A Certified Information Security Expert has in-depth knowledge of the internet, networking & online threats. He is capable of identifying new threats & can be considered as an Online Security Consultant.
If you a CISE, various opportunities are waiting for you. Various Companies will just pick you up seeing that you are a CISE. Apart from that, it can also help you in getting the promotion you have been looking for. The course is an excellent investment for students in the Technology field as well as professionals in the internet & networking field.
The CEH certification is for an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a hacker. Illegal hacking (ie; cracking computer systems) is a felony in the United States and most other countries. But when this type of hacking is done by request and under a contract between an Ethical Hacker and an organization, it is legal. The most important point is that an Ethical Hacker has authorization to probe the target with attacks such as cross site scripting.
A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
Certification is achieved through training at an ATC (Accredited Training Center) or self-study. If students choose to self-study, in order to sit for the exam they must fill out an application and also have documented 2 years of information security work experience. Both CEH v4 and v5 utilize EC-Council's exam 312-50. The exam consists of 125 (v4) or 150 (v5) multiple-choice questions, and students are given up to three or four hours, respectively, to complete the examination. The exam costs US$250, and is administered via computer at an EC-Council Accredited Training Center, Pearson VUE, or Prometric testing center (in the United States).
In today’s scenario, everything depends on IT. From tax collections, booking the cheapest airline tickets, banking online to trading shares online, you name it! If you aren’t a part of IT revolution yet, you are missing on a lot of ease and opportunities. But as they say, everything comes at a price, and the price you pay here is risking your privacy and probably your bank balance!
Hacking is easier on poorly built websites and applications. There is nothing as good for a hacker as a faulty program. During one of Innobuzz PenTest operations, we found a simple coding glitch that revealed high priority information in the websites of one of the top 10 companies of India! It is really that infectious! Imagine, if that can happen to large companies, where do YOU stand? If you are a web developer, and a site designed by you is compromised, you lose your clients, if you do business online, you lose your customers. And for the average web user, it means loss of privacy and credit card numbers.All this is happening at a very fast rate and experts are needed to check and cure these. ITS Experts are in demand. According to NASSCOM, the demand for ITS Experts will be 10Lakh by 2010 in India. ITS is a THE next big thing in IT and you should make the best of it. Innobuzz Knowledge Solutions provide quality training in field of ITS which enable you to become an Ethical Hacker.
Our programs are well researched and developed in consultation with the best Security Experts around the world. Doing a CISE (Certified Innobuzz Security Expert) will do a lot of value addition, as this is a unique course offered in India.
Some of the hacking concepts you will learn to master during this hands on hacking course...
| || |
Some of the instructor-led hands-on hacking lab exercises in this security training experience.
♣ Terrorist Threat to IT Infrastructure
♣ National Infrastructure Attacks
♣ Hackers and their Targets
♣ E-Business Security Under Threat
♣ Phishing Attacks and Social Engineering
♣ Who to Trust in this Untrusting Network world
♣ Wired or Wireless – Security analysis
♣ Prosecution of Cyber Criminals
♣ Forensics Analysis – The Failures
♣ Identity Theft and the Risks
♣ Airports, Banks, and Public Transportation. Are we safe?
♣ Hackers are here. Where are you?
♣ Are you smarter then the hackers.
♣ I can beat you. Don’t think you are smart.
♣ Software vendor’s promises and lies.
