Certified Ethical Hacking. CEH v8 Course. Ημέρα & Ημερομηνία Διεξαγωγής. 02/11/ /11-04/11 05/11-06/11-09/11 6 Συναντήσεις 9:00-17:00

Size: px
Start display at page:

Download "Certified Ethical Hacking. CEH v8 Course. Ημέρα & Ημερομηνία Διεξαγωγής. 02/11/2015-03/11-04/11 05/11-06/11-09/11 6 Συναντήσεις 9:00-17:00"

Transcription

1 Certified Ethical Hacking Ημέρα & Ημερομηνία Διεξαγωγής 02/11/ /11-04/11 05/11-06/11-09/11 6 Συναντήσεις 9:00-17:00 Tόπος Διεξαγωγής: City Unity College Λεωφόρος Αγλαντζιάς 79, 2ος όροφος, 2107 Αγλαντζιά Λευκωσία Τηλ. Επικοινωνίας: / Fax: info@cityu.ac.cy / Τo πρόγραμμα εγκρίθηκε απο την ΑνΑΔ. Οι επιχειρήσεις που συμμετέχουν με εργοδοτούμενους τους οι οποίοι ικανοποιούν τα κριτήρια της ΑνΑΔ θα τύχουν της σχετικής επιχορήγησης.

2 Website: - Facebοok: info@cityu.ac.cy - Fax: Tel: ΑΙΤΗΣΗ Τίτλος Προγράμματος που σας ενδιαφέρει:... Α. ΣΤΟΙΧΕΙΑ ΕΡΓΟΔΟΤΗ Επωνυμία εργοδότη:... Προσωπική επιχείρηση (φυσικό πρόσωπο) Σωματείο/ Ίδρυμα Εταιρεία Οργανισμός δημοσίου δικαίου Συνεταιρισμός Συντεχνία... Αρ. Μητρώου Εργοδότη Κοιν. Ασφαλίσεων... Αρ. Εγγραφής... Αρ. Εργοδοτούμενων... Διεύθυνση: Οδός και αριθμός:... Ηλεκτρονική Διεύθυνση... Τηλέφωνο... Φαξ... Διευθυντής: Κος/Κα... Δραστηριότητα εργοδότη:... Β. ΣΤΟΙΧΕΙΑ ΥΠΑΛΛΗΛΩΝ Α/Α ΕΠΩΝΥΜΟ ΟΝΟΜΑ ΤΗΛΕΦΩΝΟ ΘΕΣΗ ΕΡΓΑΣΙΑΣ

3 Σκοπός Στόχοι The need of protecting critical infrastructures is continue growing as the Cyber Attacks are getting more and more sophisticated and focused. As a recent example is the attack of more than 100 banks and other financial institutions in 30 nations. With this sophisticated attack, hackers managed to access financial institution main systems monitor their procedures and as a result stole more than $300 million by making ATMs spit out money. Exposed to an entirely different way of achieving optimal information security posture in their organization; by hacking it! They will scan, test, hack and secure their own systems. The lab intensive environment gives each participant in-depth knowledge and practical experience with the current essential security systems. Participants will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks. In order to beat a hacker, you need to think like one. Participants will learn how intruders escalate privileges This is exactly what this course will teach them. It is the and what steps can be taken to secure a system. All pinnacle of the most desired information security of this will be done without harming any real network. training program any information security professional Participants will also learn about Intrusion Detection, will ever want to be in to master the hacking Policy Creation, Social Engineering, DDoS Attacks, technologies. To think like a hacker, you need to be Buffer Overflows and Virus Creation. one! When a participant leaves this intensive 7 day class they will have hands on understanding and experience The definition of an Ethical Hacker is very similar to a in Ethical Hacking Penetration Tester. The Ethical Hacker is an individual They will focuses on addressing security issues to the who is usually employed with the organization and who atest operating systems including Windows 8 and can be trusted to undertake an attempt to penetrate Windows Server 2012 networks and/or computer systems using the same They will also focuses on addressing the existing threats methods and techniques as a Hacker. to operating environments dominated by Windows 7 and other operating systems (backward compatibility) The objective is to facilitate organizations in ascertaining CEH v8 focuses on the latest hacking attacks targeted the vulnerabilities and security flaws before their to mobile platform and tablet computers and covers exploitation by hackers. Ethical hackers mimic the countermeasures to secure mobile infrastructure approach adopted by hackers with minimum disruption Coverage of latest development in mobile and web in services. The extent of the tests depends on the technologies including Andriod OS 4.1 and Apps, ios 6 contract between the ethical hacker and the and Apps, BlackBerry 7 OS, Windows Phone 8 and organization. HTML 5 The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor neutral perspective. The Certified Ethical Hacker certification enhances the skill sets of security administrators, network administrators, security auditors and other IT professionals. Certified Ethical hackers are skilled in identifying the threat vectors in the IT infrastructure and use their expertise in strengthening the defenses against security threats. They will walk out the door with hacking skills that are highly in demand, as well as the internationally recognized certified ethical hacker certification. This course will prepare them for EC-Council Certified Ethical Hacker exam ΑΝΑΛΥΣΗ ΠΕΡΙΕΧΟΜΕΝΟΥ ΕΝΟΤΗΤΩΝ Introduction to Ethical Hacking Internet Crime Current Report: IC3 Data Breach Investigations Report Types of Data Stolen From the Organizations Essential Terminologies Elements of Information Security Authenticity and Non-Repudiation Effects of Hacking Who is a Hacker? Hacker Classes What Does a Hacker Do? Types of Attacks on a System Why Ethical Hacking is Necessary? Defense in Depth

