ETHICAL HACKING. By REAL TIME FACULTY



Similar documents
Certified Ethical Hacker Exam Version Comparison. Version Comparison

CEH Version8 Course Outline

SONDRA SCHNEIDER JOHN NUNES

Certified Ethical Hacker (CEH)

CYBERTRON NETWORK SOLUTIONS

Build Your Own Security Lab

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

Ethical Hacking Course Layout

[CEH]: Ethical Hacking and Countermeasures

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

EC Council Certified Ethical Hacker V8


Ethical Hacking and Countermeasures 5.0 Course ECEH5.0 5 Days COURSE OVERVIEW AUDIENCE OBJECTIVES OUTLINE

Network Attacks and Defenses

Detailed Description about course module wise:

CRYPTUS DIPLOMA IN IT SECURITY

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Network Security and Firewall 1

SCP - Strategic Infrastructure Security

INFORMATION SECURITY TRAINING

Networking: EC Council Network Security Administrator NSA

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

BUY ONLINE FROM:

Description: Objective: Attending students will learn:

Certified Penetration Testing Specialist

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

CIS 4204 Ethical Hacking Fall, 2014

EC Council Security Analyst (ECSA)

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Securing Cisco Network Devices (SND)

Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

Vulnerability Assessment and Penetration Testing

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Ethical Hacking v7 40 H.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Course Outline: Certified Ethical Hacker v8. Learning Method: Instructor-led Classroom Learning

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

Diploma in Information Security Control, Audit and Management (CISSP Certification)

CH EHC EC-Council Ethical Hacking and Countermeasures [v.9]

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Linux Network Security

FSP-201: Ethical Hacking & IT Security

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

CS5008: Internet Computing

FORBIDDEN - Ethical Hacking Workshop Duration

A Systems Engineering Approach to Developing Cyber Security Professionals

Eleventh Hour Security+

Assessing Network Security

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Penetration Testing with Kali Linux

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Network Incident Report

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

CERTIFIED PENETRATION TESTING CONSULTANT

Network Security: A Practical Approach. Jan L. Harrington

Vulnerability Assessment and Penetration Testing. CC Faculty ALTTC, Ghaziabad

Hacking: Information Gathering and Countermeasures

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Certified Cyber Security Expert V Web Application Development

Course Content: Session 1. Ethics & Hacking

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Security: Attack and Defense

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Certified Penetration Testing Specialist

Loophole+ with Ethical Hacking and Penetration Testing

Information Technology Career Cluster Advanced Cybersecurity Course Number:

NETWORK SECURITY (W/LAB) Course Syllabus

Audience. Pre-Requisites

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE

McAfee Certified Assessment Specialist Network

General Network Security

RMAR Technologies Pvt. Ltd.

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Malicious Network Traffic Analysis

Security + Certification (ITSY 1076) Syllabus

Topics in Network Security

Network Security: Introduction

INTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad

Learn Ethical Hacking, Become a Pentester

Transcription:

w w ẉ s u n m ar s ṣ n et ETHICAL HACKING Duration : 1 Month Timings : 4.30 p.m. to 6.00 p.m. By REAL TIME FACULTY # 407, 4 th Floor, New HUDA MYTHRI VIHAR, Beside Aditya Trade Centre, Ameerpet, Hyd. - 500 016. Ph.:23750253,

ETHICAL HACKING & COUNTER MEASURES INTRODUCTION TO ETHICAL HACKING : Terminology Hackers, Crackers, and Other Related Terms Hactivism Threats Hacking History Ethical Hacking Objectives and Motivations Steps in Malicious Hacking Reconnaissance Scanning Acquiring Access Maintaining Access Covering, Clearing Tracks, and Installing Back Doors Hacker and Ethical Hacker Characteristics & Operations Skills Needed by an Ethical Hacker LEGALITY AND ETHICS : Law and Legal Systems Administrative Law Common Law Organization Statutory Law U.S. Common Law System Categories Computer Security Crime Laws Privacy Principles and Laws Computer Crime Penalties Ethics PENETRATION TESTING FOR BUSINESS : Penetration Testing from a Business Perspective Penetration Test Approach and Results Valuating Assets Penetration Testing Steps Summarized Selecting a Penetration Testing Consulting Organization Justification of Penetration Testing through Risk Analysis Risk Analysis Process Typical Threats and Attacks Impact Determination Management Responsibilities in Risk Analysis Relating to Penetration Testing FOOTPRINTING : Gathering Information Whois Nslookup Open Source Searching Locating the Network Range 2

