Course Outline: Certified Ethical Hacker v8. Learning Method: Instructor-led Classroom Learning



Similar documents
Certified Ethical Hacker Exam Version Comparison. Version Comparison

CEH Version8 Course Outline

[CEH]: Ethical Hacking and Countermeasures

CYBERTRON NETWORK SOLUTIONS

EC Council Certified Ethical Hacker V8

Certified Ethical Hacking. CEH v8 Course. Ημέρα & Ημερομηνία Διεξαγωγής. 02/11/ /11-04/11 05/11-06/11-09/11 6 Συναντήσεις 9:00-17:00

INFORMATION SECURITY TRAINING

Detailed Description about course module wise:

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)


CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

Ethical Hacking v7 40 H.

SONDRA SCHNEIDER JOHN NUNES

CH EHC EC-Council Ethical Hacking and Countermeasures [v.9]

Certified Ethical Hacker (CEH)

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Description: Objective: Attending students will learn:

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

CRYPTUS DIPLOMA IN IT SECURITY

Ethical Hacking Course Layout

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Build Your Own Security Lab

FSP-201: Ethical Hacking & IT Security

EC-Council. Certified Ethical Hacker. Program Brochure

Information Security. Training

Certified Cyber Security Expert V Web Application Development

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Vulnerability Assessment and Penetration Testing

Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

RMAR Technologies Pvt. Ltd.

Ethical Hacking and Countermeasures 5.0 Course ECEH5.0 5 Days COURSE OVERVIEW AUDIENCE OBJECTIVES OUTLINE

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

EC-Council C E. Hacking Technology. v8 Certified Ethical Hacker

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Network Attacks and Defenses

Understanding Security Testing

Corso: Certified Ethical Hacker Codice PCSNET: SIIN-1 Cod. Vendor: CEH Durata: 5

Implementing Cisco IOS Network Security

Topics in Network Security

CS5008: Internet Computing

Securing Cisco Network Devices (SND)

Malicious Network Traffic Analysis

FORBIDDEN - Ethical Hacking Workshop Duration

IINS Implementing Cisco Network Security 3.0 (IINS)

Penetration Testing with Kali Linux

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

Learn Ethical Hacking, Become a Pentester

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

CompTIA Security+ (Exam SY0-410)

Web App Security Audit Services

ETHICAL HACKING. By REAL TIME FACULTY

How To Classify A Dnet Attack

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE

Loophole+ with Ethical Hacking and Penetration Testing

Linux Network Security

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

Audience. Pre-Requisites

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

McAfee Certified Assessment Specialist Network

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

SCP - Strategic Infrastructure Security

CERTIFIED PENETRATION TESTING CONSULTANT

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Networking: EC Council Network Security Administrator NSA

Network Security Fundamentals

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Course Title: Course Description: Course Key Objective: Fee & Duration:

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media

Demystifying Penetration Testing

Network Attacks. Common Network Attacks and Exploits

A Systems Engineering Approach to Developing Cyber Security Professionals

Where every interaction matters.

What is Web Security? Motivation

Certified Penetration Testing Specialist

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

IBM Protocol Analysis Module

INFORMATION SECURITY TRAINING CATALOG (2015)

Course Content: Session 1. Ethics & Hacking

Penetration Testing. Presented by

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

Transcription:

Course Outline: Certified Ethical Hacker v8 Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 35 hrs Overview: This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems Who Should Attend: This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. Outline: Module 1: Introduction to Ethical Hacking Internet Crime Current Report: IC3 Data Breach Investigations Report Types of Data Stolen From the Organizations Essential Terminologies Elements of Information Security Authenticity and Non-Repudiation Effects of Hacking Who is a Hacker? Hacker Classes What Does a Hacker Do? Types of Attacks on a System Why Ethical Hacking is Necessary? Defense in Depth Scope and Limitations of Ethical Hacking What Do Ethical Hackers Do? Skills of an Ethical Hacker Vulnerability Research Module 2: Footprinting and Reconnaissance Footprinting Terminologies What is Footprinting? Objectives of Footprinting Footprinting Threats Locate Internal URL Public and Restricted Websites Search for Company s Information Gather Information from Financial Footprinting Through Job Sites Monitoring Target Using Alerts Competitive Intelligence Gathering WHOIS Lookup Locate the Network Range Traceroute Mirroring Entire Website Extract Website Information from http://www.archive.org Monitoring Web Updates Using Website Watcher Google Hacking Tool: Google Hacking Database (GHDB) Google Hacking Tools Additional Footprinting Tools Module 3: Scanning Networks Network Scanning Types of Scanning

