware Page 10 f 46
11 Spyware: Spytech SpyAgent Spyware: Pwer Spy 2014 What Des the Spyware D? Spyware USB Spyware: USBSpy Audi Spyware: Spy Vice Recrder and Sund Snper Vide Spyware: WebCam Recrder Cellphne Spyware: Mbile Spy Telephne/Cellphne Spyware GPS Spyware: SPYPhne GPS Spyware Hw t Defend Against Keylggers Anti-Keylgger: Zemana AntiLgger Anti-Keylgger Hw t Defend Against Spyware Hiding Files Rtkits Anti-Spyware: SUPERAntiSpyware Anti-Spyware Types f Rtkits Hw Rtkit Wrks Rtkit Avatar Necurs Azazel Detecting Rtkits ZerAccess Steps fr Detecting Rtkits Hw t Defend against Rtkits Anti-Rtkit: Stinger and UnHackMe Anti-Rtkits NTFS Data Stream Hw t Create NTFS Streams NTFS Stream Manipulatin Hw t Defend against NTFS Streams NTFS Stream Detectr: StreamArmr Page 11 f 46
12 NTFS Stream Detectrs What Is Stegangraphy? Classificatin f Stegangraphy Types f Stegangraphy based n Cver Medium Whitespace Stegangraphy Tl: SNOW Image Stegangraphy Least Significant Bit Insertin Masking and Filtering Algrithms and Transfrmatin Image Stegangraphy: QuickSteg Image Stegangraphy Tls Dcument Stegangraphy: wbsteg Dcument Stegangraphy Tls Vide Stegangraphy Vide Stegangraphy: OmniHide PRO and Masker Vide Stegangraphy Tls Audi Stegangraphy Audi Stegangraphy: DeepSund Audi Stegangraphy Tls Flder Stegangraphy: Invisible Secrets 4 Flder Stegangraphy Tls Spam/ Stegangraphy: Spam Mimic Stegangraphy Tls fr Mbile Phnes Steganalysis Steganalysis Methds/Attacks n Stegangraphy Detecting Text and Image Stegangraphy Detecting Audi and Vide Stegangraphy Stegangraphy Detectin Tl: Gargyle Investigatr Frensic Pr Stegangraphy Detectin Tls Cvering Tracks Cvering Tracks Disabling Auditing: Auditpl Clearing Lgs Manually Clearing Event Lgs Ways t Clear Online Tracks Cvering Tracks Tl: CCleaner Page 12 f 46
13 Cvering Tracks Tl: MRU-Blaster Track Cvering Tls Penetratin Testing Passwrd Cracking Privilege Escalatin Executing Applicatins Hiding Files Cvering Tracks 6. Malware Threats Intrductin t Malware Different Ways a Malware can Get int a System Cmmn Techniques Attackers Use t Distribute Malware n the Web Trjan Cncepts Financial Lss Due t Trjans What is a Trjan? Hw Hackers Use Trjans Cmmn Prts used by Trjans Hw t Infect Systems Using a Trjan Wrappers Dark Hrse Trjan Virus Maker Trjan Hrse Cnstructin Kit Crypters: AIO FUD Crypter, Hidden Sight Crypter, and Galaxy Crypter Crypters: Crigenic Crypter, Heaven Crypter, and SwayzCryptr Hw Attackers Deply a Trjan Explit Kit Explit Kit: Infinity Explit Kits: Phenix Explit Kit and Blackhle Explit Kit Explit Kits: Bleedinglife and Crimepack Evading Anti-Virus Techniques Types f Trjans Cmmand Shell Trjans Defacement Trjans Defacement Trjans: Restratr Page 13 f 46
14 Btnet Trjans Tr-based Btnet Trjans: ChewBacca Btnet Trjans: Skynet and CyberGate Prxy Server Trjans Prxy Server Trjan: W3bPrOxy Tr0j4nCr34t0r (Funny Name) FTP Trjans VNC Trjans VNC Trjans: WinVNC and VNC Stealer HTTP/HTTPS Trjans HTTP Trjan: HTTP RAT Shttpd Trjan - HTTPS (SSL) ICMP Tunneling Remte Access Trjans Optix Pr and MSucker BlackHle RAT and SSH - R.A.T njrat and Xtreme RAT SpyGate RAT and Punisher RAT DarkCmet RAT, Pandra RAT, and HellSpy RAT PrRat and Theef Hell Raiser Atelier Web Remte Cmmander Cvert Channel Trjan: CCTT E-banking Trjans Wrking f E-banking Trjans E-banking Trjan ZeuS and SpyEye Citadel Builder and Ice IX Destructive Trjans: M4sT3r Trjan Ntificatin Trjans Data Hiding Trjans (Encrypted Trjans) Virus and Wrms Cncepts Intrductin t Viruses Stages f Virus Life Wrking f Viruses: Infectin Phase Attack Phase Page 14 f 46
15 Why D Peple Create Cmputer Viruses Indicatins f Virus Attack Virus Haxes and Fake Antiviruses Ransmware Types f Viruses System r Bt Sectr Viruses File and Multipartite Viruses Macr Viruses Cluster Viruses Stealth/Tunneling Viruses Encryptin Viruses Plymrphic Cde Metamrphic Viruses File Overwriting r Cavity Viruses Sparse Infectr Viruses Cmpanin/Camuflage Viruses Shell Viruses File Extensin Viruses Add-n and Intrusive Viruses Transient and Terminate and Stay Resident Viruses Writing a Simple Virus Prgram Sam s Virus Generatr and JPS Virus Maker Andreinick05's Batch Virus Maker and DeadLine s Virus Maker Snic Bat - Batch File Virus Creatr and Pisn Virus Maker Cmputer Wrms Hw Is a Wrm Different frm a Virus? Cmputer Wrms: Ghst Eye Wrm Wrm Maker: Internet Wrm Maker Thing Malware Reverse Engineering What is Sheep Dip Cmputer? Anti-Virus Sensr Systems Malware Analysis Prcedure: Preparing Testbed Malware Analysis Prcedure Malware Analysis Tl: IDA Pr Online Malware Testing: VirusTtal Online Malware Analysis Services Page 15 f 46
16 Trjan Analysis: Neverquest Virus Analysis: Ransm Cryptlcker Wrm Analysis: Darllz (Internet f Things (IT) Wrm) Malware Detectin Hw t Detect Trjans Scanning fr Suspicius Prts Tls: TCPView and CurrPrts Scanning fr Suspicius Prcesses Prcess Mnitring Tl: What's Running Prcess Mnitring Tls Scanning fr Suspicius Registry Entries Registry Entry Mnitring Tl: RegScanner Registry Entry Mnitring Tls Scanning fr Suspicius Device Drivers Device Drivers Mnitring Tl: DriverView Device Drivers Mnitring Tls Scanning fr Suspicius Windws Services Windws Services Mnitring Tl: Windws Service Manager (SrvMan) Windws Services Mnitring Tls Scanning fr Suspicius Startup Prgrams Windws 8 Startup Registry Entries Startup Prgrams Mnitring Tl: Security AutRun Startup Prgrams Mnitring Tls Scanning fr Suspicius Files and Flders Files and Flder Integrity Checker: FastSum and WinMD5 Files and Flder Integrity Checker Scanning fr Suspicius Netwrk Activities Detecting Trjans and Wrms with Capsa Netwrk Analyzer Virus Detectin Methds Cuntermeasures Trjan Cuntermeasures Backdr Cuntermeasures Virus and Wrms Cuntermeasures Anti-Malware Sftware Anti-Trjan Sftware Page 16 f 46
17 TrjanHunter Emsisft Anti-Malware Anti-Trjan Sftware Cmpanin Antivirus: Immunet Anti-virus Tls Penetratin Testing Pen Testing fr Trjans and Backdrs Penetratin Testing fr Virus 7. Sniffing Sniffing Cncepts Netwrk Sniffing and Threats Hw a Sniffer Wrks Types f Sniffing Passive Sniffing Active Sniffing Hw an Attacker Hacks the Netwrk Using Sniffers Prtcls Vulnerable t Sniffing Sniffing in the Data Link Layer f the OSI Mdel Hardware Prtcl Analyzer Hardware Prtcl Analyzers SPAN Prt Wiretapping Lawful Interceptin Wiretapping Case Study: PRISM MAC Attacks MAC Address/CAM Table Hw CAM Wrks What Happens When CAM Table Is Full? MAC Flding Mac Flding Switches with macf Switch Prt Stealing Hw t Defend against MAC Attacks Page 17 f 46
