EC-Council Certified Ethical Hacker (CEH) v12 + Examen

Categoría:
Tecnología de la Información /
Autoestudio: 365 días
Online EN VIVO: 40 horas
En Salón: 40 horas
The Certified Ethical Hacker (CEH) credential is the most trusted ethical hacking certification and accomplishment recommended by employers globally. It is the most desired information security certification and represents one of the fastest-growing cyber credentials required by critical infrastructure and essential service providers. Since the introduction of CEH in 2003, it is recognized as a standard within the information security community.

CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act so you will be better positioned to set up your security infrastructure and defend against attacks. By providing an understanding of system weaknesses and vulnerabilities, the CEH course helps students learn to protect their organizations and strengthen their security controls in order to minimize the risk of a malicious attack.

CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work toward proving the required knowledge and skills needed to achieve the CEH credential and perform the job of an ethical hacker.

Now in its 12th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies.

 

Objectives

  • Information security controls, laws, and standards.
  • Various types of footprinting, footprinting tools, and countermeasures.
  • Network scanning techniques and scanning countermeasures
  • Enumeration techniques and enumeration countermeasures
  • Vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems.
  • System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities.
  • Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures.
  • Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing.
  • Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures.
  • DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures.
  • Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures.
  • Webserver attacks and a comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures.
  • Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures.
  • SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures.
  • Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
  • Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools.
  • Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures.
  • Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools.
  • Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap.
  • Threats to IoT and OT platforms and defending IoT and OT devices.
  • Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools.

  • Mid-Level Information Security Auditor.
  • Cybersecurity Auditor.
  • Security Administrator.
  • IT Security Administrator.
  • Cyber Defense Analyst.
  • Vulnerability Assessment Analyst.
  • Warning Analyst.
  • Information Security Analyst 1.
  • Security Analyst L1.
  • Infosec Security Administrator.
  • Cybersecurity Analyst level 1, level 2, & level 3.
  • Network Security Engineer.
  • SOC Security Analyst.
  • Security Analyst.
  • Network Engineer.
  • Senior Security Consultant.
  • Information Security Manager.
  • Senior SOC Analyst.
  • Solution Architect.
  • Cybersecurity Consultant.

Module 1: Introduction to Ethical Hacking

  • Information Security Overview.
  • Hacking Methodologies and Frameworks.
  • Hacking Concepts.
  • Ethical Hacking Concepts.
  • Information Security Controls.
  • Information Security Laws and Standards.

 

Module 2: Footprinting and Reconnaissance

  • Footprinting Concepts.
  • Footprinting through Search Engines.
  • Footprinting through Web Services.
  • Footprinting through Social Networking Sites.
  • Website Footprinting.
  • Email Footprinting.
  • Whois Footprinting.
  • DNS Footprinting.
  • Network Footprinting.
  • Footprinting through Social Engineering.
  • Footprinting Tools.
  • Footprinting Countermeasures.

 

Module 3: Scanning Networks

  • Network Scanning Concepts.
  • Scanning Tools.
  • Host Discovery.
  • Port and Service Discovery.
  • OS Discovery (Banner Grabbing/OS Fingerprinting).
  • Scanning Beyond IDS and Firewall.
  • Network Scanning Countermeasures.

 

Module 4: Enumeration

  • Enumeration Concepts.
  • NetBIOS Enumeration.
  • SNMP Enumeration.
  • LDAP Enumeration.
  • NTP and NFS Enumeration.
  • SMTP and DNS Enumeration.
  • Other Enumeration Techniques.
  • Enumeration Countermeasures.

 

Module 5: Vulnerability Analysis

  • Vulnerability Assessment Concepts.
  • Vulnerability Classification and Assessment Types.
  • Vulnerability Assessment Tools.
  • Vulnerability Assessment Reports.

 

Module 6: System Hacking

  • Gaining Access.
  • Escalating Privileges.
  • Maintaining Access.
  • Clearing Logs.

 

Module 7: Malware Threats

  • Malware Concepts.
  • APT Concepts.
  • Trojan Concepts.
  • Virus and Worm Concepts.
  • Fileless Malware Concepts.
  • Malware Analysis.
  • Malware Countermeasures.
  • Anti-Malware Software.

 

Module 8: Sniffing

  • Sniffing Concepts.
  • Sniffing Technique: MAC Attacks.
  • Sniffing Technique: DHCP Attacks.
  • Sniffing Technique: ARP Poisoning.
  • Sniffing Technique: Spoofing Attacks.
  • Sniffing Technique: DNS Poisoning.
  • Sniffing Tools.
  • Sniffing Countermeasures.

 

Module 9: Social Engineering

  • Social Engineering Concepts.
  • Social Engineering Techniques.
  • Insider Threats.
  • Impersonation on Social Networking Sites.
  • Identity Theft.
  • Social Engineering Countermeasures.

 

Module 10: Denial-of-Service

  • DoS/DDoS Concepts.
  • Botnets.
  • DoS/DDoS Attack Techniques.
  • DDoS Case Study.
  • DoS/DDoS Attack Countermeasures.

 

Module 11: Session Hijacking

  • Session Hijacking Concepts.
  • Application-Level Session Hijacking.
  • Network-Level Session Hijacking.
  • Session Hijacking Tools.
  • Session Hijacking Countermeasures.

 

Module 12: Evading IDS, Firewalls, and Honeypots

  • IDS, IPS, Firewall, and Honeypot Concepts.
  • IDS, IPS, Firewall, and Honeypot Solutions.
  • Evading IDS.
  • Evading Firewalls.
  • Evading NAC and Endpoint Security.
  • IDS/Firewall Evading Tools.
  • Detecting Honeypots.
  • IDS/Firewall Evasion Countermeasures.

 

Module 13: Hacking Web Servers

  • Web Server Concepts.
  • Web Server Attacks.
  • Web Server Attack Methodology.
  • Web Server Attack Countermeasures.
  • Patch Management.

 

Module 14: Hacking Web Applications

  • Web Application Concepts.
  • Web Application Threats.
  • Web Application Hacking Methodology.
  • Web API, Webhooks, and Web Shell.
  • Web Application Security.

 

Module 15: SQL Injection

  • SQL Injection Concepts.
  • Types of SQL Injection.
  • SQL Injection Methodology.
  • SQL Injection Tools.
  • Evasion Techniques.
  • SQL Injection Countermeasures.

 

Module 16: Hacking Wireless Networks

  • Wireless Concepts.
  • Wireless Encryption.
  • Wireless Threats.
  • Wireless Hacking Methodology.
  • Wireless Hacking Tools.
  • Bluetooth Hacking.
  • Wireless Attack Countermeasures.
  • Wireless Security Tools.

 

Module 17: Hacking Mobile Platforms

  • Mobile Platform Attack Vectors.
  • Hacking Android OS.
  • Hacking iOS.
  • Mobile Device Management.
  • Mobile Security Guidelines and Tools.

 

Module 18: IoT and OT Hacking

  • IoT Hacking.
  • IoT Concepts.
  • IoT Attacks.
  • IoT Hacking Methodology.
  • IoT Attack Countermeasures.
  • OT Hacking.
  • OT Concepts.
  • OT Attacks.
  • OT Hacking Methodology.
  • OT Attack Countermeasures.

 

Module 19: Cloud Computing

  • Cloud Computing Concepts.
  • Container Technology.
  • Serverless Computing.
  • Cloud Computing Threats.
  • Cloud Hacking.
  • Cloud Security.

 

Module 20: Cryptography

  • Cryptography Concepts.
  • Encryption Algorithms.
  • Cryptography Tools.
  • Public Key Infrastructure (PKI).
  • Email Encryption.
  • Disk Encryption.
  • Cryptanalysis.
  • Cryptography Attack Countermeasures.

There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program. C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them.

It is suggested that you have the knowledge and working experience at the level of CompTIA Security+ and/or CompTIA Linux+ and EC-Council Certified Network Defense (CND) prior to taking this course.

Certified Ethical Hacker Certification (Exam 312-50).

Exam Facts

Delivery Online (Web based)
Format Multiple choice
Proctoring Live
Duration 4 hours
# of questions 125
Pass Grade Depending on which exam form is challenged, cut scores can range from 60% to 85%.

Escanea el código