Ethical Hacking - Intellipaat

1y ago
1.16 MB
60 Pages
Last View : 17d ago
Last Download : 2m ago
Upload by : Casen Newsome

Ethical HackingCertification TrainingEthical Hacking Certification Training1 Page

Table of Contents1.About the Program2.About Intellipaat3.Key Features4.Career Support5.Why take up this course?6.Who should take up this course?7.Program Curriculum8.Project Work9.Certification10.Intellipaat Success Stories11.Contact UsEthical Hacking Certification Training2 Page

About the ProgramThis Certified Ethical Hacking course will help you clear the EC Council’s CEH v11certification. It has carefully been designed with help of top Ethical hacker from variousmajor organizations. This CEH certification course will help you master skils sets likesystem penetration testing, building firewalls, network security and more to becomecertified Ethical hacker. This Ethical hacking training will help you master methodologiesused by the hackers to help you prevent and block security attacks at your organization.About IntellipaatIntellipaat is one of the leading online e-learning training providers with more than 600,000learners across 55 countries. We are on a mission to democratize education as webelieve that everyone has the right to quality education.Our courses are delivered by subject matter experts from top MNCs, and our world-classpedagogy enables to quickly learn difficult topics in no time. Our 24/7 technical support andcareer services will help learners jump-start their careers in their dream companies.Key FeaturesEthical Hacking Certification Training3 Page


Career SupportSESSIONS WITH INDUSTRY MENTORSAttend sessions from top industry experts and get guidance on how to boostyour career growthMOCK INTERVIEWSMock interviews to make you prepare for cracking interviews by top employersGUARANTEED INTERVIEWS & JOB SUPPORTGet interviewed by our 400 hiring partnersRESUME PREPARATIONGet assistance in creating a world-class resume from our career services teamEthical Hacking Certification Training5 Page

Why take up this course? The United States offers 4,000 CEH jobs for certified professionals – LinkedIn Major companies, like Citibank, Deloitte, Accenture, IBM, Oracle, etc., are masshiring professionals in Ethical Hacking – Indeed The average salary of Ethical Hackers in India is about 655k per annum –Glassdoor.Who should take up this course? Network Security Officers Site Administrators IT/IS Auditors IT Security Officers Technical Support Engineers IT/IS Analysts and Specialists System Analysts Network Specialists IT Operations Managers Senior System EngineersProgram CurriculumEthical Hacking Training Course ContentEthical Hacking Certification Training6 Page

1. Introduction to Ethical Hacking Information Security Overview1.1 Internet is Integral Part of Business and Personal Life – What Happens Online in60 Seconds1.2 Essential Terminology1.3 Elements of Information Security1.4 The Security, Functionality, and Usability Triangle Information Security Threats and Attack Vectors1.5 Motives, Goals, and Objectives of Information Security Attacks1.6 Top Information Security Attack Vectors1.7 Information Security Threat Categories1.8 Types of Attacks on a System1.9 Information Warfare Hacking Concepts1.10 What is Hacking?1.11Who is a Hacker?1.12 Hacker Classes1.13 Hacking Phaseso Reconnaissanceo Scanningo Gaining Accesso Maintaining Accesso Clearing Tracks Ethical Hacking Concepts1.14 What is Ethical Hacking?1.15 Why Ethical Hacking is Necessary1.16 Scope and Limitations of Ethical Hacking1.17 Skills of an Ethical HackerEthical Hacking Certification Training7 Page

