Chapter 1 Introduction

Similar documents
ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Curso: Ethical Hacking and Countermeasures

Ethical Hacking and Prevention

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 12 May 2018

V8 - CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 03 Feb 2018

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

Mobile MOUSe HACKING REVEALED ONLINE COURSE OUTLINE

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 15 Jan

Certified Ethical Hacker (CEH)

Course 831 Certified Ethical Hacker v9

Advanced Diploma on Information Security

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Course 831 EC-Council Certified Ethical Hacker v10 (CEH)

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services

POST GRADUATE DIPLOMA IN CYBER SECURITY (PGDCS)

Ethical Hacking. Content Outline: Session 1

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

Penetration Testing with Kali Linux

Scanning. Introduction to Hacking. Networking Concepts. Windows Hacking. Linux Hacking. Virus and Worms. Foot Printing.

Hackveda Training - Ethical Hacking, Networking & Security

CEH: CERTIFIED ETHICAL HACKER v9

This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process.

CETPA INFOTECH PVT. LTD. Curriculum of CYBER SECURITY DURATION: 6 MONTHS

Endpoint Security - what-if analysis 1

CompTIA Security+ Certification

GCIH. GIAC Certified Incident Handler.

Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems

Erasable Programmable Read-Only Memory (EPROM) Electrically Erasable Programmable Read-Only Memory (EEPROM) CMOS 2.2.

Security+ SY0-501 Study Guide Table of Contents

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

SANS SEC504. Hacker Tools, Techniques, Exploits and Incident Handling.

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

CS System Security 2nd-Half Semester Review

CompTIA Security+ (Exam SY0-401)

Cybersecurity Foundations

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

CPTE: Certified Penetration Testing Engineer

Strategic Infrastructure Security

COPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51

CHCSS. Certified Hands-on Cyber Security Specialist (510)

Certified Professional Ethical Hacker

CTS2134 Introduction to Networking. Module 08: Network Security

Drone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created

"Charting the Course... Certified Professional Ethical Hacker. Course Summary

Certified Ethical Hacker

Syllabus: The syllabus is broadly structured as follows:

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

EC-Council C EH. Certified Ethical Hacker. Program Brochure

CEH Tools. Sniffers. - Wireshark: The most popular packet sniffer with cross platform support.

Basics of executing a penetration test

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

Chapter 4. Network Security. Part I

Certified Ethical Hacker Version 9. Course Outline. Certified Ethical Hacker Version Nov

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

BraindumpsIT. BraindumpsIT - IT Certification Company provides Braindumps pdf!

Certified Cyber Security Analyst VS-1160

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Certified Vulnerability Assessor

Course 832 EC-Council Computer Hacking Forensic Investigator (CHFI)

Security+ Practice Questions Exam Cram 2 (Exam SYO-101) Copyright 2004 by Que Publishing. International Standard Book Number:

CONTENTS IN DETAIL. FOREWORD by HD Moore ACKNOWLEDGMENTS INTRODUCTION 1 THE ABSOLUTE BASICS OF PENETRATION TESTING 1 2 METASPLOIT BASICS 7

Ethical Hacker Foundation and Security Analysts Course Semester 2

Certified Professional Ethical Hacker

Certified Secure Web Application Engineer

Cyber Security Audit & Roadmap Business Process and

Web Application Penetration Testing

CPEH Certified Professional Ethical Hacker

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

GAQM Exam CEH-001 Certified Ethical Hacker (CEH) Version: 6.0 [ Total Questions: 878 ]

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

CSWAE Certified Secure Web Application Engineer

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

CompTIA Security+(2008 Edition) Exam

EC-Council C EH. Certified Ethical Hacker. Program Brochure

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks

01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED

ECCouncil Computer Hacking Forensic Investigator (V8)