18 DHCP Attacks Hw DHCP Wrks DHCP Request/Reply Messages IPv4 DHCP Packet Frmat DHCP Starvatin Attack DHCP Starvatin Attack Tls Rgue DHCP Server Attack Hw t Defend Against DHCP Starvatin and Rgue Server Attack ARP Pisning What Is Address Reslutin Prtcl (ARP)? ARP Spfing Attack Hw Des ARP Spfing Wrk Threats f ARP Pisning ARP Pisning Tl Cain & Abel and WinArpAttacker Ufasft Snif Hw t Defend Against ARP Pisning Cnfiguring DHCP Snping and Dynamic ARP Inspectin n Cisc Switches ARP Spfing Detectin: XArp Spfing Attack MAC Spfing/Duplicating MAC Spfing Technique: Windws MAC Spfing Tl: SMAC IRDP Spfing Hw t Defend Against MAC Spfing DNS Pisning DNS Pisning Techniques Intranet DNS Spfing Internet DNS Spfing Prxy Server DNS Pisning DNS Cache Pisning Hw t Defend Against DNS Spfing Sniffing Tls Sniffing Tl: Wireshark Fllw TCP Stream in Wireshark Display Filters in Wireshark Page 18 f 46
19 Additinal Wireshark Filters Sniffing Tl SteelCentral Packet Analyzer Tcpdump/Windump Packet Sniffing Tl: Capsa Netwrk Analyzer Netwrk Packet Analyzer OmniPeek Netwrk Analyzer Observer Sniff-O-Matic TCP/IP Packet Crafter: Clasft Packet Builder Netwrk Packet Analyzer: RSA NetWitness Investigatr Additinal Sniffing Tls Packet Sniffing Tls fr Mbile: Wi.cap. Netwrk Sniffer Pr and FaceNiff Cunter measures Hw t Defend Against Sniffing Sniffing Detectin Techniques Hw t Detect Sniffing Sniffer Detectin Technique Ping Methd ARP Methd DNS Methd Prmiscuus Detectin Tl PrmqryUI Nmap Sniffing Pen Testing 8. Scial Engineering Scial Engineering Cncepts What is Scial Engineering? Behavirs Vulnerable t Attacks Factrs that Make Cmpanies Vulnerable t Attacks Why Is Scial Engineering Effective? Warning Signs f an Attack Page 19 f 46
20 Phases in a Scial Engineering Attack Scial Engineering Techniques Types f Scial Engineering Human-based Scial Engineering Impersnatin Impersnatin Scenari Over-Helpfulness f Help Desk Third-party Authrizatin Tech Supprt Internal Emplyee/Client/Vendr Repairman Trusted Authrity Figure Eavesdrpping and Shulder Surfing Dumpster Diving Reverse Scial Engineering, Piggybacking, and Tailgating Watch these Mvies Watch this Mvie Cmputer-based Scial Engineering Phishing Spear Phishing Mbile-based Scial Engineering Publishing Malicius Apps Repackaging Legitimate Apps Fake Security Applicatins Using SMS Insider Attack Disgruntled Emplyee Preventing Insider Threats Cmmn Scial Engineering Targets and Defense Strategies Impersnatin n Scial Netwrking Sites Scial Engineering Thrugh Impersnatin n Scial Netwrking Sites Scial Engineering n Facebk Scial Engineering n LinkedIn and Twitter Risks f Scial Netwrking t Crprate Netwrks Identity Theft Identity Theft Statistics Page 20 f 46
21 Identify Theft Hw t Steal an Identity STEP 1 STEP 2 Cmparisn STEP 3 Real Steven Gets Huge Credit Card Statement Identity Theft - Serius Prblem Scial Engineering Cuntermeasures Hw t Detect Phishing s Anti-Phishing Tlbar Netcraft PhishTank Identity Theft Cuntermeasures Penetratin Testing Scial Engineering Pen Testing Using s Using Phne In Persn Scial Engineering Tlkit (SET) 9. Denial-f-Service DS/DDS Cncepts DDS Attack Trends What is a Denial f Service Attack? What Are Distributed Denial f Service Attacks? Hw Distributed Denial f Service Attacks Wrk DS/DDS Attack Techniques Basic Categries f DS/DDS Attack Vectrs DS/DDS Attack Techniques Bandwidth Attacks Service Request Flds Page 21 f 46
22 SYN Attack SYN Flding ICMP Fld Attack Peer-t-Peer Attacks Permanent Denial-f-Service Attack Applicatin Level Fld Attacks Distributed Reflectin Denial f Service (DRDS) Btnets Organized Cyber Crime: Organizatinal Chart Btnet A Typical Btnet Setup Btnet Ecsystem Scanning Methds fr Finding Vulnerable Machines Hw Malicius Cde Prpagates? Btnet Trjan Blackshades NET Cythsia Btnet and Andrmeda Bt PlugBt DDS Case Study DDS Attack Hackers Advertise Links t Dwnlad Btnet DS/DDS Attack Tls Pandra DDS Bt Tlkit Dereil and HOIC DS HTTP and BanglaDs DS and DDS Attack Tls DS and DDS Attack Tl fr Mbile AnDOSid Lw Orbit In Cannn (LOIC) Cunter-measures Detectin Techniques Activity Prfiling Wavelet Analysis Sequential Change-Pint Detectin DS/DDS Cuntermeasure Strategies DDS Attack Cuntermeasures Page 22 f 46
23 Prtect Secndary Victims Detect and Neutralize Handlers Detect Ptential Attacks Deflect Attacks Mitigate Attacks Pst-Attack Frensics Techniques t Defend against Btnets DS/DDS Cuntermeasures DS/DDS Prtectin at ISP Level Enabling TCP Intercept n Cisc IOS Sftware Advanced DDS Prtectin Appliances DS/DDS Prtectin Tls DS/DDS Prtectin Tl: FrtGuard Anti-DDS Firewall 2014 DS/DDS Prtectin Tls DS/DDS Attack Penetratin Testing 10. Sessin Hijacking Sessin Hijacking Cncepts What is Sessin Hijacking? Why Sessin Hijacking is Successful? Sessin Hijacking Prcess Packet Analysis f a Lcal Sessin Hijack Types f Sessin Hijacking Sessin Hijacking in OSI Mdel Spfing vs. Hijacking Applicatin Level Sessin Hijacking Cmprmising Sessin IDs using Sniffing Cmprmising Sessin IDs by Predicting Sessin Tken Hw t Predict a Sessin Tken Cmprmising Sessin IDs Using Man-in-the-Middle Attack Cmprmising Sessin IDs Using Man-in-the-Brwser Attack Steps t Perfrm Man-in-the-Brwser Attack Cmprmising Sessin IDs Using Client-side Attacks Page 23 f 46
24 Cmprmising Sessin IDs Using Client-side Attacks: Crss-site Script Attack Cmprmising Sessin IDs Using Client-side Attacks: Crss-site Request Frgery Attack Cmprmising Sessin IDs Using Sessin Replay Attack Cmprmising Sessin IDs Using Sessin Fixatin Sessin Fixatin Attack Sessin Hijacking Using Prxy Servers Netwrk-level Sessin Hijacking The 3-Way Handshake TCP/IP Hijacking TCP/IP Hijacking Prcess IP Spfing: Surce Ruted Packets RST Hijacking Blind Hijacking MiTM Attack Using Frged ICMP and ARP Spfing UDP Hijacking Sessin Hijacking Tls Sessin Hijacking Tl Zaprxy Burp Suite and Hijack Sessin Hijacking Tls Sessin Hijacking Tls fr Mbile: DridSheep and DridSniff Cunter-measures Sessin Hijacking Detectin Methds Prtecting against Sessin Hijacking Methds t Prevent Sessin Hijacking T be Fllwed by Web Develpers T be Fllwed by Web Users Appraches Vulnerable t Sessin Hijacking and their Preventative Slutins IPSec Mdes f IPsec IPsec Architecture IPsec Authenticatin and Cnfidentiality Cmpnents f IPsec Sessin Hijacking Pen Testing Page 24 f 46
25 11. Hacking Webservers Webserver Cncepts Web Server Security Issue Why Web Servers Are Cmprmised Impact f Webserver Attacks Open Surce Webserver Architecture IIS Webserver Architecture Webserver Attacks DS/DDS Attacks DNS Server Hijacking DNS Amplificatin Attack Directry Traversal Attacks Man-in-the-Middle/Sniffing Attack Phishing Attacks Website Defacement Webserver Miscnfiguratin Webserver Miscnfiguratin Example HTTP Respnse Splitting Attack Web Cache Pisning Attack SSH Brutefrce Attack Webserver Passwrd Cracking Webserver Passwrd Cracking Techniques Web Applicatin Attacks Attack Methdlgy Webserver Attack Methdlgy Infrmatin Gathering Infrmatin Gathering frm Rbts.txt File Webserver Ftprinting Webserver Ftprinting Tls Enumerating Webserver Infrmatin Using Nmap Webserver Attack Methdlgy Mirrring a Website Vulnerability Scanning Page 25 f 46