Information Security Controls1.18 Information Assurance (IA)1.19 Information Security Management Program1.20 Enterprise Information Security Architecture (EISA)1.21 Network Security Zoning1.22 Defense-in-Depth1.23 Information Security Policieso Types of Security Policieso Examples of Security Policieso Privacy Policies at Workplaceo Steps to Create and Implement Security Policieso HR/Legal Implications of Security Policy Enforcement1.24 Physical Securityo Types of Physical Security Controlo Physical Security Controls1.25 What is Risk?o Risk Managemento Key Roles and Responsibilities in Risk Management1.26 Threat Modeling1.27 Incident Managemento Incident Management Processo Responsibilities of an Incident Response Team1.28 Security Incident and Event Management (SIEM)o SIEM Architecture1.29 User Behavior Analytics (UBA)1.30 Network Security ControlsEthical Hacking Certification Training8 Page

o Access Controlo Types of Access Controlo User Identification, Authentication, Authorization and Accounting1.31 Identity and Access Management (IAM)1.32 Data Leakageo Data Leakage Threatso What is Data Loss Prevention (DLP)?1.33 Data Backup1.34 Data Recovery1.35 Role of AI/ML in Cyber Security Penetration Testing Concepts1.36 Penetration Testing1.37 Why Penetration Testing1.38 Comparing Security Audit, Vulnerability Assessment, and Penetration Testing1.39 Blue Teaming/Red Teaming1.40 Types of Penetration Testing1.41 Phases of Penetration Testing1.42 Security Testing Methodology Information Security Laws and Standards1.43 Payment Card Industry Data Security Standard (PCI-DSS)1.44 ISO/IEC 27001:20131.45 Health Insurance Portability and Accountability Act (HIPAA)1.46 Sarbanes Oxley Act (SOX)1.47 The Digital Millennium Copyright Act (DMCA)1.48 Federal Information Security Management Act (FISMA)1.49 Cyber Law in Different Countries2. Footprinting and Reconnaissance Footprinting ConceptsEthical Hacking Certification Training9 Page

2.1 What is Footprinting?2.2 Objectives of Footprinting Footprinting through Search Engines2.3 Footprinting through Search Engines2.4 Footprint Using Advanced Google Hacking Techniques2.5 Information Gathering Using Google Advanced Search and Image Search2.6 Google Hacking Database2.7 VoIP and VPN Footprinting through Google Hacking Database Footprinting through Web Services2.8 Finding Company’s Top-level Domains (TLDs) and Sub-domains2.9 Finding the Geographical Location of the Target2.10 People Search on Social Networking Sites and People Search Services2.11 Gathering Information from LinkedIn2.12 Gather Information from Financial Services2.13 Footprinting through Job Sites2.14 Monitoring Target Using Alerts2.15 Information Gathering Using Groups, Forums, and Blogs2.16 Determining the Operating System2.17 VoIP and VPN Footprinting through SHODAN Footprinting through Social Networking Sites2.18 Collecting Information through Social Engineering on Social Networking Sites Website Footprinting2.19 Website Footprinting2.20 Website Footprinting using Web Spiders2.21 Mirroring Entire Website2.22 Extracting Website Information from https://archive.org2.23 Extracting Metadata of Public Documents2.24 Monitoring Web Pages for Updates and Changes Email FootprintingEthical Hacking Certification Training10 P a g e

2.25 Tracking Email Communications2.26 Collecting Information from Email Header2.27 Email Tracking Tools Competitive Intelligence2.28 Competitive Intelligence Gathering2.29 Competitive Intelligence – When Did this Company Begin? How Did it Develop?2.30 Competitive Intelligence – What Are the Company’s Plans?2.31 Competitive Intelligence – What Expert Opinions Say About the Company2.32 Monitoring Website Traffic of Target Company2.33 Tracking Online Reputation of the Target Whois Footprinting2.34 Whois Lookup2.35 Whois Lookup Result Analysis2.36 Whois Lookup Tools2.37 Finding IP Geolocation Information DNS Footprinting2.38 Extracting DNS Information2.39 DNS Interrogation Tools Network Footprinting2.40 Locate the Network Range2.41 Traceroute2.42 Traceroute Analysis2.43 Traceroute Tools Footprinting through Social Engineering2.44 Footprinting through Social Engineering2.45 Collect Information Using Eavesdropping, Shoulder Surfing, and DumpsterDiving Footprinting Tools2.46 Maltego2.47 Recon-ngEthical Hacking Certification Training11 P a g e

