Course Title: Penetration Testing: Communication Media Testing, 1st Edition

Transcription

1 Course Title: Penetration Testing: Communication Media Testing, 1st Edition Page 1 of 6

2 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis, as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure. Penetration Testing: Communication Media Testing covers Wireless Network Penetration Testing, Advanced Wireless Testing, VoIP Penetration Testing, VPN Penetration Testing, War Dialing, Blue Tooth and Hand held Device Penetration Testing, Telecommunication and Broadband Communication Penetration Testing. Certificate Info Penetration Testing: Communication Media Testing Who Should Attend? This course will significantly benefit Network administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment profession als. Course Duration: 2 days (9:00 5:00) CPE/ECE Qualification 16 ECE Credits awarded for attendance (1 for each classroom hour) Suggested Retail: $799 USD Page 2 of 6

3 Required Courseware: Visit and click on Training Workshops for ordering details. What s included? Physical Courseware 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate Course + Supplement Cost: See the Training Workshops section at for current pricing information. Related Certificates: Penetration Testing: Security Analysis Penetration Testing: Network and Perimeter Testing Penetration Testing: Network Threat Testing Penetration Testing: Procedures & Methodologies Page 3 of 6

4 1. Wireless Network Penetration Testing Course Briefing: This module explains security policies that need to be assessed after setting up the wireless network. This wireless assessment is necessary to check the security of the network. Wireless vulnerability testing and wireless penetration testing are important for the wireless network penetration testing. This module also familiarizes with various wireless penetration testing tools. 2. Advanced Wireless Testing In this module, we review advanced techniques for wireless penetration testing. It will provide a brief study of various wireless concepts such as wireless components, standards, Wired Equivalent Privacy (WEP), its issues, flaws, and security. A glance on various wireless security technologies such as WPA, EAP, TKIP and discussion on different attacks and tools such as War Driving, NetStumbler, and MITM attacks. 3. VoIP Penetration Testing The devices that are used for the VoIP are as vulnerable as the operating system on which they are running. The VoIP devices such as IP phones, Call Manager, Gateways, and Proxy servers take over the same vulnerabilities as that of the operating system. The module discusses VoIP risks and vulnerabilities, VoIP security threats, VoIP penetration testing steps, lists various VoIP security and sniffing tools. 4. VPN Penetration Testing VPN penetration testing is a process of testing VPN network to secure the VPN s network and maintain the VPN s security. Penetration testing of VPN is straightforward and it is performed with various tools. Penetration testing is slightly different for both IPsec and SSL VPNs. The module discusses VPN penetration testing steps: scanning, fingerprinting, PSK Crack, testing for default user accounts, testing for SSL VPN. 5. Wardialing War Dialing is the exploitation of an organization's telephone, modem, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources. A War Dialing attack to penetrate into a target network by attempting to bypass firewalls and intrusion detection systems (IDS) is considered illegal. It involves attempts to access a company s internal resources such as modems and telephones using dial-in access. The module discusses war dialing techniques, the reason for conducting war dialing penetration tests, gives guidelines for selecting software for war dialing, configuring the software, and various war dialing tools. 6. Bluetooth and Handheld Device Penetration Testing This module explains about Jailbreaking, a process to unlock the iphone and ipod touch devices to permit the installation of third-party applications and idemocracy, third-party application installation solution for the Windows platform. It explains about iphonesimfree and anysim which Page 4 of 6

5 are the tools to unlock the iphone. The methods such as Blackjacking, ActiveSync, BlueSnarfing, Blueprinting, and BlueSpam are introduced. 7. Telecommunication and Broadband Communication Penetration Testing This module explains the Employees who are connected to the corporate and government networks via broadband communication may create vulnerability for attack and Internet connection involves risks such as unauthorized access, installation of malicious software thus launches denial of service attacks. In this module we learn to use additional encryption beyond WEP in order to secure the data and spyware stealthy computer monitoring software that allows to secretly recording all activities of a user over the network. We also learn how to disable SNMP on wireless base station and wireless client and see how file sharing can affect the system thereby an attacker can send any malicious files containing viruses which in turn affect the system over the network. Encrypting a file for transmission and storing the data safely can also be learnt. Course Outline: Chapter 1: Wireless Network Penetration Testing Introduction to Wireless Network Penetration Testing Security Policy Assessment Wireless Monitoring Wireless Penetration-Testing Steps Wireless Penetration-Testing Tools Chapter 2: Advanced Wireless Testing Introduction to Advanced Wireless Testing Wireless Terminology Wireless Standards Wi-Fi Equipment Vulnerabilities to 802.1x and RADIUS Encryption Standards Wireless Network Testing Wireless Penetration Testing Wireless Network Attacks Wireless Network Testing Tools Chapter 3: VoIP Penetration Testing Introduction to VoIP Penetration Testing Vulnerability Assessment VoIP Penetration Testing Steps VoIP Penetration Testing Tools Page 5 of 6

6 Chapter 4: VPN Penetration Testing Introduction to VoIP Penetration Testing VPN Penetration Testing Steps Tools for VPN Penetration Testing Chapter 5: Wardialing Introduction to Wardialing Wardialing Overview Reasons to Conduct Wardialing Penetration Tests Prerequisites for Wardialing Penetration Testing Software Selection for Wardialing Recommendations for an Effective Wardialing Penetration Testing Process Interpreting Wardialing Penetration Testing Results Wardialing Tools Wardialing Countermeasures Tool Chapter 6: Bluetooth and Handheld Device Penetration Testing Introduction to Bluetooth and Handheld Device Penetration Testing iphone and ipod Touch Penetration Testing BlackBerry Penetration Testing PDA Penetration Testing Bluetooth Penetration Testing Chapter 7: Telecommunication and Broadband Communication Penetration Testing Checking for firewalls Testing firewalls Configuring Web browsers for enhanced security Disabling cookies Protecting against scripting attacks Testing antivirus and antispyware software Checking for wiretapping Checking for WEP Page 6 of 6