CIH

Language-Based Protection

DumpsTorrent. Latest dumps torrent provider, real dumps

McAfee Certified Assessment Specialist Network

Understanding Cisco Cybersecurity Fundamentals

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code

Introduction to Penetration Testing: Part One. Eugene Davis UAH Information Security Club February 21, 2013

Computer Network Vulnerabilities

Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition. Chapter 2 Investigating Network Traffic

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

Host Website from Home Anonymously

Audience. Pre-Requisites

KillTest 䊾 䞣 催 ࢭ ད ᅌ㖦䊛 ᅌ㖦䊛 NZZV ]]] QORRZKYZ TKZ ϔᑈܡ䊏 ᮄ ࢭ

Transcription:

Chapter 1 Introduction History of Hacking & Hackers What is Information Security? Problems faced by the Corporate World Why Corporate needs Information Security? The CIA Triad Hacking Legal or Not? Type of Ethical Hackers Hackers vs. Crackers Classification of Hackers Phases of Hacking Basic Terminologies Chapter 2 Networking What is a Network? Network Topologies Networking Devices and Cables Concept of Ports and Services ISO - OSI Model TCP/IP Protocol Suite Client Server Relationship IP Address Anatomy of IP Addresses Networking Protocols ARP RARP ICMP FTP Telnet SMTP SNMP HTTP POP Virtualization Introduction to virtualization Advantages of Virtualization Virtual Box Vmware Worksation

Linux Introduction Installation Basic Linux Commands Installing Linux application Chapter 3 Footprinting/Reconnaissance Footprinting/Information Gathering Types of Footprinting Active Passive Informaion Gathering Principle Steps to Information Gathering Who.is and Domain Registry Gathering Target Information Search for People and their Information Search for Company s Information Footprinting Through Search Engines Tracking Target Location Information gathering using social media Parallel Domain MX Entry Trace Route Archive Pages Crawling and Mirroring of Websites Banner Grabbing Prevention Techniques Module 4: Google Hacking Introduction to Google Working of Google Outline Working of Google Crawling, Indexing & Searching Using Cache and Google as Proxy Directory Listing and Locating Directory Listings along with specific folders

Google Hacking and what it is about The basics of Google Hacking: Advanced Search in Google Advance Search Operators: site:, filetype:, inurl:, intitle:, cache:, info: Wildcard and Quotes Understanding and Viewing Robots.txt for important Files Prevention Techniques Robot.txt Metatag and Google Official Remove Hiding Detailed Error Messages Disabling Directory Browsing Tools Wikto GoogleHacks Module 5: Scanning Definition of Scanning Types of Scanning Difference between Port and Network Scanning Objectives and Benefits of Scanning TCP three way hands shake Classification of Scanning Fragments, UDP, ICMP, Reverse Ident, List & Idle, RPC, Window Scan, Ping Sweep Concept of War Dialer (History) OS Finger Printing and Types Active & Passive Concealing file extensions Annonomizers Scanning Tools T1Shopper.com Yougetsignal Advanced Port Scanner v1.3 (Radmin Advanced Port Scanner) Watsup Port Scanner NetScanner Mi-Tec Network Scanner Module 6: System Hacking: Win7 and Linux System Hacking Introduction to System Hacking System Hacking Techniques

Steps to Crack Passwords Password Attack Classification Dictionary, Brute Force and Hybrid LM Hash and Sam File Password Recovery through Elcomsoft SysKey Hiding Files Ophcrack Hiren Boot NTFS Stream Countermeasures Password Cracking Countermeasures Concept of Auditing, Logs, Covering Tracks Concept of Application Isolation Linux Hacking Why Linux is hacked? Recent Linux Vulnerabilities Password cracking in Linux Introduction and explanation of IP Tables & IP Chains TCP wrappers Remote connection using SSH Log and Traffic Monitors in Linux Understanding Post Install Linux Security Auditing Understanding and using Backtrack Keylogger Categorization of Keystroke Loggers Acoustic/CAM Keyloggers Advanced Keylogger Keylogger: Spytech SpyAgent Keylogger: Perfect Keylogger Keylogger: Powered Keylogger Hardware Keylogger: KeyGhost Rootkits Types of Rootkits Rootkit Working Mechanism Rootkit: Fu Steps to detect Rootkits Shielding from Rootkit Attacks Anti Rootkit Tools: Rootkit Revealer and McAfee Rootkit Revealer

