Ethical Hacking

This course meets the standards of highly skilled security professionals by providing a comprehensive set of ethical hacking and network security skills, tools and methodologies. Participants will begin by understanding how perimeter defenses work and will be guided into scanning and attacking their own networks (no real network is harmed).

They will then learn how intruders escalate privileges and what steps can be taken to secure their organization’s system. Participants will also gain in-depth knowledge on intrusion detection, policy creation, social engineering, Distributed Denial-of-Service (DDoS) attacks, buffer overflows and virus creation. This course will prepare all participants wishing to take the EC-Council ANSI accredited Certified Ethical Hacker exam 312-50.

Course Methodology
Participants will be provided laptops and immersed into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. This lab intensive environment gives each participant the opportunity to gain in-depth knowledge and practical experience with the current essential security systems. Each participant will have access to their own workstation and will be given exercises to practice penetration testing and create simple malware-type samples. They will also work in teams to create scenarios for the use of social engineering.

Course Objectives
By the end of the course, participants will be able to:

• Describe how perimeter defenses function by ethically scanning and attacking networks
• Conduct information systems security audits by understanding the latest security threats, advanced attack vectors, hacking techniques, methodologies and security measures
• Identify intruders, understand how they escalate privileges, and take the necessary steps to secure a system
• Conduct vulnerability assessments, risk assessments, penetration testing, and system protection measures Create policies and apply countermeasures against social engineering, Distributed Denial-ofService (DDoS) attacks, buffer overflows, and virus creation
• Apply countermeasures to secure mobile infrastructure against the attacks to mobile platforms and tablet computers

Target Audience
IT professionals, security professionals, auditors, site administrators, general management and anyone tasked with managing and protecting the integrity of the network infrastructure. This also includes anyone already familiar and involved with IT/Cyber/Digital Security and seeking to build on their fundamental principles of security. This course will also prepare professionals wishing to take the EC-Council ANSI accredited Certified Ethical Hacker exam 312-50.

Target Competencies

• Ethical Hacking
• Information security systems auditing
• Cyber security
• Cyber attack detection
• Vulnerability assessment
• Penetration testing

Course Outline

• Introduction to Ethical Hacking
• Short History of hacking
• Current developments
• Evolution and growth
• What is an “Ethical” Hacker
• Types of hackers
• Hacking methodologies
• Key issues plaguing the information security world Penetration testing
• System fundamentals
• Incident management processes
• Identifying the systems at risk
• Wireless networking
• Mobile platform security guidelines
• Mobile platform security tools
• Web servers
• Web applications
• Footprinting tools
• Footprinting reconnaissance
• Scanning networks
• Enumeration of services
• System hacking techniques and countermeasures
• Types of Trojans
• Working of viruses
• Computer worms
• Covert channels
• Sniffers
• Social engineering
• Denial of Service (DoS)
• Cryptography
• Public Key Infrastructure (PKI)
• Cryptanalysis tools
• Hacking your own system
• Gaining access to a system
• Session hijacking
• Wireless hacking tools
• Hacking mobile platforms
• Structured Query Language (SQL) injection
• Evading an Intrusion Detection System (IDS)
• Firewalls
• Honeypots
• Penetration testing
• Types of penetration testing
• Vulnerability assessment
• Penetration testing roadmap