4 Scope and Limitations of Ethical Hacking What Do Ethical Hackers Do? Skills of an Ethical Hacker Vulnerability Research Footprinting and Reconnaissance Footprinting Terminologies What is Footprinting? Objectives of Footprinting Footprinting Threats Locate Internal URL Public and Restricted Websites Search for Company s Information Gather Information from Financial Footprinting Through Job Sites Monitoring Target Using Alerts Competitive Intelligence Gathering WHOIS Lookup Locate the Network Range Traceroute Mirroring Entire Website Extract Website Information from Monitoring Web Updates Using Website Watcher Google Hacking Tool: Google Hacking Database (GHDB) Google Hacking Tools Additional Footprinting Tools Scanning Networks Network Scanning Types of Scanning Ping Sweep Scanning: IDS Evasion Techniques IP Fragmentation Tools Scanning Tool: Nmap War Dialing Why War Dialing? War Dialing Tools Banner Grabbing Tool: ID Serve GET REQUESTS Banner Grabbing Tool: Net craft Banner Grabbing Tools Network Vulnerability Scanners LANsurveyor Network Mappers Proxy Servers Proxy Workbench Proxifier Tool: Create Chain of Proxy Servers TOR (The Onion Routing) TOR Proxy Chaining Software Types of Anonymizers Case: Bloggers Write Text Backwards to Bypass Web Filters in China Text Conversion to Avoid Filters Censorship Circumvention IP Spoofing Detection Techniques: TCP Flow Control Method IP Spoofing Countermeasures Scanning Pen Testing Enumeration What is Enumeration Techniques for Enumeration Enumerating User Accounts Enumerate Systems Using Default Passwords UNIX/Linux Enumeration LDAP Enumeration NTP Enumeration SMTP Enumeration Enumeration Countermeasures System Hacking Information at Hand Before System Hacking Stage System Hacking: Goals CEH Hacking Methodology (CHM) Password Cracking Microsoft Authentication How Hash Passwords are Stored in Windows SAM? What is LAN Manager Hash? Salting PWdump7 and Fgdum Password Cracking Tools Active@ Password Changer Privilege Escalation Tools How to Defend against Privilege Escalation? Executing Applications Keylogger Types of Keystroke Loggers Acoustic/CAM Keylogger Rootkits Types of Rootkits How Rootkit Works What is Steganography and types Module 6: Trojans & Backdoors What is a Trojan and the purpose What Do Trojan Creators Look For? Indications of a Trojan Attack Common Ports used by Trojans How to Infect Systems Using a Trojan? Wrappers Different Ways a Trojan can Get into a System How to Deploy a Trojan?

