CEH Certified Ethical Hacking

About The Course Course Topic Overview and Description: This course provides you with the in-depth knowledge to deploy the tools and techniques needed to protect your network. At the end of the course you’ll be able to take the exam at any Pearson VUE Test Center location. What you will learn: Apply countermeasures to secure your system against threats Test access to your data using ethical hacking techniques Implement real-world hacking techniques to test system security Employ complex tools to identify and analyze your company’s risks & weakness Find vulnerabilities in a network infrastructure   The course is for 5 days. Various instructional methods will be used to teach the objectives mentioned above. The training method would be completely interactive and participative. Students will receive course materials which will be discussed during class. Who Should Attend: Participants who have some basic IT Knowledge or experience in IT administration with focus on security. Recommended for: Security Officers Security Experts Firewall Administrators Network Administrators Systems Engineer Systems Architects   Course Delivery:  The course will be delivered using formal lectures combined with questions based on the topics. The class will be conducted both online and in-person. 

Day 1 – Ethical Hacking Fundamentals

  •  Effects of Hacking
    • Reviewing the elements of information security
    • Security, functionality & usability triangle
  • Methods of Hacking
    • Reconnaissance
    • Scanning
    • Gaining access
    • Covering tracks
    • Identifying attack types
  • Functions of Ethical Hacker
    • Conducting vulnerability research
    • Identifying elements of information warfare

Day 2 – Applying Covert Techniques to Scan & Attack a Network

  • Footprinting & Reconnaissance
    • Objectives and methods of footprinting
    • Searching for information with Google Hacking
    • Employing footprinting countermeasures
  • Scanning Networks
    • Objectives and methods of footprinting
    • Searching for information with Google Hacking
    • Employing footprinting countermeasures
  • Examining enumeration techniques
    • Enumerating user accounts using default passwords
    • Simple Network Management Protocol (SNMP) enumeration

Day 3 – Analyzing System Risks & Weaknesses to Apply Countermeasures

  • System Hacking
    • CEH Hacking Methodology (CHM)
    • Cracking passwords and escalating privileges
    • Defending against password cracking and key loggers
    • Hiding information with steganography
  • Uncovering Trojans and backdoors
    •  Injecting a Trojan into a host
    •  Analyzing Trojan activity
  • Dissecting viruses, worms and sniffers
    • Distributing malware on the web
    • Recognizing key indicators of a virus attack
    • Analyzing worms and malware
  • Social Engineering and Denial-of-Service (DoS)
    • Targets, intrusion tactics and strategies for prevention
    • Mitigating the risks of social networking to networks
    • Recognizing symptoms and techniques of DoS attack
    • Implementing tools to defend against DoS attacks

Day 4 – Assessing & Preventing Gaps in a Network Infrastructure

  • Hacking web applications and wireless networks
    • Cross-Site Scripting (XSS) and web application DoS attacks
    • Defending against SQL Injection
    • Implementing a man-in-the-middle attack
  • Hijacking sessions and web servers
    • Spoofing a site to steal credentials
    • Preventing hijacking by implementing countermeasures
    • Leveraging Metasploit in an attack
  • Buffer overflow and cryptography
    • Exploiting input validation failures
    • Defending against memory corruption attacks

Day 5 – Performing Penetration Testing

  • Performing security and vulnerability assessments
  • Determining security and vulnerability assessments
  • Announced vs. unannounced testing