Cover Tracks What are Covering Tracks? Techniques to clear Tracks Covering Track Tools Module 7: Android & iphone Hacking Android Security Introduction to Android Security Android Malwares Securing Your Android - Techniques APK file package Investigating layout, manifest, permissions and binaries Analyzing file system access Investigating database & storage usage Memory analysis Memory dumps Patching & Binary modifications Traffic Manipulation Traffic interception Using proxies Exposing insecure traffic iphone Security ios Security Basics ios Hardware/Dev ice Types Understanding the ios Security Architecture The Reduced Attack Surface The Stripped-Down ios Privilege Separation Code Signing Data Execution Prevention AddressSpace Layout Randomization Sandboxing History of ios Attack o Libtiff o Fun with SMS o Ilkee Worm o Jailbreakme 5 ios Configuration Management

Module 8: Malwares 1. Trojans Introduction to Trojans What is Trojan? Identifying Overt & Covert Channels Types of Trojans Working of Trojans Purpose of Trojan inventor Detecting Trojan Attacks Ports used by Trojans Types of Trojans Trojan Types Remote Access Trojans Beast - Demo Remote Access Trojan: RAT DarkComet Trojan Detection Trojan Detection Suspicious Port Detection Suspicious Process Scanning Process Monitoring Tools Examining the Registry Entries Windows Startup Registry Entries Startup Programs Monitoring Tools Suspicious Files and Folders Detection Reliability Check of Files & Folder Network Activity Detection Backdoors What is Backdoor? Backdoor Installation Process System Control through backdoor Prevention Techniques Protection from Trojan Attacks Protection from Backdoor Attacks

2. Virus Introduction to Virus Working of Viruses: Infection Phase Working of Viruses: Attack Phase Purpose of Computer Viruses Computer infection by Viruses Signs of Virus Attack Virus Hoaxes Virus Analysis Types of Virus Characteristics, Symptoms of Viruses System or Boot Sector Viruses Life Cycle of Viruses Famous Virus Program Virus Detection Method Countermeasures 3. Worms Computer Worms Difference between Worm & Virus Worm Analysis 4. Spyware Spyware: Introduction What does a Spyware do? Types of Spywares Routes of Infection Internet and E-mail Spyware Effects & Behaviors Difference between Spyware and Adware 5. Prevention Methods Anti-Spyware Program Anti-Virus Program Defense against Worms Module 9: SQL Injection

SQL Injection Concepts Basics of SQL Web Application Working Introduction to Server Side Technologies HTTP Methods HTTP POST method basics Testing for SQL Injection Identifying SQL injection via Error Messages Attack Characters Techniques to identify SQL Injection Pentesting methodologies for SQL Injection Types of SQL Injection Types of SQL Injection Simple SQL Injection Attack Union SQL Injection Example SQL Injection Error based Blind SQL Injection What is Blind SQL Injection? Symptoms of Blind SQL Injection Information extraction via Blind SQL injection Exploitation techniques (MySQL) Advanced SQL Injection Information Gathering Features of different DBMSs Extracting Information through error messages Understanding parameters of an SQL Query Evading website login pages Master Data and Enumeration Tables Creating Database Accounts for alternate access Password Grabbing via Hash Extraction Database Transfer Interacting with the Victim System

