# # # #

Service Center

EC Counsil CEH Certification Training Classes    

"If you want to stop hackers from invading your network, first you've got to invade their minds."
The Certified Ethical Hacker CEH training course enables the system administrator with critical information to identify, counter and stop or defend hackers from penetrating the corporate network. With this certification, you will begin to understand how a hacker thinks and what tactics they use to penetrate corporate networks. This allows system administrators to deploy proactive countermeasures and stay ahead of information security developments and exploited vulnerabilities.
This certification is a great compliment to any MCSE or MCITP Certification. An Network Administrator  would be able to handle security initiatives productively rather than restricting the efficiency of the organization. Functionality is expanded instead of lost in the process of securing the organization. For this reason the Certified Ethical Hacker certification compliments any Network Certification in a practical manner. Microsoft's operating systems are the most widely deployed systems and for this reason they are also subjected to the most intrusion attempts
CEH Live Boot Camp Classes Nationally

Training  contains the following
 Full Multi Media training course
 Online training can be temporarily downloaded to your hard drive for off line viewing
 Interactive Labs and Exercises
 Certificate of Completion
 One Year of Free Upgrades if CEH training course is revised

Course Description
Ethical hacking - this almost seems like a contradiction of words, but it isn't; it is a skill set that is increasingly in demand from year to year. This course examines the differences between hacking and ethical hacking, the stages and phases of ethical hacking, the laws that govern hacking and ethical hacking, and the penetration testing methodology that is used to perform ethical hacking. This course also assists students who are preparing for the EC Council's Ethical Hacking and Countermeasures (CEHv6) exam 312-50.

Target Audience
Existing or in-training IT security professionals seeking detailed security penetration testing skills

Prerequisites
A technical background with a solid understanding of networks and networking concepts, such as TCP/IP, IP Routing, and LAN Switching, as well as Windows and/or UNIX/LINUX operating systems; a general familiarity with the principles and usage of command-line, coding, and GUI -based technologies for manipulating IT operating systems

Expected Duration (hours)
20 Hours

CEH Ethical Hacker Certification Exam Requirements

 *You must show 2 years of work experience in security related field. You must also submit a CEH exam eligibility application and obtain authorization from EC-Council before you can attempt the exam. Please visit the EC-Council website for more details.

Ethical Hacker Course Outline

  • Countering IT Security Threats: Ethical Hacking
  • Ethical Hacking and the Need for Penetration Testing
  • Footprinting, Scanning, and Enumeration
  • System Hacking and Malicious Content
  • Social Engineering and Sniffing
  • Deterring Electronic Intrusions
  • Denial of Service and Session Hacking
  • Linux Hacking
  • Cryptography
  • Internet-based and Database-based Attacks
  • Wireless Attacks and Countermeasures
  • Physical Security