♣ Contingency Planning for Organizations
♣ Defense Against Social Engineering
♣ Facilitated Risk Analysis for Business and Security
♣ Hands-on Hacking
♣ Linux Security
♣ Wireless Security
♣ How to Be a More Effective Security Liaison:
♣ Security as a Part-time Job
♣ Effective Information Security
♣ Sustain a Quality Security
♣ Awareness Program
♣ Winning Security Architecture
♣ Develop Information Security Policies
♣ Develop Information Security Standards and Procedures
♣ How to Perform a Technical Network Vulnerability
♣ Administrator Mistakes
♣ Hacker Mistakes
♣ Hiring Hackers and the Law
♣ Hacker Terrorism
♣ Computer and Network Security
♣ End-to-End Digital Investigation
♣ Knowledge Foundations for Data Communications
♣ Managing a Privacy Governance Program
♣ Outsourcing Security
♣ Encryption and Certificate Authorities
♣ Roll-Out of an Asset Classification Program
♣ Return on Investment for Information Security
♣ A Structured Approach to Incident Response
♣ Computer Forensics Tools and How to Make Them Work for You
♣ Wireless Security in the Enterprise
♣ A Pragmatic Approach to Information Security Management
♣ Demystifying Security and Audit of TCP/IP Networks
♣ Penetration Testing: HANDS-ON
♣ Essential Windows Security Tools
♣ IT Law: Business and Security Imperatives for Non-Lawyers
♣ Staying Out of Trouble with Wireless Local Area Networks
♣ Defining and Building an Enterprise Security Architecture
♣ How to Secure and Audit LDAP
♣ Creating and Implementing Security Policies
♣ Blueprint for Avoiding Identity Theft
♣ The Complete Do-It-Yourself NIST Security Toolkit
♣ E-Fraud Forensics: Understanding the Investigative Process A to Z
♣ The Good Guys’ Guide to Uncovering Network Vulnerabilities
♣ VoIP Security Exposed
♣ Hacking Windows - HANDS-ON
♣ Remote Testing for Common Web Application Security Threats
♣ How to Stop an Enemy We Can't Find: Technology on the Front Lines
♣ The Latest Network Hacks and Defenses
♣ Creating an End-to-End Identity Management Architecture
♣ VoIP Security
♣ Laws That Drive Information Security
♣ Threat Trends 2006: The Latest on Phishing, Pharming, Spyware, and More
♣ Planning and Deploying a Strategic Security Architecture
♣ Securing Today's (and Tomorrow's) Mobile Infrastructure
♣ Threats and Countermeasures: Defending Against the Worst Malware in Windows
♣ Manager’s Guide to Perimeter Protection: Firewalls and IDS
♣ Preparing For and Handling Network Security Incidents
♣ How to Conduct a Penetration Test
♣ The Sensor Age: How RFID is about to Revolutionize Business and Information Security
♣ Hacking Web Applications
♣ Conquering Federated Identity Management: Lessons Learned
♣ Phishing: Tackling the Problem
♣ Making Policies Work: From Creation to Enforcement
♣ What Hackers Don't Want You to Know
♣ Best Practices for Vulnerability Management
♣ Mobile Device Security
♣ First-Class Security Tips for Windows Systems
♣ How to Properly Defend Your Port 80
♣ Bleeding-Edge Anti-Forensics
♣ Hardware Token Compromises and Fixes
♣ Advanced SQL Injection
♣ Managing Identity and Access Control Management for Enterprise Security
♣ Google Hacking - DEMO
♣ Presenting the Business Case and ROI for InfoSec
♣ Regulation Riptide: Staying Above Water with Compliance and InfoSecurity
♣ Security in the Services-Oriented Architecture
♣ Safety on the Road: Key Tools to Protect Road Warriors
♣ Rootkits in Windows
♣ Perimeter Penetration Testing
♣ Creating a Threat Recognition Architecture in a Federal Agency
♣ Centrally Managing Fine-Grained Database Access
♣ Managing IT Risks Through the Assessment Process
♣ Different Styles of Intrusion Prevention: What Keeps Out the Hackers?
♣ System Configuration Management: Security and Auditing Challenges
♣ WPAN Security Exposed
♣ Patch Management in a Complex IT Environment
♣ Hacking IPSec Virtual Private Networks (VPNs)
♣ Hacking and Securing .NET
♣ Network Devices Exposed! Routers, Switches, Wireless, Modems, and More
♣ Taking Your Instant Response Team to the Next Level
♣ Identity and Access Management Deployment: Lessons Learned
♣ Biometrics: Opportunities and Challenges
♣ Taking Control of Your Career: Development Options for Information Security Professionals
♣ How to Use PERL as a Security and Audit Tool
♣ Creating and Implementing IM Policies
♣ Late-Breaking Technology Session!
♣ Security and the Homeland
♣ Penetration Testing Databases and Countermeasures
♣ Implementing Cross-Company Authentication Using SAML
♣ Building Security In: Software Security Gets Real
♣ Technical Policy Management
♣ Potholes that Could Derail an Information Security Program
♣ Identity Theft: What, How and Protective Measures
♣ Preparing for the Coming VoIP Security Revolution: IMS
♣ Computers, Crime and Punishment
♣ Creating a Computer Forensic Policy as Part of Your Cyber Response Plan
♣ Leveraging Freeware Hacker Tools
♣ Securing Unix-Based Operating Systems
♣ Protecting Your Network from Next Generation Attacks - DEMO
♣ The Role of Directory Services in Identity Solutions
♣ Hacking Web Services: Strategies, Tools, and Methods - DEMO
♣ Managing Security and Privacy Projects
♣ Everything You Need to Know About Encryption in 90 Minutes
♣ Attacking and Defending RFID Security
♣ Next-Generation Wireless Attacks and Defenses
♣ Firewall Technology: Where Is It Headed?
♣ Looking in the Windows Registry for Forensic Purposes
♣ Open Source Tools for Securing the Infrastructure -
♣ Cops and Robbers Las Vegas Style
♣ Web Application Security Assessments
♣ Provisioning: The ID Management Back Office
♣ Securing the Brains of the Network: DNS and DHCP
♣ Policies for Identity Management
♣ Keeping E-Messaging Secure
♣ Conducting a Business Impact Analysis and Creating a Disaster Recovery Plan
♣ SSL Remote Access Tactics: Unsafe at Any Speed?
♣ Securing Windows 2003
♣ Secure Network Change Management: Look Before You Change
♣ Handling Evidence in an E-Fraud Investigation
♣ Tracking USB Storage Devices Across Windows Systems
♣ ARP Spoofing and Beyond: Attacks and Protection at Layer 2
♣ Integrating Enterprise Access Solutions into a Seamless System
♣ Auditing Web Application Authentication
♣ Getting the Most Out of Your Ethical Hacking Program
♣ Life After California SB1386: Getting a Handle on Security Breach Notification Laws
♣ Managing IT Risk and Compliance: An Effective Framework for the Enterprise
♣ Hacking SSL Virtual Private Networks (VPNs)
♣ Protecting Your Penguins: Developing a Baseline for Linux Security
♣ What Every Organization Should Monitor and Log: A Checklist
♣ The Time is Now: The Convergence of Networks, Time Synchronization and Information Security
You can register and take any e-Business certification exams through web based Prometric Prime at http://eccouncil.prime.prometric.com Any EC-Council Accredited Training Center can proctor the exam. You cannot take the exam directly through the Internet without a proctor.
Certification exams are priced according to currency values in available countries. Certification exam prices are subject to change. In some countries, exam prices may differ and additional taxes may apply. Please contact your ATC for exact pricing.
Exams with prefix of 212 are priced at $99 U.S.
Exams with prefix of 112 are priced at $ 125 U.S
Exams with prefix of 312 are priced at $250 U.S
Payment is made to Prometric at the time of registration. Prometric accepts payment by credit card.
Pre-paid exam vouchers
Exam vouchers are available from EC-Council Accredited Training Centers around the world. Candidates may also purchase pre-paid exam vouchers directly by contacting firstname.lastname@example.org
EC-Council exams are also available through Authorized Prometric Testing Centers in over 180 countries.
Exams Available at APTC
Currently the following exams are available at APTC
- E-Commerce Architect
(Exam Code: EC0-232)
Cost: USD 125/-
This exam only available at Prometric
- Ethical Hacking and Countermeasures
(Exam Code: EC0-350)
Cost: USD 250/-
This exam available at Prometric and VUE
- Computer Hacking Forensic Investigator
(Exam Code: EC0-349)
Cost: USD 250/-
This exam available at Prometric and VUE
EC-Council offers the Certified Ethical Hacker Certification Exam over these channels.
- Exam 312-50: Web based ‘Prometric Prime’ at Accredited Training Centers (ATC).
- Exam EC0-350: Proctored test at Authorized Prometric Testing Centers (APTC) globally.
- Exam 312-50: VUE Testing centers
Please note that the difference in the exam is only in terms of exam delivery channel and are otherwise identical in source.
To be eligible for appearing in the CEH certification examination, you must:
- Have attended training for the CEH course at any of the accredited training centers. Should you choose to defer taking the examination after your training, and would like to opt for another location; you can apply for the same at a later date at any ATC of your choice by submitting your certificate of attendance to EC-Council.
- If you have opted for self-study and not attended training, you must have at least two years of information security related experience.
Please download and complete the CEH Exam (EC0-350) Application Form and fax it to EC-Council at +1-505-212-0667 for verification. Upon approval, EC-Council will send you an eligibility voucher number which you can use to register and schedule the test at any Authorized Prometric Testing Center globally. Please note that Prometric Registration will not entertain any requests without this voucher number.
- If you have attended training at any accredited training center, you are eligible to appear for the web based Prometric Prime exam. This exam is priced at USD 250.
- If you have chosen self study, and are eligible for the exam as verified from the CEH Exam EC0-350 Application Form submitted, you can take the test at any of the Authorized Prometric Testing Centers globally. This exam is priced at USD 250.
- If you are appearing for Exam 312-50 the web based Prometric Prime exam, you can contact your ATC to schedule the exam.
- If you are appearing for Exam EC0-350 at any authorized Prometric Testing center, you can schedule the exam by contacting Prometric directly. You can use the voucher number given to you by EC-Council upon approval of your eligibility application form. Please note that Prometric will NOT schedule exams without the voucher number.
- For VUE, please visit http://www.vue.com/eccouncil
What is the difference between Exam 312-50 and Exam EC0-350?
EC-Council offers the Certified Ethical Hacker examination over two channels – the EC-Council Accredited Training Center (ATC) and the Authorized Prometric Testing Center (APTC). Only students who undergo training for CEH at any ATC are eligible to appear for the web based Prometric Prime exam (Exam 312-50).
Students who opt to pursue self study can appear for the exam EC0-350 at the Authorized Prometric Testing Center after they fulfill the examination eligibility criteria and produce the voucher number to Prometric.
In all other aspects the exams are identical in source and lead to the certification ‘Certified Ethical Hacker’.
Should I attend training to appear for the CEH exam?
EC-Council recommends that CEH aspirants attend formal classroom training at any of the accredited training centers to reap maximum benefit of the course and have a greater chance at clearing the examinations. The ATC will check your work experience before registering for the class. You are also required to sign a Non-Disclosure Agreement (NDA) when you enroll for the class.
What are the pre-requisites for taking a CEH exam?
If you attend CEH training, you are eligible to appear for the CEH examination. If you opt for self study, you must complete the eligibility form and fax it to EC-council for approval.
Is there any eligibility criteria?
It is mandatory for you to record two years of information security related work experience and get the same endorsed by your employer. In case you do not possess the same you can send us a request detailing your educational background and request for consideration on a case basis.
Why do I have to get approval from EC-Council to appear for the exam without the training?
EC-Council presents the body of knowledge through CEH to educate and assist information security professionals in hacking tools and techniques for legally accepted security testing purposes. It is the social responsibility of EC-Council to ensure that this knowledge is imparted to people with the right intent and obtain assurance that this body of knowledge will not be misused
Where do I purchase the prepaid examination vouchers?
You can purchase the vouchers directly from VUE or Prometric.
I have just completed the training. Can I defer taking a test to a later date?