26 Sessin Hijacking Hacking Web Passwrds Webserver Attack Tls Metasplit Metasplit Architecture Metasplit Explit Mdule Metasplit Paylad Mdule Metasplit Auxiliary Mdule Metasplit NOPS Mdule Webserver Attack Tls: Wfetch Web Passwrd Cracking Tl: THC-Hydra and Brutus Cunter-measures Place Web Servers in Separate Secure Server Security Segment n Netwrk Cuntermeasures Patches and Updates Prtcls Accunts Files and Directries Detecting Web Server Hacking Attempts Hw t Defend Against Web Server Attacks Hw t Defend against HTTP Respnse Splitting and Web Cache Pisning Hw t Defend against DNS Hijacking Patch Management Patches and Htfixes What Is Patch Management? Identifying Apprpriate Surces fr Updates and Patches Installatin f a Patch Implementatin and Verificatin f a Security Patch r Upgrade Patch Management Tl: Micrsft Baseline Security Analyzer (MBSA) Patch Management Tls Webserver Security Tls Web Applicatin Security Scanner: Syhunt Dynamic and N-Stalker Web Applicatin Security Scanner Web Server Security Scanner: Wikt and Acunetix Web Vulnerability Scanner Web Server Malware Infectin Mnitring Tl HackAlert Page 26 f 46
27 QualysGuard Malware Detectin Webserver Security Tls Webserver Pen Testing Web Server Pen Testing Tl CORE Impact Pr Immunity CANVAS Arachni 12. Hacking Web Applicatins Web App Cncepts Intrductin t Web Applicatins Hw Web Applicatins Wrk? Web Applicatin Architecture Web 2.0 Applicatins Vulnerability Stack Web App Threats Unvalidated Input Parameter/Frm Tampering Directry Traversal Security Miscnfiguratin Injectin Flaws SQL Injectin Attacks Cmmand Injectin Attacks Cmmand Injectin Example File Injectin Attack What is LDAP Injectin? Hw LDAP Injectin Wrks? Hidden Field Manipulatin Attack Crss-Site Scripting (XSS) Attacks Hw XSS Attacks Wrk Crss-Site Scripting Attack Scenari: Attack via XSS Example: Attack via XSS Example: Stealing Users' Ckies Page 27 f 46
28 XSS Example: Sending an Unauthrized Request XSS Attack in Blg Psting XSS Attack in Cmment Field Websites Vulnerable t XSS Attack Crss-Site Request Frgery (CSRF) Attack Hw CSRF Attacks Wrk? Web Applicatin Denial-f-Service (DS) Attack Denial f Service (DS) Examples Buffer Overflw Attacks Ckie/Sessin Pisning Hw Ckie Pisning Wrks? Sessin Fixatin Attack CAPTCHA Attacks Insufficient Transprt Layer Prtectin Imprper Errr Handling Insecure Cryptgraphic Strage Brken Authenticatin and Sessin Management Unvalidated Redirects and Frwards Web Services Architecture Web Services Attack Web Services Ftprinting Attack Web Services XML Pisning Web App Hacking Methdlgy Ftprint Web Infrastructure Server Discvery Service Discvery Server Identificatin/Banner Grabbing Detecting Web App Firewalls and Prxies n Target Site Hidden Cntent Discvery Web Spidering Using Burp Suite Web Crawling Using Mzenda Web Agent Builder Attack Web Servers Hacking Web Servers Web Server Hacking Tl: WebInspect Analyze Web Applicatins Identify Entry Pints fr User Input Page 28 f 46
29 Identify Server-Side Technlgies Identify Server-Side Functinality Map the Attack Surface Attack Authenticatin Mechanism Username Enumeratin Passwrd Attacks Passwrd Functinality Explits Passwrd Guessing Brute-frcing Sessin Attacks: Sessin ID Predictin/ Brute-frcing Ckie Explitatin: Ckie Pisning Authrizatin Attack Schemes Authrizatin Attack HTTP Request Tampering Authrizatin Attack: Ckie Parameter Tampering Attack Sessin Management Mechanism Sessin Management Attack Attacking Sessin Tken Generatin Mechanism Attacking Sessin Tkens Handling Mechanism: Sessin Tken Sniffing Perfrm Injectin Attacks Injectin Attacks/Input Validatin Attacks Attack Data Cnnectivity Cnnectin String Injectin Cnnectin String Parameter Pllutin (CSPP) Attacks Cnnectin Pl DS Attack Web App Client Attack Web Services Web Services Prbing Attacks Web Service Attacks SOAP Injectin XML Injectin Web Services Parsing Attacks Web Service Attack Tl: sapui and XMLSpy Web Applicatin Hacking Tls Web Applicatin Hacking Tls Burp Suite Prfessinal Page 29 f 46
30 CkieDigger WebScarab Web Applicatin Hacking Tls Cuntermeasures Encding Schemes Hw t Defend Against SQL Injectin Attacks? Hw t Defend Against Cmmand Injectin Flaws? Hw t Defend Against XSS Attacks? Hw t Defend Against DS Attack? Hw t Defend Against Web Services Attack? Guidelines fr Secure CAPTCHA Implementatin Web Applicatin Cuntermeasures Hw t Defend Against Web Applicatin Attacks? Security Tls Web Applicatin Security Tl Acunetix Web Vulnerability Scanner Watcher Web Security Tl Netsparker N-Stalker Web Applicatin Security Scanner VampireScan Web Applicatin Security Tls Web Applicatin Firewall dtdefender ServerDefender VP Web Applicatin Firewall Web App Pen Testing Web Applicatin Pen Testing Infrmatin Gathering Cnfiguratin Management Testing Authenticatin Testing Sessin Management Testing Authrizatin Testing Data Validatin Testing Denial f Service Testing Web Services Testing AJAX Testing Page 30 f 46
31 Web Applicatin Pen Testing Framewrk Kali Linux Metasplit Brwser Explitatin Framewrk (BeEF) PwerSplit 13. SQL Injectin SQL Injectin Cncepts What is SQL Injectin? Why Bther abut SQL Injectin? Hw Web Applicatins Wrk? SQL Injectin and Server-side Technlgies Understanding HTTP Pst Request Example: Nrmal SQL Query Understanding an SQL Injectin Query Cde Analysis Example f a Web App Vulnerable t SQL Injectin BadPrductList.aspx Attack Analysis Example f SQL Injectin Updating Table Adding New Recrds Identifying the Table Name Deleting a Table Types f SQL Injectin Errr Based SQL Injectin Unin SQL Injectin Blind SQL Injectin N Errr Messages Returned Blind SQL Injectin: WAITFOR DELAY (YES r NO Respnse) Blean Explitatin Technique SQL Injectin Methdlgy Infrmatin Gathering and SQL Injectin Vulnerability Detectin Infrmatin Gathering Page 31 f 46