Ping Sweep Scanning: IDS Evasion Techniques IP Fragmentation Tools Scanning Tool: Nmap War Dialing Why War Dialing? War Dialing Tools Banner Grabbing Tool: ID Serve GET REQUESTS Banner Grabbing Tool: Net craft Banner Grabbing Tools Network Vulnerability Scanners LANsurveyor Network Mappers Proxy Servers Proxy Workbench Proxifier Tool: Create Chain of Proxy Servers TOR (The Onion Routing) TOR Proxy Chaining Software Types of Anonymizers Case: Bloggers Write Text Backwards to Bypass Web Filters in China Text Conversion to Avoid Filters Censorship Circumvention IP Spoofing Detection Techniques: TCP Flow Control Method IP Spoofing Countermeasures Scanning Pen Testing Module 4: Enumeration What is Enumeration Techniques for Enumeration Enumerating User Accounts Enumerate Systems Using Default Passwords UNIX/Linux Enumeration LDAP Enumeration NTP Enumeration SMTP Enumeration Enumeration Countermeasures Module 5: System Hacking Information at Hand Before System Hacking Stage System Hacking: Goals CEH Hacking Methodology (CHM) Password Cracking Microsoft Authentication How Hash Passwords are Stored in Windows SAM? What is LAN Manager Hash? Salting PWdump7 and Fgdum Password Cracking Tools Active@ Password Changer Privilege Escalation Tools How to Defend against Privilege Escalation? Executing Applications Keylogger Types of Keystroke Loggers Acoustic/CAM Keylogger Rootkits Types of Rootkits How Rootkit Works What is Steganography and types Image Steganography & Document Module 6: Trojans & Backdoors What is a Trojan and the purpose What Do Trojan Creators Look For? Indications of a Trojan Attack Common Ports used by Trojans How to Infect Systems Using a Trojan? Wrappers Different Ways a Trojan can Get into a System How to Deploy a Trojan? Evading Anti-Virus Techniques Types of Trojans Destructive Trojans Notification Trojans

Credit Card Trojans How to Detect Trojans? Trojan Countermeasures Backdoor Countermeasures Trojan Horse Construction Kit Module 7: Viruses & worm Introduction to Viruses Virus and Worm Statistics 2010 Stages of Virus Life Working of Viruses: Infection Phase Working of Viruses: Attack Phase Why Do People Create Computer Viruses? Indications of Virus Attack How does a Computer get Infected by Viruses? Virus Hoaxes Virus Analysis: Types of Viruses Computer worms How is a Worm Different from a Virus? What is Sheep Dip Computer? Anti-Virus Sensors Systems Malware Analysis Procedure String Extracting Tool: Bintext Online Malware Analysis Services Virus Detection Methods Virus and Worms Countermeasures Companion Antivirus: Immunet Protect Anti-virus Tools Module 8: Sniffers Types of Sniffing: Passive Sniffing Types of Sniffing: Active Sniffing Protocols Vulnerable to Sniffing Tie to Data Link Layer in OSI Model Hardware Protocol Analyzers SPAN Port How DHCP Works? What is Address Resolution Protocol (ARP)? Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches MAC Spoofing/Duplicating DNS Poisoning Techniques Additional Wireshark Filters Sniffing Tool: CACE Pilot Discovery Tool: NetworkView Discovery Tool: The Dude Sniffer Password Sniffing Tool: Ace Additional Sniffing Tools How an Attacker Hacks the Network Using Sniffers? How to Defend Against Sniffing? Sniffing Prevention Techniques How to Detect Sniffing? Module 9: Social Engineering What is Social Engineering? Behaviors Vulnerable to Attacks Why is Social Engineering Effective? Warning Signs of an Attack Phases in a Social Engineering Attack Impact on the Organization Types of Social Engineering Wiretapping Insider Attack Sniffing Threats How a Sniffer Works? Hacker Attacking a Switch Common Intrusion Tactics and Strategies for Prevention