SQL Injection Tools BSQL Hacker Marathon Tool SQL Power Injector Havij SQLPoizon Preventive measures for SQL Injecion Defensive measures for Web Applications Tools for detection of SQL Injection Module 10: Cross Site Scripting Introduction Cross Site Scripting Cross-Site Scripting Ways of Launching Cross-Site Scripting Attacks Working Process of Cross-Site Scripting Attacks When will be an attack successful? Programming Languages Utilized in XSS Attacks Types of XSS Attacks Steps of XSS Attack Not Fixing CSS/XSS Holes Compromises Methodology of XSS How to protect Against XSS Module 11: Sniffing Sniffing Concepts Sniffing Threats in Network Working of Sniffers Types of Sniffing Active Sniffing Passive Sniffing Protocols vulnerable for Sniffing Sniffing Tools Wireshark Tcpdump Cain & able

NwInvestigator Sniffing Prevention Techniques Wiretapping Hardware Protocol Analyzers Port mirroring MAC Flooding Mac Flooding through Yersinia Spoofing Attack IP Spoofing MAC Spoofing MAC Spoofing Impact MAC Spoofing Tool Prevention measures form MAC Spoofing DNS Poisoning DNS Poisoning Methodologies Intranet DNS Spoofing DNS Cache Poisoning Prevention measures from DNS Spoofing Module 12: Social Engineering Introduction to Social Engineering What is Social Engineering? Techniques of Social Engineering Attempt Using Phone, E-mail, Traditional mail, In person, Dumpster Diving, Insider Accomplice, Extortion and Blackmail, Websites, Shoulder surfing, Third Person Approach, Technical Support Computer based Social Engineering Social Networking Sites Impersonation platform/medium Social Engineering Prevention Methods Policies Techniques to prevent social engineering methods Identifying Phishing Emails Anti-Phishing Toolbar

Module 13: Identity Theft Fraud Introduction to Identity Theft Identity Theft occurrence Impact of Identity Theft fraud Types of Identity Theft Dumpster Diving Change of ID E-Mail Theft Smishing Vishing Data Breach Overlays ATM Schemers / Hand-held Skimmers Shoulder Surfing Prevention Techniques Module 14: Denial of Service DDOS Concepts Concept: Denial of Service Introduction to Distributed Denial of Service Attacks? Working of Distributed Denial of Service Attacks? Symptoms of a DOS Attack Impact DDOS/DOS Attack Difference of DDOS & DOS DoS/DDoS Attack Techniques Types of DOS Attack Smurf Attack Buffer Overflow Attack Ping of Death Attack Tear Drop Attack SYN Attack Concept of Reflected DOS Permanent Denial of Service Attack Mitigate the DDOS/DOS Attack

Botnets Intoduction to Botnet Botnet Propagation Technique Detection Techniques How to defend against Botnets Module 15: Session Hijacking Session Hijacking Concepts What is Session Hijacking? Types of Session Hijacking Active Passive Success rate of Session Hijacking Techniques for Session Hijacking Phases of Session Hijacking Tracking the session Desynchronizing the connection Session Sniffing Predictable Session Token Difference between Spoofing and Session Hijacking Man-in-the-Middle Attack Man-in-the-Browser Attack Steps to perform Man-in-the-Browser Attack Session Hijacking Tools Greasemonkey with cookie injector Paros Burp Suite Firesheep Prevention Methods Browser protection Methodologies to prevent Session Hijacking IPSec Modes of IPSec Architecture of IPSec IPSec Authentication and Confidentiality IPSec Components and Implementation

Module 16: Penetration Testing Pen Testing Concepts Security and Vulnerability Assessments Limitations of Vulnerability Assessments What is Penetration Testing? Why Penetration Testing is Necessary? Types of Pen Testing Penetration Testing Types External Penetration Testing Internal Security Assessment Black Box Penetration Testing Grey Box Penetration Testing White Box Penetration Testing Pen Testing Phases Phases of Penetration Testing Pre-Attack Phase Attack Phase Enumerating Devices Post Attack Phase Penetration Testing Deliverable Templates Pen Testing Methodology Terms Of Agreement Project Scope Application Security Assessment Web Application Testing Network Security Assessment Wireless/Remote Access Assessment Wireless Testing TelepSocial Engineering Denial of Service Assessment