5 Evading Anti-Virus Techniques Types of Trojans Destructive Trojans Notification Trojans Credit Card Trojans How to Detect Trojans? Trojan Countermeasures Backdoor Countermeasures Trojan Horse Construction Kit Viruses & worm Introduction to Viruses Virus and Worm Statistics 2010 Stages of Virus Life Working of Viruses: Infection Phase Working of Viruses: Attack Phase Image Steganography & Document Why Do People Create Computer Viruses? Indications of Virus Attack How does a Computer get Infected by Viruses? Virus Hoaxes Virus Analysis: Types of Viruses Computer worms How is a Worm Different from a Virus? What is Sheep Dip Computer? Anti-Virus Sensors Systems Malware Analysis Procedure String Extracting Tool: Bintext Online Malware Analysis Services Virus Detection Methods Virus and Worms Countermeasures Companion Antivirus: Immunet Protect Anti-virus Tools Sniffers Wiretapping Sniffing Threats How a Sniffer Works? Hacker Attacking a Switch Types of Sniffing: Passive Sniffing Types of Sniffing: Active Sniffing Protocols Vulnerable to Sniffing Tie to Data Link Layer in OSI Model Hardware Protocol Analyzers SPAN Port How DHCP Works? What is Address Resolution Protocol (ARP)? Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches MAC Spoofing/Duplicating DNS Poisoning Techniques Additional Wireshark Filters Sniffing Tool: CACE Pilot Discovery Tool: NetworkView Discovery Tool: The Dude Sniffer Password Sniffing Tool: Ace Additional Sniffing Tools How an Attacker Hacks the Network Using Sniffers? How to Defend Against Sniffing? Sniffing Prevention Techniques How to Detect Sniffing? Social Engineering What is Social Engineering? Behaviors Vulnerable to Attacks Why is Social Engineering Effective? Warning Signs of an Attack Phases in a Social Engineering Attack Impact on the Organization Types of Social Engineering Insider Attack Common Intrusion Tactics and Strategies for Prevention Social Engineering Through Impersonation on Social Networking Real Steven Gets Huge Credit Card Statement Identity Theft - Serious Problem Social Engineering Countermeasures: Policies Identity Theft Countermeasures Social Engineering Pen Testing Denial of service What is a Denial of Service Attack? What is Distributed Denial of Service Symptoms of a DoS Attack Cyber Criminals Internet Chat Query (ICQ) Internet Relay Chat (IRC) DoS Attack Techniques Botnet DoS Attack Tools Detection Techniques DoS/DDoS Countermeasure Strategies DDoS Attack Countermeasures Post-attack Forensics Techniques to Defend against Botnets DoS/DDoS Countermeasures DoS/DDoS Protection at ISP Level Enabling TCP Intercept on Cisco IOS Software DoS/DDoS Protection Tool

6 Session Hijacking What is Session Hijacking? Dangers Posed by Hijacking Why Session Hijacking is Successful? Key Session Hijacking Techniques Brute Forcing HTTP Referrer Attack Session Hijacking Process Packet Analysis of a Local Session Hijack Types of Session Hijacking Man-in-the-Middle Attack Man-in-the-Browser Attack TCP/IP Hijacking IP Spoofing: Source Routed Packets RST Hijacking UDP Hijacking Session Hijacking Tools Countermeasures Methods to Prevent Session Hijacking: To be Followed by Web Developers & users Defending against Session Hijack Attacks Session Hijacking Remediation Hijacking Webservers Webserver Market Shares Open Source Webserver Architecture IIS Webserver Architecture Website Defacement Case Study Why Web Servers are Compromised? Impact of Webserver Attacks Webserver Misconfiguration Directory Traversal Attacks HTTP Response Splitting Attack Web Cache Poisoning Attack HTTP Response Hijacking SSH Bruteforce Attack Man-in-the-Middle Attack How to Defend Against Web Server Attacks? How to Defend against HTTP Response Splitting and Web Cache Poisoning? Patches and Hotfixes What is Patch Management? Identifying Appropriate Sources for Updates and Patches Installation of a Patch Web Server Security Scanner: Wikto Webserver Malware Infection Monitoring Tool: HackAlert Webserver Security Tools Web Server Penetration Testing Hacking Web Applications Web Application Security Statistics Introduction to Web Applications Web Application Components How Web Applications Work? Web Application Architecture Web 2.0 Applications Vulnerability Stack Web Attack Vectors Invalidated Input Parameter/Form Tampering Directory Traversal Security Misconfiguration Injection Flaws What is LDAP Injection? How LDAP Injection Works? Hidden Field Manipulation Attack Cross-Site Scripting (XSS) Attacks Session Fixation Attack Insufficient Transport Layer Protection Improper Error Handling Insecure Cryptographic Storage Broken Authentication and Session Management Web Services Architecture Analyze Web Applications Attack Authentication Mechanis Password Attacks: Password Guessing Password Attacks: Brute-forcing Session Attacks: Session ID Prediction/ Brute-forcing Cookie Exploitation: Cookie Poisoning Attack Web App Client Attack Web Services Web Services Probing Attacks Web Service Attack Tool: soapui Web Service Attack Tool: XMLSpy Web Application Hacking Tool: Burp Suite Professional Web Application Hacking Tools: Cookie Digger Web Application Hacking Tools: Web Scarab Encoding Schemes Web Application Firewall: dotdefender Web Application Firewall: IBM AppScan Web Application Pen Testing SQL Injection SQL Injection is the Most Prevalent Vulnerability in 2010 SQL Injection Threats What is SQL Injection? SQL Injection Attacks How Web Applications Work? Server Side Technologies HTTP Post Request SQL Injection Detection