32 Identifying Data Entry Paths Extracting Infrmatin thrugh Errr Messages Testing fr SQL Injectin Additinal Methds t Detect SQL Injectin SQL Injectin Black Bx Pen Testing Surce Cde Review t Detect SQL Injectin Vulnerabilities Launch SQL Injectin Attacks Perfrm Unin SQL Injectin Perfrm Errr Based SQL Injectin Perfrm Errr Based SQL Injectin: Using Stred Prcedure Injectin Bypass Website Lgins Using SQL Injectin Perfrm Blind SQL Injectin Explitatin (MySQL) Blind SQL Injectin Extract Database User Extract Database Name Extract Clumn Name Extract Data frm ROWS Perfrm Duble Blind SQL Injectin - Classical Explitatin (MySQL) Perfrm Blind SQL Injectin Using Out f Band Explitatin Technique Expliting Secnd-Order SQL Injectin Advanced SQL Injectin SQL Injectin Tls BSQLHacker Database, Table, and Clumn Enumeratin Advanced Enumeratin Features f Different DBMSs Creating Database Accunts Passwrd Grabbing Grabbing SQL Server Hashes Extracting SQL Hashes (In a Single Statement) Transfer Database t Attacker's Machine Interacting with the Operating System Interacting with the File System Netwrk Recnnaissance Using SQL Injectin Netwrk Recnnaissance Full Query Page 32 f 46
33 Marathn Tl SQL Pwer Injectr Havij SQL Injectin Tls SQL Injectin Tl fr Mbile DridSQLi sqlmapchik Evasin Techniques Evading IDS Types f Signature Evasin Techniques Evasin Technique Sphisticated Matches Hex Encding Manipulating White Spaces In-line Cmment Char Encding String Cncatenatin Obfuscated Cdes Cunter-measures Hw t Defend Against SQL Injectin Attacks? Hw t Defend Against SQL Injectin Attacks: Use Type-Safe SQL Parameters Hw t Defend Against SQL Injectin Attacks SQL Injectin Detectin Tl dtdefender IBM Security AppScan WebCruiser Snrt Rule t Detect SQL Injectin Attacks SQL Injectin Detectin Tls 15. Hacking Wireless Netwrks Wireless Cncepts Wireless Terminlgies Wireless Netwrks Wi-Fi Netwrks at Hme and Public Places Page 33 f 46
34 Wireless Technlgy Statistics Types f Wireless Netwrks Wireless Standards Service Set Identifier (SSID) Wi-Fi Authenticatin Mdes Wi-Fi Authenticatin Prcess Using a Centralized Authenticatin Server Wi-Fi Chalking Wi-Fi Chalking Symbls Types f Wireless Antenna Parablic Grid Antenna Wireless Encryptin Types f Wireless Encryptin WEP Encryptin Hw WEP Wrks? What is WPA? Hw WPA Wrks? Tempral Keys What is WPA2? WEP vs. WPA vs. WPA2 WEP Issues Hw WPA2 Wrks? Weak Initializatin Vectrs (IV) Hw t Break WEP Encryptin? Hw t Break WPA Encryptin? Hw t Defend Against WPA Cracking? Wireless Threats Access Cntrl Attacks Integrity Attacks Cnfidentiality Attacks Availability Attacks Authenticatin Attacks Rgue Access Pint Attack Client Mis-assciatin Miscnfigured Access Pint Attack Unauthrized Assciatin Ad Hc Cnnectin Attack Page 34 f 46
35 HneySpt Access Pint Attack AP MAC Spfing Denial-f-Service Attack Jamming Signal Attack Wi-Fi Jamming Devices Wireless Hacking Methdlgy Wi-Fi Discvery Ftprint the Wireless Netwrk Find Wi-Fi Netwrks t Attack Wi-Fi Discvery Tl inssider and NetSurveyr Vistumbler and NetStumbler Wi-Fi Discvery Tls Mbile-based Wi-Fi Discvery Tl GPS Mapping GPS Mapping Tl WIGLE Skyhk Wi-Fi Htspt Finder Wi-Fi Finder WeFi Hw t Discver Wi-Fi Netwrk Using Wardriving? Wireless Traffic Analysis Wireless Cards and Chipsets Wi-Fi USB Dngle: AirPcap Wi-Fi Packet Sniffer Wireshark with AirPcap SteelCentral Packet Analyzer OmniPeek Netwrk Analyzer CmmView fr Wi-Fi What is Spectrum Analysis? Wi-Fi Packet Sniffers Launch Wireless Attacks Aircrack-ng Suite Hw t Reveal Hidden SSIDs Fragmentatin Attack Page 35 f 46
36 Hw t Launch MAC Spfing Attack? Denial f Service: Deauthenticatin and Disassciatin Attacks Man-in-the-Middle Attack MITM Attack Using Aircrack-ng Wireless ARP Pisning Attack Rgue Access Pint Evil Twin Crack Wi-Fi Encryptin Hw t Set Up a Fake Htspt (Evil Twin)? Hw t Crack WEP Using Aircrack Hw t Crack WPA-PSK Using Aircrack WPA Cracking Tl: KisMAC WEP Cracking Using Cain & Abel WPA Brute Frcing Using Cain & Abel WPA Cracking Tl: Elcmsft Wireless Security Auditr WEP/WPA Cracking Tls WEP/WPA Cracking Tl fr Mbile: Penetrate Pr Wireless Hacking Tls Wi-Fi Sniffer: Kismet Wardriving Tls RF Mnitring Tls Wi-Fi Traffic Analyzer Tls Wi-Fi Raw Packet Capturing and Spectrum Analyzing Tls Wireless Hacking Tls fr Mbile: HackWifi and Backtrack Simulatr Bluetth Hacking Bluetth Stack Bluetth Threats Hw t BlueJack a Victim? Bluetth Hacking Tl Super Bluetth Hack PhneSnp BlueScanner Bluetth Hacking Tls Cunter-measures Hw t Defend Against Bluetth Hacking? Hw t Detect and Blck Rgue AP? Page 36 f 46
37 Wireless Security Layers Hw t Defend Against Wireless Attacks? Wireless Security Tls Wireless Intrusin Preventin Systems Wireless IPS Deplyment Wi-Fi Security Auditing Tl AirMagnet WiFi Analyzer Mtrla s AirDefense Services Platfrm (ADSP) Adaptive Wireless IPS Aruba RFPrtect Wi-Fi Intrusin Preventin System Wi-Fi Predictive Planning Tls Wi-Fi Vulnerability Scanning Tls Bluetth Security Tl: Bluetth Firewall Wi-Fi Security Tls fr Mbile: Wifi Prtectr, WiFiGuard, and Wifi Inspectr Wi-Fi Pen Testing Wireless Penetratin Testing Wireless Penetratin Testing Framewrk Wi-Fi Pen Testing Framewrk Pen Testing LEAP Encrypted WLAN Pen Testing WPA/WPA2 Encrypted WLAN Pen Testing WEP Encrypted WLAN Pen Testing Unencrypted WLAN 16. Hacking Mbile Platfrms Mbile Platfrm Attack Vectrs Vulnerable Areas in Mbile Business Envirnment OWASP Mbile Tp 10 Risks Anatmy f a Mbile Attack Hw a Hacker can Prfit frm Mbile when Successfully Cmprmised Mbile Attack Vectrs Mbile Platfrm Vulnerabilities and Risks Security Issues Arising frm App Stres Page 37 f 46
38 App Sandbxing Issues Mbile Spam SMS Phishing Attack (SMiShing) (Targeted Attack Scan) Why SMS Phishing is Effective? SMS Phishing Attack Examples Pairing Mbile Devices n Open Bluetth and Wi-Fi Cnnectins Hacking Andrid OS Andrid OS Andrid OS Architecture Andrid Device Administratin API Andrid Vulnerabilities Andrid Rting Hacking ios Rting Andrid Phnes using SuperOneClick Rting Andrid Phnes Using Superbt Andrid Rting Tls Hacking Netwrks Using Netwrk Spfer Sessin Hijacking Using DridSheep Andrid-based Sniffer FaceNiff Packet Sniffer, tpacketcapture, and Andrid PCAP Andrid Trjan ZitM (ZeuS-in-the-Mbile) FakeTken and TRAMP.A Fakedefender and Obad FakeInst and OpFake AndrRAT and Dendrid Securing Andrid Devices Ggle Apps Device Plicy Remte Wipe Service: Remte Wipe Andrid Security Tl DridSheep Guard TrustG Mbile Security and Sphs Mbile Security 360 Security, AVL, and Avira Antivirus Security Andrid Vulnerability Scanner: X-Ray Andrid Device Tracking Tls Page 38 f 46
39 Apple ios Jailbreaking ios Types f Jailbreaking Jailbreaking Techniques App Platfrm fr Jailbraken Devices: Cydia Jailbreaking Tl: Pangu Untethered Jailbreaking f ios 7.1.1/7.1.2 Using Pangu fr Mac Jailbreaking Tls Redsn0w and Absinthe evasi0n7 and GeekSn0w Sn0wbreeze and PwnageTl LimeRa1n and Blackra1n Guidelines fr Securing ios Devices ios Device Tracking Tls Hacking Windws Phne OS Windws Phne 8 Architecture Secure Bt Prcess Guidelines fr Securing Windws OS Devices Windws OS Device Tracking Tl: FllwMee GPS Tracker Hacking BlackBerry BlackBerry Operating System BlackBerry Enterprise Slutin Architecture Blackberry Attack Vectrs Malicius Cde Signing JAD File Explits and Memry/ Prcesses Manipulatins Shrt Message Service (SMS) Explits Explits PIM Data Attacks and TCP/IP Cnnectins Vulnerabilities Guidelines fr Securing BlackBerry Devices BlackBerry Device Tracking Tls: MbileTracker and Psitin Lgic Blackberry Tracker Mbile Spyware: mspy and StealthGenie Mbile Spyware Mbile Device Management (MDM) MDM Slutin: MaaS360 Mbile Device Management (MDM) MDM Slutins Page 39 f 46
40 Bring Yur Own Device (BYOD) BYOD Risks BYOD Plicy Implementatin BYOD Security Guidelines fr Administratr BYOD Security Guidelines fr Emplyee Mbile Security Guidelines and Tls General Guidelines fr Mbile Platfrm Security Mbile Device Security Guidelines fr Administratr SMS Phishing Cuntermeasures Mbile Prtectin Tl BullGuard Mbile Security Lkut WISeID zips Mbile Prtectin Tls Mbile Anti-Spyware Mbile Pen Testing Andrid Phne Pen Testing iphne Pen Testing Windws Phne Pen Testing BlackBerry Pen Testing Mbile Pen Testing Tlkit zanti dsplit Hackde (The Hacker's Tlbx) 16. Evading IDS, Firewalls, and Hneypts IDS, Firewall and Hneypt Cncepts Intrusin Detectin Systems (IDS) and their Placement Hw IDS Wrks? Ways t Detect an Intrusin General Indicatins f Intrusins General Indicatins f System Intrusins Types f Intrusin Detectin Systems Page 40 f 46
41 Firewall System Integrity Verifiers (SIV) Firewall Architecture DeMilitarized Zne (DMZ) Types f Firewall Hneypt Packet Filtering Firewall Circuit-Level Gateway Firewall Applicatin-Level Firewall Stateful Multilayer Inspectin Firewall Types f Hneypts IDS, Firewall and Hneypt System Intrusin Detectin Tl: Snrt Snrt Rules Rule Actins and IP Prtcls The Directin Operatr and IP Addresses Prt Numbers Intrusin Detectin Systems: Tipping Pint Intrusin Detectin Tls Intrusin Detectin Tls fr Mbile Firewall ZneAlarm PRO Firewall 2015 Cmd Firewall Firewalls Firewalls fr Mbile: Andrid Firewall and Firewall ip Firewalls fr Mbile Hneypt Tl: KFSensr and SPECTER Hneypt Tls Hneypt Tl fr Mbile: HsTaGe Evading IDS Insertin Attack Evasin Denial-f-Service Attack (DS) Obfuscating False Psitive Generatin Sessin Splicing Page 41 f 46
42 Unicde Evasin Technique Fragmentatin Attack Overlapping Fragments Time-T-Live Attacks Invalid RST Packets Urgency Flag Plymrphic Shellcde ASCII Shellcde Applicatin-Layer Attacks Desynchrnizatin - Pre Cnnectin SYN Desynchrnizatin - Pst Cnnectin SYN Other Types f Evasin Evading Firewalls Firewall Identificatin Prt Scanning Firewalking Banner Grabbing IP Address Spfing Surce Ruting Tiny Fragments Bypass Blcked Sites Using IP Address in Place f URL Bypass Blcked Sites Using Annymus Website Surfing Sites Bypass a Firewall Using Prxy Server Bypassing Firewall thrugh ICMP Tunneling Methd Bypassing Firewall thrugh ACK Tunneling Methd Bypassing Firewall thrugh HTTP Tunneling Methd Why d I Need HTTP Tunneling HTTP Tunneling Tls HTTPrt and HTTHst Super Netwrk Tunnel HTTP-Tunnel Bypassing Firewall thrugh SSH Tunneling Methd SSH Tunneling Tl: Bitvise Bypassing Firewall thrugh External Systems Bypassing Firewall thrugh MITM Attack Bypassing Firewall thrugh Cntent Page 42 f 46
43 IDS/Firewall Evading Tls IDS/Firewall Evasin Tl Traffic IQ Prfessinal tcp-ver-dns IDS/Firewall Evasin Tls Packet Fragment Generatr: Clasft Packet Builder Packet Fragment Generatrs Detecting Hneypts Detecting Hneypts Hneypt Detecting Tl: Send-Safe Hneypt Hunter IDS/Firewall Evasin Cunter-measures Cuntermeasures Penetratin Testing Firewall/IDS Penetratin Testing Firewall Penetratin Testing IDS Penetratin Testing 17. Clud Cmputing Intrductin t Clud Cmputing Types f Clud Cmputing Services Separatin f Respnsibilities in Clud Clud Deplyment Mdels NIST Clud Cmputing Reference Architecture Clud Cmputing Benefits Understanding Virtualizatin Benefits f Virtualizatin in Clud Clud Cmputing Threats Clud Cmputing Attacks Service Hijacking using Scial Engineering Attacks Service Hijacking using Netwrk Sniffing Sessin Hijacking using XSS Attack Sessin Hijacking using Sessin Riding Dmain Name System (DNS) Attacks Side Channel Attacks r Crss-guest VM Breaches Page 43 f 46
44 Side Channel Attack Cuntermeasures SQL Injectin Attacks Cryptanalysis Attacks Cryptanalysis Attack Cuntermeasures Wrapping Attack Denial-f-Service (DS) and Distributed Denial-f-Service (DDS) Attacks Clud Security Clud Security Cntrl Layers Clud Security is the Respnsibility f bth Clud Prvider and Cnsumer Clud Cmputing Security Cnsideratins Placement f Security Cntrls in the Clud Best Practices fr Securing Clud NIST Recmmendatins fr Clud Security Organizatin/Prvider Clud Security Cmpliance Checklist Clud Security Tls Cre CludInspect CludPassage Hal Clud Security Tls Clud Penetratin Testing What is Clud Pen Testing? Key Cnsideratins fr Pen Testing in the Clud Scpe f Clud Pen Testing Clud Penetratin Testing Recmmendatins fr Clud Testing 18. Cryptgraphy Market Survey 2014: The Year f Encryptin Case Study: Heartbleed Case Study: Pdlebleed Cryptgraphy Cncepts Cryptgraphy Types f Cryptgraphy Gvernment Access t Keys (GAK) Encryptin Algrithms Ciphers Page 44 f 46
45 Data Encryptin Standard (DES) Advanced Encryptin Standard (AES) RC4, RC5, RC6 Algrithms The DSA and Related Signature Schemes RSA (Rivest Shamir Adleman) The RSA Signature Scheme Example f RSA Algrithm Message Digest (One-way Hash) Functins Message Digest Functin: MD5 Secure Hashing Algrithm (SHA) What is SSH (Secure Shell)? Cryptgraphy Tls MD5 Hash Calculatrs: HashCalc, MD5 Calculatr and HashMyFiles Hash Calculatrs fr Mbile: MD5 Hash Calculatr, Hash Drid, and Hash Calculatr Cryptgraphy Tl Advanced Encryptin Package 2014 BCTextEncder Cryptgraphy Tls Cryptgraphy Tls fr Mbile: Secret Space Encryptr, CryptSymm, and Cipher Sender Public Key Infrastructure(PKI) Certificatin Authrities Signed Certificate (CA) Vs. Self Signed Certificate Encryptin Digital Signature SSL (Secure Sckets Layer) Transprt Layer Security (TLS) Cryptgraphy Tlkit OpenSSL Keyczar Pretty Gd Privacy (PGP) Disk Encryptin Disk Encryptin Tls: Symantec Drive Encryptin and GiliSft Full Disk Encryptin Disk Encryptin Tls Page 45 f 46
46 Cryptgraphy Attacks Cde Breaking Methdlgies Brute-Frce Attack Meet-in-the-Middle Attack n Digital Signature Schemes Side Channel Attack Side Channel Attack - Scenari Cryptanalysis Tls Cryptanalysis Tl: CrypTl Cryptanalysis Tls Online MD5 Decryptin Tl Page 46 f 46
COURSE DETAILS. Introduction to Ethical Hacking. FootPrinting. What is Hacking. Who is a Hacker. Skills of a Hacker.
COURSE DETAILS Intrductin t Ethical Hacking What is Hacking Wh is a Hacker Skills f a Hacker Types f Hackers Reasns fr Hacking Wh are at the risk f Hacking attacks Effects f Cmputer Hacking n an rganizatin
More informationEC-Council. Ethical Hacking and Countermeasures (version 8) (Exam-312-50)
EC-Cuncil Ethical Hacking and Cuntermeasures (versin 8) Duratin: 5 Days Curse Descriptin: This class will immerse the students int an interactive envirnment where they will be shwn hw t scan, test, hack
More informationCertified Ethical Hacker version 8
Hackers will hit yu frm anywhere Certified Ethical Hacker versin 8 Ethical Hacking & Cunter Measures 5-days Instructr Led Training/Wrkshp Overview T beat a hacker, yu need t think like ne! This is exactly
More informationWho Should attend? Application Developers,Network Engineers, IT Professionals, Engineering Students, Professors
Natinal Technlgy Awareness Campaign (Asia s Largest Campaign fr Autmbile and IT Technlgy) Organized By: SGT Internatinal, Metawing Technlgies (P) Ltd Initiative f Hack Track Andrid and Applicatin Develpment
More informationCH EHC EC-Council Ethical Hacking and Countermeasures [v.9]
CH EHC EC-Council Ethical Hacking and [v.9] Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Intermediate Ethical Hacking Core Delivery
More informationCNS-205: Citrix NetScaler 11 Essentials and Networking
CNS-205: Citrix NetScaler 11 Essentials and Netwrking Overview The bjective f the Citrix NetScaler 11 Essentials and Netwrking curse is t prvide the fundatinal cncepts and skills necessary t implement,
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More informationCorporate Account Takeover & Information Security Awareness
Crprate Accunt Takever & Infrmatin Security Awareness What is Crprate Accunt Takever? A fast grwing electrnic crime where thieves typically use sme frm f malware t btain lgin credentials t Crprate Online
More informationEthical Hacking & Countermeasure Specialist. Course Title: Ethical Hacking & Countermeasure Specialist: Web Applications and Data Servers
Ethical Hacking & Cuntermeasure Specialist Curse Title: Ethical Hacking & Cuntermeasure Specialist: Web Applicatins and Data Servers Page 1 f 15 Web Applicatins and Data Servers Cpyright by EC-Cuncil All
More informationServ-U Distributed Architecture Guide
Serv-U Distributed Architecture Guide Hrizntal Scaling and Applicatin Tiering fr High Availability, Security, and Perfrmance Serv-U Distributed Architecture Guide v14.0.1.0 Page 1 f 16 Intrductin Serv-U
More informationCNS-205 Citrix NetScaler 10.5 Essentials and Networking
CNS-205 Citrix NetScaler 10.5 Essentials and Netwrking Descriptin: The bjective f the Citrix NetScaler 10.5 Essentials and Netwrking curse is t prvide the fundatinal cncepts and advanced skills necessary
More informationCNS-300-2I Advanced Administration for Citrix NetScaler 9.0 Platinum Edition
CNS-300-2I Advanced Administratin fr Citrix NetScaler 9.0 Platinum Editin This curse prvides the fundatin t manage, cnfigure and mnitr advanced features and cmpnents f Citrix NetScaler 9.0 Platinum Editin.
More informationConfiguring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp
Cnfiguring, Mnitring and Deplying a Private Clud with System Center 2012 Bt Camp Length: 5 Days Technlgy: Micrsft System Center 2012 Delivery Methd: Instructr-led Hands-n Audience Prfile This curse is
More informationIMPLEMENTING CISCO IP SWITCHED NETWORKS (SWITCH)
IMPLEMENTING CISCO IP SWITCHED NETWORKS (SWITCH) COURSE DESCRIPTION: SWITCH includes extensive hands-n labs t help yu learn t plan, cnfigure, and verify the implementatin f cmplex enterprise switching
More informationName. Description. Rationale
Cmplliiance Cmpnentt Descriptin Ratinale Benefits List the Dmain List the Discipline List the Technlgy Area List Prduct Cmpnent Dcument the Cmpliance Cmpnent Type Cmpnent Sub-type DEEFFI INITION Hst-Based
More informationSecurity Information and Event Management Project
Security Infrmatin and Event Management Prject Prpsal Submissin: Mr. Ken Fster 1 Cntents Recmmendatin:... 3 What is Security Infrmatin and Event Management:... 3 Business Case fr SEIM Deplyment:... 3 Cre
More informationMCSA: Windows 7 Boot Camp for Desktop Support Technicians
MCSA: Windws 7 Bt Camp fr Desktp Supprt Technicians Prepare fr the Enterprise Desktp Supprt Technician certificatin n Windws 7. Gain the clud-related skills required fr the latest Micrsft certificatins
More informationNetwork Defense Specialist. Course Title: Network Defense Specialist: Security and Vulnerability Assessment
Curse Title: Netwrk Defense Specialist: Security and Vulnerability Assessment Page 1 f 11 Curse Descriptin The Netwrk Defense Series frm EC-Cuncil Press is cmprised f 5 bks designed t educate learners
More informationTopic Outline. Page 2 of 5
C O U R S E D E S C R I P T I O N CTX-1258AI Citrix Presentatin Server 4.0: Supprt This curse prvides learners with the skills necessary t mnitr, maintain and trublesht netwrk envirnments running Citrix
More informationSession 9 : Information Security and Risk
INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin
More informationMaaS360 Cloud Extender
MaaS360 Clud Extender Installatin Guide Cpyright 2012 Fiberlink Cmmunicatins Crpratin. All rights reserved. Infrmatin in this dcument is subject t change withut ntice. The sftware described in this dcument
More informationSecurely Managing Cryptographic Keys used within a Cloud Environment
Securely Managing Cryptgraphic Keys used within a Clud Envirnment Dr. Sarbari Gupta sarbari@electrsft-inc.cm 703-437-9451 ext 12 2012 NIST Cryptgraphic Key Management Wrkshp September 10-11, 2012 Intrductin
More information* All percentages are approximate and are subject to change.
CmpTIA Security+ Examinatin Objectives Versin 1.0 Intrductin The skills and knwledge measured by the CmpTIA Security+ examinatin were derived and validated thugh input frm a cmmittee and ver 1,000 subject
More informationCisco IT Essentials v4.1. Course Overview. Total Hours: 240
PC Hardware and Sftware Teacher Resurce Cisc Essentials v4.1 Curse Overview Ttal Hurs: 240 Fundamental Chapters 1-10 Chapter 1: Intrductin t the Persnal Cmputer Hurs: 14.00 Gal: Chapter 2: The chapter
More informationWebalo Pro Appliance Setup
Webal Pr Appliance Setup 1. Dwnlad the Webal virtual appliance apprpriate fr yur virtualizatin infrastructure, using the link yu were emailed. The virtual appliance is delivered as a.zip file that is n
More informationUnified Infrastructure/Organization Computer System/Software Use Policy
Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help
More informationJunos Pulse Instructions for Windows and Mac OS X
Juns Pulse Instructins fr Windws and Mac OS X When yu pen the Juns client fr the first time yu get the fllwing screen. This screen shws yu have n cnnectins. Create a new cnnectin by clicking n the + icn.
