CERTIFIED ETHICAL HACKER 312-50

  • 26 Apr 2021 to 30 Apr 2021/
  • ICT

A Certified Ethical Hacker is a skilled professional who understands and knows well how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. This program is the most desired information security training program any information security professional will ever want to be in. To master the hacking technologies, you will need to become one, but ethical one! The accredited course provides the advanced hacking tools and techniques used by hackers and information security professionals alike to break into an organization. As we put it, "To beat a hacker, you need to think like a hacker".

Course Objectives

The objective of this course is to help you master an ethical hacking methodology that can be used in a penetration testing or ethical hacking situation. You walk out the door with ethical hacking skills that are highly in demand, and it is internationally recognized as well.

This course will immerse you into the Hacker Mindset so that you will be able to defend against future attacks. The security mindset in any organization must not be limited to the silos of a certain vendor, technologies or pieces of equipment.

Course Content

  1. Introduction to Ethical Hacking
    1. Overview of Information Security
      1. Common Terms (Hack Value, Vulnerability, Exploit, Payload)
      2. Zero Day Attack
      3. Daisy Chaining
    2. Overview of Information Security Threats and attacks
      1. Threats vs Attacks
      2. Motives and reasons behind cyber security attacks
      3. What are the means by which hackers gain access to systems and networks
      4. Cloud Computing Threats
      5. Advanced Persistent Threats
      6. Viruses and worms
      7. Ransomware
      8. Mobile threats
      9. Modern Age Information Warfare
      10. Insider Attacks
      11. Phishing
      12. Web Application Threats
      13. Classification of Threats: Network Threats
      14. Classification of Threats: Host Threats
      15. Classification of Threats: Application Threats
      16. Classification of Attacks
      17. Botnets
      18. Laws, Standards, and Regulations
    3. History of Hacking
      1. A brief look at the history of hacking
      2. Types of hackers
      3. What is Ethical Hacking? What is its purpose?
      4. Scope of Ethical Hacking
      5. Hacking Stages:
        1. Reconnaissance
        2. Scanning
        3. Gaining Access
        4. Maintaining Access
        5. Clearing Tracks
    4. Protecting Information
      1. Information Assurance
      2. EISA and Information Security Management program
      3. Network Zoning
      4. Defense in depth
      5. What sort of things do policies regulate?
      6. Workplace Security Policy and Examples
      7. Physical Security Controls and Risk
      8. Risk Management
      9. Threat Modeling and Incident Management
      10. UBA - User Behavior Analytics and Network Security Controls
      11. Access Controls
      12. Identification, Authentication, Authorization, Accounting and IAM
      13. Data Leakage
      14. Data Backup
      15. Data Recovery
    5. Penetration Testing
      1. What is Penetration Testing?
      2. What Does a Good Penetration Test Consist Of?
      3. Why Do a Penetration Test?
      4. Pre-Attack Phase: Contracts
      5. Audit vs. Vulnerability Assessment vs. Penetration Test
      6. Red vs. Blue team!
      7. Types of Penetration Testing
      8. Pre-attack Phase:
        1. Rules of Engagement
        2. Understanding your client’s requirements
        3. Scope of a Penetration Test
        4. Information Gathering
        5. Two Types of Information Gathering
      9. Attack Phase
        1. Penetrating the Perimeter
        2. Target Acquisition
        3. Privilege Escalation
        4. Execute, Implant and Retract
      10. Post-Attack Phase
      11. Security Testing Methodologies
  2. Footprinting
    1. Footprinting Process
      1. About Footprinting
      2. Hacker State of Mind
      3. Search Engine and Online Resources
      4. WhoIS Geolocation and DNS Interrogation
      5. EMail Header Analysis
      6. Getting an IP Address from an e-mail and more
      7. Quick Look at website certificate, source code and traffic
      8. How to clone a website and extract metadata from files
      9. nmap and traceroute
    2. Reports and countermeasures
      1. Countermeasures and Best Practices
      2. What goes into a footprinting report?
  3. Scanning Networks
    1. Network Scanning Techniques
      1. Banner Grabbing
      2. Drawing and Mapping Out Network Topologies
      3. Scanning for vulnerabilities
      4. Enumeration
  4. System Hacking
    1. Password Cracking Techniques
      1. Password Cracking, Crunch and Some Basics
      2. Using Hydra for online password cracking
      3. Hashcat
        1. Environment Setup
        2. Installation
        3. Let us Crack Some Passwords!
        4. Results and Recap
    2. Techniques for creating and maintaining access to the remote system
      1. Reverse shell and remote service exploitation
      2. Keylogger
        1. Intro and Environment Setup
        2. Source code download and Import
        3. Configuration
        4. Demo
        5. Decrypting Keylogger logs
    3. Hiding Malicious Programs
      1. Sandbox
      2. How to create a safe sandbox environment
      3. Anti-Malware Software Overview
      4. Packaging Malware
      5. Rootkits
      6. Hiding Files and Steganography
    4. Covering Tracks and Destroying Evidence
      1. Log Files: Covering your tracks
  5. Wireless Networks and Spoofing
    1. Spoofing Techniques
      1. ARP Spoofing
      2. MAC Address Spoofing
      3. DHCP Starvation
    2. Attacking And Exploiting Wireless Networks
      1. Capturing the WPA2 Handshake
      2. Cracking WPA2 Passkey
  6. Social Engineering
    1. Tips, Tricks and Real Live Scenario
      1. Social Engineering
      2. Well Known Social Engineering Attacks: A Retrospective
  7. Firewalls and Honeypots
    1. Firewalls
      1. What is a firewall? How does it work?
      2. Firewall Usage, Logging and Configuration
      3. Evading Firewall: GeoBlock
    2. Honeypots
      1. How to setup a honeypot
      2. How to grab traffic from a Honeypot
  8. Hacking Web Servers and Web Applications
    1. Let’s Attack Web Servers and Web Applications
      1. OWASP - Open Web Application Application Security Project
      2. XSS Cross Site Scripting
      3. SQL Injections
  9. Cryptography
    1. About Cryptography
      1. Cryptography Basics
      2. Cryptography Common Algorithms and Message Digest
      3. PKI Public Key Infrastructure
    2. Encryption, Decryption, Cryptanalysis and Attack Vectors
      1. Cryptanalysis and Attack Vectors
      2. Checksum and File Encryption
      3. SSH RSA Demo
      4. Storage Medium Encryption

Targeted Group

ICT Security Managers/Officers, ICT managers, Systems administrators, system analysts, chief information officers, systems engineers, Network engineers, database administrators and Information Technology Officers, ICT Project managers,  ICT engineers, Any other Person interested in security and ethical hacking

  • Tour Package No
Course Price: 1,500,000/=

APPLY NOW