"Charting the Course... Certified Professional Ethical Hacker. Course Summary

Similar documents
Certified Professional Ethical Hacker

Certified Professional Ethical Hacker

CPEH Certified Professional Ethical Hacker

Certified Vulnerability Assessor

Ethical Hacking and Prevention

Curso: Ethical Hacking and Countermeasures

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services

CPTE: Certified Penetration Testing Engineer

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Course 831 Certified Ethical Hacker v9

Course 831 EC-Council Certified Ethical Hacker v10 (CEH)

Certified Ethical Hacker (CEH)

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

Certified Penetration Testing Engineer

CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 12 May 2018

V8 - CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 03 Feb 2018

Certified Penetration Testing Engineer

Implementing Cisco Network Security (IINS) 3.0

C)PTE Certified Penetration Testing Engineer

Cybersecurity Foundations

Advanced Diploma on Information Security

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Strategic Infrastructure Security

Mobile MOUSe HACKING REVEALED ONLINE COURSE OUTLINE

This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process.

PTE Certified Penetration Testing Engineer

CPTE Certified Penetration Testing Engineer

Certified Ethical Hacker Version 9. Course Outline. Certified Ethical Hacker Version Nov

CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 15 Jan

CHCSS. Certified Hands-on Cyber Security Specialist (510)

Ethical Hacker Foundation and Security Analysts Course Semester 2

Practice Labs Ethical Hacker

CEH: CERTIFIED ETHICAL HACKER v9

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

CompTIA Security+ Certification

CompTIA Security+ (Exam SY0-401)

Syllabus: The syllabus is broadly structured as follows:

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Audience. Pre-Requisites

Pearson: Certified Ethical Hacker Version 9. Course Outline. Pearson: Certified Ethical Hacker Version 9.

Scanning. Introduction to Hacking. Networking Concepts. Windows Hacking. Linux Hacking. Virus and Worms. Foot Printing.

Penetration Testing with Kali Linux

EC-Council C EH. Certified Ethical Hacker. Program Brochure

Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems

Understanding Cisco Cybersecurity Fundamentals

SANS SEC504. Hacker Tools, Techniques, Exploits and Incident Handling.

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

CS System Security 2nd-Half Semester Review

Certified Ethical Hacker

ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]

Software Development & Education Center Security+ Certification

COPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51

Scanning. Course Learning Outcomes for Unit III. Reading Assignment. Unit Lesson UNIT III STUDY GUIDE

Chapter 4. Network Security. Part I

Basics of executing a penetration test

GCIH. GIAC Certified Incident Handler.

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

Ethical Hacking. Content Outline: Session 1

EC-Council C EH. Certified Ethical Hacker. Program Brochure

Certified Secure Web Application Engineer

Security+ SY0-501 Study Guide Table of Contents

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Certified Penetration Testing Consultant

DIS10.1 Ethical Hacking and Countermeasures

01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

Certified Penetration Testing Engineer (CPTE)

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

DIS10.1:Ethical Hacking and Countermeasures

DumpsTorrent. Latest dumps torrent provider, real dumps

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

CEH Tools. Sniffers. - Wireshark: The most popular packet sniffer with cross platform support.

CSWAE Certified Secure Web Application Engineer

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

Chapter 5: Vulnerability Analysis

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified

Hackveda Training - Ethical Hacking, Networking & Security

Network Security. Thierry Sans

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access

Access Controls. CISSP Guide to Security Essentials Chapter 2

Exam Questions SY0-401

ECCouncil Exam v8 Certified Ethical Hacker v8 Exam Version: 7.0 [ Total Questions: 357 ]

ACCURATE STUDY GUIDES, HIGH PASSING RATE! Question & Answer. Dump Step. provides update free of charge in one year!

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

Hacking Today p. 1 Defining the Hacker p. 9 Hacker Skill Levels p. 10 Information Security Consultants p. 13 Hacker Myths p. 14 Information Security

Erasable Programmable Read-Only Memory (EPROM) Electrically Erasable Programmable Read-Only Memory (EEPROM) CMOS 2.2.