Pen Testing Tools Different types of Pentest Tools Application Security Assessment Tool: Webscarab Application Security Assessment Tool: Angry IP Scanner Application Security Assessment Tool: GFI LANguard Wireless/ Remote Access Assessment Tool: Kismet Telephony Security Assessment Tool: Omnipeek Testing Network- Filtering Device Tool: Traffic IQ Professional Metasploit Framework Vulnerability Assessment Concept of Vulnerability Assessment Purpose Types of Assessment Vulnerability Classification How to Conduct Vulnerability Assessment Vulnerability Analysis Stages Vulnerability Assessment Considerations Vulnerability Assessment Reports TimeLine and Penetration Attempts Vulnerability Assessment Tools Module 17: Exploit Writing & Buffer Overflow 1. Exploit Writing Concept of Exploit Writing Purpose of Exploit Writing Requirements of Exploits Writing & Shell codes Types of Exploits:- Stack Overflow Exploits Heap Corruption Exploit Format String Attack Integer Bug Exploits Race Condition TCP/IP Attack The Proof-of-Concept and Commercial Grade Exploit Converting a Proof of Concept Exploit to Commercial Grade Exploit Attack Methodologies Socket Binding Exploits

Steps for Writing an Exploit Shellcodes Null Byte Types of Shellcode Steps for Writing a ShellCode Issues Involved With Shellcode Writing Buffer Static Vs Dynamic Variables Stack Buffers, Data Region and Memory Process Regions About the Stack Need of Stack, Stack Region, Stack frame, Stack pointer, Procedure Call (Procedure Prolog), Return Address (RET), Word Size and Buffer Overflows, Why do we get a segmentation violation and Segmentation Error Writing Windows Based Exploits EIP Register and ESP Metasploit Framework, msfconsole Development with Metasploit Need for Creating of Exploit Determining the Attack Vector Debugger Determine the offset & pattern create Where to place the payload? 2. Buffer Overflow Why Applications are vulnerable Buffer Overflow Attack Reasons of Buffer Overflow Knowledge for Buffer Overflow Understanding Stacks Understanding Heaps Types of Buffer Overflow Attack Stack Based Heap Based Heap Memory Buffer overflow Bug Understanding Assembly Language Intro of Shell Code Detection of Buffer Overflows in a program Attacking a Real Program Once the Stack is smashed NOPS Mutate a Buffer Overflow Exploit Comparing Functions of libc and libsafe

Module 18: Cryptography & Steganography 1. Cryptography Concept of Cryptography Advantages and uses of Cryptography PKI (Public Key Infrastructure) Algorithm s of encryption RSA, MD5, SHA, SSL, PGP, SSH, GAK Concept of Digital Signature Encryption Cracking Techniques Disk Encryption Cracking S/MIME encryption using idle CPU time Concept of Command Line Scriptor and Crypto Heaven, Cyphercalc CA (Certificate Authority) 2. Steganography What is Steganography? History Steganography today Steganography tools Steganalysis What is Steganalysis? Types of analysis Identification of Steganographic files Steganalysis meets Cryptanalysis Password Guessing Cracking Steganography programs Conclusions What s in the Future? Other tools in the wild Module 19: Firewalls & Honeypots 1. Firewall What Does a Firewall Do? What a firewall cannot do How does a firewall work? Types of Firewall Working of Firewall Advantages and Disadvantages of Firewall Firewalls Implementing for Authentication Process