7 Types of SQL Injection SQL Injection Methodology Information Gathering Features of Different DBMSs Password Grabbing Transfer Database to Attacker s Machine Interacting with the Operating System Interacting with the FileSystem Network Reconnaissance Full Query Hacking Wireless Network Wireless Networks Wi-Fi Usage Statistics in the US Wi-Fi Hotspots at Public Places Wi-Fi Networks at Home Types of Wireless Networks Wireless Standards Service Set Identifier (SSID) Wi-Fi Authentication Modes Wireless Terminologies Wi-Fi Chalking Wi-Fi Hotspot Finder: jiwire.com Wi-Fi Hotspot Finder: WeFi.com Types of Wireless Antenna Parabolic Grid Antenna Types of Wireless Encryption WEP Encryption How to Defend Against WPA Cracking? Wireless Threats: Access Control Attacks Wireless Threats: Integrity Attacks Wireless Threats: Confidentiality Attacks Wireless Threats: Availability Attacks Wireless Threats: Authentication Attacks Jamming Signal Attack Wi-Fi Jamming Devices Wireless Hacking Methodology Find Wi-Fi Networks to Attack How to Discover Wi-Fi Network Using Wardriving? Wireless Traffic Analysis Wireless Cards and Chipsets Wi-Fi USB Dongle: AirPcap Wi-Fi Packet Sniffer: Wi-Fi Pilot Wi-Fi Packet Sniffer: OmniPeek How to Reveal Hidden SSIDs Fragmentation Attack MITM Attack Using Aircrack-ng Wireless ARP Poisoning Attack Rogue Access Point Evading IDS Firewalls and Honeypots Intrusion Detection Systems (IDS) and its Placement How IDS Works? Ways to Detect an Intrusion Types of Intrusion Detection Systems System Integrity Verifiers (SIV) Firewall De Militarized Zone (DMZ) Types of Firewall Firewall Identification Honeypot How to Set Up a Honeypot? Intrusion Detection Tool Insertion Attack Evasion Denial-of-Service Attack (DoS) Obfuscating False Positive Generation Session Splicing Unicode Evasion Technique Fragmentation Attack Overlapping Fragments Time-To-Live Attacks ASCII Shellcode Application-Layer Attacks Pre Connection SYN Post Connection SYN Detecting Honeypots Honeypot Detecting Tool: Send-Safe Honeypot Hunter Firewall Evasion Tools Buffer Overflow Buffer Overflows Why are Programs And Applications Vulnerable? Understanding Stacks Stack-Based Buffer Overflow Understanding Heap Knowledge Required to Program Buffer Overflow Exploits Buffer Overflow Steps Simple Uncontrolled Overflow Simple Buffer Overflow in C Code Analysis Exploiting Semantic Comments in C (Annotations) How to Mutate a Buffer Overflow Exploit? Identifying Buffer Overflows How to Detect Buffer Overflows in a Program? Testing for Heap Overflow Conditions: heap.exe Steps for Testing for Stack Overflow in OllyDbg Debugger Data Execution Prevention (DEP) Enhanced Mitigation Experience Toolkit (EMET)

8 Cryptography Cryptography Types of Cryptography Government Access to Keys (GAK) Ciphers Advanced Encryption Standard (AES) Data Encryption Standard (DES) Secure Hashing Algorithm (SHA) What is SSH (Secure Shell)? MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles Cryptography Tool: Advanced Encryption Package Cryptography Tools Public Key Infrastructure (PKI) Certification Authorities Digital Signature Transport Layer Security (TLS) Disk Encryption Meet-in-the-Middle Attack on Digital Signature Schemes Cryptanalysis Tool: CrypTool Cryptanalysis Tools Online MD5 Decryption Tool Penetration Testing Introduction to Penetration Testing Security Assessments Vulnerability Assessment Penetration Testing Why Penetration Testing? What Should be Tested? What Makes a Good Penetration Test? ROI on Penetration Testing Testing Points Testing Locations Types of Penetration Testing Common Penetration Testing Techniques Using DNS Domain Name and IP Address Information Enumerating Information about Hosts on Publicly-Available Networks Phases of Penetration Testing Penetration Testing Methodology Outsourcing Penetration Testing Services Evaluating Different Types of Pentest Tools Application Security Assessment Tool Telephony Security Assessment Tool Testing Network-Filtering Device Tool Εκπαιδευτής: Δρ. Σταύρος Σιαηλής Κόστος 900 Κόστος Επιχορήγησης 714 Πληρωτέο απο υποψήφιο 186

Course Outline: Certified Ethical Hacker v8. Learning Method: Instructor-led Classroom Learning

Course Outline: Certified Ethical Hacker v8. Learning Method: Instructor-led Classroom Learning Course Outline: Certified Ethical Hacker v8 Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 35 hrs Overview: This class will immerse the students into an interactive environment

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

CEH Version8 Course Outline

CEH Version8 Course Outline CEH Version8 Course Outline Module 01: Introduction to Ethical Hacking Information Security Overview Information Security Threats and Attack Vectors Hacking Concepts Hacking Phases Types of Attacks Information

More information

[CEH]: Ethical Hacking and Countermeasures

[CEH]: Ethical Hacking and Countermeasures [CEH]: Ethical Hacking and Countermeasures Length Audience(s) Delivery Method : 5 days : This course will significantly benefit security officers, auditors, security professionals, site administrators,

More information

EC Council Certified Ethical Hacker V8

EC Council Certified Ethical Hacker V8 Course Code: ECCEH8 Vendor: Cyber Course Overview Duration: 5 RRP: 2,445 EC Council Certified Ethical Hacker V8 Overview This class will immerse the delegates into an interactive environment where they

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

INFORMATION SECURITY TRAINING

INFORMATION SECURITY TRAINING INFORMATION SECURITY TRAINING Course Duration: 45 days Pre-Requisite: Basic Knowledge of Internet Course Content Course Fee: 15,000 ( Online Examination Fee, Books, Certification, Tools & Software's Included

More information

Detailed Description about course module wise:

Detailed Description about course module wise: Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference

More information

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker ALL ElNis ONE CEH Certified Ethical Hacker EXAM GUIDE Matt Walker Mc Grain/ New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto McGraw-Hill

More information

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Professional Penetration Testing Techniques and Vulnerability Assessment ... Course Introduction Today Hackers are everywhere, if your corporate system connects to internet that means your system might be facing with hacker. This five days course Professional Vulnerability Assessment

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

CH EHC EC-Council Ethical Hacking and Countermeasures [v.9]

CH EHC EC-Council Ethical Hacking and Countermeasures [v.9] CH EHC EC-Council Ethical Hacking and [v.9] Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Intermediate Ethical Hacking Core Delivery

More information

SONDRA SCHNEIDER JOHN NUNES

SONDRA SCHNEIDER JOHN NUNES TECHNOLOGY TRANSFER PRESENTS SONDRA SCHNEIDER JOHN NUNES CERTIFIED ETHICAL HACKER TM THE ONLY WAY TO STOP A HACKER IS TO THINK LIKE ONE MAY 21-25, 2007 VISCONTI PALACE HOTEL - VIA FEDERICO CESI, 37 ROME

More information

https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting

https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests

More information

Ethical Hacking v7 40 H.

