 "If you want to stop hackers from invading your network, first you've got to invade their minds."
The Certified Ethical Hacker CEH training course enables the system administrator with critical information to identify, counter and stop or defend hackers from penetrating the corporate network. With this certification, you will begin to understand how a hacker thinks and what tactics they use to penetrate corporate networks. This allows system administrators to deploy proactive countermeasures and stay ahead of information security developments and exploited vulnerabilities.
This certification is a great compliment to any MCSE or MCITP Certification. An Network Administrator would be able to handle security initiatives productively rather than restricting the efficiency of the organization. Functionality is expanded instead of lost in the process of securing the organization. For this reason the Certified Ethical Hacker certification compliments any Network Certification in a practical manner. Microsoft's operating systems are the most widely deployed systems and for this reason they are also subjected to the most intrusion attempts
CEH Live Boot Camp Classes Nationally
Training contains the following
Full Multi Media training course
Online training can be temporarily downloaded to your hard drive for off line viewing
Interactive Labs and Exercises
Certificate of Completion
One Year of Free Upgrades if CEH training course is revised
Course Description
Ethical hacking - this almost seems like a contradiction of words, but it isn't; it is a skill set that is increasingly in demand from year to year. This course examines the differences between hacking and ethical hacking, the stages and phases of ethical hacking, the laws that govern hacking and ethical hacking, and the penetration testing methodology that is used to perform ethical hacking. This course also assists students who are preparing for the EC Council's Ethical Hacking and Countermeasures (CEHv6) exam 312-50.
Target Audience
Existing or in-training IT security professionals seeking detailed security penetration testing skills
Prerequisites
A technical background with a solid understanding of networks and networking concepts, such as TCP/IP, IP Routing, and LAN Switching, as well as Windows and/or UNIX/LINUX operating systems; a general familiarity with the principles and usage of command-line, coding, and GUI -based technologies for manipulating IT operating systems
Expected Duration (hours)
20 Hours
CEH Ethical Hacker Certification Exam Requirements
*You must show 2 years of work experience in security related field. You must also submit a CEH exam eligibility application and obtain authorization from EC-Council before you can attempt the exam. Please visit the EC-Council website for more details.
Ethical Hacker Course Outline
- Countering IT Security Threats: Ethical Hacking
- Ethical Hacking and the Need for Penetration Testing
- Footprinting, Scanning, and Enumeration
- System Hacking and Malicious Content
- Social Engineering and Sniffing
- Deterring Electronic Intrusions
- Denial of Service and Session Hacking
- Linux Hacking
- Cryptography
- Internet-based and Database-based Attacks
- Wireless Attacks and Countermeasures
- Physical Security
You will learn to
the basic principles of information system security
the stages of ethical hacking
common methods ethical hackers can use to test information system security
analyze attacks made by a malicious hacker, for a given scenario
recommend a strategy ethical hackers can use to protect themselves, for a given scenario
how Title 18 of the U.S. Code applies to ethical hackers and the legality of their actions
situations where privacy laws or principles are breached
the five hacking classes of attack
automated vulnerability scanning tools
calculate the annual loss expectancy of an organization due to hacking, for a given scenario
determine the applicable law where a computer crime has been committed
use open source searching to gather information
the role of RIR
the purpose of NSlookup
sequence the TTL process
how traceroute is used in footprinting
how e-mail tracking works
port scanning issues
how the TCP three-way handshake works
the types of scans you can perform with Nmap
differentiate between war driving and war dialing
differentiate between active and passive fingerprinting
recommend a reconnaissance and scanning strategy for ethical hacking
the difference between kernel mode and user mode in Windows NT systems
how certain Windows elements affect security
limit NetBIOS null session vulnerabilities
counter SNMP vulnerabilities
limit DNS zone transfer vulnerabilities
use Active Directory enumeration
recommend a strategy for enumeration and for countering enumeration
the tools used for password cracking and privilege escalation
examples of strong passwords
differentiate between the types of password attacks
categorize passwords as weak or strong and the types of attacks they're vulnerable to
the characteristics of hardware and software keyloggers
counter rootkits
sequence the steps to create an alternate data stream in Windows
the tools used for steganography and erasing evidence
how trojans work
the hacking tools used for covert communication, port redirection, and wrapping
how e-mail can be used as a trojan attack vector
the countermeasures for trojans
categorize viruses according to their infection techniques
the countermeasures for viruses
key concepts about viruses and trojans
categorize examples of human-based social engineering
methods for computer-based social engineering
examples of insider attacks
types of phishing attacks
the countermeasures for social engineering
analyze social engineering scenarios and recommend countermeasures
how ARP spoofing works
how DNS spoofing works
counter sniffing
the techniques used for ARP, MAC, and DNS sniffing
the firewall architectures
ways to breach and bypass firewalls
ways in which to evade IDS
the main IDS detection methods
how honeypots can be used by IT security professionals
key concepts about electronic intrusion detection and evasion methods
categorize some typical DoS attacks
how DDoS works
use defense in depth to prevent DoS
sequence the stages of a botnet attack
defend computers from bots
how DoS and DDoS attacks work and counter them
how session hijackers can close a client's session with a server and impersonate the client
the functions of the TCP/IP layers
sequence the session hijacking steps
defend against session hijacking
how session hijacking works and how it can be countered
sequence the steps to compile a Linux kernel
assign specific permissions to a file or directory in Linux
the purposes of Linux hacking tools
the purpose of Linux security tools
where information is stored in Linux and basic Linux commands
the commands for scanning and remote control for certain Linux hacking tools
assign permissions to users, groups, and others in Linux
define key cryptographic terms
distinguish between the most common types of symmetric key algorithms
select the appropriate message format for a scenario
distinguish between types of asymmetric algorithms
determine the appropriate cryptography implementation for a given scenario
distinguish between hash algorithms
what's involved in different types of attack against hash algorithms
the guidelines for key management and distribution
the characteristics of digital signatures
implement best practices for e-mail encryption
distinguish between the security mechanisms for electronic transactions and e-mail
differentiate between various types of cipher
the features of common hacking tools used in cryptanalysis
apply e-mail encryption guidelines and determine the appropriate hash algorithm for a given scenario
use Telnet for banner grabbing
the countermeasures you can take against web server attacks
the IIS server attack types
web application vulnerabilities
the countermeasures to web server application attacks
common methods of authentication
countermeasures to password-cracking attacks
recommend countermeasures to Internet-based attacks
examples of SQL injection attacks
the steps an attacker may take when preparing to perform a SQL injection attack
SQL injection countermeasures
various types of SQL injection attacks
how buffer overflow attacks occur
defend off-the-shelf products against buffer overflow attacks
perform and defend against SQL injections and buffer overflows
features of the primary modes used for cellular communication
features of the RF technologies for 2.4 Ghz wireless LANs
the components of Bluetooth security algorithms
sequence the steps of the association process
how wireless systems work
features of the WEP authentication methods
the vulnerabilities of WEP
how wireless networks are vulnerable to DoS attacks
how the broadcast bubble makes wireless networks vulnerable to eavesdropping
common wireless hacking tools
increase the security of wireless LANs
how wireless security protocols work and defend a wireless network
the major sources of physical loss for an organization
the key objectives of a layered defense solution
perimeter security mechanisms
how CPTED strategies are used in loss and crime prevention
the appropriate physical security mechanisms to implement in a given scenario
the appropriate controls for securing the inside of a building or facility
the appropriate fire-protection technique for a scenario
the most appropriate intrusion detection technology for a scenario
determine the appropriate intrusion detection system to implement, given a specific scenario
best practices for securing the data center or server room, for protecting portable equipment, and for ensuring protection at object level
the appropriate strategy for securing compartmentalized areas in a given scenario |