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

ISDP 2018 Industry Skill Development Program In association with

Hands-On Hacking Course Syllabus

C and C++ Secure Coding 4-day course. Syllabus

CIW: Web Security Associate. Course Outline. CIW: Web Security Associate. 12 Oct ( Add-On )

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

CIH

PROTECTING INFORMATION ASSETS NETWORK SECURITY

POST GRADUATE DIPLOMA IN CYBER SECURITY (PGDCS)

Transcription:

Course Summary Description The course is the introductory training to mile2 s line of penetration testing courses and certifications. The course training helps students gain a valuable skill-set in penetration testing by understand the importance of vulnerability assessments and ethical hacking through: Learning the knowledge and skills behind a vulnerability assessment. Preparation to apply this knowledge and exercise these skills in the interest of others. Understand the importance of a Vulnerability Assessment and how it can help you prevent serious breakins to your organization. This is accomplished by: Performing in-depth labs with industry standard tools. Learning the penetration testing methodology through conceptual theories and real-world practices. Equipping you with the knowledge about what hackers look for when trying to hack into your network. Assessing for the cause of testing your company s security posture to help better secure the infrastructure against intrusion. Objectives At the end of this course, students will be able to: Have knowledge to perform ethical hacking for vulnerability assessments. Have knowledge to accurately report on their findings. e ready to sit for the C)PEH Exam Topics Fundamentals Vulnerability Assessments Ethical Hacking Appendices Audience This course is designed for Ethical Hackers, Security Consultants, IT Management and Chief Security Officers. Prerequisites An interest in ethical hacking and penetration testing Duration Five days

Course Outline I. Part 1 Fundamentals A. Security Fundamentals 1. Overview 2. The Growth of Environments and Security 3. Our Motivation 4. The Goal: Protecting Information! 5. CIA Triad in Detail 6. Approach Security Holistically 7. Security Definitions 8. Definitions Relationships 9. Method: Ping 10. The TCP/IP Stack 11. Which Services Use Which Ports? 12. TCP 3-Way Handshake 13. TCP Flags 14. Malware 15. Types of Malware 16. Types of Viruses 17. More Malware: Spyware 18. Trojan Horses 19. Back Doors 20. DoS 21. DDoS 22. Packet Sniffers 23. Passive Sniffing 24. Active Sniffing 25. Firewalls, IDS and IPS 26. Firewall First 27. Line of Defense 28. IDS Second Line of Defense 29. IPS Last Line of Defense? 30. Firewalls 31. Firewall Types: (1) Packet Filtering 32. Firewall Types: (2) Proxy Firewalls 33. Firewall Types Circuit-Level Proxy Firewall 34. Type of Circuit- 35. Level Proxy SOCKS 36. Firewall Types 37. Application-Layer Proxy 38. Firewall Types: (3) Stateful 39. Firewall Types: (4) Dynamic Packet-Filtering 40. Firewall Types: (5) Kernel Proxies 41. Firewall Placement 42. Firewall Architecture Types Screened Host 43. Multi- or Dual-Homed 44. Screened Subnet 45. Wi-Fi Network Types 46. Wi-Fi Network Types 47. Widely Deployed Standards 48. Standards Comparison 49. 802.11n: MIMO 50. Overview of Database Server 51. Review C. Access Controls 1. 2: Access Controls 3. Role of Access Control 4. Definitions 5. More Definitions 6. Categories of Access Controls 7. Physical Controls 8. Logical Controls 9. Soft Controls 10. Security Roles 11. Steps to Granting Access 12. Access Criteria 13. Physical Access 14. Control Mechanisms 15. Biometric System Types 16. Synchronous Token 17. Asynchronous Token Device 18. Memory Cards 19. Smart Card 20. Cryptographic Keys 21. Logical Access Controls 22. OS Access Controls 23. Linux Access Controls 24. Accounts and Groups 25. Password & 26. Shadow File Formats 27. Accounts and Groups 28. Linux and UNIX Permissions 29. Set UID Programs 30. Trust Relationships 31. Review D. Protocols 1. 3: Protocols 2. Protocols Overview 3. OSI Application Layer 4. OSI Presentation Layer 5. OSI Session Layer 6. OSI: Transport Layer 7. OSI Network Layer 8. OSI Data Link 9. OSI Physical Layer 10. Protocols at 11. Each OSI Model Layer 12. TCP/IP Suite 13. Port and Protocol Relationship 14. Conceptual Use of Ports 15. UDP versus TCP 16. Protocols ARP 17. Protocols ICMP 18. Network Service DNS 19. SSH Security Protocol 20. SSH