Determining the Network Range with ARIN Traceroute and TTL Email Tracking Programs SCANNING : Identifying Active Machines Ping Ping Sweeps Ping Tools Identifying Open Ports and Available Services Port Scanning: TCP/UDP Scanning Types Determining the Operating System Scanning Tools Vulnerable Ports Port Scanning Issues Fingerprinting: Passive Fingerprinting Mapping the Network ENUMERATING : Protection Rings Windows Architecture Windows Security Elements SAM Database Local Security Authority Subsystem Service NetBIOS Active Directory (AD) Enumerating Techniques for Windows NetBIOS Enumerating Net View NBTSTAT DNS Zone Transfer Active Directory Enumeration Countermeasures NetBIOS Null Sessions SNMP Enumeration Countermeasures DNS Zone Transfer Countermeasures SYSTEM HACKING TECHNIQUES : Password Guessing Automated Password Guessing Password Sniffing KerbCrack Alternate Means Keystroke Loggers Hardware Keyloggers Software Keyloggers Keylogging Tools Privilege Escalation Password Cracking Password Cracking Techniques Dictionary Attack Brute Force Attack Hybrid Attack 3

Rainbow Attack Stealing SAM Cracking Tools Covering Tracks Disabling Auditing Clearing the Event Log Planting Rootkits File Hiding Countermeasures TROJANS, BACKDOORS, AND SNIFFERS : Trojans and Backdoors Trojan Types Remote Access Trojans (RATs) Trojan Attack Vectors Wrappers Covert Communication Trusted Computer System Evaluation Criteria (TCSEC) Covert Storage Channel Covert Timing Channel Covert Communication Tools Port Redirection NetCat Reverse Telnet Other Notables Anti-Trojan Software and Countermeasures Windows File Protection (WFP) Tripwire Fport TCPView Process Viewer Sniffers Sniffing Exploits ARP Spoofing MAC Flooding DNS Spoofing or Poisoning Sniffing Tools Snort Dsniff Ethereal MAC Flooding Tools ARP Poisoning Tools Other Sniffing Tools DENIAL OF SERVICE ATTACKS AND SESSION HIJACKING : Denial of Service/Distributed Denial of Service (DoS/DDoS) DOS Attacks DDoS Attacks Prevention of DoS Attacks Prevention of DDoS Attacks Session Hijacking The TCP/IP Protocol Stack Layered Protocol Roles Sequence Numbers Session Hijacking Steps Tools for Session Hijacking Protecting Against Session Hijacking 4

PENETRATION TESTING STEPS : Penetration Testing Overview Legal and Ethical Implications The Three Pretest Phases Footprinting Scanning Enumerating Penetration Testing Tools and Techniques Port Scanners Vulnerability Scanners Password Crackers Trojan Horses Buffer Overflows SQL Injection Attack Wireless Network Penetration Testing MAC Address Vulnerabilities Wireless Scanning Tools Social Engineering Intrusion Detection System (IDS) LINUX HACKING TOOLS : Linux History Scanning Networks with Linux Tools NMap Nessus Cheops and Cheops-ng Linux Hacking Tools John the Ripper SARA Sniffit HPing Linux Rootkits Linux Security Tools Linux Firewalls IPChains IPTables Linux Application Security Tools Linux Intrusion Detection Systems (IDS) Linux Encryption Tools Linux Log and Traffic Monitors Port Scan Detection Tools SOCIAL ENGINEERING AND PHYSICAL SECURITY : Social Engineering Human-Based (Person-to- Person) Social Engineering Computer-Based Social Engineering Example Social Engineering Attacks Motivations for Individuals to Respond to Social Engineers Reverse Social Engineering Phishing Hidden Frames URL Obfuscation HTML Image Mapping 5