You will learn to
 the basic principles of information system security 
 the stages of ethical hacking 
 common methods ethical hackers can use to test information system security 
 analyze attacks made by a malicious hacker, for a given scenario 
 recommend a strategy ethical hackers can use to protect themselves, for a given scenario 
 how Title 18 of the U.S. Code applies to ethical hackers and the legality of their actions 
 situations where privacy laws or principles are breached 
 the five hacking classes of attack 
 automated vulnerability scanning tools 
 calculate the annual loss expectancy of an organization due to hacking, for a given scenario 
 determine the applicable law where a computer crime has been committed 
 use open source searching to gather information 
 the role of RIR 
 the purpose of NSlookup 
 sequence the TTL process 
 how traceroute is used in footprinting 
 how e-mail tracking works 
 port scanning issues 
 how the TCP three-way handshake works 
 the types of scans you can perform with Nmap 
 differentiate between war driving and war dialing 
 differentiate between active and passive fingerprinting 
 recommend a reconnaissance and scanning strategy for ethical hacking 
 the difference between kernel mode and user mode in Windows NT systems 
 how certain Windows elements affect security 
 limit NetBIOS null session vulnerabilities 
 counter SNMP vulnerabilities 
 limit DNS zone transfer vulnerabilities 
 use Active Directory enumeration 
 recommend a strategy for enumeration and for countering enumeration 
 the tools used for password cracking and privilege escalation 
 examples of strong passwords 
 differentiate between the types of password attacks 
 categorize passwords as weak or strong and  the types of attacks they're vulnerable to
 the characteristics of hardware and software keyloggers 
 counter rootkits 
 sequence the steps to create an alternate data stream in Windows 
 the tools used for steganography and erasing evidence 
 how trojans work 
 the hacking tools used for covert communication, port redirection, and wrapping 
 how e-mail can be used as a trojan attack vector 
 the countermeasures for trojans 
 categorize viruses according to their infection techniques 
 the countermeasures for viruses 
 key concepts about viruses and trojans 
 categorize examples of human-based social engineering 
 methods for computer-based social engineering 
 examples of insider attacks 
 types of phishing attacks 
 the countermeasures for social engineering 
 analyze social engineering scenarios and recommend countermeasures 
 how ARP spoofing works 
 how DNS spoofing works 
 counter sniffing 
 the techniques used for ARP, MAC, and DNS sniffing 
 the firewall architectures 
 ways to breach and bypass firewalls 
 ways in which to evade IDS 
 the main IDS detection methods 
 how honeypots can be used by IT security professionals 
 key concepts about electronic intrusion detection and evasion methods 
 categorize some typical DoS attacks 
 how DDoS works 
 use defense in depth to prevent DoS 
 sequence the stages of a botnet attack 
 defend computers from bots 
 how DoS and DDoS attacks work and  counter them 
 how session hijackers can close a client's session with a server and impersonate the client 
 the functions of the TCP/IP layers 
 sequence the session hijacking steps 
 defend against session hijacking 
 how session hijacking works and how it can be countered 
 sequence the steps to compile a Linux kernel 
 assign specific permissions to a file or directory in Linux 
 the purposes of Linux hacking tools 
 the purpose of Linux security tools 
 where information is stored in Linux and basic Linux commands 
 the commands for scanning and remote control for certain Linux hacking tools 
  assign permissions to users, groups, and others in Linux 
 define key cryptographic terms 
 distinguish between the most common types of symmetric key algorithms 
 select the appropriate message format for a scenario 
 distinguish between types of asymmetric algorithms 
 determine the appropriate cryptography implementation for a given scenario 
 distinguish between hash algorithms 
 what's involved in different types of attack against hash algorithms 
 the guidelines for key management and distribution 
 the characteristics of digital signatures 
  implement best practices for e-mail encryption 
 distinguish between the security mechanisms for electronic transactions and e-mail 
 differentiate between various types of cipher 
 the features of common hacking tools used in cryptanalysis 
 apply e-mail encryption guidelines and determine the appropriate hash algorithm for a given scenario 
  use Telnet for banner grabbing 
 the countermeasures you can take against web server attacks 
 the IIS server attack types 
 web application vulnerabilities 
 the countermeasures to web server application attacks 
 common methods of authentication 
 countermeasures to password-cracking attacks 
 recommend countermeasures to Internet-based attacks 
 examples of SQL injection attacks 
 the steps an attacker may take when preparing to perform a SQL injection attack 
 SQL injection countermeasures 
  various types of SQL injection attacks 
  how buffer overflow attacks occur 
 defend off-the-shelf products against buffer overflow attacks 
 perform and defend against SQL injections and buffer overflows 
 features of the primary modes used for cellular communication 
 features of the RF technologies for 2.4 Ghz wireless LANs 
 the components of Bluetooth security algorithms 
 sequence the steps of the association process 
 how wireless systems work 
 features of the WEP authentication methods 
 the vulnerabilities of WEP 
 how wireless networks are vulnerable to DoS attacks 
 how the broadcast bubble makes wireless networks vulnerable to eavesdropping 
 common wireless hacking tools 
  increase the security of wireless LANs 
 how wireless security protocols work and  defend a wireless network 
 the major sources of physical loss for an organization 
 the key objectives of a layered defense solution 
 perimeter security mechanisms 
 how CPTED strategies are used in loss and crime prevention 
 the appropriate physical security mechanisms to implement in a given scenario 
 the appropriate controls for securing the inside of a building or facility 
 the appropriate fire-protection technique for a scenario 
 the most appropriate intrusion detection technology for a scenario 
 determine the appropriate intrusion detection system to implement, given a specific scenario 
 best practices for securing the data center or server room, for protecting portable equipment, and for ensuring  protection at object level 
 the appropriate strategy for securing compartmentalized areas in a given scenario