More informationThe Secret Life of Data: Protecting Sensitive Information, Mobile to Cloud
SESSION ID: CDS-R02 The Secret Life f Data: Prtecting Sensitive Infrmatin, Mbile t Clud Dan Griffin President JW Secure, Inc. @JWSdan WWNSAD? Intelligence agencies have been public abut: Inevitability
More informationWEB APPLICATION SECURITY TESTING
WEB APPLICATION SECURITY TESTING Cpyright 2012 ps_testware 1/7 Intrductin Nwadays every rganizatin faces the threat f attacks n web applicatins. Research shws that mre than half f all data breaches are
More informationCitrix XenApp 6.5 Basic Administration
Citrix XenApp 6.5 Basic Administratin Descriptin: Days: 5 Prerequisites: Citrix XenApp 6.5 Basic Administratin training curse prvides the fundatin necessary fr administratrs t effectively centralize and
More informationCloud Services Frequently Asked Questions FAQ
Clud Services Frequently Asked Questins FAQ Revisin 1.0 6/05/2015 List f Questins Intrductin What is the Caradigm Intelligence Platfrm (CIP) clud? What experience des Caradigm have hsting prducts like
More information[CEH]: Ethical Hacking and Countermeasures
[CEH]: Ethical Hacking and Countermeasures Length Audience(s) Delivery Method : 5 days : This course will significantly benefit security officers, auditors, security professionals, site administrators,
More informationAn Approach To. Web Application Threat Modeling
An Apprach T Web Applicatin Threat Mdeling By Akash Shrivastava April 2008 Akash.InfSec@gmail.cm 1. Overview In present internet cmputing envirnment ne r the ther frm f security has becme a requirement
More informationCourse Outline: Certified Ethical Hacker v8. Learning Method: Instructor-led Classroom Learning
Course Outline: Certified Ethical Hacker v8 Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 35 hrs Overview: This class will immerse the students into an interactive environment
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationVenue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed
Venue Nairobi Kenya (exact hotel name to be confirmed before course) Dates March 31, 2014 April 4, 2014 Inovatec College Certified Ethical Hacker (CEH) boot camp The Certified Ethical Hacker (CEH) Certification
More informationServ-U Distributed Architecture Guide
Serv-U Distributed Architecture Guide Hrizntal Scaling and Applicatin Tiering fr High Availability, Security, and Perfrmance Serv-U Distributed Architecture Guide v15.1.2.0 Page 1 f 20 Intrductin Serv-U
More informationCXA-300-1I: Advanced Administration for Citrix XenApp 5.0 for Windows Server 2008
CXA-300-1I: Advanced Administratin fr Citrix XenApp 5.0 fr Windws Server 2008 This curse prvides learners with the skills necessary t mnitr, maintain and trublesht netwrk envirnments running XenApp fr
More informationCSC 421 COURSE COMPACT
CSC 421 COURSE COMPACT Curse Cde: CSC 421 Curse Title: Cmputer Security Status: Cmpulsry Curse Unit: 2 Cntact Details Lecturer s Data Lecture perid: Tw hurs lectures per week fr 15 weeks (30 hurs) Name:
More informationAdvanced Filter Evasion and Web Application Firewall Bypassing
Advanced Filter Evasin and Web Applicatin Firewall Bypassing Encding and Filtering - understanding what kind f data encding us being used and hw it wrks is fundamental in ensuring that tests are perfrmed
More informationMicrosoft Certified Database Administrator (MCDBA)
Micrsft Certified Database Administratr (MCDBA) 460 hurs Curse Overview/Descriptin The MCDBA prgram and credential is designed fr individuals wh want t demnstrate that they have the necessary skills t
More informationCallRex 4.2 Installation Guide
CallRex 4.2 Installatin Guide This dcument describes hw t install CallRex 4.2. It cvers the fllwing: CallRex 4.2 Cmpnents. Server Prerequisites. Perfrming the Installatin. Changing the Accunt Used by CallRex
More informationMobile Deployment Guide For Apple ios
Fr Apple ios Cpyright This dcument is prtected by the United States cpyright laws, and is prprietary t Zscaler Inc. Cpying, reprducing, integrating, translating, mdifying, enhancing, recrding by any infrmatin
More informationEC-Council Certified Secure Programmer-.NET
EC-Cuncil Certified Secure Prgrammer Exam 312-93 Curse Outline EC-Cuncil Certified Secure Prgrammer-.NET Curse Outline Mdule 01: Intrductin t.net Applicatin Security Micrsft.NET Applicatin Security.NET
More informationThe Acunetix Web Vulnerability Scanner
The Acunetix Web Vulnerability Scanner Website security is pssibly tday's mst verlked aspect f securing the enterprise and shuld be a pririty in any rganizatin. Increasingly, hackers are cncentrating their
More informationSecurity in Business and Applications. Madison Hajeb Stefan Hurst Benjamin Von Slade
Security in Business and Applicatins Madisn Hajeb Stefan Hurst Benjamin Vn Slade Intrductin Prject Cncept - Implement security in a small business setting Original Plan - D sme security audits fr small
More informationLogical Operations Certification Exam Objectives: CF1-210
Lgical Operatins Certificatin Exam Objectives: CF1-210 **Nte: CF1-210 is the exam number designatin fr the CFR-210 beta exam. Once live, the exam will be designated CFR-210. INTRODUCTION The table belw
More informationCity of Dublin Education & Training Board. Programme Module for. Network Security. leading to. Level 6 QQI. Network Security 6N0720
City f Dublin Educatin & Training Bard City f Dublin Educatin & Training Bard Prgramme Mdule fr Netwrk Security leading t Level 6 QQI Netwrk Security 6N0720 Netwrk Security 6N0720 City f Dublin Educatin
More informationhttps://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting
https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationCourse Outline (70-413)
Curse Outline (70-413) Mdule 1: Planning Server Upgrade and Migratin This mdule explains hw t plan a server upgrade and migratin strategy. Upgrade and Migratin Cnsideratins Creating a Server Upgrade and
More informationRetail Security and Compliance Where On Earth is it Headed?
Retail Security and Cmpliance Where On Earth is it Headed? An verview f the retail sectr s IT threats and hw t be mre effective in preventing them. Agenda Intrductin Retail in the news Why cyber security
More informationEnsuring end-to-end protection of video integrity
White paper Ensuring end-t-end prtectin f vide integrity Prepared by: Jhn Rasmussen, Senir Technical Prduct Manager, Crprate Business Unit, Milestne Systems Date: May 22, 2015 Milestne Systems Ensuring
More informationImplementing CiscoWorks LMS
Implementing CiscWrks LMS Curse CWLMS v4.0; 5 Days, Instructr-led Curse Descriptin Implementing CiscWrks LMS (CWLMS) v4.0 teaches learners hw t use the CiscWrks LAN Management Slutin (LMS) 4.0 t manage
More informationScaleIO Security Configuration Guide
ScaleIO Security Cnfiguratin Guide 1 Intrductin This sectin prvides an verview f the settings available in ScaleIO t ensure secure peratin f the prduct: Security settings are divided int the fllwing categries:
More informationTrustED Briefing Series:
TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers
More informationCEH Version8 Course Outline
CEH Version8 Course Outline Module 01: Introduction to Ethical Hacking Information Security Overview Information Security Threats and Attack Vectors Hacking Concepts Hacking Phases Types of Attacks Information
More informationEC Council Certified Ethical Hacker V8
Course Code: ECCEH8 Vendor: Cyber Course Overview Duration: 5 RRP: 2,445 EC Council Certified Ethical Hacker V8 Overview This class will immerse the delegates into an interactive environment where they
More informationSecurity Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview
Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the
More informationEndpoint Protection Solution Test Plan
Endpint Prtectin Slutin Test Plan This test plan is intended t lay ut high-level guidelines fr testing and cmparing varius endpint prtectin and investigatin slutins. It specifies test envirnments, cnnectivity
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationInstructions for Configuring a SAFARI Montage Managed Home Access Expansion Server
Instructins fr Cnfiguring a SAFARI Mntage Managed Hme Access Expansin Server ~ Please read these instructins in their entirety befre yu begin. ~ These instructins explain hw t add a SAFARI Mntage Managed
More informationACTIVITY MONITOR. Live view of remote desktops. You may easily have a look at any user s desktop.
Web Develpment Offshre Develpment Outsurcing SEO ACTIVITY MONITOR This pwerful tl allws yu t track any LAN, giving yu the mst detailed infrmatin n what, hw and when yur netwrk users perfrmed. Whether it
More informationTroubleshooting Cisco Unified Communications
Trubleshting Cisc Unified Cmmunicatins Curse TVOICE v8.0; 5 Days, Instructr-led Curse Descriptin: Trubleshting Cisc Unified Cmmunicatins (TVOICE) v8.0 prepares netwrk prfessinals with the knwledge and
More informationZscaler Cloud Update NEW FEATURES
Zscaler Clud Update FALL 2014 RELEASE UPDATE SUMMARY This release intrduces a new unified user interface that features redesigned Plicy and Administratin tabs integrated with the Dashbard and Analytics.