Identity Theft Defending Against Social Engineering Attacks Physical Security Physical Security Implementation Company Facility Controls and Issues Company Personnel Controls Environmental Controls Heating, Ventilation, and Air Conditioning (HVAC) Fire Safety Controls Access Controls Fax Machines Physical Facility Controls WEB SERVER HACKING AND WEB APPLICATION VULNERABILITIES : Web Server Hacking Client to Server Data Exchange Web Servers Web Server Security Issues ISAPI and DLL IIS Attacks Apache Attacks Hacking Tools Patch Management Web Application Vulnerabilities Related Hacking Tools Netcat Black Widow Instant Source Wget Websleuth Nikto Wikto Nessus Network Utilities Countermeasures SQL INJECTION VULNERABILITIES : SQL Injection Testing and Attacks Preparing for an Attack Conducting an Attack Lack of Strong Typing Union Select Statements Acquiring Table Column Names Stored Procedures Extended Stored Procedures Server System Tables SQL Injection Prevention and Remediation Automated SQL Injection Tools CRYPTOGRAPHY : Symmetric Key Cryptography Symmetric Key Encipherment Substitution Cipher Vernam Cipher (One-Time Pad) Transposition (Permutation) Cipher 6

The Exclusive Or (XOR) Function Symmetric Key Cryptography Characteristics Data Encryption Standard (DES) Triple DES The Advanced Encryption Standard (AES) The Blowfish Algorithm The Twofish Algorithm The IDEA Cipher RC5/RC6 Public Key Cryptosystems One-Way Functions Public Key Algorithms RSA El Gamal Elliptic Curve (EC) Summaries of Public Key Cryptosystem Approaches Digital Signatures Hash Function Developing the Digital Signature The U.S. Digital Signature Standard (DSS) MD5 Public Key Certificates Digital Certificates Public Key Infrastructure (PKI) Cryptanalysis Managing Encryption Keys Email Security Electronic Transaction Security Wireless Security Disk Encryption Hacking Tools CRACKING WEB PASSWORDS : Authentication Authentication Methods Basic Authentication Digest Authentication NTLM (NT LAN Manager) Authentication Negotiate Authentication Certificate Based Authentication Forms-Based Authentication Password Considerations & Issues Selecting Passwords Protecting Passwords Password Cracking Computer Password Cracking and Support Tools Web Password Cracking Tools Countermeasures WIRELESS NETWORK ATTACKS AND COUNTERMEASURES : Wireless Technology The Cellular Phone Network Worldwide Cellular via LEO Satellites 7

Cellular Network Elements Global Wireless Transmission Systems WLAN Threats Denial of Service Attacks SSID Problems The Broadcast Bubble War Driving Rogue Access Points MAC Spoofing Wireless Hacking Tools NetStumbler AiroPeek AirSnort Kismet WEPCrack Other WLAN Tools Securing WLANs Standards and Policy Solutions MAC Address Filtering SSID Solutions Antenna Placement VLANS Wireless VPNs Wireless RADIUS Dynamic WEP Keys Enable WEP, WPA2, EAP, and 802.1x Site Surveys and IDS FIREWALLS, INTRUSION DETECTION SYSTEMS, AND HONEYPOTS : Firewalls Firewall Types Proxy Firewall Packet Level Filtering Firewall Stateful Inspection Firewalls Hardware and Software Firewalls Firewall Architectures Packet-Filtering Routers Dual-Homed Hosts Screened Host Screened-Subnet Firewalls Firewall Identification Banner Grabbing Port Scanning Firewall Ports Scanning with TCP Scanning with UDP Firewalking Breaching and Bypassing Firewalls Hping Traceroute Covert Channeling ACK Tunneling HTTP Tunneling Firewall Backdoors Firewall Informer 8

Intrusion Detection and Response Host-Based ID Systems Network-Based ID systems IDS Detection Methods Statistical Anomaly Detection Pattern Matching Detection Protocol Detection IDS Responses Using an IDS in a Switched Environment Evading IDSs Tools for Evading and Testing IDSs Intrusion Prevention Systems SNORT 2.x Cisco Security Agent Incident Handling Computer Incident Response Team Incident Notification Honeypots Honeypot Applications Discovering Honeypots VIRUSES, WORMS, AND BUFFER OVERFLOWS : Viruses The Virus Lifecycle Macro Viruses Polymorphic Viruses Stealth Viruses Spyware Web Bugs Spambots Pop-Up Downloads Drive-By Downloads Bogus Spyware Removal Programs Multistage and Blended Threats Worms Virus and Worm Examples Chernobyl Explore.Zip LoveLetter Melissa Virus Nimda Virus Pretty Park BugBear Klez SirCam Worm Code Red Worm Other Worms of Interest Buffer Overflows Preventing Malicious Code and Buffer Overflows Virus Scanners Virus Prevention Virus Detection Defending Against Buffer Overflows 9

OTHER COURSES OFFERED 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information