2.48 FOCA2.49 Recon-Dog2.50 OSRFramework2.51 Additional Footprinting Tools Countermeasures2.52 Footprinting Countermeasures Footprinting Pen Testing2.53 Footprinting Pen Testing2.54 Footprinting Pen Testing Report Templates3. Scanning Networks Network Scanning Concepts3.1 Overview of Network Scanning3.2 TCP Communication Flags3.3 TCP/IP Communication3.4 Creating Custom Packet Using TCP Flags3.5 Scanning in IPv6 Networks Scanning Tools3.6 Nmap3.7 Hping2 / Hping3o Hping Commands3.8 Scanning Tools3.9 Scanning Tools for Mobile Scanning Techniques3.10 Scanning Techniqueso ICMP Scanning – Checking for Live Systemso Ping Sweep – Checking for Live Systems Ping Sweep ToolsEthical Hacking Certification Training12 P a g e

o ICMP Echo Scanningo TCP Connect / Full Open Scano Stealth Scan (Half-open Scan)o Inverse TCP Flag Scanningo Xmas Scano ACK Flag Probe Scanningo IDLE/IPID Header Scano UDP Scanningo SSDP and List Scanningo Port Scanning Countermeasures Scanning Beyond IDS and Firewall3.11 IDS/Firewall Evasion Techniques Packet Fragmentation Source Routing IP Address Decoy IP Address Spoofing IP Spoofing Detection Techniques: Direct TTL Probes IP Spoofing Detection Techniques: IP Identification Number IP Spoofing Detection Techniques: TCP Flow Control Method IP Spoofing Countermeasures Proxy Servers Proxy Chaining Proxy Tools Proxy Tools for Mobile AnonymizersEthical Hacking Certification Training13 P a g e

Censorship Circumvention Tools: Alkasir and Tails Anonymizers Anonymizers for Mobile Banner Grabbing3.12 Banner Grabbing3.13 How to Identify Target System OS3.14 Banner Grabbing Countermeasures Draw Network Diagrams3.15 Drawing Network Diagrams3.16 Network Discovery and Mapping Tools3.17 Network Discovery Tools for Mobile Scanning Pen Testing3.18 Scanning Pen Testing4. Enumeration Enumeration Concepts4.1 What is Enumeration?4.2 Techniques for Enumeration4.3 Services and Ports to Enumerate NetBIOS Enumeration4.4 NetBIOS Enumeration4.5 NetBIOS Enumeration Tools4.6 Enumerating User Accounts4.7 Enumerating Shared Resources Using Net View SNMP Enumeration4.8 SNMP (Simple Network Management Protocol) Enumeration4.9 Working of SNMP4.10 Management Information Base (MIB)4.11 SNMP Enumeration ToolsEthical Hacking Certification Training14 P a g e

LDAP Enumeration4.12 LDAP Enumeration4.13 LDAP Enumeration Tools NTP Enumeration4.14 NTP Enumeration4.15 NTP Enumeration Commands4.16 NTP Enumeration Tools SMTP and DNS Enumeration4.17 SMTP Enumeration4.18 SMTP Enumeration Tools4.19 DNS Enumeration Using Zone Transfer Other Enumeration Techniques4.20 IPsec Enumeration4.21 VoIP Enumeration4.22 RPC Enumeration4.23 Unix/Linux User Enumeration Enumeration Countermeasures4.24 Enumeration Countermeasures Enumeration Pen Testing4.25 Enumeration Pen Testing5. Vulnerability Analysis Vulnerability Assessment Concepts5.1 Vulnerability Research5.2 Vulnerability Classification5.3 What is Vulnerability Assessment?5.4 Types of Vulnerability Assessment5.5 Vulnerability-Management Life CycleEthical Hacking Certification Training15 P a g e