Types of Authentication Process Steps for Conducting Firewall Penetration Testing Locate the Firewall Traceroute to identify the network range Port scan the router Grab the banner Create custom packet and look for firewall responses Test access control Enumeration Test to indentify firewall architecture Test firewall using firewalking tool Test for port redirection Test Convert channels Test HTTP Tunneling Test firewall specific vulnerabilities How to Bypassing the Firewall 2. Honeypots Concept of Honeypots Purpose and working of Honeypots Advantages and Disadvantages of Honeypots Types of Honeypots Uses of Honeypots Detecting Honeypot Honeynets Architecture of Honeynet Working process of Honeynet Types of Honeynet Honeywall CDROM Module 20: IDS & IPS Concept of IDS (Intrusion Detection System) History and Characteristics of IDS Importance of IDS Deployment of IDS Intro, Advantages and Components of Distributed IDS Aggregate Analysis with IDS Types and Architecture of IDS:- Network Based IDS Host Based IDS

Diff. Between Network Base IDS and Host Base IDS Methods to Detect IDS Signatures Types of Signature:- Network Signatures Host-based Signatures Compound Signatures Methods to Detect Signature Prelude of IDS Concept of IPS (Intrusion Prevention System) Diff. Between IDS and IPS Network Antivirus Software s Module 21: Hacking Web Server 1. Web Servers Working process of Web Server Loopholes of Web Server Introduction of Popular Web Server and Common Security Threats Apache Vulnerability Attacks against IIS Components of IIS IIS Directory Traversal Unicode and Unicode Directory Traversal Vulnerability Unspecified Executable Path Vulnerability File System Traversal Counter measures WebDAV / ntdlldll Vulnerability RPC DCOM Vulnerability ASN Exploits IIS Logs Escalating Privileges on IIS Hot Fixes and Patches Countermeasures of Web Server Module 22: Wireless Hacking

Wireless Technology Introduction to wireless networking Basics & Terminologies Advantages of Wireless Technology Components of Wireless Network Types of Wireless Network Setting and detecting a wireless network Advantages and Disadvantages of wireless network Antennas, SSID, Access Point Positioning and Rogue Access Point Concept of Wired Equivalent Privacy (WEP) MAC Sniffing & AP Spoofing Terminology of Wi-Fi Access Denial-of-Service and MITM Attack in Wi-Fi Wireless Intrusion Detection System Tips to Secure Wireless Network Module 23: Physical Security Physical Security Current Statistics Accountability and Need of Physical security Factors Affecting Physical Security Physical Security Checklist Company Surroundings Premises Reception Server Workstation Area Wireless Access Points Other Equipments such as fax, removable media etc Access Control Computer Equipment Maintenance Wiretapping Remote Access Locks Spyware

Module 24: Reverse Engineering Concept of Reverse Engineering Positive Application of Reverse Engineering Ethical Reverse Engineering DMCA ACT Disassembler Decompilers Program Obfuscation Why do you need to decompile? NET Obfuscator and NET Obfuscation Java Byte code Decompilers How does OllyDbg Work? Module 25: Email Hacking Concept of Email Spam and Spam Laws E-Mail Tracking By Header Concept of Fake E-mails Various steps to send Fake mails Trace ip by PHP Script Module 26: Security Compliance and Auditing Security Compliance and Auditing What is compliance? Need for Security Compliance Standards for Security Compliance ISO 27001 PCI DSS Introduction to IT Auditing What is Security auditing? What is the need for Security auditing? Relevance of compliance standards in Auditing Importance of Risk Management

Module 27:Incident Handling & Computer forensics o Understanding Incidents o Exploring the incident paradigm: classifications and meaning o Incidents: Types and functionality o Controlling Incidents o Incident Response: A Brief Overview o Incident Response: structural design o Incident Handling o Computer Security Incident Response Team (CSIRT)? o Define Computer forensics o key rules for computer forensics o computer forensic procedure o Identification of evidence o Acquisition o Preservation of evidence o Analysis of evidence o Documentation o file recovery,data analysis,screen capture o mail password viewer,network password viewer o IE history viewer o mozzila cookie viewer o chain of custody o Introduction of Memory Forensics.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback