Overview

The Certified Ethical Hacker (C|EH v10) program is a trusted and respected ethical hacking training Program that any information security professional will need.

 

Since its inception in 2003, the Certified Ethical Hacker has been the absolute choice of the industry globally.  It is a respected certification in the industry and is listed as a baseline certification on the United States Department of Defense Directive 8570. The C|EH exam is ANSI 17024 compliant adding credibility and value to credential members.

 

C|EH is used as a hiring standard and is a core sought after certification by many of the Fortune 500 organizations, governments, cybersecurity practices, and a cyber staple in education across many of the most prominent degree programs in top Universities around the globe.

 

Hundreds of Thousands of InfoSec Professionals as well as Career Starters have challenged the exam and for those who passed, nearly all are gainfully employed with successful careers, but the landscape is changing. Cyber Security as a profession is evolving, the barrier to entry is rising, the demand for Skilled Cyber professionals continues to grow, but it is being refined, demanding a higher level of skill and ability.

 

EC-Council raises the bar again for ethical hacking training and certification programs with the all new C|EH v10!

 

This course in its 10th iteration, is updated to provide you with the tools and techniques used by hackers and information security professionals alike to break into any computer system. This course will immerse you into a “Hacker Mindset” in order to teach you how to think like a hacker and better defend against future attacks. It puts you in the driver’s seat with a hands-on training environment employing a systematic ethical hacking process.

 

You are constantly exposed to creative techniques of achieving optimal information security posture in the target organization; by hacking it!  You will learn how to scan, test, hack and secure target systems. The course covers the Five Phases of Ethical Hacking, diving into Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks.

 

The tools and techniques in each of these five phases are provided in detail in an encyclopedic approach and absolutely no other program offers you the breadth of learning resources, labs, tools and techniques than the C|EH v10 program.

 

Objectives

  • Key issues plaguing the information security world, incident management process, and penetration testing.
  • Various types of footprinting, footprinting tools, and countermeasures.
  • Network scanning techniques and scanning countermeasures.
  • Enumeration techniques and enumeration countermeasures.
  • System hacking methodology, steganography, steganalysis attacks, and covering tracks.
  • Different types of Trojans, Trojan analysis, and Trojan countermeasures.
  • Working of viruses, virus analysis, computer worms, malware analysis procedure, and countermeasures.
  • Packet sniffing techniques and how to defend against sniffing.
  • Social Engineering techniques, identify theft, and social engineering countermeasures.
  • DoS/DDoS attack techniques, botnets, DDoS attack tools, and DoS/DDoS countermeasures.
  • Session hijacking techniques and countermeasures.
  • Different types of webserver attacks, attack methodology, and countermeasures.
  • Different types of web application attacks, web application hacking methodology, and countermeasures.
  • SQL injection attacks and injection detection tools.
  • Wireless Encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools.
  • Mobile platform attack vector, android vulnerabilities, mobile security guidelines, and tools.
  • Firewall, IDS and honeypot evasion techniques, evasion tools, and countermeasures.
  • Various cloud computing concepts, threats, attacks, and security techniques and tools.
  • Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools.
  • Various types of penetration testing, security audit, vulnerability assessment, and penetration testing roadmap.
  • Perform vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems.
  • Different threats to IoT platforms and learn how to defend IoT devices securely.

 

Audience

Ethical hackers, System Administrators, Network Administrators and Engineers, Webmanagers, Auditors, Security Professionals in general.

 

Prerequisites

  • At least two years of IT security experience
  • A strong working knowledge of TCP/IP
  • CompTIA Security+ Certification Prep Course
  • Certified Network Defense (CND)

 

Outline

Module 1: Introduction to Ethical Hacking

  • Information Security Overview
  • Information Security Threats and Attack Vectors
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Penetration Testing Concepts
  • Information Security Laws and Standards

 

Module 2: Footprinting and Reconnaissance

  • Footprinting Concepts
  • Footprinting through Search Engines
  • Footprinting through Web Services
  • Footprinting through Social Networking Sites
  • Website Footprinting
  • Email Footprinting
  • Competitive Intelligence
  • Whois Footprinting
  • DNS Footprinting
  • Network Footprinting
  • Footprinting through Social Engineering
  • Footprinting Tools
  • Countermeasures
  • Footprinting Pen Testing

 

Module 3: Scanning Networks

  • Network Scanning Concepts
  • Scanning Tools
  • Scanning Techniques
  • Scanning Beyond IDS and Firewall
  • Banner Grabbing
  • Draw Network Diagrams
  • Scanning Pen Testing

 

Module 4: Enumeration

  • Enumeration Concepts
  • NetBIOS Enumeration
  • SNMP Enumeration
  • LDAP Enumeration
  • NTP Enumeration
  • SMTP and DNS Enumeration
  • Other Enumeration Techniques
  • Enumeration Countermeasures
  • Enumeration Pen Testing

 

Module 5: Vulnerability Analysis

  • Vulnerability Assessment Concepts
  • Vulnerability Assessment Solutions
  • Vulnerability Scoring Systems
  • Vulnerability Assessment Tools
  • Vulnerability Assessment Reports

 

Module 6: System Hacking

  • System Hacking Concepts
  • Cracking Passwords
  • Escalating Privileges
  • Executing Applications
  • Hiding Files
  • Covering Tracks
  • Penetration Testing

 

Module 7: Malware Threats

  • Malware Concepts
  • Trojan Concepts
  • Virus and Worm Concepts
  • Malware Analysis
  • Countermeasures
  • Anti-Malware Software
  • Malware Penetration Testing

 

Module 8: Sniffing

  • Sniffing Concepts
  • Sniffing Technique: MAC Attacks
  • Sniffing Technique: DHCP Attacks
  • Sniffing Technique: ARP Poisoning
  • Sniffing Technique: Spoofing Attacks
  • Sniffing Technique: DNS Poisoning
  • Sniffing Tools
  • Countermeasures
  • Sniffing Detection Techniques
  • Sniffing Pen Testing

 

Module 9: Social Engineering

  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threats
  • Impersonation on Social Networking Sites
  • Identity Theft
  • Countermeasures
  • Social Engineering Pen Testing

 

Module 10: Denial-of-Service

  • DoS/DDoS Concepts
  • DoS/DDoS Attack Techniques
  • Botnets
  • DDoS Case Study
  • DoS/DDoS Attack Tools
  • Countermeasures
  • DoS/DDoS Protection Tools
  • DoS/DDoS Penetration Testing

 

Module 11: Session Hijacking

  • Session Hijacking Concepts
  • Application Level Session Hijacking
  • Network Level Session Hijacking
  • Session Hijacking Tools
  • Countermeasures
  • Penetration Testing

 

Module 12: Evading IDS, Firewalls, and Honeypots

  • IDS, Firewall and Honeypot Concepts
  • IDS, Firewall and Honeypot Solutions
  • Evading IDS
  • Evading Firewalls
  • IDS/Firewall Evading Tools
  • Detecting Honeypots
  • IDS/Firewall Evasion Countermeasures
  • Penetration Testing

 

Module 13: Hacking Web Servers

  • Web Server Concepts
  • Web Server Attacks
  • Web Server Attack Methodology
  • Web Server Attack Tools
  • Countermeasures
  • Patch Management
  • Web Server Security Tools
  • Web Server Pen Testing

 

Module 14: Hacking Web Applications

  • Web App Concepts
  • Web App Threats
  • Hacking Methodology
  • Web App Hacking Tools
  • Countermeasures
  • Web App Security Testing Tools
  • Web App Pen Testing

 

Module 15: SQL Injection

  • SQL Injection Concepts
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
  • Evasion Techniques
  • Countermeasures

 

Module 16: Hacking Wireless Networks

  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Countermeasures
  • Wireless Security Tools
  • Wireless Pen Testing

 

Module 17: Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Mobile Spyware
  • Mobile Device Management
  • Mobile Security Guidelines and Tools
  • Mobile Pen Testing

 

Module 18: IoT Hacking

  • IoT Concepts
  • IoT Attacks
  • IoT Hacking Methodology
  • IoT Hacking Tools
  • Countermeasures
  • IoT Pen Testing

 

Module 19: Cloud Computing

  • Cloud Computing Concepts
  • Cloud Computing Threats
  • Cloud Computing Attacks
  • Cloud Security
  • Cloud Security Tools
  • Cloud Penetration Testing

 

Module 20: Cryptography

  • Cryptography Concepts
  • Encryption Algorithms
  • Cryptography Tools
  • Public Key Infrastructure (PKI)
  • Email Encryption
  • Disk Encryption
  • Cryptanalysis
  • Countermeasures

 

Follow-On

  • Computer Hacking Forensic Investigator v9

 

Related Certification

  • Certified Ethical Hacker Certification (Exam 312-50)