Yes, you can. Ensure that you obtain a certificate of attendance upon completion of the training. You may contact the ATC at a later date and schedule the exam.
I have just completed the training. Can I take the test at a different location?
Yes, you can. You can take the exam at any ATC offering the CEH program by presenting your certificate of attendance. This will be verified against our records and your exam can be scheduled.
Do I have to recertify?
You will need to earn EC-Council Continuing Education Credits (ECE) to maintain the certification. Click here for more information.
Why are there different versions for the exam?
EC-Council certifications are under continuous development. We incorporate new techniques and technology as they are made available and are deemed necessary to meet the course objectives. This is reflected in our examination process as well as students are tested on concepts, techniques and technology.
How many times can I appear for the examination in case I do not pass in the first attempt?
There are no restrictions on the number of times you can appear for the examination, as long as you are able to contact the test center and schedule your exam in advance. There is no waiting period between attempts.
To request for another eligibility voucher to resit for the exam at Prometric APTC, send an e-mail to email@example.com with your details. You don't need to go through eligibility application process again.
Can I take the exam at VUE testing centers?
Yes. The 312-50 exam is available at VUE testing centers as well. Just like Prometric APTC, you will need an eligibility number to attempt the exam at Vue. The eligibility number issued for Prometric cannot be used for VUE and vice versa. You can indicate in the eligibility application form which center you will be taking the test. Please visit VUE's EC-Council testing page at http://www.vue.com/eccouncil
Will EC-Council help me in scheduling the Prometric exam?
You are advised to contact Prometric Registration up to one business day prior to the date of the scheduled exam, before 7pm Central Standard Time.
When will I get my certificate once I pass the certification examination?
You will receive your welcome kit in eight week’s time upon passing the exam.
How many questions are there in the exam and what is the time duration?
The examination consists of 150 questions. The duration of the test varies according to location and channel. The exam 312-50 offered through Prometric Prime is of four hour duration. The exam EC0-350 offered through Prometric APTC is four hours for English speaking countries (US and others) and four and half hours for Non English speaking countries.
How much should I score to clear the exam?
The passing score is 70%.
I am doing a self study, how do I know I am ready to take the exam? Are there any practice tests?
Yes, you can take our practice tests to become familiar with the examination approach.
Can I purchase practice tests?
CEH exam practice tests are available from PrepLogic http://www.preplogic.com
What kind of questions can I expect in the exam? Do you have any exam pointers?
The examination tests you on security related concepts, hacking techniques and technology. You will be asked to decipher exploit codes, study log files, infer output and apply the knowledge acquired through the course.
Can I review my answers?
You can mark your questions and review your answers before you end the test.
Register by Telephone
In the US and Canada, candidates can register for EC-Council exams by calling Prometric's direct EC-Council toll-free registration line at (800) 815-3926 between 7:00 a.m. and 7:00 p.m. CST. Outside the United States and Canada, please visit www.prometric.com for a complete list of exam registration phone numbers.
Candidates can register for EC-Council exams at www.2test.com, Prometric's online registration web site. Online registration is not available for beta exams. Online exam registration is available in most countries.
To locate the Testing Center nearest to you, please visit Prometric.com web site.
Please be prepared to provide the following information to Prometric when calling to schedule your test appointment:
- First and last name: Please provide your name as you would like it to appear on your certificate.
- Social Security Number: For candidates who do not have a Social Security Number or do not wish to provide one, Prometric will assign a unique identification number. Please use this ID number each time that you schedule a new exam.
- Mailing address: Please list the address to which all correspondence should be mailed.
- Company name: If you have listed your business address, please include your company name to ensure appropriate routing.
- E-mail address: For the latest program updates, email is the most efficient and effective means of contacting you.
- Contact phone numbers
- Exam number and title
- Testing center preference: A Prometric customer service representative can help you identify the testing center near your location.
- Method of payment (cash, personal check, credit card (American Express, Mastercard, and Visa), bank transfers, etc.) Payment options may vary by country.
