Training Course:Ethical Hacking and CountermeasuresSchool/Trainer:Hilton Computer Strategies
Houston, Texas, United States
Course Format: Classroom | E-learning | Virtual Class | Online | On-site | Blended | Self-paced
Course Description:
'' This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. This course prepares you for EC-Council Certified Ethical Hacker exam 312-50.
The mission of the Ethical Hacking is to educate, introduce and demonstrate hacking tools for penetration testing purposes only. Prior to attending this course, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify EC-Council with respect to the use or misuse of these tools, regardless of intent. Not anyone can be a student the Accredited Training Centers (ATC) will make sure the applicants work for legitimate companies.
Audience
This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
Certified Professional Exams
Students need to pass the Certified Ethical Hacker certification exam 312-50 to receive CEH certification.
Prerequisites
Before attending this class, students should have working knowledge of TCP/IP and Windows 2000.
Course Materials and Software
The student kit includes a comprehensive workbook and other necessary materials for this class.
Course Outline
Module 1: Ethics and Legality
Why Security?
The Security, functionality and ease of use Triangle
Can Hacking be Ethical?
Essential Terminology.
Elements of Security.
What does a Malicious Hacker do?
Difference between Penetration Testing and Ethical Hacking.
Hacker Classes.
What do Ethical Hackers do?
Skill Profile of an Ethical Hacker.
Modes of Ethical Hacking.
Security Testing.
Deliverables.
Computer Crimes and Implications.
Legal Perspective (US Federal Laws).
Module 2: Footprinting
Defining Footprinting.
Information Gathering Methodology.
Locate the Network Range.
Hacking Tools
Module 3: Scanning
Definition of Scanning.
Types of scanning
Objectives of Scanning
Scanning Methodology
Classification of Scanning
Hacking Tools
War Dialer
OS Fingerprinting
Active Stack fingerprinting/Tool for Active Stack fingerprinting
Passive Fingerprinting
Proxy Servers/Countermeasures
Module 4: Enumeration
What is Enumeration?
NetBios Null Sessions
Hacking Tools
Null Session Countermeasures
NetBIOS Enumeration
Simple Network Management Protocol (SNMP) Enumeration
SNMP Enumeration Countermeasures
Management Information Base (MIB)
Windows 2000 DNS Zone Transfer
Blocking Win 2k DNS Zone Transfer
Enumerating User Accounts
Module 5: System Hacking
Administrator Password Guessing
Manual Password Cracking Algorithm
Automated Password Cracking
Password Types
Types of Password Attacks
Performing Automated Password Guessing
Hacking Tools
Password Sniffing
NetBIOS DoS Attack
LAN Manager Hash
Password Cracking Countermeasures
Syskey Utility
Cracking NT/2000 Passwords
SMB Logon
SMBRelay Man-in-the-Middle Scenario
SMBRelay Weaknesses and Countermeasures
Privilege Escalation
Keystroke Loggers
Hiding Files
Creating Alternate Data Streams
ADS creation and detection
NTFS Streams Countermeasures
Stealing Files Using Word Documents
Field Code Countermeasures
Steganography
Spyware Tool - Desktop Spy
Steganography Detection
Disabling Auditing and clearing Event Logs
RootKit/Rootkit Countermeasures
Planting the NT/2000 RootKit
Module 6: Trojans and Backdoors
Effect on Business
What is a Trojan?
Overt and Covert Channels
Working of Trojans
Different Types of Trojans
What Trojan Creators look for?
Different ways a Trojan can get into a system
Indications of a Trojan Attack
Some famous Trojans and ports used by them
How to determine which ports are Listening?
Different Trojans found in the Wild
BoSniffer
Wrappers
Hard Disk Killer (HDKP 4.0)
ICMP Tunneling
Reverse WWW Shell Covert Channels using HTTP
Hacking Tools
Tripwire
Process Viewer
Inzider-Tracks Processes and Ports
System File Verification
Trojan horse Construction Kit
Anti-Trojan
Evading Anti-Trojan/Anti-Virus using Stealth Tools v 2.0
Reverse Engineering Trojans
Backdoor Countermeasures
Module 7: Sniffers
Definition of sniffing
How a Sniffer works?
Passive Sniffing
Active Sniffing
Man-in-the-Midle Attacks
Spoofing and Sniffing Attacks
ARP Poisoning and countermeasures
Hacking Tools
Sniffing Countermeasures
Module 8: Denial of Service
What is Denial of Service?
Goal of DoS(Denial of Service)
Impact and Modes of Attack
DoS Attack Classification
Hacking Tools
Distributed DOS Attacks and Characteristics
Agent Handler Model
IRC-Based DDoS Attack Model
DDoS Attack taxonomy
DDoS Tools
Reflected DOS Attacks
Reflection of the Exploit
Countermeasures for Reflected DoS
Tools for Detecting DDOS Attacks
DDoS Countermeasures
Module 9: Social Engineering
What is Social Engineering?
Art of Manipulation
Human Weakness
Common Types of Social Engineering
Human Based Impersonation
Computer Based Social Engineering
Reverse Social Engineering
Policies and procedures
Security Policies-checklist
Module10: Session Hijacking
Understanding Session Hijacking
Spoofing vs Hijacking
Steps in Session Hijacking
Types of Session Hijacking
TCP Concepts 3 Way Handshake
Sequence numbers
Hacking Tools
Dangers Posed by Session Hijacking
Protection against Session Hijacking
IP Security
Module 11: Hacking Web Servers
How Web Servers Work?
How are Web Servers Compromised?
Popular Web Servers and Common Security Threats
Apache Vulnerability
Attack against IIS
IIS Components
Sample Buffer Overflow Vulnerabilities
ISAPI.DLL Exploit
Code Red and ISAPI.DLL Exploit
Unicode Directory Traversal Vulnerability
Hacking Tools
Msw 3prt IPP Vulnerability
IPP Buffer Overflow Countermeasures
Unspecified Executed Path Vulnerability
File System Traversal Countermeasures
WebDAV/ ntdll.dll Vulnerability
Real World ins ...''
Please go to the school's official website for training price and schedule:
http://www.hiltoncomputer.com/
Phone:1-800-324-7415
School Address:
Hilton Computer Strategies, 6001 Savoy, Suite 207, Houston, TX 77036 USA
Jobs & Resumes: Houston
Houses & Roommates: Houston
Other training courses offered by Hilton Computer Strategies:
Microsoft Office Project Server 2007
Microsoft Solutions Framework Essentials
Microsoft Systems Management Server 2003
Microsoft Office 2007 Professional Plus
PowerBuilder
PowerShell for Administrators
Project Management Professional Preparation
Visual Basic Scripting Edition and Windows Script Host Essentials
Scripting Microsoft Windows Management Instrumentation
Microsoft Internet Security and Acceleration Server 2004
Computer Hacking Forensic Investigator
CISSP Foundation
Service Oriented Architecture
Microsoft Office SharePoint Server 2007
Microsoft Office InfoPath 2007
Microsoft Office SharePoint Server 2007 Administration
Inside Microsoft SharePoint 2007 Products and Technology
Implementing a Microsoft SQL Server 2005 Database
Maintaining a Microsoft SQL Server 2005 Database
Notice: The course description on this page was captured from the Internet as historical reference or submitted by visitors. It was archived statically and not updated from day to day.
Tips:
If you can not find a training course suitable for you instantly, you can leave your training request here and let trainers contact you later. |
|
|