o Pre-Assessment Phase: Creating a Baselineo Vulnerability Assessment Phaseo Post Assessment Phase Vulnerability Assessment Solutions5.6 Comparing Approaches to Vulnerability Assessment5.7 Working of Vulnerability Scanning Solutions5.8 Types of Vulnerability Assessment Tools5.9 Characteristics of a Good Vulnerability Assessment Solution5.10 Choosing a Vulnerability Assessment Tool5.11 Criteria for Choosing a Vulnerability Assessment Tool5.12 Best Practices for Selecting Vulnerability Assessment Tools Vulnerability Scoring Systems5.13 Common Vulnerability Scoring System (CVSS)5.14 Common Vulnerabilities and Exposures (CVE)5.15 National Vulnerability Database (NVD)5.16 Resources for Vulnerability Research Vulnerability Assessment Tools5.17 Vulnerability Assessment Toolso Qualys Vulnerability Managemento Nessus Professionalo GFI LanGuardo Qualys FreeScano Niktoo OpenVASo Retina CSo SAINTo Microsoft Baseline Security Analyzer (MBSA)o AVDS – Automated Vulnerability Detection SystemEthical Hacking Certification Training16 P a g e

o Vulnerability Assessment Tools5.18 Vulnerability Assessment Tools for Mobile Vulnerability Assessment Reports5.19 Vulnerability Assessment Reports5.20 Analyzing Vulnerability Scanning Report6. System Hacking System Hacking Concepts6.1 CEH Hacking Methodology (CHM)6.2 System Hacking Goals Cracking Passwords6.3 Password Cracking6.4 Types of Password Attackso Non-Electronic Attackso Active Online Attack Dictionary, Brute Forcing and Rule-based Attack Password Guessing Default Passwords Trojan/Spyware/Keylogger Example of Active Online Attack Using USB Drive Hash Injection Attack LLMNR/NBT-NS Poisoningo Passive Online Attack Wire Sniffing Man-in-the-Middle and Replay Attacko Offline Attack Rainbow Table AttackEthical Hacking Certification Training17 P a g e

Tools to Create Rainbow Tables: rtgen and Winrtgen Distributed Network Attack6.5 Password Recovery Tools6.6 Microsoft Authentication6.7 How Hash Passwords Are Stored in Windows SAM?6.8 NTLM Authentication Process6.9 Kerberos Authentication6.10 Password Salting6.11 Tools to Extract the Password Hashes6.12 Password Cracking Tools6.13 How to Defend against Password Cracking6.14 How to Defend against LLMNR/NBT-NS Poisoning Escalating Privileges6.15 Privilege Escalation6.16 Privilege Escalation Using DLL Hijacking6.17 Privilege Escalation by Exploiting Vulnerabilities6.18 Privilege Escalation Using Dylib Hijacking6.19 Privilege Escalation using Spectre and Meltdown Vulnerabilities6.20 Other Privilege Escalation Techniques6.21 How to Defend Against Privilege Escalation Executing Applications6.22 Executing Applicationso Tools for Executing Applications6.23

Hacking Concepts 1.10 What is Hacking? 1.11Who is a Hacker? 1.12 Hacker Classes 1.13 Hacking Phases o Reconnaissance o Scanning o Gaining Access o Maintaining Access o Clearing Tracks Ethical Hacking Concepts 1.14 What is Ethical Hacking? 1.15 Why Ethical Hacking is Necessary 1.16 Scope and Limitations of Ethical Hacking

Related Documents:

Benefits of Ethical Hacking Topic 1: Ethical Hacking Discuss the main benefits and risks of ethical hacking. Provide examples and/or details to support your ideas. If you have seen examples of ethical hacking, please share thes

to as “ethical hacking”—hacking for an ethical reason—whereby it will be argued that law and policy ought not to be the same here as for those hacking activities that are purely for economic gain or to cause harm or mischief. As will be seen, I have grouped ethical hacking int

Selenium Testing Training IN: 91-7022374614 US: 1-800-216-8930 About Intellipaat Intellipaat is a fast-growing professional training provider that

Big Data Hadoop Certification Training IN: 91-7022374614 US: 1-800-216-8930 About Intellipaat Intellipaat is a fast-growing professional training provider that is offering training in over 150 most sought-after tools and technologies. We have a learner base of 600,000 in over 32 countries and growing.