If your address has changed since you last registered for an exam, please contact Prometric to update your demographic information.
Prometric will schedule each candidate into an Authorized Prometric Testing Center for their exam appointment. Prometric Registration will only schedule exams that have been paid.
Candidates who need to reschedule an exam can do so as long as they contact Prometric Registration up to one business day prior to the date of the scheduled exam, before 7pm Central Standard Time.
It is important that a candidate arrives at the testing center at least fifteen minutes before the scheduled exam time. The candidate is also required to bring two forms of signature identification, one with a photograph, for verification purposes. To maintain the security of the test environment, candidates are not permitted to bring reference materials of any kind into the testing center.
After an exam has been taken a candidate will automatically receive a score report indicating a pass/fail. If a candidate has taken a beta exam, however, a score report will be sent six to eight weeks after the termination of the beta availability period.
Exam Retake Policy
Candidates may attempt each exam any number of times, there is no waiting period between attempts.
Ethical Hacking and Countermeasures (312-50)
New CEHv6 Exam
The CEHv6 exam is currently in beta and will be available on the 5th November, 2008. The CEH v5 exam will be available until June 3rd, 2009 then retired.
- The exam codes EC0-350 are 312-50 are the same exam.
- The exam title "Certified Ethical Hacker" and "Ethical Hacking and Countermeasures" are the same
- VUE and Prometric systems use different exam codes.
- The CEHv4 exam has been retired since June 1st 2007
- CEHv5 exam is available on Prometric Prime, APTC and VUE.
- Exams at VUE and Prometric APTC requires Eligibility Code. Please visit http://www.eccouncil.org/takeexam.htm for details
Credit Towards Certification
|Certified Ethical Hacker|
|Master of Security Science (MSS)|
Exam Details (CEHv5)
|Number of Questions: 150|
|Passing Score: 70%|
|Test Duration: 4 Hours|
|Test Format: Multiple Choice|
|Test Delivery: Prometric Prime|
|Exam Version: 5|
|Release Date: November 13th, 2006|
|Exam Cost: USD 250|
The Exam 312-50 tests CEH candidates on the following 22 domains.
1. Ethics and Legal Issues
5. System Hacking
6. Trojans and Backdoors
8. Denial of Service
9. Social Engineering
10. Session Hijacking
11. Hacking Web Servers
12. Web Application Vulnerabilities
13. Web Based Password Cracking Techniques
14. SQL Injection
15. Hacking Wireless Networks
16. Virus and Worms
17. Physical Security
18. Hacking Linux
19. IDS, Firewalls and Honeypots
20. Buffer Overflows
22. Penetration Testing Methodologies
Ethics and Legality
- Ethics and Legality
- Understand Ethical Hacking terminology
- Define the Job role of an ethical hacker
- Understand the different phases involved in ethical hacking
- Identify different types of hacking technologies
- List the 5 stages of ethical hacking?
- What is hacktivism?
- List different types of hacker classes
- Define the skills required to become an ethical hacker
- What is vulnerability research?
- Describe the ways in conducting ethical hacking
- Understand the Legal implications of hacking
- Understand 18 U.S.C. § 1030 US Federal Law
- Define the term Footprinting
- Describe information gathering methodology
- Describe competitive intelligence
- Understand DNS enumeration
- Understand Whois, ARIN lookup
- Identify different types of DNS records
- Understand how traceroute is used in Footprinting
- Understand how e-mail tracking works
- Understand how web spiders work
- Define the term port scanning, network scanning and vulnerability scanning
- Understand the CEH scanning methodology
- Understand Ping Sweep techniques
- Understand nmap command switches
- Understand SYN, Stealth, XMAS, NULL, IDLE and FIN scans
- List TCP communication flag types
- Understand War dialing techniques
- Understand banner grabbing and OF fingerprinting techniques
- Understand how proxy servers are used in launching an attack
- How does anonymizers work
- Understand HTTP tunneling techniques
- Understand IP spoofing techniques
- What is Enumeration?
- What is meant by null sessions
- What is SNMP enumeration?
- What are the steps involved in performing enumeration?
- Understanding password cracking techniques
- Understanding different types of passwords
- Identifying various password cracking tools
- Understand Escalating privileges
- Understanding keyloggers and other spyware technologies
- Understand how to Hide files
- Understanding rootkits
- Understand Steganography technologies
- Understand how to covering your tracks and erase evidences
Trojans and Backdoors
- What is a Trojan?
- What is meant by overt and covert channels?
- List the different types of Trojans
- What are the indications of a Trojan attack?
- Understand how “Netcat” Trojan works
- What is meant by “wrapping”
- How does reverse connecting Trojans work?
- What are the countermeasure techniques in preventing Trojans?
- Understand Trojan evading techniques
- Understand the protocol susceptible to sniffing
- Understand active and passive sniffing
- Understand ARP poisoning
- Understand ethereal capture and display filters
- Understand MAC flooding
- Understand DNS spoofing techniques
- Describe sniffing countermeasures
Denial of Service
- Understand the types of DoS Attacks
- Understand how DDoS attack works
- Understand how BOTs/BOTNETS work
- What is “smurf” attack
- What is “SYN” flooding
- Describe the DoS/DDoS countermeasures
- What is Social Engineering?
- What are the Common Types of Attacks
- Understand Dumpster Diving
- Understand Reverse Social Engineering
- Understand Insider attacks
- Understand Identity Theft
- Describe Phishing Attacks
- Understand Online Scams
- Understand URL obfuscation
- Social Engineering countermeasures
- Understand Spoofing vs. Hijacking
- List the types of Session Hijacking
- Understand Sequence Prediction
- What are the steps in performing session hijacking
- Describe how you would prevent session hijacking
Hacking Web Servers
- List the types of web server vulnerabilities
- Understand the attacks Against Web Servers
- Understand IIS Unicode exploits
- Understand patch management techniques
- Understand Web Application Scanner
- What is Metasploit Framework?
- Describe Web Server hardening methods
Web Application Vulnerabilities
- Understanding how web application works
- Objectives of web application hacking
- Anatomy of an attack
- Web application threats
- Understand Google hacking
- Understand Web Application Countermeasures
Web Based Password Cracking Techniques
- List the Authentication types
- What is a Password Cracker?
- How does a Password Cracker work?
- Understand Password Attacks - Classification
- Understand Password Cracking Countermeasures
- What is SQL injection?
- Understand the Steps to conduct SQL injection
- Understand SQL Server vulnerabilities
- Describe SQL Injection countermeasures
- Overview of WEP, WPA authentication systems and cracking techniques
- Overview of wireless Sniffers and SSID, MAC Spoofing
- Understand Rogue Access Points
- Understand Wireless hacking techniques
- Describe the methods in securing wireless networks
Virus and Worms
- Understand the difference between an virus and a Worm
- Understand the types of Viruses
- How a virus spreads and infects the system
- Understand antivirus evasion techniques
- Understand Virus detection methods
- Physical security breach incidents
- Understanding physical security
- What is the need for physical security?
- Who is accountable for physical security?
- Factors affecting physical security
- Understand how to compile a Linux Kernel
- Understand GCC compilation commands
- Understand how to install LKM modules
- Understand Linux hardening methods
Evading IDS, Honeypots and Firewalls
- List the types of Intrusion Detection Systems and evasion techniques
- List firewall and honeypot evasion techniques
- Overview of stack based buffer overflows
- Identify the different types of buffer overflows and methods of detection
- Overview of buffer overflow mutation techniques
- Overview of cryptography and encryption techniques
- Describe how public and private keys are generated
- Overview of MD5, SHA, RC4, RC5, Blowfish algorithms
Penetration Testing Methodologies
- Overview of penetration testing methodologies
- List the penetration testing steps
- Overview of the Pen-Test legal framework
- Overview of the Pen-Test deliverables
- List the automated penetration testing tools