Certified Ethical Hacker (CEH)

Overview

The most effective cybersecurity professionals are able to predict attacks before they happen.  Training in Ethical Hacking provides professionals with the expertise and insight necessary to prepare for and react to malicious intrusion. 

This class will immerse students in an interactive environment where they will be shown how to scan, test, hack, and secure their own systems. The lab-intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then learn to scan and attack their own networks.  No real network is harmed during these instructions. Students then learn how intruders escalate privileges and the necessary steps to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation in the process. When a student leaves this class, they will have hands-on understanding and experience in Ethical Hacking.

Topics covered include:

  • Trojans and Backdoors
  • Viruses and worms
  • Hacking Web Servers
  • SQL Injection
  • Physical Security
  • Cryptography
  • Data Loss Prevention
  • Patch Management

Target Audience

This course is suitable for security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. 

Prerequisites

Students taking this course should have a working knowledge of Linux and strong Microsoft Windows skills, a solid understanding of computer networking, and CompTIA Security+ and Network+ certification or equivalent knowledge. 

Course Objectives

Upon completing this course, students will be able to:

  • identify potential security weaknesses,
  • respond to malicious activity with experiential knowledge, and
  • secure systems with the best methods
  • sit for the EC Council Certified Ethical Hacker Examination
This training prepares individuals for the following positions: Ethical Hacker and Security Analyst.

Course Outline

Chapter 1

  • Intro to Ethical Hacking
  • Current trends and security threats
  • Scope and limitations of ethical hacking
  • Information security management, policies, and incident management
  • Vulnerability research, pen test process, and security acts/laws
Chapter 2
  • Footprinting and Reconnaissance
  • Footprinting terminology
  • Footprinting methodology
  • Footprinting tools
  • Footprinting countermeasures / pen test steps
Chapter 3
  • Scanning Networks
  • Check for live systems and ports / identifying services
  • Banner grabbing / OS fingerprinting
  • Scanning for vulnerabilities
  • Draw network diagrams
  • Prepare proxies
  • Pen test steps for scanning networks
Chapter 4
  • Enumeration
  • Extracting user names, machine names, and network resources from a system
  • Enumerate NetBIOS, SNMP, LDAP, NTP, SMTP, and DNS
  • Using various tools extract information
  • Pen test steps for enumeration
Chapter 5
  • System Hacking
  • Gaining access, maintaining access, and clearing logs
  • Hacking tools (keyloggers, spyware, and root kits)
  • Steganography techniques
  • System attack countermeasures
  • Pen test steps for system hacking
Chapter 6
  • Malware Threats
  • Malware propagation techniques
  • Trojans, viruses, and worms
  • Malware analysis
  • Detect virus’, worms, and trojans
  • Pen test steps for malware threats
Chapter 7
  • Sniffing
  • Basic concepts of sniffing on the network
  • MAC flooding, DHCP attacks, ARP spoofing, and ARP/DNS poisening
  • Sniffing tools
  • Pen test steps for sniffing
Chapter 8
  • Social Engineering
  • Social engineering attack phases
  • Types of social engineering
  • Impersonation based social engineering
  • Social engineering countermeasures
  • Pen test steps in social engineering
Chapter 9
  • Denial of Service
  • Classify DoS and DDoS attacks and tecniques
  • Botnets and how they infect a system
  • Tools used to perform DoS/DDoS
  • Pen test steps for DoS/DDoS
Chapter 10
  • Session Hijacking
  • Concepts
  • Techniques and tools
  • Countermeasures
  • Pen test steps for session hijacking
Chapter 11
  • Hacking Webservers
  • Reasons for webserver compromise
  • Open source and IIS architecture
  • Attack tools and techniques
  • Countermeasures
  • Pen test steps for hacking webservers
Chapter 12
  • Hacking Web Applications
  • Intro to web applications
  • Web application architecture
  • Threats and attacks
  • Web application hacking and security tools
  • Pen test steps for web applications
Chapter 13
  • SQL Injection
  • Threats from SQL injection attacks
  • Types of attacks
  • Methodology, injection tools, and detection tools
  • Pen test steps for SQL injection
Chapter 14
  • Hacking Wireless Networks
  • Types of wireless networks and standards
  • Terminology and encryption
  • Threats and hacking wireless network methodology
  • Pen test steps in hacking wireless networks
Chapter 15
  • Hacking Mobile Platforms
  • Mobile attack vectors
  • Android OS architecture
  • Jailbreaking IOS
  • Windows phone 8 architecture
  • Pen test steps in hacking wireless networks
Chapter 16
  • Evading IDS, Firewalls, and Honeypots
  • IDS, firewall, and honeypot solutions
  • IDS, firewall, and honeypot placement
  • Evasion techniques
  • Tools and countermeasures
  • Pen test steps in evading IDS, Firewalls, and Honeypots
Chapter 17
  • Cloud Computing
  • Basics of cloud computing and services
  • Security considerations
  • Threats, tools, and attacks
  • Pen test steps in cloud computing
Chapter 18
  • Cryptography
  • Intro to cryptography concepts
  • Tools
  • Public Key Infrastructure (PKI)
  • Cyphers, AES, DES
  • RSA
  • Pen test steps for cryptography

SLI Main Menu