CAREER TRANSITION Comprehensive handbook of Intellipaat benefits & glimpse of career transformations. 60,000 55% 80% Students Enrolled Average Salary Hike Reported Career Transition IND: 1- 91 7022374614 US: 800-216-8930

research will define ethical hacking, current information security trends, offer pedagogical methods, an overview of information security instruction, and lastly, best practices in the field are examined. Keywords: Ethical hacking education, information security instruction, ethical hacking pedagogy. 1. INTRODUCTION

Ethics of Ethical Hacking Security professionals should understand where ethical hacking fits in information security,proper use of hacking tools,different types of hacking techniques,and the ethics that surround all of these issues.This chapter will cover the foll

Ethical Hacking and Countermeasures 45,000 for a standalone ethical hack. Taxes and applicable travel and living expenses are extra. Note: Excerpts taken from Ethical Hacking by C.C Palmer. Certified Ethical Hacker Certification If you want to stop hackers from invad

Chapter 7 Passwords In This Chapter Identifying password vulnerabilities Examining password-hacking tools and techniques Hacking operating system passwords Hacking password-protected files Protecting your systems from password hacking P assword hacking is one of the easiest and most common ways attack-ers obtain unauthorized network, computer, or application access.

Hacking The Wild: Desert Island Castaway Survival Series Marathon Hacking The Wild: Escape from Death Valley Hacking The Wild: Deadly Glacier Hacking The Wild: Alaskan Ice Forest Hacking The Wild: Black Bayou, The Hacking The Wild: Desert Island Castaway

SEC561 Immersive Hands-On Hacking Techniques SEC573 Python for Penetration Testers- GPYC SEC575 Mobile Device Security and Ethical Hacking - GMOB SEC617 Wireless Ethical Hacking, Penetration Testing, and Defences - GAWN Penetration Testing an Etical Hacing SEC642 Advanced Web App Penetration Testing and Ethical Hacking

Keywords— Ethical hacking, hacking, hackers, education and training, risk management, automated security. I. INTRODUCTION . Ethical hacking technology is spreading to diversified fieldsof the life and especially to all walks of computer industry; the need to protect the important data

CEHv11 Change Summary 1. The Module 18: IoT and OT Hacking is a completely modified module in CEHv11 which inclues OT hacking (OT concepts, attacks, hacking methodology, hacking tools, and countermeasures) 2. The Module 19: Cloud Computing is a completely modified module in CEHv11 which

Computer Hacking: This is the process of stealing computer ID and password by applying hacking methods and getting unauthorized access to a computer system. Advantages of Hacking Hacking is quite useful in the following scenarios: To recover lost information, especially in case you lost your password.

Ways to get hacking experience & get your 5 name out there Writing articles, tutorials or making videos about hacking helps you learn more, make new connections and get recognised in ethical hacking communities. Contribute to the community In bug bount

differ from Ethical Hacking moving further with its kinds and the crime it falls under and also the category of evidence and the procedure for admitting the evidence under the Court of Law. HACKING AND ITS TYPES “Hacking’ means unauthorised a

Ethical Hacking and Hacking Attacks Aman Gupta, Abhineet Anand Student, School of Computer Science and Engineering, Galgotias University,Greater Noida, India .

Chapter 2 – Ethical Hacking 101 As part of ethical hacking, you should also know the actual dangers and vulnerabilities that your computer systems and networks face. Next time you connect your computer to the internet or host a WiFi connection for your friends,

Microsoft Business Intelligence - MSBI Certification Training IN: 91-7022374614 US: 1-800-216-8930 About Intellipaat Intellipaat is a fast-growing professional training provider that

current trends and techniques in the fi eld of analytical chemistry. Written for undergraduate and postgraduate students of chemistry, this revised and updated edition treats each concept and principle systematically to make the subject comprehensible to beginners as well as advanced learners. FEATURES Updated nomenclature Addition of tests for metals based on fl ame atomic emission .