21. Protocols SNMP 22. Protocols SMTP 23. Packet Sniffers 24. Example Packet Sniffers 25. Review E. Cryptography 1. 4: Cryptography 3. Introduction 4. Encryption 5. Cryptographic Definitions 6. Encryption Algorithm 7. Implementation 8. Symmetric Encryption 9. Symmetric Downfalls 10. Symmetric Algorithms 11. Crack Times 12. Asymmetric Encryption 13. Public Key 14. Cryptography Advantages 15. Asymmetric 16. Algorithm Disadvantages 17. Asymmetric 18. Algorithm Examples 19. Key Exchange 20. Symmetric versus Asymmetric 21. Using the 22. Algorithm Types Together 23. Instructor Demonstration 24. Hashing 25. Common Hash Algorithms 26. Birthday Attack 27. Example of a Birthday Attack 28. Generic Hash Demo 29. Instructor Demonstration 30. Security Issues in Hashing 31. Hash Collisions 32. MD5 Collision Creates 33. Rogue Certificate Authority 34. Hybrid Encryption 35. Digital Signatures 36. SSL/TLS 37. SSL Connection Setup 38. SSL Hybrid Encryption 39. SSH 40. IPSec: Network Layer Protection 41. Public Key Infrastructure 42. Quantum Cryptography 43. Attack Vectors 44. Network Attacks 45. More Attacks (Cryptanalysis) 46. Review II. Part 2 Vulnerability Assessments A. Why Vulnerability Assessments? 1. 5: Why Vulnerability Assessments? 3. What is a 4. Vulnerability Assessment? 5. Vulnerability Assessment 6. Benefits of a 7. Vulnerability Assessment 8. What are Vulnerabilities? 9. Security Vulnerability Life Cycle 10. Compliance and Project Scoping 11. The Project 1 Statement 13. Project Overview Statement 14. Assessing Current 15. Network Concerns 16. Vulnerabilities in Networks 17. More Concerns 18. Network Vulnerability 19. Assessment Methodology 20. Network Vulnerability 21. Assessment Methodology 22. Phase I: Data Collection 23. Phase II: Interviews, Information Reviews, and Hands-On Investigation 24. Phase III: Analysis 25. Analysis cont. 26. Risk Management 27. Why Is Risk 28. Management Difficult? 29. Risk Analysis Objectives 30. Putting Together 31. the Team and Components 32. What Is the Value of an Asset? 33. Examples of Some Vulnerabilities that Are Not Always Obvious 34. Categorizing Risks 35. Some Examples 36. of Types of Losses 37. Different Approaches 38. to Analysis 39. Who Uses What? 40. Qualitative Analysis Steps 41. Quantitative Analysis 42. ALE Values Uses 43. ALE Example 44. ARO Values and Their Meaning 45. ALE Calculation 46. Can a Purely Quantitative Analysis Be Accomplished? 47. Comparing Cost and Benefit 48. Countermeasure Criteria 49. Calculating Cost/Benefit

50. Cost of a Countermeasure 51. Can You Get Rid of All Risk? 52. Management s Response to Identified Risks 53. Liability of Actions 54. Policy Review 55. (Top-Down) Methodology 56. Definitions 57. Policy Types 58. Policies with Different Goals 59. Industry Best 60. Practice Standards 61. Components that Support the Security Policy 62. Policy Contents 63. When Critiquing a Policy 64. Technical (Bottom-Up) 65. Methodology 66. Review B. Vulnerability Tools of the Trade 1. 6: Vulnerability Tools of the Trade 2. Vulnerability Scanners 3. Nessus 4. SAINT Sample Report 5. Tool: Retina 6. Qualys Guard 7. Tool: LANguard 8. Microsoft Baseline Analyzer 9. MBSA Scan Report 10. Dealing with Assessment Results 11. Patch Management Options 12. Review C. Output Analysis and Reports 1. 7: Output Analysis and Reports 3. Staying Abreast: Security Alerts 4. Vulnerability Research Sites 5. Nessus 6. SAINT 7. SAINT Reports 8. GFI Languard 9. GFI Reports 10. MBSA 11. MBSA Reports 12. Review III. Part 3 Ethical Hacking A. Reconnaissance, Enumeration and Scanning 1. 8: Reconnaissance, Enumeration and Scanning 2. Reconnaissance Overview 3. Step One in the 4. Hacking Life-Cycle 5. What Information is 6. Gathered by the Hacker? 7. Passive vs. Active Reconnaissance 8. Footprinting Defined 9. Social Access 10. Social Engineering Techniques 11. Social Networking Sites 12. People Search Engines 13. Internet Archive: 14. The WayBack Machine 15. Footprinting Tools Overview 16. Maltego GUI 17. Johnny.Ihackstuff.com 18. Google (cont.) 19. Domain Name Registration 20. WHOIS Output 21. DNS Databases 22. Using Nslookup 23. Traceroute Operation 24. Web Server Info Tool: Netcraft 25. Introduction to Port Scanning 26. Which Services 27. use Which Ports? 28. Port Scan Tips 29. Port Scans Should Reveal 30. Popular Port Scanning Tools 31. Ping (Is the host online?) 32. Stealth Online Ping 33. TCP 3-Way Handshake 34. TCP Flags 35. TCP Connect Port Scan 36. Half-open Scan (SynScan) 37. Firewalled Ports 38. NMAP TCP Connect Scan 39. Enumeration Overview 40. Web Server Banners 41. HTTPrint 42. DNS Enumeration 43. SNMP Insecurity 44. SNMP Enumeration Tools 45. SNMP Enumeration Countermeasures 46. Active Directory Enumeration 47. LDAPMiner 48. AD Enumeration Countermeasures 49. Null Sessions 50. Viewing Shares 51. Tool: DumpSec 52. Tool: Enumeration 53. with Cain and Abel 54. Null Session 55. Countermeasures (cont.) 56. Review B. Gaining Access 1. 9: Gaining Access How Do Exploits Work? 3. Physical Access Attacks

4. Lock Picking 5. Tool Kit: Torque Wrench 6. Tool Kit: Picks 7. Tool Kit: Snap Gun 8. Tool Kit: Electric Pick 9. Internal Mechanism 10. Pin Tumblers 11. Pin Tumblers 12. Picking 13. Binding Pin 14. Binding 15. Binding 16. Binding Order 17. Raking 18. Raking 19. Bumping 20. Bump Keying 21. Shimming Door Locks 22. Padlocks 23. Bypassing 24. Padlock Shims 25. Shock Energy 26. Lock Picking Countermeasures 27. The Metasploit Project 28. Defense in Depth 29. Instructor Demonstration 30. SaintExploit at a Glance 31. SaintExploit Interface 32. Core Impact Overview 33. Core Impact 34. Review C. Maintaining Access 1. 10: Maintaining Access 3. Back Doors 4. Backdoor via Rootkits 5. Linux Backdoor via Rootkits 6. Linux Backdoor via Rootkits 7. Windows RootKit Countermeasures 8. Tool: Netcat 9. Netcat Switches 10. Netcat as a Listener 11. Meterpreter 12. Review D. Covering Tracks 1. 11: Covering Tracks 3. Covering Tracks Overview 4. Disabling Auditing 5. Clearing and Event Log 6. Hiding Files with 7. NTFS Alternate Data Stream 8. NTFS Streams Countermeasures 9. Stream Explorer 10. What is Steganography? 11. Steganography Tools 12. Shedding Files Left Behind 13. Leaving No Local Trace 14. More Anonymous Software 15. StealthSurfer II Privacy Stick 16. Tor: Anonymous Internet Access 17. Encrypted Tunnel Notes 18. Review E. Malware 1. 12: Malware 3. Distributing Malware 4. Malware Capabilities 5. Countermeasure: Monitoring Autostart Methods 6. Tool: Netcat 7. Netcat Switches 8. Netcat as a Listener 9. Executable Wrappers 10. Benign EXE s Historically Wrapped with Trojans 11. Tool: Restorator 12. Tool: Exe Icon 13. The Infectious CD-Rom Technique 14. Trojan: Backdoor.Zombam.B 15. Trojan: JPEG GDI+ All in One Remote Exploit 16. Advanced Trojans: Avoiding Detection 17. BPMTK 18. Malware Countermeasures 19. Gargoyle Investigator 20. Spy Sweeper Enterprise 21. CM Tool: Port Monitoring Software 22. CM Tools: File Protection Software 23. CM Tool: Windows File Protection 24. CM Tool: Windows Software Restriction Policies 25. CM Tool: Hardware Malware Detectors 26. Countermeasure: User Education 27. Review F. Buffer Overflows 1. 13: Buffer Overflows 3. Buffer Overflow Definition 4. Overflow Illustration 5. Buffer Overflows 6. Memory Organization 7. How Buffers and Stacks 8. Are Supposed to Work 9. Stack Function 10. How a Buffer Overflow Works 11. Buffer Overflows 12. Secure Code Review 13. Prevention

14. Review G. Password Cracking 1. 14: Password Cracking 3. Attack Vectors 4. Unix Passwords and Encryption 5. Password Cracking Tools 6. NAT Dictionary Attack Tool 7. THC-Hydra 8. Password Guessing 9. Password Cracking 10. LM/NTLM Hashes 11. LM Hash Encryption 12. NT Hash Generation 13. Windows Syskey Encryption 14. Creating Rainbow Tables 15. Free Rainbow Tables 16. NTPASSWD:Hash Insertion Attack 17. Password Sniffing 18. Sniffing Remote Passwords 19. Tool: Cain and Abel 20. Review IV. Appendices A. Economics and Law 1. Economics and Law 3. Attack Vectors 4. Unix Passwords and Encryption 5. Password Cracking Tools 6. NAT Dictionary Attack Tool 7. THC-Hydra 8. Password Guessing 9. Password Cracking 10. LM/NTLM Hashes 11. LM Hash Encryption 12. NT Hash Generation 13. Windows Syskey Encryption 14. Creating Rainbow Tables 15. Free Rainbow Tables 16. NTPASSWD:Hash Insertion Attack 17. Password Sniffing 18. Sniffing Remote Passwords 19. Tool: Cain and Abel 20. Review B. Vulnerability Types 1. Vulnerability Types 3. Critical Vulnerabilities 4. Critical Vulnerability Types 5. Buffer Overflows 6. URL Mappings 7. to Web Applications 8. IIS Directory Traversal 9. Format String Attacks 10. Default Passwords 11. Misconfigurations 12. Known Backdoors 13. Information Leaks 14. Memory Disclosure 15. Network Information 16. Version Information 17. Path Disclosure 18. User Enumeration 19. Denial of Service 20. Best Practices 21. Review 22. Lab C. Assessing Web Servers 1. ssessing Web Servers 2. Web Servers 3. Fingerprinting 4. Accessible Web Servers 5. Identifying and Assessing 6. Reverse Proxy Mechanisms 7. Proxy Mechanisms 8. Identifying Subsystems 9. and Enabled Components 10. Basic Web Server Crawling 11. Web Application 12. Technologies Overview 13. Web Application Profiling 14. HTML Sifting and Analysis 15. Active Backend 16. Database Technology Assessment 17. Why SQL Injection? 18. Web Application 19. Attack Strategies 20. Web Application Vulnerabilities 21. Authentication Issues 22. Parameter Modification 23. SQL Injection: Enumeration 24. SQL Extended Stored Procedures 25. Shutting Down SQL Server 26. Direct Attacks 27. SQL Connection Properties 28. Attacking Database Servers 29. Obtaining Sensitive Information 30. URL Mappings 31. to Web Applications 32. Query String 33. Changing URL Login Parameters 34. URL Login Parameters Cont. 35. IIS Directory Traversal 36. Cross-Site Scripting (XSS) 37. Web Security Checklist 38. Review

D. Assessing Remote & VPN Services 1. Assessing Remote & VPN Services 2. Assessing Remote & VPN Services 3. Remote Information Services 4. Retrieving DNS 5. Service Version Information 6. DNS Zone Transfers 7. Forward DNS Grinding 8. Finger 9. Auth 10. NTP 11. SNMP 12. Default Community Strings 13. LDAP 14. Rwho 15. RPC rusers 16. Remote Maintenance Services 17. FTP 18. SSH 19. Telnet 20. X Windows 21. Citrix 22. Microsoft Remote 23. Desktop Protocol 24. VNC 25. Assessing IP VPN Services 26. Microsoft PPTP 27. SSL VPNs 28. Review E. Denial of Service 1. Overview 2. DDoS Issues 3. DDoS 4. Zombie Definition 5. DDoS Attack Types 6. Wifi Denial of Service (DoS) 7. Evading The Firewall and IDS 8. Evasive Techniques 9. Firewall Normal Operation 10. Evasive Technique:Example 11. Evading With Encrypted Tunnels 12. Man-in-the-middle Attacks 13. ARP Cache Poisoning 14. ARP Normal Operation 15. ARP Cache Poisoning 16. ARP Cache Poisoning (Linux) 17. Tool: Cain and Abel 18. Ettercap 19. Countermeasures 20. What is DNS spoofing? 21. Tools: DNS Spoofing 22. Breaking SSL Traffic 23. Tool: Breaking SSL Traffic 24. Tool: Cain and Abel 25. Voice over IP (VoIP) 26. Intercepting VoIP 27. Session Hijacking 28. Review

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback