In our last article posted on May 19, we discussed the major threat to United States companies created by foreign hacking. Our narrative described the DOJ’s indictment of five Chinese officials and some suggestions regarding information technology certifications, which are now in high demand. Combating this threat is going to require the talents and services of highly qualified and trained professionals. In this article we will outline the curriculum for the Certified Ethical Hacker certification. The course curriculum will be posted to provide our readers with an idea of the types of skills, which are needed to do the job of security.
Course Description for Certified Ethical Hacker
The Certified Ethical Hacker Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
Course Duration
40 hours
Target Student: The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
Delivery Method: Instructor-led, group-paced, classroom-delivery learning model with structured minds-on and hands-on activities.
Benefits: This class will immerse the student into an interactive environment where they will be shown how to scan, test, and secure their own systems. The lab-intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be led into scanning and attacking their own networks. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about intrusion detection, policy creation, social engineering, open source intelligence, incident handling, and log interpretation.
What’s Next: The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
Course Objectives:
• Developing the hacker’s mind.
• Network surveying.
• Port scanning.
• System identification/OS fingerprinting.
• Vulnerability research and verification.
• Service identification.
• Internet application testing.
• Document grinding.
• Recognizing security issues within an organization.
• Performing legal assessments on remote/foreign networks.
• Examining an organization for weaknesses as through the eyes of an industrial spy or a competitor.
• Implementing the right tools for each task of the Methodology
• Competitive Intelligence.
• Exploiting vulnerabilities remotely.
• Examining appropriate countermeasures to thwart malicious hacking.
Course Outline:
Class 1: Introduction to Ethical Hacking
• Explaining the Certification
• Introducing Security
• Introducing Hacking
• Introduction to Ethical Hacking
Class 2: Foot printing
• Defining Foot printing
• Information Gathering Methodology
• Locate the Network Range
• Hacking Tools
Class 3: Scanning
• Definition of Scanning.
• Types of scanning
• Objectives of Scanning
• Scanning Methodology
• Classification of Scanning
• Hacking Tools
• Countermeasures
Class 4: Enumeration
• What is Enumeration?
• NetBios Null Sessions
• Hacking Tools
• Enumerating User Accounts
• Active Directory Enumeration and Countermeasures
Class 5: System Hacking
• Administrator Password Guessing
• Manual Password Cracking Algorithm
• Automated Password Cracking
• Password Types
• Types of Password Attacks
• Hacking Tools
Class 6: Trojans and Backdoors
• Effect on Business
• What is a Trojan?
• Overt and Covert Channels
• Indications of a Trojan Attack
• Reverse Engineering Trojans
• Backdoor Countermeasures
Class 7: Sniffers
• Definition of sniffing
• How a Sniffer works?
• Passive Sniffing
• Active Sniffing
• Hacking Tools
• Sniffing Countermeasures
Class 8: Denial of Service
• What is Denial of Service?
• Goal of DoS (Denial of Service)
• Impact and Modes of Attack
• DoS Attack Classification
• Hacking Tools
• Countermeasures for Reflected DoS
• Tools for Detecting DDOS Attacks
Class 9: Social Engineering
• What is Social Engineering?
• Art of Manipulation
• Human Weakness
• Common Types of Social Engineering
• Human Based Impersonation
Class 10: Session Hijacking
• Understanding Session Hijacking
• Spoofing vs Hijacking
• Steps in Session Hijacking
• Types of Session Hijacking
• Hacking Tools
• Protection against Session Hijacking
• Countermeasures: IP Security
Class 11: Hacking Web Servers
• Popular Web Servers and Common Security Threats
• Apache Vulnerability
• Attack against IIS Console
• Hacking Tools
• Countermeasures
• Increasing Web Server Security
Class 12: Web Application Vulnerabilities
• Web Application Hacking
• Anatomy of an Attack
• Web Application Threats
• Carnivore
• Google Hacking
• Countermeasures
Class 13: Web Based Password Cracking Techniques
• Authentication- Definition
• Authentication Mechanisms
• Password Guessing
• Query String
• Cookies
• Password Crackers Available
• Hacking Tools
• Countermeasures
Class 14: SQL Injection
• Attacking SQL Servers
• SQL Server Resolution Service (SSRS)
• Osql-L Probing
• Port Scanning
• SQL Server Talks
• Preventive Measures
Class 15: Hacking Wireless Networks
• Wireless Basics
• Components of Wireless Network
• Access Point Positioning
• Rogue Access Points
• Tools to Generate Rogue Access Points
• Scanning Tools
• Sniffing Tools
• Securing Wireless Networks
Class 16: Worms and Viruses
• Virus Characteristics
• Symptoms of ‘virus-like’ attack
• Indications of a Virus Attack
• Virus / Worms found in the wild
• Virus writing tools
• Virus Checkers
• Virus Analyzers
Class 17: Physical Security
• Understanding Physical Security
• Factors Affecting Physical Security
• Wiretapping
• Lock Picking Techniques
• Spying Technologies
Class 18: Linux Hacking
• Linux Basics
• Linux Vulnerabilities
• Scanning Networks
• Scanning Tools
• Linux Security Tools
• Advanced Intrusion Detection System
• Linux Security Auditing Tool
• Linux Security Countermeasures
Class 19: Evading Firewalls, IDS and Honeypots
• Intrusion Detection Systems
• Ways to Detect Intrusion
• Types of Intrusion Detection System
• Intrusion Detection Tools
• Honeypot Project
• Tools to Detect Honeypot
Class 20: Buffer Overflows
• Buffer Overflows
• How a Buffer Overflow Occurs
• Shellcode
• NOPS
• Countermeasures
Class 21: Cryptography
• Public-key Cryptography
• Working of Encryption
• Digital Signature
• Digital Certificate
• RSA (Rivest Shamir Adleman)
• RSA Attacks
Class 22: Penetration Testing
• Penetration Test vs. Vulnerability Test
• Reliance on Checklists and Templates
• Phases of Penetration Testing
• Risk Analysis
• Types of Penetration Testing
• Types of Ethical Hacking
• SANS Institute Top 20 Security Vulnerabilities
• Penetration Testing Deliverable Templates
• Active Reconnaissance
Fore more information visit us online @ ABCO Technology
Check out our reviews
Crunch Base
Better Business Bureau
City Search
34.052234
-118.243685