Social Engineering Through Impersonation on Social Networking Real Steven Gets Huge Credit Card Statement Identity Theft - Serious Problem Social Engineering Countermeasures: Policies Identity Theft Countermeasures Social Engineering Pen Testing Module 10: Denial of service What is a Denial of Service Attack? What is Distributed Denial of Service Symptoms of a DoS Attack Cyber Criminals Internet Chat Query (ICQ) Internet Relay Chat (IRC) DoS Attack Techniques Botnet DoS Attack Tools Detection Techniques DoS/DDoS Countermeasure Strategies DDoS Attack Countermeasures Post-attack Forensics Techniques to Defend against Botnets DoS/DDoS Countermeasures DoS/DDoS Protection at ISP Level Enabling TCP Intercept on Cisco IOS Software DoS/DDoS Protection Tool Module 11: Session Hijacking What is Session Hijacking? Dangers Posed by Hijacking Why Session Hijacking is Successful? Key Session Hijacking Techniques Brute Forcing HTTP Referrer Attack Session Hijacking Process Packet Analysis of a Local Session Hijack Types of Session Hijacking Man-in-the-Middle Attack Man-in-the-Browser Attack TCP/IP Hijacking IP Spoofing: Source Routed Packets RST Hijacking UDP Hijacking Session Hijacking Tools Countermeasures Methods to Prevent Session Hijacking: To be Followed by Web Developers & users Defending against Session Hijack Attacks Session Hijacking Remediation Module 12: Hijacking Webservers Webserver Market Shares Open Source Webserver Architecture IIS Webserver Architecture Website Defacement Case Study Why Web Servers are Compromised? Impact of Webserver Attacks Webserver Misconfiguration Directory Traversal Attacks HTTP Response Splitting Attack Web Cache Poisoning Attack HTTP Response Hijacking SSH Bruteforce Attack Man-in-the-Middle Attack How to Defend Against Web Server Attacks? How to Defend against HTTP Response Splitting and Web Cache Poisoning?

Patches and Hotfixes What is Patch Management? Identifying Appropriate Sources for Updates and Patches Installation of a Patch Web Server Security Scanner: Wikto Webserver Malware Infection Monitoring Tool: HackAlert Webserver Security Tools Web Server Penetration Testing Module 13: Hacking Web Applications Web Application Security Statistics Introduction to Web Applications Web Application Components How Web Applications Work? Web Application Architecture Web 2.0 Applications Vulnerability Stack Web Attack Vectors Invalidated Input Parameter/Form Tampering Directory Traversal Security Misconfiguration Injection Flaws What is LDAP Injection? How LDAP Injection Works? Hidden Field Manipulation Attack Cross-Site Scripting (XSS) Attacks Session Fixation Attack Insufficient Transport Layer Protection Improper Error Handling Insecure Cryptographic Storage Broken Authentication and Session Management Web Services Architecture Analyze Web Applications Attack Authentication Mechanis Password Attacks: Password Guessing Password Attacks: Brute-forcing Session Attacks: Session ID Prediction/ Brute-forcing Cookie Exploitation: Cookie Poisoning Attack Web App Client Attack Web Services Web Services Probing Attacks Web Service Attack Tool: soapui Web Service Attack Tool: XMLSpy Web Application Hacking Tool: Burp Suite Professional Web Application Hacking Tools: Cookie Digger Web Application Hacking Tools: Web Scarab Encoding Schemes Web Application Firewall: dotdefender Web Application Firewall: IBM AppScan Web Application Pen Testing Module 14: SQL Injection SQL Injection is the Most Prevalent Vulnerability in 2010 SQL Injection Threats What is SQL Injection? SQL Injection Attacks How Web Applications Work? Server Side Technologies HTTP Post Request SQL Injection Detection Types of SQL Injection SQL Injection Methodology Information Gathering Features of Different DBMSs Password Grabbing Transfer Database to Attacker s Machine Interacting with the Operating System