Ethical Hacking v7 40 H. ΦΑΛΗΡΟΥ 93, ΚΟΥΚΑΚΙ, 11741 Τ. 210-9230099, Φ. 210-9229280 www.ictc.gr info@ictc.gr TITLE DURATION Ethical Hacking v7 40 H. Overview This class will immerse the student into an interactive environment where

More information

Certified Ethical Hacker (CEH)

Certified Ethical Hacker (CEH) Certified Ethical Hacker (CEH) Course Number: CEH Length: 5 Day(s) Certification Exam This course will help you prepare for the following exams: Exam 312 50: Certified Ethical Hacker Course Overview The

More information

EC-Council. Certified Ethical Hacker. Program Brochure

EC-Council. Certified Ethical Hacker. Program Brochure EC-Council C Certified E Ethical Hacker Program Brochure Course Description The (CEH) program is the core of the most desired information security training system any information security professional

More information

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed Venue Nairobi Kenya (exact hotel name to be confirmed before course) Dates March 31, 2014 April 4, 2014 Inovatec College Certified Ethical Hacker (CEH) boot camp The Certified Ethical Hacker (CEH) Certification

More information

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours Ethical Hacking and Information Security Duration Detailed Module Foundation of Information Security Lecture with Hands On Session: 90 Hours Elements of Information Security Introduction As technology

More information

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Course number: CFED Length: 5 days Certification Exam This course will help you prepare for the following exams: CCE --

More information

Description: Objective: Attending students will learn:

Description: Objective: Attending students will learn: Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

More information

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.

More information

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Course Description This class will immerse the student into an interactive environment where they will

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

Ethical Hacking Course Layout

Ethical Hacking Course Layout Ethical Hacking Course Layout Introduction to Ethical Hacking o What is Information Security? o Problems faced by the Corporate World o Why Corporate needs Information Security? Who is a Hacker? o Type

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group ruiper@wavefrontcg.com 1 (604) 961-0701 If you know the enemy and know yourself, you

More information

Build Your Own Security Lab

Build Your Own Security Lab Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

FSP-201: Ethical Hacking & IT Security

FSP-201: Ethical Hacking & IT Security FSP-201: Ethical Hacking & IT Security Session 2015-16 OVERVIEW ABOUT SIFS INDIA COURSE INTRODUCTION ENTRY REQUIREMENTS HOW TO APPLY FEE STRUCTURE COURSE MODULES CAREER PROSPECTS LIBRARY TRAINING & INTERNSHIP

More information

EC-Council C E. Hacking Technology. v8 Certified Ethical Hacker

EC-Council C E. Hacking Technology. v8 Certified Ethical Hacker EC-Council Hacking Technology C Certified E Ethical Hacker Certified Ethical Hacker v8 Certified Ethical Hacker Course Description CEHv8 is a comprehensive Ethical Hacking and Information Systems Security

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning

More information

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary

More information

Understanding Security Testing

Understanding Security Testing Understanding Security Testing Choosing between vulnerability assessments and penetration testing need not be confusing or onerous. Arian Eigen Heald, M.A., Ms.IA., CNE, CISA, CISSP I. Introduction Many

More information

Information Security. Training

Information Security. Training Information Security Training Importance of Information Security Training There is only one way to keep your product plans safe and that is by having a trained, aware and a conscientious workforce. - Kevin

More information

Certified Cyber Security Expert V 2.0 + Web Application Development

Certified Cyber Security Expert V 2.0 + Web Application Development Summer Training Program Certified Cyber Security Expert V + Web Application Development A] Training Sessions Schedule: Modules Ethical Hacking & Information Security Particulars Duration (hours) Ethical

More information

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange

More information

Learn Ethical Hacking, Become a Pentester

Learn Ethical Hacking, Become a Pentester Learn Ethical Hacking, Become a Pentester Course Syllabus & Certification Program DOCUMENT CLASSIFICATION: PUBLIC Copyrighted Material No part of this publication, in whole or in part, may be reproduced,

More information

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST. CENTER FOR ADVANCED SECURITY TRAINING 619 Advanced SQLi Attacks and Countermeasures Make The Difference About Center of Advanced Security Training () The rapidly evolving information security landscape

More information

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

ITEC441- IS Security. Chapter 15 Performing a Penetration Test 1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

More information

Vulnerability Assessment and Penetration Testing

Vulnerability Assessment and Penetration Testing Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration

More information

FORBIDDEN - Ethical Hacking Workshop Duration

FORBIDDEN - Ethical Hacking Workshop Duration Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once

More information

Corso: Certified Ethical Hacker Codice PCSNET: SIIN-1 Cod. Vendor: CEH Durata: 5

Corso: Certified Ethical Hacker Codice PCSNET: SIIN-1 Cod. Vendor: CEH Durata: 5 Corso: Certified Ethical Hacker Codice PCSNET: SIIN-1 Cod. Vendor: CEH Durata: 5 Obiettivi La classe immergerà i partecipanti in un ambiente fortemente interattivo nel quale verrà loro mostrato come effettuare

More information

Network Attacks and Defenses

Network Attacks and Defenses Network Attacks and Defenses Tuesday, November 25, 2008 Sources: Skoudis, CounterHack; S&M Chapter 5 (including many images) CS342 Computer Security Department of Computer Science Wellesley College Networks

More information

Ethical Hacking and Countermeasures 5.0 Course ECEH5.0 5 Days COURSE OVERVIEW AUDIENCE OBJECTIVES OUTLINE

Ethical Hacking and Countermeasures 5.0 Course ECEH5.0 5 Days COURSE OVERVIEW AUDIENCE OBJECTIVES OUTLINE COURSE OVERVIEW This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each

More information

Web App Security Audit Services

Web App Security Audit Services locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System

More information

642 552 Securing Cisco Network Devices (SND)

642 552 Securing Cisco Network Devices (SND) 642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,

More information

Topics in Network Security

Topics in Network Security Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure

More information

Higher National Unit specification: general information

Higher National Unit specification: general information Higher National Unit specification: general information Unit code: H17V 34 Superclass: CB Publication date: March 2012 Source: Scottish Qualifications Authority Version: 01 Unit purpose This Unit is designed

More information

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES SECURITY

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions Security Awareness For Server Administrators State of Illinois Central Management Services Security and Compliance Solutions Purpose and Scope To present a best practice approach to securing your servers

More information

Malicious Network Traffic Analysis

Malicious Network Traffic Analysis Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the

More information

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp ECSA/LPT is a security class like no other! Providing real world hands on experience, it is the only in-depth

More information

RMAR Technologies Pvt. Ltd.

RMAR Technologies Pvt. Ltd. Course Name : StartXHack V2.0 Ethical Hacking & Cyber Security Course Duration : 2 Days (8Hrs./day) Course Fee : INR 1000/participant Course Module : 1. Introduction to Ethical Hacking a. What is Ethical

More information

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur Demystifying Penetration Testing for the Enterprise Presented by Pravesh Gaonjur Pravesh Gaonjur Founder and Executive Director of TYLERS Information Security Consultant Certified Ethical Hacker (CEHv8Beta)

More information

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts)

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Module: 1. Introduction to Ethical Hacking 2. Footprinting a. SAM Spade b. Nslookup c. Nmap d. Traceroute

More information

Loophole+ with Ethical Hacking and Penetration Testing

Loophole+ with Ethical Hacking and Penetration Testing Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,

More information

CompTIA Security+ (Exam SY0-410)

CompTIA Security+ (Exam SY0-410) CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright 2014 Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security, 2014 No part of this publication, in whole or

More information

Implementing Cisco IOS Network Security

Implementing Cisco IOS Network Security Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles

More information

Network Security Audit. Vulnerability Assessment (VA)

Network Security Audit. Vulnerability Assessment (VA) Network Security Audit Vulnerability Assessment (VA) Introduction Vulnerability Assessment is the systematic examination of an information system (IS) or product to determine the adequacy of security measures.

More information

Where every interaction matters.

Where every interaction matters. Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper

More information

A Systems Engineering Approach to Developing Cyber Security Professionals

A Systems Engineering Approach to Developing Cyber Security Professionals A Systems Engineering Approach to Developing Cyber Security Professionals D r. J e r r y H i l l Approved for Public Release; Distribution Unlimited. 13-3793 2013 The MITRE Corporation. All rights reserved.

More information

Description: Course Details:

Description: Course Details: Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet

More information

McAfee Certified Assessment Specialist Network

McAfee Certified Assessment Specialist Network McAfee Certified Assessment Specialist Network Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 4 Recommended Exam Preparation 4 Exam Objectives 4 Sample

More information

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam JK0 015 CompTIA E2C Security+ (2008 Edition) Exam Version 4.1 QUESTION NO: 1 Which of the following devices would be used to gain access to a secure network without affecting network connectivity? A. Router

More information

CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE

CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE Due to the encouraging feedback this series of articles has received, we decided to explore yet another type of cyber intrusionthe Man In The Middle (MITM)

More information

Networking: EC Council Network Security Administrator NSA

Networking: EC Council Network Security Administrator NSA coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA

More information

IINS Implementing Cisco Network Security 3.0 (IINS)

IINS Implementing Cisco Network Security 3.0 (IINS) IINS Implementing Cisco Network Security 3.0 (IINS) COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using

More information

Audience. Pre-Requisites

Audience. Pre-Requisites T R A N C H U L A S W O R K S H O P S A N D T R A I N I N G S Hands-On Penetration Testing Training Course About Tranchulas Tranchulas is a multinational information security company having its offices

More information

How To Classify A Dnet Attack

How To Classify A Dnet Attack Analysis of Computer Network Attacks Nenad Stojanovski 1, Marjan Gusev 2 1 Bul. AVNOJ 88-1/6, 1000 Skopje, Macedonia Nenad.stojanovski@gmail.com 2 Faculty of Natural Sciences and Mathematics, Ss. Cyril

More information

Page: Designed & Executed By: Presents Cyber Security Training

Page: Designed & Executed By: Presents Cyber Security Training Page: 1 Designed & Executed By: TM S I v8 RAINNVESTIGATOR Cyber Security Training Presents T CCE TechBharat Certified Cyber Expert TechBharat Certified Cyber Expert EC-Council Computer Hacking Forensic

More information

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow IDS 4.0 Roadshow Module 1- IDS Technology Overview Agenda Network Security Network Security Policy Management Protocols The Security Wheel IDS Terminology IDS Technology HIDS and NIDS IDS Communication

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc.

Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc. Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc. Foundstone Labs October, 2003 Table of Contents Table of Contents...2 Introduction...3 Scope and Approach...3

More information

More Practical Projects

More Practical Projects More Theoretical Projects T1) Privacy-Preserving Data Dissemination Goal: Contribute to design and develoment of a scheme for privacy-preserving data dissemination. (Research papers are available from

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human

More information

Demystifying Penetration Testing

Demystifying Penetration Testing Demystifying Penetration Testing Prepared by Debasis Mohanty www.hackingspirits.com E-Mail: debasis_mty@yahoo.com Goals Of This Presentation An overview of how Vulnerability Assessment (VA) & Penetration

More information

ETHICAL HACKING. By REAL TIME FACULTY

ETHICAL HACKING. By REAL TIME FACULTY w w ẉ s u n m ar s ṣ n et ETHICAL HACKING Duration : 1 Month Timings : 4.30 p.m. to 6.00 p.m. By REAL TIME FACULTY # 407, 4 th Floor, New HUDA MYTHRI VIHAR, Beside Aditya Trade Centre, Ameerpet, Hyd. -

More information

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important Presented By: Holes in the Fence Dave Engebretson, Contributing Technology writer, SDM Magazine Industry Instructor in Fiber and Networking Prevention of Security System breaches of networked Edge Devices

More information

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10) APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &

More information

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013 CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Web Application Hacking (Penetration Testing) 5-day Hands-On Course Web Application Hacking (Penetration Testing) 5-day Hands-On Course Web Application Hacking (Penetration Testing) 5-day Hands-On Course Course Description Our web sites are under attack on a daily basis

More information

Linux Network Security

Linux Network Security Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols

More information

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd. Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON Introduction to Computer Security International Edition Michael T. Goodrich Department of Computer Science University of California, Irvine Roberto Tamassia Department of Computer Science Brown University

More information

What is Web Security? Motivation

What is Web Security? Motivation brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web

More information

The Top Web Application Attacks: Are you vulnerable?

The Top Web Application Attacks: Are you vulnerable? QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding

More information

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet

More information

The monsters under the bed are real... 2004 World Tour

The monsters under the bed are real... 2004 World Tour Web Hacking LIVE! The monsters under the bed are real... 2004 World Tour Agenda Wichita ISSA August 6 th, 2004 The Application Security Dilemma How Bad is it, Really? Overview of Application Architectures

More information

Web Application Security

Web Application Security E-SPIN PROFESSIONAL BOOK Vulnerability Management Web Application Security ALL THE PRACTICAL KNOW HOW AND HOW TO RELATED TO THE SUBJECT MATTERS. COMBATING THE WEB VULNERABILITY THREAT Editor s Summary

More information

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media IT 4823 Information Security Concepts and Administration March 17 Network Threats Notice: This session is being recorded. Happy 50 th, Vanguard II March 17, 1958 R.I.P. John Backus March 17, 2007 Copyright

More information

Network Security: Introduction

Network Security: Introduction Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has

More information

Rational AppScan & Ounce Products

Rational AppScan & Ounce Products IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168

More information