More informationCloud Services MDM. Windows 8 User Guide
Clud Services MDM Windws 8 User Guide 10/24/2014 CONTENTS Overview... 2 Supprted Devices... 2 System Capabilities... 2 Enrllment and Activatin... 3 Prcess Overview... 3 Verify Prerequisites... 3 Dwnlad
More informationMSc Internet Technology and Web Development E561 (Subject to Approval)
MSc Internet Technlgy and Web Develpment E561 (Subject t Apprval) 1. Intrductin Available in bth full and part-time mde, the MSc Internet Technlgy and Web Develpment prgramme will prvide graduates frm
More informationState of Wisconsin. File Server Service Service Offering Definition
State f Wiscnsin File Server Service Service Offering Definitin Dcument Revisin Histry Date Versin Creatr Ntes 2/16/2008 1.0 JD Urfer First pass 2/16/2008 2.0 Tm Runge Editing changes 2/19/2009 2.1 Tm
More informationOutpost Pro PC security products
Outpst PRO security prducts Datasheet versin 8.0 Page 1 [EN] Outpst Pr PC security prducts Antivirus, Firewall, Security Suite Versin 8.0 The Outpst Pr prduct line, including Outpst Antivirus Pr, Outpst
More informationConfiguring, Managing and Maintaining Windows Server 2008 Servers MOC-6419
Cnfiguring, Managing and Maintaining Windws Server 2008 Servers MOC-6419 Curse Descriptin: This curse prvides students with the cre skills required t cnfigure, manage and maintain a Micrsft Windws Server
More informationABELMed Platform Setup Conventions
ABELMed Platfrm Setup Cnventins 1 Intrductin 1.1 Purpse f this dcument The purpse f this dcument is t prvide prspective ABELMed licensees and their hardware vendrs with the infrmatin that they will require
More informationCXA-206-1 Citrix XenApp 6.5 Basic Administration
CXA-206-1 Citrix XenApp 6.5 Basic Administratin Citrix XenApp 6.5 Basic Administratin training curse prvides the fundatin necessary fr administratrs t effectively centralize and manage applicatins in the
More informationGUIDELINES FOR SECURING SOCIAL MEDIA ACCOUNTS. Version 1.0
GUIDELINES FOR SECURING SOCIAL MEDIA ACCOUNTS Versin 1.0 Published Octber 2015 Dcument Cntrl Versin: 1.0 Authr: Cyber Security Divisin - ictqatar Classificatin: Public Date f Issue: Octber 2015 2 Page
More informationAlexsys Team 2 Service Desk
Alexsys Team 2 Service Desk An affrdable fully interactive Service Desk that wrks seamlessly with Alexsys Team The Alexsys Team 2 Service Desk is an add-n prduct fr Alexsys Team 2 that prvides fully interactive
More informationDatasheet. PV4E Management Software Features
PV4E Management Sftware Features PV4E is a field prven cmprehensive slutin fr real-time cntrl ver netwrk infrastructure and devices The new and refreshed Graphic User Interface (GUI) is nw even mre attractive,
More informationIBM WPL93. Installation and Administration of IBM WebSphere Portal 8 on Linux
IBM WPL93. Installatin and Administratin f IBM WebSphere Prtal 8 n Linux This instructr led curse is designed fr system administratrs wh want t acquire r update their WebSphere Prtal administratin skills.
More informationVersion: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004E Payment Card Industry (PCI) Netwrk Security (prpsed) 01.1 Purpse The purpse f this Netwrk
More informationPolymorphic Shellcodes vs. Application IDSs
http://www.ngsec.cm Plymrphic Shellcdes vs. Applicatin IDSs 1. Intrductin. 2. Shellcde types and recgnitin techniques. 3. Intrusin Detectin Systems. 4. NGSecureWeb. 5. References. 6. Credits. Page 1 f
More informationTCP/IP Networking Keyword: TCP/IP 5 Days List Price $2,995
T register fr this curse, g t www.giga-wave.cm, r call 210-375-0085 TCP/IP Netwrking Keywrd: TCP/IP 5 Days List Price $2,995 Curse Descriptin TCP/IP is the glbally accepted grup f prtcls at the cre f the
More informationExercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008
Exercise 5 Server Cnfiguratin, Web and FTP Instructins and preparatry questins Administratin f Cmputer Systems, Fall 2008 This dcument is available nline at: http://www.hh.se/te2003 Exercise 5 Server Cnfiguratin,
More informationCLOUD ENABLED CLOUD ENABLED
Asia s st 1 and Only Cmpany t Offer Bradest Prtfli f Clud trainings. Clud Architect: Duratin 5 Days Abut Us: Clud Enabled is Asia's First and nly Cmpany t ffer the Bradest prtfli f clud trainings. Clud
More informationDeployment Overview (Installation):
Cntents Deplyment Overview (Installatin):... 2 Installing Minr Updates:... 2 Dwnlading the installatin and latest update files:... 2 Installing the sftware:... 3 Uninstalling the sftware:... 3 Lgging int
More informationPreparing to Deploy Reflection : A Guide for System Administrators. Version 14.1
Preparing t Deply Reflectin : A Guide fr System Administratrs Versin 14.1 Table f Cntents Table f Cntents... 2 Preparing t Deply Reflectin 14.1:... 3 A Guide fr System Administratrs... 3 Overview f the
More informationSPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010
OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity
More informationBest Practice - Pentaho BA for High Availability
Best Practice - Pentah BA fr High Availability This page intentinally left blank. Cntents Overview... 1 Pentah Server High Availability Intrductin... 2 Prerequisites... 3 Pint Each Server t Same Database
More informationLearn More Cloud Extender Requirements Cheat Sheet
MaaS360.cm > Learn Mre Learn Mre Clud Extender Requirements Cheat Sheet OVERVIEW This dcument defines all requirements t ensure a successfully installatin f the Clud Extender t enable use f ActiveSync
More informationSBClient and Microsoft Windows Terminal Server (Including Citrix Server)
SBClient and Micrsft Windws Terminal Server (Including Citrix Server) Cntents 1. Intrductin 2. SBClient Cmpatibility Infrmatin 3. SBClient Terminal Server Installatin Instructins 4. Reslving Perfrmance
More informationACTIVITY MONITOR Real Time Monitor Employee Activity Monitor
ACTIVITY MONITOR Real Time Mnitr Emplyee Activity Mnitr This pwerful tl allws yu t track any LAN, giving yu the mst detailed infrmatin n what, hw and when yur netwrk users perfrmed. Whether it is a library
More information2. When logging is used, which severity level indicates that a device is unusable?
Last updated by Admin at March 3, 2015. 1. What are the mst cmmn syslg messages? thse that ccur when a packet matches a parameter cnditin in an access cntrl list link up and link dwn messages utput messages
More informationesafe SmartSuite Release Notes
Cntent Security esafe SmartSuite Release Ntes Versin: 8.5.25.0 Release Ntes Issue Date: May 20, 2010 Abut this release These release ntes prvide a list f the latest additins t esafe SmartSuite. esafe SmartSuite
More informationEnterprise Security Management CIS 259
Enterprise Security Management CIS 259 Prerequisites CIS 175 Descriptin This curse is designed t cver the managerial aspects f cmputer security and risk management fr enterprises. The student will attain
More informationIntegrating With incontact dbprovider & Screen Pops
Integrating With incntact dbprvider & Screen Pps incntact has tw primary pints f integratin. The first pint is between the incntact IVR (script) platfrm and the custmer s crprate database. The secnd pint
More informationNetwork Security Monitoring: Beyond Intrusion Detection. By: rewtninja
Netwrk Security Mnitring: Beynd Intrusin Detectin By: rewtninja Agenda Overview f NSM Benefits f NSM NSM vs IDS Limitatins f NSM Free slutins fr implementing NSM DEMO Whami? Security enthusiast SecOps
More informationExercise 5 Server Configuration, Web and FTP Instructions and preparatory questions Administration of Computer Systems, Fall 2008
Exercise 5 Server Cnfiguratin, Web and FTP Instructins and preparatry questins Administratin f Cmputer Systems, Fall 2008 This dcument is available nline at: http://www.hh.se/te2003 Exercise 5 Server Cnfiguratin,
More informationDepartment of CSIT Organizes a 2-Day Skill Development Workshop On Basic Networking Tools and Concepts. On 14-15 March 2016
Department f CSIT Organizes a 2-Day Skill Develpment Wrkshp On Basic Netwrking Tls and Cncepts On 14-15 March 2016 In Jint Cllabratin With Skill Develpment Cell Guru Ghasidas Vishwavidyalaya, Bilaspur
More informationOnX is uniquely positioned to help your organization rapidly gain the necessary skills to enable the successful deployment of SDN.
Slutin Brief SDN Training OVERVIEW SDN is mving faster than previus netwrking advancements. Sme teams have already deplyed and are mnitring their envirnments, while thers are just starting t ask abut SDN
More informationORY SEGAL, DIRECTOR OF SECURITY RESEARCH. A whitepaper from Watchfire
METHODOLOGIES & TOOLS FOR WEB APPLICATION SECURITY ASSESSMENT ORY SEGAL, DIRECTOR OF SECURITY RESEARCH A whitepaper frm Watchfire TABLE OF CONTENTS Preface... 1 Assessment Methdlgy...1 Custmer Interview...
More informationSharePoint 2010 General Introduction Introduction to SharePoint SharePoint Installation and Administration SharePoint Site Hierarchy Website Email
Deccansft Sftware Services SharePint 2010 Syllabus SharePint 2010 General Intrductin What is IIS IIS Website & Web Applicatin Steps t Create Multiple Website n Prt 80 What is Applicatin Pl What is AppDmain
More informationGUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More informationAdditionally, the Microsoft.NET modules will prepare you for the following certification exams:
.NET Training 177 hurs Curse Overview/Descriptin This self-paced.net Training Online Prgram is designed t help yu prepare fr fur Micrsft.NET certificatin exams. The prgram begins with basic Web design
More information