Interacting with the FileSystem Network Reconnaissance Full Query Wireless ARP Poisoning Attack Rogue Access Point Module 15: Hacking Wireless Network Module 16: Evading IDS Firewalls and Wireless Networks Wi-Fi Usage Statistics in the US Wi-Fi Hotspots at Public Places Wi-Fi Networks at Home Types of Wireless Networks Wireless Standards Service Set Identifier (SSID) Wi-Fi Authentication Modes Wireless Terminologies Wi-Fi Chalking Wi-Fi Hotspot Finder: jiwire.com Wi-Fi Hotspot Finder: WeFi.com Types of Wireless Antenna Parabolic Grid Antenna Types of Wireless Encryption WEP Encryption How to Defend Against WPA Cracking? Wireless Threats: Access Control Attacks Wireless Threats: Integrity Attacks Wireless Threats: Authentication Attacks Jamming Signal Attack Wi-Fi Jamming Devices Wireless Hacking Methodology Find Wi-Fi Networks to Attack How to Discover Wi-Fi Network Using Wardriving? Wireless Traffic Analysis Wireless Cards and Chipsets Wi-Fi USB Dongle: AirPcap Wi-Fi Packet Sniffer: Wi-Fi Pilot Wi-Fi Packet Sniffer: OmniPeek How to Reveal Hidden SSIDs Fragmentation Attack MITM Attack Using Aircrack-ng Honeypots Intrusion Detection Systems (IDS) and its Placement How IDS Works? Ways to Detect an Intrusion Types of Intrusion Detection Systems System Integrity Verifiers (SIV) Firewall De Militarized Zone (DMZ) Types of Firewall Firewall Identification Honeypot How to Set Up a Honeypot? Intrusion Detection Tool Insertion Attack Evasion Denial-of-Service Attack (DoS) Obfuscating False Positive Generation Session Splicing Unicode Evasion Technique Fragmentation Attack Overlapping Fragments Time-To-Live Attacks ASCII Shellcode Application-Layer Attacks Pre Connection SYN Post Connection SYN Detecting Honeypots Honeypot Detecting Tool: Send-Safe Honeypot Hunter Firewall Evasion Tools Module 17: Buffer Overflow

Buffer Overflows Why are Programs And Applications Vulnerable? Understanding Stacks Stack-Based Buffer Overflow Understanding Heap Knowledge Required to Program Buffer Overflow Exploits Buffer Overflow Steps Simple Uncontrolled Overflow Simple Buffer Overflow in C Code Analysis Exploiting Semantic Comments in C (Annotations) How to Mutate a Buffer Overflow Exploit? Identifying Buffer Overflows How to Detect Buffer Overflows in a Program? Testing for Heap Overflow Conditions: heap.exe Steps for Testing for Stack Overflow in OllyDbg Debugger Data Execution Prevention (DEP) Enhanced Mitigation Experience Toolkit (EMET) Module 18: Cryptography Cryptography Types of Cryptography Government Access to Keys (GAK) Ciphers Advanced Encryption Standard (AES) Data Encryption Standard (DES) Secure Hashing Algorithm (SHA) What is SSH (Secure Shell)? MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles Cryptography Tool: Advanced Encryption Package Cryptography Tools Public Key Infrastructure (PKI) Certification Authorities Digital Signature Transport Layer Security (TLS) Disk Encryption Meet-in-the-Middle Attack on Digital Signature Schemes Cryptanalysis Tool: CrypTool Cryptanalysis Tools Online MD5 Decryption Tool Module 19: Penetration Testing Introduction to Penetration Testing Security Assessments Vulnerability Assessment Penetration Testing Why Penetration Testing? What Should be Tested? What Makes a Good Penetration Test? Testing Locations Types of Penetration Testing Common Penetration Testing Techniques Using DNS Domain Name and IP Address Information Enumerating Information about Hosts on Publicly-Available Networks Phases of Penetration Testing Penetration Testing Methodology Outsourcing Penetration Testing Services Evaluating Different Types of Pentest Tools Telephony Security Assessment Tool Testing Network-Filtering Device Tool

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information